
shampo
WinGirls-
Numero contenuti
200 -
Iscritto
-
Ultima visita
Tipo di contenuto
Profilo
Forum
Calendario
Blog
Downloads
Gallery
Tutti i contenuti di shampo
-
ESETSmartInstaller@High as CAB hook log: OnlineScanner64.ocx - registred OK OnlineScanner.ocx - registred OK ESETSmartInstaller@High as downloader log: all ok # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6920 # api_version=3.0.2 # EOSSerial=08cbe1fc40d8a94eb665e42672aa88c7 # engine=13187 # end=stopped # remove_checked=false # archives_checked=true # unwanted_checked=false # unsafe_checked=false # antistealth_checked=true # utc_time=2013-02-18 10:26:19 # local_time=2013-02-18 11:26:19 (+0100, ora solare Europa occidentale) # country="Italy" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=774 16777213 100 94 8761857 137939851 0 0 # compatibility_mode=5893 16776573 100 94 11231 112856229 0 0 # scanned=268330 # found=0 # cleaned=0 # scan_time=5857 questa volta niente viirus
-
ESETSmartInstaller@High as CAB hook log: OnlineScanner64.ocx - registred OK OnlineScanner.ocx - registred OK ESETSmartInstaller@High as downloader log: all ok # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6920 # api_version=3.0.2 # EOSSerial=08cbe1fc40d8a94eb665e42672aa88c7 # engine=13187 # end=stopped # remove_checked=false # archives_checked=true # unwanted_checked=false # unsafe_checked=false # antistealth_checked=true # utc_time=2013-02-18 10:26:19 # local_time=2013-02-18 11:26:19 (+0100, ora solare Europa occidentale) # country="Italy" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=774 16777213 100 94 8761857 137939851 0 0 # compatibility_mode=5893 16776573 100 94 11231 112856229 0 0 # scanned=268330 # found=0 # cleaned=0 # scan_time=5857 questa è l ultima scansione e nn ci sono virus ma perchè continua a volte a non accendersi? ciao e grazie
-
scusami,ma mi ci sta buttando di fuori,mi si apre il file e non mi fa fare il copia incolla,se vado nella cartella mi copia quello che ti ho inviato,rifaccio un altra prova,grrrrrrrrrrr ciao grazie
-
ciao ho fatto quello che m hai detto,ma mi viene questo ESETSmartInstaller@High as CAB hook log: OnlineScanner64.ocx - registred OK OnlineScanner.ocx - registred OK dove sbaglio?
-
ESETSmartInstaller@High as CAB hook log: OnlineScanner64.ocx - registred OK OnlineScanner.ocx - registred OK mi ha trovato 7 virus,ma non so come mandarti la scansione.ho fatto come mi hai detto ma,mi ci perdo,aiuto,,,,grazie
-
ComboFix 13-02-13.01 - rosy 13/02/2013 19:43:27.2.2 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.39.1040.18.4095.2908 [GMT 1:00] Eseguito da: c:\users\rosy\Desktop\Nuova cartella (7)\ComboFix.exe Opzioni usate :: c:\users\rosy\Desktop\Nuova cartella (7)\CFScript.txt AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Creato nuovo punto di ripristino . . ((((((((((((((((((((((((( Files Creati Da 2013-01-13 al 2013-02-13 ))))))))))))))))))))))))))))))))))) . . 2013-02-13 18:49 . 2013-02-13 18:49 -------- d-----w- c:\users\Default\AppData\Local emp 2013-02-08 20:38 . 2013-01-18 11:15 9161176 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{CB2FFA28-5E09-4374-B48E-4C69399F170C}\mpengine.dll 2013-02-07 18:28 . 2013-02-07 18:56 -------- d-----w- c:\program files (x86)\TimeLineRemove 2013-02-05 11:38 . 2012-11-09 05:45 750592 ----a-w- c:\windows\system32\win32spl.dll 2013-02-05 11:38 . 2012-11-09 04:43 492032 ----a-w- c:\windows\SysWow64\win32spl.dll 2013-02-05 11:36 . 2012-12-07 11:20 20480 ----a-w- c:\windows\system32\pegi-fi.rs 2013-02-05 11:36 . 2012-12-07 10:46 23552 ----a-w- c:\windows\SysWow64\oflc.rs 2013-02-05 11:36 . 2012-12-07 10:46 20480 ----a-w- c:\windows\SysWow64\pegi-fi.rs 2013-02-05 11:36 . 2012-12-07 10:46 51712 ----a-w- c:\windows\SysWow64\esrb.rs 2013-02-05 11:36 . 2012-12-07 11:20 23552 ----a-w- c:\windows\system32\oflc.rs 2013-02-05 11:36 . 2012-12-07 11:19 55296 ----a-w- c:\windows\system32\cero.rs 2013-02-05 11:36 . 2012-12-07 10:46 55296 ----a-w- c:\windows\SysWow64\cero.rs 2013-02-05 11:26 . 2012-11-23 03:13 68608 ----a-w- c:\windows\system32 askhost.exe 2013-02-05 11:26 . 2012-11-23 03:26 3149824 ----a-w- c:\windows\system32\win32k.sys 2013-02-05 11:26 . 2013-02-05 11:26 -------- d-----w- c:\users\rosy\AppData\Local\Apps 2013-02-05 11:25 . 2013-02-05 11:37 -------- d-----w- c:\users\rosy\AppData\Local\Deployment . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-02-06 20:57 . 2012-06-03 22:19 67599240 ----a-w- c:\windows\system32\MRT.exe 2013-01-17 00:28 . 2012-06-03 09:49 273840 ------w- c:\windows\system32\MpSigStub.exe 2013-01-08 21:23 . 2012-06-03 19:18 74248 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-01-08 21:23 . 2012-06-03 19:18 697864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-12-16 17:11 . 2012-12-20 19:06 46080 ----a-w- c:\windows\system32\atmlib.dll 2012-12-16 14:45 . 2012-12-20 19:06 367616 ----a-w- c:\windows\system32\atmfd.dll 2012-12-16 14:13 . 2012-12-20 19:06 295424 ----a-w- c:\windows\SysWow64\atmfd.dll 2012-12-16 14:13 . 2012-12-20 19:06 34304 ----a-w- c:\windows\SysWow64\atmlib.dll 2012-12-14 15:49 . 2012-06-03 21:30 24176 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-11-30 04:45 . 2013-02-05 11:32 44032 ----a-w- c:\windows\apppatch\acwow64.dll . . ((((((((((((((((((((((((((((((((((((( Punti Reg Caricati )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* i valori vuoti & legittimi/default non sono visualizzati. REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R3 PAC207;Trust 100K Series Webcam;c:\windows\system32\DRIVERS\PFC027.SYS [2008-02-13 686592] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers susbflt.sys [2010-11-20 59392] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736] R3 WatAdminSvc;Servizio Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2012-06-03 1255736] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-18 203264] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600] S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] S3 A5AGU;D-Link Wireless LAN 802.11 USB device driver;c:\windows\system32\DRIVERS\AGUx64.sys [2007-03-27 1021440] . . --- Altri Servizi/Drivers In Memoria --- . *NewlyCreated* - WS2IFSL . Contenuto della cartella 'Scheduled Tasks' . 2013-02-13 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-03 21:23] . 2013-02-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-03 10:00] . 2013-02-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-03 10:00] . 2013-02-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2570973293-931428272-2817982780-1000Core.job - c:\users\rosy\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-07 13:30] . 2013-02-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2570973293-931428272-2817982780-1000UA.job - c:\users\rosy\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-07 13:30] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}] 2010-11-05 01:57 444752 ----a-w- c:\windows\System32\mscoree.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2012-10-30 22:50 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll . ------- Scansione supplementare ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = about:blank mStart Page = hxxp://search.chatzum.com/ mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local TCP: DhcpNameServer = 62.101.93.101 83.103.25.250 . - - - - CHIAVI ORFANE RIMOSSE - - - - . Toolbar-{F9639E4A-801B-4843-AEE3-03D9DA199E77} - (no file) . . . --------------------- CHIAVI DI REGISTRO BLOCCATE --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*] @="?????????????????? v1" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID] @="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*] @="?????????????????? v2" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID] @="{9BE31822-FDAD-461B-AD51-BE1D1C159921}" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Ora fine scansione: 2013-02-13 19:51:05 ComboFix-quarantined-files.txt 2013-02-13 18:51 ComboFix2.txt 2013-02-10 19:03 . Pre-Run: 321.750.712.320 byte disponibili Post-Run: 321.167.876.096 byte disponibili . - - End Of File - - D8B1CD03C50CDA3D21C37823863F191B
-
aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software Run date: 2013-02-10 19:29:52 ----------------------------- 19:29:52.255 OS Version: Windows x64 6.1.7601 Service Pack 1 19:29:52.255 Number of processors: 2 586 0x170A 19:29:52.255 ComputerName: ROSY-PC UserName: rosy 19:29:52.941 Initialize success 19:29:52.988 AVAST engine defs: 13021000 19:30:06.435 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2 19:30:06.435 Disk 0 Vendor: WDC_WD5000AAKS-00V1A0 05.01D05 Size: 476940MB BusType: 3 19:30:06.451 Disk 0 MBR read successfully 19:30:06.467 Disk 0 MBR scan 19:30:06.467 Disk 0 Windows 7 default MBR code 19:30:06.467 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 305 MB offset 63 19:30:06.482 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 471626 MB offset 626535 19:30:06.513 Disk 0 Partition 3 00 27 Hidden NTFS WinRE NTFS 5006 MB offset 966518784 19:30:06.545 Disk 0 scanning C:\Windows\system32\drivers 19:30:13.892 Service scanning 19:30:27.137 Modules scanning 19:30:27.137 Disk 0 trace - called modules: 19:30:27.152 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS intelide.sys PCIIDEX.SYS hal.dll atapi.sys 19:30:27.168 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800460c5e0] 19:30:27.168 3 CLASSPNP.SYS[fffff880019c343f] -> nt!IofCallDriver -> [0xfffffa80044d1520] 19:30:27.168 5 ACPI.sys[fffff88000d647a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-2[0xfffffa8004198680] 19:30:27.792 AVAST engine scan C:\ 19:32:40.969 Disk 0 MBR has been saved successfully to "C:\Users\rosy\Documents\MBR.dat" 19:32:40.985 The log file has been saved successfully to "C:\Users\rosy\Documents\aswMBR.txt" aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software Run date: 2013-02-10 19:29:52 ----------------------------- 19:29:52.255 OS Version: Windows x64 6.1.7601 Service Pack 1 19:29:52.255 Number of processors: 2 586 0x170A 19:29:52.255 ComputerName: ROSY-PC UserName: rosy 19:29:52.941 Initialize success 19:29:52.988 AVAST engine defs: 13021000 19:30:06.435 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2 19:30:06.435 Disk 0 Vendor: WDC_WD5000AAKS-00V1A0 05.01D05 Size: 476940MB BusType: 3 19:30:06.451 Disk 0 MBR read successfully 19:30:06.467 Disk 0 MBR scan 19:30:06.467 Disk 0 Windows 7 default MBR code 19:30:06.467 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 305 MB offset 63 19:30:06.482 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 471626 MB offset 626535 19:30:06.513 Disk 0 Partition 3 00 27 Hidden NTFS WinRE NTFS 5006 MB offset 966518784 19:30:06.545 Disk 0 scanning C:\Windows\system32\drivers 19:30:13.892 Service scanning 19:30:27.137 Modules scanning 19:30:27.137 Disk 0 trace - called modules: 19:30:27.152 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS intelide.sys PCIIDEX.SYS hal.dll atapi.sys 19:30:27.168 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800460c5e0] 19:30:27.168 3 CLASSPNP.SYS[fffff880019c343f] -> nt!IofCallDriver -> [0xfffffa80044d1520] 19:30:27.168 5 ACPI.sys[fffff88000d647a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-2[0xfffffa8004198680] 19:30:27.792 AVAST engine scan C:\ 19:32:40.969 Disk 0 MBR has been saved successfully to "C:\Users\rosy\Documents\MBR.dat" 19:32:40.985 The log file has been saved successfully to "C:\Users\rosy\Documents\aswMBR.txt" 19:42:22.034 Disk 0 MBR has been saved successfully to "C:\Users\rosy\Documents\MBR.dat" 19:42:22.050 The log file has been saved successfully to "C:\Users\rosy\Documents\aswMBR.txt" ComboFix 13-02-07.02 - rosy 10/02/2013 19:55:48.1.2 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.39.1040.18.4095.2526 [GMT 1:00] Eseguito da: c:\users\rosy\Desktop\Nuova cartella (7)\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Creato nuovo punto di ripristino . . ((((((((((((((((((((((((((((((((((((( Altre eliminazioni ))))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files (x86)\OfferBox c:\program files (x86)\OfferBox\OfferBox.exe c:\users\rosy\AppData\Roaming\OfferBox c:\users\rosy\AppData\Roaming\OfferBox\config.xml c:\users\rosy\AppData\Roaming\OfferBox\http_app.offerbox.com\country.sxe c:\users\rosy\AppData\Roaming\OfferBox\http_app.offerbox.com\history.db c:\users\rosy\AppData\Roaming\OfferBox\http_app.offerbox.com\profile.sxe c:\users\rosy\AppData\Roaming\OfferBox\http_app.offerbox.com\sdch\1338755323 c:\users\rosy\AppData\Roaming\OfferBox\http_app.offerbox.com\update.sxe c:\users\rosy\AppData\Roaming\OfferBox\http_app.offerbox.com\update.xml c:\windows\wininit.ini . . ((((((((((((((((((((((((( Files Creati Da 2013-01-10 al 2013-02-10 ))))))))))))))))))))))))))))))))))) . . 2013-02-10 19:01 . 2013-02-10 19:01 -------- d-----w- c:\users\Default\AppData\Local emp 2013-02-10 18:53 . 2013-02-10 18:53 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{CB2FFA28-5E09-4374-B48E-4C69399F170C}\offreg.dll 2013-02-08 20:38 . 2013-01-18 11:15 9161176 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{CB2FFA28-5E09-4374-B48E-4C69399F170C}\mpengine.dll 2013-02-07 18:28 . 2013-02-07 18:56 -------- d-----w- c:\program files (x86)\TimeLineRemove 2013-02-05 11:38 . 2012-11-09 05:45 750592 ----a-w- c:\windows\system32\win32spl.dll 2013-02-05 11:38 . 2012-11-09 04:43 492032 ----a-w- c:\windows\SysWow64\win32spl.dll 2013-02-05 11:36 . 2012-12-07 11:20 20480 ----a-w- c:\windows\system32\pegi-fi.rs 2013-02-05 11:36 . 2012-12-07 10:46 23552 ----a-w- c:\windows\SysWow64\oflc.rs 2013-02-05 11:36 . 2012-12-07 10:46 20480 ----a-w- c:\windows\SysWow64\pegi-fi.rs 2013-02-05 11:36 . 2012-12-07 10:46 51712 ----a-w- c:\windows\SysWow64\esrb.rs 2013-02-05 11:36 . 2012-12-07 11:20 23552 ----a-w- c:\windows\system32\oflc.rs 2013-02-05 11:36 . 2012-12-07 11:19 55296 ----a-w- c:\windows\system32\cero.rs 2013-02-05 11:36 . 2012-12-07 10:46 55296 ----a-w- c:\windows\SysWow64\cero.rs 2013-02-05 11:26 . 2012-11-23 03:13 68608 ----a-w- c:\windows\system32 askhost.exe 2013-02-05 11:26 . 2012-11-23 03:26 3149824 ----a-w- c:\windows\system32\win32k.sys 2013-02-05 11:26 . 2013-02-05 11:26 -------- d-----w- c:\users\rosy\AppData\Local\Apps 2013-02-05 11:25 . 2013-02-05 11:37 -------- d-----w- c:\users\rosy\AppData\Local\Deployment . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-02-06 20:57 . 2012-06-03 22:19 67599240 ----a-w- c:\windows\system32\MRT.exe 2013-01-17 00:28 . 2012-06-03 09:49 273840 ------w- c:\windows\system32\MpSigStub.exe 2013-01-08 21:23 . 2012-06-03 19:18 74248 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-01-08 21:23 . 2012-06-03 19:18 697864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-12-16 17:11 . 2012-12-20 19:06 46080 ----a-w- c:\windows\system32\atmlib.dll 2012-12-16 14:45 . 2012-12-20 19:06 367616 ----a-w- c:\windows\system32\atmfd.dll 2012-12-16 14:13 . 2012-12-20 19:06 295424 ----a-w- c:\windows\SysWow64\atmfd.dll 2012-12-16 14:13 . 2012-12-20 19:06 34304 ----a-w- c:\windows\SysWow64\atmlib.dll 2012-12-14 15:49 . 2012-06-03 21:30 24176 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-11-30 04:45 . 2013-02-05 11:32 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2012-11-14 07:06 . 2012-12-12 15:42 17811968 ----a-w- c:\windows\system32\mshtml.dll 2012-11-14 06:32 . 2012-12-12 15:42 10925568 ----a-w- c:\windows\system32\ieframe.dll 2012-11-14 06:11 . 2012-12-12 15:42 2312704 ----a-w- c:\windows\system32\jscript9.dll 2012-11-14 06:04 . 2012-12-12 15:42 1346048 ----a-w- c:\windows\system32\urlmon.dll 2012-11-14 06:04 . 2012-12-12 15:42 1392128 ----a-w- c:\windows\system32\wininet.dll 2012-11-14 06:02 . 2012-12-12 15:42 1494528 ----a-w- c:\windows\system32\inetcpl.cpl 2012-11-14 06:02 . 2012-12-12 15:42 237056 ----a-w- c:\windows\system32\url.dll 2012-11-14 05:59 . 2012-12-12 15:42 85504 ----a-w- c:\windows\system32\jsproxy.dll 2012-11-14 05:58 . 2012-12-12 15:42 816640 ----a-w- c:\windows\system32\jscript.dll 2012-11-14 05:57 . 2012-12-12 15:42 599040 ----a-w- c:\windows\system32\vbscript.dll 2012-11-14 05:57 . 2012-12-12 15:42 173056 ----a-w- c:\windows\system32\ieUnatt.exe 2012-11-14 05:55 . 2012-12-12 15:42 2144768 ----a-w- c:\windows\system32\iertutil.dll 2012-11-14 05:55 . 2012-12-12 15:42 729088 ----a-w- c:\windows\system32\msfeeds.dll 2012-11-14 05:53 . 2012-12-12 15:42 96768 ----a-w- c:\windows\system32\mshtmled.dll 2012-11-14 05:52 . 2012-12-12 15:42 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2012-11-14 05:46 . 2012-12-12 15:42 248320 ----a-w- c:\windows\system32\ieui.dll 2012-11-14 02:09 . 2012-12-12 15:42 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll 2012-11-14 01:58 . 2012-12-12 15:42 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl 2012-11-14 01:57 . 2012-12-12 15:42 1129472 ----a-w- c:\windows\SysWow64\wininet.dll 2012-11-14 01:49 . 2012-12-12 15:42 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe 2012-11-14 01:48 . 2012-12-12 15:42 420864 ----a-w- c:\windows\SysWow64\vbscript.dll 2012-11-14 01:44 . 2012-12-12 15:42 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb . . ((((((((((((((((((((((((((((((((((((( Punti Reg Caricati )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* i valori vuoti & legittimi/default non sono visualizzati. REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R3 A5AGU;D-Link Wireless LAN 802.11 USB device driver;c:\windows\system32\DRIVERS\AGUx64.sys [2007-03-27 1021440] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers susbflt.sys [2010-11-20 59392] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736] R3 WatAdminSvc;Servizio Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2012-06-03 1255736] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-18 203264] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600] S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] S3 PAC207;Trust 100K Series Webcam;c:\windows\system32\DRIVERS\PFC027.SYS [2008-02-13 686592] . . --- Altri Servizi/Drivers In Memoria --- . *Deregistered* - aswMBR . Contenuto della cartella 'Scheduled Tasks' . 2013-02-10 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-03 21:23] . 2013-02-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-03 10:00] . 2013-02-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-03 10:00] . 2013-02-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2570973293-931428272-2817982780-1000Core.job - c:\users\rosy\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-07 13:30] . 2013-02-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2570973293-931428272-2817982780-1000UA.job - c:\users\rosy\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-07 13:30] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}] 2010-11-05 01:57 444752 ----a-w- c:\windows\System32\mscoree.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2012-10-30 22:50 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll . ------- Scansione supplementare ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = about:blank mStart Page = hxxp://search.chatzum.com/ mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local TCP: DhcpNameServer = 62.101.93.101 83.103.25.250 . - - - - CHIAVI ORFANE RIMOSSE - - - - . Toolbar-{F9639E4A-801B-4843-AEE3-03D9DA199E77} - (no file) . . . --------------------- CHIAVI DI REGISTRO BLOCCATE --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*] @="?????????????????? v1" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID] @="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*] @="?????????????????? v2" . [HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID] @="{9BE31822-FDAD-461B-AD51-BE1D1C159921}" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Ora fine scansione: 2013-02-10 20:03:50 ComboFix-quarantined-files.txt 2013-02-10 19:03 . Pre-Run: 322.569.670.656 byte disponibili Post-Run: 321.927.094.272 byte disponibili . - - End Of File - - 07E9400EFEC54A6BB896DF715189225F ciao e grazie di nuovo
-
ciao,grazie della tua pazienza ecco il reporter 21:47:15.0857 1868 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35 21:47:16.0158 1868 ============================================================ 21:47:16.0158 1868 Current date / time: 2013/02/08 21:47:16.0158 21:47:16.0158 1868 SystemInfo: 21:47:16.0158 1868 21:47:16.0158 1868 OS Version: 6.1.7601 ServicePack: 1.0 21:47:16.0158 1868 Product type: Workstation 21:47:16.0158 1868 ComputerName: ROSY-PC 21:47:16.0158 1868 UserName: rosy 21:47:16.0158 1868 Windows directory: C:\Windows 21:47:16.0158 1868 System windows directory: C:\Windows 21:47:16.0158 1868 Running under WOW64 21:47:16.0158 1868 Processor architecture: Intel x64 21:47:16.0158 1868 Number of processors: 2 21:47:16.0158 1868 Page size: 0x1000 21:47:16.0158 1868 Boot type: Normal boot 21:47:16.0158 1868 ============================================================ 21:47:17.0419 1868 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 21:47:17.0426 1868 Drive \Device\Harddisk1\DR1 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 21:47:17.0428 1868 ============================================================ 21:47:17.0428 1868 \Device\Harddisk0\DR0: 21:47:17.0428 1868 MBR partitions: 21:47:17.0428 1868 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x98F67, BlocksNum 0x399257DC 21:47:17.0428 1868 \Device\Harddisk1\DR1: 21:47:17.0429 1868 MBR partitions: 21:47:17.0429 1868 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x12A18A82 21:47:17.0429 1868 ============================================================ 21:47:17.0481 1868 C: <-> \Device\Harddisk0\DR0\Partition1 21:47:17.0481 1868 E: <-> \Device\Harddisk1\DR1\Partition1 21:47:17.0481 1868 ============================================================ 21:47:17.0481 1868 Initialize success 21:47:17.0481 1868 ============================================================ 21:47:19.0046 2184 ============================================================ 21:47:19.0046 2184 Scan started 21:47:19.0046 2184 Mode: Manual; 21:47:19.0046 2184 ============================================================ 21:47:19.0896 2184 ================ Scan system memory ======================== 21:47:19.0896 2184 System memory - ok 21:47:19.0896 2184 ================ Scan services ============================= 21:47:20.0029 2184 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 21:47:20.0031 2184 1394ohci - ok 21:47:20.0097 2184 [ 6C342CE58E8F4A847E407833D6536CE3 ] A5AGU C:\Windows\system32\DRIVERS\AGUx64.sys 21:47:20.0109 2184 A5AGU - ok 21:47:20.0141 2184 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys 21:47:20.0145 2184 ACPI - ok 21:47:20.0167 2184 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 21:47:20.0168 2184 AcpiPmi - ok 21:47:20.0260 2184 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 21:47:20.0261 2184 AdobeARMservice - ok 21:47:20.0456 2184 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 21:47:20.0461 2184 AdobeFlashPlayerUpdateSvc - ok 21:47:20.0504 2184 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys 21:47:20.0509 2184 adp94xx - ok 21:47:20.0534 2184 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys 21:47:20.0537 2184 adpahci - ok 21:47:20.0551 2184 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys 21:47:20.0554 2184 adpu320 - ok 21:47:20.0590 2184 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 21:47:20.0591 2184 AeLookupSvc - ok 21:47:20.0633 2184 [ 0D0E5281784C2C526BA43C2ECD374288 ] Afc C:\Windows\syswow64\drivers\Afc.sys 21:47:20.0634 2184 Afc - ok 21:47:20.0686 2184 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys 21:47:20.0692 2184 AFD - ok 21:47:20.0724 2184 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys 21:47:20.0725 2184 agp440 - ok 21:47:20.0747 2184 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe 21:47:20.0749 2184 ALG - ok 21:47:20.0769 2184 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys 21:47:20.0770 2184 aliide - ok 21:47:20.0808 2184 [ D696F317BD465A602566F8E1DCCE15F7 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe 21:47:20.0811 2184 AMD External Events Utility - ok 21:47:20.0828 2184 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys 21:47:20.0830 2184 amdide - ok 21:47:20.0857 2184 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys 21:47:20.0859 2184 AmdK8 - ok 21:47:20.0877 2184 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys 21:47:20.0879 2184 AmdPPM - ok 21:47:20.0900 2184 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys 21:47:20.0903 2184 amdsata - ok 21:47:20.0929 2184 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys 21:47:20.0932 2184 amdsbs - ok 21:47:20.0953 2184 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys 21:47:20.0954 2184 amdxata - ok 21:47:21.0001 2184 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys 21:47:21.0002 2184 AppID - ok 21:47:21.0022 2184 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll 21:47:21.0023 2184 AppIDSvc - ok 21:47:21.0056 2184 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll 21:47:21.0057 2184 Appinfo - ok 21:47:21.0117 2184 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 21:47:21.0119 2184 Apple Mobile Device - ok 21:47:21.0140 2184 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys 21:47:21.0141 2184 arc - ok 21:47:21.0148 2184 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys 21:47:21.0149 2184 arcsas - ok 21:47:21.0219 2184 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys 21:47:21.0219 2184 aswFsBlk - ok 21:47:21.0250 2184 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys 21:47:21.0251 2184 aswMonFlt - ok 21:47:21.0259 2184 [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys 21:47:21.0260 2184 aswRdr - ok 21:47:21.0280 2184 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\Windows\system32\drivers\aswSnx.sys 21:47:21.0285 2184 aswSnx - ok 21:47:21.0300 2184 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\Windows\system32\drivers\aswSP.sys 21:47:21.0302 2184 aswSP - ok 21:47:21.0328 2184 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys 21:47:21.0329 2184 aswTdi - ok 21:47:21.0358 2184 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 21:47:21.0359 2184 AsyncMac - ok 21:47:21.0391 2184 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys 21:47:21.0391 2184 atapi - ok 21:47:21.0520 2184 [ 52BD95CAA9CAE8977FE043E9AD6D2D0E ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys 21:47:21.0598 2184 atikmdag - ok 21:47:21.0635 2184 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 21:47:21.0639 2184 AudioEndpointBuilder - ok 21:47:21.0650 2184 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll 21:47:21.0653 2184 AudioSrv - ok 21:47:21.0738 2184 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe 21:47:21.0740 2184 avast! Antivirus - ok 21:47:21.0794 2184 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll 21:47:21.0797 2184 AxInstSV - ok 21:47:21.0817 2184 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys 21:47:21.0822 2184 b06bdrv - ok 21:47:21.0863 2184 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 21:47:21.0867 2184 b57nd60a - ok 21:47:21.0897 2184 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll 21:47:21.0899 2184 BDESVC - ok 21:47:21.0915 2184 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys 21:47:21.0916 2184 Beep - ok 21:47:21.0972 2184 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll 21:47:21.0981 2184 BFE - ok 21:47:22.0022 2184 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll 21:47:22.0037 2184 BITS - ok 21:47:22.0051 2184 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 21:47:22.0053 2184 blbdrive - ok 21:47:22.0127 2184 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 21:47:22.0129 2184 Bonjour Service - ok 21:47:22.0175 2184 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 21:47:22.0177 2184 bowser - ok 21:47:22.0203 2184 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys 21:47:22.0204 2184 BrFiltLo - ok 21:47:22.0216 2184 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys 21:47:22.0217 2184 BrFiltUp - ok 21:47:22.0249 2184 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll 21:47:22.0250 2184 Browser - ok 21:47:22.0266 2184 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys 21:47:22.0270 2184 Brserid - ok 21:47:22.0279 2184 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 21:47:22.0280 2184 BrSerWdm - ok 21:47:22.0303 2184 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 21:47:22.0305 2184 BrUsbMdm - ok 21:47:22.0309 2184 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 21:47:22.0310 2184 BrUsbSer - ok 21:47:22.0316 2184 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys 21:47:22.0318 2184 BTHMODEM - ok 21:47:22.0352 2184 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll 21:47:22.0353 2184 bthserv - ok 21:47:22.0369 2184 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 21:47:22.0371 2184 cdfs - ok 21:47:22.0399 2184 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys 21:47:22.0401 2184 cdrom - ok 21:47:22.0434 2184 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll 21:47:22.0436 2184 CertPropSvc - ok 21:47:22.0452 2184 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys 21:47:22.0453 2184 circlass - ok 21:47:22.0484 2184 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys 21:47:22.0488 2184 CLFS - ok 21:47:22.0554 2184 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 21:47:22.0555 2184 clr_optimization_v2.0.50727_32 - ok 21:47:22.0595 2184 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 21:47:22.0597 2184 clr_optimization_v2.0.50727_64 - ok 21:47:22.0672 2184 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 21:47:22.0674 2184 clr_optimization_v4.0.30319_32 - ok 21:47:22.0697 2184 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 21:47:22.0699 2184 clr_optimization_v4.0.30319_64 - ok 21:47:22.0713 2184 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 21:47:22.0714 2184 CmBatt - ok 21:47:22.0751 2184 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys 21:47:22.0752 2184 cmdide - ok 21:47:22.0781 2184 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys 21:47:22.0786 2184 CNG - ok 21:47:22.0802 2184 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 21:47:22.0803 2184 Compbatt - ok 21:47:22.0816 2184 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys 21:47:22.0818 2184 CompositeBus - ok 21:47:22.0822 2184 COMSysApp - ok 21:47:22.0839 2184 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys 21:47:22.0840 2184 crcdisk - ok 21:47:22.0887 2184 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll 21:47:22.0890 2184 CryptSvc - ok 21:47:22.0925 2184 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll 21:47:22.0929 2184 DcomLaunch - ok 21:47:22.0965 2184 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll 21:47:22.0969 2184 defragsvc - ok 21:47:22.0997 2184 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 21:47:22.0999 2184 DfsC - ok 21:47:23.0045 2184 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll 21:47:23.0049 2184 Dhcp - ok 21:47:23.0068 2184 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys 21:47:23.0069 2184 discache - ok 21:47:23.0079 2184 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys 21:47:23.0080 2184 Disk - ok 21:47:23.0114 2184 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll 21:47:23.0117 2184 Dnscache - ok 21:47:23.0143 2184 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll 21:47:23.0147 2184 dot3svc - ok 21:47:23.0177 2184 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll 21:47:23.0180 2184 DPS - ok 21:47:23.0233 2184 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 21:47:23.0234 2184 drmkaud - ok 21:47:23.0275 2184 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 21:47:23.0280 2184 DXGKrnl - ok 21:47:23.0329 2184 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll 21:47:23.0332 2184 EapHost - ok 21:47:23.0395 2184 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys 21:47:23.0445 2184 ebdrv - ok 21:47:23.0494 2184 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe 21:47:23.0498 2184 EFS - ok 21:47:23.0571 2184 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 21:47:23.0580 2184 ehRecvr - ok 21:47:23.0619 2184 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe 21:47:23.0621 2184 ehSched - ok 21:47:23.0650 2184 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys 21:47:23.0657 2184 elxstor - ok 21:47:23.0673 2184 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys 21:47:23.0703 2184 ErrDev - ok 21:47:23.0753 2184 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll 21:47:23.0758 2184 EventSystem - ok 21:47:23.0776 2184 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys 21:47:23.0821 2184 exfat - ok 21:47:23.0857 2184 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys 21:47:23.0860 2184 fastfat - ok 21:47:24.0030 2184 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe 21:47:24.0040 2184 Fax - ok 21:47:24.0055 2184 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys 21:47:24.0056 2184 fdc - ok 21:47:24.0072 2184 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll 21:47:24.0073 2184 fdPHost - ok 21:47:24.0078 2184 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll 21:47:24.0080 2184 FDResPub - ok 21:47:24.0085 2184 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 21:47:24.0087 2184 FileInfo - ok 21:47:24.0099 2184 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 21:47:24.0100 2184 Filetrace - ok 21:47:24.0111 2184 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 21:47:24.0113 2184 flpydisk - ok 21:47:24.0160 2184 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 21:47:24.0163 2184 FltMgr - ok 21:47:24.0205 2184 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll 21:47:24.0212 2184 FontCache - ok 21:47:24.0265 2184 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 21:47:24.0267 2184 FontCache3.0.0.0 - ok 21:47:24.0290 2184 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 21:47:24.0292 2184 FsDepends - ok 21:47:24.0335 2184 [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys 21:47:24.0336 2184 fssfltr - ok 21:47:24.0401 2184 [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe 21:47:24.0416 2184 fsssvc - ok 21:47:24.0444 2184 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 21:47:24.0445 2184 Fs_Rec - ok 21:47:24.0533 2184 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 21:47:24.0536 2184 fvevol - ok 21:47:24.0554 2184 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys 21:47:24.0556 2184 gagp30kx - ok 21:47:24.0585 2184 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 21:47:24.0586 2184 GEARAspiWDM - ok 21:47:24.0626 2184 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll 21:47:24.0635 2184 gpsvc - ok 21:47:24.0715 2184 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 21:47:24.0717 2184 gupdate - ok 21:47:24.0741 2184 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 21:47:24.0743 2184 gupdatem - ok 21:47:24.0932 2184 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe 21:47:24.0985 2184 gusvc - ok 21:47:25.0009 2184 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 21:47:25.0128 2184 hcw85cir - ok 21:47:25.0204 2184 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 21:47:25.0209 2184 HdAudAddService - ok 21:47:25.0252 2184 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys 21:47:25.0254 2184 HDAudBus - ok 21:47:25.0260 2184 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys 21:47:25.0262 2184 HidBatt - ok 21:47:25.0281 2184 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys 21:47:25.0283 2184 HidBth - ok 21:47:25.0330 2184 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys 21:47:25.0332 2184 HidIr - ok 21:47:25.0363 2184 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll 21:47:25.0366 2184 hidserv - ok 21:47:25.0375 2184 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 21:47:25.0377 2184 HidUsb - ok 21:47:25.0405 2184 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll 21:47:25.0409 2184 hkmsvc - ok 21:47:25.0468 2184 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll 21:47:25.0471 2184 HomeGroupListener - ok 21:47:25.0508 2184 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 21:47:25.0512 2184 HomeGroupProvider - ok 21:47:25.0548 2184 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 21:47:25.0549 2184 HpSAMD - ok 21:47:25.0598 2184 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys 21:47:25.0606 2184 HTTP - ok 21:47:25.0638 2184 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 21:47:25.0638 2184 hwpolicy - ok 21:47:25.0655 2184 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys 21:47:25.0656 2184 i8042prt - ok 21:47:25.0695 2184 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 21:47:25.0700 2184 iaStorV - ok 21:47:25.0745 2184 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 21:47:25.0756 2184 idsvc - ok 21:47:25.0773 2184 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys 21:47:25.0775 2184 iirsp - ok 21:47:25.0832 2184 [ A06EFD4965F8A3F97A8C9A291D032678 ] IJPLMSVC C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE 21:47:25.0833 2184 IJPLMSVC - ok 21:47:25.0864 2184 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll 21:47:25.0876 2184 IKEEXT - ok 21:47:25.0894 2184 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys 21:47:25.0895 2184 intelide - ok 21:47:25.0907 2184 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 21:47:25.0908 2184 intelppm - ok 21:47:25.0934 2184 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll 21:47:25.0937 2184 IPBusEnum - ok 21:47:25.0965 2184 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 21:47:25.0966 2184 IpFilterDriver - ok 21:47:26.0004 2184 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 21:47:26.0011 2184 iphlpsvc - ok 21:47:26.0029 2184 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 21:47:26.0031 2184 IPMIDRV - ok 21:47:26.0046 2184 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 21:47:26.0048 2184 IPNAT - ok 21:47:26.0121 2184 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 21:47:26.0133 2184 iPod Service - ok 21:47:26.0163 2184 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 21:47:26.0164 2184 IRENUM - ok 21:47:26.0179 2184 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys 21:47:26.0220 2184 isapnp - ok 21:47:26.0269 2184 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 21:47:26.0280 2184 iScsiPrt - ok 21:47:26.0341 2184 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 21:47:26.0342 2184 kbdclass - ok 21:47:26.0376 2184 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 21:47:26.0378 2184 kbdhid - ok 21:47:26.0387 2184 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe 21:47:26.0390 2184 KeyIso - ok 21:47:26.0421 2184 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 21:47:26.0423 2184 KSecDD - ok 21:47:26.0471 2184 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 21:47:26.0474 2184 KSecPkg - ok 21:47:26.0492 2184 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 21:47:26.0494 2184 ksthunk - ok 21:47:26.0531 2184 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll 21:47:26.0540 2184 KtmRm - ok 21:47:26.0598 2184 [ 2AC603C3188C704CFCE353659AA7AD71 ] L1E C:\Windows\system32\DRIVERS\L1E62x64.sys 21:47:26.0599 2184 L1E - ok 21:47:26.0630 2184 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll 21:47:26.0635 2184 LanmanServer - ok 21:47:26.0666 2184 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 21:47:26.0671 2184 LanmanWorkstation - ok 21:47:26.0703 2184 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 21:47:26.0705 2184 lltdio - ok 21:47:26.0722 2184 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll 21:47:26.0727 2184 lltdsvc - ok 21:47:26.0744 2184 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll 21:47:26.0746 2184 lmhosts - ok 21:47:26.0781 2184 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys 21:47:26.0783 2184 LSI_FC - ok 21:47:26.0788 2184 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys 21:47:26.0790 2184 LSI_SAS - ok 21:47:26.0795 2184 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys 21:47:26.0796 2184 LSI_SAS2 - ok 21:47:26.0815 2184 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys 21:47:26.0817 2184 LSI_SCSI - ok 21:47:26.0822 2184 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys 21:47:26.0825 2184 luafv - ok 21:47:26.0867 2184 [ 024DA28053D57E9E32BEE52600576BBB ] MarvinBus C:\Windows\system32\DRIVERS\MarvinBus64.sys 21:47:26.0869 2184 MarvinBus - ok 21:47:26.0898 2184 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 21:47:26.0901 2184 Mcx2Svc - ok 21:47:26.0922 2184 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys 21:47:26.0924 2184 megasas - ok 21:47:26.0941 2184 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys 21:47:26.0944 2184 MegaSR - ok 21:47:27.0012 2184 Microsoft SharePoint Workspace Audit Service - ok 21:47:27.0058 2184 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll 21:47:27.0061 2184 MMCSS - ok 21:47:27.0067 2184 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys 21:47:27.0069 2184 Modem - ok 21:47:27.0074 2184 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys 21:47:27.0075 2184 monitor - ok 21:47:27.0110 2184 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 21:47:27.0111 2184 mouclass - ok 21:47:27.0140 2184 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 21:47:27.0142 2184 mouhid - ok 21:47:27.0171 2184 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 21:47:27.0173 2184 mountmgr - ok 21:47:27.0203 2184 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys 21:47:27.0205 2184 mpio - ok 21:47:27.0211 2184 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 21:47:27.0213 2184 mpsdrv - ok 21:47:27.0247 2184 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll 21:47:27.0256 2184 MpsSvc - ok 21:47:27.0289 2184 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 21:47:27.0292 2184 MRxDAV - ok 21:47:27.0322 2184 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 21:47:27.0325 2184 mrxsmb - ok 21:47:27.0337 2184 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 21:47:27.0341 2184 mrxsmb10 - ok 21:47:27.0365 2184 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 21:47:27.0367 2184 mrxsmb20 - ok 21:47:27.0380 2184 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys 21:47:27.0381 2184 msahci - ok 21:47:27.0397 2184 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys 21:47:27.0399 2184 msdsm - ok 21:47:27.0419 2184 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe 21:47:27.0422 2184 MSDTC - ok 21:47:27.0431 2184 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys 21:47:27.0432 2184 Msfs - ok 21:47:27.0450 2184 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 21:47:27.0451 2184 mshidkmdf - ok 21:47:27.0486 2184 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 21:47:27.0487 2184 msisadrv - ok 21:47:27.0519 2184 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 21:47:27.0523 2184 MSiSCSI - ok 21:47:27.0527 2184 msiserver - ok 21:47:27.0555 2184 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 21:47:27.0556 2184 MSKSSRV - ok 21:47:27.0586 2184 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 21:47:27.0587 2184 MSPCLOCK - ok 21:47:27.0600 2184 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 21:47:27.0601 2184 MSPQM - ok 21:47:27.0639 2184 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 21:47:27.0643 2184 MsRPC - ok 21:47:27.0669 2184 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys 21:47:27.0670 2184 mssmbios - ok 21:47:27.0690 2184 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 21:47:27.0691 2184 MSTEE - ok 21:47:27.0707 2184 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys 21:47:27.0708 2184 MTConfig - ok 21:47:27.0761 2184 [ 03B7145C889603537E9FFEABB1AD1089 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys 21:47:27.0762 2184 MTsensor - ok 21:47:27.0780 2184 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys 21:47:27.0781 2184 Mup - ok 21:47:27.0820 2184 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll 21:47:27.0827 2184 napagent - ok 21:47:27.0845 2184 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 21:47:27.0849 2184 NativeWifiP - ok 21:47:27.0890 2184 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys 21:47:27.0899 2184 NDIS - ok 21:47:27.0932 2184 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 21:47:27.0933 2184 NdisCap - ok 21:47:27.0952 2184 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 21:47:27.0954 2184 NdisTapi - ok 21:47:27.0990 2184 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 21:47:27.0992 2184 Ndisuio - ok 21:47:28.0019 2184 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 21:47:28.0022 2184 NdisWan - ok 21:47:28.0049 2184 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 21:47:28.0051 2184 NDProxy - ok 21:47:28.0168 2184 [ 6D4028D458EAAA1782099750790DC8C9 ] Nero BackItUp Scheduler 3 C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe 21:47:28.0176 2184 Nero BackItUp Scheduler 3 - ok 21:47:28.0183 2184 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 21:47:28.0185 2184 NetBIOS - ok 21:47:28.0233 2184 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 21:47:28.0236 2184 NetBT - ok 21:47:28.0245 2184 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe 21:47:28.0248 2184 Netlogon - ok 21:47:28.0297 2184 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll 21:47:28.0305 2184 Netman - ok 21:47:28.0317 2184 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll 21:47:28.0325 2184 netprofm - ok 21:47:28.0348 2184 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 21:47:28.0350 2184 NetTcpPortSharing - ok 21:47:28.0385 2184 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys 21:47:28.0386 2184 nfrd960 - ok 21:47:28.0417 2184 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll 21:47:28.0421 2184 NlaSvc - ok 21:47:28.0528 2184 [ 1BEF5464C06F4AF0C704378824C52ADB ] NMIndexingService C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe 21:47:28.0534 2184 NMIndexingService - ok 21:47:28.0539 2184 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys 21:47:28.0541 2184 Npfs - ok 21:47:28.0567 2184 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll 21:47:28.0570 2184 nsi - ok 21:47:28.0575 2184 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 21:47:28.0577 2184 nsiproxy - ok 21:47:28.0636 2184 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 21:47:28.0661 2184 Ntfs - ok 21:47:28.0686 2184 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys 21:47:28.0687 2184 Null - ok 21:47:28.0721 2184 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys 21:47:28.0724 2184 nvraid - ok 21:47:28.0744 2184 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys 21:47:28.0748 2184 nvstor - ok 21:47:28.0773 2184 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 21:47:28.0776 2184 nv_agp - ok 21:47:28.0803 2184 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 21:47:28.0804 2184 ohci1394 - ok 21:47:28.0831 2184 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 21:47:28.0833 2184 ose - ok 21:47:28.0964 2184 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 21:47:29.0045 2184 osppsvc - ok 21:47:29.0078 2184 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 21:47:29.0082 2184 p2pimsvc - ok 21:47:29.0095 2184 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll 21:47:29.0099 2184 p2psvc - ok 21:47:29.0143 2184 [ E55FDEDB0AC89B41970AAE0F44FC2DCA ] PAC207 C:\Windows\system32\DRIVERS\PFC027.SYS 21:47:29.0152 2184 PAC207 - ok 21:47:29.0185 2184 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys 21:47:29.0188 2184 Parport - ok 21:47:29.0220 2184 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys 21:47:29.0222 2184 partmgr - ok 21:47:29.0231 2184 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll 21:47:29.0237 2184 PcaSvc - ok 21:47:29.0254 2184 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys 21:47:29.0257 2184 pci - ok 21:47:29.0282 2184 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys 21:47:29.0283 2184 pciide - ok 21:47:29.0297 2184 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys 21:47:29.0300 2184 pcmcia - ok 21:47:29.0304 2184 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys 21:47:29.0305 2184 pcw - ok 21:47:29.0331 2184 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys 21:47:29.0338 2184 PEAUTH - ok 21:47:29.0414 2184 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe 21:47:29.0417 2184 PerfHost - ok 21:47:29.0485 2184 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll 21:47:29.0517 2184 pla - ok 21:47:29.0564 2184 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 21:47:29.0572 2184 PlugPlay - ok 21:47:29.0585 2184 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 21:47:29.0590 2184 PNRPAutoReg - ok 21:47:29.0612 2184 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 21:47:29.0618 2184 PNRPsvc - ok 21:47:29.0640 2184 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 21:47:29.0648 2184 PolicyAgent - ok 21:47:29.0681 2184 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll 21:47:29.0688 2184 Power - ok 21:47:29.0730 2184 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 21:47:29.0732 2184 PptpMiniport - ok 21:47:29.0759 2184 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys 21:47:29.0761 2184 Processor - ok 21:47:29.0812 2184 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll 21:47:29.0818 2184 ProfSvc - ok 21:47:29.0828 2184 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe 21:47:29.0831 2184 ProtectedStorage - ok 21:47:29.0878 2184 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys 21:47:29.0881 2184 Psched - ok 21:47:29.0932 2184 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys 21:47:29.0963 2184 ql2300 - ok 21:47:29.0969 2184 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys 21:47:29.0971 2184 ql40xx - ok 21:47:30.0008 2184 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll 21:47:30.0013 2184 QWAVE - ok 21:47:30.0023 2184 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 21:47:30.0024 2184 QWAVEdrv - ok 21:47:30.0041 2184 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 21:47:30.0042 2184 RasAcd - ok 21:47:30.0091 2184 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 21:47:30.0093 2184 RasAgileVpn - ok 21:47:30.0105 2184 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll 21:47:30.0109 2184 RasAuto - ok 21:47:30.0138 2184 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 21:47:30.0140 2184 Rasl2tp - ok 21:47:30.0172 2184 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll 21:47:30.0180 2184 RasMan - ok 21:47:30.0198 2184 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 21:47:30.0200 2184 RasPppoe - ok 21:47:30.0231 2184 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 21:47:30.0234 2184 RasSstp - ok 21:47:30.0267 2184 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 21:47:30.0271 2184 rdbss - ok 21:47:30.0294 2184 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 21:47:30.0296 2184 rdpbus - ok 21:47:30.0314 2184 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 21:47:30.0315 2184 RDPCDD - ok 21:47:30.0327 2184 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 21:47:30.0328 2184 RDPENCDD - ok 21:47:30.0352 2184 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 21:47:30.0353 2184 RDPREFMP - ok 21:47:30.0389 2184 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 21:47:30.0392 2184 RDPWD - ok 21:47:30.0430 2184 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 21:47:30.0433 2184 rdyboost - ok 21:47:30.0463 2184 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll 21:47:30.0476 2184 RemoteAccess - ok 21:47:30.0605 2184 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll 21:47:30.0638 2184 RemoteRegistry - ok 21:47:30.0717 2184 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 21:47:30.0743 2184 RpcEptMapper - ok 21:47:30.0771 2184 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe 21:47:30.0774 2184 RpcLocator - ok 21:47:30.0809 2184 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll 21:47:30.0818 2184 RpcSs - ok 21:47:30.0826 2184 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 21:47:30.0829 2184 rspndr - ok 21:47:30.0845 2184 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe 21:47:30.0847 2184 SamSs - ok 21:47:30.0880 2184 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 21:47:30.0881 2184 sbp2port - ok 21:47:30.0932 2184 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe 21:47:30.0938 2184 SBSDWSCService - ok 21:47:30.0976 2184 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll 21:47:30.0982 2184 SCardSvr - ok 21:47:31.0011 2184 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 21:47:31.0013 2184 scfilter - ok 21:47:31.0060 2184 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll 21:47:31.0073 2184 Schedule - ok 21:47:31.0101 2184 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll 21:47:31.0102 2184 SCPolicySvc - ok 21:47:31.0128 2184 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll 21:47:31.0133 2184 SDRSVC - ok 21:47:31.0148 2184 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 21:47:31.0149 2184 secdrv - ok 21:47:31.0183 2184 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll 21:47:31.0221 2184 seclogon - ok 21:47:31.0229 2184 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll 21:47:31.0232 2184 SENS - ok 21:47:31.0242 2184 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll 21:47:31.0245 2184 SensrSvc - ok 21:47:31.0281 2184 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 21:47:31.0282 2184 Serenum - ok 21:47:31.0301 2184 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys 21:47:31.0303 2184 Serial - ok 21:47:31.0323 2184 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys 21:47:31.0324 2184 sermouse - ok 21:47:31.0359 2184 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll 21:47:31.0363 2184 SessionEnv - ok 21:47:31.0385 2184 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 21:47:31.0387 2184 sffdisk - ok 21:47:31.0394 2184 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 21:47:31.0396 2184 sffp_mmc - ok 21:47:31.0409 2184 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 21:47:31.0410 2184 sffp_sd - ok 21:47:31.0430 2184 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys 21:47:31.0432 2184 sfloppy - ok 21:47:31.0468 2184 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll 21:47:31.0477 2184 SharedAccess - ok 21:47:31.0506 2184 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll 21:47:31.0512 2184 ShellHWDetection - ok 21:47:31.0528 2184 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys 21:47:31.0530 2184 SiSRaid2 - ok 21:47:31.0535 2184 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys 21:47:31.0536 2184 SiSRaid4 - ok 21:47:31.0547 2184 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys 21:47:31.0549 2184 Smb - ok 21:47:31.0578 2184 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe 21:47:31.0582 2184 SNMPTRAP - ok 21:47:31.0586 2184 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys 21:47:31.0587 2184 spldr - ok 21:47:31.0629 2184 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe 21:47:31.0635 2184 Spooler - ok 21:47:31.0712 2184 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe 21:47:31.0774 2184 sppsvc - ok 21:47:31.0791 2184 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll 21:47:31.0795 2184 sppuinotify - ok 21:47:31.0833 2184 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys 21:47:31.0838 2184 srv - ok 21:47:31.0855 2184 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 21:47:31.0859 2184 srv2 - ok 21:47:31.0892 2184 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 21:47:31.0894 2184 srvnet - ok 21:47:31.0932 2184 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 21:47:31.0939 2184 SSDPSRV - ok 21:47:31.0946 2184 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll 21:47:31.0952 2184 SstpSvc - ok 21:47:31.0973 2184 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys 21:47:31.0974 2184 stexstor - ok 21:47:32.0014 2184 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll 21:47:32.0023 2184 stisvc - ok 21:47:32.0052 2184 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys 21:47:32.0052 2184 swenum - ok 21:47:32.0087 2184 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll 21:47:32.0095 2184 swprv - ok 21:47:32.0145 2184 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll 21:47:32.0179 2184 SysMain - ok 21:47:32.0206 2184 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll 21:47:32.0210 2184 TabletInputService - ok 21:47:32.0240 2184 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll 21:47:32.0246 2184 TapiSrv - ok 21:47:32.0278 2184 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll 21:47:32.0281 2184 TBS - ok 21:47:32.0338 2184 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 21:47:32.0360 2184 Tcpip - ok 21:47:32.0416 2184 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 21:47:32.0425 2184 TCPIP6 - ok 21:47:32.0456 2184 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 21:47:32.0469 2184 tcpipreg - ok 21:47:32.0489 2184 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 21:47:32.0490 2184 TDPIPE - ok 21:47:32.0513 2184 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 21:47:32.0514 2184 TDTCP - ok 21:47:32.0560 2184 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 21:47:32.0563 2184 tdx - ok 21:47:32.0573 2184 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys 21:47:32.0575 2184 TermDD - ok 21:47:32.0607 2184 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll 21:47:32.0617 2184 TermService - ok 21:47:32.0637 2184 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll 21:47:32.0640 2184 Themes - ok 21:47:32.0665 2184 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll 21:47:32.0668 2184 THREADORDER - ok 21:47:32.0686 2184 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll 21:47:32.0691 2184 TrkWks - ok 21:47:32.0745 2184 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 21:47:32.0748 2184 TrustedInstaller - ok 21:47:32.0785 2184 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 21:47:32.0786 2184 tssecsrv - ok 21:47:32.0828 2184 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 21:47:32.0830 2184 TsUsbFlt - ok 21:47:32.0888 2184 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 21:47:32.0890 2184 tunnel - ok 21:47:32.0913 2184 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys 21:47:32.0915 2184 uagp35 - ok 21:47:32.0952 2184 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 21:47:32.0957 2184 udfs - ok 21:47:32.0985 2184 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe 21:47:32.0989 2184 UI0Detect - ok 21:47:33.0012 2184 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 21:47:33.0014 2184 uliagpkx - ok 21:47:33.0063 2184 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys 21:47:33.0064 2184 umbus - ok 21:47:33.0084 2184 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys 21:47:33.0086 2184 UmPass - ok 21:47:33.0122 2184 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll 21:47:33.0129 2184 upnphost - ok 21:47:33.0173 2184 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys 21:47:33.0174 2184 USBAAPL64 - ok 21:47:33.0225 2184 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 21:47:33.0227 2184 usbaudio - ok 21:47:33.0252 2184 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 21:47:33.0254 2184 usbccgp - ok 21:47:33.0292 2184 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys 21:47:33.0294 2184 usbcir - ok 21:47:33.0299 2184 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 21:47:33.0301 2184 usbehci - ok 21:47:33.0325 2184 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 21:47:33.0329 2184 usbhub - ok 21:47:33.0350 2184 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys 21:47:33.0351 2184 usbohci - ok 21:47:33.0379 2184 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 21:47:33.0380 2184 usbprint - ok 21:47:33.0406 2184 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 21:47:33.0407 2184 usbscan - ok 21:47:33.0442 2184 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 21:47:33.0444 2184 USBSTOR - ok 21:47:33.0450 2184 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys 21:47:33.0452 2184 usbuhci - ok 21:47:33.0466 2184 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll 21:47:33.0472 2184 UxSms - ok 21:47:33.0486 2184 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe 21:47:33.0488 2184 VaultSvc - ok 21:47:33.0500 2184 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 21:47:33.0501 2184 vdrvroot - ok 21:47:33.0538 2184 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe 21:47:33.0546 2184 vds - ok 21:47:33.0563 2184 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 21:47:33.0564 2184 vga - ok 21:47:33.0583 2184 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys 21:47:33.0585 2184 VgaSave - ok 21:47:33.0606 2184 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 21:47:33.0609 2184 vhdmp - ok 21:47:33.0635 2184 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys 21:47:33.0636 2184 viaide - ok 21:47:33.0657 2184 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys 21:47:33.0658 2184 volmgr - ok 21:47:33.0698 2184 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 21:47:33.0703 2184 volmgrx - ok 21:47:33.0720 2184 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys 21:47:33.0725 2184 volsnap - ok 21:47:33.0757 2184 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys 21:47:33.0760 2184 vsmraid - ok 21:47:33.0808 2184 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe 21:47:33.0832 2184 VSS - ok 21:47:33.0861 2184 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys 21:47:33.0862 2184 vwifibus - ok 21:47:33.0884 2184 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll 21:47:33.0892 2184 W32Time - ok 21:47:33.0910 2184 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys 21:47:33.0912 2184 WacomPen - ok 21:47:33.0945 2184 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 21:47:33.0947 2184 WANARP - ok 21:47:33.0961 2184 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 21:47:33.0963 2184 Wanarpv6 - ok 21:47:34.0035 2184 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe 21:47:34.0057 2184 WatAdminSvc - ok 21:47:34.0104 2184 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe 21:47:34.0129 2184 wbengine - ok 21:47:34.0147 2184 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 21:47:34.0154 2184 WbioSrvc - ok 21:47:34.0185 2184 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll 21:47:34.0193 2184 wcncsvc - ok 21:47:34.0210 2184 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 21:47:34.0215 2184 WcsPlugInService - ok 21:47:34.0231 2184 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys 21:47:34.0232 2184 Wd - ok 21:47:34.0277 2184 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 21:47:34.0286 2184 Wdf01000 - ok 21:47:34.0304 2184 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll 21:47:34.0308 2184 WdiServiceHost - ok 21:47:34.0312 2184 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll 21:47:34.0316 2184 WdiSystemHost - ok 21:47:34.0352 2184 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll 21:47:34.0358 2184 WebClient - ok 21:47:34.0376 2184 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll 21:47:34.0381 2184 Wecsvc - ok 21:47:34.0387 2184 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll 21:47:34.0390 2184 wercplsupport - ok 21:47:34.0421 2184 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll 21:47:34.0425 2184 WerSvc - ok 21:47:34.0460 2184 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 21:47:34.0473 2184 WfpLwf - ok 21:47:34.0477 2184 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys 21:47:34.0479 2184 WIMMount - ok 21:47:34.0494 2184 WinDefend - ok 21:47:34.0499 2184 WinHttpAutoProxySvc - ok 21:47:34.0675 2184 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 21:47:34.0679 2184 Winmgmt - ok 21:47:34.0738 2184 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll 21:47:34.0782 2184 WinRM - ok 21:47:34.0842 2184 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 21:47:34.0844 2184 WinUsb - ok 21:47:34.0878 2184 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll 21:47:34.0893 2184 Wlansvc - ok 21:47:34.0953 2184 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 21:47:34.0955 2184 wlcrasvc - ok 21:47:35.0048 2184 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 21:47:35.0073 2184 wlidsvc - ok 21:47:35.0096 2184 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 21:47:35.0097 2184 WmiAcpi - ok 21:47:35.0130 2184 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 21:47:35.0133 2184 wmiApSrv - ok 21:47:35.0162 2184 WMPNetworkSvc - ok 21:47:35.0183 2184 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll 21:47:35.0187 2184 WPCSvc - ok 21:47:35.0208 2184 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 21:47:35.0213 2184 WPDBusEnum - ok 21:47:35.0245 2184 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 21:47:35.0246 2184 ws2ifsl - ok 21:47:35.0257 2184 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll 21:47:35.0261 2184 wscsvc - ok 21:47:35.0267 2184 WSearch - ok 21:47:35.0331 2184 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll 21:47:35.0345 2184 wuauserv - ok 21:47:35.0377 2184 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 21:47:35.0379 2184 WudfPf - ok 21:47:35.0419 2184 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 21:47:35.0422 2184 WUDFRd - ok 21:47:35.0455 2184 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 21:47:35.0463 2184 wudfsvc - ok 21:47:35.0488 2184 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll 21:47:35.0493 2184 WwanSvc - ok 21:47:35.0500 2184 ================ Scan global =============================== 21:47:35.0525 2184 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll 21:47:35.0554 2184 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll 21:47:35.0564 2184 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll 21:47:35.0589 2184 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll 21:47:35.0623 2184 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe 21:47:35.0627 2184 [Global] - ok 21:47:35.0628 2184 ================ Scan MBR ================================== 21:47:35.0636 2184 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 21:47:35.0822 2184 \Device\Harddisk0\DR0 - ok 21:47:35.0827 2184 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1 21:47:35.0832 2184 \Device\Harddisk1\DR1 - ok 21:47:35.0832 2184 ================ Scan VBR ================================== 21:47:35.0843 2184 [ B779E78B4DD229FA1F00B344CC124EDD ] \Device\Harddisk0\DR0\Partition1 21:47:35.0845 2184 \Device\Harddisk0\DR0\Partition1 - ok 21:47:35.0852 2184 [ 155D46ECE667BC85E06FA839493C2D02 ] \Device\Harddisk1\DR1\Partition1 21:47:35.0853 2184 \Device\Harddisk1\DR1\Partition1 - ok 21:47:35.0854 2184 ============================================================ 21:47:35.0854 2184 Scan finished 21:47:35.0854 2184 ============================================================ 21:47:35.0865 3120 Detected object count: 0 21:47:35.0865 3120 Actual detected object count: 0
-
kaspersky,mi fa la scansione apro report lo evidenzio,ma nn mi apre per copiarlo e incollarlo
-
kaspersky,mi fa la scansione apro report lo evidenzio,ma nn mi apre per copiarlo e incollarlo
-
OTL Extras logfile created on: 07/02/2013 19:21:24 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\rosy\Desktop\Nuova cartella (3) 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy 4,00 Gb Total Physical Memory | 2,47 Gb Available Physical Memory | 61,70% Memory free 8,00 Gb Paging File | 6,33 Gb Available in Paging File | 79,18% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 460,57 Gb Total Space | 297,95 Gb Free Space | 64,69% Space Free | Partition Type: NTFS Computer Name: ROSY-PC | User Name: rosy | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software) https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software) https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{00987A1D-F2B9-4212-A7EA-7C59E34381D2}" = rport=137 | protocol=17 | dir=out | app=system | "{11B11611-AB5E-42B2-B018-BBC8F52C04EF}" = lport=137 | protocol=17 | dir=in | app=system | "{173869AE-F34A-42AA-A5BD-B1F8A5903E14}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{239B79BF-F170-4CDB-A287-C342F55ADFD5}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{28510F5B-5700-4BFE-97DB-FD0ADEEE2EC1}" = lport=2869 | protocol=6 | dir=in | app=system | "{3D22AA8E-6CFE-4DE3-8B4D-C2CE0AE87EC1}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{41E58A06-9030-48E2-9FBF-31CF90F5C5A0}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{50241922-65E7-43C8-9BE1-99E24878CD56}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{51086DFF-25C3-441C-9DC5-5E040FE4905A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{52D41B75-99CD-4550-80B0-7F4D4496CAAA}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{5560FB7A-F7D5-4073-99ED-4F58646D0E07}" = lport=138 | protocol=17 | dir=in | app=system | "{57B0AED4-2D1D-4532-8E5D-0D3C0C74D7CE}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{6A3DF1E8-8471-4ED2-98D9-215327426FC1}" = rport=10243 | protocol=6 | dir=out | app=system | "{8353CF3E-6777-40BE-B7C6-8C1D5CA17AF3}" = rport=139 | protocol=6 | dir=out | app=system | "{83A7E89A-4433-4DB4-8F69-5F49589D2867}" = rport=138 | protocol=17 | dir=out | app=system | "{8C106072-18F2-47B9-92A7-E5DA7F9AF661}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{8D4DDC3A-E9D0-4337-8AE4-80CB04BB13BE}" = rport=445 | protocol=6 | dir=out | app=system | "{B8B1498B-CAD0-44A6-97C5-0F39F1AA0566}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{BFC06245-DD0C-43B2-81BF-51854A118633}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{CCEDC339-CA4B-4F70-AAAE-26F0C5B0A276}" = lport=10243 | protocol=6 | dir=in | app=system | "{D04F81C3-378C-4FC2-9DE8-612FE4FAA694}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{D06CC6E0-9B87-4665-999B-0660202A0C15}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe | "{E5523EE0-9F9D-44A4-B22B-E6BF5DEF70FA}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{F1F2B72D-9F1E-4F0D-BCF8-96BB6E75ACDC}" = lport=139 | protocol=6 | dir=in | app=system | "{FA7713DE-94F0-4BAD-8533-BE8E46F528F4}" = lport=445 | protocol=6 | dir=in | app=system | "{FBB8F19E-587B-463D-8D28-74EBA55A7EC8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{04CA1146-7E2C-4CCF-B6F3-E6D28C89817A}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{107166A5-0D12-49BD-8D41-752909CE1D40}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{178367A2-ABB3-4BD7-9DE0-89AD044354C0}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{193E11E3-2850-4B14-A2EE-B4E334A9543E}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{19F9B202-0A66-4979-A63E-22C225CABA65}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{1EBECBDD-4C49-41FD-AC2C-38A22652FE42}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe | "{232EA409-FEAD-4CC4-89D2-5C74D9D9FC40}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{268688FF-3C02-4FFE-B2BD-487588ABDDBE}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{334FB308-84FC-481D-BBEE-C16F951351C9}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 15\programs\studio.exe | "{40259BD7-B33D-467B-B4E5-FCA1A98F5702}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{42F03ADC-B2BD-4463-BC70-E8795A62A3D0}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe | "{44D3D219-F7FE-4F25-86C2-13AF95D45620}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{472656CA-995D-4C7C-B87A-04BB2786F0E2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{4B5E8424-F391-4BA1-B902-A958CD84A4FB}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | "{55D65A18-A33F-4FDD-BA92-C3AB3815EDDB}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{56E1631F-2183-4B40-A703-A60BE73E18C4}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "{5C94A239-D6CC-41AE-A544-54D91C5934B8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{61E4D5CB-9E9A-40D9-B61F-D67EB4930662}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{644B132A-2C2D-4852-934E-880E4A503886}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe | "{65D455DB-B372-473F-A415-02E9F80F1897}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe | "{6692C513-D647-4BE2-BBEC-1EE1C0FBDE16}" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe | "{6A010C39-BAD7-486C-B094-B941467D0F87}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | "{6EAF2337-6FDC-45DA-B89E-3A13A9D4C9D4}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | "{6FF4E6C5-72E9-4E53-BAC9-5B1EE8263D0D}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{74DEF11D-0118-47EB-A7D3-D0015FDB082D}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\pluginwrapper\opera_plugin_wrapper.exe | "{76EF8674-36BC-4FCB-A6A5-945F761C2BF9}" = protocol=6 | dir=out | app=system | "{79BF850C-03BE-4FE3-8972-FA9BC38CDC43}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{85F1D703-BDDE-41D9-BB81-53844F7A3EDC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{8E9CE987-9CFC-4D13-9C32-3B0D4E02C695}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 15\programs\umi.exe | "{96A51768-055B-4B6D-866B-18CDC4D96265}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{9AAA2DAB-1697-4FE5-B5FB-FED971EB36C4}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{A94E449D-92FA-4C79-BE01-981AD3ED3F1A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{ABAF8444-49B7-46BF-A821-092390DE1439}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 15\programs\rm.exe | "{B698761C-990B-4A9C-A63F-3FBA74CFF084}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{BBECCB51-EC31-41DA-A3B0-362CE2E62122}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{CDED2C8B-4659-4534-AC1A-B851A7195DD4}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{CECD6B9A-961F-4EF9-BDA3-0F283EE18682}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe | "{CF8E4E6C-EE06-4658-A261-A7C83A33FA7E}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | "{D511BC8E-7584-4E88-804A-CB37A63E730D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{D6151435-FAC1-4D48-AE0D-912CF88B3F55}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 15\programs\studio.exe | "{D69E509B-23DC-4CEB-9725-1ACECCD9D000}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{D730F676-5F4A-42DB-AB45-796B693C8C3D}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | "{DFDB77F6-2DA8-4701-9BC1-494597C36823}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{E0357592-5A71-4B62-9F67-33E23B8523C9}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 15\programs\rm.exe | "{EF3880DA-17FC-445D-BE88-8B5577FC4E0E}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 15\programs\umi.exe | "{F1558242-D8BF-49F3-9A38-0FF32892B989}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe | "{F2E76BEC-B9F9-4AA1-9CCD-407DCC304011}" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe | "{F6A17C7A-0EFF-44AC-8983-A9830E239D4F}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\pluginwrapper\opera_plugin_wrapper.exe | "TCP Query User{13E1A081-7F3D-482C-BBDA-84E2C4BB0D83}C:\program files\vuze\azureus.exe" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe | "TCP Query User{77048C63-3CDD-40DB-B576-F8623CA15E83}C:\program files (x86)\emule adunanza\emule_adnza.exe" = protocol=6 | dir=in | app=c:\program files (x86)\emule adunanza\emule_adnza.exe | "TCP Query User{950AD9B1-371E-4A5F-B52A-DA8548A9DD43}C:\program files (x86)\emule adunanza\emule_adnza.exe" = protocol=6 | dir=in | app=c:\program files (x86)\emule adunanza\emule_adnza.exe | "TCP Query User{B1E41993-2225-4FA5-9D36-C9B2F39A7E89}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | "TCP Query User{E6A1EB7E-EDF5-40F7-B7B6-20354C538551}C:\users\rosy\desktop\utorrent-3.0-latest.x64.exe" = protocol=6 | dir=in | app=c:\users\rosy\desktop\utorrent-3.0-latest.x64.exe | "TCP Query User{FEBD59D9-BEC6-4FDC-8681-6FF0596758B5}C:\users\rosy\desktop\utorrent-3.0-latest.x64.exe" = protocol=6 | dir=in | app=c:\users\rosy\desktop\utorrent-3.0-latest.x64.exe | "UDP Query User{1189D3C9-EE2D-44E7-91D4-2D2251899DD8}C:\program files\vuze\azureus.exe" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe | "UDP Query User{1E759DA0-2EEE-4923-84F5-783ADBC9DF55}C:\users\rosy\desktop\utorrent-3.0-latest.x64.exe" = protocol=17 | dir=in | app=c:\users\rosy\desktop\utorrent-3.0-latest.x64.exe | "UDP Query User{4E90BF9A-1A85-4681-A6C0-A1EBB4B2BB47}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | "UDP Query User{5EDD27D6-E02C-40F8-AB59-7111E31204BF}C:\users\rosy\desktop\utorrent-3.0-latest.x64.exe" = protocol=17 | dir=in | app=c:\users\rosy\desktop\utorrent-3.0-latest.x64.exe | "UDP Query User{AFE9F1D2-A183-4557-BDEB-76D8176465DE}C:\program files (x86)\emule adunanza\emule_adnza.exe" = protocol=17 | dir=in | app=c:\program files (x86)\emule adunanza\emule_adnza.exe | "UDP Query User{B4D379BB-4C5C-40E0-945E-25CCEB771D2C}C:\program files (x86)\emule adunanza\emule_adnza.exe" = protocol=17 | dir=in | app=c:\program files (x86)\emule adunanza\emule_adnza.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector "{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety "{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP270_series" = Canon MP270 series MP Drivers "{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}" = iTunes "{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant "{25B473DB-CC8D-384A-ACE7-7CFB119B7E03}" = Microsoft .NET Framework 4 Client Profile ITA Language Pack "{27B3E5AA-5B75-414A-AC37-F5ADDFA68BDB}" = Windows Live Family Safety "{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources "{6DE721A5-5E89-4D74-994C-652BB3C0672E}" = Driver Pinnacle Video "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour "{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}" = Apple Mobile Device Support "{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources "{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010 "{90140000-002A-0410-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Italian) 2010 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "8461-7759-5462-8226" = Vuze "CCleaner" = CCleaner "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile ITA Language Pack" = Microsoft .NET Framework 4 Client Profile - Language Pack (ITA) "uTorrent" = µTorrent "WinRAR archiver" = WinRAR 4.11 (64-bit) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{06925CEE-763F-4F0D-A40E-5FD383886055}" = Alice G-132 "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1 "{1362E602-9625-42D3-B57F-CDA9D26F9DA8}" = Pinnacle Studio 15 "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{244E21B9-164C-4EC1-AED8-9BD64161E66D}" = ArcSoft VideoImpression 2 "{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7 "{2FEC5714-F642-4258-8336-E596A1494860}" = Messenger Plus! Community Smartbar "{33286280-8617-11E1-8FF6-B8AC6F97B88E}" = Google Earth Plug-in "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup "{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack "{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{5E6EC4DD-7B1F-4E10-82B9-EA1B90791040}" = Nero 8 "{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Supporto applicazioni Apple "{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{6E8AFC13-F7B8-41D8-88AB-F1D0CFC56305}" = Windows Live Messenger "{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010 "{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0015-0410-0000-0000000FF1CE}" = Microsoft Office Access MUI (Italian) 2010 "{90140000-0015-0410-0000-0000000FF1CE}_Office14.PROPLUS_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2010 "{90140000-0016-0410-0000-0000000FF1CE}_Office14.PROPLUS_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2010 "{90140000-0018-0410-0000-0000000FF1CE}_Office14.PROPLUS_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0019-0410-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Italian) 2010 "{90140000-0019-0410-0000-0000000FF1CE}_Office14.PROPLUS_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001A-0410-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Italian) 2010 "{90140000-001A-0410-0000-0000000FF1CE}_Office14.PROPLUS_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2010 "{90140000-001B-0410-0000-0000000FF1CE}_Office14.PROPLUS_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010 "{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 "{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010 "{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUS_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0410-1000-0000000FF1CE}_Office14.PROPLUS_{6664EABC-4985-4C45-925C-6E23AB142266}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2010 "{90140000-002C-0410-0000-0000000FF1CE}_Office14.PROPLUS_{711BC808-AC64-48E2-82B2-6B53BB802142}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0044-0410-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Italian) 2010 "{90140000-0044-0410-0000-0000000FF1CE}_Office14.PROPLUS_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2010 "{90140000-006E-0410-0000-0000000FF1CE}_Office14.PROPLUS_{C9172EE7-BDCA-4E57-9217-4C589947298B}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00A1-0410-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Italian) 2010 "{90140000-00A1-0410-0000-0000000FF1CE}_Office14.PROPLUS_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00BA-0410-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Italian) 2010 "{90140000-00BA-0410-0000-0000000FF1CE}_Office14.PROPLUS_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1) "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195 "{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources "{95140000-007A-0410-0000-0000000FF1CE}" = Microsoft Office Outlook Connector "{95140000-007D-0409-0000-0000000FF1CE}" = Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AC76BA86-7AD7-1040-7B44-AB0000000001}" = Adobe Reader XI (11.0.01) - Italiano "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}" = Windows Live Mesh ActiveX Control for Remote Connections "{C679F9B9-C65D-4C65-BD6C-BF90B859E281}" = Trust 100K Series Webcam "{C7DAD22D-29D4-438F-B986-03B9ED582EA4}" = Messenger Companion "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D9DA5C41-964F-455F-B5E7-3664519440E8}_is1" = Bit Che "{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh "{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger "{EC3B598C-1151-4191-B5B4-A9072ADE6259}_is1" = ZipGenius 6.3 "{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Ashampoo Music Studio 3_is1" = Ashampoo Music Studio 3 3.51 "avast" = avast! Free Antivirus "CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program "CanonMyPrinter" = Canon Utilities My Printer "CanonSolutionMenu" = Canon Utilities Solution Menu "DivX Setup" = DivX Setup "Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX "Easy-WebPrint EX" = Canon Easy-WebPrint EX "eMule AdunanzA" = AdunanzA "FormatFactory" = FormatFactory 2.70 "Google Chrome" = Google Chrome "HijackThis" = HijackThis 2.0.2 "InstallShield_{06925CEE-763F-4F0D-A40E-5FD383886055}" = Alice G-132 "KLiteCodecPack_is1" = K-Lite Codec Pack 8.8.0 (Full) "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versione 1.70.0.1100 "MP Navigator EX 3.0" = Canon MP Navigator EX 3.0 "MyComposer_is1" = PhotoSì MyComposer 5.0 "Office14.PROPLUS" = Microsoft Office Professional Plus 2010 "Opera 12.00.1467" = Opera 12.00 "PARLA SUBITO! INGLESE BASE" = PARLA SUBITO! INGLESE BASE "Picasa 3" = Picasa 3 "Registrazione utente Canon MP270 series" = Registrazione utente Canon MP270 series "TimeLineRemove_is1" = TimeLineRemove "VLC media player" = VLC media player 2.0.2 "WinLiveSuite" = Windows Live Essentials ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 02/02/2013 14:41:58 | Computer Name = rosy-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 02/02/2013 14:41:58 | Computer Name = rosy-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 182927 Error - 02/02/2013 14:41:58 | Computer Name = rosy-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 182927 Error - 03/02/2013 09:02:08 | Computer Name = rosy-PC | Source = Customer Experience Improvement Program | ID = 1008 Description = Error - 04/02/2013 13:55:48 | Computer Name = rosy-PC | Source = Customer Experience Improvement Program | ID = 1008 Description = Error - 05/02/2013 07:28:06 | Computer Name = rosy-PC | Source = Application Hang | ID = 1002 Description = Il programma SoftwareUpdate.exe versione 2.1.3.127 non interagisce più con Windows ed è stato chiuso. Per vedere se sono disponibili ulteriori informazioni sul problema, verificare la cronologia del problema in Centro operativo nel Pannello di controllo. ID processo: a44 Ora di avvio: 01ce0392c1f58ed9 Ora di chiusura: 15 Percorso applicazione: C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe ID segnalazione: 0df4e17e-6f87-11e2-951a-0026185abb47 Error - 06/02/2013 17:10:25 | Computer Name = rosy-PC | Source = Application Hang | ID = 1002 Description = Il programma OTL.exe versione 3.2.69.0 non interagisce più con Windows ed è stato chiuso. Per vedere se sono disponibili ulteriori informazioni sul problema, verificare la cronologia del problema in Centro operativo nel Pannello di controllo. ID processo: ec4 Ora di avvio: 01ce04ad95dda010 Ora di chiusura: 0 Percorso applicazione: C:\Users\rosy\Desktop\OTL.exe ID segnalazione: 8c28f2ae-70a1-11e2-8c1f-0026185abb47 Error - 06/02/2013 17:25:32 | Computer Name = rosy-PC | Source = Application Hang | ID = 1002 Description = Il programma OTL.exe versione 3.2.69.0 non interagisce più con Windows ed è stato chiuso. Per vedere se sono disponibili ulteriori informazioni sul problema, verificare la cronologia del problema in Centro operativo nel Pannello di controllo. ID processo: 9ac Ora di avvio: 01ce04ae6639cf06 Ora di chiusura: 6 Percorso applicazione: C:\Users\rosy\Desktop\OTL.exe ID segnalazione: Error - 06/02/2013 17:44:10 | Computer Name = rosy-PC | Source = Customer Experience Improvement Program | ID = 1008 Description = Error - 06/02/2013 17:44:36 | Computer Name = rosy-PC | Source = Application Error | ID = 1000 Description = Nome dell'applicazione che ha generato l'errore: aswMBR.exe, versione: 0.9.9.1707, timestamp: 0x509be8bf Nome del modulo che ha generato l'errore: ntdll.dll, versione: 6.1.7601.17725, timestamp: 0x4ec49b8f Codice eccezione: 0xc0000005 Offset errore 0x0002e3be ID processo che ha generato l'errore: 0xe08 Ora di avvio dell'applicazione che ha generato l'errore: 0x01ce04b2ca5664d1 Percorso dell'applicazione che ha generato l'errore: C:\Users\rosy\Desktop\aswMBR.exe Percorso del modulo che ha generato l'errore: C:\Windows\SysWOW64\ntdll.dll ID segnalazione: 664e526b-70a6-11e2-8c1f-0026185abb47 Error - 07/02/2013 09:56:29 | Computer Name = rosy-PC | Source = Customer Experience Improvement Program | ID = 1008 Description = [ System Events ] Error - 20/11/2012 07:10:23 | Computer Name = rosy-PC | Source = atikmdag | ID = 52236 Description = CPLIB :: General - Invalid Parameter Error - 20/11/2012 07:10:23 | Computer Name = rosy-PC | Source = atikmdag | ID = 43029 Description = Display is not active Error - 20/11/2012 15:38:14 | Computer Name = rosy-PC | Source = atikmdag | ID = 52236 Description = CPLIB :: General - Invalid Parameter Error - 20/11/2012 15:38:14 | Computer Name = rosy-PC | Source = atikmdag | ID = 43029 Description = Display is not active Error - 20/11/2012 15:38:30 | Computer Name = rosy-PC | Source = Disk | ID = 262155 Description = Il driver ha rilevato un errore del controller su \Device\Harddisk1\DR1. Error - 20/11/2012 15:38:30 | Computer Name = rosy-PC | Source = Disk | ID = 262155 Description = Il driver ha rilevato un errore del controller su \Device\Harddisk1\DR1. Error - 21/11/2012 08:44:17 | Computer Name = rosy-PC | Source = atikmdag | ID = 52236 Description = CPLIB :: General - Invalid Parameter Error - 21/11/2012 08:44:17 | Computer Name = rosy-PC | Source = atikmdag | ID = 43029 Description = Display is not active Error - 21/11/2012 12:38:49 | Computer Name = rosy-PC | Source = atikmdag | ID = 52236 Description = CPLIB :: General - Invalid Parameter Error - 21/11/2012 12:38:49 | Computer Name = rosy-PC | Source = atikmdag | ID = 43029 Description = Display is not active < End of report >
-
riuscita OTL logfile created on: 07/02/2013 19:21:24 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\rosy\Desktop\Nuova cartella (3) 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy 4,00 Gb Total Physical Memory | 2,47 Gb Available Physical Memory | 61,70% Memory free 8,00 Gb Paging File | 6,33 Gb Available in Paging File | 79,18% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 460,57 Gb Total Space | 297,95 Gb Free Space | 64,69% Space Free | Partition Type: NTFS Computer Name: ROSY-PC | User Name: rosy | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\rosy\Desktop\Nuova cartella (3)\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Programmi\AVAST Software\Avast\AvastUI.exe (AVAST Software) PRC - C:\Programmi\AVAST Software\Avast\AvastSvc.exe (AVAST Software) PRC - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE () PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.) ========== Modules (No Company Name) ========== MOD - C:\Users\rosy\AppData\Local\Google\Chrome\User Data\PepperFlash\11.5.31.139\pepflashplayer.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\pdf.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\libglesv2.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\libegl.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\ffmpegsumo.dll () ========== Services (SafeList) ========== SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (avast! Antivirus) -- C:\Programmi\AVAST Software\Avast\AvastSvc.exe (AVAST Software) SRV - (wlidsvc) -- C:\Programmi\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) SRV - (wlcrasvc) -- C:\Programmi\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (osppsvc) -- C:\Programmi\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (IJPLMSVC) -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE () ========== Driver Services (SafeList) ========== DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software) DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software) DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software) DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software) DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software) DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.) DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (L1E) -- C:\Windows\SysNative\drivers\L1E62x64.sys (Atheros Communications, Inc.) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (PAC207) -- C:\Windows\SysNative\drivers\PFC027.SYS (PixArt Imaging Inc.) DRV:64bit: - (A5AGU) -- C:\Windows\SysNative\drivers\AGUx64.sys (Atheros Communications, Inc.) DRV:64bit: - (MarvinBus) -- C:\Windows\SysNative\drivers\MarvinBus64.sys (Pinnacle Systems GmbH) DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys () DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.chatzum.com/ IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5} IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://search.chatzum.com/?q={searchTerms} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://it.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = it IE - HKCU\..\SearchScopes,BrowserMngrDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKCU\..\SearchScopes,DefaultScope = {0388404D-6072-4CEB-B521-8F090FEAEE57} IE - HKCU\..\SearchScopes\{0388404D-6072-4CEB-B521-8F090FEAEE57}: "URL" = http://klit.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.4.0&install_country=IT&install_date=20120603&user_guid=985E3F5A4D644327BD681BEF39B4761B&machine_id=423dba73537c70de0e33a7139f9c55ad&browser=IE&os=win&os_version=6.1-x64-SP0&iesrc={referrer:source} IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=110823&tt=120912_cpc_3712_2&babsrc=SP_ss&mntrId=78675a2c000000000000001b1101ebd0 IE - HKCU\..\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: "URL" = http://search.chatzum.com/?q={SearchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\IB UPDATER\FIREFOX FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/06/18 10:53:38 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\IB Updater\Firefox [2012/09/16 13:56:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions ========== Chrome ========== CHR - homepage: http://www.google.com CHR - default_search_provider: Yahoo! Italia (Enabled) CHR - default_search_provider: search_url = http://it.search.yahoo.com/search?ei={inputEncoding}&fr=crmas&p={searchTerms} CHR - default_search_provider: suggest_url = http://it-sayt.ff.search.yahoo.com/gossip-it-sayt?output=fxjson&command={searchTerms} CHR - homepage: http://www.google.com CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\gcswf32.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - Extension: Fancy Gaming Simplifier = C:\Users\rosy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahcaniaehcjkignnobkmdgacafghkplh\2.0.0.1_0\ CHR - Extension: YouTube = C:\Users\rosy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\ CHR - Extension: Ricerca Google = C:\Users\rosy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\ CHR - Extension: avast! WebRep = C:\Users\rosy\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\ CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\rosy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\ CHR - Extension: Gmail = C:\Users\rosy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ CHR - Extension: Fancy Gaming Simplifier = C:\Users\rosy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahcaniaehcjkignnobkmdgacafghkplh\2.0.0.1_0\ CHR - Extension: YouTube = C:\Users\rosy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\ CHR - Extension: Ricerca Google = C:\Users\rosy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\ CHR - Extension: avast! WebRep = C:\Users\rosy\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\ CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\rosy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\ CHR - Extension: Gmail = C:\Users\rosy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ O1 HOSTS File: ([2013/02/05 12:17:38 | 000,445,399 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 127.0.0.1 www.123fporn.info O1 - Hosts: 15295 more lines... O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programmi\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programmi\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programmi\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmi\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programmi\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmi\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (no name) - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - No CLSID value found. O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O9:64bit: - Extra Button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programmi\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programmi\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programmi\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programmi\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programmi\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programmi\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programmi\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.101.93.101 83.103.25.250 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{37CE42BE-D122-4A8E-9CCD-BAB2D224A855}: DhcpNameServer = 62.101.93.101 83.103.25.250 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programmi\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\SYSTEM32\Userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programmi\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013/02/07 19:09:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TimeLineRemove [2013/02/07 18:51:02 | 000,450,659 | ---- | C] (TimeLineRemove ) -- C:\Users\rosy\Desktop\TimeLineRemove.exe [2013/02/06 22:39:41 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Users\rosy\Desktop\aswMBR.exe [2013/02/06 22:35:48 | 000,000,000 | ---D | C] -- C:\Users\rosy\Desktop\Nuova cartella (3) [2013/02/05 12:39:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2013/02/05 12:38:24 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll [2013/02/05 12:38:23 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll [2013/02/05 12:37:33 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll [2013/02/05 12:37:29 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll [2013/02/05 12:37:13 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs [2013/02/05 12:37:12 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs [2013/02/05 12:37:12 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs [2013/02/05 12:37:12 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs [2013/02/05 12:37:12 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs [2013/02/05 12:37:12 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs [2013/02/05 12:37:11 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs [2013/02/05 12:37:11 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs [2013/02/05 12:37:11 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs [2013/02/05 12:37:11 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs [2013/02/05 12:37:11 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs [2013/02/05 12:37:10 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs [2013/02/05 12:37:10 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs [2013/02/05 12:37:10 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs [2013/02/05 12:37:10 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs [2013/02/05 12:37:10 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs [2013/02/05 12:37:10 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs [2013/02/05 12:37:09 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll [2013/02/05 12:37:09 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs [2013/02/05 12:37:09 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs [2013/02/05 12:37:09 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs [2013/02/05 12:37:08 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll [2013/02/05 12:37:08 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll [2013/02/05 12:37:07 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll [2013/02/05 12:37:00 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs [2013/02/05 12:36:59 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs [2013/02/05 12:36:59 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs [2013/02/05 12:36:59 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs [2013/02/05 12:36:59 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs [2013/02/05 12:36:58 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs [2013/02/05 12:36:58 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs [2013/02/05 12:36:58 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs [2013/02/05 12:32:48 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll [2013/02/05 12:32:42 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll [2013/02/05 12:32:37 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll [2013/02/05 12:32:37 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2013/02/05 12:32:36 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe [2013/02/05 12:32:36 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll [2013/02/05 12:32:36 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll [2013/02/05 12:32:35 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll [2013/02/05 12:32:35 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2013/02/05 12:32:35 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2013/02/05 12:32:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll [2013/02/05 12:32:27 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll [2013/02/05 12:32:27 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll [2013/02/05 12:32:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll [2013/02/05 12:32:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll [2013/02/05 12:32:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll [2013/02/05 12:32:22 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll [2013/02/05 12:32:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll [2013/02/05 12:32:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll [2013/02/05 12:32:20 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll [2013/02/05 12:32:19 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll [2013/02/05 12:32:19 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll [2013/02/05 12:32:19 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll [2013/02/05 12:32:19 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll [2013/02/05 12:32:19 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll [2013/02/05 12:32:18 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll [2013/02/05 12:32:18 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll [2013/02/05 12:32:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll [2013/02/05 12:32:18 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll [2013/02/05 12:32:17 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll [2013/02/05 12:32:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll [2013/02/05 12:32:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll [2013/02/05 12:32:17 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll [2013/02/05 12:32:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll [2013/02/05 12:32:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll [2013/02/05 12:32:16 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll [2013/02/05 12:32:15 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll [2013/02/05 12:32:15 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll [2013/02/05 12:32:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll [2013/02/05 12:32:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll [2013/02/05 12:32:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll [2013/02/05 12:32:14 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll [2013/02/05 12:32:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll [2013/02/05 12:32:14 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll [2013/02/05 12:32:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll [2013/02/05 12:32:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll [2013/02/05 12:32:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll [2013/02/05 12:32:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll [2013/02/05 12:32:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll [2013/02/05 12:32:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll [2013/02/05 12:32:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll [2013/02/05 12:32:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll [2013/02/05 12:32:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll [2013/02/05 12:32:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll [2013/02/05 12:32:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll [2013/02/05 12:32:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll [2013/02/05 12:32:10 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll [2013/02/05 12:32:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll [2013/02/05 12:32:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll [2013/02/05 12:32:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll [2013/02/05 12:32:08 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll [2013/02/05 12:32:08 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll [2013/02/05 12:32:07 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2013/02/05 12:32:05 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2013/02/05 12:32:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll [2013/02/05 12:32:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll [2013/02/05 12:32:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll [2013/02/05 12:32:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll [2013/02/05 12:32:02 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2013/02/05 12:26:20 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe [2013/02/05 12:26:00 | 000,000,000 | ---D | C] -- C:\Users\rosy\AppData\Local\Apps [2013/02/05 12:25:57 | 000,000,000 | ---D | C] -- C:\Users\rosy\AppData\Local\Deployment [2013/02/05 12:12:51 | 000,000,000 | ---D | C] -- C:\Users\rosy\Desktop\Nuova cartella (2) [2013/01/22 13:56:26 | 000,000,000 | ---D | C] -- C:\Users\rosy\Desktop\2013-01-22 [2013/01/18 22:49:00 | 000,000,000 | ---D | C] -- C:\Users\rosy\Desktop\2013-01-18 [2013/01/18 22:21:05 | 000,000,000 | ---D | C] -- C:\Users\rosy\Desktop\lepanto [2013/01/17 19:34:29 | 000,000,000 | ---D | C] -- C:\Users\rosy\Desktop\2013-01-17 [2013/01/15 10:34:40 | 000,000,000 | ---D | C] -- C:\Users\rosy\Desktop\2013-01-15 [2013/01/12 19:45:19 | 000,000,000 | ---D | C] -- C:\Users\rosy\Desktop\2013-01-12 [2013/01/10 19:37:06 | 000,000,000 | ---D | C] -- C:\Users\rosy\Desktop\2013-01-10 ========== Files - Modified Within 30 Days ========== [2013/02/07 19:22:42 | 002,195,061 | ---- | M] () -- C:\Users\rosy\Desktop\tdsskiller.zip [2013/02/07 19:22:01 | 000,000,978 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013/02/07 18:51:09 | 000,000,478 | ---- | M] () -- C:\Users\rosy\AppData\Roaming\mainhst.zgh [2013/02/07 18:43:14 | 000,014,832 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013/02/07 18:43:14 | 000,014,832 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013/02/07 18:35:47 | 000,001,142 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013/02/07 18:35:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013/02/07 18:35:29 | 3220,578,304 | -HS- | M] () -- C:\hiberfil.sys [2013/02/07 14:35:01 | 000,001,146 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013/02/07 14:01:16 | 000,490,512 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013/02/06 22:40:58 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Users\rosy\Desktop\aswMBR.exe [2013/02/06 22:27:26 | 000,881,914 | ---- | M] () -- C:\Users\rosy\Desktop\SecurityCheck.exe [2013/02/06 22:01:16 | 001,569,696 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013/02/06 22:01:16 | 000,701,188 | ---- | M] () -- C:\Windows\SysNative\perfh010.dat [2013/02/06 22:01:16 | 000,618,714 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013/02/06 22:01:16 | 000,128,534 | ---- | M] () -- C:\Windows\SysNative\perfc010.dat [2013/02/06 22:01:16 | 000,107,034 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013/02/06 20:54:24 | 000,450,659 | ---- | M] (TimeLineRemove ) -- C:\Users\rosy\Desktop\TimeLineRemove.exe [2013/02/05 14:06:08 | 000,205,892 | ---- | M] () -- C:\Users\rosy\Desktop\902086243.PDF [2013/02/05 12:39:21 | 000,002,262 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2013/02/05 12:17:38 | 000,445,399 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2013/02/05 12:09:29 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2013/01/08 22:23:38 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013/01/08 22:23:38 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl ========== Files Created - No Company Name ========== [2013/02/07 19:22:35 | 002,195,061 | ---- | C] () -- C:\Users\rosy\Desktop\tdsskiller.zip [2013/02/06 22:27:08 | 000,881,914 | ---- | C] () -- C:\Users\rosy\Desktop\SecurityCheck.exe [2013/02/05 14:05:37 | 000,205,892 | ---- | C] () -- C:\Users\rosy\Desktop\902086243.PDF [2013/02/05 12:39:21 | 000,002,262 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2013/01/06 19:37:50 | 000,000,522 | ---- | C] () -- C:\Windows\wininit.ini [2012/11/11 16:44:02 | 000,000,543 | ---- | C] () -- C:\Windows\EvvivaRG.ini [2012/11/11 16:43:56 | 000,000,598 | ---- | C] () -- C:\Windows\NEXTRG.INI [2012/11/11 16:42:39 | 000,000,302 | ---- | C] () -- C:\Windows\FinsonLiveUpdate.ini [2012/11/11 16:34:06 | 000,000,061 | ---- | C] () -- C:\Windows\FINSON.INI [2012/09/16 13:15:12 | 000,000,001 | ---- | C] () -- C:\Users\rosy\AppData\Local\llftool.4.25.agreement [2012/08/03 14:01:42 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini [2012/08/01 15:12:56 | 000,000,478 | ---- | C] () -- C:\Users\rosy\AppData\Roaming\mainhst.zgh [2012/06/11 13:45:21 | 001,568,222 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012/06/03 21:21:54 | 000,000,026 | ---- | C] () -- C:\Windows\Irremote.ini [2012/06/03 20:26:35 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2012/06/03 00:26:58 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin ========== ZeroAccess Check ========== [2012/06/27 11:13:48 | 000,000,000 | ---D | M] -- C:\Users\All Users\PhotoSi\MyComposer\{1EDC5705-2662-4044-AA11-B295EBF28ED6}\Data\Products\ShirtRFull\L [2012/06/27 11:13:48 | 000,000,000 | ---D | M] -- C:\Users\All Users\PhotoSi\MyComposer\{1EDC5705-2662-4044-AA11-B295EBF28ED6}\Data\Products\ShirtVFull\L [2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2012/07/10 13:59:09 | 000,000,000 | ---D | M] -- C:\Users\rosy\AppData\Roaming\Ashampoo [2013/01/06 19:18:56 | 000,000,000 | ---D | M] -- C:\Users\rosy\AppData\Roaming\Azureus [2012/08/31 14:03:44 | 000,000,000 | ---D | M] -- C:\Users\rosy\AppData\Roaming\Canon [2012/11/11 14:34:19 | 000,000,000 | ---D | M] -- C:\Users\rosy\AppData\Roaming\Convivea [2012/06/03 22:37:35 | 000,000,000 | ---D | M] -- C:\Users\rosy\AppData\Roaming\eMule AdunanzA [2012/06/03 20:50:28 | 000,000,000 | ---D | M] -- C:\Users\rosy\AppData\Roaming\OfferBox [2012/06/20 13:47:05 | 000,000,000 | ---D | M] -- C:\Users\rosy\AppData\Roaming\Opera [2013/01/06 19:18:56 | 000,000,000 | ---D | M] -- C:\Users\rosy\AppData\Roaming\uTorrent [2012/08/22 14:03:07 | 000,000,000 | ---D | M] -- C:\Users\rosy\AppData\Roaming\Windows Live Writer [2012/08/01 15:13:37 | 000,000,000 | ---D | M] -- C:\Users\rosy\AppData\Roaming\ZipGenius ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:373E1720 @Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:D1B5B4F1 < End of report >
-
l unica file è questo,anche l altro mi dice ha smesso di funzionare,ti allego questo,ciao e grazie di nuovo Results of screen317's Security Check version 0.99.57 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` avast! Antivirus Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` MVPS Hosts File Out of date HijackThis installed! Spybot - Search & Destroy Malwarebytes Anti-Malware versione 1.70.0.1100 HijackThis 2.0.2 JavaFX 2.1.1 Java 7 Update 7 Java version out of Date! Adobe Reader XI Google Chrome 24.0.1312.57 ````````Process Check: objlist.exe by Laurent```````` Spybot Teatimer.exe is disabled! AVAST Software Avast AvastSvc.exe AVAST Software Avast AvastUI.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 4% ````````````````````End of Log``````````````````````
-
ciao grazie,di avermi risposto,ho seguito con olt quello che mi hai detto,soltanto a fine scansione non mi apre nessun file e sotto viene scritto manual file scan,getting folder structure,ma dove lo trovo? ora provo con l altro
-
ciao,scusate,accendendo il pc mi apre il deskop e la rotellina continua a caricare ma nn mi apre nulla,poi si blocca e dopo tanto parte per un po per ribloccarsi ,ho un windows 7.vi allego il mio log file,avrò qualche virus grazie hijackthis.log
-
ciao,ora funziona grazie di tuttoooooooo
-
ok grazieeee ti farò sapere
-
ciao grazie di tutto, t invio il log a presto ComboFix 12-05-31.01 - Utente 31/05/2012 14:55:50.2.2 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.39.1040.18.4095.2717 [GMT 2:00] Eseguito da: c:\users\Utente\Desktop\ComboFix.exe AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6} SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((( Altre eliminazioni ))))))))))))))))))))))))))))))))))))))))))))))))))) . . ---- Esecuzione precedente ------- . c:\users\Utente\AppData\Roaming\ImgBurn.exe c:\users\Utente\AppData\Roaming\Microsoft\Windows\Recent\Alice Gate 2 plus Wi-Fi - Stato modem.url c:\users\Utente\AppData\Roaming\OfferBox\config.xml c:\windows\SysWow64\SvcWatch.exe . . ((((((((((((((((((((((((((((((((((((((( Driver/Servizi ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Service_SvcWatch . . ((((((((((((((((((((((((( Files Creati Da 2012-04-28 al 2012-05-31 ))))))))))))))))))))))))))))))))))) . . 2012-05-31 13:09 . 2012-05-31 13:09 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-05-29 13:29 . 2012-05-08 17:02 8955792 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B20587A4-0D80-4EFF-B416-C4A2BB5DB392}\mpengine.dll 2012-05-28 08:30 . 2012-05-08 17:02 8955792 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-05-11 13:45 . 2012-03-03 06:35 1544704 ----a-w- c:\windows\system32\DWrite.dll 2012-05-11 13:45 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll 2012-05-11 13:44 . 2012-03-31 06:05 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-05-11 13:44 . 2012-03-31 03:10 3146240 ----a-w- c:\windows\system32\win32k.sys 2012-05-11 13:44 . 2012-03-31 04:39 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2012-05-11 13:44 . 2012-03-31 04:39 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2012-05-11 13:44 . 2012-03-17 07:58 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys 2012-05-11 13:43 . 2012-03-30 11:35 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-05-11 13:43 . 2012-03-31 05:42 1732096 ----a-w- c:\program files\Windows Journal\NBDoc.DLL 2012-05-11 13:43 . 2012-03-31 05:40 1367552 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll 2012-05-11 13:43 . 2012-03-31 04:29 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll 2012-05-11 13:43 . 2012-03-31 05:40 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll 2012-05-11 13:43 . 2012-03-31 05:40 1393664 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-05-30 13:12 . 2012-01-30 15:39 142445 ----a-w- c:\users\Utente\AppData\Roaming\mdbu.bin 2012-04-04 15:52 . 2010-10-24 20:25 98688 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys 2012-04-04 15:52 . 2010-10-24 20:25 203888 ----a-w- c:\windows\system32\drivers\MpFilter.sys 2012-03-25 18:28 . 2012-04-29 17:24 17936 ----a-w- c:\windows\system32\nitrolocalui2.dll 2012-03-25 18:28 . 2012-04-29 17:24 29712 ----a-w- c:\windows\system32\nitrolocalmon2.dll 2012-03-22 19:12 . 2012-03-22 19:12 4435968 ----a-w- c:\windows\SysWow64\GPhotos.scr 2012-03-07 00:15 . 2012-03-03 21:22 41184 ----a-w- c:\windows\avastSS.scr 2012-03-07 00:15 . 2012-03-03 21:22 201352 ----a-w- c:\windows\SysWow64\aswBoot.exe 2012-03-07 00:15 . 2011-01-12 11:36 258520 ----a-w- c:\windows\system32\aswBoot.exe 2012-03-07 00:04 . 2012-03-03 21:23 819032 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2012-03-07 00:04 . 2012-03-03 21:23 337240 ----a-w- c:\windows\system32\drivers\aswSP.sys 2012-03-07 00:02 . 2012-03-03 21:23 53080 ----a-w- c:\windows\system32\drivers\aswRdr2.sys 2012-03-07 00:01 . 2012-03-03 21:23 59224 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2012-03-07 00:01 . 2012-03-03 21:23 69976 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2012-03-07 00:01 . 2012-03-03 21:23 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2012-03-04 21:07 . 2010-04-23 19:25 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll 2012-03-04 20:50 . 2012-03-04 20:50 3584 ----a-r- c:\users\Utente\AppData\Roaming\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe 2012-03-03 22:47 . 2011-09-22 11:59 525544 ----a-w- c:\windows\system32\deployJava1.dll 2012-03-03 14:47 . 2012-03-03 14:47 750488 ----a-w- c:\windows\system32\npdeployJava1.dll . . ((((((((((((((((((((((((((((( SnapShot@2012-05-31_12.48.39 ))))))))))))))))))))))))))))))))))))))))) . - 2009-07-14 04:54 . 2012-05-31 12:47 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-07-14 04:54 . 2012-05-31 13:10 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-07-14 04:54 . 2012-05-31 13:10 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54 . 2012-05-31 12:47 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54 . 2012-05-31 12:47 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:54 . 2012-05-31 13:10 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2010-03-10 22:00 . 2012-05-31 13:12 75056 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:10 . 2012-05-31 13:12 42352 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin + 2010-04-08 13:52 . 2012-05-31 13:12 19104 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-811566715-2642909316-2733475632-1000_UserData.bin - 2012-05-31 12:46 . 2012-05-31 12:46 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2012-05-31 13:10 . 2012-05-31 13:10 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2012-05-31 12:46 . 2012-05-31 12:46 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2012-05-31 13:10 . 2012-05-31 13:10 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2009-07-14 05:01 . 2012-05-31 12:46 685948 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2009-07-14 05:01 . 2012-05-31 13:09 685948 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat . ((((((((((((((((((((((((((((((((((((( Punti Reg Caricati )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* i valori vuoti & legittimi/default non sono visualizzati. REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Device Detection"="c:\program files (x86)\PhotoSi\MyComposer\dd.exe" [2011-04-21 289976] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-03-07 4241512] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696] "WinYou"="c:\program files (x86)\WinYou\WinYou.exe" [bU] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "HideSCAHealth"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux2"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Servizio di Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [x] R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [x] R3 A5AGU;D-Link Wireless LAN 802.11 USB device driver;c:\windows\system32\DRIVERS\AGUx64.sys [x] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880] R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys [x] R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys [x] R3 MotDev;Motorola Inc. USB Device;c:\windows\system32\DRIVERS\motodrv.sys [x] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x] R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-05-02 291696] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [x] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x] R3 WatAdminSvc;Servizio Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x] R3 WPRO_40_1340;WinPcap Packet Driver (WPRO_40_1340);c:\windows\system32\drivers\WPRO_40_1340.sys [x] R4 MotoConnect Service;MotoConnect Service;c:\program files (x86)\Motorola\MotoConnectService\MotoConnectService.exe [x] R4 WinServiceMY;WinServiceMY;c:\program files (x86)\WinServiceMY\WinServiceMY.exe [x] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x] S2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;c:\program files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe [2012-03-25 204304] S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] S3 PAC207;Trust 100K Series Webcam;c:\windows\system32\DRIVERS\PFC027.SYS [x] S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x] . . Contenuto della cartella 'Scheduled Tasks' . 2012-05-31 c:\windows\Tasks\GlaryInitialize.job - c:\program files (x86)\Glary Utilities\initialize.exe [2010-10-11 09:47] . 2012-05-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-811566715-2642909316-2733475632-1000Core.job - c:\users\Utente\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-19 14:11] . 2012-05-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-811566715-2642909316-2733475632-1000UA.job - c:\users\Utente\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-19 14:11] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2012-03-07 00:15 135408 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "PAC207_Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2007-12-10 323584] "GuaTast"="c:\program files (x86)\GuaTast\GuaTast.exe" [2012-02-14 354816] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-05-02 1271552] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 . HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp . ------- Scansione supplementare ------- . uStart Page = hxxp://www.google.com/webhp?hl=it uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SYSTEM32\blank.htm IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 TCP: DhcpNameServer = 62.101.93.101 83.103.25.250 FF - ProfilePath - c:\users\Utente\AppData\Roaming\Mozilla\Firefox\Profiles\96lwmg9a.default\ FF - prefs.js: browser.search.selectedEngine - Ask.com FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/webhp?hl=it FF - prefs.js: keyword.URL - hxxp://search.sweetim.com/search.asp?src=2&q= . - - - - CHIAVI ORFANE RIMOSSE - - - - . BHO-{703740c1-0f1a-4cec-a4df-d78db0158477} - (no file) WebBrowser-{BA14329E-9550-4989-B3F2-9732E92D17CC} - (no file) WebBrowser-{285EC6B8-2D76-4297-8E03-0993BBCDF405} - (no file) WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) HKLM-Run-WinYou - c:\program files (x86)\WinYou\WinYou.exe HKLM-Run-combofix - c:\combofix\CF14938.3XE AddRemove-AVS Screen Capture_is1 - c:\program files (x86)\AVS4YOU\AVSScreenCapture\unins000.exe AddRemove-AVS Update Manager_is1 - c:\program files (x86)\AVS4YOU\AVSUpdateManager\unins000.exe AddRemove-AVS Video Editor_is1 - c:\program files (x86)\AVS4YOU\AVSVideoEditor\unins000.exe AddRemove-AVS Video Recorder_is1 - c:\program files (x86)\AVS4YOU\AVSVideoRecorder\unins000.exe AddRemove-AVS4YOU Software Navigator_is1 - c:\program files (x86)\AVS4YOU\AVSSoftwareNavigator\unins000.exe . . . --------------------- CHIAVI DI REGISTRO BLOCCATE --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Altri processi in esecuzione ------------------------ . c:\program files\AVAST Software\Avast\AvastSvc.exe c:\program files (x86)\Canon\IJPLM\IJPLMSVC.EXE c:\program files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe . ************************************************************************** . Ora fine scansione: 2012-05-31 15:15:25 - Il pc è stato riavviato ComboFix-quarantined-files.txt 2012-05-31 13:15 . Pre-Run: 406.621.847.552 byte disponibili Post-Run: 406.180.847.616 byte disponibili . - - End Of File - - B95495E2006BB757082134F17873A432
-
ciao,rieccomi t invio il log di combifix, grazie
-
ciao,scusate ho pinnacle studio 15,vorrei fare un video per il diciottesimo di mio figlio,con effetti tipo gli intro,qualcuno sa dirmi come fare' o darmi qualche consiglio sul video grazie
-
ok grazieeeeeeeeee ciao
-
ciao,scusate,qualcuno per favore sa cosa posso fare......nn riesco a scancellare java tm 6 update 21,vado su pannello.programmi,disistalla e mi da errore... si è verificato un problema con questo pacchetto di windows installer. impossibile eseguire una dll necessaria a completare l installazione.contattare il personale di supporto o il fornitore del pacchetto. ho windows 7 64 bit cosa devo fare grazie
-
grazie lunaaaa, ha funzionato,vi ringrazio tutti siete grandi
-
vi ringrazio delle risposte,ccleaner fatto, ma niente,per scaricare video da yuotube,devo scaricare 1 di questi programmi,ma sono semplici da usare? grazie
-
ciao.ho scaricato javara,ma nn elimina la vecchia versione,mi ha fatto scaricare la nuova Java SE 6 Update 31 JRE.nn so se è giusta,ma siccome voglio scaricare un video da youtube con keepvideo mi continua a dire che devo installare il java,e quello che mi fa scaricare nn me lo fa installare,grazieee