Olimpo Informatico

[dragone1970]

Salve anche io sono stato beccato sul mio portatile ho windows 7 su un asus, AVG (aggiornato) non ha rilevato questo virus unico programma antivirus istallato.
leggendo quaalche topic ho scaricato il file frst64.exe messo su la chiavetta e riavviato pc con f8 seguento la procedura sino ad ottenere file frst.txt
leggevo che vi era altro file e link x il fix ma nn sò se va bene anche per il mio allego file frst.txt e resto in attesa di un vostro pronto intervento Grazie mille.

[bdoriano]

Ciao dragone1970,

manca il file frst.txt.

[dragone1970]

come postare file? allego qui quello che risulta scritto

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10-11-2012 02
Ran by SYSTEM at 11-11-2012 14:47:08
Running from F:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001

==================== Registry (Whitelisted) ===================

HKLM\...\Run: [VizorHtmlDialog.exe] "C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe" "DEF" "EULA" "C:\Program Files\Trend Micro\Titanium\UI\Installer.cmpt\resources\preinstall_01_welcome_trial.html" "DEF" "DEF" "DEF" [x]
HKLM\...\Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [192520 2010-10-12] (Trend Micro Inc.)
HKLM\...\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe -ReFlush "none" "none" [322384 2010-09-17] (Trend Micro Inc.)
HKLM\...\Run: [ETDCtrl] %ProgramFiles%\Elantech\ETDCtrl.exe [x]
HKLM\...\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [361984 2011-03-21] (Alcor Micro Corp.)
HKLM\...\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SF3 [2277480 2011-08-15] (Realtek Semiconductor)
HKLM-x32\...\Run: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini" [370 2012-11-11] ()
HKLM-x32\...\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE" [3331312 2011-10-18] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe /S [737104 2011-07-29] (ecareme)
HKLM-x32\...\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe [984400 2010-07-09] (Virage Logic Corporation / Sonic Focus)
HKLM-x32\...\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5716608 2011-07-21] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2317312 2011-09-13] (ASUS)
HKLM-x32\...\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe" [2596984 2012-07-30] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-08-27] (Apple Inc.)
HKLM-x32\...\Run: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [1836328 2007-09-19] (Nero AG)
HKLM-x32\...\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [309688 2012-09-28] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2012-04-18] (Apple Inc.)
HKLM-x32\...\Run: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe [802304 2012-09-24] (Yuna Software)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421776 2012-09-09] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [252848 2012-07-02] (Sun Microsystems, Inc.)
HKU\Dragone\...\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [842680 2012-09-28] (Samsung)
HKU\Dragone\...\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload [965560 2012-09-28] (Samsung)
HKU\Dragone\...\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [842680 2012-09-28] (Samsung)
Tcpip\..\Interfaces\{63717FF5-4551-42A1-99D8-DB93791DBA37}: [NameServer]192.168.1.1

==================== Services (Whitelisted) ===================

3 Adobe LM Service; "C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe" [68096 2012-05-15] ()
2 ASUS InstantOn; C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe [92800 2011-09-08] (ASUS)
2 ATKGFNEXSrv; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [96896 2009-12-15] (ASUS)
2 Autorun CDROM Monitor; C:\Windows\SysWow64\SupportAppXL\cdrom_mon.exe [81920 2008-01-14] ()
2 AVGIDSAgent; "C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe" [5167736 2012-08-12] (AVG Technologies CZ, s.r.o.)
2 avgwd; "C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe" [193288 2012-02-13] (AVG Technologies CZ, s.r.o.)
2 Freemake Improver; "C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe" [96768 2012-05-11] (Freemake)
2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [853288 2007-09-19] (Nero AG)
3 NMIndexingService; "C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe" [382248 2007-09-20] (Nero AG)
3 TiMiniService; C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [241488 2010-09-17] (Trend Micro Inc.)
3 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 [x]

==================== Drivers (Whitelisted) =====================

1 ATKWMIACPIIO; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [17536 2011-09-07] (ASUS)
3 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [124496 2011-12-23] (AVG Technologies CZ, s.r.o. )
3 AVGIDSFilter; C:\Windows\System32\DRIVERS\avgidsfiltera.sys [29776 2011-12-23] (AVG Technologies CZ, s.r.o. )
0 AVGIDSHA; C:\Windows\System32\Drivers\AVGIDSHA.sys [28480 2012-04-18] (AVG Technologies CZ, s.r.o. )
1 Avgldx64; C:\Windows\System32\Drivers\Avgldx64.sys [291680 2012-07-25] (AVG Technologies CZ, s.r.o.)
1 Avgmfx64; C:\Windows\System32\Drivers\Avgmfx64.sys [47696 2011-12-23] (AVG Technologies CZ, s.r.o.)
0 Avgrkx64; C:\Windows\System32\Drivers\Avgrkx64.sys [36944 2012-01-30] (AVG Technologies CZ, s.r.o.)
1 Avgtdia; C:\Windows\System32\Drivers\Avgtdia.sys [384352 2012-08-24] (AVG Technologies CZ, s.r.o.)
2 DgiVecp; C:\Windows\System32\Drivers\DgiVecp.sys [53816 2009-03-02] (Samsung Electronics Co., Ltd.)
2 DgiVecp; C:\Windows\SysWow64\Drivers\DgiVecp.sys [41984 2008-01-02] (Samsung Electronics Co., Ltd.)
3 kbfiltr; C:\Windows\System32\Drivers\kbfiltr.sys [15416 2009-07-20] ( )
3 ONDAusbmdm6k; C:\Windows\System32\Drivers\ONDAusbmdm6k.sys [150656 2008-04-03] (ONDA Incorporated)
3 ONDAusbmdm6k; C:\Windows\SysWow64\Drivers\ONDAusbmdm6k.sys [150656 2008-04-03] (ONDA Incorporated)
3 ONDAusbnet; C:\Windows\System32\Drivers\ONDAusbnet.sys [167424 2008-04-03] (ONDA Corporation)
3 ONDAusbnet; C:\Windows\SysWow64\Drivers\ONDAusbnet.sys [167424 2008-04-03] (ONDA Corporation)
3 ONDAusbnmea; C:\Windows\System32\Drivers\ONDAusbnmea.sys [150656 2008-04-03] (ONDA Incorporated)
3 ONDAusbnmea; C:\Windows\SysWow64\Drivers\ONDAusbnmea.sys [150656 2008-04-03] (ONDA Incorporated)
3 ONDAusbser6k; C:\Windows\System32\Drivers\ONDAusbser6k.sys [150656 2008-04-03] (ONDA Incorporated)
3 ONDAusbser6k; C:\Windows\SysWow64\Drivers\ONDAusbser6k.sys [150656 2008-04-03] (ONDA Incorporated)
3 Pcouffin64; C:\Windows\System32\Drivers\pcouffin64a.sys [82048 2012-09-18] (VSO Software)
2 tmactmon; C:\Windows\System32\Drivers\tmactmon.sys [90704 2010-09-17] (Trend Micro Inc.)
2 tmcomm; C:\Windows\System32\Drivers\tmcomm.sys [144464 2010-09-17] (Trend Micro Inc.)
2 tmevtmgr; C:\Windows\System32\Drivers\tmevtmgr.sys [67664 2010-09-17] (Trend Micro Inc.)
1 tmtdi; C:\Windows\System32\Drivers\tmtdi.sys [105552 2010-09-17] (Trend Micro Inc.)
4 Pcithaucterl; [x]

==================== NetSvcs (Whitelisted) ====================


==================== One Month Created Files and Folders ========

2012-11-11 14:46 - 2012-11-11 14:46 - 00000000 ____D C:\FRST
2012-11-10 17:27 - 2012-11-11 05:37 - 00014586 ____A C:\Windows\WindowsUpdate.log
2012-11-10 17:25 - 2012-11-11 05:28 - 00000168 ____A C:\Windows\setupact.log
2012-11-10 17:25 - 2012-11-10 17:25 - 00000000 ____A C:\Windows\setuperr.log
2012-11-10 15:37 - 2012-11-10 15:38 - 00000000 ____D C:\Windows\pss
2012-11-10 07:12 - 2012-11-10 07:13 - 83023306 ___AT C:\Users\All Users\dsgsdgdsgdsgw.pad
2012-11-10 07:12 - 2012-11-10 07:12 - 00044544 ____A (Microsoft Corporation) C:\Users\All Users\lsass.exe
2012-11-10 07:12 - 2012-11-10 07:12 - 00000000 ____D C:\Users\Dragone\AppData\Local\Sun
2012-11-10 06:28 - 2012-11-10 10:50 - 00000000 ____D C:\Users\Dragone\Desktop\Doc
2012-11-10 05:54 - 2012-11-10 05:54 - 00000000 ____D C:\Users\Dragone\AppData\Local\{9AC0DC01-4A9D-49F8-9605-715087159046}
2012-11-09 05:53 - 2012-11-09 17:54 - 00000000 ____D C:\Users\Dragone\AppData\Local\{8A2AE96C-08F0-4A32-BD61-4CE004BB65C5}
2012-11-08 13:35 - 2012-11-08 10:50 - 814845952 ____A C:\Users\Dragone\Downloads\2012 Hotel Transilvania.avi
2012-11-08 08:20 - 2012-11-08 15:38 - 1468000260 ____A C:\Users\Dragone\Downloads\2012 Quell'idiota di Nostro Fratello.avi
2012-11-08 05:39 - 2012-11-08 14:26 - 1465620480 ____A C:\Users\Dragone\Downloads\2012 The Thompsons.avi
2012-11-07 23:41 - 2012-11-08 11:41 - 00000000 ____D C:\Users\Dragone\AppData\Local\{D5FA2CA6-30B0-47CF-B0FA-77CC1EF6C1E5}
2012-11-07 04:26 - 2012-11-07 04:26 - 00000000 ____D C:\Users\Dragone\AppData\Local\{8124DF41-D169-41CB-AB6E-13E47A5B0800}
2012-11-07 02:44 - 2012-11-07 02:44 - 00000000 ____D C:\Users\All Users\McAfee
2012-11-06 02:39 - 2012-11-06 02:40 - 00000000 ____D C:\Users\Dragone\AppData\Local\{B824DDD6-9835-479C-8854-7A1F86BCBAA2}
2012-11-05 14:39 - 2012-11-05 14:39 - 00000000 ____D C:\Users\Dragone\AppData\Local\{1BBA0711-1D34-4401-8828-92B5B21DED4B}
2012-11-05 02:32 - 2012-11-05 02:32 - 00000000 ____D C:\Users\Dragone\AppData\Local\{C5072EE0-BC86-4626-93BC-3FDCEA6DC40B}
2012-11-04 00:49 - 2012-11-04 00:49 - 00000000 ____D C:\Users\Dragone\AppData\Local\{BA35C877-FFDD-4BE1-BDE9-9DDFA0960551}
2012-11-02 07:43 - 2012-11-02 07:43 - 00000000 ____D C:\Users\Dragone\AppData\Local\{0A6BC5C6-5464-48DD-95E4-E710F2FA461A}
2012-11-01 12:38 - 2012-11-01 12:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2012-10-31 01:43 - 2012-10-31 01:43 - 00000000 ____D C:\Users\Dragone\AppData\Local\{50BC3D11-0A10-4CA5-92EF-853E81F0F8F3}
2012-10-30 14:28 - 2012-10-30 14:28 - 00000000 ____D C:\Users\Dragone\AppData\Local\{BF0AD59C-3DA7-4B67-A389-F70077831EB2}
2012-10-30 02:28 - 2012-10-30 02:28 - 00000000 ____D C:\Users\Dragone\AppData\Local\{E12E6512-10BC-4383-AC77-68296D93B612}
2012-10-30 02:09 - 2012-10-30 02:06 - 00000052 ____A C:\Users\Dragone\Desktop\alice.txt
2012-10-29 05:53 - 2012-10-29 05:53 - 00000000 ____D C:\Users\Public\Documents\CrashDump
2012-10-29 00:59 - 2012-10-29 00:59 - 00000000 ____D C:\Users\Dragone\AppData\Local\{1674602D-95A3-458C-8C96-C3B956CD17E8}
2012-10-28 02:32 - 2012-10-28 02:32 - 00000000 ____D C:\Users\Dragone\AppData\Local\{B08CA9E6-6BE7-45A4-B1D9-82F6C151EB67}
2012-10-27 05:20 - 2012-10-27 05:20 - 00000000 ____D C:\Users\Dragone\AppData\Local\{55A2DE23-397F-4DA5-BE3F-816E57ABD77C}
2012-10-25 00:26 - 2012-10-25 00:26 - 00000000 ____D C:\Users\Dragone\AppData\Local\{29AAB1AA-9620-4BD0-AD9B-84A5CF02816C}
2012-10-24 03:38 - 2012-10-24 03:39 - 00000000 ____D C:\Users\Dragone\AppData\Local\{404977C5-66D0-4FAD-A0C0-CE3A5D0C0CC4}
2012-10-23 06:42 - 2012-11-04 09:35 - 00000000 ____D C:\Users\Dragone\Desktop\hh
2012-10-23 02:26 - 2012-11-04 00:18 - 00000000 ____D C:\Users\Dragone\Desktop\Version
2012-10-23 00:33 - 2012-10-23 00:33 - 00000000 ____D C:\Users\Dragone\Documents\File ricevuti
2012-10-23 00:25 - 2012-10-23 00:25 - 00000000 ____D C:\Users\Dragone\AppData\Local\{B1EFD770-384E-49A0-A267-BF0725B06EDA}
2012-10-22 03:55 - 2012-10-22 03:55 - 00000000 ____D C:\Users\Dragone\AppData\Local\{DE22F761-5689-49D9-B683-EA5AADC1292B}
2012-10-20 09:40 - 2012-10-20 11:22 - 122659245 ____A C:\Users\Dragone\Downloads\spiderman.1.2002.italian.ac3.brrip.avi.part
2012-10-20 09:37 - 2012-10-20 11:22 - 315357676 ____A C:\Users\Dragone\Downloads\spiderman.3.2007.italian.ac3.brrip.avi.part1.rar.part
2012-10-20 09:37 - 2012-10-20 11:22 - 252351037 ____A C:\Users\Dragone\Downloads\spiderman.2.2004.italian.brrip.avi.part
2012-10-20 09:37 - 2012-10-20 11:22 - 180768458 ____A C:\Users\Dragone\Downloads\the.amazing.spider.man.2012.italian.md.r5.avi.part
2012-10-19 10:17 - 2012-10-19 10:17 - 00000000 ____D C:\Users\Dragone\AppData\Local\{4A5ED1BA-7EE7-496F-9331-4E887300F7B9}
2012-10-18 00:13 - 2012-10-18 00:13 - 00000000 ____D C:\Users\Dragone\AppData\Local\{1F7A60EA-5FA3-4606-BEFC-154198B10B43}
2012-10-15 23:49 - 2012-10-15 23:49 - 00000000 ____D C:\Users\Dragone\AppData\Local\{61C38BE7-B4F9-44DF-8592-748D6D33D8A5}
2012-10-14 12:58 - 2012-10-14 12:58 - 00821736 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2012-10-14 12:58 - 2012-10-14 12:58 - 00246760 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2012-10-14 12:58 - 2012-10-14 12:58 - 00095208 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2012-10-14 01:46 - 2012-10-14 01:47 - 14967530 ____A C:\Users\Dragone\Downloads\Beat Goes On (Original Alternate Version - Extended).m4a
2012-10-14 01:36 - 2012-10-14 01:37 - 06222953 ____A C:\Users\Dragone\Downloads\Revolver (No Lil' Wayne Edit).m4a
2012-10-14 00:56 - 2012-10-14 00:56 - 00000000 ____D C:\Users\Dragone\AppData\Local\{D1E432D0-305F-4AFF-9073-A51E04BC7F0F}
2012-10-13 00:05 - 2012-10-13 00:05 - 00000000 ____D C:\Users\Dragone\AppData\Local\{518E45F3-5FBD-47D6-AE50-D2291B3E874E}
2012-10-12 23:50 - 2012-10-22 23:14 - 00000000 ____D C:\Users\Dragone\Documents\Download
2012-10-12 10:49 - 2012-10-12 10:49 - 00000000 ____D C:\Users\Dragone\AppData\Local\{4C3AE0ED-D91F-4E07-AB25-83C9D53F83CF}

==================== One Month Modified Files and Folders =======

2012-11-11 14:46 - 2012-11-11 14:46 - 00000000 ____D C:\FRST
2012-11-11 05:37 - 2012-11-10 17:27 - 00014586 ____A C:\Windows\WindowsUpdate.log
2012-11-11 05:35 - 2011-02-18 20:35 - 00750666 ____A C:\Windows\System32\perfh010.dat
2012-11-11 05:35 - 2011-02-18 20:35 - 00150046 ____A C:\Windows\System32\perfc010.dat
2012-11-11 05:35 - 2009-07-13 21:13 - 01684706 ____A C:\Windows\System32\PerfStringBackup.INI
2012-11-11 05:35 - 2009-07-13 20:45 - 00009920 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-11-11 05:35 - 2009-07-13 20:45 - 00009920 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-11-11 05:28 - 2012-11-10 17:25 - 00000168 ____A C:\Windows\setupact.log
2012-11-11 05:28 - 2012-04-07 10:01 - 00045056 ____A C:\Windows\SysWOW64\acovcnt.exe
2012-11-11 05:28 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-11-11 04:50 - 2012-05-23 14:32 - 00000978 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2012-11-11 03:31 - 2012-05-15 23:47 - 00000000 ____D C:\Users\All Users\Adobe
2012-11-11 03:31 - 2012-04-07 11:32 - 00000000 ____D C:\Users\Dragone\AppData\Roaming\Adobe
2012-11-11 02:07 - 2012-09-18 11:14 - 00000000 ____D C:\Users\Dragone\AppData\Roaming\Vso
2012-11-11 01:40 - 2012-04-07 21:56 - 00000130 ____A C:\Users\Dragone\AppData\default.pls
2012-11-10 18:32 - 2012-07-28 11:35 - 00000000 ____D C:\Users\Dragone\Downloads\Nuova cartella
2012-11-10 17:25 - 2012-11-10 17:25 - 00000000 ____A C:\Windows\setuperr.log
2012-11-10 15:38 - 2012-11-10 15:37 - 00000000 ____D C:\Windows\pss
2012-11-10 15:30 - 2012-04-07 10:01 - 00000000 ___HD C:\ASUS.DAT
2012-11-10 15:29 - 2012-07-31 06:19 - 00000000 ____D C:\Users\Dragone\AppData\Roaming\BrowserCompanion
2012-11-10 15:24 - 2012-04-07 10:01 - 00000000 ____D C:\Users\Dragone\AppData\Local\VirtualStore
2012-11-10 10:54 - 2012-04-07 10:09 - 00000000 ____D C:\Program Files (x86)\Alice MOBILE
2012-11-10 10:50 - 2012-11-10 06:28 - 00000000 ____D C:\Users\Dragone\Desktop\Doc
2012-11-10 10:49 - 2012-08-30 10:14 - 00000000 ____D C:\Users\Dragone\AppData\Roaming\Skype
2012-11-10 08:29 - 2012-04-07 12:22 - 00000000 ____D C:\Users\All Users\MFAData
2012-11-10 07:13 - 2012-11-10 07:12 - 83023306 ___AT C:\Users\All Users\dsgsdgdsgdsgw.pad
2012-11-10 07:12 - 2012-11-10 07:12 - 00044544 ____A (Microsoft Corporation) C:\Users\All Users\lsass.exe
2012-11-10 07:12 - 2012-11-10 07:12 - 00000000 ____D C:\Users\Dragone\AppData\Local\Sun
2012-11-10 05:54 - 2012-11-10 05:54 - 00000000 ____D C:\Users\Dragone\AppData\Local\{9AC0DC01-4A9D-49F8-9605-715087159046}
2012-11-10 04:39 - 2012-04-07 12:30 - 00000000 ____D C:\Windows\System32\Drivers\AVG
2012-11-10 00:33 - 2012-01-23 13:01 - 00002408 ____A C:\Windows\System32\AutoRunFilter.ini
2012-11-10 00:33 - 2012-01-23 13:01 - 00001360 ____A C:\Windows\System32\ServiceFilter.ini
2012-11-09 17:54 - 2012-11-09 05:53 - 00000000 ____D C:\Users\Dragone\AppData\Local\{8A2AE96C-08F0-4A32-BD61-4CE004BB65C5}
2012-11-08 15:39 - 2012-04-08 15:02 - 00000000 ____D C:\Program Files (x86)\JDownloader
2012-11-08 15:38 - 2012-11-08 08:20 - 1468000260 ____A C:\Users\Dragone\Downloads\2012 Quell'idiota di Nostro Fratello.avi
2012-11-08 14:26 - 2012-11-08 05:39 - 1465620480 ____A C:\Users\Dragone\Downloads\2012 The Thompsons.avi
2012-11-08 11:41 - 2012-11-07 23:41 - 00000000 ____D C:\Users\Dragone\AppData\Local\{D5FA2CA6-30B0-47CF-B0FA-77CC1EF6C1E5}
2012-11-08 10:50 - 2012-11-08 13:35 - 814845952 ____A C:\Users\Dragone\Downloads\2012 Hotel Transilvania.avi
2012-11-07 04:26 - 2012-11-07 04:26 - 00000000 ____D C:\Users\Dragone\AppData\Local\{8124DF41-D169-41CB-AB6E-13E47A5B0800}
2012-11-07 02:44 - 2012-11-07 02:44 - 00000000 ____D C:\Users\All Users\McAfee
2012-11-07 02:44 - 2012-05-23 14:32 - 00697272 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-11-07 02:44 - 2012-05-23 14:32 - 00073656 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-11-06 02:40 - 2012-11-06 02:39 - 00000000 ____D C:\Users\Dragone\AppData\Local\{B824DDD6-9835-479C-8854-7A1F86BCBAA2}
2012-11-05 14:39 - 2012-11-05 14:39 - 00000000 ____D C:\Users\Dragone\AppData\Local\{1BBA0711-1D34-4401-8828-92B5B21DED4B}
2012-11-05 11:29 - 2010-09-30 04:00 - 00000000 ____D C:\Users\Dragone\Desktop\118
2012-11-05 02:32 - 2012-11-05 02:32 - 00000000 ____D C:\Users\Dragone\AppData\Local\{C5072EE0-BC86-4626-93BC-3FDCEA6DC40B}
2012-11-04 13:05 - 2012-08-30 10:14 - 00000000 ____D C:\Users\All Users\Skype
2012-11-04 09:35 - 2012-10-23 06:42 - 00000000 ____D C:\Users\Dragone\Desktop\hh
2012-11-04 00:49 - 2012-11-04 00:49 - 00000000 ____D C:\Users\Dragone\AppData\Local\{BA35C877-FFDD-4BE1-BDE9-9DDFA0960551}
2012-11-04 00:18 - 2012-10-23 02:26 - 00000000 ____D C:\Users\Dragone\Desktop\Version
2012-11-04 00:11 - 2012-04-25 13:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2012-11-02 07:43 - 2012-11-02 07:43 - 00000000 ____D C:\Users\Dragone\AppData\Local\{0A6BC5C6-5464-48DD-95E4-E710F2FA461A}
2012-11-01 12:38 - 2012-11-01 12:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2012-10-31 01:43 - 2012-10-31 01:43 - 00000000 ____D C:\Users\Dragone\AppData\Local\{50BC3D11-0A10-4CA5-92EF-853E81F0F8F3}
2012-10-30 14:28 - 2012-10-30 14:28 - 00000000 ____D C:\Users\Dragone\AppData\Local\{BF0AD59C-3DA7-4B67-A389-F70077831EB2}
2012-10-30 02:28 - 2012-10-30 02:28 - 00000000 ____D C:\Users\Dragone\AppData\Local\{E12E6512-10BC-4383-AC77-68296D93B612}
2012-10-30 02:06 - 2012-10-30 02:09 - 00000052 ____A C:\Users\Dragone\Desktop\alice.txt
2012-10-29 06:00 - 2012-05-08 12:41 - 00000000 ____D C:\Users\Dragone\Documents\SelfMV
2012-10-29 05:53 - 2012-10-29 05:53 - 00000000 ____D C:\Users\Public\Documents\CrashDump
2012-10-29 00:59 - 2012-10-29 00:59 - 00000000 ____D C:\Users\Dragone\AppData\Local\{1674602D-95A3-458C-8C96-C3B956CD17E8}
2012-10-28 03:03 - 2012-06-02 04:21 - 00000000 ____D C:\OutputFolder
2012-10-28 02:32 - 2012-10-28 02:32 - 00000000 ____D C:\Users\Dragone\AppData\Local\{B08CA9E6-6BE7-45A4-B1D9-82F6C151EB67}
2012-10-27 05:20 - 2012-10-27 05:20 - 00000000 ____D C:\Users\Dragone\AppData\Local\{55A2DE23-397F-4DA5-BE3F-816E57ABD77C}
2012-10-25 00:26 - 2012-10-25 00:26 - 00000000 ____D C:\Users\Dragone\AppData\Local\{29AAB1AA-9620-4BD0-AD9B-84A5CF02816C}
2012-10-24 03:39 - 2012-10-24 03:38 - 00000000 ____D C:\Users\Dragone\AppData\Local\{404977C5-66D0-4FAD-A0C0-CE3A5D0C0CC4}
2012-10-23 00:33 - 2012-10-23 00:33 - 00000000 ____D C:\Users\Dragone\Documents\File ricevuti
2012-10-23 00:25 - 2012-10-23 00:25 - 00000000 ____D C:\Users\Dragone\AppData\Local\{B1EFD770-384E-49A0-A267-BF0725B06EDA}
2012-10-22 23:14 - 2012-10-12 23:50 - 00000000 ____D C:\Users\Dragone\Documents\Download
2012-10-22 03:55 - 2012-10-22 03:55 - 00000000 ____D C:\Users\Dragone\AppData\Local\{DE22F761-5689-49D9-B683-EA5AADC1292B}
2012-10-20 11:22 - 2012-10-20 09:40 - 122659245 ____A C:\Users\Dragone\Downloads\spiderman.1.2002.italian.ac3.brrip.avi.part
2012-10-20 11:22 - 2012-10-20 09:37 - 315357676 ____A C:\Users\Dragone\Downloads\spiderman.3.2007.italian.ac3.brrip.avi.part1.rar.part
2012-10-20 11:22 - 2012-10-20 09:37 - 252351037 ____A C:\Users\Dragone\Downloads\spiderman.2.2004.italian.brrip.avi.part
2012-10-20 11:22 - 2012-10-20 09:37 - 180768458 ____A C:\Users\Dragone\Downloads\the.amazing.spider.man.2012.italian.md.r5.avi.part
2012-10-19 10:17 - 2012-10-19 10:17 - 00000000 ____D C:\Users\Dragone\AppData\Local\{4A5ED1BA-7EE7-496F-9331-4E887300F7B9}
2012-10-18 00:13 - 2012-10-18 00:13 - 00000000 ____D C:\Users\Dragone\AppData\Local\{1F7A60EA-5FA3-4606-BEFC-154198B10B43}
2012-10-17 23:20 - 2012-09-24 12:35 - 00000000 ____D C:\Users\Dragone\Downloads\Catenanuova
2012-10-15 23:49 - 2012-10-15 23:49 - 00000000 ____D C:\Users\Dragone\AppData\Local\{61C38BE7-B4F9-44DF-8592-748D6D33D8A5}
2012-10-14 12:58 - 2012-10-14 12:58 - 00821736 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2012-10-14 12:58 - 2012-10-14 12:58 - 00246760 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2012-10-14 12:58 - 2012-10-14 12:58 - 00095208 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2012-10-14 12:58 - 2012-04-13 09:41 - 00746984 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2012-10-14 12:58 - 2012-04-13 09:41 - 00174056 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2012-10-14 12:58 - 2012-04-13 09:41 - 00174056 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2012-10-14 12:58 - 2012-04-13 09:40 - 00000000 ____D C:\Program Files (x86)\Java
2012-10-14 01:47 - 2012-10-14 01:46 - 14967530 ____A C:\Users\Dragone\Downloads\Beat Goes On (Original Alternate Version - Extended).m4a
2012-10-14 01:37 - 2012-10-14 01:36 - 06222953 ____A C:\Users\Dragone\Downloads\Revolver (No Lil' Wayne Edit).m4a
2012-10-14 01:09 - 2012-06-28 23:36 - 00000000 ____D C:\Users\Dragone\Downloads\orologio
2012-10-14 00:56 - 2012-10-14 00:56 - 00000000 ____D C:\Users\Dragone\AppData\Local\{D1E432D0-305F-4AFF-9073-A51E04BC7F0F}
2012-10-13 19:15 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2012-10-13 04:45 - 2012-04-08 15:01 - 00000000 ____D C:\Users\Dragone\AppData\Roaming\uTorrent
2012-10-13 00:05 - 2012-10-13 00:05 - 00000000 ____D C:\Users\Dragone\AppData\Local\{518E45F3-5FBD-47D6-AE50-D2291B3E874E}
2012-10-12 10:49 - 2012-10-12 10:49 - 00000000 ____D C:\Users\Dragone\AppData\Local\{4C3AE0ED-D91F-4E07-AB25-83C9D53F83CF}
2012-10-12 04:10 - 2012-04-07 12:56 - 00000000 ____D C:\Users\All Users\Microsoft Help


ZeroAccess:
C:\Windows\Installer\{3c42eb88-3e76-c42f-e757-e3ec8d556822}
C:\Windows\Installer\{3c42eb88-3e76-c42f-e757-e3ec8d556822}\@
C:\Windows\Installer\{3c42eb88-3e76-c42f-e757-e3ec8d556822}\L
C:\Windows\Installer\{3c42eb88-3e76-c42f-e757-e3ec8d556822}\n
C:\Windows\Installer\{3c42eb88-3e76-c42f-e757-e3ec8d556822}\U

ZeroAccess:
C:\Users\Dragone\AppData\Local\{3c42eb88-3e76-c42f-e757-e3ec8d556822}
C:\Users\Dragone\AppData\Local\{3c42eb88-3e76-c42f-e757-e3ec8d556822}\@
C:\Users\Dragone\AppData\Local\{3c42eb88-3e76-c42f-e757-e3ec8d556822}\L
C:\Users\Dragone\AppData\Local\{3c42eb88-3e76-c42f-e757-e3ec8d556822}\U
C:\Users\Dragone\AppData\Local\{3c42eb88-3e76-c42f-e757-e3ec8d556822}\L\00000004.@
C:\Users\Dragone\AppData\Local\{3c42eb88-3e76-c42f-e757-e3ec8d556822}\U\00000004.@
C:\Users\Dragone\AppData\Local\{3c42eb88-3e76-c42f-e757-e3ec8d556822}\U\00000008.@
C:\Users\Dragone\AppData\Local\{3c42eb88-3e76-c42f-e757-e3ec8d556822}\U\000000cb.@
C:\Users\Dragone\AppData\Local\{3c42eb88-3e76-c42f-e757-e3ec8d556822}\U\80000000.@
C:\Users\Dragone\AppData\Local\{3c42eb88-3e76-c42f-e757-e3ec8d556822}\U\80000032.@
C:\Users\Dragone\AppData\Local\{3c42eb88-3e76-c42f-e757-e3ec8d556822}\U\80000064.@

==================== Known DLLs (Whitelisted) =================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================


==================== Memory info ===========================

Percentage of memory in use: 14%
Total physical RAM: 4072.13 MB
Available physical RAM: 3475.48 MB
Total Pagefile: 4070.27 MB
Available Pagefile: 3470.89 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

==================== Partitions =============================

1 Drive c: (OS) (Fixed) (Total:279.45 GB) (Free:16.11 GB) NTFS ==>[System with boot components (obtained from reading drive)]
2 Drive d: (DATA) (Fixed) (Total:394.18 GB) (Free:24.58 GB) NTFS
4 Drive f: (DRAGONE) (Removable) (Total:3.73 GB) (Free:3.72 GB) FAT32
5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 698 GB 0 B
Disk 1 Online 3824 MB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 25 GB 1024 KB
Partition 2 Primary 279 GB 25 GB
Partition 3 Primary 394 GB 304 GB

==================================================================================

Disk: 0
Partition 1
Type : 1C
Hidden: Yes
Active: No

There is no volume associated with this partition.

=========================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 C OS NTFS Partition 279 GB Healthy

=========================================================

Disk: 0
Partition 3
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 D DATA NTFS Partition 394 GB Healthy

=========================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 3820 MB 4032 KB

==================================================================================

Disk: 1
Partition 1
Type : 0B
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 F DRAGONE FAT32 Removable 3820 MB Healthy

=========================================================

Last Boot: 2012-11-04 18:25

==================== End Of Log =============================

[dragone1970]

[bdoriano]

Carica i logs uno dei servizi di hosting indicati in questa discussione.

Comunque, da quel che hai postato, il problema principale è rappresentato da un rootkit (TLD4).

• Scarica TDSSKiller.zip e salvalo sul desktop
  
• Apri il file appena scaricato ed estrai il file TDSSKiller.exe
  
• Avvia TDSSKiller.exe
  
• Clicca Change parameters
  
• metti il segno di spunta a Loaded modules
  Compare una nuova finestra:
  

  Citazione:

  Reboot is required Extended monitoring driver is required for this option. Press "Reboot now" to install driver and reboot, or "Cancel" to continue.

  
  
• Clicca Reboot now e attendi il riavvio del pc
  
• Compare nuovamente la finestra di TDSSKiller
  
• Clicca Change parameters
  
• metti il segno di spunta a Verify file digital signatures
  
• metti il segno di spunta a Detect TDLFS file system
  
• Clicca Start scan e attendi pazientemente la fine dei lavori
  
• Se viene rilevata qualche infezione, TDSSKiller ti proporrà direttamente le operazioni da svolgere. In questo caso, clicca Continue
  
• Al termine del lavoro di scansione ed ventuale rimozione, clicca Close
  
• Il log viene creato nella cartella principale del disco C:
  Es.: C:\TDSSKiller.2.8.10_11.11.2012_23.05.43_log.txt
  
• Posta il log creato, secondo le solite modalità

[dragone1970]

18:38:05.0943 3816 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
18:38:05.0974 3816 ============================================================
18:38:05.0974 3816 Current date / time: 2012/11/11 18:38:05.0974
18:38:05.0974 3816 SystemInfo:
18:38:05.0974 3816
18:38:05.0974 3816 OS Version: 6.1.7601 ServicePack: 1.0
18:38:05.0974 3816 Product type: Workstation
18:38:05.0974 3816 ComputerName: DRAGONE-PC
18:38:05.0974 3816 UserName: Dragone
18:38:05.0974 3816 Windows directory: C:\Windows
18:38:05.0974 3816 System windows directory: C:\Windows
18:38:05.0974 3816 Running under WOW64
18:38:05.0974 3816 Processor architecture: Intel x64
18:38:05.0974 3816 Number of processors: 2
18:38:05.0974 3816 Page size: 0x1000
18:38:05.0974 3816 Boot type: Normal boot
18:38:05.0974 3816 ============================================================
18:38:06.0380 3816 BG loaded
18:38:07.0879 3816 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:38:07.0879 3816 Drive \Device\Harddisk1\DR1 - Size: 0xEF000000 (3.73 Gb), SectorSize: 0x200, Cylinders: 0x1E7, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:38:07.0879 3816 ============================================================
18:38:07.0879 3816 \Device\Harddisk0\DR0:
18:38:07.0894 3816 MBR partitions:
18:38:07.0894 3816 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3200800, BlocksNum 0x22EE8800
18:38:07.0894 3816 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x260E9000, BlocksNum 0x3145C800
18:38:07.0894 3816 \Device\Harddisk1\DR1:
18:38:07.0894 3816 MBR partitions:
18:38:07.0894 3816 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x1F80, BlocksNum 0x776080
18:38:07.0894 3816 ============================================================
18:38:07.0957 3816 C: <-> \Device\Harddisk0\DR0\Partition1
18:38:08.0237 3816 D: <-> \Device\Harddisk0\DR0\Partition2
18:38:08.0237 3816 ============================================================
18:38:08.0237 3816 Initialize success
18:38:08.0237 3816 ============================================================
18:39:10.0413 1872 ============================================================
18:39:10.0413 1872 Scan started
18:39:10.0413 1872 Mode: Manual; SigCheck; TDLFS;
18:39:10.0413 1872 ============================================================
18:39:11.0848 1872 ================ Scan system memory ========================
18:39:11.0848 1872 System memory - ok
18:39:11.0848 1872 ================ Scan services =============================
18:39:12.0051 1872 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:39:12.0191 1872 1394ohci - ok
18:39:12.0238 1872 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:39:12.0269 1872 ACPI - ok
18:39:12.0285 1872 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:39:12.0378 1872 AcpiPmi - ok
18:39:12.0456 1872 [ 5DDC0A8D2CD60BDA593DDAF45821CE08 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
18:39:12.0472 1872 Adobe LM Service ( UnsignedFile.Multi.Generic ) - warning
18:39:12.0472 1872 Adobe LM Service - detected UnsignedFile.Multi.Generic (1)
18:39:12.0612 1872 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:39:12.0643 1872 AdobeFlashPlayerUpdateSvc - ok
18:39:12.0706 1872 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
18:39:12.0753 1872 adp94xx - ok
18:39:12.0799 1872 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
18:39:12.0846 1872 adpahci - ok
18:39:12.0862 1872 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
18:39:12.0877 1872 adpu320 - ok
18:39:12.0909 1872 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:39:13.0111 1872 AeLookupSvc - ok
18:39:13.0174 1872 [ 69FD46FAC0D9C4A8ECD522AC6A7481F5 ] AFBAgent C:\Windows\system32\FBAgent.exe
18:39:13.0221 1872 AFBAgent - ok
18:39:13.0283 1872 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
18:39:13.0377 1872 AFD - ok
18:39:13.0408 1872 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
18:39:13.0439 1872 agp440 - ok
18:39:13.0486 1872 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
18:39:13.0548 1872 ALG - ok
18:39:13.0579 1872 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
18:39:13.0611 1872 aliide - ok
18:39:13.0689 1872 [ D0A5CC6B7932E7804ABCE66DEB331E63 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
18:39:13.0735 1872 AMD External Events Utility - ok
18:39:13.0751 1872 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
18:39:13.0767 1872 amdide - ok
18:39:13.0782 1872 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
18:39:13.0860 1872 AmdK8 - ok
18:39:14.0094 1872 [ 73B928832DDEF61B21F64E88AAC65E92 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
18:39:14.0313 1872 amdkmdag - ok
18:39:14.0375 1872 [ BD6E1FED09FC69482E61A486968E5DDF ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
18:39:14.0453 1872 amdkmdap - ok
18:39:14.0469 1872 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
18:39:14.0500 1872 AmdPPM - ok
18:39:14.0562 1872 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:39:14.0578 1872 amdsata - ok
18:39:14.0593 1872 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
18:39:14.0609 1872 amdsbs - ok
18:39:14.0625 1872 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:39:14.0656 1872 amdxata - ok
18:39:14.0749 1872 [ E8494519BCB9E3B1B72E5604993A76E3 ] Amsp C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
18:39:14.0796 1872 Amsp - ok
18:39:14.0843 1872 [ 92A848F962DA91C631147D566414BB7E ] AmUStor C:\Windows\system32\drivers\AmUStor.SYS
18:39:14.0874 1872 AmUStor - ok
18:39:14.0905 1872 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
18:39:15.0015 1872 AppID - ok
18:39:15.0030 1872 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:39:15.0124 1872 AppIDSvc - ok
18:39:15.0155 1872 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
18:39:15.0233 1872 Appinfo - ok
18:39:15.0358 1872 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:39:15.0373 1872 Apple Mobile Device - ok
18:39:15.0420 1872 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
18:39:15.0451 1872 arc - ok
18:39:15.0467 1872 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
18:39:15.0498 1872 arcsas - ok
18:39:15.0576 1872 [ 18E5C2F937F9DEB8C282DF66A3761925 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
18:39:15.0607 1872 ASLDRService - ok
18:39:15.0685 1872 [ 4C016FD76ED5C05E84CA8CAB77993961 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
18:39:15.0717 1872 ASMMAP64 - ok
18:39:15.0748 1872 [ 0AA7A996792FB0287B33A57A8093AE44 ] asmthub3 C:\Windows\system32\DRIVERS\asmthub3.sys
18:39:15.0810 1872 asmthub3 - ok
18:39:15.0857 1872 [ 125DC3ABF5BFCCFE82AD17D078E0B9EC ] asmtxhci C:\Windows\system32\DRIVERS\asmtxhci.sys
18:39:15.0919 1872 asmtxhci - ok
18:39:16.0044 1872 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:39:16.0122 1872 aspnet_state - ok
18:39:16.0185 1872 [ EBDFC0F5B1E22CDED582BF882C95166B ] ASUS InstantOn C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe
18:39:16.0231 1872 ASUS InstantOn - ok
18:39:16.0263 1872 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:39:16.0356 1872 AsyncMac - ok
18:39:16.0387 1872 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
18:39:16.0403 1872 atapi - ok
18:39:16.0512 1872 [ 0A780D84FC9C82E16E2037BE1896C022 ] athr C:\Windows\system32\DRIVERS\athrx.sys
18:39:16.0606 1872 athr - ok
18:39:16.0699 1872 [ DBB487D09F56C674430AC454FD8BCAB9 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
18:39:16.0731 1872 AtiHDAudioService - ok
18:39:16.0762 1872 [ 7910158929571214A959D5A6D16DD9C0 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
18:39:16.0793 1872 ATKGFNEXSrv - ok
18:39:16.0855 1872 [ 41CEAFFCF3550785E59E3EC9BEE8D97A ] ATKWMIACPIIO C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
18:39:16.0887 1872 ATKWMIACPIIO - ok
18:39:16.0933 1872 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:39:17.0043 1872 AudioEndpointBuilder - ok
18:39:17.0074 1872 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
18:39:17.0152 1872 AudioSrv - ok
18:39:17.0183 1872 Autorun CDROM Monitor - ok
18:39:17.0370 1872 [ F6A528DE535396C2FB1A4E3C6F00CEC4 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
18:39:17.0495 1872 AVGIDSAgent - ok
18:39:17.0542 1872 [ 1B2E9FCDC26DC7C81D4131430E2DC936 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
18:39:17.0557 1872 AVGIDSDriver - ok
18:39:17.0573 1872 [ 0F293406F64B48D5D2F0D3A1117F3A83 ] AVGIDSFilter C:\Windows\system32\DRIVERS\avgidsfiltera.sys
18:39:17.0604 1872 AVGIDSFilter - ok
18:39:17.0682 1872 [ CFFC3A4A638F462E0561CB368B9A7A3A ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
18:39:17.0713 1872 AVGIDSHA - ok
18:39:17.0745 1872 [ 221FEBAB02D6C97C95558348CC354A85 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
18:39:17.0776 1872 Avgldx64 - ok
18:39:17.0823 1872 [ A6AEC362AAE5E2DDA7445E7690CB0F33 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
18:39:17.0838 1872 Avgmfx64 - ok
18:39:17.0885 1872 [ 645C7F0A0E39758A0024A9B1748273C0 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
18:39:17.0916 1872 Avgrkx64 - ok
18:39:17.0963 1872 [ F8C3C7ED612A41B05C66358FC9786BFD ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
18:39:18.0010 1872 Avgtdia - ok
18:39:18.0041 1872 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
18:39:18.0072 1872 avgwd - ok
18:39:18.0103 1872 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:39:18.0150 1872 AxInstSV - ok
18:39:18.0213 1872 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
18:39:18.0275 1872 b06bdrv - ok
18:39:18.0306 1872 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
18:39:18.0353 1872 b57nd60a - ok
18:39:18.0384 1872 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
18:39:18.0415 1872 BDESVC - ok
18:39:18.0447 1872 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
18:39:18.0571 1872 Beep - ok
18:39:18.0618 1872 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
18:39:18.0743 1872 BFE - ok
18:39:18.0805 1872 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
18:39:18.0961 1872 BITS - ok
18:39:19.0039 1872 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
18:39:19.0086 1872 blbdrive - ok
18:39:19.0164 1872 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:39:19.0211 1872 Bonjour Service - ok
18:39:19.0227 1872 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:39:19.0258 1872 bowser - ok
18:39:19.0305 1872 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
18:39:19.0351 1872 BrFiltLo - ok
18:39:19.0351 1872 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
18:39:19.0398 1872 BrFiltUp - ok
18:39:19.0429 1872 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
18:39:19.0492 1872 Browser - ok
18:39:19.0523 1872 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:39:19.0585 1872 Brserid - ok
18:39:19.0632 1872 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:39:19.0710 1872 BrSerWdm - ok
18:39:19.0710 1872 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:39:19.0757 1872 BrUsbMdm - ok
18:39:19.0773 1872 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:39:19.0819 1872 BrUsbSer - ok
18:39:19.0866 1872 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
18:39:19.0944 1872 BthEnum - ok
18:39:19.0991 1872 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
18:39:20.0038 1872 BTHMODEM - ok
18:39:20.0069 1872 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
18:39:20.0116 1872 BthPan - ok
18:39:20.0163 1872 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
18:39:20.0225 1872 BTHPORT - ok
18:39:20.0272 1872 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
18:39:20.0365 1872 bthserv - ok
18:39:20.0397 1872 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
18:39:20.0443 1872 BTHUSB - ok
18:39:20.0475 1872 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:39:20.0568 1872 cdfs - ok
18:39:20.0599 1872 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:39:20.0662 1872 cdrom - ok
18:39:20.0724 1872 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
18:39:20.0833 1872 CertPropSvc - ok
18:39:20.0896 1872 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
18:39:20.0958 1872 circlass - ok
18:39:21.0130 1872 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
18:39:21.0208 1872 CLFS - ok
18:39:21.0333 1872 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:39:21.0395 1872 clr_optimization_v2.0.50727_32 - ok
18:39:21.0660 1872 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:39:21.0769 1872 clr_optimization_v2.0.50727_64 - ok
18:39:22.0128 1872 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:39:22.0315 1872 clr_optimization_v4.0.30319_32 - ok
18:39:22.0393 1872 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:39:22.0456 1872 clr_optimization_v4.0.30319_64 - ok
18:39:22.0487 1872 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:39:22.0518 1872 CmBatt - ok
18:39:22.0549 1872 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:39:22.0565 1872 cmdide - ok
18:39:22.0627 1872 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
18:39:22.0659 1872 CNG - ok
18:39:22.0721 1872 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
18:39:22.0737 1872 Compbatt - ok
18:39:22.0768 1872 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
18:39:22.0799 1872 CompositeBus - ok
18:39:22.0815 1872 COMSysApp - ok
18:39:22.0830 1872 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
18:39:22.0846 1872 crcdisk - ok
18:39:22.0908 1872 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:39:22.0939 1872 CryptSvc - ok
18:39:22.0986 1872 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:39:23.0095 1872 DcomLaunch - ok
18:39:23.0127 1872 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
18:39:23.0220 1872 defragsvc - ok
18:39:23.0251 1872 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:39:23.0314 1872 DfsC - ok
18:39:23.0345 1872 [ 2D589A2C024B2FB238535DB9F7B3597D ] DgiVecp C:\Windows\system32\Drivers\DgiVecp.sys
18:39:23.0376 1872 DgiVecp - ok
18:39:23.0423 1872 [ B9430166FEB246F6070A62B3554932C9 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
18:39:23.0454 1872 dg_ssudbus - ok
18:39:23.0501 1872 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
18:39:23.0595 1872 Dhcp - ok
18:39:23.0626 1872 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
18:39:23.0735 1872 discache - ok
18:39:23.0766 1872 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
18:39:23.0797 1872 Disk - ok
18:39:23.0860 1872 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:39:23.0922 1872 Dnscache - ok
18:39:23.0938 1872 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
18:39:24.0031 1872 dot3svc - ok
18:39:24.0047 1872 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
18:39:24.0125 1872 DPS - ok
18:39:24.0172 1872 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:39:24.0219 1872 drmkaud - ok
18:39:24.0250 1872 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:39:24.0297 1872 DXGKrnl - ok
18:39:24.0343 1872 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
18:39:24.0453 1872 EapHost - ok
18:39:24.0546 1872 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
18:39:24.0702 1872 ebdrv - ok
18:39:24.0749 1872 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
18:39:24.0765 1872 EFS - ok
18:39:24.0843 1872 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:39:24.0889 1872 ehRecvr - ok
18:39:24.0936 1872 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
18:39:24.0983 1872 ehSched - ok
18:39:25.0045 1872 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
18:39:25.0077 1872 elxstor - ok
18:39:25.0092 1872 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:39:25.0123 1872 ErrDev - ok
18:39:25.0186 1872 [ 4C120D2B2EA269EAE7A5744794EB6DB1 ] ETD C:\Windows\system32\DRIVERS\ETD.sys
18:39:25.0217 1872 ETD - ok
18:39:25.0279 1872 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
18:39:25.0373 1872 EventSystem - ok
18:39:25.0404 1872 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
18:39:25.0482 1872 exfat - ok
18:39:25.0513 1872 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:39:25.0623 1872 fastfat - ok
18:39:25.0701 1872 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
18:39:25.0763 1872 Fax - ok
18:39:25.0794 1872 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
18:39:25.0857 1872 fdc - ok
18:39:25.0903 1872 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
18:39:25.0997 1872 fdPHost - ok
18:39:26.0013 1872 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
18:39:26.0075 1872 FDResPub - ok
18:39:26.0091 1872 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:39:26.0106 1872 FileInfo - ok
18:39:26.0122 1872 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:39:26.0184 1872 Filetrace - ok
18:39:26.0231 1872 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
18:39:26.0262 1872 flpydisk - ok
18:39:26.0293 1872 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:39:26.0325 1872 FltMgr - ok
18:39:26.0387 1872 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
18:39:26.0449 1872 FontCache - ok
18:39:26.0512 1872 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:39:26.0527 1872 FontCache3.0.0.0 - ok
18:39:26.0605 1872 [ 565619F1B6DA86E3C7BA75A1E60ECFCD ] Freemake Improver C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
18:39:26.0621 1872 Freemake Improver ( UnsignedFile.Multi.Generic ) - warning
18:39:26.0621 1872 Freemake Improver - detected UnsignedFile.Multi.Generic (1)
18:39:26.0683 1872 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:39:26.0715 1872 FsDepends - ok
18:39:26.0746 1872 [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
18:39:26.0761 1872 fssfltr - ok
18:39:26.0871 1872 [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
18:39:26.0917 1872 fsssvc - ok
18:39:26.0964 1872 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:39:26.0980 1872 Fs_Rec - ok
18:39:27.0011 1872 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:39:27.0042 1872 fvevol - ok
18:39:27.0073 1872 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
18:39:27.0089 1872 gagp30kx - ok
18:39:27.0120 1872 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:39:27.0136 1872 GEARAspiWDM - ok
18:39:27.0183 1872 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
18:39:27.0245 1872 gpsvc - ok
18:39:27.0292 1872 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:39:27.0307 1872 hcw85cir - ok
18:39:27.0354 1872 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:39:27.0401 1872 HdAudAddService - ok
18:39:27.0432 1872 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
18:39:27.0479 1872 HDAudBus - ok
18:39:27.0479 1872 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
18:39:27.0510 1872 HidBatt - ok
18:39:27.0526 1872 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
18:39:27.0557 1872 HidBth - ok
18:39:27.0557 1872 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
18:39:27.0588 1872 HidIr - ok
18:39:27.0619 1872 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
18:39:27.0744 1872 hidserv - ok
18:39:27.0775 1872 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
18:39:27.0822 1872 HidUsb - ok
18:39:27.0869 1872 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:39:27.0978 1872 hkmsvc - ok
18:39:27.0994 1872 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:39:28.0056 1872 HomeGroupListener - ok
18:39:28.0072 1872 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:39:28.0119 1872 HomeGroupProvider - ok
18:39:28.0150 1872 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:39:28.0181 1872 HpSAMD - ok
18:39:28.0212 1872 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:39:28.0306 1872 HTTP - ok
18:39:28.0337 1872 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:39:28.0353 1872 hwpolicy - ok
18:39:28.0368 1872 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
18:39:28.0399 1872 i8042prt - ok
18:39:28.0446 1872 [ 26CF4275034214ECEDD8EC17B0A18A99 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
18:39:28.0509 1872 iaStor - ok
18:39:28.0540 1872 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:39:28.0587 1872 iaStorV - ok
18:39:28.0711 1872 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:39:28.0758 1872 idsvc - ok
18:39:28.0774 1872 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
18:39:28.0789 1872 iirsp - ok
18:39:28.0836 1872 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
18:39:28.0945 1872 IKEEXT - ok
18:39:29.0086 1872 [ CB7DADEF3D83FE2C12655A0BDCBA99F2 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
18:39:29.0164 1872 IntcAzAudAddService - ok
18:39:29.0195 1872 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
18:39:29.0211 1872 intelide - ok
18:39:29.0242 1872 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:39:29.0257 1872 intelppm - ok
18:39:29.0304 1872 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:39:29.0382 1872 IPBusEnum - ok
18:39:29.0413 1872 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:39:29.0460 1872 IpFilterDriver - ok
18:39:29.0476 1872 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:39:29.0523 1872 IPMIDRV - ok
18:39:29.0538 1872 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:39:29.0616 1872 IPNAT - ok
18:39:29.0741 1872 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
18:39:29.0803 1872 iPod Service - ok
18:39:29.0819 1872 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:39:29.0866 1872 IRENUM - ok
18:39:29.0866 1872 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:39:29.0881 1872 isapnp - ok
18:39:29.0913 1872 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:39:29.0959 1872 iScsiPrt - ok
18:39:29.0991 1872 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:39:30.0022 1872 kbdclass - ok
18:39:30.0037 1872 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
18:39:30.0069 1872 kbdhid - ok
18:39:30.0115 1872 [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys
18:39:30.0147 1872 kbfiltr - ok
18:39:30.0162 1872 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
18:39:30.0193 1872 KeyIso - ok
18:39:30.0225 1872 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:39:30.0240 1872 KSecDD - ok
18:39:30.0287 1872 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:39:30.0318 1872 KSecPkg - ok
18:39:30.0334 1872 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
18:39:30.0412 1872 ksthunk - ok
18:39:30.0459 1872 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
18:39:30.0568 1872 KtmRm - ok
18:39:30.0583 1872 [ A4A9CA24E54E81C6C3E469EAEB4B3F42 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
18:39:30.0615 1872 L1C - ok
18:39:30.0693 1872 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
18:39:30.0771 1872 LanmanServer - ok
18:39:30.0802 1872 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:39:30.0864 1872 LanmanWorkstation - ok
18:39:30.0927 1872 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:39:31.0020 1872 lltdio - ok
18:39:31.0051 1872 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:39:31.0129 1872 lltdsvc - ok
18:39:31.0145 1872 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:39:31.0207 1872 lmhosts - ok
18:39:31.0270 1872 [ 7F32D4C47A50E7223491E8FB9359907D ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
18:39:31.0317 1872 LMS - ok
18:39:31.0363 1872 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
18:39:31.0395 1872 LSI_FC - ok
18:39:31.0410 1872 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
18:39:31.0441 1872 LSI_SAS - ok
18:39:31.0457 1872 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
18:39:31.0488 1872 LSI_SAS2 - ok
18:39:31.0504 1872 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
18:39:31.0519 1872 LSI_SCSI - ok
18:39:31.0551 1872 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
18:39:31.0613 1872 luafv - ok
18:39:31.0644 1872 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:39:31.0675 1872 Mcx2Svc - ok
18:39:31.0769 1872 [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
18:39:31.0800 1872 MDM ( UnsignedFile.Multi.Generic ) - warning
18:39:31.0800 1872 MDM - detected UnsignedFile.Multi.Generic (1)
18:39:31.0816 1872 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
18:39:31.0847 1872 megasas - ok
18:39:31.0878 1872 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
18:39:31.0925 1872 MegaSR - ok
18:39:31.0956 1872 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
18:39:31.0987 1872 MEIx64 - ok
18:39:32.0097 1872 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
18:39:32.0112 1872 Microsoft Office Groove Audit Service - ok
18:39:32.0159 1872 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
18:39:32.0253 1872 MMCSS - ok
18:39:32.0268 1872 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
18:39:32.0362 1872 Modem - ok
18:39:32.0393 1872 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:39:32.0440 1872 monitor - ok
18:39:32.0471 1872 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:39:32.0502 1872 mouclass - ok
18:39:32.0518 1872 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\drivers\mouhid.sys
18:39:32.0565 1872 mouhid - ok
18:39:32.0611 1872 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:39:32.0643 1872 mountmgr - ok
18:39:32.0721 1872 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:39:32.0752 1872 MozillaMaintenance - ok
18:39:32.0783 1872 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
18:39:32.0814 1872 mpio - ok
18:39:32.0845 1872 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:39:32.0908 1872 mpsdrv - ok
18:39:32.0923 1872 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:39:32.0970 1872 MRxDAV - ok
18:39:32.0986 1872 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:39:33.0048 1872 mrxsmb - ok
18:39:33.0064 1872 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:39:33.0095 1872 mrxsmb10 - ok
18:39:33.0111 1872 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:39:33.0157 1872 mrxsmb20 - ok
18:39:33.0173 1872 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
18:39:33.0189 1872 msahci - ok
18:39:33.0220 1872 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:39:33.0251 1872 msdsm - ok
18:39:33.0282 1872 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
18:39:33.0329 1872 MSDTC - ok
18:39:33.0360 1872 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:39:33.0454 1872 Msfs - ok
18:39:33.0485 1872 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:39:33.0547 1872 mshidkmdf - ok
18:39:33.0563 1872 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:39:33.0579 1872 msisadrv - ok
18:39:33.0610 1872 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:39:33.0672 1872 MSiSCSI - ok
18:39:33.0672 1872 msiserver - ok
18:39:33.0703 1872 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:39:33.0766 1872 MSKSSRV - ok
18:39:33.0766 1872 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:39:33.0859 1872 MSPCLOCK - ok
18:39:33.0875 1872 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:39:33.0953 1872 MSPQM - ok
18:39:33.0984 1872 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:39:34.0015 1872 MsRPC - ok
18:39:34.0015 1872 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
18:39:34.0031 1872 mssmbios - ok
18:39:34.0062 1872 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:39:34.0156 1872 MSTEE - ok
18:39:34.0171 1872 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
18:39:34.0203 1872 MTConfig - ok
18:39:34.0218 1872 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
18:39:34.0234 1872 Mup - ok
18:39:34.0265 1872 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
18:39:34.0343 1872 napagent - ok
18:39:34.0374 1872 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:39:34.0452 1872 NativeWifiP - ok
18:39:34.0499 1872 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:39:34.0530 1872 NDIS - ok
18:39:34.0577 1872 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:39:34.0655 1872 NdisCap - ok
18:39:34.0671 1872 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:39:34.0733 1872 NdisTapi - ok
18:39:34.0749 1872 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:39:34.0827 1872 Ndisuio - ok
18:39:34.0842 1872 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:39:34.0889 1872 NdisWan - ok
18:39:34.0920 1872 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:39:35.0014 1872 NDProxy - ok
18:39:35.0154 1872 [ 6D4028D458EAAA1782099750790DC8C9 ] Nero BackItUp Scheduler 3 C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
18:39:35.0217 1872 Nero BackItUp Scheduler 3 - ok
18:39:35.0232 1872 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:39:35.0326 1872 NetBIOS - ok
18:39:35.0357 1872 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:39:35.0419 1872 NetBT - ok
18:39:35.0451 1872 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
18:39:35.0466 1872 Netlogon - ok
18:39:35.0529 1872 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
18:39:35.0607 1872 Netman - ok
18:39:35.0716 1872 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:39:35.0778 1872 NetMsmqActivator - ok
18:39:35.0778 1872 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:39:35.0809 1872 NetPipeActivator - ok
18:39:35.0841 1872 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
18:39:35.0919 1872 netprofm - ok
18:39:35.0950 1872 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:39:35.0965 1872 NetTcpActivator - ok
18:39:35.0965 1872 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:39:35.0981 1872 NetTcpPortSharing - ok
18:39:36.0012 1872 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
18:39:36.0028 1872 nfrd960 - ok
18:39:36.0075 1872 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
18:39:36.0168 1872 NlaSvc - ok
18:39:36.0246 1872 [ 1BEF5464C06F4AF0C704378824C52ADB ] NMIndexingService C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
18:39:36.0293 1872 NMIndexingService - ok
18:39:36.0309 1872 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:39:36.0387 1872 Npfs - ok
18:39:36.0402 1872 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
18:39:36.0496 1872 nsi - ok
18:39:36.0511 1872 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:39:36.0574 1872 nsiproxy - ok
18:39:36.0636 1872 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:39:36.0730 1872 Ntfs - ok
18:39:36.0745 1872 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
18:39:36.0823 1872 Null - ok
18:39:36.0855 1872 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:39:36.0886 1872 nvraid - ok
18:39:36.0886 1872 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:39:36.0901 1872 nvstor - ok
18:39:36.0933 1872 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:39:36.0948 1872 nv_agp - ok
18:39:37.0026 1872 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:39:37.0073 1872 odserv - ok
18:39:37.0104 1872 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:39:37.0135 1872 ohci1394 - ok
18:39:37.0198 1872 [ 1F6E4FBB2466878FB58B3D6B55CEC438 ] ONDAusbmdm6k C:\Windows\system32\DRIVERS\ONDAusbmdm6k.sys
18:39:37.0229 1872 ONDAusbmdm6k - ok
18:39:37.0276 1872 [ A58614B29814399CB1D5E0A60D470CE0 ] ONDAusbnet C:\Windows\system32\DRIVERS\ONDAusbnet.sys
18:39:37.0323 1872 ONDAusbnet - ok
18:39:37.0354 1872 [ 1F6E4FBB2466878FB58B3D6B55CEC438 ] ONDAusbnmea C:\Windows\system32\DRIVERS\ONDAusbnmea.sys
18:39:37.0385 1872 ONDAusbnmea - ok
18:39:37.0432 1872 [ 1F6E4FBB2466878FB58B3D6B55CEC438 ] ONDAusbser6k C:\Windows\system32\DRIVERS\ONDAusbser6k.sys
18:39:37.0463 1872 ONDAusbser6k - ok
18:39:37.0510 1872 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:39:37.0541 1872 ose - ok
18:39:37.0572 1872 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:39:37.0603 1872 p2pimsvc - ok
18:39:37.0666 1872 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
18:39:37.0728 1872 p2psvc - ok
18:39:37.0744 1872 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
18:39:37.0775 1872 Parport - ok
18:39:37.0806 1872 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:39:37.0822 1872 partmgr - ok
18:39:37.0853 1872 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
18:39:37.0915 1872 PcaSvc - ok
18:39:37.0947 1872 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
18:39:37.0993 1872 pci - ok
18:39:38.0009 1872 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
18:39:38.0025 1872 pciide - ok
18:39:38.0025 1872 Pcithaucterl - ok
18:39:38.0056 1872 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
18:39:38.0087 1872 pcmcia - ok
18:39:38.0118 1872 [ A7A134DE374E91D931BA211556293B1B ] Pcouffin64 C:\Windows\system32\Drivers\pcouffin64a.sys
18:39:38.0149 1872 Pcouffin64 ( UnsignedFile.Multi.Generic ) - warning
18:39:38.0149 1872 Pcouffin64 - detected UnsignedFile.Multi.Generic (1)
18:39:38.0165 1872 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
18:39:38.0196 1872 pcw - ok
18:39:38.0227 1872 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:39:38.0321 1872 PEAUTH - ok
18:39:38.0415 1872 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
18:39:38.0461 1872 PerfHost - ok
18:39:38.0524 1872 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
18:39:38.0617 1872 pla - ok
18:39:38.0695 1872 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:39:38.0758 1872 PlugPlay - ok
18:39:38.0773 1872 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:39:38.0820 1872 PNRPAutoReg - ok
18:39:38.0851 1872 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:39:38.0883 1872 PNRPsvc - ok
18:39:38.0929 1872 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:39:39.0023 1872 PolicyAgent - ok
18:39:39.0070 1872 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
18:39:39.0179 1872 Power - ok
18:39:39.0226 1872 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:39:39.0319 1872 PptpMiniport - ok
18:39:39.0413 1872 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
18:39:39.0475 1872 Processor - ok
18:39:39.0569 1872 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
18:39:39.0616 1872 ProfSvc - ok
18:39:39.0663 1872 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:39:39.0678 1872 ProtectedStorage - ok
18:39:39.0741 1872 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:39:39.0819 1872 Psched - ok
18:39:39.0897 1872 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
18:39:40.0021 1872 ql2300 - ok
18:39:40.0053 1872 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
18:39:40.0068 1872 ql40xx - ok
18:39:40.0131 1872 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
18:39:40.0162 1872 QWAVE - ok
18:39:40.0193 1872 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:39:40.0224 1872 QWAVEdrv - ok
18:39:40.0240 1872 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:39:40.0302 1872 RasAcd - ok
18:39:40.0365 1872 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:39:40.0443 1872 RasAgileVpn - ok
18:39:40.0677 1872 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
18:39:40.0770 1872 RasAuto - ok
18:39:41.0410 1872 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:39:41.0503 1872 Rasl2tp - ok
18:39:41.0535 1872 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
18:39:41.0613 1872 RasMan - ok
18:39:41.0691 1872 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:39:41.0800 1872 RasPppoe - ok
18:39:41.0831 1872 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:39:41.0940 1872 RasSstp - ok
18:39:41.0971 1872 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:39:42.0096 1872 rdbss - ok
18:39:42.0112 1872 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
18:39:42.0143 1872 rdpbus - ok
18:39:42.0174 1872 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:39:42.0283 1872 RDPCDD - ok
18:39:42.0315 1872 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:39:42.0377 1872 RDPENCDD - ok
18:39:42.0408 1872 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:39:42.0471 1872 RDPREFMP - ok
18:39:42.0502 1872 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:39:42.0533 1872 RDPWD - ok
18:39:42.0564 1872 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:39:42.0595 1872 rdyboost - ok
18:39:42.0627 1872 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:39:42.0689 1872 RemoteAccess - ok
18:39:42.0751 1872 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:39:42.0829 1872 RemoteRegistry - ok
18:39:42.0861 1872 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
18:39:42.0892 1872 RFCOMM - ok
18:39:42.0954 1872 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:39:43.0048 1872 RpcEptMapper - ok
18:39:43.0079 1872 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
18:39:43.0110 1872 RpcLocator - ok
18:39:43.0188 1872 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
18:39:43.0266 1872 RpcSs - ok
18:39:43.0344 1872 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:39:43.0422 1872 rspndr - ok
18:39:43.0469 1872 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
18:39:43.0485 1872 SamSs - ok
18:39:43.0516 1872 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:39:43.0531 1872 sbp2port - ok
18:39:43.0578 1872 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:39:43.0672 1872 SCardSvr - ok
18:39:43.0687 1872 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:39:43.0765 1872 scfilter - ok
18:39:43.0812 1872 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
18:39:43.0921 1872 Schedule - ok
18:39:43.0937 1872 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
18:39:43.0999 1872 SCPolicySvc - ok
18:39:44.0015 1872 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:39:44.0077 1872 SDRSVC - ok
18:39:44.0124 1872 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:39:44.0218 1872 secdrv - ok
18:39:44.0249 1872 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
18:39:44.0311 1872 seclogon - ok
18:39:44.0343 1872 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
18:39:44.0405 1872 SENS - ok
18:39:44.0452 1872 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:39:44.0530 1872 SensrSvc - ok
18:39:44.0545 1872 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
18:39:44.0577 1872 Serenum - ok
18:39:44.0608 1872 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
18:39:44.0686 1872 Serial - ok
18:39:44.0717 1872 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
18:39:44.0764 1872 sermouse - ok
18:39:44.0811 1872 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
18:39:44.0904 1872 SessionEnv - ok
18:39:44.0920 1872 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:39:44.0982 1872 sffdisk - ok
18:39:45.0013 1872 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:39:45.0091 1872 sffp_mmc - ok
18:39:45.0107 1872 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:39:45.0154 1872 sffp_sd - ok
18:39:45.0169 1872 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
18:39:45.0232 1872 sfloppy - ok
18:39:45.0279 1872 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:39:45.0357 1872 ShellHWDetection - ok
18:39:45.0388 1872 [ 1BC348CF6BAA90EC8E533EF6E6A69933 ] SiSGbeLH C:\Windows\system32\DRIVERS\SiSG664.sys
18:39:45.0419 1872 SiSGbeLH - ok
18:39:45.0466 1872 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
18:39:45.0481 1872 SiSRaid2 - ok
18:39:45.0497 1872 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
18:39:45.0513 1872 SiSRaid4 - ok
18:39:45.0669 1872 [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
18:39:45.0747 1872 Skype C2C Service - ok
18:39:45.0840 1872 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
18:39:45.0871 1872 SkypeUpdate - ok
18:39:45.0918 1872 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:39:45.0996 1872 Smb - ok
18:39:46.0105 1872 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:39:46.0137 1872 SNMPTRAP - ok
18:39:46.0152 1872 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
18:39:46.0183 1872 spldr - ok
18:39:46.0215 1872 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
18:39:46.0261 1872 Spooler - ok
18:39:46.0511 1872 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
18:39:46.0683 1872 sppsvc - ok
18:39:46.0839 1872 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:39:46.0932 1872 sppuinotify - ok
18:39:46.0963 1872 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
18:39:47.0010 1872 srv - ok
18:39:47.0041 1872 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:39:47.0073 1872 srv2 - ok
18:39:47.0104 1872 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:39:47.0135 1872 srvnet - ok
18:39:47.0166 1872 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:39:47.0244 1872 SSDPSRV - ok
18:39:47.0275 1872 [ 0211AB46B73A2623B86C1CFCB30579AB ] SSPORT C:\Windows\system32\Drivers\SSPORT.sys
18:39:47.0291 1872 SSPORT - ok
18:39:47.0322 1872 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:39:47.0400 1872 SstpSvc - ok
18:39:47.0416 1872 [ C692C94FE55CAD0633440236022C27B3 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
18:39:47.0447 1872 ssudmdm - ok
18:39:47.0463 1872 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
18:39:47.0494 1872 stexstor - ok
18:39:47.0525 1872 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
18:39:47.0603 1872 stisvc - ok
18:39:47.0634 1872 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
18:39:47.0650 1872 swenum - ok
18:39:47.0697 1872 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
18:39:47.0821 1872 swprv - ok
18:39:47.0884 1872 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
18:39:47.0962 1872 SysMain - ok
18:39:47.0977 1872 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:39:48.0040 1872 TabletInputService - ok
18:39:48.0055 1872 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
18:39:48.0133 1872 TapiSrv - ok
18:39:48.0149 1872 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
18:39:48.0211 1872 TBS - ok
18:39:48.0274 1872 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:39:48.0336 1872 Tcpip - ok
18:39:48.0399 1872 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:39:48.0461 1872 TCPIP6 - ok
18:39:48.0477 1872 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:39:48.0523 1872 tcpipreg - ok
18:39:48.0539 1872 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:39:48.0555 1872 TDPIPE - ok
18:39:48.0601 1872 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:39:48.0633 1872 TDTCP - ok
18:39:48.0695 1872 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:39:48.0789 1872 tdx - ok
18:39:48.0804 1872 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
18:39:48.0820 1872 TermDD - ok
18:39:48.0867 1872 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
18:39:48.0945 1872 TermService - ok
18:39:48.0960 1872 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
18:39:48.0991 1872 Themes - ok
18:39:49.0023 1872 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
18:39:49.0069 1872 THREADORDER - ok
18:39:49.0147 1872 [ 69D76CE06BB629B69165C81D83A4B03E ] TiMiniService C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
18:39:49.0179 1872 TiMiniService - ok
18:39:49.0194 1872 [ 73AAFFDD2AC3C8814B26C440E5DD9DD4 ] tmactmon C:\Windows\system32\DRIVERS\tmactmon.sys
18:39:49.0210 1872 tmactmon - ok
18:39:49.0225 1872 [ 360E61217D4E1E333583D0C721057F70 ] tmcomm C:\Windows\system32\DRIVERS\tmcomm.sys
18:39:49.0257 1872 tmcomm - ok
18:39:49.0272 1872 [ 699D34EB7C670139CA23A65372BD5743 ] tmevtmgr C:\Windows\system32\DRIVERS\tmevtmgr.sys
18:39:49.0303 1872 tmevtmgr - ok
18:39:49.0335 1872 [ 262198EFB734012BFCD17E7479AE4A09 ] tmtdi C:\Windows\system32\DRIVERS\tmtdi.sys
18:39:49.0366 1872 tmtdi - ok
18:39:49.0413 1872 [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM C:\Windows\system32\drivers\tpm.sys
18:39:49.0459 1872 TPM - ok
18:39:49.0506 1872 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
18:39:49.0615 1872 TrkWks - ok
18:39:49.0693 1872 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:39:49.0771 1872 TrustedInstaller - ok
18:39:49.0787 1872 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:39:49.0849 1872 tssecsrv - ok
18:39:49.0896 1872 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:39:49.0943 1872 TsUsbFlt - ok
18:39:49.0943 1872 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
18:39:49.0974 1872 TsUsbGD - ok
18:39:50.0021 1872 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:39:50.0099 1872 tunnel - ok
18:39:50.0115 1872 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
18:39:50.0146 1872 uagp35 - ok
18:39:50.0193 1872 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:39:50.0286 1872 udfs - ok
18:39:50.0333 1872 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:39:50.0364 1872 UI0Detect - ok
18:39:50.0411 1872 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:39:50.0442 1872 uliagpkx - ok
18:39:50.0489 1872 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
18:39:50.0551 1872 umbus - ok
18:39:50.0583 1872 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
18:39:50.0629 1872 UmPass - ok
18:39:50.0988 1872 [ 2C16648A12999AE69A9EBF41974B0BA2 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
18:39:51.0066 1872 UNS - ok
18:39:51.0160 1872 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
18:39:51.0269 1872 upnphost - ok
18:39:51.0347 1872 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
18:39:51.0456 1872 usbaudio - ok
18:39:51.0503 1872 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:39:51.0565 1872 usbccgp - ok
18:39:51.0597 1872 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:39:51.0690 1872 usbcir - ok
18:39:51.0721 1872 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
18:39:51.0753 1872 usbehci - ok
18:39:51.0877 1872 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:39:51.0924 1872 usbhub - ok
18:39:51.0971 1872 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:39:52.0018 1872 usbohci - ok
18:39:52.0065 1872 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:39:52.0127 1872 usbprint - ok
18:39:52.0174 1872 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
18:39:52.0236 1872 usbscan - ok
18:39:52.0267 1872 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:39:52.0330 1872 USBSTOR - ok
18:39:52.0361 1872 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
18:39:52.0408 1872 usbuhci - ok
18:39:52.0486 1872 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
18:39:52.0533 1872 usbvideo - ok
18:39:52.0564 1872 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
18:39:52.0657 1872 UxSms - ok
18:39:52.0689 1872 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
18:39:52.0704 1872 VaultSvc - ok
18:39:52.0735 1872 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:39:52.0767 1872 vdrvroot - ok
18:39:52.0891 1872 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
18:39:53.0016 1872 vds - ok
18:39:53.0063 1872 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:39:53.0110 1872 vga - ok
18:39:53.0141 1872 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
18:39:53.0250 1872 VgaSave - ok
18:39:53.0281 1872 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:39:53.0313 1872 vhdmp - ok
18:39:53.0328 1872 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
18:39:53.0375 1872 viaide - ok
18:39:53.0391 1872 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:39:53.0422 1872 volmgr - ok
18:39:53.0500 1872 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:39:53.0547 1872 volmgrx - ok
18:39:53.0578 1872 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:39:53.0625 1872 volsnap - ok
18:39:53.0749 1872 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
18:39:53.0796 1872 vsmraid - ok
18:39:53.0874 1872 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
18:39:53.0983 1872 VSS - ok
18:39:53.0999 1872 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
18:39:54.0030 1872 vwifibus - ok
18:39:54.0077 1872 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
18:39:54.0124 1872 vwififlt - ok
18:39:54.0186 1872 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
18:39:54.0295 1872 W32Time - ok
18:39:54.0342 1872 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
18:39:54.0405 1872 WacomPen - ok
18:39:54.0498 1872 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:39:54.0592 1872 WANARP - ok
18:39:54.0639 1872 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:39:54.0732 1872 Wanarpv6 - ok
18:39:54.0888 1872 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
18:39:54.0935 1872 WatAdminSvc - ok
18:39:54.0997 1872 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
18:39:55.0060 1872 wbengine - ok
18:39:55.0075 1872 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:39:55.0122 1872 WbioSrvc - ok
18:39:55.0153 1872 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:39:55.0216 1872 wcncsvc - ok
18:39:55.0231 1872 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:39:55.0263 1872 WcsPlugInService - ok
18:39:55.0294 1872 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
18:39:55.0325 1872 Wd - ok
18:39:55.0356 1872 [ 441BD2D7B4F98134C3

[bdoriano]

Il log che hai postato è incompleto, caricalo su uno dei servizi indicato qui.

[dragone1970]

TDSSKiller.2.8.15.0_11.11.2012_18.35.55_log.txt


http://wikisend.com/download/959836/TDSSKiller.2.8.15.0_11.11.2012_18.35.55_log.txt

TDSSKiller.2.8.15.0_11.11.2012_18.38.05_log.txt



http://wikisend.com/download/420490/TDSSKiller.2.8.15.0_11.11.2012_18.38.05_log.txt

[bdoriano]

fai questa scansione:

• Scarica OTL:
  clicca qui per scaricarlo e salvalo sul desktop.
  
  
• Clicca sull'icona di OTL che trovi sul tuo desktop
  
  
  
• in Output, assicurati che sia selezionato Minimal Output
  
  
• metti il segno di spunta a
  Scan All Users
  LOP Check
  Purity Check
  
  
• in Standard Registry, assicurati che sia selezionato All
  
  
• in Extra Registry, assicurati che sia selezionato Use SafeList
  
  
• clicca il bottone Run Scan
  
  
• verranno generati 2 logs:
  OTListIt.txt (aperto)
  Extra.txt (minimizzato)
  
  
• Carica i logs uno dei servizi di hosting indicati in questa discussione

[dragone1970]

http://forum.zeusnews.com/link/99832

Extras.Txt


http://forum.zeusnews.com/link/99833

OTL.Txt

[bdoriano]

Da quel che vedo, hai installato 2 antivirus (AVG e TrendMicro).
E' meglio disinstallarne uno. Se hai pagato per TrendMicro, disinstalla AVG.
Se, invece, la licenza di TrendMicro è scaduta, disinstalla TrendMicro.

• Avvia nuovamente OTL (dal desktop)
  
  
• Copia e incolla il testo seguente nel riquadro :
  

  Codice:

  :processes killallprocesses :OTL IE - HKU\S-1-5-21-1621556520-1195368698-3946353251-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=111789&tt=100512_4_&babsrc=SP_ss&mntrId=008edbb00000000000007ce9d344980c FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)" FF - prefs.js..browser.search.order.1: "Search the web (Babylon)" [2012/11/10 16:13:31 | 083,023,306 | ---- | M] () -- C:\ProgramData\dsgsdgdsgdsgw.pad [2012/11/10 16:12:33 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\lsass.exe [2011/11/17 07:41:18 | 000,002,048 | -HS- | M] () -- C:\Windows\Installer\{3c42eb88-3e76-c42f-e757-e3ec8d556822}\@ [2011/11/17 07:41:18 | 000,043,008 | -HS- | M] () -- C:\Windows\Installer\{3c42eb88-3e76-c42f-e757-e3ec8d556822}\n [2011/11/17 07:41:18 | 000,000,000 | -HSD | M] -- C:\Windows\Installer\{3c42eb88-3e76-c42f-e757-e3ec8d556822}\L [2011/11/17 07:41:18 | 000,000,000 | -HSD | M] -- C:\Windows\Installer\{3c42eb88-3e76-c42f-e757-e3ec8d556822}\U [2011/11/17 07:41:18 | 000,002,048 | -HS- | M] () -- C:\Users\Dragone\AppData\Local\{3c42eb88-3e76-c42f-e757-e3ec8d556822}\@ [2012/07/27 19:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Dragone\AppData\Local\{3c42eb88-3e76-c42f-e757-e3ec8d556822}\L [2012/07/27 19:53:56 | 000,000,000 | -HSD | M] -- C:\Users\Dragone\AppData\Local\{3c42eb88-3e76-c42f-e757-e3ec8d556822}\U [2012/07/27 19:53:55 | 000,000,804 | ---- | M] () -- C:\Users\Dragone\AppData\Local\{3c42eb88-3e76-c42f-e757-e3ec8d556822}\L\00000004.@ [2012/07/27 19:53:50 | 000,002,048 | ---- | M] () -- C:\Users\Dragone\AppData\Local\{3c42eb88-3e76-c42f-e757-e3ec8d556822}\U\00000004.@ [2012/07/27 19:53:55 | 000,232,960 | ---- | M] () -- C:\Users\Dragone\AppData\Local\{3c42eb88-3e76-c42f-e757-e3ec8d556822}\U\00000008.@ [2012/07/27 19:53:50 | 000,001,632 | ---- | M] () -- C:\Users\Dragone\AppData\Local\{3c42eb88-3e76-c42f-e757-e3ec8d556822}\U\000000cb.@ [2012/07/27 19:53:51 | 000,016,896 | ---- | M] () -- C:\Users\Dragone\AppData\Local\{3c42eb88-3e76-c42f-e757-e3ec8d556822}\U\80000000.@ [2012/07/27 19:53:56 | 000,092,160 | ---- | M] () -- C:\Users\Dragone\AppData\Local\{3c42eb88-3e76-c42f-e757-e3ec8d556822}\U\80000032.@ [2012/07/27 19:53:55 | 000,080,896 | ---- | M] () -- C:\Users\Dragone\AppData\Local\{3c42eb88-3e76-c42f-e757-e3ec8d556822}\U\80000064.@ :files ipconfig /flushdns /c :reg [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command] ""=""%1" %*" :Commands [resethosts] [EMPTYTEMP] [EMPTYFLASH] [EMPTYJAVA]

  
  
• clicca
  
• Se richiesto, riavvia il pc
  
• clicca
  
• Verrà creato un log tipo ggMMaaaa_hhmmss.log
  
• carica il nuovo log su uno dei servizi di hosting indicati in questa discussione

[dragone1970]

dove salva il file log? mi ha creato solo file txt

log.txt

[bdoriano]

Dovresti trovarlo in: C:\_OTL\MovedFiles\

[dragone1970]

trovo una cartella ed un file txt

[bdoriano]

Posta quello, così vediamo cos'è.

[dragone1970]

[dragone1970]

[bdoriano]

• Scarica aswMBR e salvalo sul desktop
  
• Avvia aswMBR.exe
  
• compare una finestra nera con, all'interno, un'altra finestra:
  This application can use the Avast! Free Antivirus for scanning.
  It is recommended to download it for bettere detection results.
  
  Would you like to download latest Avast! virus definitions?
  
• clicca No
  
• clicca Scan e attendi pazientemente la fine dei lavori
  
• clicca Save log
  
• clicca Exit
  
• compare una nuova finestra:
  Are you sure you want to exit the program?
  
• clicca Si
  
• sul desktop troverai i files:
  aswMBR.txt è il log appena creato
  MBR.dat è una copia del contenuto dell'MBR del tuo disco fisso
  zippali in unico file e postalo secondo le solite modalità

(in caso di problemi, togliere il segno di spunta a Trace disk IO calls)

[dragone1970]

Nuova cartella.zip

[bdoriano]

Perfetto.

Nuova scansione:

• Clicca sull'icona di OTL che trovi sul tuo desktop
  
  
  
• in Output, assicurati che sia selezionato Minimal Output
  
  
• metti il segno di spunta a
  Scan All Users
  LOP Check
  Purity Check
  
  
• in Standard Registry, assicurati che sia selezionato All
  
  
• in Extra Registry, assicurati che sia selezionato Use SafeList
  
  
• clicca il bottone Run Scan
  
  
• verranno generati 2 logs:
  OTListIt.txt (aperto)
  Extra.txt (minimizzato)
  
  
• Carica i logs uno dei servizi di hosting indicati in questa discussione