Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » Pc lento

2 pages: [1] 2
Pc lento Opzioni
Topic Precedente · Topic Sucessivo
eufonio
Inviato: Tuesday, October 16, 2012 10:27:58 PM
Rank: AiutAmico

Iscritto dal : 1/18/2002
Posts: 76
Salve è da qualche giorno che ho notato dei rallentamentei sul pc, mi potete controllare il log? grazie

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22.27.44, on 16/10/12
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Programmi\IObit\Advanced SystemCare 5\ASCService.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmi\Quick Heal\Quick Heal AntiVirus Pro\onlinent.exe
C:\Programmi\Quick Heal\Quick Heal AntiVirus Pro\SCANMSG.EXE
C:\Programmi\Quick Heal\Quick Heal AntiVirus Pro\UPSCHD.EXE
C:\WINDOWS\system32\agrsmsvc.exe
C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Programmi\Quick Heal\Quick Heal AntiVirus Pro\EMLPROXY.EXE
C:\Programmi\Quick Heal\Quick Heal AntiVirus Pro\SAPISSVC.EXE
C:\Programmi\Java\jre6\bin\jqs.exe
C:\Programmi\Common Files\Motive\McciCMService.exe
C:\Programmi\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
C:\Programmi\Telecom Italia\WanMiniport1st\srvany.exe
C:\Programmi\Quick Heal\Quick Heal AntiVirus Pro\opssvc.exe
C:\Programmi\Telecom Italia\WanMiniport1st\WanMiniport1st_srv.exe
C:\Programmi\Quick Heal\Quick Heal AntiVirus Pro\quhlpsvc.exe
C:\Programmi\Macrium\Reflect\ReflectService.exe
C:\Programmi\Quick Heal\Quick Heal AntiVirus Pro\SCANWSCS.EXE
C:\WINDOWS\system32\svchost.exe
C:\Programmi\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Programmi\Trend Micro\HiJackThis\HiJackThis.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe
C:\Programmi\Internet Explorer\iexplore.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.libero.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O2 - BHO: Supporto di collegamento per Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Guida per l'accesso a Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\File comuni\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmi\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmi\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Quick Heal Core UI] "C:\Programmi\Quick Heal\Quick Heal AntiVirus Pro\strtupap.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: Apri con ScanSoft PDF Converter 4.1 - res://C:\Programmi\ScanSoft\PDF Professional 4.0\cnvres_ita.dll /100
O8 - Extra context menu item: Converti destinazione link in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti destinazione link in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Converti i link selezionati in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Converti i link selezionati in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Converti in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti nel file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Converti selezione in Adobe PDF - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Converti selezione in file PDF esistente - res://C:\Programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programmi\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programmi\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programmi\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programmi\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmi\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.telecomitalia.it
O15 - Trusted Zone: http://www.tim.it
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programmi\File comuni\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Precaricatore Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon di cache delle categorie di componenti - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Programmi\IObit\Advanced SystemCare 5\ASCService.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Core Mail Protection - Quick Heal Technologies (P) Ltd. - C:\Programmi\Quick Heal\Quick Heal AntiVirus Pro\EMLPROXY.EXE
O23 - Service: Core Scanning Server - Quick Heal Technologies (P) Ltd. - C:\Programmi\Quick Heal\Quick Heal AntiVirus Pro\SAPISSVC.EXE
O23 - Service: Core Scanning ServerEx - Quick Heal Technologies (P) Ltd. - C:\Programmi\Quick Heal\Quick Heal AntiVirus Pro\SAPISSVC.EXE
O23 - Service: Servizio iPod (iPod Service) - Apple Inc. - C:\Programmi\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmi\Java\jre6\bin\jqs.exe
O23 - Service: McciCMService - Alcatel-Lucent - C:\Programmi\Common Files\Motive\McciCMService.exe
O23 - Service: NBService - Nero AG - C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Network WanMiniport First Position - Unknown owner - C:\Programmi\Telecom Italia\WanMiniport1st\srvany.exe
O23 - Service: Online Protection System - Quick Heal Technologies (P) Ltd. - C:\Programmi\Quick Heal\Quick Heal AntiVirus Pro\opssvc.exe
O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - C:\Programmi\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe
O23 - Service: Quick Update Service - Quick Heal Technologies (P) Ltd. - C:\Programmi\Quick Heal\Quick Heal AntiVirus Pro\quhlpsvc.exe
O23 - Service: Macrium Reflect Image Mounting Service (ReflectService.exe) - Unknown owner - C:\Programmi\Macrium\Reflect\ReflectService.exe
O23 - Service: Quick Heal AntiVirus Pro Helper Service WSC (ScanWscS) - Quick Heal Technologies (P) Ltd. - C:\Programmi\Quick Heal\Quick Heal AntiVirus Pro\SCANWSCS.EXE
O23 - Service: ServiceLayer - Nokia - C:\Programmi\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 9826 bytes
Torna in alto
 
Sponsor
Inviato: Tuesday, October 16, 2012 10:27:58 PM

 
Torna in alto
 
shapiro
Inviato: Tuesday, October 16, 2012 10:47:56 PM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164
da quanto tempo hai installato questo Quick Heal AntiVirus? non l'ho mai sentito nominare ti consiglio di fare una scansione con combofix

avvialo senza installare la recovery console quando ye lo chiede
Lascia lavorare il programma senza interferire
Allega il rapporto C:\ComboFix.txt nella tua risposta.
Torna in alto
 
eufonio
Inviato: Tuesday, October 16, 2012 11:45:43 PM
Rank: AiutAmico

Iscritto dal : 1/18/2002
Posts: 76
L'antivirus è stato installato dalla ditta che gestisce i pc dello studio dove lavora mia moglie da circa un anno.
Ecco il log di combofix

ComboFix 12-10-16.02 - Utente 16/10/12 23.23.25.4.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.3070.2367 [GMT 2:00]
Eseguito da: c:\documents and settings\Utente\Desktop\ComboFix.exe
AV: Quick Heal AntiVirus Pro 12.00 *Disabled/Updated* {05C1329D-F0E0-4B19-9D15-54F9BC3ADE87}
FW: Quick Heal Firewall *Enabled* {0B0BF67A-8F20-4279-BAB2-9A72A26C76BF}
.
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Dati applicazioni\TEMP
c:\windows\system32\msstdfmt.dll
c:\windows\system32\muzapp.exe
c:\windows\system32\SET71.tmp
c:\windows\system32\SET7D.tmp
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\regtlib.exe
.
.
((((((((((((((((((((((((((((((((((((((( Driver/Servizi )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
.
.
((((((((((((((((((((((((( Files Creati Da 2012-09-16 al 2012-10-16 )))))))))))))))))))))))))))))))))))
.
.
2012-10-06 07:48 . 2012-10-06 07:48 -------- d-----w- c:\programmi\DVDInfoPro
2012-10-06 07:40 . 2012-10-06 07:40 -------- d-----w- c:\programmi\DVD Identifier
2012-10-06 06:54 . 2012-10-06 06:59 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\DVD Shrink
2012-10-06 06:54 . 2012-10-06 06:54 -------- d-----w- c:\programmi\DVD Shrink
2012-10-01 18:00 . 2005-03-25 05:00 8704 ----a-w- c:\windows\system32\CNMVS75.DLL
2012-10-01 18:00 . 2005-03-25 05:00 59392 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPP75.DLL
2012-10-01 18:00 . 2005-03-25 05:00 20992 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPD75.DLL
2012-10-01 17:59 . 2005-03-25 05:10 139776 ----a-w- c:\windows\system32\CNMLM75.DLL
2012-10-01 17:59 . 2005-03-08 18:17 90112 ----a-r- c:\windows\system32\CNMCP75.exe
2012-10-01 17:59 . 2012-10-01 17:59 -------- d--h--w- c:\documents and settings\All Users\Dati applicazioni\CanonBJ
2012-09-22 16:22 . 2012-09-22 16:22 -------- d-----w- c:\programmi\Temp
2012-09-22 16:21 . 2012-09-22 16:21 -------- d-----w- c:\documents and settings\Utente\Impostazioni locali\Dati applicazioni\Wondershare
2012-09-22 16:20 . 2012-09-22 16:20 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Wondershare
2012-09-22 16:20 . 2012-09-22 16:20 -------- d--h--w- c:\programmi\Dr.Fone_Temp
2012-09-22 16:20 . 2012-09-22 16:20 -------- d-----w- c:\programmi\Wondershare
2012-09-22 15:16 . 2012-09-22 16:19 -------- d-----w- c:\documents and settings\Utente\Dati applicazioni\GetRightToGo
2012-09-21 18:17 . 2012-09-21 18:17 -------- d-----w- c:\programmi\iPod
2012-09-21 18:16 . 2012-09-21 18:18 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\188F1432-103A-4ffb-80F1-36B633C5C9E1
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-29 20:49 . 2012-03-31 07:05 696240 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-09-29 20:49 . 2011-11-16 17:05 73136 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-09-07 15:04 . 2011-03-27 20:48 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-21 11:01 . 2011-02-20 12:58 26840 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2012-08-21 11:01 . 2011-02-20 12:58 106928 ----a-w- c:\windows\system32\GEARAspi.dll
2012-07-31 10:42 . 2012-09-02 10:04 83168 ----a-w- c:\windows\system32\drivers\ssudbus.sys
2012-07-31 10:42 . 2012-09-02 10:04 181344 ----a-w- c:\windows\system32\drivers\ssudmdm.sys
2012-07-30 07:47 . 2010-11-06 12:11 67680 ----a-w- c:\windows\system32\libusb0.dll
2012-07-30 07:47 . 2010-11-06 12:11 42592 ----a-w- c:\windows\system32\drivers\libusb0.sys
2011-03-18 18:01 . 2011-03-25 14:12 142296 ----a-w- c:\programmi\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2009-03-30 . 3316C8A8EC07A9D4C0BE10310809A9E5 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\Utente\Dati applicazioni\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\Utente\Dati applicazioni\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\Utente\Dati applicazioni\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\Utente\Dati applicazioni\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\programmi\Synaptics\SynTP\SynTPEnh.exe" [2008-08-14 1343488]
"Quick Heal Core UI"="c:\programmi\Quick Heal\Quick Heal AntiVirus Pro\strtupap.exe" [2011-04-19 125896]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Alice ti aiuta.lnk]
path=c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Alice ti aiuta.lnk
backup=c:\windows\pss\Alice ti aiuta.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Avvio veloce di Adobe Acrobat.lnk]
backup=c:\windows\pss\Avvio veloce di Adobe Acrobat.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Bluetooth Monitor.lnk]
backup=c:\windows\pss\Bluetooth Monitor.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^HP Digital Imaging Monitor.lnk]
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Utente^Menu Avvio^Programmi^Esecuzione automatica^Adobe Gamma.lnk]
backup=c:\windows\pss\Adobe Gamma.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Utente^Menu Avvio^Programmi^Esecuzione automatica^Dropbox.lnk]
backup=c:\windows\pss\Dropbox.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 7.0]
2008-04-23 00:08 483328 ----a-w- c:\programmi\Adobe\Acrobat 7.0\Distillr\acrotray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-03 07:37 843712 ----a-w- c:\programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2012-04-04 05:53 35736 ----a-w- c:\programmi\Adobe\Reader 10.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
2010-03-06 02:44 500208 ------w- c:\programmi\File comuni\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
2010-02-22 03:57 406992 ----a-w- c:\programmi\File comuni\Adobe\CS5ServiceManager\CS5ServiceManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 5]
2012-05-28 13:56 288128 ----a-w- c:\programmi\IObit\Advanced SystemCare 5\ASCTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AliceRE_McciTrayApp]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-08-27 19:32 59280 ----a-w- c:\programmi\File comuni\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
2010-03-13 13:54 91520 ----a-w- c:\programmi\Microsoft Office\Office14\BCSSync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
2008-04-13 17:14 110592 ------w- c:\windows\system32\bthprops.cpl
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2012-04-11 09:54 3672384 ----a-w- c:\programmi\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2011-12-10 23:31 136176 ----atw- c:\documents and settings\Utente\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2005-05-11 22:12 49152 ----a-w- c:\programmi\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD08]
2005-06-01 16:35 49152 ----a-w- c:\programmi\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2012-09-09 21:30 421776 ----a-w- c:\programmi\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]
2012-08-31 00:52 21432 ----a-w- c:\programmi\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
2012-08-31 00:52 964024 ----a-w- c:\programmi\Samsung\Kies\Kies.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
2012-08-31 00:52 3524536 ----a-w- c:\programmi\Samsung\Kies\KiesTrayAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
2012-09-07 15:04 981656 ----a-w- c:\programmi\Malwarebytes' Anti-Malware\mbam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Motive SmartBridge]
2006-04-21 13:41 438359 ----a-w- c:\progra~1\ALICET~1\SMARTB~1\MotiveSB.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSConfig]
2008-04-13 17:14 172032 ----a-w- c:\windows\pchealth\helpctr\binaries\msconfig.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2006-01-12 15:40 155648 ----a-w- c:\programmi\File comuni\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2012-03-26 09:24 1516600 ----a-w- c:\programmi\Nokia\Nokia PC Suite 7\PCSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF4 Registry Controller]
2007-01-16 18:42 46632 ----a-w- c:\programmi\ScanSoft\PDF Professional 4.0\RegistryController.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck]
2004-03-10 23:26 406016 ------w- c:\windows\system32\PSDrvCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2012-04-18 18:56 421888 ----a-w- c:\programmi\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ScanSoft PDF Professional 4-reminder]
2006-11-16 09:01 35368 ----a-w- c:\programmi\ScanSoft\PDF Professional 4.0\Ereg\Ereg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
2006-10-25 07:03 210472 ----a-w- c:\programmi\File comuni\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2008-01-21 11:17 61440 ----a-w- c:\programmi\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
2010-02-19 12:37 517096 ----a-w- c:\programmi\File comuni\Adobe\SwitchBoard\SwitchBoard.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USBToolTip]
2007-02-20 10:07 199752 ----a-w- c:\progra~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VZOchat]
2009-11-27 18:33 2201600 ----a-w- c:\programmi\VZOchat\VZOchat.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"SwitchBoard"=3 (0x3)
"StarWindService"=2 (0x2)
"ServiceLayer"=3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"QuickTime Task"="c:\programmi\QuickTime\qttask.exe" -atboottime
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\iTunes\\iTunes.exe"=
"c:\\Programmi\\eMule\\emule.exe"=
"c:\\Programmi\\Winamp\\winamp.exe"=
"c:\\Programmi\\Pinnacle\\Studio 15\\Programs\\Studio.exe"=
.
R0 CLBStor;CyberLink InstantBurn UDF Reader Help Driver;c:\windows\system32\drivers\CLBStor.sys [14/03/11 22.31.53 10368]
R0 pssnap;Paramount Software Snapshot Filter;c:\windows\system32\drivers\pssnap.sys [20/02/12 20.38.10 16024]
R0 Vax347s;Vax347s;c:\windows\system32\drivers\Vax347s.sys [20/02/11 15.37.52 5248]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [15/04/12 14.02.57 242240]
R1 ggc;ggc;c:\windows\system32\drivers\ggc.sys [28/09/11 12.47.16 46664]
R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\programmi\IObit\Advanced SystemCare 5\ASCService.exe [11/03/12 11.13.08 913792]
R2 catflt;catflt;c:\windows\system32\drivers\catflt.sys [19/04/11 13.35.46 110024]
R2 CLBUDFR;CyberLink UDF Filesystem;c:\windows\system32\drivers\CLBUDFR.sys [14/03/11 22.31.53 180352]
R2 Core Mail Protection;Core Mail Protection;c:\programmi\Quick Heal\Quick Heal AntiVirus Pro\EMLPROXY.EXE [19/04/11 13.35.46 28104]
R2 Core Scanning Server;Core Scanning Server;c:\programmi\Quick Heal\Quick Heal AntiVirus Pro\SAPISSVC.EXE [19/04/11 13.35.46 205768]
R2 EMLSS;EMLSS;c:\windows\system32\drivers\EMLTDI.SYS [28/09/11 12.50.37 29384]
R2 Network WanMiniport First Position;Network WanMiniport First Position;c:\programmi\Telecom Italia\WanMiniport1st\srvany.exe [31/05/12 21.26.20 8192]
R2 Quick Update Service;Quick Update Service;c:\programmi\Quick Heal\Quick Heal AntiVirus Pro\QUHLPSVC.EXE [19/04/11 13.35.46 90568]
R2 ReflectService.exe;Macrium Reflect Image Mounting Service;c:\programmi\Macrium\Reflect\ReflectService.exe [20/02/12 20.38.10 224920]
R3 wsnfmp;Network Filter Miniport;c:\windows\system32\drivers\wsnf.sys [19/04/11 13.35.48 27464]
S0 eb75365745d54207;syshost.exe;\SystemRoot\\SystemRoot\System32\Drivers\eb75365745d54207.sys --> \SystemRoot\\SystemRoot\System32\Drivers\eb75365745d54207.sys [?]
S0 mscank;mscank;c:\windows\system32\drivers\mscank.sys [28/09/11 12.50.40 34112]
S0 wxwjxflv;wxwjxflv;c:\windows\system32\drivers\exwwmdvf.sys --> c:\windows\system32\drivers\exwwmdvf.sys [?]
S2 Core Scanning ServerEx;Core Scanning ServerEx;c:\programmi\Quick Heal\Quick Heal AntiVirus Pro\SAPISSVC.EXE [19/04/11 13.35.46 205768]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [31/03/12 9.05.27 250288]
S3 ALSysIO;ALSysIO;\??\c:\docume~1\Utente\IMPOST~1\Temp\ALSysIO.sys --> c:\docume~1\Utente\IMPOST~1\Temp\ALSysIO.sys [?]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [02/09/12 12.04.09 83168]
S3 IstSer;IstSer;c:\documents and settings\Utente\Impostazioni locali\Dati applicazioni\IstSer\IstSer.exe [15/11/11 20.20.04 19968]
S3 libusb0;LibUsb-Win32 - Kernel Driver 09/17/2010, 1.2.1.0;c:\windows\system32\drivers\libusb0.sys [06/11/10 14.11.12 42592]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\programmi\Microsoft Office\Office14\GROOVE.EXE [12/06/11 11.15.00 31125880]
S3 osppsvc;Office Software Protection Platform;c:\programmi\File comuni\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [09/01/10 22.37.50 4640000]
S3 PROCEXP151;PROCEXP151;\??\c:\windows\system32\Drivers\PROCEXP151.SYS --> c:\windows\system32\Drivers\PROCEXP151.SYS [?]
S3 PSMounter;Macrium Reflect Image Explorer Service;c:\windows\system32\drivers\psmounter.sys [20/02/12 20.38.10 47256]
S3 PSVolAcc;PSVolAcc;c:\windows\system32\drivers\PSVolAcc.sys [20/02/12 20.38.10 12952]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [02/09/12 12.04.09 181344]
S3 wimmount;wimmount;c:\windows\system32\drivers\wimmount.sys [13/07/09 19.20.54 19024]
S3 wsnf;Network Filter Service;c:\windows\system32\drivers\wsnf.sys [19/04/11 13.35.48 27464]
S4 Online Protection System;Online Protection System;c:\programmi\Quick Heal\Quick Heal AntiVirus Pro\OPSSVC.EXE [19/04/11 13.35.46 22472]
S4 SwitchBoard;SwitchBoard;c:\programmi\File comuni\Adobe\SwitchBoard\SwitchBoard.exe [19/02/10 14.37.14 517096]
S4 Vax347b;Vax347b;c:\windows\system32\drivers\Vax347b.sys [20/02/11 15.37.52 159616]
.
--- Altri Servizi/Drivers In Memoria ---
.
*NewlyCreated* - BITS
*NewlyCreated* - WUAUSERV
.
Contenuto della cartella 'Scheduled Tasks'
.
2012-09-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-31 20:49]
.
2012-07-02 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programmi\Apple Software Update\SoftwareUpdate.exe [2009-10-22 16:57]
.
2012-07-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-842925246-1844823847-1801674531-1003Core.job
- c:\documents and settings\Utente\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe [2011-12-10 23:31]
.
2012-07-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-842925246-1844823847-1801674531-1003UA.job
- c:\documents and settings\Utente\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe [2011-12-10 23:31]
.
2012-10-16 c:\windows\Tasks\User_Feed_Synchronization-{C3C598BE-462C-4F7A-8D1D-D61184857414}.job
- c:\windows\system32\msfeedssync.exe [2009-03-30 03:31]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.libero.it/
uInternet Settings,ProxyOverride = 127.0.0.1
IE: Apri con ScanSoft PDF Converter 4.1 - c:\programmi\ScanSoft\PDF Professional 4.0\cnvres_ita.dll /100
IE: Converti destinazione link in Adobe PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Converti destinazione link in file PDF esistente - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Converti i link selezionati in Adobe PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Converti i link selezionati in file PDF esistente - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Converti in Adobe PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Converti nel file PDF esistente - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Converti selezione in Adobe PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Converti selezione in file PDF esistente - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
Trusted Zone: telecomitalia.it\ecomm.adsl
Trusted Zone: telecomitalia.it\www
Trusted Zone: tim.it\www
Trusted Zone: unisalute.it\www
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\Utente\Dati applicazioni\Mozilla\Firefox\Profiles\cbzztfev.default\
FF - prefs.js: browser.search.selectedEngine - Cerca...
FF - prefs.js: browser.startup.homepage - hxxp://search.findeer.com/
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
SafeBoot-WudfPf
SafeBoot-WudfRd
MSConfigStartUp-fschet - c:\documents and settings\Utente\Dati applicazioni\fschet.dll
AddRemove-25_escape - c:\programmi\Samsung\USB Drivers\25_escape\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-10-16 23:33
Windows 5.1.2600 Service Pack 3 NTFS
.
scansione processi nascosti ...
.
scansione entrate autostart nascoste ...
.
Scansione files nascosti ...
.
Scansione completata con successo
Files nascosti: 0
.
**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_USERS\S-1-5-21-842925246-1844823847-1801674531-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Environment*]
"v5Licence0"="15-66SU-NXAU-1BDZ-3VZY-S8DR-ZRH41Q5"
"Activated"="Y"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–€|ÿÿÿÿÀ•€|ù•9~*]
"AB141C35E9F4BF344B9FC010BB17F68A"="02:\\Software\\Adobe\\FeatureSubscriptions\\DVAAdobeDocMeta\\{53C141BA-4F9E-43FB-B4F9-0C01BB716FA8}\\Registered"
.
[HKEY_LOCAL_MACHINE\software\Wondershare\Wondershare Helper Compact\1936026741\QTJAVA=c:\programmi\Java\jre6\lib\ext\QTJava.zip*SESSIONNAME=Console*SystemDrive=C:*SystemRoot=c:\windows*temp=c:\DOCUME~1\Utente\IMPOST~1\Temp*TMP=c:\docume~1\Utente\IMPOST~1\Temp*USERDOMAIN=UTENTE-2B22613E*USERNAME=Utente*USERPROFILE=C:\Documents and S]
"JoinUserExperience"=dword:00000001
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
.
- - - - - - - > 'winlogon.exe'(1328)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(8004)
c:\windows\system32\WININET.dll
c:\documents and settings\Utente\Dati applicazioni\Dropbox\bin\DropboxExt.14.dll
c:\progra~1\FILECO~1\MICROS~1\OFFICE14\Cultures\office.odf
c:\progra~1\MICROS~2\Office14\1040\GrooveIntlResource.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\programmi\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\programmi\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\programmi\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_ita.nlr
c:\programmi\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\msi.dll
c:\programmi\File comuni\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
c:\programmi\File comuni\Ahead\Lib\NeroDigitalExt.dll
c:\programmi\File comuni\Adobe\Acrobat\ActiveX\PDFShell.dll
c:\programmi\File comuni\Adobe\Acrobat\ActiveX\PDFShell.ITA
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\agrsmsvc.exe
c:\programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\programmi\Java\jre6\bin\jqs.exe
c:\programmi\Common Files\Motive\McciCMService.exe
c:\programmi\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
c:\programmi\Quick Heal\Quick Heal AntiVirus Pro\onlinent.exe
c:\programmi\Quick Heal\Quick Heal AntiVirus Pro\SCANMSG.EXE
c:\programmi\Quick Heal\Quick Heal AntiVirus Pro\UPSCHD.EXE
c:\programmi\Telecom Italia\WanMiniport1st\WanMiniport1st_srv.exe
c:\programmi\Quick Heal\Quick Heal AntiVirus Pro\SCANWSCS.EXE
c:\programmi\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\wbem\wmiapsrv.exe
.
**************************************************************************
.
Ora fine scansione: 2012-10-16 23:40:52 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2012-10-16 21:40
.
Pre-Run: 133.965.160.448 byte disponibili
Post-Run: 133.700.382.720 byte disponibili
.
- - End Of File - - B98406A2D2D4EF6363C08FC7F6637FF8
Torna in alto
 
shapiro
Inviato: Wednesday, October 17, 2012 12:16:14 AM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164


hai delle infezioni belle consistenti, devo prepararti la procedura per rimuoverle
Torna in alto
 
shapiro
Inviato: Wednesday, October 17, 2012 12:31:40 AM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164


volevo anche chiederti essendo un pc aziendale ( se ho capito bene) c'e' installato qualche programma interno della ditta? nel fratempo fai questa scansione

scarica TDSSKiller sul desktop

Estrai i dati in una cartella e fai doppio clik su TDSSKiller.exe
clicca su "Start Scan"
Se trova qualche infezione di default avrai l'opzione "Cure" per cui, clicca su "Continue".
Per eliminare le infezioni trovate, si deve necessariamente riavviare il pc.
Posta il log che trovi in C:\
Torna in alto
 
eufonio
Inviato: Wednesday, October 17, 2012 5:49:51 PM
Rank: AiutAmico

Iscritto dal : 1/18/2002
Posts: 76
Non è un pc aziendale, lei fa il medico e lavora in uno studio con altre persone ed hanno una specie di rete che è gestita da una ditta che ha appunto installato questo antivirus, tra l'altro questo pc lo uso soprattutto io e per lei sarebbe di riserva.
Ho fatto quello che mi hai detto e questo è il risultato

17:44:40.0375 1136 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
17:44:42.0375 1136 ============================================================
17:44:42.0375 1136 Current date / time: 2012/10/17 17:44:42.0375
17:44:42.0375 1136 SystemInfo:
17:44:42.0375 1136
17:44:42.0375 1136 OS Version: 5.1.2600 ServicePack: 3.0
17:44:42.0375 1136 Product type: Workstation
17:44:42.0375 1136 ComputerName: UTENTE-2B22613E
17:44:42.0375 1136 UserName: Utente
17:44:42.0375 1136 Windows directory: C:\WINDOWS
17:44:42.0375 1136 System windows directory: C:\WINDOWS
17:44:42.0375 1136 Processor architecture: Intel x86
17:44:42.0375 1136 Number of processors: 2
17:44:42.0375 1136 Page size: 0x1000
17:44:42.0375 1136 Boot type: Normal boot
17:44:42.0375 1136 ============================================================
17:44:43.0984 1136 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
17:44:43.0984 1136 ============================================================
17:44:43.0984 1136 \Device\Harddisk0\DR0:
17:44:43.0984 1136 MBR partitions:
17:44:43.0984 1136 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x254297C1
17:44:43.0984 1136 ============================================================
17:44:44.0015 1136 C: <-> \Device\Harddisk0\DR0\Partition1
17:44:44.0015 1136 ============================================================
17:44:44.0015 1136 Initialize success
17:44:44.0015 1136 ============================================================
17:44:50.0796 3320 ============================================================
17:44:50.0796 3320 Scan started
17:44:50.0796 3320 Mode: Manual;
17:44:50.0796 3320 ============================================================
17:44:51.0890 3320 ================ Scan system memory ========================
17:44:53.0343 3320 System memory - ok
17:44:53.0343 3320 ================ Scan services =============================
17:44:53.0515 3320 Abiosdsk - ok
17:44:53.0515 3320 abp480n5 - ok
17:44:53.0562 3320 [ D766E636187B8F240BBFBABCD51EB2C6 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
17:44:53.0562 3320 ACPI - ok
17:44:53.0578 3320 [ 49AC5CD87FBDDA62F3E25190019E7627 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
17:44:53.0578 3320 ACPIEC - ok
17:44:53.0640 3320 [ 4AE327C9C375D985FF2A2AAB92765218 ] Adobe LM Service C:\Programmi\File comuni\Adobe Systems Shared\Service\Adobelmsvc.exe
17:44:53.0656 3320 Adobe LM Service - ok
17:44:53.0734 3320 [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:44:53.0750 3320 AdobeFlashPlayerUpdateSvc - ok
17:44:53.0750 3320 adpu160m - ok
17:44:53.0843 3320 [ 96D6CDD0B32846E8CFBE592F4F32E608 ] AdvancedSystemCareService5 C:\Programmi\IObit\Advanced SystemCare 5\ASCService.exe
17:44:53.0875 3320 AdvancedSystemCareService5 - ok
17:44:53.0890 3320 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
17:44:53.0906 3320 aec - ok
17:44:53.0937 3320 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
17:44:53.0937 3320 AFD - ok
17:44:53.0984 3320 [ 39E435C90C9C4F780FA0ED05CA3C3A1B ] AgereModemAudio C:\WINDOWS\system32\agrsmsvc.exe
17:44:53.0984 3320 AgereModemAudio - ok
17:44:54.0031 3320 [ CE91B158FA490CF4C4D487A4130F4660 ] AgereSoftModem C:\WINDOWS\system32\DRIVERS\AGRSM.sys
17:44:54.0046 3320 AgereSoftModem - ok
17:44:54.0046 3320 Aha154x - ok
17:44:54.0062 3320 aic78u2 - ok
17:44:54.0062 3320 aic78xx - ok
17:44:54.0109 3320 [ 14A077AD0CF6116D1102631D8E1EDEE8 ] Alerter C:\WINDOWS\system32\alrsvc.dll
17:44:54.0125 3320 Alerter - ok
17:44:54.0140 3320 [ 79FE2E0D7859738225816658F0BB2A0D ] ALG C:\WINDOWS\System32\alg.exe
17:44:54.0140 3320 ALG - ok
17:44:54.0140 3320 AliIde - ok
17:44:54.0218 3320 ALSysIO - ok
17:44:54.0218 3320 amsint - ok
17:44:54.0296 3320 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:44:54.0296 3320 Apple Mobile Device - ok
17:44:54.0343 3320 [ 9062ED05B7519324FD7F0D6AFB9D1147 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
17:44:54.0359 3320 AppMgmt - ok
17:44:54.0375 3320 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
17:44:54.0375 3320 Arp1394 - ok
17:44:54.0421 3320 [ 875F9079CABEE679D34B49E466B61701 ] ASAPIW2K C:\WINDOWS\system32\drivers\Asapiw2k.sys
17:44:54.0437 3320 ASAPIW2K - ok
17:44:54.0437 3320 asc - ok
17:44:54.0437 3320 asc3350p - ok
17:44:54.0453 3320 asc3550 - ok
17:44:54.0562 3320 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
17:44:54.0578 3320 aspnet_state - ok
17:44:54.0593 3320 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:44:54.0593 3320 AsyncMac - ok
17:44:54.0625 3320 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
17:44:54.0625 3320 atapi - ok
17:44:54.0640 3320 Atdisk - ok
17:44:54.0687 3320 [ 517F7AB7933E9E25D29C6CC6E8C87482 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
17:44:54.0703 3320 Ati HotKey Poller - ok
17:44:54.0796 3320 [ FED6E59C29CDB40904C5246335284184 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
17:44:54.0812 3320 ati2mtag - ok
17:44:54.0875 3320 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
17:44:54.0875 3320 Atmarpc - ok
17:44:54.0906 3320 [ 1B58D118049304E88464BE614C6D0014 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
17:44:54.0906 3320 AudioSrv - ok
17:44:54.0921 3320 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
17:44:54.0937 3320 audstub - ok
17:44:54.0968 3320 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
17:44:54.0968 3320 Beep - ok
17:44:55.0015 3320 [ 48C4763A9C8990FB48B73445BEB15D6A ] BITS C:\WINDOWS\system32\qmgr.dll
17:44:55.0078 3320 BITS - ok
17:44:55.0140 3320 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Programmi\Bonjour\mDNSResponder.exe
17:44:55.0156 3320 Bonjour Service - ok
17:44:55.0187 3320 [ 076D11B52F066ED33E3A80F8070A3E2E ] Browser C:\WINDOWS\System32\browser.dll
17:44:55.0203 3320 Browser - ok
17:44:55.0234 3320 [ B279426E3C0C344893ED78A613A73BDE ] BthEnum C:\WINDOWS\system32\DRIVERS\BthEnum.sys
17:44:55.0234 3320 BthEnum - ok
17:44:55.0296 3320 [ 80602B8746D3738F5886CE3D67EF06B6 ] BthPan C:\WINDOWS\system32\DRIVERS\bthpan.sys
17:44:55.0296 3320 BthPan - ok
17:44:55.0359 3320 [ AD0DA527DEC931C85647CB265CEDA13D ] BTHPORT C:\WINDOWS\system32\Drivers\BTHport.sys
17:44:55.0359 3320 BTHPORT - ok
17:44:55.0406 3320 [ 2EEEC087A3B3104667AFE2C3111CDCB5 ] BthServ C:\WINDOWS\System32\bthserv.dll
17:44:55.0406 3320 BthServ - ok
17:44:55.0437 3320 [ 61364CD71EF63B0F038B7E9DF00F1EFA ] BTHUSB C:\WINDOWS\system32\Drivers\BTHUSB.sys
17:44:55.0437 3320 BTHUSB - ok
17:44:55.0453 3320 catchme - ok
17:44:55.0500 3320 [ 1C9F18DC0764DAA3703A9DCBF6264F94 ] catflt C:\WINDOWS\system32\DRIVERS\catflt.sys
17:44:55.0500 3320 catflt - ok
17:44:55.0531 3320 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
17:44:55.0578 3320 cbidf2k - ok
17:44:55.0593 3320 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
17:44:55.0593 3320 CCDECODE - ok
17:44:55.0593 3320 cd20xrnt - ok
17:44:55.0625 3320 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
17:44:55.0640 3320 Cdaudio - ok
17:44:55.0656 3320 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
17:44:55.0656 3320 Cdfs - ok
17:44:55.0671 3320 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
17:44:55.0671 3320 Cdrom - ok
17:44:55.0671 3320 Changer - ok
17:44:55.0734 3320 [ D04F2BEB5EA63D0766E12E44AEF7C38D ] CiSvc C:\WINDOWS\system32\cisvc.exe
17:44:55.0734 3320 CiSvc - ok
17:44:55.0781 3320 [ D34EB58D13966E3C0B7F4DF86AA33524 ] CLBStor C:\WINDOWS\system32\drivers\CLBStor.sys
17:44:55.0781 3320 CLBStor - ok
17:44:55.0781 3320 [ FDB570684B74F39442CD68506E871E91 ] CLBUDFR C:\WINDOWS\system32\drivers\CLBUDFR.sys
17:44:55.0796 3320 CLBUDFR - ok
17:44:55.0796 3320 [ 48CB1DEFA1A6506C3CF09E4950F82EF6 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
17:44:55.0796 3320 ClipSrv - ok
17:44:55.0843 3320 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:44:55.0921 3320 clr_optimization_v2.0.50727_32 - ok
17:44:55.0953 3320 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
17:44:55.0953 3320 CmBatt - ok
17:44:55.0953 3320 CmdIde - ok
17:44:55.0984 3320 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
17:44:55.0984 3320 Compbatt - ok
17:44:55.0984 3320 COMSysApp - ok
17:44:56.0062 3320 [ 632F75C8D80F75329DA3668D9C653E17 ] Core Mail Protection C:\Programmi\Quick Heal\Quick Heal AntiVirus Pro\EMLPROXY.EXE
17:44:56.0078 3320 Core Mail Protection - ok
17:44:56.0109 3320 [ 040B260B414D9564E0B39D96DF28330C ] Core Scanning Server C:\Programmi\Quick Heal\Quick Heal AntiVirus Pro\SAPISSVC.EXE
17:44:56.0109 3320 Core Scanning Server - ok
17:44:56.0109 3320 [ 040B260B414D9564E0B39D96DF28330C ] Core Scanning ServerEx C:\Programmi\Quick Heal\Quick Heal AntiVirus Pro\SAPISSVC.EXE
17:44:56.0109 3320 Core Scanning ServerEx - ok
17:44:56.0125 3320 Cpqarray - ok
17:44:56.0156 3320 [ B6FCBB157E9C8ABDCA4134C535535A8B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
17:44:56.0171 3320 CryptSvc - ok
17:44:56.0171 3320 dac2w2k - ok
17:44:56.0171 3320 dac960nt - ok
17:44:56.0218 3320 [ 5118EA8A2F55FA4D4295516500B78229 ] DCamUSBEMPIA C:\WINDOWS\system32\DRIVERS\emDevice.sys
17:44:56.0218 3320 DCamUSBEMPIA - ok
17:44:56.0265 3320 [ BC4E0226341AAEC1222336B3AED86BAB ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
17:44:56.0281 3320 DcomLaunch - ok
17:44:56.0296 3320 [ 7BEF2E2159EDB03105BC7A8BABE04726 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
17:44:56.0312 3320 dg_ssudbus - ok
17:44:56.0328 3320 [ 699EE7F752A25180AEB92C3A0EAEE440 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
17:44:56.0328 3320 Dhcp - ok
17:44:56.0343 3320 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
17:44:56.0343 3320 Disk - ok
17:44:56.0343 3320 dmadmin - ok
17:44:56.0421 3320 [ 82BC125A8ED33F5F0E75F2AAC1065323 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
17:44:56.0437 3320 dmboot - ok
17:44:56.0437 3320 [ E959DDC0EA7AC11EE5E5602E2A364310 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
17:44:56.0437 3320 dmio - ok
17:44:56.0468 3320 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
17:44:56.0468 3320 dmload - ok
17:44:56.0484 3320 [ A01858C50704B2D2EDEEBBF6BBBCED2A ] dmserver C:\WINDOWS\System32\dmserver.dll
17:44:56.0484 3320 dmserver - ok
17:44:56.0531 3320 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
17:44:56.0531 3320 DMusic - ok
17:44:56.0578 3320 [ B7A1162B1A26DF7B60D5D9500006096C ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
17:44:56.0578 3320 Dnscache - ok
17:44:56.0578 3320 [ D580D77DFF316BD8C9D73B38695DE8DC ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
17:44:56.0593 3320 Dot3svc - ok
17:44:56.0593 3320 dpti2o - ok
17:44:56.0625 3320 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
17:44:56.0640 3320 drmkaud - ok
17:44:56.0687 3320 [ 687AF6BB383885FF6A64071B189A7F3E ] dtsoftbus01 C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
17:44:56.0703 3320 dtsoftbus01 - ok
17:44:56.0718 3320 [ 86B1F123BACD444E81960B339BAE3FF2 ] EapHost C:\WINDOWS\System32\eapsvc.dll
17:44:56.0734 3320 EapHost - ok
17:44:56.0734 3320 eb75365745d54207 - ok
17:44:56.0781 3320 [ 943A8B0C6228023FB89325183C0C639E ] emAudio C:\WINDOWS\system32\drivers\emAudio.sys
17:44:56.0781 3320 emAudio - ok
17:44:56.0796 3320 [ B163A72D846828721834A27B0C4E9832 ] EMLSS C:\WINDOWS\system32\drivers\emltdi.sys
17:44:56.0796 3320 EMLSS - ok
17:44:56.0828 3320 [ B6599EDA9F3EBEF064504EE35BBECA1C ] ERSvc C:\WINDOWS\System32\ersvc.dll
17:44:56.0828 3320 ERSvc - ok
17:44:56.0875 3320 [ 26845F272435302E0F3322E660A24F7D ] Eventlog C:\WINDOWS\system32\services.exe
17:44:56.0875 3320 Eventlog - ok
17:44:56.0906 3320 [ 8360CB9756E598A5C6214EACFB3677C3 ] EventSystem C:\WINDOWS\system32\es.dll
17:44:56.0906 3320 EventSystem - ok
17:44:56.0921 3320 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
17:44:56.0921 3320 Fastfat - ok
17:44:56.0968 3320 [ DCCC606FC144F6E44E497F9A906F1C30 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
17:44:56.0984 3320 FastUserSwitchingCompatibility - ok
17:44:57.0000 3320 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
17:44:57.0015 3320 Fdc - ok
17:44:57.0046 3320 [ 6F87E4706F59463B74BC4FAD0F67338F ] FiltUSBEMPIA C:\WINDOWS\system32\DRIVERS\emFilter.sys
17:44:57.0062 3320 FiltUSBEMPIA - ok
17:44:57.0078 3320 [ 2CFEA3326981A18C6BAF2BD9BE76225B ] Fips C:\WINDOWS\system32\drivers\Fips.sys
17:44:57.0078 3320 Fips - ok
17:44:57.0093 3320 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
17:44:57.0109 3320 Flpydisk - ok
17:44:57.0140 3320 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
17:44:57.0156 3320 FltMgr - ok
17:44:57.0218 3320 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
17:44:57.0218 3320 FontCache3.0.0.0 - ok
17:44:57.0250 3320 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:44:57.0250 3320 Fs_Rec - ok
17:44:57.0265 3320 [ F3269A6EE547EA87B949A1CEA4816B38 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
17:44:57.0281 3320 Ftdisk - ok
17:44:57.0312 3320 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
17:44:57.0312 3320 GEARAspiWDM - ok
17:44:57.0328 3320 [ 8F16CD990437EFCEE00ECF217DD21415 ] ggc C:\WINDOWS\system32\DRIVERS\ggc.sys
17:44:57.0343 3320 ggc - ok
17:44:57.0359 3320 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
17:44:57.0359 3320 Gpc - ok
17:44:57.0406 3320 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
17:44:57.0406 3320 HDAudBus - ok
17:44:57.0484 3320 [ 6CE66B51B4EB23D9D073F92698C55C8D ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
17:44:57.0484 3320 helpsvc - ok
17:44:57.0531 3320 [ 43D985A9A51E0295091B6EBE84C96B78 ] HidServ C:\WINDOWS\System32\hidserv.dll
17:44:57.0531 3320 HidServ - ok
17:44:57.0562 3320 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
17:44:57.0562 3320 HidUsb - ok
17:44:57.0578 3320 [ 00CAD842F48947887A972828ACA665F7 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
17:44:57.0593 3320 hkmsvc - ok
17:44:57.0593 3320 hpn - ok
17:44:57.0656 3320 [ 9F1D80908658EB7F1BF70809E0B51470 ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
17:44:57.0671 3320 HPZid412 - ok
17:44:57.0687 3320 [ F7E3E9D50F9CD3DE28085A8FDAA0A1C3 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
17:44:57.0703 3320 HPZipr12 - ok
17:44:57.0703 3320 [ CF1B7951B4EC8D13F3C93B74BB2B461B ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
17:44:57.0718 3320 HPZius12 - ok
17:44:57.0750 3320 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
17:44:57.0750 3320 HTTP - ok
17:44:57.0781 3320 [ 450091AEBFCD08E5858533EAB5B9A436 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
17:44:57.0796 3320 HTTPFilter - ok
17:44:57.0796 3320 i2omgmt - ok
17:44:57.0812 3320 i2omp - ok
17:44:57.0843 3320 [ 610726E28AF55B95043C5C35A727E320 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
17:44:57.0843 3320 i8042prt - ok
17:44:57.0953 3320 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:44:57.0984 3320 idsvc - ok
17:44:58.0000 3320 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
17:44:58.0015 3320 Imapi - ok
17:44:58.0031 3320 [ DB491237445F172FDDDF00541DE1A51D ] ImapiService C:\WINDOWS\system32\imapi.exe
17:44:58.0031 3320 ImapiService - ok
17:44:58.0046 3320 ini910u - ok
17:44:58.0234 3320 [ FEBB470BF0DE4DBEBBF72B79DF993C5F ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
17:44:58.0250 3320 IntcAzAudAddService - ok
17:44:58.0250 3320 IntelIde - ok
17:44:58.0312 3320 [ EBD830A0970C438047006A49C23E287F ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
17:44:58.0312 3320 intelppm - ok
17:44:58.0328 3320 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
17:44:58.0328 3320 Ip6Fw - ok
17:44:58.0375 3320 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:44:58.0390 3320 IpFilterDriver - ok
17:44:58.0406 3320 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
17:44:58.0406 3320 IpInIp - ok
17:44:58.0406 3320 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
17:44:58.0406 3320 IpNat - ok
17:44:58.0468 3320 [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service C:\Programmi\iPod\bin\iPodService.exe
17:44:58.0484 3320 iPod Service - ok
17:44:58.0531 3320 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
17:44:58.0531 3320 IPSec - ok
17:44:58.0546 3320 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
17:44:58.0562 3320 IRENUM - ok
17:44:58.0593 3320 [ 0953594BEB81CC72FCC62D37921B25A6 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
17:44:58.0593 3320 isapnp - ok
17:44:58.0656 3320 [ 95AA96A77D6E9CED66FFC323A1D01B14 ] IstSer C:\Documents and Settings\Utente\Impostazioni locali\Dati applicazioni\IstSer\IstSer.exe
17:44:58.0656 3320 IstSer - ok
17:44:58.0734 3320 [ 5E06A9D23727DAF96FAA796F1135FDCD ] JavaQuickStarterService C:\Programmi\Java\jre6\bin\jqs.exe
17:44:58.0750 3320 JavaQuickStarterService - ok
17:44:58.0781 3320 [ 28B6EACE513CA7EABA3B809AD4BC274D ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
17:44:58.0781 3320 Kbdclass - ok
17:44:58.0812 3320 [ 4C61C226BDDA2EF1672B2C5F4E56625E ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
17:44:58.0812 3320 kbdhid - ok
17:44:58.0828 3320 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
17:44:58.0828 3320 kmixer - ok
17:44:58.0859 3320 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
17:44:58.0859 3320 KSecDD - ok
17:44:58.0890 3320 [ 0F726D49C0B19E5A506A1CDFCE0EE42F ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
17:44:58.0890 3320 LanmanServer - ok
17:44:58.0937 3320 [ E13B0181DDA60B93E3253EFF52A79CBE ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
17:44:58.0937 3320 lanmanworkstation - ok
17:44:58.0937 3320 lbrtfdc - ok
17:44:59.0000 3320 [ C8C9800179AF00C90629514E30873D80 ] libusb0 C:\WINDOWS\system32\DRIVERS\libusb0.sys
17:44:59.0015 3320 libusb0 - ok
17:44:59.0046 3320 [ E01255727D0B158538D7C2B469B533A8 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
17:44:59.0046 3320 LmHosts - ok
17:44:59.0093 3320 [ A3E700D78EEC390F1208098CDCA5C6B6 ] MarvinBus C:\WINDOWS\system32\DRIVERS\MarvinBus.sys
17:44:59.0093 3320 MarvinBus - ok
17:44:59.0140 3320 [ E6CB119EF2E148EAA1A247343550756E ] McciCMService C:\Programmi\Common Files\Motive\McciCMService.exe
17:44:59.0156 3320 McciCMService - ok
17:44:59.0203 3320 [ 3B32F662C8607E891F325E41F7EE225C ] Messenger C:\WINDOWS\System32\msgsvc.dll
17:44:59.0234 3320 Messenger - ok
17:44:59.0281 3320 Microsoft SharePoint Workspace Audit Service - ok
17:44:59.0312 3320 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
17:44:59.0328 3320 mnmdd - ok
17:44:59.0359 3320 [ 514A299EC926BAADA3C718B171476AA4 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
17:44:59.0375 3320 mnmsrvc - ok
17:44:59.0406 3320 [ 8CB6636806D76B85FAFAEE94D75F5129 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
17:44:59.0406 3320 Modem - ok
17:44:59.0421 3320 [ E904EBED608055A2BFB824C07F59766C ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
17:44:59.0421 3320 Mouclass - ok
17:44:59.0468 3320 [ D7662F0CF5B77BBBE3202716F5BD5318 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
17:44:59.0468 3320 mouhid - ok
17:44:59.0468 3320 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
17:44:59.0468 3320 MountMgr - ok
17:44:59.0484 3320 mraid35x - ok
17:44:59.0531 3320 [ 9BD4DCB5412921864A7AACDEDFBD1923 ] MREMP50 C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
17:44:59.0562 3320 MREMP50 - ok
17:44:59.0562 3320 [ 2BC9E43F55DE8C30FC817ED56D0EE907 ] MREMPR5 C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS
17:44:59.0609 3320 MREMPR5 - ok
17:44:59.0625 3320 [ 594B9D8194E3F4ECBF0325BD10BBEB05 ] MRENDIS5 C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS
17:44:59.0640 3320 MRENDIS5 - ok
17:44:59.0656 3320 [ 07C02C892E8E1A72D6BF35004F0E9C5E ] MRESP50 C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
17:44:59.0671 3320 MRESP50 - ok
17:44:59.0718 3320 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
17:44:59.0734 3320 MRxDAV - ok
17:44:59.0781 3320 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:44:59.0796 3320 MRxSmb - ok
17:44:59.0828 3320 [ 76DBA2CE284BFEEDD7C88EE84557BCC7 ] mscank C:\WINDOWS\system32\DRIVERS\mscank.sys
17:44:59.0828 3320 mscank - ok
17:44:59.0875 3320 [ 01F77E9E473235C31796ADE46107B0AD ] MSDTC C:\WINDOWS\system32\msdtc.exe
17:44:59.0875 3320 MSDTC - ok
17:44:59.0875 3320 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
17:44:59.0890 3320 Msfs - ok
17:44:59.0890 3320 MSIServer - ok
17:44:59.0921 3320 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:44:59.0921 3320 MSKSSRV - ok
17:44:59.0921 3320 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:44:59.0921 3320 MSPCLOCK - ok
17:44:59.0953 3320 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
17:44:59.0968 3320 MSPQM - ok
17:45:00.0000 3320 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
17:45:00.0000 3320 mssmbios - ok
17:45:00.0281 3320 [ 1B959A0614D575D0AB3B09095F0A8B83 ] MSSQL$PINNACLESYS C:\Programmi\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
17:45:00.0343 3320 MSSQL$PINNACLESYS - ok
17:45:00.0406 3320 [ 1D1B22613EAB9287AF902398867BC93C ] MSSQLServerADHelper C:\Programmi\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe
17:45:00.0406 3320 MSSQLServerADHelper - ok
17:45:00.0453 3320 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
17:45:00.0453 3320 MSTEE - ok
17:45:00.0484 3320 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
17:45:00.0484 3320 Mup - ok
17:45:00.0500 3320 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
17:45:00.0500 3320 NABTSFEC - ok
17:45:00.0515 3320 [ 911587FD303C9690A428BB4B04732B61 ] napagent C:\WINDOWS\System32\qagentrt.dll
17:45:00.0562 3320 napagent - ok
17:45:00.0640 3320 [ 7DB7924793B9BD0EC991AD321664C486 ] NBService C:\Programmi\Nero\Nero 7\Nero BackItUp\NBService.exe
17:45:00.0656 3320 NBService - ok
17:45:00.0703 3320 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
17:45:00.0703 3320 NDIS - ok
17:45:00.0718 3320 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
17:45:00.0718 3320 NdisIP - ok
17:45:00.0734 3320 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:45:00.0734 3320 NdisTapi - ok
17:45:00.0750 3320 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:45:00.0750 3320 Ndisuio - ok
17:45:00.0765 3320 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:45:00.0765 3320 NdisWan - ok
17:45:00.0796 3320 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
17:45:00.0796 3320 NDProxy - ok
17:45:00.0796 3320 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
17:45:00.0812 3320 NetBIOS - ok
17:45:00.0843 3320 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
17:45:00.0859 3320 NetBT - ok
17:45:00.0875 3320 [ 1B09227E41F414A93DBC0BAF80C4D527 ] NetDDE C:\WINDOWS\system32\netdde.exe
17:45:00.0890 3320 NetDDE - ok
17:45:00.0890 3320 [ 1B09227E41F414A93DBC0BAF80C4D527 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
17:45:00.0890 3320 NetDDEdsdm - ok
17:45:00.0953 3320 [ 0FBA335727905DE8E4CB5A2CF438ABF5 ] Netlogon C:\WINDOWS\system32\lsass.exe
17:45:00.0953 3320 Netlogon - ok
17:45:00.0984 3320 [ 02815B70FC4CA8611A926176F1C39FC2 ] Netman C:\WINDOWS\System32\netman.dll
17:45:00.0984 3320 Netman - ok
17:45:01.0000 3320 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:45:01.0015 3320 NetTcpPortSharing - ok
17:45:01.0125 3320 [ CCDB8DB66ACD3C0A6C8E171B79F60AC4 ] NETw5x32 C:\WINDOWS\system32\DRIVERS\NETw5x32.sys
17:45:01.0234 3320 NETw5x32 - ok
17:45:01.0265 3320 [ 4635935FC972C582632BF45C26BFCB0E ] Network WanMiniport First Position C:\Programmi\Telecom Italia\WanMiniport1st\srvany.exe
17:45:01.0265 3320 Network WanMiniport First Position - ok
17:45:01.0312 3320 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
17:45:01.0312 3320 NIC1394 - ok
17:45:01.0343 3320 [ C6B69A18D39744725FB73AC85E46032B ] Nla C:\WINDOWS\System32\mswsock.dll
17:45:01.0343 3320 Nla - ok
17:45:01.0375 3320 [ F6C40E0A565EE3CE5AEEB325E10054F2 ] nmwcd C:\WINDOWS\system32\drivers\ccdcmb.sys
17:45:01.0390 3320 nmwcd - ok
17:45:01.0437 3320 [ 2A394E9E1FA3565E4B2FEA470FFE4D6B ] nmwcdc C:\WINDOWS\system32\drivers\ccdcmbo.sys
17:45:01.0453 3320 nmwcdc - ok
17:45:01.0468 3320 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
17:45:01.0468 3320 Npfs - ok
17:45:01.0484 3320 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
17:45:01.0484 3320 Ntfs - ok
17:45:01.0515 3320 [ 0FBA335727905DE8E4CB5A2CF438ABF5 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
17:45:01.0515 3320 NtLmSsp - ok
17:45:01.0562 3320 [ 89DB90B5F35D2795D9FC56D933CC72B8 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
17:45:01.0609 3320 NtmsSvc - ok
17:45:01.0640 3320 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
17:45:01.0640 3320 Null - ok
17:45:01.0656 3320 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
17:45:01.0656 3320 NwlnkFlt - ok
17:45:01.0671 3320 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
17:45:01.0671 3320 NwlnkFwd - ok
17:45:01.0671 3320 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
17:45:01.0671 3320 ohci1394 - ok
17:45:01.0734 3320 [ ACB758840A43E8876E455B98999B601A ] Online Protection System C:\Programmi\Quick Heal\Quick Heal AntiVirus Pro\opssvc.exe
17:45:01.0734 3320 Online Protection System - ok
17:45:01.0812 3320 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Programmi\File comuni\Microsoft Shared\Source Engine\OSE.EXE
17:45:01.0812 3320 ose - ok
17:45:01.0953 3320 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Programmi\File comuni\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:45:02.0046 3320 osppsvc - ok
17:45:02.0109 3320 [ 4E9408A178B2D955871C2CDD278DE3C3 ] Parport C:\WINDOWS\system32\drivers\Parport.sys
17:45:02.0125 3320 Parport - ok
17:45:02.0140 3320 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
17:45:02.0140 3320 PartMgr - ok
17:45:02.0156 3320 [ 0DABEF655A444CB1E193626FB1D24B9F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
17:45:02.0203 3320 ParVdm - ok
17:45:02.0234 3320 [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
17:45:02.0234 3320 pccsmcfd - ok
17:45:02.0265 3320 [ F40A46892AFEBB0314536B849D57C11E ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
17:45:02.0265 3320 PCI - ok
17:45:02.0265 3320 PCIDump - ok
17:45:02.0281 3320 [ B2DF00D650FD6C4EE781740ED3C8E67F ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
17:45:02.0281 3320 PCIIde - ok
17:45:02.0312 3320 [ 1BEBE7DE8508A02650CDCE45C664C2A2 ] PCLEPCI C:\WINDOWS\system32\drivers\pclepci.sys
17:45:02.0312 3320 PCLEPCI - ok
17:45:02.0328 3320 [ 815C50F2B1D1562800BDCE8BE895000E ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
17:45:02.0343 3320 Pcmcia - ok
17:45:02.0343 3320 PDCOMP - ok
17:45:02.0359 3320 PDFRAME - ok
17:45:02.0359 3320 PDRELI - ok
17:45:02.0375 3320 PDRFRAME - ok
17:45:02.0390 3320 perc2 - ok
17:45:02.0390 3320 perc2hib - ok
17:45:02.0468 3320 [ 478D9A1E760F9089DE19925616689F0D ] PinnacleSys.MediaServer C:\Programmi\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe
17:45:02.0468 3320 PinnacleSys.MediaServer - ok
17:45:02.0484 3320 [ 26845F272435302E0F3322E660A24F7D ] PlugPlay C:\WINDOWS\system32\services.exe
17:45:02.0484 3320 PlugPlay - ok
17:45:02.0531 3320 [ 9D84376931440F3679BEEF2A414FA493 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe
17:45:02.0546 3320 Pml Driver HPZ12 - ok
17:45:02.0562 3320 [ 0FBA335727905DE8E4CB5A2CF438ABF5 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
17:45:02.0578 3320 PolicyAgent - ok
17:45:02.0609 3320 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:45:02.0609 3320 PptpMiniport - ok
17:45:02.0609 3320 PROCEXP151 - ok
17:45:02.0625 3320 [ 0FBA335727905DE8E4CB5A2CF438ABF5 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
17:45:02.0625 3320 ProtectedStorage - ok
17:45:02.0625 3320 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
17:45:02.0640 3320 PSched - ok
17:45:02.0671 3320 [ 0B419037C5C912FAB53CC291BD1CB7FD ] PSMounter C:\WINDOWS\system32\drivers\psmounter.sys
17:45:02.0703 3320 PSMounter - ok
17:45:02.0734 3320 [ 14CBD2D43A11317F915E186104764935 ] pssnap C:\WINDOWS\system32\DRIVERS\pssnap.sys
17:45:02.0734 3320 pssnap - ok
17:45:02.0765 3320 [ 560565C4117058EEF0D1A44CB8BF1833 ] PSVolAcc C:\WINDOWS\system32\drivers\PSVolAcc.sys
17:45:02.0812 3320 PSVolAcc - ok
17:45:02.0812 3320 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
17:45:02.0828 3320 Ptilink - ok
17:45:02.0828 3320 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
17:45:02.0843 3320 PxHelp20 - ok
17:45:02.0843 3320 ql1080 - ok
17:45:02.0843 3320 Ql10wnt - ok
17:45:02.0859 3320 ql12160 - ok
17:45:02.0875 3320 ql1240 - ok
17:45:02.0890 3320 ql1280 - ok
17:45:02.0921 3320 [ 083C41188CD602E7D0624F49291DB5B9 ] Quick Update Service C:\Programmi\Quick Heal\Quick Heal AntiVirus Pro\quhlpsvc.exe
17:45:02.0937 3320 Quick Update Service - ok
17:45:02.0953 3320 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:45:02.0953 3320 RasAcd - ok
17:45:02.0984 3320 [ 9839B418343D6E6E52659BDF3FF1FE67 ] RasAuto C:\WINDOWS\System32\rasauto.dll
17:45:03.0000 3320 RasAuto - ok
17:45:03.0015 3320 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:45:03.0015 3320 Rasl2tp - ok
17:45:03.0031 3320 [ 62AD41548E720DB4763B86F95E44F3FA ] RasMan C:\WINDOWS\System32\rasmans.dll
17:45:03.0046 3320 RasMan - ok
17:45:03.0046 3320 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:45:03.0046 3320 RasPppoe - ok
17:45:03.0062 3320 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
17:45:03.0062 3320 Raspti - ok
17:45:03.0078 3320 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:45:03.0093 3320 Rdbss - ok
17:45:03.0093 3320 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
17:45:03.0093 3320 RDPCDD - ok
17:45:03.0125 3320 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
17:45:03.0140 3320 rdpdr - ok
17:45:03.0171 3320 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
17:45:03.0171 3320 RDPWD - ok
17:45:03.0218 3320 [ CC72E6AE90245F0AE48BF1236A7E1F9C ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
17:45:03.0234 3320 RDSessMgr - ok
17:45:03.0265 3320 [ 393FC252593323B624B230ECA6B85E63 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
17:45:03.0265 3320 redbook - ok
17:45:03.0343 3320 [ D1B3E64BA9EAD3D25AF8669E7344B831 ] ReflectService.exe C:\Programmi\Macrium\Reflect\ReflectService.exe
17:45:03.0343 3320 ReflectService.exe - ok
17:45:03.0375 3320 [ 7EBBF16FBD3E0E34F084FA635C1844E3 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
17:45:03.0390 3320 RemoteAccess - ok
17:45:03.0421 3320 [ F667A41BCED959988E53FEECC8BF5DA0 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
17:45:03.0437 3320 RemoteRegistry - ok
17:45:03.0500 3320 [ 851C30DF2807FCFA21E4C681A7D6440E ] RFCOMM C:\WINDOWS\system32\DRIVERS\rfcomm.sys
17:45:03.0500 3320 RFCOMM - ok
17:45:03.0546 3320 [ C2EF513BBE069F0D4EE0938A76F975D3 ] rimmptsk C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
17:45:03.0546 3320 rimmptsk - ok
17:45:03.0546 3320 [ C398BCA91216755B098679A8DA8A2300 ] rimsptsk C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
17:45:03.0546 3320 rimsptsk - ok
17:45:03.0609 3320 [ F17713D108ACA124A139FDE877EEF68A ] RimUsb C:\WINDOWS\system32\Drivers\RimUsb.sys
17:45:03.0609 3320 RimUsb - ok
17:45:03.0625 3320 [ 2A2554CB24506E0A0508FC395C4A1B42 ] rismxdp C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
17:45:03.0625 3320 rismxdp - ok
17:45:03.0656 3320 [ DC97F6C8A94691834439872B9E8FF2B3 ] RpcLocator C:\WINDOWS\system32\locator.exe
17:45:03.0671 3320 RpcLocator - ok
17:45:03.0703 3320 [ BC4E0226341AAEC1222336B3AED86BAB ] RpcSs C:\WINDOWS\System32\rpcss.dll
17:45:03.0703 3320 RpcSs - ok
17:45:03.0750 3320 [ DCE0D20F8FB66DF41D53734BFF9D66F0 ] RSVP C:\WINDOWS\system32\rsvp.exe
17:45:03.0765 3320 RSVP - ok
17:45:03.0890 3320 [ 856531CD105523A2F81375E7BE4954C7 ] RTHDMIAzAudService C:\WINDOWS\system32\drivers\RtHDMI.sys
17:45:03.0968 3320 RTHDMIAzAudService - ok
17:45:04.0015 3320 [ C6D34A1874CD2B212DC3E788091C64B4 ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
17:45:04.0015 3320 RTLE8023xp - ok
17:45:04.0031 3320 [ 0FBA335727905DE8E4CB5A2CF438ABF5 ] SamSs C:\WINDOWS\system32\lsass.exe
17:45:04.0031 3320 SamSs - ok
17:45:04.0093 3320 [ F5A633609777C212EC5FF19927FC5955 ] ScanUSBEMPIA C:\WINDOWS\system32\DRIVERS\emScan.sys
17:45:04.0093 3320 ScanUSBEMPIA - ok
17:45:04.0140 3320 [ A69C12718A49419FA007CC8C60783B55 ] ScanWscS C:\Programmi\Quick Heal\Quick Heal AntiVirus Pro\SCANWSCS.EXE
17:45:04.0140 3320 ScanWscS - ok
17:45:04.0203 3320 [ 1D456F1CD76A80793C07BA52CF3A7455 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
17:45:04.0203 3320 SCardSvr - ok
17:45:04.0250 3320 [ 511886E5BD060046CCE8373E92E62EDF ] Schedule C:\WINDOWS\system32\schedsvc.dll
17:45:04.0250 3320 Schedule - ok
17:45:04.0281 3320 [ 8D04819A3CE51B9EB47E5689B44D43C4 ] sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys
17:45:04.0281 3320 sdbus - ok
17:45:04.0296 3320 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
17:45:04.0296 3320 Secdrv - ok
17:45:04.0312 3320 [ 17C6354CA08E7C7972E12C67478AE134 ] seclogon C:\WINDOWS\System32\seclogon.dll
17:45:04.0312 3320 seclogon - ok
17:45:04.0328 3320 [ A0ECA1CE0FCCB29C5E4E1F416E95E73E ] SENS C:\WINDOWS\system32\sens.dll
17:45:04.0328 3320 SENS - ok
17:45:04.0343 3320 [ FDBD9D64E2E03270021D424F0DCCF79D ] Serial C:\WINDOWS\system32\drivers\Serial.sys
17:45:04.0359 3320 Serial - ok
17:45:04.0484 3320 [ F31E9531AF225CA25350D5E87E999B31 ] ServiceLayer C:\Programmi\PC Connectivity Solution\ServiceLayer.exe
17:45:04.0500 3320 ServiceLayer - ok
17:45:04.0562 3320 [ 0FA803C64DF0914B41F807EA276BF2A6 ] sffdisk C:\WINDOWS\system32\DRIVERS\sffdisk.sys
17:45:04.0578 3320 sffdisk - ok
17:45:04.0578 3320 [ C17C331E435ED8737525C86A7557B3AC ] sffp_sd C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
17:45:04.0578 3320 sffp_sd - ok
17:45:04.0609 3320 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
17:45:04.0625 3320 Sfloppy - ok
17:45:04.0671 3320 [ 152C0555925DFE028E3148FD215146BB ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
17:45:04.0671 3320 SharedAccess - ok
17:45:04.0718 3320 [ DCCC606FC144F6E44E497F9A906F1C30 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
17:45:04.0718 3320 ShellHWDetection - ok
17:45:04.0718 3320 Simbad - ok
17:45:04.0750 3320 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
17:45:04.0750 3320 SLIP - ok
17:45:04.0750 3320 Sparrow - ok
17:45:04.0781 3320 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
17:45:04.0796 3320 splitter - ok
17:45:04.0828 3320 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
17:45:04.0828 3320 Spooler - ok
17:45:04.0859 3320 [ 352E375AB298C23B0F9BC307652C7F50 ] SQLAgent$PINNACLESYS C:\Programmi\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE
17:45:04.0875 3320 SQLAgent$PINNACLESYS - ok
17:45:04.0921 3320 [ 618718CAE288BF7CBD8FCBAB2577D932 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
17:45:04.0921 3320 sr - ok
17:45:04.0937 3320 [ B3E3DA70A7A76E69B872DE3D06D32C19 ] srservice C:\WINDOWS\system32\srsvc.dll
17:45:04.0953 3320 srservice - ok
17:45:05.0000 3320 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
17:45:05.0000 3320 Srv - ok
17:45:05.0031 3320 [ 5215569DD3A8FBC65A85E85F3C12258B ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
17:45:05.0031 3320 SSDPSRV - ok
17:45:05.0078 3320 [ BCB4E273147AFCAFDFC0DA59AF9E6E25 ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
17:45:05.0078 3320 ssudmdm - ok
17:45:05.0140 3320 [ AB2B9349ADA4AC5EC74B622B8303FE23 ] StarWindService C:\Programmi\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
17:45:05.0156 3320 StarWindService - ok
17:45:05.0187 3320 [ 3B9263E137896E4D303494F116E00608 ] stisvc C:\WINDOWS\system32\wiaservc.dll
17:45:05.0203 3320 stisvc - ok
17:45:05.0218 3320 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
17:45:05.0218 3320 streamip - ok
17:45:05.0234 3320 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
17:45:05.0250 3320 swenum - ok
17:45:05.0328 3320 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Programmi\File comuni\Adobe\SwitchBoard\SwitchBoard.exe
17:45:05.0343 3320 SwitchBoard - ok
17:45:05.0359 3320 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
17:45:05.0375 3320 swmidi - ok
17:45:05.0375 3320 SwPrv - ok
17:45:05.0375 3320 symc810 - ok
17:45:05.0390 3320 symc8xx - ok
17:45:05.0406 3320 sym_hi - ok
17:45:05.0406 3320 sym_u3 - ok
17:45:05.0453 3320 [ CFB41BF11AE95C26133BAE3EC2E334BD ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
17:45:05.0453 3320 SynTP - ok
17:45:05.0484 3320 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
17:45:05.0484 3320 sysaudio - ok
17:45:05.0531 3320 [ A34A9A872EEC4C026FD542AC7156FE0B ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
17:45:05.0531 3320 SysmonLog - ok
17:45:05.0578 3320 [ 6B85F1A9DCE45D45BFFAD3222C21F297 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
17:45:05.0593 3320 TapiSrv - ok
17:45:05.0625 3320 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:45:05.0625 3320 Tcpip - ok
17:45:05.0656 3320 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
17:45:05.0687 3320 TDPIPE - ok
17:45:05.0703 3320 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
17:45:05.0703 3320 TDTCP - ok
17:45:05.0718 3320 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
17:45:05.0718 3320 TermDD - ok
17:45:05.0765 3320 [ FE5A5329CCFC33D645C33077FF04F052 ] TermService C:\WINDOWS\System32\termsrv.dll
17:45:05.0765 3320 TermService - ok
17:45:05.0796 3320 [ DCCC606FC144F6E44E497F9A906F1C30 ] Themes C:\WINDOWS\System32\shsvcs.dll
17:45:05.0796 3320 Themes - ok
17:45:05.0843 3320 [ 2FFF150EA4396956F10B66211687F335 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
17:45:05.0843 3320 TlntSvr - ok
17:45:05.0843 3320 TosIde - ok
17:45:05.0890 3320 [ 5C4103544612E5011EF46301B93D1AA6 ] tosrfec C:\WINDOWS\system32\DRIVERS\tosrfec.sys
17:45:05.0906 3320 tosrfec - ok
17:45:05.0921 3320 [ 690294999DF1248FAF85D95B31955D0C ] TrkWks C:\WINDOWS\system32\trkwks.dll
17:45:05.0968 3320 TrkWks - ok
17:45:05.0984 3320 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
17:45:05.0984 3320 Udfs - ok
17:45:05.0984 3320 ultra - ok
17:45:06.0046 3320 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
17:45:06.0046 3320 Update - ok
17:45:06.0093 3320 [ 8057B0744D9842A090E51D2845861D5F ] upnphost C:\WINDOWS\System32\upnphost.dll
17:45:06.0093 3320 upnphost - ok
17:45:06.0140 3320 [ 47F5F9D837D80FFD5882A14DB9DA0A67 ] upperdev C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
17:45:06.0140 3320 upperdev - ok
17:45:06.0156 3320 [ F5E8B846EC10E1DF8DCA64119E2EB709 ] UPS C:\WINDOWS\System32\ups.exe
17:45:06.0171 3320 UPS - ok
17:45:06.0218 3320 [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
17:45:06.0218 3320 USBAAPL - ok
17:45:06.0265 3320 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
17:45:06.0265 3320 usbaudio - ok
17:45:06.0296 3320 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
17:45:06.0296 3320 usbccgp - ok
17:45:06.0328 3320 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
17:45:06.0328 3320 usbehci - ok
17:45:06.0343 3320 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
17:45:06.0343 3320 usbhub - ok
17:45:06.0375 3320 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
17:45:06.0375 3320 usbprint - ok
17:45:06.0421 3320 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
17:45:06.0421 3320 usbscan - ok
17:45:06.0468 3320 [ 1C888B000C2F9492F4B15B5B6B84873E ] usbser C:\WINDOWS\system32\drivers\usbser.sys
17:45:06.0468 3320 usbser - ok
17:45:06.0468 3320 [ E44F0D17BE0908B58DCC99CCB99C6C32 ] UsbserFilt C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
17:45:06.0468 3320 UsbserFilt - ok
17:45:06.0515 3320 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
17:45:06.0515 3320 USBSTOR - ok
17:45:06.0546 3320 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
17:45:06.0546 3320 usbuhci - ok
17:45:06.0578 3320 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
17:45:06.0578 3320 usbvideo - ok
17:45:06.0625 3320 [ CB3400D696BEE266C38CAE330C2B4337 ] Vax347b C:\WINDOWS\system32\DRIVERS\Vax347b.sys
17:45:06.0625 3320 Vax347b - ok
17:45:06.0671 3320 [ 113E4B318BBAA7483CA4E582A4D63F49 ] Vax347s C:\WINDOWS\system32\Drivers\Vax347s.sys
17:45:06.0671 3320 Vax347s - ok
17:45:06.0718 3320 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
17:45:06.0718 3320 VgaSave - ok
17:45:06.0718 3320 ViaIde - ok
17:45:06.0734 3320 [ E46C1B5A56DA7DA603D09DFCC79EC59E ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
17:45:06.0734 3320 VolSnap - ok
17:45:06.0781 3320 [ C2FE17125256102F5B44194D5DB0A799 ] VSS C:\WINDOWS\System32\vssvc.exe
17:45:06.0781 3320 VSS - ok
17:45:06.0812 3320 [ 2969DD84B584A6BB541A5273103957A3 ] W32Time C:\WINDOWS\system32\w32time.dll
17:45:06.0828 3320 W32Time - ok
17:45:06.0828 3320 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:45:06.0843 3320 Wanarp - ok
17:45:06.0875 3320 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
17:45:06.0890 3320 Wdf01000 - ok
17:45:06.0890 3320 WDICA - ok
17:45:06.0937 3320 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
17:45:06.0937 3320 wdmaud - ok
17:45:06.0984 3320 [ 2EC50EE79B65F60C8E8B4A03BBB3A42F ] WebClient C:\WINDOWS\System32\webclnt.dll
17:45:07.0015 3320 WebClient - ok
17:45:07.0062 3320 [ 05FB36A51E04A6C6B3A5F125FA692E6B ] wimmount C:\WINDOWS\system32\DRIVERS\wimmount.sys
17:45:07.0078 3320 wimmount - ok
17:45:07.0140 3320 [ 40911E98D0F1CBB1015F2101982F1DDF ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
17:45:07.0140 3320 winmgmt - ok
17:45:07.0203 3320 [ 74D92D14580FE46FC5A57957C8CC038F ] WinRM C:\WINDOWS\system32\WsmSvc.dll
17:45:07.0250 3320 WinRM - ok
17:45:07.0312 3320 [ FD600B032E741EB6AAB509FC630F7C42 ] WinUSB C:\WINDOWS\system32\DRIVERS\WinUSB.sys
17:45:07.0312 3320 WinUSB - ok
17:45:07.0359 3320 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
17:45:07.0375 3320 WmdmPmSN - ok
17:45:07.0406 3320 [ F63CB6DBE268EA0620C67A90CF43885E ] Wmi C:\WINDOWS\System32\advapi32.dll
17:45:07.0421 3320 Wmi - ok
17:45:07.0453 3320 [ 81FD02839FDB10ACF0EC40B809B9F8CC ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
17:45:07.0468 3320 WmiApSrv - ok
17:45:07.0500 3320 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\Drivers\wpdusb.sys
17:45:07.0500 3320 WpdUsb - ok
17:45:07.0546 3320 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
17:45:07.0546 3320 WS2IFSL - ok
17:45:07.0593 3320 [ 926D921C93CFF1E19EF4DE3E4C8368CA ] wscsvc C:\WINDOWS\system32\wscsvc.dll
17:45:07.0593 3320 wscsvc - ok
17:45:07.0625 3320 [ 8CC1234C1CA04A1CB5E6508BCF49F3FB ] wsnf C:\WINDOWS\system32\DRIVERS\wsnf.sys
17:45:07.0640 3320 wsnf - ok
17:45:07.0640 3320 [ 8CC1234C1CA04A1CB5E6508BCF49F3FB ] wsnfmp C:\WINDOWS\system32\DRIVERS\wsnf.sys
17:45:07.0640 3320 wsnfmp - ok
17:45:07.0671 3320 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
17:45:07.0671 3320 WSTCODEC - ok
17:45:07.0718 3320 [ CC48415E6C7CBAA441A3D6A6DCCBCFA6 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
17:45:07.0718 3320 wuauserv - ok
17:45:07.0750 3320 [ EAA6324F51214D2F6718977EC9CE0DEF ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
17:45:07.0765 3320 WudfPf - ok
17:45:07.0765 3320 [ F91FF1E51FCA30B3C3981DB7D5924252 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
17:45:07.0781 3320 WudfRd - ok
17:45:07.0796 3320 [ DDEE3682FE97037C45F4D7AB467CB8B6 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
17:45:07.0796 3320 WudfSvc - ok
17:45:07.0796 3320 wxwjxflv - ok
17:45:07.0859 3320 [ 053E0307A08CAC60793E27E921B46B3E ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
17:45:07.0875 3320 WZCSVC - ok
17:45:07.0890 3320 [ 5526482DCBA6047641B13BF9C75A74E0 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
17:45:07.0921 3320 xmlprov - ok
17:45:07.0937 3320 ================ Scan global ===============================
17:45:07.0968 3320 [ 17DDFE6A0B5404C5EF4C03AD996D0562 ] C:\WINDOWS\system32\basesrv.dll
17:45:08.0015 3320 [ 7B39F8912DF2C266411F7248EC250AE6 ] C:\WINDOWS\system32\winsrv.dll
17:45:08.0015 3320 [ 7B39F8912DF2C266411F7248EC250AE6 ] C:\WINDOWS\system32\winsrv.dll
17:45:08.0031 3320 [ 26845F272435302E0F3322E660A24F7D ] C:\WINDOWS\system32\services.exe
17:45:08.0031 3320 [Global] - ok
17:45:08.0031 3320 ================ Scan MBR ==================================
17:45:08.0046 3320 [ 828E02D5C4A4FBE53441EE9DBEE51F43 ] \Device\Harddisk0\DR0
17:45:08.0234 3320 \Device\Harddisk0\DR0 - ok
17:45:08.0234 3320 ================ Scan VBR ==================================
17:45:08.0234 3320 [ 05867DF465689068F57FEA9EE0368B45 ] \Device\Harddisk0\DR0\Partition1
17:45:08.0234 3320 \Device\Harddisk0\DR0\Partition1 - ok
17:45:08.0250 3320 ============================================================
17:45:08.0250 3320 Scan finished
17:45:08.0250 3320 ============================================================
17:45:08.0296 0944 Detected object count: 0
17:45:08.0296 0944 Actual detected object count: 0
Torna in alto
 
shapiro
Inviato: Wednesday, October 17, 2012 7:47:34 PM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164

Apri il block notes di windows e copia e incolla questo nello spazio bianco ( non copiare code)



Code:
file::
\SystemRoot\\SystemRoot\System32\Drivers\eb75365745d54207.sys
c:\windows\system32\drivers\exwwmdvf.sys

driver::
eb75365745d54207
wxwjxflv

Dirlook::
c:\documents and settings\All Users\Dati applicazioni\188F1432-103A-4ffb-80F1-36B633C5C9E1


Salva il file nella stessa posizione dove è presente combofix.exe e chiamalo CFScript.txt
Adesso trascina il file CFScript.txt su combofix.exe
Riavvia il pc se ti viene richiesto dal programma.
Riavvia e posta il contenuto del file C:\ComboFix.txt
Torna in alto
 
eufonio
Inviato: Wednesday, October 17, 2012 8:22:22 PM
Rank: AiutAmico

Iscritto dal : 1/18/2002
Posts: 76
ecco il log

ComboFix 12-10-16.02 - Utente 17/10/12 19.58.03.5.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.39.1040.18.3070.2391 [GMT 2:00]
Eseguito da: c:\documents and settings\Utente\Desktop\ComboFix.exe
Opzioni usate :: c:\documents and settings\Utente\Desktop\CFScript.txt
AV: Quick Heal AntiVirus Pro 12.00 *Disabled/Updated* {05C1329D-F0E0-4B19-9D15-54F9BC3ADE87}
FW: Quick Heal Firewall *Enabled* {0B0BF67A-8F20-4279-BAB2-9A72A26C76BF}
.
FILE ::
"c:\windows\system32\drivers\exwwmdvf.sys"
.
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Dati applicazioni\TEMP
.
.
((((((((((((((((((((((((((((((((((((((( Driver/Servizi )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_EB75365745D54207
-------\Service_eb75365745d54207
-------\Service_wxwjxflv
.
.
((((((((((((((((((((((((( Files Creati Da 2012-09-17 al 2012-10-17 )))))))))))))))))))))))))))))))))))
.
.
2012-10-17 15:35 . 2012-10-17 15:35 -------- d-----w- c:\windows\LastGood.Tmp
2012-10-06 07:48 . 2012-10-06 07:48 -------- d-----w- c:\programmi\DVDInfoPro
2012-10-06 07:40 . 2012-10-06 07:40 -------- d-----w- c:\programmi\DVD Identifier
2012-10-06 06:54 . 2012-10-06 06:59 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\DVD Shrink
2012-10-06 06:54 . 2012-10-06 06:54 -------- d-----w- c:\programmi\DVD Shrink
2012-10-01 18:00 . 2005-03-25 05:00 8704 ----a-w- c:\windows\system32\CNMVS75.DLL
2012-10-01 18:00 . 2005-03-25 05:00 59392 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPP75.DLL
2012-10-01 18:00 . 2005-03-25 05:00 20992 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPD75.DLL
2012-10-01 17:59 . 2005-03-25 05:10 139776 ----a-w- c:\windows\system32\CNMLM75.DLL
2012-10-01 17:59 . 2005-03-08 18:17 90112 ----a-r- c:\windows\system32\CNMCP75.exe
2012-10-01 17:59 . 2012-10-01 17:59 -------- d--h--w- c:\documents and settings\All Users\Dati applicazioni\CanonBJ
2012-09-22 16:22 . 2012-09-22 16:22 -------- d-----w- c:\programmi\Temp
2012-09-22 16:21 . 2012-09-22 16:21 -------- d-----w- c:\documents and settings\Utente\Impostazioni locali\Dati applicazioni\Wondershare
2012-09-22 16:20 . 2012-09-22 16:20 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\Wondershare
2012-09-22 16:20 . 2012-09-22 16:20 -------- d--h--w- c:\programmi\Dr.Fone_Temp
2012-09-22 16:20 . 2012-09-22 16:20 -------- d-----w- c:\programmi\Wondershare
2012-09-22 15:16 . 2012-09-22 16:19 -------- d-----w- c:\documents and settings\Utente\Dati applicazioni\GetRightToGo
2012-09-21 18:17 . 2012-09-21 18:17 -------- d-----w- c:\programmi\iPod
2012-09-21 18:16 . 2012-09-21 18:18 -------- d-----w- c:\documents and settings\All Users\Dati applicazioni\188F1432-103A-4ffb-80F1-36B633C5C9E1
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-29 20:49 . 2012-03-31 07:05 696240 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-09-29 20:49 . 2011-11-16 17:05 73136 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-09-07 15:04 . 2011-03-27 20:48 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-28 15:05 . 2009-03-30 09:37 916992 ----a-w- c:\windows\system32\wininet.dll
2012-08-28 15:05 . 2009-03-30 09:37 43520 ------w- c:\windows\system32\licmgr10.dll
2012-08-28 15:05 . 2009-03-30 09:37 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-08-28 12:07 . 2009-03-30 09:37 385024 ------w- c:\windows\system32\html.iec
2012-08-24 13:53 . 2008-04-13 17:13 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-08-23 06:27 . 2008-04-13 16:54 2152448 ------w- c:\windows\system32\ntoskrnl.exe
2012-08-23 06:27 . 2008-04-13 18:55 2031104 ------w- c:\windows\system32\ntkrnlpa.exe
2012-08-21 11:01 . 2011-02-20 12:58 26840 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2012-08-21 11:01 . 2011-02-20 12:58 106928 ----a-w- c:\windows\system32\GEARAspi.dll
2012-07-31 10:42 . 2012-09-02 10:04 83168 ----a-w- c:\windows\system32\drivers\ssudbus.sys
2012-07-31 10:42 . 2012-09-02 10:04 181344 ----a-w- c:\windows\system32\drivers\ssudmdm.sys
2012-07-30 07:47 . 2010-11-06 12:11 67680 ----a-w- c:\windows\system32\libusb0.dll
2012-07-30 07:47 . 2010-11-06 12:11 42592 ----a-w- c:\windows\system32\drivers\libusb0.sys
2011-03-18 18:01 . 2011-03-25 14:12 142296 ----a-w- c:\programmi\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of c:\documents and settings\All Users\Dati applicazioni\188F1432-103A-4ffb-80F1-36B633C5C9E1 ----
.
2012-09-21 18:18 . 2012-09-21 18:18 3982 ----a-w- c:\documents and settings\All Users\Dati applicazioni\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86\DIFxInstallLog.txt
2012-08-21 11:01 . 2012-08-21 11:01 1977816 ----a-w- c:\documents and settings\All Users\Dati applicazioni\188F1432-103A-4ffb-80F1-36B633C5C9E1\GEARDIFx.exe
2012-08-21 11:01 . 2012-08-21 11:01 323464 ----a-w- c:\documents and settings\All Users\Dati applicazioni\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86\DIFxAPI.dll
2012-08-21 11:01 . 2012-08-21 11:01 115672 ----a-w- c:\documents and settings\All Users\Dati applicazioni\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86\DifXInst32.exe
2012-08-21 11:01 . 2012-08-21 11:01 106928 ----a-w- c:\documents and settings\All Users\Dati applicazioni\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86\GEARAspi.dll
2012-08-21 11:01 . 2012-08-21 11:01 2704 ----a-w- c:\documents and settings\All Users\Dati applicazioni\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86\GEARAspiWDM.inf
2012-08-21 11:01 . 2012-08-21 11:01 7587 ----a-w- c:\documents and settings\All Users\Dati applicazioni\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86\gearaspiwdmx86.cat
2012-08-21 11:01 . 2012-08-21 11:01 26840 ----a-w- c:\documents and settings\All Users\Dati applicazioni\188F1432-103A-4ffb-80F1-36B633C5C9E1\x86\x86\GEARAspiWDM.sys
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2009-03-30 . 3316C8A8EC07A9D4C0BE10310809A9E5 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\Utente\Dati applicazioni\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\Utente\Dati applicazioni\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\Utente\Dati applicazioni\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\Utente\Dati applicazioni\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\programmi\Synaptics\SynTP\SynTPEnh.exe" [2008-08-14 1343488]
"Quick Heal Core UI"="c:\programmi\Quick Heal\Quick Heal AntiVirus Pro\strtupap.exe" [2011-04-19 125896]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Alice ti aiuta.lnk]
path=c:\documents and settings\All Users\Menu Avvio\Programmi\Esecuzione automatica\Alice ti aiuta.lnk
backup=c:\windows\pss\Alice ti aiuta.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Avvio veloce di Adobe Acrobat.lnk]
backup=c:\windows\pss\Avvio veloce di Adobe Acrobat.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^Bluetooth Monitor.lnk]
backup=c:\windows\pss\Bluetooth Monitor.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Avvio^Programmi^Esecuzione automatica^HP Digital Imaging Monitor.lnk]
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Utente^Menu Avvio^Programmi^Esecuzione automatica^Adobe Gamma.lnk]
backup=c:\windows\pss\Adobe Gamma.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Utente^Menu Avvio^Programmi^Esecuzione automatica^Dropbox.lnk]
backup=c:\windows\pss\Dropbox.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 7.0]
2008-04-23 00:08 483328 ----a-w- c:\programmi\Adobe\Acrobat 7.0\Distillr\acrotray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-03 07:37 843712 ----a-w- c:\programmi\File comuni\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2012-04-04 05:53 35736 ----a-w- c:\programmi\Adobe\Reader 10.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
2010-03-06 02:44 500208 ------w- c:\programmi\File comuni\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
2010-02-22 03:57 406992 ----a-w- c:\programmi\File comuni\Adobe\CS5ServiceManager\CS5ServiceManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 5]
2012-05-28 13:56 288128 ----a-w- c:\programmi\IObit\Advanced SystemCare 5\ASCTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AliceRE_McciTrayApp]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-08-27 19:32 59280 ----a-w- c:\programmi\File comuni\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
2010-03-13 13:54 91520 ----a-w- c:\programmi\Microsoft Office\Office14\BCSSync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
2008-04-13 17:14 110592 ------w- c:\windows\system32\bthprops.cpl
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2012-04-11 09:54 3672384 ----a-w- c:\programmi\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2011-12-10 23:31 136176 ----atw- c:\documents and settings\Utente\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2005-05-11 22:12 49152 ----a-w- c:\programmi\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD08]
2005-06-01 16:35 49152 ----a-w- c:\programmi\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2012-09-09 21:30 421776 ----a-w- c:\programmi\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]
2012-08-31 00:52 21432 ----a-w- c:\programmi\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload]
2012-08-31 00:52 964024 ----a-w- c:\programmi\Samsung\Kies\Kies.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
2012-08-31 00:52 3524536 ----a-w- c:\programmi\Samsung\Kies\KiesTrayAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
2012-09-07 15:04 981656 ----a-w- c:\programmi\Malwarebytes' Anti-Malware\mbam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Motive SmartBridge]
2006-04-21 13:41 438359 ----a-w- c:\progra~1\ALICET~1\SMARTB~1\MotiveSB.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSConfig]
2008-04-13 17:14 172032 ----a-w- c:\windows\pchealth\helpctr\binaries\msconfig.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2006-01-12 15:40 155648 ----a-w- c:\programmi\File comuni\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2012-03-26 09:24 1516600 ----a-w- c:\programmi\Nokia\Nokia PC Suite 7\PCSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF4 Registry Controller]
2007-01-16 18:42 46632 ----a-w- c:\programmi\ScanSoft\PDF Professional 4.0\RegistryController.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck]
2004-03-10 23:26 406016 ------w- c:\windows\system32\PSDrvCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2012-04-18 18:56 421888 ----a-w- c:\programmi\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ScanSoft PDF Professional 4-reminder]
2006-11-16 09:01 35368 ----a-w- c:\programmi\ScanSoft\PDF Professional 4.0\Ereg\Ereg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
2006-10-25 07:03 210472 ----a-w- c:\programmi\File comuni\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2008-01-21 11:17 61440 ----a-w- c:\programmi\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
2010-02-19 12:37 517096 ----a-w- c:\programmi\File comuni\Adobe\SwitchBoard\SwitchBoard.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USBToolTip]
2007-02-20 10:07 199752 ----a-w- c:\progra~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VZOchat]
2009-11-27 18:33 2201600 ----a-w- c:\programmi\VZOchat\VZOchat.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"SwitchBoard"=3 (0x3)
"StarWindService"=2 (0x2)
"ServiceLayer"=3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"QuickTime Task"="c:\programmi\QuickTime\qttask.exe" -atboottime
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programmi\\iTunes\\iTunes.exe"=
"c:\\Programmi\\eMule\\emule.exe"=
"c:\\Programmi\\Winamp\\winamp.exe"=
"c:\\Programmi\\Pinnacle\\Studio 15\\Programs\\Studio.exe"=
.
R0 CLBStor;CyberLink InstantBurn UDF Reader Help Driver;c:\windows\system32\drivers\CLBStor.sys [14/03/11 22.31.53 10368]
R0 pssnap;Paramount Software Snapshot Filter;c:\windows\system32\drivers\pssnap.sys [20/02/12 20.38.10 16024]
R0 Vax347s;Vax347s;c:\windows\system32\drivers\Vax347s.sys [20/02/11 15.37.52 5248]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [15/04/12 14.02.57 242240]
R1 ggc;ggc;c:\windows\system32\drivers\ggc.sys [28/09/11 12.47.16 46664]
R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\programmi\IObit\Advanced SystemCare 5\ASCService.exe [11/03/12 11.13.08 913792]
R2 catflt;catflt;c:\windows\system32\drivers\catflt.sys [19/04/11 13.35.46 110024]
R2 CLBUDFR;CyberLink UDF Filesystem;c:\windows\system32\drivers\CLBUDFR.sys [14/03/11 22.31.53 180352]
R2 Core Mail Protection;Core Mail Protection;c:\programmi\Quick Heal\Quick Heal AntiVirus Pro\EMLPROXY.EXE [19/04/11 13.35.46 28104]
R2 Core Scanning Server;Core Scanning Server;c:\programmi\Quick Heal\Quick Heal AntiVirus Pro\SAPISSVC.EXE [19/04/11 13.35.46 205768]
R2 EMLSS;EMLSS;c:\windows\system32\drivers\EMLTDI.SYS [28/09/11 12.50.37 29384]
R2 Network WanMiniport First Position;Network WanMiniport First Position;c:\programmi\Telecom Italia\WanMiniport1st\srvany.exe [31/05/12 21.26.20 8192]
R2 Quick Update Service;Quick Update Service;c:\programmi\Quick Heal\Quick Heal AntiVirus Pro\QUHLPSVC.EXE [19/04/11 13.35.46 90568]
R2 ReflectService.exe;Macrium Reflect Image Mounting Service;c:\programmi\Macrium\Reflect\ReflectService.exe [20/02/12 20.38.10 224920]
R3 wsnfmp;Network Filter Miniport;c:\windows\system32\drivers\wsnf.sys [19/04/11 13.35.48 27464]
S0 mscank;mscank;c:\windows\system32\drivers\mscank.sys [28/09/11 12.50.40 34112]
S2 Core Scanning ServerEx;Core Scanning ServerEx;c:\programmi\Quick Heal\Quick Heal AntiVirus Pro\SAPISSVC.EXE [19/04/11 13.35.46 205768]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [31/03/12 9.05.27 250288]
S3 ALSysIO;ALSysIO;\??\c:\docume~1\Utente\IMPOST~1\Temp\ALSysIO.sys --> c:\docume~1\Utente\IMPOST~1\Temp\ALSysIO.sys [?]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [02/09/12 12.04.09 83168]
S3 IstSer;IstSer;c:\documents and settings\Utente\Impostazioni locali\Dati applicazioni\IstSer\IstSer.exe [15/11/11 20.20.04 19968]
S3 libusb0;LibUsb-Win32 - Kernel Driver 09/17/2010, 1.2.1.0;c:\windows\system32\drivers\libusb0.sys [06/11/10 14.11.12 42592]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\programmi\Microsoft Office\Office14\GROOVE.EXE [12/06/11 11.15.00 31125880]
S3 osppsvc;Office Software Protection Platform;c:\programmi\File comuni\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [09/01/10 22.37.50 4640000]
S3 PROCEXP151;PROCEXP151;\??\c:\windows\system32\Drivers\PROCEXP151.SYS --> c:\windows\system32\Drivers\PROCEXP151.SYS [?]
S3 PSMounter;Macrium Reflect Image Explorer Service;c:\windows\system32\drivers\psmounter.sys [20/02/12 20.38.10 47256]
S3 PSVolAcc;PSVolAcc;c:\windows\system32\drivers\PSVolAcc.sys [20/02/12 20.38.10 12952]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [02/09/12 12.04.09 181344]
S3 wimmount;wimmount;c:\windows\system32\drivers\wimmount.sys [13/07/09 19.20.54 19024]
S3 wsnf;Network Filter Service;c:\windows\system32\drivers\wsnf.sys [19/04/11 13.35.48 27464]
S4 Online Protection System;Online Protection System;c:\programmi\Quick Heal\Quick Heal AntiVirus Pro\OPSSVC.EXE [19/04/11 13.35.46 22472]
S4 SwitchBoard;SwitchBoard;c:\programmi\File comuni\Adobe\SwitchBoard\SwitchBoard.exe [19/02/10 14.37.14 517096]
S4 Vax347b;Vax347b;c:\windows\system32\drivers\Vax347b.sys [20/02/11 15.37.52 159616]
.
Contenuto della cartella 'Scheduled Tasks'
.
2012-09-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-31 20:49]
.
2012-07-02 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programmi\Apple Software Update\SoftwareUpdate.exe [2009-10-22 16:57]
.
2012-07-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-842925246-1844823847-1801674531-1003Core.job
- c:\documents and settings\Utente\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe [2011-12-10 23:31]
.
2012-07-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-842925246-1844823847-1801674531-1003UA.job
- c:\documents and settings\Utente\Impostazioni locali\Dati applicazioni\Google\Update\GoogleUpdate.exe [2011-12-10 23:31]
.
2012-10-17 c:\windows\Tasks\User_Feed_Synchronization-{C3C598BE-462C-4F7A-8D1D-D61184857414}.job
- c:\windows\system32\msfeedssync.exe [2009-03-30 03:31]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.libero.it/
uInternet Settings,ProxyOverride = 127.0.0.1
IE: Apri con ScanSoft PDF Converter 4.1 - c:\programmi\ScanSoft\PDF Professional 4.0\cnvres_ita.dll /100
IE: Converti destinazione link in Adobe PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Converti destinazione link in file PDF esistente - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Converti i link selezionati in Adobe PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Converti i link selezionati in file PDF esistente - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Converti in Adobe PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Converti nel file PDF esistente - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Converti selezione in Adobe PDF - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Converti selezione in file PDF esistente - c:\programmi\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
Trusted Zone: telecomitalia.it\ecomm.adsl
Trusted Zone: telecomitalia.it\www
Trusted Zone: tim.it\www
Trusted Zone: unisalute.it\www
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\Utente\Dati applicazioni\Mozilla\Firefox\Profiles\cbzztfev.default\
FF - prefs.js: browser.search.selectedEngine - Cerca...
FF - prefs.js: browser.startup.homepage - hxxp://search.findeer.com/
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-10-17 20:10
Windows 5.1.2600 Service Pack 3 NTFS
.
scansione processi nascosti ...
.
scansione entrate autostart nascoste ...
.
Scansione files nascosti ...
.
Scansione completata con successo
Files nascosti: 0
.
**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_USERS\S-1-5-21-842925246-1844823847-1801674531-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Environment*]
"v5Licence0"="15-66SU-NXAU-1BDZ-3VZY-S8DR-ZRH41Q5"
"Activated"="Y"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–€|ÿÿÿÿÀ•€|ù•9~*]
"AB141C35E9F4BF344B9FC010BB17F68A"="02:\\Software\\Adobe\\FeatureSubscriptions\\DVAAdobeDocMeta\\{53C141BA-4F9E-43FB-B4F9-0C01BB716FA8}\\Registered"
.
[HKEY_LOCAL_MACHINE\software\Wondershare\Wondershare Helper Compact\1936026741\QTJAVA=c:\programmi\Java\jre6\lib\ext\QTJava.zip*SESSIONNAME=Console*SystemDrive=C:*SystemRoot=c:\windows*temp=c:\DOCUME~1\Utente\IMPOST~1\Temp*TMP=c:\docume~1\Utente\IMPOST~1\Temp*USERDOMAIN=UTENTE-2B22613E*USERNAME=Utente*USERPROFILE=C:\Documents and S]
"JoinUserExperience"=dword:00000001
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
.
- - - - - - - > 'winlogon.exe'(1328)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(8060)
c:\windows\system32\WININET.dll
c:\documents and settings\Utente\Dati applicazioni\Dropbox\bin\DropboxExt.14.dll
c:\progra~1\FILECO~1\MICROS~1\OFFICE14\Cultures\office.odf
c:\progra~1\MICROS~2\Office14\1040\GrooveIntlResource.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\programmi\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\programmi\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\programmi\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_ita.nlr
c:\programmi\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\msi.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\agrsmsvc.exe
c:\programmi\File comuni\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\programmi\Java\jre6\bin\jqs.exe
c:\programmi\Common Files\Motive\McciCMService.exe
c:\programmi\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
c:\programmi\Telecom Italia\WanMiniport1st\WanMiniport1st_srv.exe
c:\programmi\Quick Heal\Quick Heal AntiVirus Pro\SCANWSCS.EXE
c:\programmi\Quick Heal\Quick Heal AntiVirus Pro\onlinent.exe
c:\programmi\Quick Heal\Quick Heal AntiVirus Pro\SCANMSG.EXE
c:\programmi\Quick Heal\Quick Heal AntiVirus Pro\UPSCHD.EXE
c:\programmi\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Ora fine scansione: 2012-10-17 20:14:28 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2012-10-17 18:14
ComboFix2.txt 2012-10-16 21:40
.
Pre-Run: 132.322.934.784 byte disponibili
Post-Run: 132.351.221.760 byte disponibili
.
- - End Of File - - AB73FF7839175BC6E78F35D25969A5D6
Torna in alto
 
shapiro
Inviato: Wednesday, October 17, 2012 9:35:49 PM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164

Eufonio prima di continuare vorrei sapere se il pc e' sempre lento come prima
Torna in alto
 
eufonio
Inviato: Wednesday, October 17, 2012 10:10:46 PM
Rank: AiutAmico

Iscritto dal : 1/18/2002
Posts: 76
mi sembra vada un pò meglio rispetto a prima anche se non è velocissimo
Torna in alto
 
shapiro
Inviato: Wednesday, October 17, 2012 10:16:54 PM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164

vediamo di velocizzarlo un po'

scarica e installa Kaspersky Virus Removal Tool
verrà creata una cartella sul Desktop, chiamata Virus Removal Tool
nella schermata che si aprira' metti la spunta su tutte le voci disponibili poi clicca su avvia scansione in caso di rilevazione di infezioni, clicca su Neutralizza tutto
si apriranno delle finestre: potrai scegliere se Cancellare o Disinfettare
metti la spunta su Applica a tutti e clicca su Quarantena
clicca sul tasto Reports: salva il file di log sul Desktop

una cosa: il file di testo potrebbe essere di dimensioni eccessive, pertanto (in caso di rilevamento infezioni) ti pregherei di copiare e allegare nel forum solamente le infezioni che trova
Torna in alto
 
eufonio
Inviato: Thursday, October 18, 2012 7:06:01 PM
Rank: AiutAmico

Iscritto dal : 1/18/2002
Posts: 76
Ieri sera ho lanciato il programma e ha lavorato tutta la notte però ho un dubbio, perchè non mi ha creato sul desktop la cartyella di cui parli tu e non ha creato alcun log in automatico. Nel programma ho trovato io un'opzione che ha creato il log.
Forse ho sbagliato qualcosa?
Torna in alto
 
shapiro
Inviato: Thursday, October 18, 2012 7:18:22 PM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164

non saprei Eufonio probabilmente avranno cambiato qualcosa

allega il log vediamo cosa ha trovato
Torna in alto
 
eufonio
Inviato: Thursday, October 18, 2012 7:34:07 PM
Rank: AiutAmico

Iscritto dal : 1/18/2002
Posts: 76
non mi fa incollare i dati del log come se il file fosse protetto, c'è un modo per allegarti il file?
Torna in alto
 
shapiro
Inviato: Thursday, October 18, 2012 7:42:15 PM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164


prova a caricarlo qui => http://www.freefilehosting.net/
Torna in alto
 
eufonio
Inviato: Thursday, October 18, 2012 9:19:24 PM
Rank: AiutAmico

Iscritto dal : 1/18/2002
Posts: 76
dovrebbe essere andato, fammi sapere
Torna in alto
 
shapiro
Inviato: Thursday, October 18, 2012 9:39:25 PM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164

non vedo niente

clicca sul link e poi su upload file




lo selezioni e una volta caricato copi il primo link > Download Link e lo incolli qui nel forum
Torna in alto
 
eufonio
Inviato: Thursday, October 18, 2012 10:27:25 PM
Rank: AiutAmico

Iscritto dal : 1/18/2002
Posts: 76
lo avevo già fatto probabilmente l'operazione non è andata a buon fine.
E' un file grosso ripeterò la procedura
Torna in alto
 
eufonio
Inviato: Thursday, October 18, 2012 11:54:47 PM
Rank: AiutAmico

Iscritto dal : 1/18/2002
Posts: 76
dovrebbe aver completato il caricamento del file e mi appare questa maschera dove ci sono dei dati e un campo per l'email. Devo fare qualcosa?
Torna in alto
 
Utenti presenti in questo topic
Guest

2 pages: [1] 2

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » Pc lento


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.