un saluto a tutti,ho un notebook HP dv6000 con (haimè) installato su 2 partizioni indipendenti, il mitico so vista 32bit,ho molta familiarità con questo pc che uso ormai da anni,presto sempre molta cautela per le infezioni ma sta volta (non per mia causa) mi sa che l ho beccata,e anche bella grossa purtroppo.... nella mia ignoranza visti i sintomi che vedo si puo parlare (ripeto,per ipotesi) del temibile "mebromi" (e se fosse quella,so già che lo dvrò buttare via) o di chissàquale altra strana infezione,sarete voi poi a guidarmi. i sintomi sono cpu a palla,lentezza,schermata nera per pochi secondi prima dell avvio,ci sono anche numerose istanze da parte di "svchost.exe" il quale prende una bella fetta di cpu, poi ho anche trovato la presenza di 2 voci di registro alquanto sospette,penso c entrino sicuramente qualcosa perchè non le ho mai notate prima d ora. i file temporanei sono stati tutti eliminati,li elimino ogni settimana. scansioni varie effettuate non riscontrano alcunchè,la visualizzazione dei file nascosti è attiva,e oggi ho provato a cercare qualcosa manualmente in C:\windows\system32\ & \drivers ma sembra tutto firmato.... booo,...si tratta di rootkit?
in attesa di istruzioni.

queste sono le 2 voci del registro,possono essere cancellate cambiando le autorizzazioni (non le ho ancora cancellate,le ho lasciate per un eventuale indagine)

Ciao.
Fai queste 2 scansioni:

Scarica TDSSKiller.zip sul desktop:

http://support.kaspersky.com/viruses/solutions?qid=208280684

Estrai i dati in una cartella e fai doppio clik su TDSSKiller.exe
Clicca su "Change parameters"
Metti la spunta sulle caselline: verify driver digital singatures e poi Detect TDLFS file system .
Conferma cliccando OK.
Poi clicca su "Start Scan"
Se trova qualche infezione di default avrai l'opzione "Cure" per cui, clicca su "Continue".
Se un file sospetto viene trovato,l'azione di default sarà "skip",clicca su "Continue".
Se è richiesto il riavvio,(Reboot) acconsenti. (per eliminare l'infezione è necessario riavviare il pc)
Se nessun riavvio è richiesto clicca su report e salva il contenuto in un file di testo.
Il log lo trovi in C:\
Postalo qui.

Seconda scansione:

Scarica Combofix (usa Internet Explorer)

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Salvalo sul desktop. (è obbligatorio)

Importante: Disabilita il tuo antivirus e chiudi TUTTI i programmi aperti,(Firewall compreso) e dopo aver scaricato COMBOFIX, chiudi la connessione.

Doppio click su combofix.exe (se usi Vista o Seven: tasto destro su Combofix.exe e clicca su: "Esegui come Amministratore" )

E' probabile che ti siano inviati messaggi dall'antivirus,(o dallo stesso Combofix) tu ignorali, e prosegui con la scansione.

Durante l'operazione di scansione è importante non usare il PC (neanche il mouse) e attendere pazientemente la fine delle operazioni.
Al termine, verrà creato un file log sul Desktop, chiamato C:\ComboFix.txt.
Postalo qui.

Per postare i log:

Collegati ad internet e vai alla pagina WikiSend:
http://www.wikisend.com/
Clicca sul bottone "Sfoglia"
Seleziona il file appena salvato
Clicca su Upload file
Dopo qualche secondo, vieni spostato su una nuova pagina con il link in diversi formati:
Download Link / Forum Link
Seleziona Forum Link, copialo e incollalo in un nuovo messaggio per il forum.

@jessy42
Senti jessy42, già non ne capisci niente di computer sani, figuriamoci quelli infetti.
Consiglio: astieniti nel dare consigli in questa sezione, sia per non renderti ridicola, ma sopratutto per la salute dei pc degli utenti.
Torno a ripeterti (qui sì che sei "dura di comprendonio") che interventi volti a seguire strategie diverse, crea solo confusione a tutti.
All'utente, e a chi lo segue.
Ci arrivi?
Se vuoi far ridere gli aiutamici, non devi far altro che prenderti topic "vergini" e cercare di non procurare +danni di quelli che già ci sono.
E visto la tua "durezza"di materia grigia, per essere chiari, per "vergini" intendo topic che non siano state ancora date risposte.
Ovviamente quello che non riderà sarà il malcapitato che ti capiterà fra le "grinfie".
Fine OT.

PrevXCSI

Sapevo che la versione free fa solo la scansione, per la rimozione di eventuali malware occorre acquistare la versione completa.

Su Aiutamici si consigliano solo sw free!

Sono sempre più basita e sconcertata dalla tronfiaggine di tali sottoprodotti, falsi residui di viscido materiale organico , confuso alla spazzatura, puzzolente, che non è stato possibile riciclare, e che tornano a manifestarsi nella loro piena pochezza e inutilità.

A chi non riesce ad attenersi al regolamento, e più di ogni regolamento al buonsenso, alla buona educazione tesa a determinare una condotta non diretta ed offensiva nei confronti di altri utenti , e continua a degenerare le discussioni con interventi non inerenti l'argomento trattato, è già stato piu' volte ribadito l'espresso invito a passare ai lavori di miglior utilità sociale.

Della discussione è già stato attenzionato il proprietario del sito che auspico prendi le sue migliori decisioni in tempi stretti , ovverosia preservi il sereno prosieguo della discussione e attenui questa offensiva, destinata, se non arginata, a generare nuovi e più insidiose repliche dai toni aspri.

grazie r16,ho il log di TDSSKiller,domattina avrai anche quello di combofix,sul quale avevo una curiosità: io uso chrome,lo scaricherò come chiedi da IE,ma che differenza c è?

relativamente al discorso prevx,io preferisco utilizzare i tolls free,non mi piacciono i software che ti fanno vedere l infezione e poi ti chiedono di acquistare per bonificare...mi sanno un po di "rogue",mi ricordano un pò il famoso e assillantissimo"RegistryBooster",secondo me è una politica estremamente sbagliata quella utilizzata per tali prodotti... e in ogni caso prevx è non solo costoso,ma anche troppo invasivo,preferisco combofix che comunque si puo facilmente disinstallare una volta usato.

ecco il log di TDSSKiller










02:27:51.0799 5348 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
02:27:52.0492 5348 ============================================================
02:27:52.0492 5348 Current date / time: 2012/08/04 02:27:52.0492
02:27:52.0492 5348 SystemInfo:
02:27:52.0492 5348
02:27:52.0492 5348 OS Version: 6.0.6002 ServicePack: 2.0
02:27:52.0492 5348 Product type: Workstation
02:27:52.0492 5348 ComputerName: PC-MARCO
02:27:52.0493 5348 UserName: poltel
02:27:52.0493 5348 Windows directory: C:\Windows
02:27:52.0493 5348 System windows directory: C:\Windows
02:27:52.0493 5348 Processor architecture: Intel x86
02:27:52.0493 5348 Number of processors: 2
02:27:52.0493 5348 Page size: 0x1000
02:27:52.0493 5348 Boot type: Normal boot
02:27:52.0493 5348 ============================================================
02:27:55.0535 5348 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
02:27:55.0560 5348 ============================================================
02:27:55.0560 5348 \Device\Harddisk0\DR0:
02:27:55.0561 5348 MBR partitions:
02:27:55.0561 5348 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x77F2416
02:27:55.0561 5348 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x77F2495, BlocksNum 0xA37CEAF
02:27:55.0561 5348 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x11B6F344, BlocksNum 0xEA977D
02:27:55.0561 5348 ============================================================
02:27:55.0585 5348 C: <-> \Device\Harddisk0\DR0\Partition0
02:27:55.0648 5348 D: <-> \Device\Harddisk0\DR0\Partition1
02:27:55.0695 5348 E: <-> \Device\Harddisk0\DR0\Partition2
02:27:55.0696 5348 ============================================================
02:27:55.0696 5348 Initialize success
02:27:55.0696 5348 ============================================================
02:28:01.0138 4444 ============================================================
02:28:01.0138 4444 Scan started
02:28:01.0138 4444 Mode: Manual; SigCheck; TDLFS;
02:28:01.0138 4444 ============================================================
02:28:02.0756 4444 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
02:28:02.0964 4444 ACPI - ok
02:28:03.0036 4444 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
02:28:03.0080 4444 adp94xx - ok
02:28:03.0131 4444 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
02:28:03.0170 4444 adpahci - ok
02:28:03.0185 4444 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
02:28:03.0212 4444 adpu160m - ok
02:28:03.0237 4444 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
02:28:03.0271 4444 adpu320 - ok
02:28:03.0323 4444 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
02:28:03.0620 4444 AeLookupSvc - ok
02:28:03.0721 4444 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
02:28:03.0997 4444 AFD - ok
02:28:04.0044 4444 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
02:28:04.0068 4444 agp440 - ok
02:28:04.0111 4444 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
02:28:04.0137 4444 aic78xx - ok
02:28:04.0156 4444 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
02:28:04.0347 4444 ALG - ok
02:28:04.0353 4444 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
02:28:04.0376 4444 aliide - ok
02:28:04.0386 4444 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
02:28:04.0410 4444 amdagp - ok
02:28:04.0418 4444 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
02:28:04.0442 4444 amdide - ok
02:28:04.0461 4444 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
02:28:04.0567 4444 AmdK7 - ok
02:28:04.0590 4444 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
02:28:04.0667 4444 AmdK8 - ok
02:28:04.0716 4444 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
02:28:04.0817 4444 Appinfo - ok
02:28:04.0861 4444 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
02:28:04.0888 4444 arc - ok
02:28:05.0077 4444 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
02:28:05.0102 4444 arcsas - ok
02:28:05.0128 4444 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
02:28:05.0202 4444 AsyncMac - ok
02:28:05.0221 4444 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
02:28:05.0244 4444 atapi - ok
02:28:05.0313 4444 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
02:28:05.0402 4444 AudioEndpointBuilder - ok
02:28:05.0410 4444 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
02:28:05.0445 4444 Audiosrv - ok
02:28:05.0482 4444 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
02:28:05.0570 4444 Beep - ok
02:28:05.0643 4444 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
02:28:05.0745 4444 BFE - ok
02:28:05.0869 4444 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\system32\qmgr.dll
02:28:05.0976 4444 BITS - ok
02:28:06.0003 4444 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
02:28:06.0050 4444 blbdrive - ok
02:28:06.0073 4444 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
02:28:06.0288 4444 bowser - ok
02:28:06.0327 4444 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
02:28:06.0387 4444 BrFiltLo - ok
02:28:06.0393 4444 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
02:28:06.0457 4444 BrFiltUp - ok
02:28:06.0493 4444 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
02:28:06.0563 4444 Browser - ok
02:28:06.0604 4444 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
02:28:06.0972 4444 Brserid - ok
02:28:06.0983 4444 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
02:28:07.0069 4444 BrSerWdm - ok
02:28:07.0075 4444 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
02:28:07.0158 4444 BrUsbMdm - ok
02:28:07.0164 4444 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
02:28:07.0259 4444 BrUsbSer - ok
02:28:07.0275 4444 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
02:28:07.0376 4444 BTHMODEM - ok
02:28:07.0434 4444 BthServ (a4c8377fa4a994e07075107dbe2e3dce) C:\Windows\System32\bthserv.dll
02:28:07.0509 4444 BthServ - ok
02:28:07.0529 4444 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
02:28:07.0618 4444 cdfs - ok
02:28:07.0639 4444 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
02:28:07.0701 4444 cdrom - ok
02:28:07.0731 4444 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
02:28:07.0791 4444 CertPropSvc - ok
02:28:07.0820 4444 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
02:28:07.0937 4444 circlass - ok
02:28:07.0987 4444 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
02:28:08.0034 4444 CLFS - ok
02:28:08.0109 4444 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
02:28:08.0133 4444 clr_optimization_v2.0.50727_32 - ok
02:28:08.0177 4444 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
02:28:08.0218 4444 CmBatt - ok
02:28:08.0538 4444 cmdAgent (907324001ae25ac5959c91eaa34cabae) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
02:28:08.0698 4444 cmdAgent - ok
02:28:08.0846 4444 cmderd (2efb4e56fd76d4ec128987bb192a5bf0) C:\Windows\system32\DRIVERS\cmderd.sys
02:28:08.0866 4444 cmderd - ok
02:28:08.0929 4444 cmdGuard (22d54351b7a2c94814d00faa502ff381) C:\Windows\system32\DRIVERS\cmdguard.sys
02:28:08.0982 4444 cmdGuard - ok
02:28:09.0012 4444 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
02:28:09.0034 4444 cmdide - ok
02:28:09.0158 4444 Com4QLBEx (c7a0e61d5714ac20de52d4f66ec773b8) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
02:28:09.0354 4444 Com4QLBEx - ok
02:28:09.0428 4444 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
02:28:09.0451 4444 Compbatt - ok
02:28:09.0459 4444 COMSysApp - ok
02:28:09.0477 4444 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
02:28:09.0500 4444 crcdisk - ok
02:28:09.0517 4444 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
02:28:09.0579 4444 Crusoe - ok
02:28:09.0633 4444 CryptSvc (75c6a297e364014840b48eccd7525e30) C:\Windows\system32\cryptsvc.dll
02:28:09.0696 4444 CryptSvc - ok
02:28:09.0816 4444 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
02:28:09.0906 4444 DcomLaunch - ok
02:28:09.0937 4444 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
02:28:10.0196 4444 DfsC - ok
02:28:10.0468 4444 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
02:28:10.0693 4444 DFSR - ok
02:28:10.0883 4444 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
02:28:10.0947 4444 Dhcp - ok
02:28:11.0014 4444 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
02:28:11.0039 4444 disk - ok
02:28:11.0087 4444 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
02:28:11.0263 4444 Dnscache - ok
02:28:11.0301 4444 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
02:28:11.0378 4444 dot3svc - ok
02:28:11.0413 4444 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
02:28:11.0481 4444 DPS - ok
02:28:11.0525 4444 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
02:28:11.0588 4444 drmkaud - ok
02:28:11.0678 4444 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
02:28:11.0937 4444 DXGKrnl - ok
02:28:12.0098 4444 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
02:28:12.0139 4444 E1G60 - ok
02:28:12.0178 4444 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
02:28:12.0229 4444 EapHost - ok
02:28:12.0276 4444 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
02:28:12.0310 4444 Ecache - ok
02:28:12.0393 4444 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
02:28:12.0467 4444 ehRecvr - ok
02:28:12.0501 4444 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
02:28:12.0566 4444 ehSched - ok
02:28:12.0592 4444 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
02:28:12.0637 4444 ehstart - ok
02:28:12.0709 4444 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
02:28:12.0758 4444 elxstor - ok
02:28:12.0855 4444 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
02:28:12.0961 4444 EMDMgmt - ok
02:28:12.0967 4444 ErrDev (a81ab23eddb4693612014d87367d014c) C:\Windows\system32\drivers\errdev.sys
02:28:13.0018 4444 ErrDev - ok
02:28:13.0069 4444 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
02:28:13.0143 4444 EventSystem - ok
02:28:13.0216 4444 ewusbnet (fb54f67974d13d73be3e2f1df042d295) C:\Windows\system32\DRIVERS\ewusbnet.sys
02:28:13.0453 4444 ewusbnet - ok
02:28:13.0519 4444 ew_hwusbdev (57c171ea22f0a7f068fcb0caedd1e8e7) C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
02:28:13.0685 4444 ew_hwusbdev - ok
02:28:13.0729 4444 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
02:28:13.0829 4444 exfat - ok
02:28:13.0848 4444 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
02:28:13.0896 4444 fastfat - ok
02:28:13.0917 4444 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
02:28:13.0973 4444 fdc - ok
02:28:14.0003 4444 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
02:28:14.0044 4444 fdPHost - ok
02:28:14.0058 4444 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
02:28:14.0122 4444 FDResPub - ok
02:28:14.0171 4444 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
02:28:14.0196 4444 FileInfo - ok
02:28:14.0217 4444 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
02:28:14.0285 4444 Filetrace - ok
02:28:14.0292 4444 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
02:28:14.0362 4444 flpydisk - ok
02:28:14.0398 4444 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
02:28:14.0431 4444 FltMgr - ok
02:28:14.0567 4444 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
02:28:14.0807 4444 FontCache - ok
02:28:14.0883 4444 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
02:28:14.0917 4444 FontCache3.0.0.0 - ok
02:28:14.0953 4444 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
02:28:15.0216 4444 Fs_Rec - ok
02:28:15.0318 4444 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
02:28:15.0343 4444 gagp30kx - ok
02:28:15.0419 4444 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
02:28:15.0549 4444 gpsvc - ok
02:28:15.0583 4444 HBtnKey (93aee3434935fc2f805fefd8dc5ed1b4) C:\Windows\system32\DRIVERS\cpqbttn.sys
02:28:15.0739 4444 HBtnKey - ok
02:28:15.0813 4444 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
02:28:15.0877 4444 HdAudAddService - ok
02:28:15.0960 4444 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
02:28:16.0070 4444 HDAudBus - ok
02:28:16.0095 4444 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
02:28:16.0180 4444 HidBth - ok
02:28:16.0188 4444 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
02:28:16.0259 4444 HidIr - ok
02:28:16.0292 4444 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\System32\hidserv.dll
02:28:16.0343 4444 hidserv - ok
02:28:16.0364 4444 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
02:28:16.0419 4444 HidUsb - ok
02:28:16.0453 4444 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
02:28:16.0510 4444 hkmsvc - ok
02:28:16.0526 4444 HpCISSs (7ebec5eb56b90ed65a8bbd91464e5cfb) C:\Windows\system32\drivers\hpcisss.sys
02:28:16.0551 4444 HpCISSs - ok
02:28:16.0592 4444 HpqKbFiltr (1210960ff8928950d2a786895b0c424a) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
02:28:16.0754 4444 HpqKbFiltr - ok
02:28:16.0866 4444 hpqwmiex (fdf273a845f1ffcceadf363aaf47582f) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
02:28:17.0082 4444 hpqwmiex - ok
02:28:17.0271 4444 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
02:28:17.0595 4444 HTTP - ok
02:28:17.0633 4444 huawei_enumerator (f44461e66f1b7dd267957fe9baa63ed0) C:\Windows\system32\DRIVERS\ew_jubusenum.sys
02:28:17.0782 4444 huawei_enumerator - ok
02:28:17.0878 4444 hwdatacard (b50e1d8627354ba8e4df83470f1272c8) C:\Windows\system32\DRIVERS\ewusbmdm.sys
02:28:18.0079 4444 hwdatacard - ok
02:28:18.0191 4444 HWDeviceService.exe (5ef3427ae503b5c03a48f7c9ff458b69) C:\ProgramData\DatacardService\HWDeviceService.exe
02:28:18.0362 4444 HWDeviceService.exe - ok
02:28:18.0404 4444 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
02:28:18.0426 4444 i2omp - ok
02:28:18.0483 4444 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
02:28:18.0543 4444 i8042prt - ok
02:28:18.0586 4444 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
02:28:18.0626 4444 iaStorV - ok
02:28:18.0797 4444 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
02:28:18.0898 4444 idsvc - ok
02:28:18.0913 4444 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
02:28:18.0937 4444 iirsp - ok
02:28:19.0016 4444 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
02:28:19.0125 4444 IKEEXT - ok
02:28:19.0593 4444 IntcAzAudAddService (b35f19aff279e08b567b281fb2e94291) C:\Windows\system32\drivers\RTKVHDA.sys
02:28:19.0957 4444 IntcAzAudAddService - ok
02:28:20.0130 4444 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
02:28:20.0197 4444 intelide - ok
02:28:20.0296 4444 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
02:28:20.0359 4444 intelppm - ok
02:28:20.0408 4444 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
02:28:20.0478 4444 IPBusEnum - ok
02:28:20.0500 4444 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
02:28:20.0589 4444 IpFilterDriver - ok
02:28:20.0639 4444 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
02:28:20.0904 4444 iphlpsvc - ok
02:28:20.0909 4444 IpInIp - ok
02:28:20.0924 4444 IPMIDRV (4b9c0f4d4a3acc535f9771039ecd6365) C:\Windows\system32\drivers\ipmidrv.sys
02:28:20.0984 4444 IPMIDRV - ok
02:28:21.0007 4444 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
02:28:21.0061 4444 IPNAT - ok
02:28:21.0068 4444 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
02:28:21.0116 4444 IRENUM - ok
02:28:21.0142 4444 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
02:28:21.0166 4444 isapnp - ok
02:28:21.0226 4444 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
02:28:21.0260 4444 iScsiPrt - ok
02:28:21.0269 4444 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
02:28:21.0290 4444 iteatapi - ok
02:28:21.0316 4444 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
02:28:21.0337 4444 iteraid - ok
02:28:21.0361 4444 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
02:28:21.0383 4444 kbdclass - ok
02:28:21.0401 4444 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
02:28:21.0460 4444 kbdhid - ok
02:28:21.0483 4444 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
02:28:21.0638 4444 KeyIso - ok
02:28:21.0709 4444 KSecDD (4a1445efa932a3baf5bdb02d7131ee20) C:\Windows\system32\Drivers\ksecdd.sys
02:28:21.0920 4444 KSecDD - ok
02:28:22.0001 4444 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
02:28:22.0113 4444 KtmRm - ok
02:28:22.0152 4444 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\System32\srvsvc.dll
02:28:22.0410 4444 LanmanServer - ok
02:28:22.0470 4444 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
02:28:22.0565 4444 LanmanWorkstation - ok
02:28:22.0598 4444 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
02:28:22.0645 4444 lltdio - ok
02:28:22.0694 4444 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
02:28:22.0767 4444 lltdsvc - ok
02:28:22.0789 4444 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
02:28:22.0868 4444 lmhosts - ok
02:28:22.0903 4444 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
02:28:22.0928 4444 LSI_FC - ok
02:28:22.0944 4444 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
02:28:22.0969 4444 LSI_SAS - ok
02:28:22.0984 4444 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
02:28:23.0009 4444 LSI_SCSI - ok
02:28:23.0035 4444 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
02:28:23.0106 4444 luafv - ok
02:28:23.0134 4444 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
02:28:23.0178 4444 Mcx2Svc - ok
02:28:23.0216 4444 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
02:28:23.0238 4444 megasas - ok
02:28:23.0303 4444 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
02:28:23.0351 4444 MegaSR - ok
02:28:23.0380 4444 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
02:28:23.0454 4444 MMCSS - ok
02:28:23.0566 4444 Mobile Partner. RunOuc (1ce0621b591913c12becaa5b50e88bb2) C:\Program Files\Mobile Partner\UpdateDog\ouc.exe
02:28:23.0783 4444 Mobile Partner. RunOuc - ok
02:28:23.0808 4444 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
02:28:23.0846 4444 Modem - ok
02:28:23.0877 4444 MODEMCSA (cbb59c41f19efea1a000793e08070a62) C:\Windows\system32\drivers\MODEMCSA.sys
02:28:23.0927 4444 MODEMCSA - ok
02:28:23.0960 4444 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
02:28:24.0021 4444 monitor - ok
02:28:24.0042 4444 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
02:28:24.0067 4444 mouclass - ok
02:28:24.0084 4444 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
02:28:24.0132 4444 mouhid - ok
02:28:24.0158 4444 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
02:28:24.0181 4444 MountMgr - ok
02:28:24.0223 4444 mpio (5da347912fd3af24d7bfb3de519d4bd0) C:\Windows\system32\drivers\mpio.sys
02:28:24.0249 4444 mpio - ok
02:28:24.0271 4444 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
02:28:24.0321 4444 mpsdrv - ok
02:28:24.0380 4444 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
02:28:24.0479 4444 MpsSvc - ok
02:28:24.0489 4444 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
02:28:24.0516 4444 Mraid35x - ok
02:28:24.0532 4444 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
02:28:24.0571 4444 MRxDAV - ok
02:28:24.0603 4444 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
02:28:24.0770 4444 mrxsmb - ok
02:28:24.0805 4444 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
02:28:25.0066 4444 mrxsmb10 - ok
02:28:25.0104 4444 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
02:28:25.0322 4444 mrxsmb20 - ok
02:28:25.0470 4444 msahci (5457dcfa7c0da43522f4d9d4049c1472) C:\Windows\system32\drivers\msahci.sys
02:28:25.0493 4444 msahci - ok
02:28:25.0516 4444 msdsm (2c563aef15b8d0014c36c5f27742ac7b) C:\Windows\system32\drivers\msdsm.sys
02:28:25.0541 4444 msdsm - ok
02:28:25.0573 4444 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
02:28:25.0636 4444 MSDTC - ok
02:28:25.0661 4444 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
02:28:25.0726 4444 Msfs - ok
02:28:25.0750 4444 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
02:28:25.0777 4444 msisadrv - ok
02:28:25.0812 4444 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
02:28:25.0881 4444 MSiSCSI - ok
02:28:25.0887 4444 msiserver - ok
02:28:25.0910 4444 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
02:28:25.0977 4444 MSKSSRV - ok
02:28:25.0998 4444 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
02:28:26.0063 4444 MSPCLOCK - ok
02:28:26.0083 4444 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
02:28:26.0138 4444 MSPQM - ok
02:28:26.0175 4444 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
02:28:26.0202 4444 MsRPC - ok
02:28:26.0232 4444 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
02:28:26.0254 4444 mssmbios - ok
02:28:26.0264 4444 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
02:28:26.0326 4444 MSTEE - ok
02:28:26.0346 4444 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
02:28:26.0371 4444 Mup - ok
02:28:26.0436 4444 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
02:28:26.0498 4444 napagent - ok
02:28:26.0559 4444 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
02:28:26.0617 4444 NativeWifiP - ok
02:28:26.0702 4444 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
02:28:26.0756 4444 NDIS - ok
02:28:26.0782 4444 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
02:28:26.0832 4444 NdisTapi - ok
02:28:26.0853 4444 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
02:28:26.0905 4444 Ndisuio - ok
02:28:26.0944 4444 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
02:28:27.0011 4444 NdisWan - ok
02:28:27.0028 4444 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
02:28:27.0079 4444 NDProxy - ok
02:28:27.0106 4444 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
02:28:27.0146 4444 NetBIOS - ok
02:28:27.0186 4444 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
02:28:27.0250 4444 netbt - ok
02:28:27.0325 4444 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
02:28:27.0349 4444 Netlogon - ok
02:28:27.0461 4444 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
02:28:27.0538 4444 Netman - ok
02:28:27.0574 4444 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
02:28:27.0657 4444 netprofm - ok
02:28:27.0754 4444 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
02:28:27.0777 4444 NetTcpPortSharing - ok
02:28:28.0072 4444 NETw3v32 (35d5458d9a1b26b2005abffbf4c1c5e7) C:\Windows\system32\DRIVERS\NETw3v32.sys
02:28:28.0295 4444 NETw3v32 - ok
02:28:28.0857 4444 NETw5v32 (8de67bd902095a13329fd82c85a1fa09) C:\Windows\system32\DRIVERS\NETw5v32.sys
02:28:29.0180 4444 NETw5v32 - ok
02:28:29.0351 4444 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
02:28:29.0373 4444 nfrd960 - ok
02:28:29.0417 4444 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
02:28:29.0485 4444 NlaSvc - ok
02:28:29.0517 4444 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
02:28:29.0563 4444 Npfs - ok
02:28:29.0587 4444 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
02:28:29.0628 4444 nsi - ok
02:28:29.0653 4444 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
02:28:29.0717 4444 nsiproxy - ok
02:28:29.0858 4444 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
02:28:29.0950 4444 Ntfs - ok
02:28:29.0968 4444 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
02:28:30.0042 4444 ntrigdigi - ok
02:28:30.0064 4444 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
02:28:30.0102 4444 Null - ok
02:28:31.0520 4444 nvlddmkm (24000b817cc84ac1555f41929879af5a) C:\Windows\system32\DRIVERS\nvlddmkm.sys
02:28:32.0168 4444 nvlddmkm - ok
02:28:32.0359 4444 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
02:28:32.0385 4444 nvraid - ok
02:28:32.0396 4444 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
02:28:32.0419 4444 nvstor - ok
02:28:32.0489 4444 nvsvc (c4d17f11526f87bc762f31da5bd2580b) C:\Windows\system32\nvvsvc.exe
02:28:32.0653 4444 nvsvc - ok
02:28:32.0722 4444 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
02:28:32.0750 4444 nv_agp - ok
02:28:32.0760 4444 NwlnkFlt - ok
02:28:32.0767 4444 NwlnkFwd - ok
02:28:32.0824 4444 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
02:28:32.0868 4444 ohci1394 - ok
02:28:32.0965 4444 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
02:28:33.0093 4444 p2pimsvc - ok
02:28:33.0105 4444 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
02:28:33.0142 4444 p2psvc - ok
02:28:33.0169 4444 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
02:28:33.0235 4444 Parport - ok
02:28:33.0265 4444 partmgr (b9c2b89f08670e159f7181891e449cd9) C:\Windows\system32\drivers\partmgr.sys
02:28:33.0394 4444 partmgr - ok
02:28:33.0414 4444 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
02:28:33.0511 4444 Parvdm - ok
02:28:33.0539 4444 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
02:28:33.0597 4444 PcaSvc - ok
02:28:33.0626 4444 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
02:28:33.0660 4444 pci - ok
02:28:33.0681 4444 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
02:28:33.0703 4444 pciide - ok
02:28:33.0726 4444 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
02:28:33.0752 4444 pcmcia - ok
02:28:33.0887 4444 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
02:28:34.0072 4444 PEAUTH - ok
02:28:34.0299 4444 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
02:28:34.0487 4444 pla - ok
02:28:34.0649 4444 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
02:28:34.0706 4444 PlugPlay - ok
02:28:34.0780 4444 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
02:28:34.0818 4444 PNRPAutoReg - ok
02:28:34.0830 4444 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
02:28:34.0871 4444 PNRPsvc - ok
02:28:34.0936 4444 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
02:28:35.0017 4444 PolicyAgent - ok
02:28:35.0064 4444 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
02:28:35.0114 4444 PptpMiniport - ok
02:28:35.0150 4444 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
02:28:35.0203 4444 Processor - ok
02:28:35.0245 4444 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
02:28:35.0305 4444 ProfSvc - ok
02:28:35.0335 4444 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
02:28:35.0359 4444 ProtectedStorage - ok
02:28:35.0525 4444 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
02:28:35.0585 4444 PSched - ok
02:28:35.0737 4444 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
02:28:35.0845 4444 ql2300 - ok
02:28:35.0883 4444 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
02:28:35.0916 4444 ql40xx - ok
02:28:35.0950 4444 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
02:28:36.0006 4444 QWAVE - ok
02:28:36.0025 4444 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
02:28:36.0056 4444 QWAVEdrv - ok
02:28:36.0141 4444 RapiMgr (8f97d374ad1857e1eed85a79f29a1d3d) C:\Windows\WindowsMobile\rapimgr.dll
02:28:36.0328 4444 RapiMgr - ok
02:28:36.0379 4444 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
02:28:36.0429 4444 RasAcd - ok
02:28:36.0457 4444 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
02:28:36.0522 4444 RasAuto - ok
02:28:36.0543 4444 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
02:28:36.0583 4444 Rasl2tp - ok
02:28:36.0626 4444 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
02:28:36.0684 4444 RasMan - ok
02:28:36.0715 4444 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
02:28:36.0756 4444 RasPppoe - ok
02:28:36.0775 4444 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
02:28:36.0802 4444 RasSstp - ok
02:28:36.0844 4444 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
02:28:36.0899 4444 rdbss - ok
02:28:36.0918 4444 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
02:28:36.0969 4444 RDPCDD - ok
02:28:37.0019 4444 rdpdr (943b18305eae3935598a9b4a3d560b4c) C:\Windows\system32\drivers\rdpdr.sys
02:28:37.0091 4444 rdpdr - ok
02:28:37.0116 4444 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
02:28:37.0167 4444 RDPENCDD - ok
02:28:37.0238 4444 RDPWD (c127ebd5afab31524662c48dfceb773a) C:\Windows\system32\drivers\RDPWD.sys
02:28:37.0456 4444 RDPWD - ok
02:28:37.0652 4444 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
02:28:37.0697 4444 RemoteAccess - ok
02:28:37.0720 4444 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
02:28:37.0773 4444 RemoteRegistry - ok
02:28:37.0802 4444 rimmptsk (df672613fbbcd58c38bb0bc2694bcfb0) C:\Windows\system32\DRIVERS\rimmptsk.sys
02:28:37.0864 4444 rimmptsk - ok
02:28:37.0893 4444 rimsptsk (9bfb54d3559f2ff7301271d29d383564) C:\Windows\system32\DRIVERS\rimsptsk.sys
02:28:37.0946 4444 rimsptsk - ok
02:28:37.0962 4444 rismxdp (dcb87da83cc1010cbc9fc4dc9e395bbc) C:\Windows\system32\DRIVERS\rixdptsk.sys
02:28:38.0018 4444 rismxdp - ok
02:28:38.0046 4444 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
02:28:38.0094 4444 RpcLocator - ok
02:28:38.0173 4444 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\System32\rpcss.dll
02:28:38.0225 4444 RpcSs - ok
02:28:38.0252 4444 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
02:28:38.0319 4444 rspndr - ok
02:28:38.0352 4444 RTL8169 (283392af1860ecdb5e0f8ebd7f3d72df) C:\Windows\system32\DRIVERS\Rtlh86.sys
02:28:38.0421 4444 RTL8169 - ok
02:28:38.0456 4444 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
02:28:38.0480 4444 SamSs - ok
02:28:38.0514 4444 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
02:28:38.0539 4444 sbp2port - ok
02:28:38.0573 4444 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
02:28:38.0621 4444 SCardSvr - ok
02:28:38.0717 4444 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
02:28:39.0033 4444 Schedule - ok
02:28:39.0089 4444 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
02:28:39.0120 4444 SCPolicySvc - ok
02:28:39.0158 4444 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
02:28:39.0192 4444 sdbus - ok
02:28:39.0232 4444 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
02:28:39.0322 4444 SDRSVC - ok
02:28:39.0348 4444 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
02:28:39.0423 4444 secdrv - ok
02:28:39.0450 4444 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
02:28:39.0491 4444 seclogon - ok
02:28:39.0515 4444 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\system32\sens.dll
02:28:39.0569 4444 SENS - ok
02:28:39.0591 4444 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
02:28:39.0668 4444 Serenum - ok
02:28:39.0684 4444 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
02:28:39.0771 4444 Serial - ok
02:28:39.0781 4444 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
02:28:39.0822 4444 sermouse - ok
02:28:39.0866 4444 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
02:28:39.0924 4444 SessionEnv - ok
02:28:39.0943 4444 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
02:28:39.0976 4444 sffdisk - ok
02:28:39.0985 4444 sffp_mmc (e5eafe85815bd89095fef3144a09ab68) C:\Windows\system32\drivers\sffp_mmc.sys
02:28:40.0017 4444 sffp_mmc - ok
02:28:40.0025 4444 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\drivers\sffp_sd.sys
02:28:40.0070 4444 sffp_sd - ok
02:28:40.0091 4444 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
02:28:40.0171 4444 sfloppy - ok
02:28:40.0218 4444 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
02:28:40.0284 4444 SharedAccess - ok
02:28:40.0357 4444 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
02:28:40.0663 4444 ShellHWDetection - ok
02:28:40.0719 4444 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
02:28:40.0743 4444 sisagp - ok
02:28:40.0759 4444 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
02:28:40.0784 4444 SiSRaid2 - ok
02:28:40.0810 4444 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
02:28:40.0835 4444 SiSRaid4 - ok
02:28:41.0255 4444 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
02:28:41.0583 4444 slsvc - ok
02:28:41.0728 4444 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
02:28:41.0783 4444 SLUINotify - ok
02:28:41.0850 4444 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
02:28:41.0978 4444 Smb - ok
02:28:42.0133 4444 smserial (859e3adc59d1c89a66aa6492c14d379e) C:\Windows\system32\DRIVERS\smserial.sys
02:28:42.0537 4444 smserial - ok
02:28:42.0575 4444 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
02:28:42.0613 4444 SNMPTRAP - ok
02:28:42.0629 4444 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
02:28:42.0651 4444 spldr - ok
02:28:42.0708 4444 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
02:28:42.0938 4444 Spooler - ok
02:28:42.0999 4444 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
02:28:43.0196 4444 srv - ok
02:28:43.0243 4444 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
02:28:43.0480 4444 srv2 - ok
02:28:43.0534 4444 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
02:28:43.0689 4444 srvnet - ok
02:28:43.0739 4444 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
02:28:43.0812 4444 SSDPSRV - ok
02:28:43.0848 4444 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
02:28:43.0882 4444 SstpSvc - ok
02:28:43.0959 4444 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
02:28:44.0041 4444 stisvc - ok
02:28:44.0063 4444 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
02:28:44.0085 4444 swenum - ok
02:28:44.0135 4444 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
02:28:44.0196 4444 swprv - ok
02:28:44.0214 4444 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
02:28:44.0236 4444 Symc8xx - ok
02:28:44.0246 4444 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
02:28:44.0268 4444 Sym_hi - ok
02:28:44.0279 4444 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
02:28:44.0301 4444 Sym_u3 - ok
02:28:44.0363 4444 SynTP (6dd49e1a5fa0f01824652f1a0a8866fb) C:\Windows\system32\DRIVERS\SynTP.sys
02:28:44.0561 4444 SynTP - ok
02:28:44.0631 4444 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
02:28:44.0722 4444 SysMain - ok
02:28:44.0749 4444 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
02:28:44.0812 4444 TabletInputService - ok
02:28:44.0859 4444 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
02:28:44.0929 4444 TapiSrv - ok
02:28:44.0960 4444 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
02:28:45.0012 4444 TBS - ok
02:28:45.0147 4444 Tcpip (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\drivers\tcpip.sys
02:28:45.0417 4444 Tcpip - ok
02:28:45.0434 4444 Tcpip6 (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\DRIVERS\tcpip.sys
02:28:45.0481 4444 Tcpip6 - ok
02:28:45.0606 4444 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
02:28:45.0774 4444 tcpipreg - ok
02:28:45.0804 4444 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
02:28:45.0844 4444 TDPIPE - ok
02:28:45.0856 4444 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
02:28:45.0894 4444 TDTCP - ok
02:28:45.0925 4444 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
02:28:45.0966 4444 tdx - ok
02:28:45.0989 4444 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
02:28:46.0013 4444 TermDD - ok
02:28:46.0064 4444 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
02:28:46.0092 4444 Themes - ok
02:28:46.0129 4444 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
02:28:46.0168 4444 THREADORDER - ok
02:28:46.0210 4444 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
02:28:46.0273 4444 TrkWks - ok
02:28:46.0314 4444 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
02:28:46.0360 4444 TrustedInstaller - ok
02:28:46.0404 4444 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
02:28:46.0465 4444 tssecsrv - ok
02:28:46.0508 4444 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
02:28:46.0586 4444 tunmp - ok
02:28:46.0635 4444 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
02:28:46.0786 4444 tunnel - ok
02:28:46.0805 4444 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
02:28:46.0829 4444 uagp35 - ok
02:28:46.0870 4444 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
02:28:46.0931 4444 udfs - ok
02:28:46.0975 4444 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
02:28:47.0044 4444 UI0Detect - ok
02:28:47.0070 4444 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
02:28:47.0094 4444 uliagpkx - ok
02:28:47.0135 4444 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
02:28:47.0172 4444 uliahci - ok
02:28:47.0191 4444 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
02:28:47.0215 4444 UlSata - ok
02:28:47.0239 4444 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
02:28:47.0263 4444 ulsata2 - ok
02:28:47.0281 4444 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
02:28:47.0345 4444 umbus - ok
02:28:47.0380 4444 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
02:28:47.0442 4444 upnphost - ok
02:28:47.0506 4444 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
02:28:47.0578 4444 usbccgp - ok
02:28:47.0595 4444 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
02:28:47.0657 4444 usbcir - ok
02:28:47.0677 4444 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
02:28:47.0766 4444 usbehci - ok
02:28:47.0895 4444 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
02:28:47.0943 4444 usbhub - ok
02:28:47.0970 4444 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
02:28:48.0043 4444 usbohci - ok
02:28:48.0071 4444 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
02:28:48.0150 4444 usbprint - ok
02:28:48.0196 4444 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
02:28:48.0252 4444 USBSTOR - ok
02:28:48.0277 4444 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
02:28:48.0311 4444 usbuhci - ok
02:28:48.0349 4444 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
02:28:48.0423 4444 usbvideo - ok
02:28:48.0478 4444 usb_rndisx (35c9095fa7076466afbfc5b9ec4b779e) C:\Windows\system32\DRIVERS\usb8023x.sys
02:28:48.0512 4444 usb_rndisx - ok
02:28:48.0543 4444 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
02:28:48.0597 4444 UxSms - ok
02:28:48.0650 4444 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
02:28:48.0740 4444 vds - ok
02:28:48.0782 4444 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
02:28:48.0832 4444 vga - ok
02:28:48.0853 4444 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
02:28:48.0908 4444 VgaSave - ok
02:28:48.0933 4444 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
02:28:48.0956 4444 viaagp - ok
02:28:48.0971 4444 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
02:28:49.0010 4444 ViaC7 - ok
02:28:49.0021 4444 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
02:28:49.0044 4444 viaide - ok
02:28:49.0065 4444 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
02:28:49.0089 4444 volmgr - ok
02:28:49.0133 4444 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
02:28:49.0167 4444 volmgrx - ok
02:28:49.0206 4444 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
02:28:49.0247 4444 volsnap - ok
02:28:49.0282 4444 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
02:28:49.0316 4444 vsmraid - ok
02:28:49.0481 4444 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
02:28:49.0620 4444 VSS - ok
02:28:49.0677 4444 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
02:28:49.0754 4444 W32Time - ok
02:28:49.0819 4444 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
02:28:49.0910 4444 WacomPen - ok
02:28:49.0931 4444 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
02:28:49.0977 4444 Wanarp - ok
02:28:49.0984 4444 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
02:28:50.0020 4444 Wanarpv6 - ok
02:28:50.0112 4444 WcesComm (59e19bd13c3bdb857646b9e436ba27f7) C:\Windows\WindowsMobile\wcescomm.dll
02:28:50.0278 4444 WcesComm - ok
02:28:50.0344 4444 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
02:28:50.0436 4444 wcncsvc - ok
02:28:50.0460 4444 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
02:28:50.0526 4444 WcsPlugInService - ok
02:28:50.0558 4444 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
02:28:50.0580 4444 Wd - ok
02:28:50.0787 4444 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
02:28:50.0841 4444 Wdf01000 - ok
02:28:50.0859 4444 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
02:28:50.0928 4444 WdiServiceHost - ok
02:28:50.0935 4444 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
02:28:50.0979 4444 WdiSystemHost - ok
02:28:51.0012 4444 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
02:28:51.0073 4444 WebClient - ok
02:28:51.0116 4444 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
02:28:51.0352 4444 Wecsvc - ok
02:28:51.0378 4444 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
02:28:51.0414 4444 wercplsupport - ok
02:28:51.0450 4444 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
02:28:51.0517 4444 WerSvc - ok
02:28:51.0629 4444 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
02:28:51.0664 4444 WinDefend - ok
02:28:51.0678 4444 WinHttpAutoProxySvc - ok
02:28:51.0742 4444 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
02:28:51.0779 4444 Winmgmt - ok
02:28:51.0931 4444 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
02:28:52.0204 4444 WinRM - ok
02:28:52.0305 4444 WINUSB (676f4b665bdd8053eaa53ac1695b8074) C:\Windows\system32\DRIVERS\WinUSB.SYS
02:28:52.0363 4444 WINUSB - ok
02:28:52.0441 4444 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
02:28:52.0535 4444 Wlansvc - ok
02:28:52.0570 4444 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
02:28:52.0604 4444 WmiAcpi - ok
02:28:52.0702 4444 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
02:28:52.0769 4444 wmiApSrv - ok
02:28:52.0967 4444 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
02:28:53.0080 4444 WMPNetworkSvc - ok
02:28:53.0130 4444 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
02:28:53.0194 4444 WPCSvc - ok
02:28:53.0240 4444 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
02:28:53.0282 4444 WPDBusEnum - ok
02:28:53.0350 4444 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
02:28:53.0389 4444 ws2ifsl - ok
02:28:53.0419 4444 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\system32\wscsvc.dll
02:28:53.0452 4444 wscsvc - ok
02:28:53.0461 4444 WSearch - ok
02:28:53.0713 4444 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
02:28:54.0040 4444 wuauserv - ok
02:28:54.0204 4444 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
02:28:54.0247 4444 WUDFRd - ok
02:28:54.0296 4444 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
02:28:54.0347 4444 wudfsvc - ok
02:28:54.0430 4444 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
02:28:55.0062 4444 \Device\Harddisk0\DR0 - ok
02:28:55.0067 4444 Boot (0x1200) (7263226b6e780e274cd52efe06c852f3) \Device\Harddisk0\DR0\Partition0
02:28:55.0070 4444 \Device\Harddisk0\DR0\Partition0 - ok
02:28:55.0100 4444 Boot (0x1200) (446410ad643768231321ac641c6e92fa) \Device\Harddisk0\DR0\Partition1
02:28:55.0103 4444 \Device\Harddisk0\DR0\Partition1 - ok
02:28:55.0134 4444 Boot (0x1200) (4aa4291a91a97f1bb7f7a7c733945ae0) \Device\Harddisk0\DR0\Partition2
02:28:55.0136 4444 \Device\Harddisk0\DR0\Partition2 - ok
02:28:55.0137 4444 ============================================================
02:28:55.0137 4444 Scan finished
02:28:55.0137 4444 ============================================================
02:28:55.0154 2064 Detected object count: 0
02:28:55.0154 2064 Actual detected object count: 0
02:29:08.0532 4852 Deinitialize success


P.S.
r16 mi sono permesso di postare anche questo screen,i 3 processi in rosso sono sempre attivi anche se non sto mai utilizzando nè cmd,nè shell nè tantomeno wmp.




anche "Trustedinstaller.exe" è stranamente perennemente attivo.

jessy42

Tanto per metterti al corrente, r16 è un collaboratore più che qualificato in riguardo ai problemi di Sicurezza Virus.


takana

Pidue collabora con questo forum da diversi anni, tu ti sei appena iscritto, come pensi di poter giudicare il lavoro di altri, su cosa basi la mafiosità, prima di parlare vai a rileggerti gli oltre seimila post inseriti da pidue.


Se a qualcuno non sta bene questo forum per come viene gestito, può liberamente cambiare forum.

il Capo Mafioso Alfonso Roselli

---

alfonso_aiutamici@hotmail.it

Sono i cosidetti professori che permettono l'esistenza di questo forum, e poi PREVX CSI è un prodotto commerciale, cosa facciamo, diamo indicazioni di acquistare un programma commerciale per eliminare un problema?

Ripeto, se non siete contenti di come i professori collaborano gratuitamente in questo forum, nessuno vi trattiene dallo spostarvi in un altro forum.

---

alfonso_aiutamici@hotmail.it

Ancora guai per Prevx, la società che allertava sulle schermate nere

Diffusione di notizie false... Procurato allarme...

Alla fine dell'articolo vengono riportati casi di utenti beffati dal programma


Scusa R16

chiedo scusa per il mio ritardo,mi permetto solo di dire che non penso sia elegante mancare di rispetto a Roselli che è pur sempre l amministratore del sito. ora,soprassedendo al resto delle polemiche,fornisco i log richiesti.

@r16 ATTENZIONE,prima di visionare i logs ti riporto quanto segue: ho eseguito fedelmente ogni istruzione, la scansione con ComboFix è durata oltre 18 minuti,e al termine ha tentato di eliminare qualcosa,è apparsa la scritta "eliminazione file" ma non è riuscito.
OTL è andato in crash per 2 minuti nonappena avviato,poi si è ripreso e ha terminato la scansione,ho anche controllato le 2 voci di registro sospette che ho riportato all inizio del post,e ho notato che sono diventate 3 dopo la scansione di ComboFix .






ecco i logs

ComboFix .txt

OTL.Txt

Extras.Txt