Virus Polizia Penitenziaria,Polizia di Stato,Carabinieri (RISOLTO)

Eliasia

Posted on 13/10/2014, 12:17

User deleted

Ariciao !
Ho ripescato un modem che avevo di riserva, il risultato del nslookup ora è:

C:\Users\Win7>nslookup
Server predefinito: Unknown
Address: 192.168.1.1

Ho riaperto una pagina ed la polizia è ancora lì !
Mi sa che devo chiamare un tecnico !
Grazie ancora di tutto
:huh:

vicky67

Posted on 13/10/2014, 12:32

Master Malware Expert

Group: Administrator

Posts: 4,519

Location: Poggio Mirteto(RI)

Status: Anonymous

Il primo router e' infetto.Hai lo stesso problema di questo utente che con il reset ha risolto.Evidentemente il file infetto è in delle cartelle che lavorano mentre sei in internet.
Se hai

Il secondo router non è infetto,evidentemente l'infezione ha infettato il router principale ed è ancora residente.

Edited by vicky67 - 13/10/2014, 17:24

foo82

Posted on 13/10/2014, 22:37

Aiutante

Group: Member

Posts: 6,404

Status: Offline

Salve. Disperazione totale. Mia sorella ha beccato il virus Interpol sul suo Toshiba Satellite con Windows 7. Nel tentativo di eliminarlo ha usato Spyhunter, ma ha complicato le cose, in quanto a) non ha rimosso il virus; b) ha modificato il boot e quindi ad ogni accensione bisognava scegliere tra Spyhunter, Windows XP (!) e Vista/7. Allora abbiamo fatto ricorso ai dvd di ripristino, sacrificando anche i dati (delle cose imprortanti aveva fatto backup, comunque). Il problema è che, dopo la formattazione dell'intero hard disk e la reinstallazione di Windows 7, di Chrome, di AVG, gli aggiornamenti Adobe... al terzo sito visitato, s'è ripresentata la maledetta pagina fasulla dell'Interpol. Questa versione permette di usare il pc, anche la modalità provvisoria, e il redirect non avviene con tutte le pagine (ad es. su google, facebook, youtube, no).
In serata abbiamo provato la scansione in modalità provvisoria con lo Strumento di rimozione malware di Microsoft e anche con Malwarebytes e, in entrambi i casi, il pc si è spento dopo un paio di minuti. Adesso io non so più dove mettere le mani.
Per quanto riguarda lo spegnimento, escluderei dalle cause sia il riscaldamento che l'hard disk corrotto, in quanto nel pomeriggio aveva retto senza problemi una lunga scansione di AVG. E pure il modem dovrebbe essere a posto, perché ad esso sono connessi altri due pc e lo smartphone e l'unico infettato è il suo notebook.
Come uscirne?

Web

vicky67

Posted on 14/10/2014, 06:15

Master Malware Expert

Group: Administrator

Posts: 4,519

Location: Poggio Mirteto(RI)

Status: Anonymous

Grazie per le dettagliate informazioni.
-Allega un log di Farbar recovery scan tool eseguito in modalità normale.
La guida è alla mia firma. "Gu ai tools rimozione"
-Vai sul prompt dei comandi e digita nslookup e dai invio
postami anche questo log
-vorrei anche che provassi ad usare differenti browser e contrllare se tutti hanno lo stesso problema
Esegui anche una scansione con tdss killer ed allega il log.
Trovi le istruzioni al solito posto.
Puoi mettere tutti i log in una cartella e zipparla.Poi allegala tramite la gestione allegati

Edited by vicky67 - 14/10/2014, 09:43

foo82

Posted on 14/10/2014, 10:41

Aiutante

Group: Member

Posts: 6,404

Status: Offline

Ho fatto come m'ha chiesto. Ecco i log.

FRST

SPOILER (clicca per visualizzare)

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-10-2014 02
Ran by Maria Grazia (administrator) on GRACETOSH on 14-10-2014 10:58:37
Running from C:\Users\Maria Grazia\Desktop\FRST64
Loaded Profile: Maria Grazia (Available profiles: Maria Grazia)
Platform: Windows 7 Home Premium (X64) OS Language: Italiano (Italia)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33508...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Toshiba Europe GmbH) C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe
(TOSHIBA) C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgfws.exe
(McAfee, Inc.) C:\Program Files\mcafee.com\agent\mcagent.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe
(Microsoft Corp.) C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1399.0\mswinext.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfevtps.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [595816 2010-04-23] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38304 2010-07-09] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba TEMPRO] => C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1050072 2010-05-11] (Toshiba Europe GmbH)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11101800 2010-07-28] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2120808 2010-07-28] (Realtek Semiconductor)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [505768 2010-05-25] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [570680 2009-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [915320 2010-05-10] (TOSHIBA Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2052392 2010-03-10] (Synaptics Incorporated)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2010-02-05] (TOSHIBA Corporation)
HKLM\...\Run: [SmartFaceVWatcher] => C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [238080 2009-10-19] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba Registration] => C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [136136 2010-04-19] (Toshiba Europe GmbH)
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [1465304 2010-01-27] (McAfee, Inc.)
HKLM-x32\...\Run: [NBAgent] => c:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe [1086760 2010-03-09] (Nero AG)
HKLM-x32\...\Run: [Bing Bar] => C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1399.0\mswinext.exe [243032 2010-03-04] (Microsoft Corp.)
HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [288088 2009-11-11] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-07-27] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SVPWUTIL] => C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe [352256 2010-02-22] (TOSHIBA)
HKLM-x32\...\Run: [HWSetup] => C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [423936 2010-03-04] (TOSHIBA Electronics, Inc.)
HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2010-08-15] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [TWebCamera] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2454840 2010-05-01] (TOSHIBA CORPORATION.)
HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1294136 2009-10-06] (TOSHIBA Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3593744 2014-09-05] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKU\S-1-5-21-1886728548-3439149728-2895268225-1001\...\Run: [TOSHIBA Online Product Information] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [4581280 2010-03-03] (TOSHIBA)
HKU\S-1-5-18\...\Run: [TOSHIBA Online Product Information] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [4581280 2010-03-03] (TOSHIBA)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://toshiba.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba.msn.com
URLSearchHook: HKCU - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKCU - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {9B8A463B-7453-4C17-9C6F-583C3E0F3DBA} URL =
SearchScopes: HKCU - {63B98C1F-3DED-4120-94EE-388D8B2AD92A} URL = http://rover.ebay.com/rover/1/724-44559-94...le={searchTerms}
SearchScopes: HKCU - {9B8A463B-7453-4C17-9C6F-583C3E0F3DBA} URL =
SearchScopes: HKCU - {C0AE9E5C-BFCC-428E-B995-7BA262116FD2} URL = http://www.amazon.co.uk/gp/search?ie=UTF8&...ed&linkCode=ur2
BHO: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\Program Files\mcafee\msk\mskapbho64.dll ()
BHO: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20100831183533.dll (McAfee, Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\Program Files\mcafee\msk\mskapbho.dll ()
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO-x32: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20100831183533.dll (McAfee, Inc.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Bing Bar BHO -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1399.0\npwinext.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<toshiba>)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - @C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1399.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1399.0\npwinext.dll (Microsoft Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 94.249.192.104 8.8.8.8
Tcpip\..\Interfaces\{F495EA28-CDB7-4A69-BC3C-93EF56BFEC02}: [NameServer] 8.8.8.8,8.8.4.4

FireFox:
========
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\3.0.40818.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpWinExt,version=5.0 -> C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1399.0\npwinext.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{B7082FAA-CB62-4872-9106-E42DD88EDE45}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2010-08-31]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1399.0\Firefox
FF Extension: Bing Bar - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1399.0\Firefox [2010-08-31]
FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension
FF Extension: Search Helper Extension - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension [2010-08-31]

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.it/"
CHR Profile: C:\Users\Maria Grazia\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Presentazioni Google) - C:\Users\Maria Grazia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-13]
CHR Extension: (Documenti Google) - C:\Users\Maria Grazia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-13]
CHR Extension: (Google Drive) - C:\Users\Maria Grazia\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-13]
CHR Extension: (YouTube) - C:\Users\Maria Grazia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-13]
CHR Extension: (Ricerca Google) - C:\Users\Maria Grazia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-13]
CHR Extension: (Fogli Google) - C:\Users\Maria Grazia\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-13]
CHR Extension: (Google Wallet) - C:\Users\Maria Grazia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-13]
CHR Extension: (Gmail) - C:\Users\Maria Grazia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-13]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgfws; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [1459872 2014-09-05] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3364368 2014-09-05] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [293448 2014-09-05] (AVG Technologies CZ, s.r.o.)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [1811456 2010-08-27] (Realsil Microelectronics Inc.) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [355440 2009-12-14] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [355440 2009-12-14] (McAfee, Inc.)
R2 mcmscsvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [355440 2009-12-14] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [355440 2009-12-14] (McAfee, Inc.)
R2 McNASvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [355440 2009-12-14] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [509416 2009-12-30] (McAfee, Inc.)
S4 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [355440 2009-12-14] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [355440 2009-12-14] (McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [199032 2010-01-05] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [244840 2010-01-05] (McAfee, Inc.)
R2 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe [148520 2010-01-05] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [355440 2009-12-14] (McAfee, Inc.)
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [124368 2010-05-11] (Toshiba Europe GmbH)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [247576 2014-07-24] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-20] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-08-06] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [270616 2014-07-02] (AVG Technologies CZ, s.r.o.)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [62416 2010-01-05] (McAfee, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-10-14] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-10-01] (Malwarebytes Corporation)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [121504 2010-01-05] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [189880 2010-01-05] (McAfee, Inc.)
U3 mfeavfk01; No ImagePath
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [440688 2010-01-05] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [528232 2010-01-05] (McAfee, Inc.)
R1 mfenlfk; C:\Windows\System32\DRIVERS\mfenlfk.sys [75288 2010-01-05] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [93840 2010-01-05] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [279752 2010-01-05] (McAfee, Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-14 10:58 - 2014-10-14 10:58 - 00000000 ____D () C:\FRST
2014-10-14 10:57 - 2014-10-14 10:58 - 00000000 ____D () C:\Users\Maria Grazia\Desktop\FRST64
2014-10-14 10:56 - 2014-10-14 09:49 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Maria Grazia\Desktop\tdsskiller.exe
2014-10-14 10:54 - 2014-10-14 10:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-10-14 00:17 - 2014-10-14 00:17 - 01602511 _____ () C:\Users\Maria Grazia\Downloads\FRST64.zip
2014-10-13 23:47 - 2014-10-13 23:47 - 00086788 _____ () C:\Users\Maria Grazia\Documents\Come eliminare virus Interpol2.htm
2014-10-13 23:47 - 2014-10-13 23:47 - 00000000 ____D () C:\Users\Maria Grazia\Documents\Come eliminare virus Interpol2_file
2014-10-13 23:46 - 2014-10-13 23:46 - 00003626 _____ () C:\Users\Maria Grazia\Documents\scuolissima.txt
2014-10-13 23:40 - 2014-10-13 23:40 - 00897513 _____ () C:\Users\Maria Grazia\Documents\Il Virus della Polizia continua a fare danni - Commenti pag_ 4 - Tom's Hardware.mht
2014-10-13 23:39 - 2014-10-13 23:40 - 00907970 _____ () C:\Users\Maria Grazia\Documents\Il Virus della Polizia continua a fare danni - Commenti pag_ 3 - Toms Hardware.mht
2014-10-13 23:38 - 2014-10-13 23:38 - 00913093 _____ () C:\Users\Maria Grazia\Documents\Il Virus della Polizia continua a fare danni - Commenti pag_ 2 - Toms Hardware.mht
2014-10-13 23:29 - 2014-10-13 23:29 - 01111354 _____ () C:\Users\Maria Grazia\Documents\Il Virus della Polizia continua a fare danToms Hardware.mht
2014-10-13 21:23 - 2014-10-14 10:55 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-13 21:22 - 2014-10-13 21:27 - 00001113 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-13 21:22 - 2014-10-13 21:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-13 21:22 - 2014-10-13 21:27 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-13 21:22 - 2014-10-13 21:22 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-13 21:22 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-13 21:22 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-13 21:22 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-10-13 20:54 - 2014-10-13 21:00 - 31766208 _____ (Microsoft Corporation) C:\Users\Maria Grazia\Downloads\Windows-KB890830-x64-V5.16.exe
2014-10-13 20:06 - 2014-10-13 20:06 - 00290862 _____ () C:\Windows\msxml4-KB973688-enu.LOG
2014-10-13 20:06 - 2014-10-13 20:06 - 00290564 _____ () C:\Windows\msxml4-KB954430-enu.LOG
2014-10-13 20:06 - 2014-10-13 20:06 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-10-13 20:05 - 2010-02-23 10:16 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\browserchoice.exe
2014-10-13 20:01 - 2014-10-13 20:05 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-13 20:01 - 2014-08-29 13:01 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-13 20:00 - 2011-04-09 08:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-10-13 20:00 - 2011-04-09 08:45 - 05509504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-13 20:00 - 2011-04-09 08:13 - 03957632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-10-13 20:00 - 2011-04-09 08:13 - 03901824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-10-13 20:00 - 2011-04-09 07:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2014-10-13 19:04 - 2014-10-13 19:06 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
2014-10-13 19:04 - 2014-10-13 19:06 - 00002021 _____ () C:\Users\Public\Desktop\Adobe Reader 9.lnk
2014-10-13 19:04 - 2014-10-13 19:04 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-10-13 18:37 - 2014-10-13 19:04 - 00000000 ____D () C:\Users\Maria Grazia\AppData\Local\Adobe
2014-10-13 18:26 - 2014-10-13 18:26 - 00000000 ____D () C:\Users\Maria Grazia\AppData\Local\TOSHIBA_Corporation
2014-10-13 18:25 - 2014-10-13 18:25 - 00000000 ____D () C:\ProgramData\Avg_Update_0914avi
2014-10-13 18:23 - 2014-10-13 18:23 - 00000000 ____D () C:\Users\Maria Grazia\AppData\Roaming\AVG2015
2014-10-13 18:22 - 2014-10-13 18:22 - 00000980 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
2014-10-13 18:22 - 2014-10-13 18:22 - 00000000 ____D () C:\Users\Maria Grazia\AppData\Roaming\TuneUp Software
2014-10-13 18:22 - 2014-10-13 18:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-10-13 18:20 - 2014-10-13 18:23 - 00000000 ____D () C:\ProgramData\AVG2015
2014-10-13 18:20 - 2014-10-13 18:20 - 00000000 ___HD () C:\$AVG
2014-10-13 18:20 - 2014-10-13 18:20 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-10-13 18:18 - 2014-10-14 11:00 - 00000000 ____D () C:\ProgramData\MFAData
2014-10-13 18:18 - 2014-10-13 19:12 - 00000000 ____D () C:\Users\Maria Grazia\AppData\Local\Avg2015
2014-10-13 18:18 - 2014-10-13 18:18 - 00000000 ____D () C:\Users\Maria Grazia\AppData\Local\MFAData
2014-10-13 18:14 - 2014-10-13 18:14 - 00002264 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-13 18:14 - 2014-10-13 18:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-10-13 18:13 - 2014-10-14 10:54 - 00001158 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-13 18:13 - 2014-10-14 00:19 - 00001162 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-13 18:13 - 2014-10-13 18:14 - 00000000 ____D () C:\Users\Maria Grazia\AppData\Local\Google
2014-10-13 18:13 - 2014-10-13 18:14 - 00000000 ____D () C:\Program Files (x86)\Google
2014-10-13 18:13 - 2014-10-13 18:13 - 00004158 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-13 18:13 - 2014-10-13 18:13 - 00003906 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-13 18:12 - 2014-10-13 18:37 - 00000000 ____D () C:\Users\Maria Grazia\AppData\Roaming\Adobe
2014-10-13 18:12 - 2014-10-13 18:13 - 00000000 ____D () C:\Users\Maria Grazia\AppData\Local\Deployment
2014-10-13 18:12 - 2014-10-13 18:12 - 00000000 ____D () C:\Users\Maria Grazia\AppData\Local\Apps\2.0
2014-10-13 18:08 - 2014-10-13 20:41 - 00000000 ____D () C:\Users\Maria Grazia\AppData\Roaming\Toshiba
2014-10-13 18:06 - 2014-10-13 18:06 - 00001434 _____ () C:\Users\Maria Grazia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-10-13 18:06 - 2014-10-13 18:06 - 00000000 ____D () C:\Users\Maria Grazia\AppData\Roaming\Nero
2014-10-13 18:06 - 2014-10-13 18:06 - 00000000 ____D () C:\Users\Maria Grazia\AppData\Roaming\ATI
2014-10-13 18:06 - 2014-10-13 18:06 - 00000000 ____D () C:\Users\Maria Grazia\AppData\Local\Toshiba
2014-10-13 18:06 - 2014-10-13 18:06 - 00000000 ____D () C:\Users\Maria Grazia\AppData\Local\ATI
2014-10-13 18:05 - 2014-10-13 18:05 - 00057560 _____ () C:\Users\Maria Grazia\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-13 18:05 - 2014-10-13 18:05 - 00000000 ____D () C:\Users\Maria Grazia\AppData\Local\VirtualStore
2014-10-13 18:04 - 2014-10-13 18:04 - 00000000 ____D () C:\ProgramData\ToshibaEurope
2014-10-13 18:04 - 2012-06-03 00:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-10-13 18:04 - 2012-06-03 00:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-10-13 18:04 - 2012-06-03 00:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-10-13 18:04 - 2012-06-03 00:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-10-13 18:03 - 2014-10-13 18:06 - 00000000 ____D () C:\Users\Maria Grazia
2014-10-13 18:03 - 2014-10-13 18:03 - 00000020 ___SH () C:\Users\Maria Grazia\ntuser.ini
2014-10-13 18:03 - 2014-10-13 18:03 - 00000000 _SHDL () C:\Users\Maria Grazia\Risorse di stampa
2014-10-13 18:03 - 2014-10-13 18:03 - 00000000 _SHDL () C:\Users\Maria Grazia\Risorse di rete
2014-10-13 18:03 - 2014-10-13 18:03 - 00000000 _SHDL () C:\Users\Maria Grazia\Recenti
2014-10-13 18:03 - 2014-10-13 18:03 - 00000000 _SHDL () C:\Users\Maria Grazia\Modelli
2014-10-13 18:03 - 2014-10-13 18:03 - 00000000 _SHDL () C:\Users\Maria Grazia\Menu Avvio
2014-10-13 18:03 - 2014-10-13 18:03 - 00000000 _SHDL () C:\Users\Maria Grazia\Impostazioni locali
2014-10-13 18:03 - 2014-10-13 18:03 - 00000000 _SHDL () C:\Users\Maria Grazia\Documents\Video
2014-10-13 18:03 - 2014-10-13 18:03 - 00000000 _SHDL () C:\Users\Maria Grazia\Documents\Musica
2014-10-13 18:03 - 2014-10-13 18:03 - 00000000 _SHDL () C:\Users\Maria Grazia\Documents\Immagini
2014-10-13 18:03 - 2014-10-13 18:03 - 00000000 _SHDL () C:\Users\Maria Grazia\Documenti
2014-10-13 18:03 - 2014-10-13 18:03 - 00000000 _SHDL () C:\Users\Maria Grazia\Dati applicazioni
2014-10-13 18:03 - 2014-10-13 18:03 - 00000000 _SHDL () C:\Users\Maria Grazia\AppData\Roaming\Microsoft\Windows\Start Menu\Programmi
2014-10-13 18:03 - 2014-10-13 18:03 - 00000000 _SHDL () C:\Users\Maria Grazia\AppData\Local\Dati applicazioni
2014-10-13 18:03 - 2014-10-13 18:03 - 00000000 _SHDL () C:\Users\Maria Grazia\AppData\Local\Cronologia
2014-10-13 18:03 - 2012-06-03 00:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-10-13 18:03 - 2012-06-03 00:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-10-13 18:03 - 2012-06-03 00:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-10-13 18:03 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-10-13 18:03 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-10-13 18:03 - 2010-08-31 18:46 - 00000000 ____D () C:\Users\Maria Grazia\AppData\Roaming\Macromedia
2014-10-13 18:03 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\Maria Grazia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-13 18:03 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\Maria Grazia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-10-13 18:02 - 2014-10-13 18:02 - 00000000 _SHDL () C:\Users\Public\Documents\Video
2014-10-13 18:02 - 2014-10-13 18:02 - 00000000 _SHDL () C:\Users\Public\Documents\Musica
2014-10-13 18:02 - 2014-10-13 18:02 - 00000000 _SHDL () C:\Users\Public\Documents\Immagini
2014-10-13 18:02 - 2014-10-13 18:02 - 00000000 _SHDL () C:\Users\Default\Risorse di stampa
2014-10-13 18:02 - 2014-10-13 18:02 - 00000000 _SHDL () C:\Users\Default\Risorse di rete
2014-10-13 18:02 - 2014-10-13 18:02 - 00000000 _SHDL () C:\Users\Default\Recenti
2014-10-13 18:02 - 2014-10-13 18:02 - 00000000 _SHDL () C:\Users\Default\Modelli
2014-10-13 18:02 - 2014-10-13 18:02 - 00000000 _SHDL () C:\Users\Default\Menu Avvio
2014-10-13 18:02 - 2014-10-13 18:02 - 00000000 _SHDL () C:\Users\Default\Impostazioni locali
2014-10-13 18:02 - 2014-10-13 18:02 - 00000000 _SHDL () C:\Users\Default\Documents\Video
2014-10-13 18:02 - 2014-10-13 18:02 - 00000000 _SHDL () C:\Users\Default\Documents\Musica
2014-10-13 18:02 - 2014-10-13 18:02 - 00000000 _SHDL () C:\Users\Default\Documents\Immagini
2014-10-13 18:02 - 2014-10-13 18:02 - 00000000 _SHDL () C:\Users\Default\Documenti
2014-10-13 18:02 - 2014-10-13 18:02 - 00000000 _SHDL () C:\Users\Default\Dati applicazioni
2014-10-13 18:02 - 2014-10-13 18:02 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programmi
2014-10-13 18:02 - 2014-10-13 18:02 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Dati applicazioni
2014-10-13 18:02 - 2014-10-13 18:02 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Cronologia
2014-10-13 18:02 - 2014-10-13 18:02 - 00000000 _SHDL () C:\Users\Default User\Documents\Video
2014-10-13 18:02 - 2014-10-13 18:02 - 00000000 _SHDL () C:\Users\Default User\Documents\Musica
2014-10-13 18:02 - 2014-10-13 18:02 - 00000000 _SHDL () C:\Users\Default User\Documents\Immagini
2014-10-13 18:02 - 2014-10-13 18:02 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programmi
2014-10-13 18:02 - 2014-10-13 18:02 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Dati applicazioni
2014-10-13 18:02 - 2014-10-13 18:02 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Cronologia
2014-10-13 18:02 - 2014-10-13 18:02 - 00000000 _SHDL () C:\Programmi
2014-10-13 18:02 - 2014-10-13 18:02 - 00000000 _SHDL () C:\ProgramData\Preferiti
2014-10-13 18:02 - 2014-10-13 18:02 - 00000000 _SHDL () C:\ProgramData\Modelli
2014-10-13 18:02 - 2014-10-13 18:02 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programmi
2014-10-13 18:02 - 2014-10-13 18:02 - 00000000 _SHDL () C:\ProgramData\Menu Avvio
2014-10-13 18:02 - 2014-10-13 18:02 - 00000000 _SHDL () C:\ProgramData\Documenti
2014-10-13 18:02 - 2014-10-13 18:02 - 00000000 _SHDL () C:\ProgramData\Dati applicazioni
2014-10-13 18:02 - 2014-10-13 18:02 - 00000000 _SHDL () C:\Program Files\File comuni
2014-10-13 17:58 - 2014-10-13 17:58 - 00000000 __RSH () C:\Windows\SysWOW64\Drivers\TOSHIBA_Satellite C660D_13012-IT_PSC0UE-00800.MRK
2014-10-13 17:56 - 2014-10-13 17:56 - 00000000 ____D () C:\Windows\OemDrv
2014-10-13 17:54 - 2014-10-13 17:54 - 00002435 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk
2014-10-13 17:54 - 2014-10-13 17:54 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-10-13 17:51 - 2014-10-13 17:51 - 00000000 _____ () C:\Windows\NDSTray.INI
2014-10-13 17:51 - 2009-10-07 18:13 - 00070200 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
2014-10-13 17:51 - 2009-10-07 18:13 - 00028728 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
2014-10-13 17:50 - 2014-10-13 17:50 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-10-13 17:47 - 2009-06-22 17:06 - 00035008 _____ (TOSHIBA Corporation) C:\Windows\system32\Drivers\PGEffect.sys
2014-10-13 17:46 - 2014-10-13 17:49 - 00000000 ____D () C:\ProgramData\Toshiba
2014-10-13 17:44 - 2014-10-13 17:45 - 00000000 ____D () C:\Program Files (x86)\Realtek WLAN Driver
2014-10-13 17:44 - 2014-10-13 17:44 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2014-10-13 17:44 - 2014-10-13 17:44 - 00000000 ____D () C:\Windows\SysWOW64\sda
2014-10-13 17:44 - 2014-10-13 17:44 - 00000000 ____D () C:\Program Files\Synaptics
2014-10-13 17:44 - 2010-04-28 11:32 - 00932384 _____ (Realtek Semiconductor Corporation ) C:\Windows\system32\Drivers\rtl8192ce.sys
2014-10-13 17:44 - 2010-04-27 01:23 - 01103904 _____ (Realtek Semiconductor Corporation ) C:\Windows\system32\Drivers\rtl8192se.sys
2014-10-13 17:44 - 2010-04-08 10:07 - 00612352 _____ (Realtek Semiconductor Corporation ) C:\Windows\system32\Drivers\rtl819xp.sys
2014-10-13 17:44 - 2010-04-01 14:01 - 00442368 _____ (Realtek Semiconductor Corporation ) C:\Windows\system32\Drivers\rtl8187Se.sys
2014-10-13 17:44 - 2010-03-31 11:10 - 00450048 _____ (Realtek Semiconductor Corporation ) C:\Windows\system32\Drivers\rtl8187B.sys
2014-10-13 17:44 - 2010-01-07 09:05 - 07367200 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RtsUStoricon.dll
2014-10-13 17:44 - 2010-01-07 09:05 - 00422432 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtsUStor.dll
2014-10-13 17:44 - 2010-01-07 09:05 - 00232992 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsUStor.sys
2014-10-13 17:44 - 2009-02-05 02:49 - 00451072 ____N () C:\Windows\SysWOW64\ISSRemoveSP.exe
2014-10-13 17:43 - 2014-10-13 17:44 - 00007886 _____ () C:\Windows\DPINST.LOG
2014-10-13 17:39 - 2014-10-13 19:54 - 00001796 _____ () C:\Windows\PFRO.log
2014-10-13 17:39 - 1999-10-12 18:47 - 00024576 _____ (Toshiba) C:\Windows\SysWOW64\TSCI.dll
2014-10-13 17:39 - 1999-10-12 18:45 - 00024576 _____ (Toshiba) C:\Windows\SysWOW64\THCI.dll
2014-10-13 17:38 - 2014-10-13 17:39 - 00000000 ____D () C:\ProgramData\win7_64
2014-10-13 17:38 - 2014-10-13 17:39 - 00000000 ____D () C:\ProgramData\win7_32
2014-10-13 17:38 - 2014-10-13 17:38 - 00000000 ____D () C:\Windows\SysWOW64\Microsoft.VC80.MFC
2014-10-13 17:38 - 2014-10-13 17:38 - 00000000 ____D () C:\ProgramData\xp
2014-10-13 17:38 - 2014-10-13 17:38 - 00000000 ____D () C:\ProgramData\vista64
2014-10-13 17:38 - 2014-10-13 17:38 - 00000000 ____D () C:\ProgramData\vista32
2014-10-13 17:37 - 2014-10-13 17:38 - 00000000 ____D () C:\Windows\system32\Microsoft.VC80.MFC
2014-10-13 17:37 - 2014-10-13 17:37 - 00020592 _____ (Compal Electronics, INC.) C:\Windows\system32\Drivers\CeKbFilter.sys
2014-10-13 17:37 - 2010-03-04 01:44 - 00049664 _____ (COMPAL ELECTRONIC INC.) C:\Windows\system32\HWS_Ctrl.dll
2014-10-13 17:37 - 2010-03-04 01:44 - 00008192 _____ (COMPAL ELECTRONIC INC.) C:\Windows\system32\TSBWLS.dll
2014-10-13 17:36 - 2014-10-13 17:47 - 00000000 ____D () C:\Windows\Downloaded Installations
2014-10-13 17:35 - 2014-10-13 17:35 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-10-13 17:35 - 2014-10-13 17:35 - 00000000 ____D () C:\Program Files\Realtek
2014-10-13 17:34 - 2014-10-13 17:44 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-10-13 17:34 - 2014-10-13 17:35 - 00002194 _____ () C:\RHDSetup.log
2014-10-13 17:34 - 2014-10-13 17:35 - 00000000 ___HD () C:\Program Files (x86)\Temp
2014-10-13 17:34 - 2014-10-13 17:34 - 00000000 ____D () C:\ProgramData\ATI
2014-10-13 17:34 - 2010-08-04 18:16 - 00000008 _____ () C:\Windows\system32\Drivers\rtkhdaud.dat
2014-10-13 17:34 - 2010-07-28 18:26 - 02445672 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-10-13 17:34 - 2010-07-28 18:26 - 02032232 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2014-10-13 17:34 - 2010-07-28 18:26 - 01146984 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2014-10-13 17:34 - 2010-07-28 18:26 - 00332392 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2014-10-13 17:34 - 2010-07-28 18:26 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2014-10-13 17:34 - 2010-07-28 18:25 - 02618984 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2014-10-13 17:34 - 2010-07-28 18:25 - 01213544 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-10-13 17:34 - 2010-07-28 18:25 - 00476264 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-10-13 17:34 - 2010-07-28 18:25 - 00372328 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2014-10-13 17:34 - 2010-07-28 18:25 - 00076904 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInst64.dll
2014-10-13 17:34 - 2010-07-27 13:54 - 01251944 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2014-10-13 17:34 - 2010-07-22 16:48 - 00220496 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\system32\SFNHK64.dll
2014-10-13 17:34 - 2010-07-22 16:48 - 00081232 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\system32\SFCOM64.dll
2014-10-13 17:34 - 2010-07-22 16:48 - 00078160 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\system32\SFAPO64.dll
2014-10-13 17:34 - 2010-07-22 16:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2014-10-13 17:34 - 2010-07-22 16:37 - 00200800 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2014-10-13 17:34 - 2010-07-06 11:48 - 01756160 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek.dll
2014-10-13 17:34 - 2010-07-01 13:44 - 00124128 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2014-10-13 17:34 - 2010-07-01 13:44 - 00124128 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2014-10-13 17:34 - 2010-07-01 13:44 - 00123104 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2014-10-13 17:34 - 2010-06-27 17:14 - 00334848 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2014-10-13 17:34 - 2010-05-06 17:34 - 00334680 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2014-10-13 17:34 - 2010-05-06 16:43 - 02601816 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib.dll
2014-10-13 17:34 - 2010-04-27 13:50 - 00330656 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-10-13 17:34 - 2010-04-14 17:56 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2014-10-13 17:34 - 2010-01-05 13:41 - 01325328 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2014-10-13 17:34 - 2010-01-05 13:41 - 00489744 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2014-10-13 17:34 - 2010-01-05 13:41 - 00474896 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2014-10-13 17:34 - 2010-01-05 13:40 - 01178384 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2014-10-13 17:34 - 2010-01-05 13:40 - 01110800 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2014-10-13 17:34 - 2010-01-05 13:40 - 00504592 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2014-10-13 17:34 - 2010-01-05 13:40 - 00315152 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2014-10-13 17:34 - 2010-01-05 13:40 - 00268560 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2014-10-13 17:34 - 2010-01-05 13:40 - 00265488 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2014-10-13 17:34 - 2009-12-15 18:26 - 00372936 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2014-10-13 17:34 - 2009-12-15 18:26 - 00201928 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2014-10-13 17:34 - 2009-12-15 18:26 - 00099016 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2014-10-13 17:34 - 2009-12-15 18:26 - 00076488 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2014-10-13 17:34 - 2009-12-11 09:55 - 00307920 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2014-10-13 17:34 - 2009-12-11 09:55 - 00307920 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2014-10-13 17:34 - 2009-11-24 09:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2014-10-13 17:34 - 2009-11-24 09:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2014-10-13 17:34 - 2009-11-24 09:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2014-10-13 17:34 - 2009-11-24 09:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2014-10-13 17:34 - 2009-11-18 18:42 - 02197264 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll
2014-10-13 17:34 - 2009-11-17 18:12 - 00108960 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2014-10-13 17:32 - 2014-10-13 17:32 - 00000000 _____ () C:\Windows\ativpsrm.bin
2014-10-13 17:31 - 2014-10-13 17:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
2014-10-13 17:30 - 2014-10-13 17:31 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-10-13 17:30 - 2014-10-13 17:30 - 00000000 ____D () C:\Program Files\ATI
2014-10-13 17:30 - 2010-07-27 22:22 - 07450624 _____ (ATI Technologies Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2014-10-13 17:30 - 2010-07-27 22:07 - 20816896 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2014-10-13 17:30 - 2010-07-27 21:57 - 00143360 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2014-10-13 17:30 - 2010-07-27 21:57 - 00071096 _____ () C:\Windows\system32\atiapfxx.blb
2014-10-13 17:30 - 2010-07-27 21:56 - 00598528 _____ (ATI Technologies Inc. ) C:\Windows\system32\aticfx64.dll
2014-10-13 17:30 - 2010-07-27 21:56 - 00519680 _____ (ATI Technologies Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2014-10-13 17:30 - 2010-07-27 21:54 - 00461824 _____ (AMD) C:\Windows\system32\atieclxx.exe
2014-10-13 17:30 - 2010-07-27 21:54 - 00450560 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIDEMGX.dll
2014-10-13 17:30 - 2010-07-27 21:53 - 00203264 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2014-10-13 17:30 - 2010-07-27 21:52 - 00421376 _____ (ATI Technologies, Inc.) C:\Windows\system32\atipdl64.dll
2014-10-13 17:30 - 2010-07-27 21:52 - 00120320 _____ (AMD) C:\Windows\system32\atitmm64.dll
2014-10-13 17:30 - 2010-07-27 21:51 - 00356352 _____ (ATI Technologies, Inc.) C:\Windows\SysWOW64\atipdlxx.dll
2014-10-13 17:30 - 2010-07-27 21:51 - 00278528 _____ (ATI Technologies, Inc.) C:\Windows\SysWOW64\Oemdspif.dll
2014-10-13 17:30 - 2010-07-27 21:51 - 00059392 _____ (ATI Technologies, Inc.) C:\Windows\system32\atiedu64.dll
2014-10-13 17:30 - 2010-07-27 21:51 - 00043520 _____ (ATI Technologies, Inc.) C:\Windows\SysWOW64\ati2edxx.dll
2014-10-13 17:30 - 2010-07-27 21:51 - 00012288 _____ (AMD) C:\Windows\system32\atimuixx.dll
2014-10-13 17:30 - 2010-07-27 21:50 - 15845376 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2014-10-13 17:30 - 2010-07-27 21:48 - 03899392 _____ (ATI Technologies Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2014-10-13 17:30 - 2010-07-27 21:38 - 04554240 _____ (ATI Technologies Inc. ) C:\Windows\system32\atidxx64.dll
2014-10-13 17:30 - 2010-07-27 21:29 - 04016128 _____ (ATI Technologies Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2014-10-13 17:30 - 2010-07-27 21:28 - 03077120 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2014-10-13 17:30 - 2010-07-27 21:27 - 00051200 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2014-10-13 17:30 - 2010-07-27 21:27 - 00046080 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2014-10-13 17:30 - 2010-07-27 21:26 - 05389824 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2014-10-13 17:30 - 2010-07-27 21:26 - 00044544 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2014-10-13 17:30 - 2010-07-27 21:26 - 00044032 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2014-10-13 17:30 - 2010-07-27 21:25 - 04335616 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2014-10-13 17:30 - 2010-07-27 21:25 - 00523968 _____ () C:\Windows\system32\atiumd6a.cap
2014-10-13 17:30 - 2010-07-27 21:23 - 05149696 _____ (ATI Technologies Inc. ) C:\Windows\system32\atiumd64.dll
2014-10-13 17:30 - 2010-07-27 21:23 - 00056832 _____ (AMD) C:\Windows\system32\coinst.dll
2014-10-13 17:30 - 2010-07-27 21:21 - 03324416 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2014-10-13 17:30 - 2010-07-27 21:21 - 00523968 _____ () C:\Windows\SysWOW64\atiumdva.cap
2014-10-13 17:30 - 2010-07-27 21:17 - 00337920 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2014-10-13 17:30 - 2010-07-27 21:17 - 00241664 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2014-10-13 17:30 - 2010-07-27 21:17 - 00014848 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2014-10-13 17:30 - 2010-07-27 21:17 - 00012800 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2014-10-13 17:30 - 2010-07-27 21:17 - 00012800 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2014-10-13 17:30 - 2010-07-27 21:16 - 00268288 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2014-10-13 17:30 - 2010-07-27 21:16 - 00039424 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2014-10-13 17:30 - 2010-07-27 21:16 - 00036864 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2014-10-13 17:30 - 2010-07-27 21:16 - 00030208 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2014-10-13 17:30 - 2010-07-27 21:16 - 00018432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2014-10-13 17:30 - 2010-07-27 21:16 - 00016896 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2014-10-13 17:30 - 2010-07-27 21:15 - 00053248 _____ (ATI Technologies Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2014-10-13 17:30 - 2010-07-27 21:15 - 00027648 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2014-10-13 17:30 - 2010-07-27 21:09 - 00054784 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2014-10-13 17:30 - 2010-07-27 21:09 - 00054784 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2014-10-13 17:30 - 2010-07-27 21:09 - 00052736 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2014-10-13 17:30 - 2010-07-27 21:09 - 00052736 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2014-10-13 17:30 - 2010-07-27 01:54 - 00022053 _____ () C:\Windows\atiogl.xml
2014-10-13 17:30 - 2010-06-16 09:22 - 00219348 _____ () C:\Windows\system32\atiicdxx.dat
2014-10-13 17:30 - 2010-06-15 18:28 - 00002857 _____ () C:\Windows\SysWOW64\atipblag.dat
2014-10-13 17:30 - 2010-06-15 18:28 - 00002857 _____ () C:\Windows\system32\atipblag.dat
2014-10-13 17:30 - 2009-05-11 17:35 - 00118784 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atibtmon.exe
2014-10-13 17:30 - 2009-05-05 10:00 - 00016440 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\Drivers\AtiPcie.sys
2014-10-13 17:29 - 2014-10-14 10:59 - 00217779 _____ () C:\Windows\WindowsUpdate.log

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-14 11:00 - 2010-08-31 18:34 - 00000000 ____D () C:\ProgramData\McAfee
2014-10-14 10:54 - 2010-08-31 18:36 - 00001835 _____ () C:\Users\Public\Desktop\McAfee Internet Security.lnk
2014-10-14 10:53 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-14 10:53 - 2009-07-14 06:51 - 00022375 _____ () C:\Windows\setupact.log
2014-10-14 00:20 - 2009-07-14 06:45 - 00016080 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-14 00:20 - 2009-07-14 06:45 - 00016080 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-14 00:19 - 2009-07-14 12:53 - 00689472 _____ () C:\Windows\system32\perfh010.dat
2014-10-14 00:19 - 2009-07-14 12:53 - 00124626 _____ () C:\Windows\system32\perfc010.dat
2014-10-14 00:19 - 2009-07-14 07:13 - 01516554 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-13 19:57 - 2009-07-14 13:18 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-10-13 19:04 - 2010-08-31 18:33 - 00000000 ____D () C:\ProgramData\Adobe
2014-10-13 18:28 - 2010-08-31 18:34 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-10-13 18:05 - 2010-08-31 16:43 - 00000000 ____D () C:\Toshiba
2014-10-13 18:03 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\restore
2014-10-13 18:02 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-10-13 18:02 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-10-13 18:02 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Windows NT
2014-10-13 18:01 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-10-13 17:57 - 2010-08-31 16:57 - 00000000 ____D () C:\Windows\Panther
2014-10-13 17:57 - 2009-07-14 06:46 - 00003043 _____ () C:\Windows\DtcInstall.log
2014-10-13 17:57 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\sysprep
2014-10-13 17:56 - 2009-07-14 12:52 - 00000000 ____D () C:\Windows\SysWOW64\sysprep
2014-10-13 17:54 - 2010-08-31 18:27 - 00000000 ____D () C:\Program Files\TOSHIBA
2014-10-13 17:50 - 2010-08-31 18:32 - 00000000 ____D () C:\Program Files (x86)\TOSHIBA
2014-10-13 17:50 - 2010-08-31 18:27 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA
2014-10-13 17:50 - 2010-08-31 18:27 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-10-13 17:30 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-10-13 17:27 - 2010-08-31 17:01 - 00003540 _____ () C:\Windows\TSSysprep.log

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2010-08-31 16:57

==================== End Of Log ============================

Addition

SPOILER (clicca per visualizzare)

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-10-2014 02
Ran by Maria Grazia at 2014-10-14 11:02:15
Running from C:\Users\Maria Grazia\Desktop\FRST64
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG Internet Security 2015 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: McAfee VirusScan (Enabled - Up to date) {86355677-4064-3EA7-ABB3-1B136EB04637}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Enabled - Up to date) {3D54B793-665E-3129-9103-206115370C8A}
AS: AVG Internet Security 2015 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: McAfee Personal Firewall (Enabled) {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
FW: AVG Internet Security 2015 (Enabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9130 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.3.9130 - Adobe Systems Inc.) Hidden
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.1.53.64 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 - Italiano (HKLM-x32\...\{AC76BA86-7AD7-1040-7B44-A95000000001}) (Version: 9.5.5 - Adobe Systems Incorporated\0)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
Amazon.co.uk (HKLM-x32\...\{A74F16FA-1D5B-405B-8D8D-1BC6F9DAED8B}) (Version: - Amazon EU S.a.r.L.)
ATI Catalyst Install Manager (HKLM\...\{B6DB58D2-E7E8-5B0F-65F8-B76713C0AF75}) (Version: 3.0.786.0 - ATI Technologies, Inc.)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5315 - AVG Technologies)
AVG 2015 (Version: 15.0.4158 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5315 - AVG Technologies) Hidden
Bejeweled 2 Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
Bing Bar (HKLM-x32\...\{08234a0d-cf39-4dca-99f0-0c5cb496da81}) (Version: 5.0.1401.0 - Microsoft Corporation)
Bing Bar Platform (x32 Version: 5.0.1399.0 - Microsoft Corporation) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0727.2126.36625 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0727.2126.36625 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0727.2126.36625 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0727.2126.36625 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
CCC Help English (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
CCC Help French (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
CCC Help German (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0727.2125.36625 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0727.2126.36625 - Nome società) Hidden
ccc-utility64 (Version: 2010.0727.2126.36625 - ATI) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.82 - WildTangent) Hidden
eBay (HKLM-x32\...\{FDE58148-57E7-43BF-879A-29CCE818C078}) (Version: 1.1.9 - eBay Inc.)
FATE (x32 Version: 2.2.0.82 - WildTangent) Hidden
Giochi WildTangent (HKLM-x32\...\WildTangent toshiba Master Uninstall) (Version: 1.0.0.80 - WildTangent)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.101 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Java Auto Updater (x32 Version: 2.0.2.1 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 20 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216020FF}) (Version: 6.0.200 - Sun Microsystems, Inc.)
Jewel Quest II (x32 Version: 2.2.0.82 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware versione 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
McAfee Internet Security (HKLM-x32\...\MSC) (Version: 10.0.569 - McAfee, Inc.)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Default Manager (x32 Version: 2.1.55.0 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Search Enhancement Pack (x32 Version: 2.0.271.0 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 9 Essentials (HKLM-x32\...\{defe79b7-7f66-4030-b5bb-004832cb5e49}) (Version: - Nero AG)
Nero BackItUp (HKLM-x32\...\{0420F95C-11FF-4E02-B967-6CC22B188F9F}) (Version: 5.2.21001 - Nero AG)
Nero BackItUp and Burn (HKLM-x32\...\{E08CC458-41FB-4BB5-9B08-2C83DB55A5B9}) (Version: 1.2.0030 - Nero AG)
Nero BurnRights (HKLM-x32\...\{397516AE-7DFE-4F90-84E0-BD616D559434}) (Version: 3.6.26001 - Nero AG)
Nero BurnRights (x32 Version: 3.4.13.100 - Nero AG) Hidden
Nero BurnRights Help (x32 Version: 3.4.4.100 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) Hidden
Nero DiscSpeed (x32 Version: 5.4.13.100 - Nero AG) Hidden
Nero DiscSpeed Help (x32 Version: 5.4.4.100 - Nero AG) Hidden
Nero DriveSpeed (x32 Version: 4.4.12.100 - Nero AG) Hidden
Nero DriveSpeed Help (x32 Version: 4.4.4.100 - Nero AG) Hidden
Nero Express (HKLM-x32\...\{6C3CF7AC-5AB0-42D9-93C0-68166A57AFB6}) (Version: 9.6.16000 - Nero AG)
Nero Express Help (x32 Version: 9.4.34.100 - Nero AG) Hidden
Nero InfoTool (x32 Version: 6.4.12.100 - Nero AG) Hidden
Nero InfoTool Help (x32 Version: 6.4.4.100 - Nero AG) Hidden
Nero Installer (x32 Version: 4.4.9.0 - Nero AG) Hidden
Nero Online Upgrade (x32 Version: 1.3.0.0 - Nero AG) Hidden
Nero RescueAgent (HKLM-x32\...\{51E2F9B3-A972-4F58-B4EF-4D9676D9F5D1}) (Version: 2.6.25002 - Nero AG)
Nero StartSmart (x32 Version: 9.4.37.100 - Nero AG) Hidden
Nero StartSmart Help (x32 Version: 9.4.37.100 - Nero AG) Hidden
NeroExpress (x32 Version: 9.4.34.100 - Nero AG) Hidden
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
Penguins! (x32 Version: 2.2.0.82 - WildTangent) Hidden
Photo Service - powered by myphotobook (HKLM-x32\...\eu.myphotobook.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1) (Version: 1.0.7-279 - myphotobook GmbH)
Photo Service - powered by myphotobook (x32 Version: 1.0.7 - myphotobook GmbH) Hidden
Plants vs. Zombies (x32 Version: 2.2.0.82 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Polar Bowler (x32 Version: 2.2.0.82 - WildTangent) Hidden
Raccolta foto di Windows Live (x32 Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.23.623.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6167 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30111 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0013 - REALTEK Semiconductor Corp.)
Skype Toolbars (HKLM-x32\...\{981029E0-7FC9-4CF3-AB39-6F133621921A}) (Version: 1.0.4051 - Skype Technologies S.A.)
Skype™ 4.2 (HKLM-x32\...\{D103C4BA-F905-437A-8049-DB24763BBE36}) (Version: 4.2.152 - Skype Technologies S.A.)
Strumento di caricamento di Windows Live (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.8.1 - Synaptics Incorporated)
TOSHIBA Assist (HKLM-x32\...\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}) (Version: 4.01.00 - TOSHIBA CORPORATION)
TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}) (Version: 1.6.08.64 - TOSHIBA Corporation)
TOSHIBA Bulletin Board (Version: 1.6.08.64 - TOSHIBA Corporation) Hidden
TOSHIBA ConfigFree (HKLM-x32\...\{E0FAA369-B0E3-48B8-9447-4873103B0012}) (Version: 8.0.33 - TOSHIBA CORPORATION)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.2 for x64 - TOSHIBA Corporation)
TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.3.64 - TOSHIBA Corporation)
TOSHIBA Face Recognition (Version: 3.1.3.64 - TOSHIBA Corporation) Hidden
TOSHIBA Flash Cards Support Utility (HKLM-x32\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.63.0.10C - Nome società)
TOSHIBA Flash Cards Support Utility (x32 Version: 1.63.0.10C - Nome società) Hidden
TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}) (Version: 1.63.0.27C - TOSHIBA CORPORATION)
TOSHIBA Hardware Setup (x32 Version: 1.63.0.27C - TOSHIBA CORPORATION) Hidden
TOSHIBA HDD/SSD Alert (HKLM-x32\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.6 - TOSHIBA Corporation)
TOSHIBA HDD/SSD Alert (Version: 3.1.64.6 - TOSHIBA Corporation) Hidden
TOSHIBA HDD/SSD Alert (x32 Version: 3.1.64.6 - TOSHIBA Corporation) Hidden
Toshiba Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.02 - TOSHIBA)
TOSHIBA Media Controller (HKLM-x32\...\{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}) (Version: 1.0.80.8.64 - TOSHIBA CORPORATION)
TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.5.11 - TOSHIBA CORPORATION)
TOSHIBA Online Product Information (HKLM-x32\...\{2290A680-4083-410A-ADCC-7092C67FC052}) (Version: 2.09.0001 - TOSHIBA)
TOSHIBA Password supervisore (HKLM-x32\...\InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}) (Version: 1.63.0.9C - TOSHIBA CORPORATION)
TOSHIBA Recovery Media Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.0.4 x64 - TOSHIBA Corporation)
TOSHIBA Recovery Media Creator Reminder (HKLM-x32\...\InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}) (Version: 1.00.0019 - TOSHIBA)
TOSHIBA Recovery Media Creator Reminder (x32 Version: 1.00.0019 - TOSHIBA) Hidden
TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}) (Version: 1.7.16.64 - TOSHIBA Corporation)
TOSHIBA ReelTime (Version: 1.7.16.64 - TOSHIBA Corporation) Hidden
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.1.40 - TOSHIBA)
TOSHIBA Supervisor Password (x32 Version: 1.63.0.9C - TOSHIBA CORPORATION) Hidden
Toshiba TEMPRO (HKLM-x32\...\{DBB7021A-3437-446F-ACE5-7261644A972C}) (Version: 3.33 - Toshiba Europe GmbH)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.3.14.64 - TOSHIBA Corporation)
TOSHIBA Value Added Package (Version: 1.3.14.64 - TOSHIBA Corporation) Hidden
TOSHIBA Value Added Package (x32 Version: 1.3.14.64 - TOSHIBA Corporation) Hidden
TOSHIBA Web Camera Application (HKLM-x32\...\{5E6F6CF3-BACC-4144-868C-E14622C658F3}) (Version: 1.1.1.16 - TOSHIBA Corporation)
TRORMCLauncher (HKLM-x32\...\InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}) (Version: - )
TRORMCLauncher (Version: 1.0.0.10 - TOSHIBA) Hidden
Utility Common Driver (x32 Version: 1.0.52.2C - TOSHIBA) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WildTangent ORB Game Console (x32 Version: - WildTangent) Hidden
Windows Live Call (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Mail (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8091.0730 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{B7DD783E-EE11-4B68-AF39-71AE2C457015}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Zuma Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points =========================

13-10-2014 16:03:20 Windows Update
13-10-2014 16:20:03 Installed AVG 2015
13-10-2014 16:20:25 Installed AVG 2015
13-10-2014 18:00:44 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {63312DB4-CDA5-4DD8-ABA2-88442F14F7FD} - System32\Tasks\ConfigFree Startup Programs => C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [2010-06-03] (TOSHIBA CORPORATION)
Task: {D2CA34CC-122E-42CA-A58E-72E14224F65D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-13] (Google Inc.)
Task: {F127D764-54E7-4E87-93DD-289371849918} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-13] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-04-23 13:58 - 2010-04-23 13:58 - 03409256 _____ () C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll
2010-04-07 16:07 - 2010-04-07 16:07 - 09468728 _____ () C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
2009-11-03 13:26 - 2009-11-03 13:26 - 00053560 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll
2010-03-03 14:15 - 2010-03-03 14:15 - 00019256 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF10.dll
2010-03-03 14:15 - 2010-03-03 14:15 - 00019256 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF11.dll
2010-08-31 18:27 - 2010-08-31 15:21 - 00017272 _____ () C:\Program Files\TOSHIBA\TOSHIBA Assist\NotifyX.dll
2009-03-12 20:08 - 2009-03-12 20:08 - 00048640 _____ () C:\Program Files (x86)\Toshiba\PCDiag\NotifyPCD.dll
2009-07-25 16:38 - 2009-07-25 16:38 - 00017800 _____ () C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll
2009-10-13 10:00 - 2009-10-13 10:00 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-07-27 21:25 - 2010-07-27 21:25 - 00270336 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2010-02-05 17:44 - 2010-02-05 17:44 - 00079192 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

========================= Accounts: ==========================

Administrator (S-1-5-21-1886728548-3439149728-2895268225-500 - Administrator - Disabled)
Guest (S-1-5-21-1886728548-3439149728-2895268225-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1886728548-3439149728-2895268225-1002 - Limited - Enabled)
Maria Grazia (S-1-5-21-1886728548-3439149728-2895268225-1001 - Administrator - Enabled) => C:\Users\Maria Grazia

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (10/14/2014 10:59:26 AM) (Source: McLogEvent) (EventID: 5051) (User: NT AUTHORITY)
Description: Un thread del processo C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe ha impiegato oltre 90000 ms per completare una richiesta.

Il processo verrà interrotto.
ID del thread: 4588 (0x11ec)

Indirizzo del thread: 0x00000000778EFDCA

Messaggio del thread:

Build VSCORE.14.2.0.723 / 5400.1158
Object being scanned = \Device\HarddiskVolume2\Windows\System32\drivers\MBAMSwissArmy.sys
by c:\PROGRA~2\AVG\AVG2015\avgrsa.exe
4(0)(0)
4(0)(0)
7200(0)(0)
7595(0)(0)
7005(0)(0)
7004(0)(0)
5006(0)(0)
5004(0)(0)

Error: (10/14/2014 00:14:20 AM) (Source: Centro servizi TOSHIBA) (EventID: 0) (User: )
Description: TSS Load: could not communicate with TMachInfo service

Error: (10/13/2014 11:49:08 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Il programma iexplore.exe versione 8.0.7600.16385 non interagisce più con Windows ed è stato chiuso. Per vedere se sono disponibili ulteriori informazioni sul problema, verificare la cronologia del problema in Centro operativo nel Pannello di controllo.

ID processo: 1154

Ora di avvio: 01cfe72ea9493362

Ora di chiusura: 328

Percorso applicazione: C:\Program Files (x86)\Internet Explorer\iexplore.exe

ID segnalazione: bd15294b-5322-11e4-ba76-88ae1dec6372

Error: (10/13/2014 11:44:59 PM) (Source: McLogEvent) (EventID: 5051) (User: NT AUTHORITY)
Description: Un thread del processo C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe ha impiegato oltre 90000 ms per completare una richiesta.

Il processo verrà interrotto.
ID del thread: 4640 (0x1220)

Indirizzo del thread: 0x00000000773BFDCA

Messaggio del thread:

Build VSCORE.14.2.0.723 / 5400.1158
Object being scanned = \Device\HarddiskVolume2\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
by c:\PROGRA~2\AVG\AVG2015\avgrsa.exe
4(0)(0)
4(0)(0)
7200(0)(0)
7595(0)(0)
7005(0)(0)
7004(0)(0)
5006(0)(0)
5004(0)(0)

Error: (10/13/2014 09:40:50 PM) (Source: McLogEvent) (EventID: 5051) (User: NT AUTHORITY)
Description: Un thread del processo C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe ha impiegato oltre 90000 ms per completare una richiesta.

Il processo verrà interrotto.
ID del thread: 4492 (0x118c)

Indirizzo del thread: 0x0000000077B4FDCA

Messaggio del thread:

Build VSCORE.14.2.0.723 / 5400.1158
Object being scanned = \Device\HarddiskVolume2\Program Files (x86)\Malwarebytes Anti-Malware\mbamsrv.dll
by c:\PROGRA~2\AVG\AVG2015\avgrsa.exe
4(0)(0)
4(0)(0)
7200(0)(0)
7595(0)(0)
7005(0)(0)
7004(0)(0)
5006(0)(0)
5004(0)(0)

Error: (10/13/2014 08:44:25 PM) (Source: McLogEvent) (EventID: 5051) (User: NT AUTHORITY)
Description: Un thread del processo C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe ha impiegato oltre 90000 ms per completare una richiesta.

Il processo verrà interrotto.
ID del thread: 3228 (0xc9c)

Indirizzo del thread: 0x000000007778FDCA

Messaggio del thread:

Build VSCORE.14.2.0.723 / 5400.1158
Object being scanned = \Device\HarddiskVolume2\Program Files\Common Files\mcafee\systemcore\mfevtpa.dll
by c:\PROGRA~2\AVG\AVG2015\avgrsa.exe
4(0)(0)
4(0)(0)
7200(0)(0)
7595(0)(0)
7005(0)(0)
7004(0)(0)
5006(0)(0)
5004(0)(0)

Error: (10/13/2014 07:57:16 PM) (Source: Centro servizi TOSHIBA) (EventID: 0) (User: )
Description: TSS Load: could not communicate with TMachInfo service

Error: (10/13/2014 07:12:30 PM) (Source: McLogEvent) (EventID: 5051) (User: NT AUTHORITY)
Description: Un thread del processo C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe ha impiegato oltre 90000 ms per completare una richiesta.

Il processo verrà interrotto.
ID del thread: 388 (0x184)

Indirizzo del thread: 0x000000007780FDCA

Messaggio del thread:

Build VSCORE.14.2.0.723 / 5400.1158
Object being scanned = \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG2015\avgwdwsc.dll
by c:\PROGRA~2\AVG\AVG2015\avgrsa.exe
4(0)(0)
4(0)(0)
7200(0)(0)
7595(0)(0)
7005(0)(0)
7004(0)(0)
5006(0)(0)
5004(0)(0)

Error: (10/13/2014 07:10:19 PM) (Source: McLogEvent) (EventID: 5051) (User: NT AUTHORITY)
Description: Un thread del processo C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe ha impiegato oltre 90000 ms per completare una richiesta.

Il processo verrà interrotto.
ID del thread: 3636 (0xe34)

Indirizzo del thread: 0x000000007780FDCA

Messaggio del thread:

Build VSCORE.14.2.0.723 / 5400.1158
Object being scanned = \Device\HarddiskVolume2\Windows\SysWOW64\t2embed.dll
by c:\PROGRA~2\AVG\AVG2015\avgrsa.exe
4(0)(0)
4(0)(0)
7200(0)(0)
7595(0)(0)
7005(0)(0)
7004(0)(0)
5006(0)(0)
5004(0)(0)

Error: (10/13/2014 07:08:32 PM) (Source: McLogEvent) (EventID: 5051) (User: NT AUTHORITY)
Description: Un thread del processo C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe ha impiegato oltre 90000 ms per completare una richiesta.

Il processo verrà interrotto.
ID del thread: 4528 (0x11b0)

Indirizzo del thread: 0x000000007780FDCA

Messaggio del thread:

Build VSCORE.14.2.0.723 / 5400.1158
Object being scanned = \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG2015\avgntsqlitea.dll
by c:\PROGRA~2\AVG\AVG2015\avgrsa.exe
4(0)(0)
4(0)(0)
7200(0)(0)
7595(0)(0)
7005(0)(0)
7004(0)(0)
5006(0)(0)
5004(0)(0)

System errors:
=============
Error: (10/14/2014 10:59:27 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Il servizio McShield è stato arrestato in modo imprevisto. Questo problema si è verificato 1 volta/e. Le seguenti azioni di correzione saranno eseguite tra 5000 millisecondi: Riavvia il servizio.

Error: (10/14/2014 10:55:19 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80004005

Error: (10/14/2014 00:12:35 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80004005

Error: (10/14/2014 00:11:30 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Il servizio Servizio di condivisione in rete Windows Media Player non è stato avviato per il seguente errore:
%%1053

Error: (10/14/2014 00:11:30 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Timeout (30000 millisecondi) durante l'attesa della connessione del servizio Servizio di condivisione in rete Windows Media Player.

Error: (10/14/2014 00:10:00 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Precedente arresto del sistema inatteso a 00:07:50 su ‎14/‎10/‎2014.

Error: (10/14/2014 00:01:50 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084McNaiAnn{DC7EF8E1-824F-4110-AB43-1604DA9B4F40}

Error: (10/13/2014 11:58:16 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Il servizio Browser di computer dipende dal servizio Server che non è stato avviato per il seguente errore:
%%1068

Error: (10/13/2014 11:58:16 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Il servizio Browser di computer dipende dal servizio Server che non è stato avviato per il seguente errore:
%%1068

Error: (10/13/2014 11:58:16 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Il servizio Browser di computer dipende dal servizio Server che non è stato avviato per il seguente errore:
%%1068

Microsoft Office Sessions:
=========================
Error: (10/14/2014 10:59:26 AM) (Source: McLogEvent) (EventID: 5051) (User: NT AUTHORITY)
Description: C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe900004588 (0x11ec)0x00000000778EFDCA
Build VSCORE.14.2.0.723 / 5400.1158
Object being scanned = \Device\HarddiskVolume2\Windows\System32\drivers\MBAMSwissArmy.sys
by c:\PROGRA~2\AVG\AVG2015\avgrsa.exe
4(0)(0)
4(0)(0)
7200(0)(0)
7595(0)(0)
7005(0)(0)
7004(0)(0)
5006(0)(0)
5004(0)(0)

Error: (10/14/2014 00:14:20 AM) (Source: Centro servizi TOSHIBA) (EventID: 0) (User: )
Description: TSS Load: could not communicate with TMachInfo service

Error: (10/13/2014 11:49:08 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iexplore.exe8.0.7600.16385115401cfe72ea9493362328C:\Program Files (x86)\Internet Explorer\iexplore.exebd15294b-5322-11e4-ba76-88ae1dec6372

Error: (10/13/2014 11:44:59 PM) (Source: McLogEvent) (EventID: 5051) (User: NT AUTHORITY)
Description: C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe900004640 (0x1220)0x00000000773BFDCA
Build VSCORE.14.2.0.723 / 5400.1158
Object being scanned = \Device\HarddiskVolume2\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
by c:\PROGRA~2\AVG\AVG2015\avgrsa.exe
4(0)(0)
4(0)(0)
7200(0)(0)
7595(0)(0)
7005(0)(0)
7004(0)(0)
5006(0)(0)
5004(0)(0)

Error: (10/13/2014 09:40:50 PM) (Source: McLogEvent) (EventID: 5051) (User: NT AUTHORITY)
Description: C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe900004492 (0x118c)0x0000000077B4FDCA
Build VSCORE.14.2.0.723 / 5400.1158
Object being scanned = \Device\HarddiskVolume2\Program Files (x86)\Malwarebytes Anti-Malware\mbamsrv.dll
by c:\PROGRA~2\AVG\AVG2015\avgrsa.exe
4(0)(0)
4(0)(0)
7200(0)(0)
7595(0)(0)
7005(0)(0)
7004(0)(0)
5006(0)(0)
5004(0)(0)

Error: (10/13/2014 08:44:25 PM) (Source: McLogEvent) (EventID: 5051) (User: NT AUTHORITY)
Description: C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe900003228 (0xc9c)0x000000007778FDCA
Build VSCORE.14.2.0.723 / 5400.1158
Object being scanned = \Device\HarddiskVolume2\Program Files\Common Files\mcafee\systemcore\mfevtpa.dll
by c:\PROGRA~2\AVG\AVG2015\avgrsa.exe
4(0)(0)
4(0)(0)
7200(0)(0)
7595(0)(0)
7005(0)(0)
7004(0)(0)
5006(0)(0)
5004(0)(0)

Error: (10/13/2014 07:57:16 PM) (Source: Centro servizi TOSHIBA) (EventID: 0) (User: )
Description: TSS Load: could not communicate with TMachInfo service

Error: (10/13/2014 07:12:30 PM) (Source: McLogEvent) (EventID: 5051) (User: NT AUTHORITY)
Description: C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe90000388 (0x184)0x000000007780FDCA
Build VSCORE.14.2.0.723 / 5400.1158
Object being scanned = \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG2015\avgwdwsc.dll
by c:\PROGRA~2\AVG\AVG2015\avgrsa.exe
4(0)(0)
4(0)(0)
7200(0)(0)
7595(0)(0)
7005(0)(0)
7004(0)(0)
5006(0)(0)
5004(0)(0)

Error: (10/13/2014 07:10:19 PM) (Source: McLogEvent) (EventID: 5051) (User: NT AUTHORITY)
Description: C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe900003636 (0xe34)0x000000007780FDCA
Build VSCORE.14.2.0.723 / 5400.1158
Object being scanned = \Device\HarddiskVolume2\Windows\SysWOW64\t2embed.dll
by c:\PROGRA~2\AVG\AVG2015\avgrsa.exe
4(0)(0)
4(0)(0)
7200(0)(0)
7595(0)(0)
7005(0)(0)
7004(0)(0)
5006(0)(0)
5004(0)(0)

Error: (10/13/2014 07:08:32 PM) (Source: McLogEvent) (EventID: 5051) (User: NT AUTHORITY)
Description: C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe900004528 (0x11b0)0x000000007780FDCA
Build VSCORE.14.2.0.723 / 5400.1158
Object being scanned = \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG2015\avgntsqlitea.dll
by c:\PROGRA~2\AVG\AVG2015\avgrsa.exe
4(0)(0)
4(0)(0)
7200(0)(0)
7595(0)(0)
7005(0)(0)
7004(0)(0)
5006(0)(0)
5004(0)(0)

==================== Memory info ===========================

Processor: AMD V140 Processor
Percentage of memory in use: 41%
Total physical RAM: 3835.7 MB
Available physical RAM: 2253.69 MB
Total Pagefile: 7669.54 MB
Available Pagefile: 5511.16 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (WINDOWS) (Fixed) (Total:149.41 GB) (Free:126.02 GB) NTFS
Drive d: (Data) (Fixed) (Total:148.28 GB) (Free:140.83 GB) NTFS
Drive f: (SANDISK) (Removable) (Total:3.74 GB) (Free:0.72 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 13B3C903)
Partition 1: (Active) - (Size=400 MB) - (Type=27)
Partition 2: (Not Active) - (Size=149.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=148.3 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 3.7 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

Di TDSSKiller non ho trovato il log. Allego il copiaincolla del report
prima parte

SPOILER (clicca per visualizzare)

11:07:32.0569 0x1754 TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
11:07:43.0162 0x1754 ============================================================
11:07:43.0162 0x1754 Current date / time: 2014/10/14 11:07:43.0162
11:07:43.0162 0x1754 SystemInfo:
11:07:43.0162 0x1754
11:07:43.0162 0x1754 OS Version: 6.1.7600 ServicePack: 0.0
11:07:43.0162 0x1754 Product type: Workstation
11:07:43.0162 0x1754 ComputerName: GRACETOSH
11:07:43.0162 0x1754 UserName: Maria Grazia
11:07:43.0162 0x1754 Windows directory: C:\Windows
11:07:43.0162 0x1754 System windows directory: C:\Windows
11:07:43.0162 0x1754 Running under WOW64
11:07:43.0162 0x1754 Processor architecture: Intel x64
11:07:43.0162 0x1754 Number of processors: 1
11:07:43.0162 0x1754 Page size: 0x1000
11:07:43.0162 0x1754 Boot type: Normal boot
11:07:43.0162 0x1754 ============================================================
11:07:45.0486 0x1754 KLMD registered as C:\Windows\system32\drivers\85769875.sys
11:07:46.0032 0x1754 System UUID: {DF31B3AF-DB9D-848F-A8BD-3A7DEE519104}
11:07:47.0389 0x1754 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:07:47.0405 0x1754 Drive \Device\Harddisk1\DR1 - Size: 0xEF300000 ( 3.74 Gb ), SectorSize: 0x200, Cylinders: 0x1E7, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
11:07:47.0405 0x1754 ============================================================
11:07:47.0405 0x1754 \Device\Harddisk0\DR0:
11:07:47.0405 0x1754 MBR partitions:
11:07:47.0405 0x1754 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xC8800, BlocksNum 0x12AD4000
11:07:47.0405 0x1754 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x12B9C800, BlocksNum 0x12891800
11:07:47.0405 0x1754 \Device\Harddisk1\DR1:
11:07:47.0405 0x1754 MBR partitions:
11:07:47.0405 0x1754 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x20, BlocksNum 0x7797E0
11:07:47.0405 0x1754 ============================================================
11:07:47.0436 0x1754 C: <-> \Device\Harddisk0\DR0\Partition1
11:07:47.0498 0x1754 D: <-> \Device\Harddisk0\DR0\Partition2
11:07:47.0498 0x1754 ============================================================
11:07:47.0498 0x1754 Initialize success
11:07:47.0498 0x1754 ============================================================
11:08:39.0540 0x14a4 ============================================================
11:08:39.0540 0x14a4 Scan started
11:08:39.0540 0x14a4 Mode: Manual; SigCheck; TDLFS;
11:08:39.0540 0x14a4 ============================================================
11:08:39.0540 0x14a4 KSN ping started
11:08:42.0738 0x14a4 KSN ping finished: true
11:08:44.0111 0x14a4 ================ Scan system memory ========================
11:08:44.0111 0x14a4 System memory - ok
11:08:44.0111 0x14a4 ================ Scan services =============================
11:08:44.0548 0x14a4 [ 1B00662092F9F9568B995902F0CC40D5, D345014CF146FA57B2682C189D5E7F27D4C78F321F2723D912D623E777C2BB70 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
11:08:44.0704 0x14a4 1394ohci - ok
11:08:44.0750 0x14a4 [ 6F11E88748CDEFD2F76AA215F97DDFE5, BD0B3561EDCDE5EFD89372793CFD09DF879709BF469542F4A049705CBA9FD060 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
11:08:44.0782 0x14a4 ACPI - ok
11:08:44.0813 0x14a4 [ 63B05A0420CE4BF0E4AF6DCC7CADA254, 56BCC219D6B886FD42B7D335B4A7BBA3C9BC148220CBD99F8583FB505DAE63BF ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
11:08:44.0844 0x14a4 AcpiPmi - ok
11:08:44.0891 0x14a4 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
11:08:44.0922 0x14a4 adp94xx - ok
11:08:44.0969 0x14a4 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
11:08:44.0984 0x14a4 adpahci - ok
11:08:45.0000 0x14a4 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
11:08:45.0016 0x14a4 adpu320 - ok
11:08:45.0062 0x14a4 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
11:08:45.0109 0x14a4 AeLookupSvc - ok
11:08:45.0187 0x14a4 [ B9384E03479D2506BC924C16A3DB87BC, AB5FD2BC1F005E7D664F5DE3D5CB54499024A83B716DD52C56582DB7EFB4F01B ] AFD C:\Windows\system32\drivers\afd.sys
11:08:45.0234 0x14a4 AFD - ok
11:08:45.0250 0x14a4 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
11:08:45.0265 0x14a4 agp440 - ok
11:08:45.0312 0x14a4 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
11:08:45.0328 0x14a4 ALG - ok
11:08:45.0359 0x14a4 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
11:08:45.0390 0x14a4 aliide - ok
11:08:45.0437 0x14a4 [ 8FB0FE84496291F35090DA6352889472, EB05A52E2E406A30BB09734AA43C108F24EB446CFFCCC2E9937ED8E82E9B247E ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
11:08:45.0484 0x14a4 AMD External Events Utility - ok
11:08:45.0515 0x14a4 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\DRIVERS\amdide.sys
11:08:45.0530 0x14a4 amdide - ok
11:08:45.0562 0x14a4 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
11:08:45.0577 0x14a4 AmdK8 - ok
11:08:45.0889 0x14a4 [ 0D8BA29B572C916669F267706ED498CD, F46D783DC3F8DE3D5D139A2B48B3D18A553AB0211E17EDA53CADD9B4E9241F28 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
11:08:46.0264 0x14a4 amdkmdag - ok
11:08:46.0342 0x14a4 [ 5D06AB33F2C1F2265D57C8975514D9D7, AA1DAAE5C84128E319986A0B9C244F767A1E43D83AE42722F2F3EE7E0336D109 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
11:08:46.0373 0x14a4 amdkmdap - ok
11:08:46.0420 0x14a4 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
11:08:46.0435 0x14a4 AmdPPM - ok
11:08:46.0482 0x14a4 [ 53D8D46D51D390ABDB54ECA623165CB7, D16A3604412D0DC3EA68320FB6980D146ED60D587AAB6B65810C038AFF1EC237 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
11:08:46.0669 0x14a4 amdsata - ok
11:08:46.0700 0x14a4 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
11:08:46.0716 0x14a4 amdsbs - ok
11:08:46.0763 0x14a4 [ 75C51148154E34EB3D7BB84749A758D5, 8865F223CBAE166A9BF6CBCDA66F63369F151CCB449A28E95560C36AD45D0C85 ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
11:08:46.0778 0x14a4 amdxata - ok
11:08:46.0841 0x14a4 [ 42FD751B27FA0E9C69BB39F39E409594, DE349CAA570957868CA1CB0BE0FAF551CD4D44FD53EBC4391B9C1C7B9CF295D2 ] AppID C:\Windows\system32\drivers\appid.sys
11:08:46.0872 0x14a4 AppID - ok
11:08:46.0888 0x14a4 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
11:08:46.0934 0x14a4 AppIDSvc - ok
11:08:46.0966 0x14a4 [ D065BE66822847B7F127D1F90158376E, 20F911F390FF23C2C42361A449C4344DB59F1DC21EDD1E7EBC4E80914DEF7824 ] Appinfo C:\Windows\System32\appinfo.dll
11:08:47.0012 0x14a4 Appinfo - ok
11:08:47.0059 0x14a4 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
11:08:47.0075 0x14a4 arc - ok
11:08:47.0090 0x14a4 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
11:08:47.0106 0x14a4 arcsas - ok
11:08:47.0122 0x14a4 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
11:08:47.0168 0x14a4 AsyncMac - ok
11:08:47.0184 0x14a4 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\DRIVERS\atapi.sys
11:08:47.0200 0x14a4 atapi - ok
11:08:47.0278 0x14a4 [ E857EEE6B92AAA473EBB3465ADD8F7E7, 1C7E4737E649A025B3C4974A4F7D1353EAB85561FC8ED54E5C22A777E1A189B3 ] athr C:\Windows\system32\DRIVERS\athrx.sys
11:08:47.0356 0x14a4 athr - ok
11:08:47.0418 0x14a4 [ 7C5D273E29DCC5505469B299C6F29163, 206CAB85CE12A3953F0861C811575DC7FD000147436219EEE334584A33370B3A ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
11:08:47.0418 0x14a4 AtiPcie - ok
11:08:47.0480 0x14a4 [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:08:47.0558 0x14a4 AudioEndpointBuilder - ok
11:08:47.0590 0x14a4 [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioSrv C:\Windows\System32\Audiosrv.dll
11:08:47.0652 0x14a4 AudioSrv - ok
11:08:47.0714 0x14a4 [ 54FE1CAFA3B3029B282E6A05EA672031, E972B8A22322FF06903A1E3AB20585E02A21C3A6EA9A75C172231494A08D14D1 ] Avgdiska C:\Windows\system32\DRIVERS\avgdiska.sys
11:08:47.0730 0x14a4 Avgdiska - ok
11:08:47.0792 0x14a4 [ CA10D51653068DB6A0ADEEDDC4946C47, 6E731B28C38ED2BA48CF4855EBBF8B548D45C8DB8ABD9521E5516227CA68072B ] Avgfwfd C:\Windows\system32\DRIVERS\avgfwd6a.sys
11:08:47.0808 0x14a4 Avgfwfd - ok
11:08:48.0042 0x14a4 [ E37F597220159C0270BD41FA39DDAEFE, 881DC570DD101BCB959616BC117B56C8474C9317B3E7EC378320E6BF41FE8148 ] avgfws C:\Program Files (x86)\AVG\AVG2015\avgfws.exe
11:08:48.0089 0x14a4 avgfws - ok
11:08:48.0276 0x14a4 [ 4187E691A71B65955CA3DB9FBA31031C, CD765BBE166C457E08981A910D468886981508543E348FB8BA25941B7FB392FA ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
11:08:48.0385 0x14a4 AVGIDSAgent - ok
11:08:48.0494 0x14a4 [ 22FED6781A6DFC61E99D2BF6260B7F18, 3A37F2FB8264B25491B15B76E1A2DC9570121328F05C2750D0A052FFD125398A ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
11:08:48.0526 0x14a4 AVGIDSDriver - ok
11:08:48.0572 0x14a4 [ 17C34C4B42C8B2EFCF2C065178BF4806, CB28BEE44B7A821EE728EFFD1B1882B57E417292A3A5377F3A98F16B0AF14DC7 ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
11:08:48.0588 0x14a4 AVGIDSHA - ok
11:08:48.0635 0x14a4 [ 48A1BF0F360743C821C04C68FCC3CAC7, E2C760AEB88F3921885761652C5092F630F86C56AADB9A96254E6032A3FEDC8A ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
11:08:48.0650 0x14a4 Avgldx64 - ok
11:08:48.0728 0x14a4 [ 734DCC05A7F327FDCE43A18BA011FD4E, E5245314E60D86911A6A9FC1FE4A0C0D0284D972CE642C28B9B1A43D1553AFA5 ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys
11:08:48.0775 0x14a4 Avgloga - ok
11:08:48.0806 0x14a4 [ E498AFD92C3DA81209463866BDA7C932, C40767F6BC6F9D10396B969CF38CFC3FC9C9E411CFA9EBA8E8AB3E95AD5E9D27 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
11:08:48.0822 0x14a4 Avgmfx64 - ok
11:08:48.0853 0x14a4 [ 3CE824D46BA1871713ABF147E6BAD556, B4D8AFC388BE06D6E3C5CDC865F80FF101E731E1D2B221FFC6C1E28487E1B3CD ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
11:08:48.0869 0x14a4 Avgrkx64 - ok
11:08:48.0884 0x14a4 [ 74D2F0CCDB47D99AF624DD6355AD698C, DDB89041351DBCD26DE1402CE3AF34EEE464CE17F69A7E472B8C6ECCE9970873 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
11:08:48.0916 0x14a4 Avgtdia - ok
11:08:48.0962 0x14a4 [ 3218AA21B739C1C338DC8A555A66B755, 389E09C2CB51524B985B53D81289BCFB1E9DB89C70650C6D5D276391E2B56BCB ] avgwd C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
11:08:48.0994 0x14a4 avgwd - ok
11:08:49.0040 0x14a4 [ B20B5FA5CA050E9926E4D1DB81501B32, 91B9038349BA07E32DE809E6798167EE44087809EB1174B84EC16580040F1BE0 ] AxInstSV C:\Windows\System32\AxInstSV.dll
11:08:49.0072 0x14a4 AxInstSV - ok
11:08:49.0118 0x14a4 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
11:08:49.0181 0x14a4 b06bdrv - ok
11:08:49.0228 0x14a4 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
11:08:49.0259 0x14a4 b57nd60a - ok
11:08:49.0306 0x14a4 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
11:08:49.0352 0x14a4 BDESVC - ok
11:08:49.0415 0x14a4 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
11:08:49.0477 0x14a4 Beep - ok
11:08:49.0555 0x14a4 [ 4992C609A6315671463E30F6512BC022, 3020034556EAC25CD90F41D3BFFDD0BB2C3D1C5BAC4359F4B71B84A9FC404495 ] BFE C:\Windows\System32\bfe.dll
11:08:49.0618 0x14a4 BFE - ok
11:08:49.0680 0x14a4 [ 7F0C323FE3DA28AA4AA1BDA3F575707F, 7FF09CBC16A9E5F357A76FF79A3F0DD047957D474031F51A6BB4916C7911F005 ] BITS C:\Windows\System32\qmgr.dll
11:08:49.0758 0x14a4 BITS - ok
11:08:49.0805 0x14a4 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
11:08:49.0820 0x14a4 blbdrive - ok
11:08:49.0836 0x14a4 [ 91CE0D3DC57DD377E690A2D324022B08, 61874463956C0BCA5139522F34E974E5F638A092E0FD5C59DD30DE61D9AB8B0E ] bowser C:\Windows\system32\DRIVERS\bowser.sys
11:08:49.0898 0x14a4 bowser - ok
11:08:49.0914 0x14a4 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:08:49.0945 0x14a4 BrFiltLo - ok
11:08:49.0945 0x14a4 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:08:49.0976 0x14a4 BrFiltUp - ok
11:08:50.0008 0x14a4 [ 94FBC06F294D58D02361918418F996E3, 62C7CC2AF8F5A0BB0C262DACDE3F72C6AC318C3840CE60E46EE2064B32BDA5EF ] Browser C:\Windows\System32\browser.dll
11:08:50.0070 0x14a4 Browser - ok
11:08:50.0101 0x14a4 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
11:08:50.0132 0x14a4 Brserid - ok
11:08:50.0164 0x14a4 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
11:08:50.0195 0x14a4 BrSerWdm - ok
11:08:50.0195 0x14a4 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
11:08:50.0242 0x14a4 BrUsbMdm - ok
11:08:50.0242 0x14a4 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
11:08:50.0273 0x14a4 BrUsbSer - ok
11:08:50.0288 0x14a4 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
11:08:50.0320 0x14a4 BTHMODEM - ok
11:08:50.0351 0x14a4 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
11:08:50.0476 0x14a4 bthserv - ok
11:08:50.0491 0x14a4 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
11:08:50.0600 0x14a4 cdfs - ok
11:08:50.0663 0x14a4 [ 83D2D75E1EFB81B3450C18131443F7DB, F2C686C980D818E797818E75B808E1E0B51B2045840A4BFC32D860B7DB4DFA22 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
11:08:50.0710 0x14a4 cdrom - ok
11:08:50.0772 0x14a4 [ 7E83E47BD1FF93E11CD69F1AD65A9581, DC994FAC94D142C70D17E70756CA0B97B45E8E20DD3141953FDF4CD2E6D617CC ] CeKbFilter C:\Windows\system32\DRIVERS\CeKbFilter.sys
11:08:50.0803 0x14a4 CeKbFilter - ok
11:08:50.0834 0x14a4 [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] CertPropSvc C:\Windows\System32\certprop.dll
11:08:50.0944 0x14a4 CertPropSvc - ok
11:08:50.0975 0x14a4 [ 735F1CF0175CC510D1BF28EB2EA74C4C, D16927620DFF3882B23E9BC64832CA765CE6644282CFBB8DCCC79B55EC46E284 ] cfwids C:\Windows\system32\drivers\cfwids.sys
11:08:51.0006 0x14a4 cfwids - ok
11:08:51.0115 0x14a4 [ 41E7C4FA6491747402CFCA77CC1C7AAB, 676CD982A0D33B60A646AC7C0158F7421E395C8B4B12E544C55AF5C09E470CC5 ] cfWiMAXService C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
11:08:51.0131 0x14a4 cfWiMAXService - ok
11:08:51.0162 0x14a4 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
11:08:51.0240 0x14a4 circlass - ok
11:08:51.0271 0x14a4 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
11:08:51.0318 0x14a4 CLFS - ok
11:08:51.0443 0x14a4 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:08:51.0474 0x14a4 clr_optimization_v2.0.50727_32 - ok
11:08:51.0599 0x14a4 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:08:51.0614 0x14a4 clr_optimization_v2.0.50727_64 - ok
11:08:51.0661 0x14a4 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
11:08:51.0677 0x14a4 CmBatt - ok
11:08:51.0692 0x14a4 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
11:08:51.0708 0x14a4 cmdide - ok
11:08:51.0724 0x14a4 [ F95FD4CB7DA00BA2A63CE9F6B5C053E1, D1FBCA0416D38B9CA510FB01CF251E60B244D38080E6668948ED927D2350ED49 ] CNG C:\Windows\system32\Drivers\cng.sys
11:08:51.0786 0x14a4 CNG - ok
11:08:51.0833 0x14a4 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
11:08:51.0848 0x14a4 Compbatt - ok
11:08:51.0864 0x14a4 [ F26B3A86F6FA87CA360B879581AB4123, 723904362614FE47F6CC0EA0656BA1B47EA32D73BAFB61688A5E5CAE4340B1BF ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
11:08:51.0895 0x14a4 CompositeBus - ok
11:08:51.0911 0x14a4 COMSysApp - ok
11:08:51.0958 0x14a4 [ CAB0EEAF5295FC96DDD3E19DCE27E131, 87BCAC18D920153322D325AA5B93BB0B447577D67261FDCC01C5B60643CEA792 ] ConfigFree Service C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
11:08:51.0973 0x14a4 ConfigFree Service - ok
11:08:52.0004 0x14a4 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
11:08:52.0020 0x14a4 crcdisk - ok
11:08:52.0067 0x14a4 [ 8C57411B66282C01533CB776F98AD384, 65BCF1B0BA521CBE39E974C7ACAEA9C9E3F89D86754275C6B2616E7691876AEE ] CryptSvc C:\Windows\system32\cryptsvc.dll
11:08:52.0129 0x14a4 CryptSvc - ok
11:08:52.0207 0x14a4 [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] DcomLaunch C:\Windows\system32\rpcss.dll
11:08:52.0270 0x14a4 DcomLaunch - ok
11:08:52.0301 0x14a4 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
11:08:52.0363 0x14a4 defragsvc - ok
11:08:52.0394 0x14a4 [ 3F1DC527070ACB87E40AFE46EF6DA749, 5CB9CB94854AF06BEA02AF3E0562B8ECF72B2B23ED657A3F5E17CD3552F3EF84 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
11:08:52.0441 0x14a4 DfsC - ok
11:08:52.0519 0x14a4 [ CE3B9562D997F69B330D181A8875960F, 6FEE6622859198C5C13545867EF7CFE8EDC991360E976F792313DAA9C82CC5C8 ] Dhcp C:\Windows\system32\dhcpcore.dll
11:08:52.0566 0x14a4 Dhcp - ok
11:08:52.0597 0x14a4 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
11:08:52.0644 0x14a4 discache - ok
11:08:52.0660 0x14a4 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
11:08:52.0675 0x14a4 Disk - ok
11:08:52.0722 0x14a4 [ 676108C4E3AA6F6B34633748BD0BEBD9, 953286126E482EF3A9A1833680EFF86D657BD6C5411B9AEC2D7828ADE63D25AD ] Dnscache C:\Windows\System32\dnsrslvr.dll
11:08:52.0769 0x14a4 Dnscache - ok
11:08:52.0800 0x14a4 [ 14452ACDB09B70964C8C21BF80A13ACB, DA0AAAC04626EFF4256D7095FF1DDA1F1B17676E26990C418BDF5090476F2AB4 ] dot3svc C:\Windows\System32\dot3svc.dll
11:08:52.0862 0x14a4 dot3svc - ok
11:08:52.0909 0x14a4 [ 8C2BA6BEA949EE6E68385F5692BAFB94, 1047F473DCE0FB56BEA5C1B7929752C1FBAB5983C8202ABB4EEA48FCD60A353A ] DPS C:\Windows\system32\dps.dll
11:08:52.0956 0x14a4 DPS - ok
11:08:53.0003 0x14a4 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
11:08:53.0034 0x14a4 drmkaud - ok
11:08:53.0081 0x14a4 [ 372117D46A16ADD8CA6E3EE3B3BDD57C, 74939BA5F9233D213262ECC3D58DBE4D5EF08E1AC7CA23E6404F856507045A0E ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
11:08:53.0128 0x14a4 DXGKrnl - ok
11:08:53.0159 0x14a4 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
11:08:53.0206 0x14a4 EapHost - ok
11:08:53.0362 0x14a4 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
11:08:53.0549 0x14a4 ebdrv - ok
11:08:53.0596 0x14a4 [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] EFS C:\Windows\System32\lsass.exe
11:08:53.0627 0x14a4 EFS - ok
11:08:53.0767 0x14a4 [ 3D69FAE60EDE442E004611A4EE4DB44C, 480D3F7604C9A70570BBFFF3CA0FABA216805BB38D4F8A73BB50996B547D8017 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
11:08:53.0814 0x14a4 ehRecvr - ok
11:08:53.0830 0x14a4 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
11:08:53.0861 0x14a4 ehSched - ok
11:08:53.0908 0x14a4 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
11:08:53.0939 0x14a4 elxstor - ok
11:08:53.0954 0x14a4 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
11:08:53.0970 0x14a4 ErrDev - ok
11:08:54.0048 0x14a4 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
11:08:54.0110 0x14a4 EventSystem - ok
11:08:54.0142 0x14a4 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
11:08:54.0204 0x14a4 exfat - ok
11:08:54.0204 0x14a4 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
11:08:54.0266 0x14a4 fastfat - ok
11:08:54.0344 0x14a4 [ D607B2F1BEE3992AA6C2C92C0A2F0855, E22301C8F01DBF0A38A85165959BB070647C996CB1BCD50FDFE3DDDCA427DF2A ] Fax C:\Windows\system32\fxssvc.exe
11:08:54.0391 0x14a4 Fax - ok
11:08:54.0422 0x14a4 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
11:08:54.0438 0x14a4 fdc - ok
11:08:54.0485 0x14a4 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
11:08:54.0532 0x14a4 fdPHost - ok
11:08:54.0547 0x14a4 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
11:08:54.0594 0x14a4 FDResPub - ok
11:08:54.0610 0x14a4 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
11:08:54.0625 0x14a4 FileInfo - ok
11:08:54.0641 0x14a4 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
11:08:54.0688 0x14a4 Filetrace - ok
11:08:54.0719 0x14a4 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
11:08:54.0734 0x14a4 flpydisk - ok
11:08:54.0766 0x14a4 [ F7866AF72ABBAF84B1FA5AA195378C59, 9D522044FE9C18FB3EC327E675737C01F2A8231DDE900421D3A431596946A7F8 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
11:08:54.0797 0x14a4 FltMgr - ok
11:08:54.0859 0x14a4 [ 8AC4CB4EA61E41009FAE9AE7B2B5DA3A, 6587B22ED91F98D3E3614967F62D7A58F42C12F45F8E1D47835D195CD350BC54 ] FontCache C:\Windows\system32\FntCache.dll
11:08:54.0937 0x14a4 FontCache - ok
11:08:54.0984 0x14a4 [ 8D89E3131C27FDD6932189CB785E1B7A, AC7DA4C5E6D2E41D1A1DE146E46F034FAF0FB11AD801F070F2D5CD08166E9EB7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:08:55.0000 0x14a4 FontCache3.0.0.0 - ok
11:08:55.0015 0x14a4 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
11:08:55.0031 0x14a4 FsDepends - ok
11:08:55.0046 0x14a4 [ E95EF8547DE20CF0603557C0CF7A9462, 55540B06B7B380CA2DA6EEE2D76C6CD6131ADB02B2D0B172A36536863A0C57B6 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
11:08:55.0062 0x14a4 Fs_Rec - ok
11:08:55.0093 0x14a4 [ B8B2A6E1558F8F5DE5CE431C5B2C7B09, 24A9F04A0622681A4E4B6BCC47C45016787C6036EAD828920812D9FAD49A71E3 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
11:08:55.0109 0x14a4 fvevol - ok
11:08:55.0124 0x14a4 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
11:08:55.0140 0x14a4 gagp30kx - ok
11:08:55.0202 0x14a4 [ 1A0B9D84BEB3306F728BC3009D432F5C, 66BCE24D679A312148141F55D0F10BD0F771261CC481B81D6921448CA77F0974 ] GameConsoleService C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
11:08:55.0234 0x14a4 GameConsoleService - ok
11:08:55.0280 0x14a4 [ FE5AB4525BC2EC68B9119A6E5D40128B, 088DE37982CEE78A0C1181389A3BFF1E352DF504074B3E8F3EA244DB271BF216 ] gpsvc C:\Windows\System32\gpsvc.dll
11:08:55.0343 0x14a4 gpsvc - ok
11:08:55.0374 0x14a4 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:08:55.0390 0x14a4 gupdate - ok
11:08:55.0405 0x14a4 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:08:55.0421 0x14a4 gupdatem - ok
11:08:55.0452 0x14a4 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
11:08:55.0483 0x14a4 hcw85cir - ok
11:08:55.0530 0x14a4 [ 6410F6F415B2A5A9037224C41DA8BF12, 5B8452BC49FDA2215281D27B22FA9BE46B0460F51C4DC70E58B687CFB541F3A5 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:08:55.0561 0x14a4 HdAudAddService - ok
11:08:55.0592 0x14a4 [ 0A49913402747A0B67DE940FB42CBDBB, 61A45DBDCEB4A2D5C3C28F6BC8C5ADC51D0240A7553DF44BCC4355FC06F72B83 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
11:08:55.0624 0x14a4 HDAudBus - ok
11:08:55.0655 0x14a4 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
11:08:55.0686 0x14a4 HidBatt - ok
11:08:55.0702 0x14a4 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
11:08:55.0733 0x14a4 HidBth - ok
11:08:55.0748 0x14a4 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
11:08:55.0780 0x14a4 HidIr - ok
11:08:55.0811 0x14a4 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
11:08:55.0858 0x14a4 hidserv - ok
11:08:55.0904 0x14a4 [ B3BF6B5B50006DEF50B66306D99FCF6F, D39A1DEBE7C464922919826D15199ED25E263BF58633593DD412D78F98921417 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
11:08:55.0936 0x14a4 HidUsb - ok
11:08:55.0967 0x14a4 [ EFA58EDE58DD74388FFD04CB32681518, 76D81F9BC1A4D85A779B79DEC23B79F1568AA236CD49247414093CDC1FCC150F ] hkmsvc C:\Windows\system32\kmsvc.dll
11:08:56.0014 0x14a4 hkmsvc - ok
11:08:56.0045 0x14a4 [ 046B2673767CA626E2CFB7FDF735E9E8, 9C932DCC5DE9B1919AB38C01D76AD7BBAF491DE6D158662407974748BC0B4C6C ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:08:56.0076 0x14a4 HomeGroupListener - ok
11:08:56.0123 0x14a4 [ 06A7422224D9865A5613710A089987DF, EF604B4B6918D3FDC8E90ED9004E6E7340E0F399C214C65CCE3A7C8C576FA1C0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:08:56.0154 0x14a4 HomeGroupProvider - ok
11:08:56.0185 0x14a4 [ 0886D440058F203EBA0E1825E4355914, BC49C4CEFE324A08C864A4BF4FEA9A70151FAB7CC30BDC28344F3FFD2F500070 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
11:08:56.0201 0x14a4 HpSAMD - ok
11:08:56.0232 0x14a4 [ CEE049CAC4EFA7F4E1E4AD014414A5D4, 433AE2D845850F1D7A48275BBD87B3F0E7DD48F2282C727C4B777ECD92CC331D ] HTTP C:\Windows\system32\drivers\HTTP.sys
11:08:56.0310 0x14a4 HTTP - ok
11:08:56.0310 0x14a4 [ F17766A19145F111856378DF337A5D79, FC1633FB865A5324EBCBE5F97D297B899FABBDD965D862C2EFC743CD36F47E62 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
11:08:56.0326 0x14a4 hwpolicy - ok
11:08:56.0341 0x14a4 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
11:08:56.0372 0x14a4 i8042prt - ok
11:08:56.0419 0x14a4 [ D83EFB6FD45DF9D55E9A1AFC63640D50, 0494F8F7CB3ED11FD8D0B838CB71271AF7A3CBFCB7F2CB043A9392B5106A3C7B ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys
11:08:56.0450 0x14a4 iaStorV - ok
11:08:56.0653 0x14a4 [ 4DE2EE2A5186D74BABC4E7F60D2AE989, F73E69A95EB532982567BE045F9316CA89E80E272209D259647D124752EFA24E ] IconMan_R C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
11:08:56.0731 0x14a4 IconMan_R - detected UnsignedFile.Multi.Generic ( 1 )
11:08:59.0758 0x14a4 Detect skipped due to KSN trusted
11:08:59.0758 0x14a4 IconMan_R - ok
11:08:59.0882 0x14a4 [ 2F2BE70D3E02B6FA877921AB9516D43C, E04255EE4BD95FC1539EB1EB9F702B039F65993D31A4531DA487274543EF5226 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:08:59.0929 0x14a4 idsvc - ok
11:08:59.0960 0x14a4 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
11:08:59.0976 0x14a4 iirsp - ok
11:09:00.0023 0x14a4 [ C5B4683680DF085B57BC53E5EF34861F, 9C06517DFCB3ED7BB1166F7EB6CCC8713E6B68283C75420C0EDC182094AA1B8F ] IKEEXT C:\Windows\System32\ikeext.dll
11:09:00.0101 0x14a4 IKEEXT - ok
11:09:00.0257 0x14a4 [ E8017F1662D9142F45CEAB694D013C00, 75EE9DF292C4D980B9461ABEB8810D22DD57EBBAD5A37FE7B046CBAD419EE9E0 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:09:00.0382 0x14a4 IntcAzAudAddService - ok
11:09:00.0413 0x14a4 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\DRIVERS\intelide.sys
11:09:00.0428 0x14a4 intelide - ok
11:09:00.0475 0x14a4 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
11:09:00.0506 0x14a4 intelppm - ok
11:09:00.0538 0x14a4 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
11:09:00.0600 0x14a4 IPBusEnum - ok
11:09:00.0616 0x14a4 [ 722DD294DF62483CECAAE6E094B4D695, 41ABB42EF969EA8A84B546908EBBDC2411D964DE101CE6DD3D7ECF109085E0C0 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:09:00.0662 0x14a4 IpFilterDriver - ok
11:09:00.0709 0x14a4 [ F8E058D17363EC580E4B7232778B6CB5, 02352919F349C57930A0B032FBDC45327FB473D310DE7AC721F4694FDE7D21FB ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
11:09:00.0772 0x14a4 iphlpsvc - ok
11:09:00.0803 0x14a4 [ E2B4A4494DB7CB9B89B55CA268C337C5, C59BC4AA03D10647641EC7533F78BC7E2EA6FC48B8B2CF1A49B5148EF40A90FB ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
11:09:00.0834 0x14a4 IPMIDRV - ok
11:09:00.0850 0x14a4 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
11:09:00.0896 0x14a4 IPNAT - ok
11:09:00.0928 0x14a4 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
11:09:00.0959 0x14a4 IRENUM - ok
11:09:00.0974 0x14a4 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
11:09:00.0974 0x14a4 isapnp - ok
11:09:01.0006 0x14a4 [ FA4D2557DE56D45B0A346F93564BE6E1, 2827EC3582FF59FFD55BBD4A4F0DDFFEAD4F2537FA043B3A69904FE920B1619C ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
11:09:01.0021 0x14a4 iScsiPrt - ok
11:09:01.0068 0x14a4 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
11:09:01.0084 0x14a4 kbdclass - ok
11:09:01.0099 0x14a4 [ 6DEF98F8541E1B5DCEB2C822A11F7323, F6EE4A7A6A7A1F243D32CA9241CA4816C92EB7BF2AADDD09234968C2CAAE6C0D ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
11:09:01.0130 0x14a4 kbdhid - ok
11:09:01.0146 0x14a4 [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] KeyIso C:\Windows\system32\lsass.exe
11:09:01.0177 0x14a4 KeyIso - ok
11:09:01.0224 0x14a4 [ E8B6FCC9C83535C67F835D407620BD27, 74B63F3BFB756FF0B0AD6A6C1535C0A1A0630295ECCBC078B00F2449718B0870 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
11:09:01.0240 0x14a4 KSecDD - ok
11:09:01.0240 0x14a4 [ A8C63880EF6F4D3FEC7B616B9C060215, 036AE3ABBF991F5748C5C46E1DF62FBBC832BCDBF8C1B6E3C22A22A3703BBBCA ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
11:09:01.0271 0x14a4 KSecPkg - ok
11:09:01.0286 0x14a4 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
11:09:01.0333 0x14a4 ksthunk - ok
11:09:01.0380 0x14a4 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
11:09:01.0442 0x14a4 KtmRm - ok
11:09:01.0505 0x14a4 [ C926920B8978DE6ACFE9E15C709E9B57, 33B8002ABC30372B1CA8B6EC046757794CD7C9DA3CA4715B515B6894DC7E45CA ] LanmanServer C:\Windows\system32\srvsvc.dll
11:09:01.0552 0x14a4 LanmanServer - ok
11:09:01.0598 0x14a4 [ 27026EAC8818E8A6C00A1CAD2F11D29A, A12858CCB3B2419D66C667A46B106DA7A7BA97FFFA9634BFAE95DDF193C430D5 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:09:01.0645 0x14a4 LanmanWorkstation - ok
11:09:01.0692 0x14a4 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
11:09:01.0754 0x14a4 lltdio - ok
11:09:01.0801 0x14a4 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
11:09:01.0848 0x14a4 lltdsvc - ok
11:09:01.0864 0x14a4 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
11:09:01.0926 0x14a4 lmhosts - ok
11:09:01.0973 0x14a4 [ 2825A71E7501CB33B3B9F856610C729D, 2DE885B5D56F763F6A78EA31FC770930F8E87A8385926A809BA36ECA52EAD430 ] LPCFilter C:\Windows\system32\DRIVERS\LPCFilter.sys
11:09:01.0988 0x14a4 LPCFilter - ok
11:09:02.0035 0x14a4 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
11:09:02.0051 0x14a4 LSI_FC - ok
11:09:02.0066 0x14a4 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
11:09:02.0098 0x14a4 LSI_SAS - ok
11:09:02.0113 0x14a4 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:09:02.0129 0x14a4 LSI_SAS2 - ok
11:09:02.0144 0x14a4 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:09:02.0160 0x14a4 LSI_SCSI - ok
11:09:02.0176 0x14a4 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
11:09:02.0238 0x14a4 luafv - ok
11:09:02.0285 0x14a4 [ 5C3669B71657F22E67A1D4BD49D2CBE7, 7CAE59AA6CA9CBBD70BBD707A155FB169BF3F71096275BF7C0F415B6A092C671 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
11:09:02.0316 0x14a4 MBAMProtector - ok
11:09:02.0425 0x14a4 [ 6D8A2EE4244630B290A837E79C0F37A1, 6783BBC0BDC93E4D6D43531A1AD0DF5CD26C3BBFA6384927C5CF65AD97FB04AD ] MBAMScheduler C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
11:09:02.0503 0x14a4 MBAMScheduler - ok
11:09:02.0566 0x14a4 [ 09D4503CBB6ADB3A54E7C7A75090B728, 6139EA3338FD64205481EDEC813A44F8D395FDA7B67AA431DA61F3631C3EDAE6 ] MBAMService C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
11:09:02.0612 0x14a4 MBAMService - ok
11:09:02.0722 0x14a4 [ 26C43960C99EE861A5D0EDC4DCF3B1C3, 6238FB8E785652040CCE3E7044EA52066CE1BF173A1467474D64A3AB214B6BCD ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
11:09:02.0753 0x14a4 MBAMSwissArmy - ok
11:09:02.0768 0x14a4 [ 95EF63A7827D4E3A229CBBCB42619E93, FA38DD035B2C4FC82B60868F49D45A39FBBC96096AAD5A2C8BD752A250255BA7 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
11:09:02.0800 0x14a4 MBAMWebAccessControl - ok
11:09:02.0924 0x14a4 [ E4421EE8DAC8AD4CCCF6090C9EA52211, 3B4A3DAE4119C2699432903DB93B6176EFB6330064C93FF4ED28886813558918 ] McAfee SiteAdvisor Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
11:09:02.0971 0x14a4 McAfee SiteAdvisor Service - ok
11:09:03.0002 0x14a4 [ E4421EE8DAC8AD4CCCF6090C9EA52211, 3B4A3DAE4119C2699432903DB93B6176EFB6330064C93FF4ED28886813558918 ] McMPFSvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
11:09:03.0034 0x14a4 McMPFSvc - ok
11:09:03.0065 0x14a4 [ E4421EE8DAC8AD4CCCF6090C9EA52211, 3B4A3DAE4119C2699432903DB93B6176EFB6330064C93FF4ED28886813558918 ] mcmscsvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
11:09:03.0096 0x14a4 mcmscsvc - ok
11:09:03.0127 0x14a4 [ E4421EE8DAC8AD4CCCF6090C9EA52211, 3B4A3DAE4119C2699432903DB93B6176EFB6330064C93FF4ED28886813558918 ] McNaiAnn C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
11:09:03.0158 0x14a4 McNaiAnn - ok
11:09:03.0236 0x14a4 [ E4421EE8DAC8AD4CCCF6090C9EA52211, 3B4A3DAE4119C2699432903DB93B6176EFB6330064C93FF4ED28886813558918 ] McNASvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
11:09:03.0268 0x14a4 McNASvc - ok
11:09:03.0377 0x14a4 [ 06A4F882427FDC7ECC575F6633814565, C953A6D090590E05D08EDB83E4EC1F5BEA9BBAA0165B52C8EC78C2B96ED21C37 ] McODS C:\Program Files\mcafee\VirusScan\mcods.exe
11:09:03.0455 0x14a4 McODS - ok
11:09:03.0486 0x14a4 [ E4421EE8DAC8AD4CCCF6090C9EA52211, 3B4A3DAE4119C2699432903DB93B6176EFB6330064C93FF4ED28886813558918 ] McOobeSv C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
11:09:03.0517 0x14a4 McOobeSv - ok
11:09:03.0548 0x14a4 [ E4421EE8DAC8AD4CCCF6090C9EA52211, 3B4A3DAE4119C2699432903DB93B6176EFB6330064C93FF4ED28886813558918 ] McProxy C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
11:09:03.0580 0x14a4 McProxy - ok
11:09:03.0642 0x14a4 [ 7BE77F9B4AF85863154FF0D2A0AEC0F1, 03A5A6213BDBA92F2F8CA10B05958459CBDB22A2681085B2CB33CE9DF992F3CE ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
11:09:03.0689 0x14a4 McShield - ok
11:09:03.0704 0x14a4 [ F84C8F1000BC11E3B7B23CBD3BAFF111, BB4C4FFE3F6C9E5C16C06F6F666F177B94E1CF878397BCC0BDAF6EB3341AAED8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
11:09:03.0751 0x14a4 Mcx2Svc - ok
11:09:03.0767 0x14a4 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
11:09:03.0782 0x14a4 megasas - ok
11:09:03.0814 0x14a4 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
11:09:03.0845 0x14a4 MegaSR - ok
11:09:03.0907 0x14a4 [ 0E7C21761AF136CC69AB4C70AF0E1AFB, 33AA9D1C24B27C44955BAB0E22E525A13EF7D5FE73C64AFBBB3A2A2F88C76456 ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
11:09:03.0954 0x14a4 mfeapfk - ok
11:09:04.0016 0x14a4 [ 940322EEF87FCCCE14AEB2E2E3010D6B, 0DD4123CC718A2A9115E67713DD7CA768027A8FF1828A6871154C554385B97AC ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
11:09:04.0079 0x14a4 mfeavfk - ok
11:09:04.0126 0x14a4 mfeavfk01 - ok
11:09:04.0172 0x14a4 [ 2810A58E1504E23AF6D4D046332CF709, 5ECEF4FBFB7716B03A21BDF080711E0C5BF6B318D2B3F500B7F05A829CD7FD31 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
11:09:04.0188 0x14a4 mfefire - ok
11:09:04.0235 0x14a4 [ E28B633FC5CA7449B67B9E3204143D82, 8672199E952CEEB770ACFEDC9AD8760F7D3765976243F48FD9C85A15DE45E3CC ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
11:09:04.0313 0x14a4 mfefirek - ok
11:09:04.0360 0x14a4 [ D4D7BD28B9B407F0B2BA6579DE689DEC, 003C613D5627AC0726C190C408EDA6F08FD91C7B399E6613DF3CC42D33173B57 ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
11:09:04.0453 0x14a4 mfehidk - ok
11:09:04.0469 0x14a4 [ C0B72F83E453B883D0C56BE99F161EDF, 492803BBCEA2FF7D839848C7C1E3D6423A71F768AB3B6C017954DAADF76F0390 ] mfenlfk C:\Windows\system32\DRIVERS\mfenlfk.sys
11:09:04.0531 0x14a4 mfenlfk - ok
11:09:04.0562 0x14a4 [ E284A06B2C3493CDE22AA9B31B123B57, 03F663943FBB3994860888FA0814633DC0CB4E7EE75F4FDCD4B48B6556F4678E ] mferkdet C:\Windows\system32\drivers\mferkdet.sys
11:09:04.0640 0x14a4 mferkdet - ok
11:09:04.0687 0x14a4 [ D276436C173C3A48B17973CC4BF21CA9, 5F7467400C19703B16E04DE40B581A8BD668A8CE5509E90856C90DB3416AAF17 ] mfevtp C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
11:09:04.0718 0x14a4 mfevtp - ok
11:09:04.0765 0x14a4 [ B8D41FDB7262F758DC498CFEE44E513B, F73B9F5505B3ECE048185C0E0A6346A2BB7BE46BF58BF44BBD6F69E936616B3E ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
11:09:04.0843 0x14a4 mfewfpk - ok
11:09:04.0890 0x14a4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
11:09:04.0952 0x14a4 MMCSS - ok
11:09:04.0968 0x14a4 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
11:09:05.0046 0x14a4 Modem - ok
11:09:05.0062 0x14a4 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
11:09:05.0108 0x14a4 monitor - ok
11:09:05.0124 0x14a4 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
11:09:05.0155 0x14a4 mouclass - ok
11:09:05.0186 0x14a4 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
11:09:05.0233 0x14a4 mouhid - ok
11:09:05.0249 0x14a4 [ 791AF66C4D0E7C90A3646066386FB571, BF67643099494AEADDDC85E4D97AFF1017806A1DF554F9BE6C864FFECC9EAF42 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
11:09:05.0264 0x14a4 mountmgr - ok
11:09:05.0280 0x14a4 [ 609D1D87649ECC19796F4D76D4C15CEA, 5369F4C83FBAE9C4CFB9ACD36F07479E3F3FD784D79B82AE8D95B818B9F9CE00 ] mpio C:\Windows\system32\DRIVERS\mpio.sys
11:09:05.0296 0x14a4 mpio - ok
11:09:05.0327 0x14a4 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
11:09:05.0389 0x14a4 mpsdrv - ok
11:09:05.0452 0x14a4 [ AECAB449567D1846DAD63ECE49E893E3, 7A67A16A3E04574B7CAD097632ABA9B361BBEFDD6B36B7B8E3A1996EC529C2DC ] MpsSvc C:\Windows\system32\mpssvc.dll
11:09:05.0530 0x14a4 MpsSvc - ok
11:09:05.0561 0x14a4 [ 30524261BB51D96D6FCBAC20C810183C, 19598A9CD0EAAE4ACBF1069E721AB2853452F33FCFB3B5113F023A88A90BF42D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
11:09:05.0623 0x14a4 MRxDAV - ok
11:09:05.0639 0x14a4 [ 767A4C3BCF9410C286CED15A2DB17108, D9EA9EF7D4048081B132B804E0AE5A60A58FA6B25B7F5B87D5D7E354B2D94C79 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
11:09:05.0732 0x14a4 mrxsmb - ok
11:09:05.0748 0x14a4 [ 920EE0FF995FCFDEB08C41605A959E1C, 977195011912166F7C7E209D90B973E3F507B5297504AF9B6797FA8D1051534C ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:09:05.0842 0x14a4 mrxsmb10 - ok
11:09:05.0857 0x14a4 [ 740D7EA9D72C981510A5292CF6ADC941, C55C2F73410C008F829D194EF072721A8D7945BCC48458982D2409761908E7AE ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:09:05.0935 0x14a4 mrxsmb20 - ok
11:09:05.0951 0x14a4 [ 5C37497276E3B3A5488B23A326A754B7, 9982FCDAFB963868EB93A4DEF811A3167488EB5246BAC3F4AE960506FDF63967 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
11:09:05.0966 0x14a4 msahci - ok
11:09:05.0982 0x14a4 [ 8D27B597229AED79430FB9DB3BCBFBD0, 3D58E08B47E8AE419D405BF263929DFA6F2F5F0C2D79FD8D6F2CED6452F6F248 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
11:09:06.0013 0x14a4 msdsm - ok
11:09:06.0044 0x14a4 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
11:09:06.0091 0x14a4 MSDTC - ok
11:09:06.0107 0x14a4 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
11:09:06.0185 0x14a4 Msfs - ok
11:09:06.0216 0x14a4 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
11:09:06.0278 0x14a4 mshidkmdf - ok
11:09:06.0294 0x14a4 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
11:09:06.0310 0x14a4 msisadrv - ok
11:09:06.0341 0x14a4 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
11:09:06.0403 0x14a4 MSiSCSI - ok
11:09:06.0419 0x14a4 msiserver - ok
11:09:06.0450 0x14a4 [ E4421EE8DAC8AD4CCCF6090C9EA52211, 3B4A3DAE4119C2699432903DB93B6176EFB6330064C93FF4ED28886813558918 ] MSK80Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
11:09:06.0497 0x14a4 MSK80Service - ok
11:09:06.0528 0x14a4 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
11:09:06.0590 0x14a4 MSKSSRV - ok
11:09:06.0606 0x14a4 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
11:09:06.0684 0x14a4 MSPCLOCK - ok
11:09:06.0700 0x14a4 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
11:09:06.0762 0x14a4 MSPQM - ok
11:09:06.0778 0x14a4 [ 89CB141AA8616D8C6A4610FA26C60964, 76E72F6A0348EDC58A8E6F88C7F024B8B077670400BD5A833811DAFCF9F517CC ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
11:09:06.0809 0x14a4 MsRPC - ok
11:09:06.0824 0x14a4 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
11:09:06.0856 0x14a4 mssmbios - ok
11:09:06.0871 0x14a4 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
11:09:06.0949 0x14a4 MSTEE - ok
11:09:06.0949 0x14a4 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
11:09:06.0996 0x14a4 MTConfig - ok
11:09:06.0996 0x14a4 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
11:09:07.0027 0x14a4 Mup - ok
11:09:07.0074 0x14a4 [ 4987E079A4530FA737A128BE54B63B12, 27E51CC7D4D90DC4397575491DE7EFE15808709F097E2828E46AA73C771A47A4 ] napagent C:\Windows\system32\qagentRT.dll
11:09:07.0152 0x14a4 napagent - ok
11:09:07.0214 0x14a4 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
11:09:07.0261 0x14a4 NativeWifiP - ok
11:09:07.0339 0x14a4 [ CAD515DBD07D082BB317D9928CE8962C, 7AFA6D6154AC68F9FCC37B7B3324F7A170AE91035805026445F24F6EB4FB7F2E ] NDIS C:\Windows\system32\drivers\ndis.sys
11:09:07.0370 0x14a4 NDIS - ok
11:09:07.0402 0x14a4 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
11:09:07.0464 0x14a4 NdisCap - ok
11:09:07.0495 0x14a4 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
11:09:07.0558 0x14a4 NdisTapi - ok
11:09:07.0573 0x14a4 [ F105BA1E22BF1F2EE8F005D4305E4BEC, 723DA09E13D0F50634D9F114590B837D16F7B36AA0DA2AB8F8C2D9991624EA8F ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
11:09:07.0651 0x14a4 Ndisuio - ok
11:09:07.0667 0x14a4 [ 557DFAB9CA1FCB036AC77564C010DAD3, 8A21B342AFE5B498FB62EDDC81A3ADA9570677B7A382666090E0ABB1F85FEF29 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
11:09:07.0729 0x14a4 NdisWan - ok
11:09:07.0745 0x14a4 [ 659B74FB74B86228D6338D643CD3E3CF, 83D741B7A2A204A661A80C226212749F514800060D05E217FA6DC14D62F38F80 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
11:09:07.0807 0x14a4 NDProxy - ok
11:09:07.0932 0x14a4 [ 7D2633295EB6FF2B938185874884059D, B3A4E52ABCB2E2720D8ADB0B68C222D4AB98E838D40B6A731D15EB1D6C9DEA15 ] Nero BackItUp Scheduler 4.0 c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
11:09:07.0979 0x14a4 Nero BackItUp Scheduler 4.0 - ok
11:09:08.0026 0x14a4 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
11:09:08.0104 0x14a4 NetBIOS - ok
11:09:08.0119 0x14a4 [ 9162B273A44AB9DCE5B44362731D062A, 5A1BA6DBFEBB2618DC9D4CC55FA071C170A5D22FFB24CE62DD5B3210D8B45F39 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
11:09:08.0182 0x14a4 NetBT - ok
11:09:08.0197 0x14a4 [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] Netlogon C:\Windows\system32\lsass.exe
11:09:08.0244 0x14a4 Netlogon - ok
11:09:08.0275 0x14a4 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
11:09:08.0338 0x14a4 Netman - ok
11:09:08.0384 0x14a4 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
11:09:08.0462 0x14a4 netprofm - ok
11:09:08.0494 0x14a4 [ 3E5A36127E201DDF663176B66828FAFE, 5A08BA9EFB1A72DF1DD839BA5FA2B8994012BA62A515588FF62333B33B60045B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:09:08.0525 0x14a4 NetTcpPortSharing - ok
11:09:08.0556 0x14a4 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
11:09:08.0572 0x14a4 nfrd960 - ok
11:09:08.0618 0x14a4 [ D9A0CE66046D6EFA0C61BAA885CBA0A8, 06C3331C7F3EE0E0B95E8302CB80315E965587C4D6231785B8ACF3FAE4731FAF ] NlaSvc C:\Windows\System32\nlasvc.dll
11:09:08.0696 0x14a4 NlaSvc - ok
11:09:08.0712 0x14a4 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
11:09:08.0774 0x14a4 Npfs - ok
11:09:08.0790 0x14a4 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
11:09:08.0852 0x14a4 nsi - ok
11:09:08.0884 0x14a4 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
11:09:08.0962 0x14a4 nsiproxy - ok
11:09:09.0055 0x14a4 [ 356698A13C4630D5B31C37378D469196, BF5704AADE5C3DA370501747F12ED6E9C3349E342CCF89005AAE132B570BB42B ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
11:09:09.0164 0x14a4 Ntfs - ok
11:09:09.0180 0x14a4 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
11:09:09.0258 0x14a4 Null - ok
11:09:09.0274 0x14a4 [ 3E38712941E9BB4DDBEE00AFFE3FED3D, 03F27CC0EF0A86D0B2DAAB6F72838CB2AB57FE5D40074828D5B7F118CD5CBEE7 ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys
11:09:09.0305 0x14a4 nvraid - ok
11:09:09.0336 0x14a4 [ 477DC4D6DEB99BE37084C9AC6D013DA1, E58C4D621CAAB1C68FB4A056576F48BC87913A5EBF0B511EFFB8F38C7D3E516E ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys
11:09:09.0352 0x14a4 nvstor - ok
11:09:09.0383 0x14a4 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
11:09:09.0398 0x14a4 nv_agp - ok
11:09:09.0430 0x14a4 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
11:09:09.0476 0x14a4 ohci1394 - ok
11:09:09.0508 0x14a4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
11:09:09.0570 0x14a4 p2pimsvc - ok
11:09:09.0601 0x14a4 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
11:09:09.0648 0x14a4 p2psvc - ok
11:09:09.0710 0x14a4 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
11:09:09.0742 0x14a4 Parport - ok
11:09:09.0757 0x14a4 [ 7DAA117143316C4A1537E074A5A9EAF0, D4F31F67BE09B6904C1B9702DC042BC0DAB628055B956C79FF760A9027679E6B ] partmgr C:\Windows\system32\drivers\partmgr.sys
11:09:09.0773 0x14a4 partmgr - ok
11:09:09.0820 0x14a4 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
11:09:09.0866 0x14a4 PcaSvc - ok
11:09:09.0882 0x14a4 [ F36F6504009F2FB0DFD1B17A116AD74B, 33A4C217F7DC5E5B7E1B6CF335327C8FE6CC5D6D048D420252965574CAD83918 ] pci C:\Windows\system32\DRIVERS\pci.sys
11:09:09.0898 0x14a4 pci - ok
11:09:09.0929 0x14a4 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\DRIVERS\pciide.sys
11:09:09.0944 0x14a4 pciide - ok
11:09:09.0960 0x14a4 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
11:09:10.0022 0x14a4 pcmcia - ok
11:09:10.0022 0x14a4 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
11:09:10.0054 0x14a4 pcw - ok
11:09:10.0069 0x14a4 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
11:09:10.0163 0x14a4 PEAUTH - ok
11:09:10.0319 0x14a4 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
11:09:10.0381 0x14a4 PerfHost - ok
11:09:10.0428 0x14a4 [ 663962900E7FEA522126BA287715BB4A, 95CE12CA11E705C293BE4E18845581037D819A7EC812349BCAF4EABC8E7087B1 ] PGEffect C:\Windows\system32\DRIVERS\pgeffect.sys
11:09:10.0444 0x14a4 PGEffect - ok
11:09:10.0522 0x14a4 [ 557E9A86F65F0DE18C9B6751DFE9D3F1, 630EE5A80335929517A22D130C75CBCE882B92978372A6F36C30B9D353C7BB07 ] pla C:\Windows\system32\pla.dll
11:09:10.0662 0x14a4 pla - ok
11:09:10.0740 0x14a4 [ 23157D583244400E1D7FBAEE2E4B31B7, 4E8D93F746C727CE1A89B53FEFFCFB080AC3CC8F3CF2F8613E692E989794C52F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
11:09:10.0818 0x14a4 PlugPlay - ok
11:09:10.0849 0x14a4 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
11:09:10.0880 0x14a4 PNRPAutoReg - ok
11:09:10.0896 0x14a4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
11:09:10.0943 0x14a4 PNRPsvc - ok
11:09:10.0990 0x14a4 [ 166EB40D1F5B47E615DE3D0FFFE5F243, E32BCCA0D25CD631C221986EBE9F6C54BF2F12DE1672D69CCC4E22AD07D0525A ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
11:09:11.0052 0x14a4 PolicyAgent - ok
11:09:11.0099 0x14a4 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
11:09:11.0161 0x14a4 Power - ok
11:09:11.0192 0x14a4 [ 27CC19E81BA5E3403C48302127BDA717, C580FC552DDF9C163FC325B38B05C06FFD696495E4C01514BCD6346CFE4F0B40 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
11:09:11.0255 0x14a4 PptpMiniport - ok
11:09:11.0270 0x14a4 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
11:09:11.0317 0x14a4 Processor - ok
11:09:11.0364 0x14a4 [ F381975E1F4346DE875CB07339CE8D3A, 867BFC2E9A08E026289794019B8DE651A8604D06DD6A9BF166C29AFC24B6D26E ] ProfSvc C:\Windows\system32\profsvc.dll
11:09:11.0426 0x14a4 ProfSvc - ok
11:09:11.0458 0x14a4 [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] ProtectedStorage C:\Windows\system32\lsass.exe
11:09:11.0489 0x14a4 ProtectedStorage - ok
11:09:11.0520 0x14a4 [ EE992183BD8EAEFD9973F352E587A299, 6B28930FAA0A54FAADDAF2231553D7F5D45C7227454C6D49A86DFC9EF6BC9043 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
11:09:11.0582 0x14a4 Psched - ok
11:09:11.0645 0x14a4 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
11:09:11.0738 0x14a4 ql2300 - ok
11:09:11.0754 0x14a4 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
11:09:11.0785 0x14a4 ql40xx - ok
11:09:11.0816 0x14a4 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
11:09:11.0863 0x14a4 QWAVE - ok
11:09:11.0879 0x14a4 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
11:09:11.0910 0x14a4 QWAVEdrv - ok
11:09:11.0926 0x14a4 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
11:09:11.0988 0x14a4 RasAcd - ok
11:09:12.0035 0x14a4 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
11:09:12.0097 0x14a4 RasAgileVpn - ok
11:09:12.0113 0x14a4 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
11:09:12.0191 0x14a4 RasAuto - ok
11:09:12.0222 0x14a4 [ 87A6E852A22991580D6D39ADC4790463, 0F757C6E5B57DFC239CE1BEC88EF16C07E7F1A40D629A9A6DF3CB6B88FB9E642 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
11:09:12.0284 0x14a4 Rasl2tp - ok
11:09:12.0316 0x14a4 [ 47394ED3D16D053F5906EFE5AB51CC83, FE5D1249788DB6D85C55769251B0AED738D3BBA04DF57124E03397D3C0599286 ] RasMan C:\Windows\System32\rasmans.dll
11:09:12.0394 0x14a4 RasMan - ok
11:09:12.0425 0x14a4 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
11:09:12.0487 0x14a4 RasPppoe - ok

seconda parte

SPOILER (clicca per visualizzare)

11:09:12.0503 0x14a4 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
11:09:12.0565 0x14a4 RasSstp - ok
11:09:12.0581 0x14a4 [ 3BAC8142102C15D59A87757C1D41DCE5, C0C2C6887EA5A439E69221196348382ACE3E1942C9C6E0A970E153890F71724C ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
11:09:12.0659 0x14a4 rdbss - ok
11:09:12.0674 0x14a4 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
11:09:12.0721 0x14a4 rdpbus - ok
11:09:12.0721 0x14a4 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
11:09:12.0784 0x14a4 RDPCDD - ok
11:09:12.0799 0x14a4 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
11:09:12.0862 0x14a4 RDPENCDD - ok
11:09:12.0877 0x14a4 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
11:09:12.0924 0x14a4 RDPREFMP - ok
11:09:12.0971 0x14a4 [ 8A3E6BEA1C53EA6177FE2B6EBA2C80D7, 02179089E0816AD544F370A8A3557498D09981F60CC94E497DC4A5A2BBBE1E48 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
11:09:13.0049 0x14a4 RDPWD - ok
11:09:13.0096 0x14a4 [ E5DC9BA9E439D6DBDD79F8CAACB5BF01, 70CE6EAC4226A51508A469B3473E7A7C969E59AC50FF4076BE477DD7CCE0CB18 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
11:09:13.0158 0x14a4 rdyboost - ok
11:09:13.0205 0x14a4 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
11:09:13.0267 0x14a4 RemoteAccess - ok
11:09:13.0314 0x14a4 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
11:09:13.0470 0x14a4 RemoteRegistry - ok
11:09:13.0501 0x14a4 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
11:09:13.0548 0x14a4 RpcEptMapper - ok
11:09:13.0595 0x14a4 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
11:09:13.0626 0x14a4 RpcLocator - ok
11:09:13.0673 0x14a4 [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] RpcSs C:\Windows\system32\rpcss.dll
11:09:13.0751 0x14a4 RpcSs - ok
11:09:13.0798 0x14a4 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
11:09:13.0860 0x14a4 rspndr - ok
11:09:13.0938 0x14a4 [ 907C4464381B5EBDFDC60F6C7D0DEDFC, A39EB4C0858A3CA2D8AFE6D52809EC41795FD7A2F3F157D9CBCCB84BE7958A89 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
11:09:13.0985 0x14a4 RSUSBSTOR - ok
11:09:14.0032 0x14a4 [ 4B42BC58294E83A6A92EC8B88C14C4A3, 80885CFF021F7BC85647224863A83D444EA7848CBB4F06DFDFADE58F47307D21 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
11:09:14.0125 0x14a4 RTL8167 - ok
11:09:14.0219 0x14a4 [ FFC748D848740D1BC8F330A8879C2674, 1D6DF95585D742329FF32E45E9A53EF80DE8E17F46BF12408638CCFC1576EB90 ] RTL8192Ce C:\Windows\system32\DRIVERS\rtl8192Ce.sys
11:09:14.0266 0x14a4 RTL8192Ce - ok
11:09:14.0312 0x14a4 [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] SamSs C:\Windows\system32\lsass.exe
11:09:14.0375 0x14a4 SamSs - ok
11:09:14.0422 0x14a4 [ E3BBB89983DAF5622C1D50CF49F28227, 49370DC142D577D657BF5755AA9B8625C35D3DDAF1F9466B4888507FB8E6FF07 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
11:09:14.0453 0x14a4 sbp2port - ok
11:09:14.0484 0x14a4 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
11:09:14.0562 0x14a4 SCardSvr - ok
11:09:14.0593 0x14a4 [ C94DA20C7E3BA1DCA269BC8460D98387, E1A5629728A79233B62BA87B4354BC3A332A853CC36A60E77B34923F4BCA8A61 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
11:09:14.0718 0x14a4 scfilter - ok
11:09:14.0796 0x14a4 [ EC56B171F85C7E855E7B0588AC503EEA, EDBC0E52DF00D73356F4B886D6CA2397B571A9D2245FEDC347A6D52A5467EA5D ] Schedule C:\Windows\system32\schedsvc.dll
11:09:14.0890 0x14a4 Schedule - ok
11:09:14.0936 0x14a4 [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] SCPolicySvc C:\Windows\System32\certprop.dll
11:09:14.0999 0x14a4 SCPolicySvc - ok
11:09:15.0061 0x14a4 [ 765A27C3279CE11D14CB9E4F5869FCA5, B6C2EFFBA938828FEF7FE992A4C88B3154D053763C38762DCE13252FE9571FA1 ] SDRSVC C:\Windows\System32\SDRSVC.dll
11:09:15.0170 0x14a4 SDRSVC - ok
11:09:15.0217 0x14a4 [ 3E0CFF5F0A9D23E327703D72CEA5253F, AC307AB7E9A2B7E078DE5AC4CD9EA00F159BB07605410B8C0DBC046ABBB5C654 ] SeaPort C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
11:09:15.0248 0x14a4 SeaPort - ok
11:09:15.0280 0x14a4 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
11:09:15.0342 0x14a4 secdrv - ok
11:09:15.0373 0x14a4 [ 463B386EBC70F98DA5DFF85F7E654346, 8E27B18B04AF587719D1DAE75A042DB998E06CAE112BD68626EF046036D2DCDC ] seclogon C:\Windows\system32\seclogon.dll
11:09:15.0436 0x14a4 seclogon - ok
11:09:15.0451 0x14a4 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
11:09:15.0514 0x14a4 SENS - ok
11:09:15.0529 0x14a4 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
11:09:15.0592 0x14a4 SensrSvc - ok
11:09:15.0623 0x14a4 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
11:09:15.0654 0x14a4 Serenum - ok
11:09:15.0701 0x14a4 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
11:09:15.0748 0x14a4 Serial - ok
11:09:15.0748 0x14a4 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
11:09:15.0794 0x14a4 sermouse - ok
11:09:15.0841 0x14a4 [ C3BC61CE47FF6F4E88AB8A3B429A36AF, 6CA53AD0CB7215BAE3467EC1FD490E3A18504BD6CD4F0FABF9BD37516AB9DFE0 ] SessionEnv C:\Windows\system32\sessenv.dll
11:09:15.0904 0x14a4 SessionEnv - ok
11:09:15.0935 0x14a4 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
11:09:15.0982 0x14a4 sffdisk - ok
11:09:15.0982 0x14a4 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
11:09:16.0028 0x14a4 sffp_mmc - ok
11:09:16.0044 0x14a4 [ 178298F767FE638C9FEDCBDEF58BB5E4, 053D12CFEE5C54EA7D06F9C9CAE93544FE258A4825CDE2A14090BC81A96E1CF7 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
11:09:16.0122 0x14a4 sffp_sd - ok
11:09:16.0122 0x14a4 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
11:09:16.0169 0x14a4 sfloppy - ok
11:09:16.0200 0x14a4 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
11:09:16.0262 0x14a4 SharedAccess - ok
11:09:16.0309 0x14a4 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF, 1C1D17301A4D37DBF906955CCABD2A3FDA47AFB24CBA978CF851123762249848 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:09:16.0356 0x14a4 ShellHWDetection - ok
11:09:16.0387 0x14a4 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:09:16.0418 0x14a4 SiSRaid2 - ok
11:09:16.0418 0x14a4 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
11:09:16.0450 0x14a4 SiSRaid4 - ok
11:09:16.0481 0x14a4 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
11:09:16.0543 0x14a4 Smb - ok
11:09:16.0590 0x14a4 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
11:09:16.0621 0x14a4 SNMPTRAP - ok
11:09:16.0668 0x14a4 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
11:09:16.0684 0x14a4 spldr - ok
11:09:16.0715 0x14a4 [ 89E8550C5862999FCF482EA562B0E98E, 11BC94FD879DCD22E80DB8FA73CEBD0F072917C546AD9C8B92CCFBF4E0B83056 ] Spooler C:\Windows\System32\spoolsv.exe
11:09:16.0777 0x14a4 Spooler - ok
11:09:16.0949 0x14a4 [ 913D843498553A1BC8F8DBAD6358E49F, F8B931FDABF669D642CBDCD2FF31E07F8A5E2D5F72E11D4A8FF219CCFB5825E9 ] sppsvc C:\Windows\system32\sppsvc.exe
11:09:17.0183 0x14a4 sppsvc - ok
11:09:17.0198 0x14a4 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
11:09:17.0261 0x14a4 sppuinotify - ok
11:09:17.0323 0x14a4 [ 37C3ABC2338010E110D2A6A3930F3149, EBEBC6677B914A18B02C185374A31A98FA65D81A14A21B6865EB8D4A31D3D3D9 ] srv C:\Windows\system32\DRIVERS\srv.sys
11:09:17.0432 0x14a4 srv - ok
11:09:17.0526 0x14a4 [ F773D2ED090B7BAA1C1A034F3CA476C8, C8DD8BE37CFEA0DB1B7FC94946381B60553848002E6170E0BEC3FEE40295DF1F ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
11:09:17.0651 0x14a4 srv2 - ok
11:09:17.0682 0x14a4 [ CCE32BB223E9FF55D241099A858FA889, A284636D165D783CCC21B825CD382D55718544FE2061551718583DC1426C854F ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
11:09:17.0838 0x14a4 srvnet - ok
11:09:17.0869 0x14a4 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
11:09:17.0932 0x14a4 SSDPSRV - ok
11:09:17.0947 0x14a4 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
11:09:18.0010 0x14a4 SstpSvc - ok
11:09:18.0041 0x14a4 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
11:09:18.0072 0x14a4 stexstor - ok
11:09:18.0197 0x14a4 [ 52D0E33B681BD0F33FDC08812FEE4F7D, BBEBC0773402F6697D2F14F63E5E4FDC2180466E7FDBD306E408535B10160249 ] stisvc C:\Windows\System32\wiaservc.dll
11:09:18.0290 0x14a4 stisvc - ok
11:09:18.0322 0x14a4 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
11:09:18.0353 0x14a4 swenum - ok
11:09:18.0431 0x14a4 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
11:09:18.0509 0x14a4 swprv - ok
11:09:18.0618 0x14a4 [ 470C47DABA9CA3966F0AB3F835D7D135, BF98E48B05F37F8ABE264BF77355391A08955057E24AE456A5637D56BDFD40A5 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
11:09:18.0712 0x14a4 SynTP - ok
11:09:18.0914 0x14a4 [ 3C1284516A62078FB68F768DE4F1A7BE, 67ECD462335EF88773E4BAEAB230A68EC92A25F8CD8F115873F669205AE6A1A9 ] SysMain C:\Windows\system32\sysmain.dll
11:09:19.0024 0x14a4 SysMain - ok
11:09:19.0055 0x14a4 [ 238935C3CF2854886DC7CBB2A0E2CC66, BBF7A70BF218A544CC1A6FB81F75EAD29D418794162936BE197D6D61FE0DB1C4 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:09:19.0102 0x14a4 TabletInputService - ok
11:09:19.0117 0x14a4 [ 884264AC597B690C5707C89723BB8E7B, 9BF209A4128019421F7EC4AFF71103C5F411DB6CFB32AAC1633E789AD7A30708 ] TapiSrv C:\Windows\System32\tapisrv.dll
11:09:19.0195 0x14a4 TapiSrv - ok
11:09:19.0211 0x14a4 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
11:09:19.0273 0x14a4 TBS - ok
11:09:19.0383 0x14a4 [ 912107716BAB424C7870E8E6AF5E07E1, BE6B1C9468B882347A908A753DC7185C3371A78E81DEE5BEC3DD6E2B81FD4FB9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
11:09:19.0507 0x14a4 Tcpip - ok
11:09:19.0585 0x14a4 [ 912107716BAB424C7870E8E6AF5E07E1, BE6B1C9468B882347A908A753DC7185C3371A78E81DEE5BEC3DD6E2B81FD4FB9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
11:09:19.0663 0x14a4 TCPIP6 - ok
11:09:19.0710 0x14a4 [ 76D078AF6F587B162D50210F761EB9ED, 3813171036B4036306CADC29F877ADAE44B241DDF65B3699C352B7CDA9EC68C9 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
11:09:19.0773 0x14a4 tcpipreg - ok
11:09:19.0804 0x14a4 [ FD542B661BD22FA69CA789AD0AC58C29, 75FFAF1834B1E22DF37608ED451F161052FF1FE3C681B4E20A68DCA92CC7FD8C ] tdcmdpst C:\Windows\system32\DRIVERS\tdcmdpst.sys
11:09:19.0882 0x14a4 tdcmdpst - ok
11:09:19.0897 0x14a4 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
11:09:19.0960 0x14a4 TDPIPE - ok
11:09:19.0975 0x14a4 [ E4245BDA3190A582D55ED09E137401A9, F59C983882997D68CC7B1B2080AEE9EBE2AE90D478F877559BD2AAA97158A116 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
11:09:20.0038 0x14a4 TDTCP - ok
11:09:20.0069 0x14a4 [ 079125C4B17B01FCAEEBCE0BCB290C0F, B2DF1F2317EF5DCF0A89327332E9F2770ED604005B3138C095FF01AA63B91437 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
11:09:20.0131 0x14a4 tdx - ok
11:09:20.0225 0x14a4 [ 40E154B3125E17CE6F2AFAD57AFCFEB2, B059EDD520F8642F3C00E3B28B3AA356CAC519187D10D85ACB68587F93C1B0E6 ] TemproMonitoringService C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
11:09:20.0303 0x14a4 TemproMonitoringService - ok
11:09:20.0319 0x14a4 [ C448651339196C0E869A355171875522, C12441CF21D7D47804952B968689D78E3BA0323A90C4C811B54A6B2E6260BAD4 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
11:09:20.0350 0x14a4 TermDD - ok
11:09:20.0412 0x14a4 [ 0F05EC2887BFE197AD82A13287D2F404, 78C8A8FE9B1101430CA79875DA34413C35B6D7A5EE1932E454C50731335437A6 ] TermService C:\Windows\System32\termsrv.dll
11:09:20.0490 0x14a4 TermService - ok
11:09:20.0506 0x14a4 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
11:09:20.0553 0x14a4 Themes - ok
11:09:20.0568 0x14a4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
11:09:20.0631 0x14a4 THREADORDER - ok
11:09:20.0709 0x14a4 [ 28644B0523D64EFF2FC7312A2EE74B0A, 09A36DE0B2B90842BD5B8353CC34B7C71C0FBBF6DD5862720FCEE760849C4561 ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
11:09:20.0755 0x14a4 TMachInfo - ok
11:09:20.0818 0x14a4 [ ED32035BDFECED1AD66D459FD9CC1140, B82A15FAB4CBB5A633B9BF722441D5B20D946B63DD10BBE2A89D3A8BA3BE3339 ] TODDSrv C:\Windows\system32\TODDSrv.exe
11:09:20.0833 0x14a4 TODDSrv - ok
11:09:20.0974 0x14a4 [ 15CA4B185EA8AEF71DD86181E6E0157E, 9C12064CFD1EEAB7638BE0DE11EF78A43282FB307EE9F0803680DB130F592154 ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
11:09:21.0021 0x14a4 TosCoSrv - ok
11:09:21.0083 0x14a4 [ 74C2FA8C3765EE71A9C22182EC108457, A7073FAB6CE6FB9824544A9CDCCA441D08FD87D68EB564DCB1186FC257776221 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
11:09:21.0099 0x14a4 TOSHIBA HDD SSD Alert Service - ok
11:09:21.0145 0x14a4 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
11:09:21.0208 0x14a4 TrkWks - ok
11:09:21.0270 0x14a4 [ 840F7FB849F5887A49BA18C13B2DA920, A59C40A090E03C0136A865FC54508BA938E7B467C8198BC009FE263E6C275781 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:09:21.0333 0x14a4 TrustedInstaller - ok
11:09:21.0364 0x14a4 [ 61B96C26131E37B24E93327A0BD1FB95, 7C551B6FD0447258BC3FDED72D8D41A0E8B731562170C264295592D45F85D9FF ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
11:09:21.0426 0x14a4 tssecsrv - ok
11:09:21.0442 0x14a4 [ 3836171A2CDF3AF8EF10856DB9835A70, 74CD0A21B4E5B47E8D762CC28282CA8D512D424EC591D90099B9F8D034AA2FC2 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
11:09:21.0520 0x14a4 tunnel - ok
11:09:21.0567 0x14a4 [ 550B567F9364D8F7684C3FB3EA665A72, A214BBBBAB9F0DD525FA5A818CEB8E9294B4A96676317255D7ACF6049049C933 ] TVALZ C:\Windows\system32\DRIVERS\TVALZ_O.SYS
11:09:21.0645 0x14a4 TVALZ - ok
11:09:21.0676 0x14a4 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
11:09:21.0707 0x14a4 uagp35 - ok
11:09:21.0723 0x14a4 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB, DBAEA010F11A5EFD961B1841308EA3F220A9FFB01F364BA9B8F72200DA2BBCD8 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
11:09:21.0801 0x14a4 udfs - ok
11:09:21.0847 0x14a4 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
11:09:21.0879 0x14a4 UI0Detect - ok
11:09:21.0925 0x14a4 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
11:09:21.0941 0x14a4 uliagpkx - ok
11:09:21.0957 0x14a4 [ EAB6C35E62B1B0DB0D1B48B671D3A117, E65034BF757AE4D21F69D7A91A7990E326A29A0CE9F871FD704B5E6CCC821FF0 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
11:09:22.0003 0x14a4 umbus - ok
11:09:22.0019 0x14a4 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
11:09:22.0050 0x14a4 UmPass - ok
11:09:22.0097 0x14a4 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
11:09:22.0159 0x14a4 upnphost - ok
11:09:22.0191 0x14a4 [ B26AFB54A534D634523C4FB66765B026, A219C9AE32D040BEA4DD69C2C826B1C52BACE26BEBFEE799BD56DFD442C5E0D8 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
11:09:22.0253 0x14a4 usbccgp - ok
11:09:22.0284 0x14a4 [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
11:09:22.0331 0x14a4 usbcir - ok
11:09:22.0362 0x14a4 [ CB490987A7F6928A04BB838E3BD8A936, 51D1E6A6F17A8482B526668032CC9F563F655C2EC413101566187CE8D7B6B5F4 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
11:09:22.0425 0x14a4 usbehci - ok
11:09:22.0471 0x14a4 [ 18124EF0A881A00EE222D02A3EE30270, 8FBD652F03C5F114BD3661BFA9A5D2A56CE5F5C8D67A5876409E0B055D97D038 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
11:09:22.0549 0x14a4 usbhub - ok
11:09:22.0581 0x14a4 [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
11:09:22.0612 0x14a4 usbohci - ok
11:09:22.0643 0x14a4 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
11:09:22.0674 0x14a4 usbprint - ok
11:09:22.0690 0x14a4 [ 080D3820DA6C046BE82FC8B45A893E83, EF4829A2D5B8D47AA7E06093EC85244042ED1CCFF43CC80DC44EF018B434197A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:09:22.0737 0x14a4 USBSTOR - ok
11:09:22.0783 0x14a4 [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
11:09:22.0815 0x14a4 usbuhci - ok
11:09:22.0846 0x14a4 [ D501E12614B00A3252073101D6A1A74B, DFA3A83978125B3CE45C71DD9069E8A7938366D0F4B4B2401CDD07251253FA8C ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
11:09:22.0908 0x14a4 usbvideo - ok
11:09:22.0939 0x14a4 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
11:09:23.0002 0x14a4 UxSms - ok
11:09:23.0017 0x14a4 [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] VaultSvc C:\Windows\system32\lsass.exe
11:09:23.0049 0x14a4 VaultSvc - ok
11:09:23.0095 0x14a4 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
11:09:23.0111 0x14a4 vdrvroot - ok
11:09:23.0173 0x14a4 [ 44D73E0BBC1D3C8981304BA15135C2F2, 2849387BBCFB0189AF5604D2F7A631BD5D6BBB2CA73AF6E870069AF382A74DED ] vds C:\Windows\System32\vds.exe
11:09:23.0220 0x14a4 vds - ok
11:09:23.0267 0x14a4 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
11:09:23.0314 0x14a4 vga - ok
11:09:23.0314 0x14a4 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
11:09:23.0376 0x14a4 VgaSave - ok
11:09:23.0392 0x14a4 [ C82E748660F62A242B2DFAC1442F22A4, 24AD6CAA918C5AB6F461D88825885C8637C224001AAD7A80BDC240368CDB0B7E ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
11:09:23.0423 0x14a4 vhdmp - ok
11:09:23.0439 0x14a4 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
11:09:23.0470 0x14a4 viaide - ok
11:09:23.0485 0x14a4 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3, 91F2B935E1E88C5542650F7D679A75D0562F4A5812179D1EC146D4B6351361E2 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
11:09:23.0501 0x14a4 volmgr - ok
11:09:23.0532 0x14a4 [ 99B0CBB569CA79ACAED8C91461D765FB, 5BE394A39A941DE2AA1212E66B7068F90D423FA816238657CB9B2DA8BBE69B9B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
11:09:23.0548 0x14a4 volmgrx - ok
11:09:23.0579 0x14a4 [ 58F82EED8CA24B461441F9C3E4F0BF5C, 40B8C9C9D1BEDD1507138273A3C000C753C8765E1873F2170DE63555A042928C ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
11:09:23.0595 0x14a4 volsnap - ok
11:09:23.0626 0x14a4 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
11:09:23.0641 0x14a4 vsmraid - ok
11:09:23.0735 0x14a4 [ 787898BF9FB6D7BD87A36E2D95C899BA, A6C0C7402B1A198E7B3D6D7D283FCB5815AC429DA68FC9B54C67707F3233CCB5 ] VSS C:\Windows\system32\vssvc.exe
11:09:23.0829 0x14a4 VSS - ok
11:09:23.0860 0x14a4 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
11:09:23.0907 0x14a4 vwifibus - ok
11:09:23.0938 0x14a4 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
11:09:23.0985 0x14a4 vwififlt - ok
11:09:24.0063 0x14a4 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
11:09:24.0141 0x14a4 W32Time - ok
11:09:24.0156 0x14a4 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
11:09:24.0187 0x14a4 WacomPen - ok
11:09:24.0234 0x14a4 [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
11:09:24.0312 0x14a4 WANARP - ok
11:09:24.0312 0x14a4 [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
11:09:24.0375 0x14a4 Wanarpv6 - ok
11:09:24.0453 0x14a4 [ 5AB1BB85BD8B5089CC5D64200DEDAE68, 28777D4F3CD07C8E3465B6DA0FCA994E0B93071A3A0D4D1D64C1DF633DD1C64F ] wbengine C:\Windows\system32\wbengine.exe
11:09:24.0531 0x14a4 wbengine - ok
11:09:24.0577 0x14a4 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
11:09:24.0624 0x14a4 WbioSrvc - ok
11:09:24.0640 0x14a4 [ 8321C2CA3B62B61B293CDA3451984468, 856A079C2CCC75D633EA23E410D7F3ECDF368EAAAFF634CB82DDA545FD3A2F9C ] wcncsvc C:\Windows\System32\wcncsvc.dll
11:09:24.0702 0x14a4 wcncsvc - ok
11:09:24.0718 0x14a4 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:09:24.0765 0x14a4 WcsPlugInService - ok
11:09:24.0811 0x14a4 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
11:09:24.0827 0x14a4 Wd - ok
11:09:24.0858 0x14a4 [ 441BD2D7B4F98134C3A4F9FA570FD250, FF20815273014C5A27C2B75E2C70FE674809293627056199F502DFDF4CECFCA1 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
11:09:24.0905 0x14a4 Wdf01000 - ok
11:09:24.0952 0x14a4 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:09:24.0999 0x14a4 WdiServiceHost - ok
11:09:25.0014 0x14a4 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
11:09:25.0045 0x14a4 WdiSystemHost - ok
11:09:25.0077 0x14a4 [ 8A438CBB8C032A0C798B0C642FFBE572, 3200B9B6A7B87C1C47295FA416C99DE1FBB2DBBA3DA78D5CC88C26DCC4189D45 ] WebClient C:\Windows\System32\webclnt.dll
11:09:25.0123 0x14a4 WebClient - ok
11:09:25.0155 0x14a4 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
11:09:25.0217 0x14a4 Wecsvc - ok
11:09:25.0248 0x14a4 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
11:09:25.0311 0x14a4 wercplsupport - ok
11:09:25.0326 0x14a4 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
11:09:25.0389 0x14a4 WerSvc - ok
11:09:25.0435 0x14a4 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
11:09:25.0498 0x14a4 WfpLwf - ok
11:09:25.0498 0x14a4 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
11:09:25.0513 0x14a4 WIMMount - ok
11:09:25.0545 0x14a4 WinDefend - ok
11:09:25.0560 0x14a4 WinHttpAutoProxySvc - ok
11:09:25.0919 0x14a4 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
11:09:25.0997 0x14a4 Winmgmt - ok
11:09:26.0091 0x14a4 [ 41FBB751936B387F9179E7F03A74FE29, 7A73D887BEC19DFC485ED42B4E6ABEBF824555139B81EA30731A00773E707464 ] WinRM C:\Windows\system32\WsmSvc.dll
11:09:26.0215 0x14a4 WinRM - ok
11:09:26.0293 0x14a4 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
11:09:26.0356 0x14a4 Wlansvc - ok
11:09:26.0855 0x14a4 [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:09:26.0933 0x14a4 wlidsvc - ok
11:09:26.0980 0x14a4 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
11:09:27.0027 0x14a4 WmiAcpi - ok
11:09:27.0073 0x14a4 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
11:09:27.0120 0x14a4 wmiApSrv - ok
11:09:27.0151 0x14a4 WMPNetworkSvc - ok
11:09:27.0183 0x14a4 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
11:09:27.0214 0x14a4 WPCSvc - ok
11:09:27.0229 0x14a4 [ 2E57DDF2880A7E52E76F41C7E96D327B, D24E19B6091C197D77D71BC044CE2E5A57BE0A2F00D1BB0732E380A398230E63 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
11:09:27.0276 0x14a4 WPDBusEnum - ok
11:09:27.0307 0x14a4 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
11:09:27.0385 0x14a4 ws2ifsl - ok
11:09:27.0417 0x14a4 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
11:09:27.0463 0x14a4 wscsvc - ok
11:09:27.0463 0x14a4 WSearch - ok
11:09:27.0604 0x14a4 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
11:09:27.0697 0x14a4 wuauserv - ok
11:09:27.0729 0x14a4 [ 7CADC74271DD6461C452C271B30BD378, D58C2094C36FC665C03A6A269EED80DC71F330C3DCF40A27A3C8F56AB7A96861 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
11:09:27.0807 0x14a4 WudfPf - ok
11:09:27.0822 0x14a4 [ 3B197AF0FFF08AA66B6B2241CA538D64, BC94E5EFF38B9C6A37717B2A6CA56679781A4872A0C4298056E074033571BE79 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
11:09:27.0900 0x14a4 WUDFRd - ok
11:09:27.0931 0x14a4 [ B551D6637AA0E132C18AC6E504F7B79B, FA6495533A14E01ABB0F6689AB7503B1B439D3ADA7457DFCB7D81714A9817327 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
11:09:27.0994 0x14a4 wudfsvc - ok
11:09:28.0025 0x14a4 [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc C:\Windows\System32\wwansvc.dll
11:09:28.0056 0x14a4 WwanSvc - ok
11:09:28.0103 0x14a4 ================ Scan global ===============================
11:09:28.0150 0x14a4 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
11:09:28.0181 0x14a4 [ 457B44AB6D502E55F64A867D4F35C76C, 95FEC45E28DF394E778DA37719F7D579920531AD568E1C290B7F42CB03BEAA2C ] C:\Windows\system32\winsrv.dll
11:09:28.0212 0x14a4 [ 457B44AB6D502E55F64A867D4F35C76C, 95FEC45E28DF394E778DA37719F7D579920531AD568E1C290B7F42CB03BEAA2C ] C:\Windows\system32\winsrv.dll
11:09:28.0228 0x14a4 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
11:09:28.0259 0x14a4 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
11:09:28.0275 0x14a4 [ Global ] - ok
11:09:28.0275 0x14a4 ================ Scan MBR ==================================
11:09:28.0290 0x14a4 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:09:29.0445 0x14a4 \Device\Harddisk0\DR0 - ok
11:09:29.0460 0x14a4 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
11:09:29.0647 0x14a4 \Device\Harddisk1\DR1 - ok
11:09:29.0647 0x14a4 ================ Scan VBR ==================================
11:09:29.0663 0x14a4 [ 8C73F185AC0F1E7B6ACA95FCEFC8BC53 ] \Device\Harddisk0\DR0\Partition1
11:09:29.0679 0x14a4 \Device\Harddisk0\DR0\Partition1 - ok
11:09:29.0694 0x14a4 [ F765A5E6CD4A39798B390863C1ACD201 ] \Device\Harddisk0\DR0\Partition2
11:09:29.0710 0x14a4 \Device\Harddisk0\DR0\Partition2 - ok
11:09:29.0710 0x14a4 [ 7F6E3E4D0ED097C5F9F4D977FA1795D6 ] \Device\Harddisk1\DR1\Partition1
11:09:29.0710 0x14a4 \Device\Harddisk1\DR1\Partition1 - ok
11:09:29.0725 0x14a4 ================ Scan generic autorun ======================
11:09:29.0725 0x14a4 TosNC - ok
11:09:29.0725 0x14a4 TosReelTimeMonitor - ok
11:09:29.0788 0x14a4 [ DDEC2BDBFE60FB73FA99BCF0FA77E249, 069333D9FAC91BEC3E33E34DD1ECE46761B7EB6E71CA8BE0F3200E2A72FB8219 ] C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
11:09:29.0835 0x14a4 Toshiba TEMPRO - ok
11:09:30.0287 0x14a4 [ 798DF4955D7DE4552706B3ECB65B3C80, C0DD4999D8E5505EBC5ADB2B458339BA1444FE897C8568E872C9F8CCF7C5360B ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
11:09:30.0802 0x14a4 RtHDVCpl - ok
11:09:31.0005 0x14a4 [ 4A0CE52AEE58783B90FB8CE418481EB0, 6AA4823D577B2E62B25F7425A52246556F555B49E9C795DA4485C4250C345861 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
11:09:31.0098 0x14a4 RtHDVBg - ok
11:09:31.0098 0x14a4 TPwrMain - ok
11:09:31.0114 0x14a4 SmoothView - ok
11:09:31.0114 0x14a4 00TCrdMain - ok
11:09:31.0114 0x14a4 SynTPEnh - ok
11:09:31.0161 0x14a4 [ F9EF20F6FDA1444C0864BD7AEDC10CAF, E6A18BD7200E7DE7599753DA27469AEC479A315931956D457547F243FCB92C2A ] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
11:09:31.0207 0x14a4 TosSENotify - ok
11:09:31.0207 0x14a4 SmartFaceVWatcher - ok
11:09:31.0239 0x14a4 [ F82483A80D49ACCA81193A294FB233CD, 7EEA9E7F62A92AD98569B1A4F4809D91D7ED671821A738EB75BC6E469DB44494 ] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
11:09:31.0254 0x14a4 TosVolRegulator - ok
11:09:31.0317 0x14a4 [ 104A28EA683C17D5470B3934D158142D, 286E7AF73C94D5CCD9F84C83C5343F385290D786D130701C367E56D5681A751C ] C:\Program Files\Toshiba\Registration\ToshibaReminder.exe
11:09:31.0332 0x14a4 Toshiba Registration - ok
11:09:31.0426 0x14a4 [ E35988FE0DE91C5B0FA35B10778B13D2, 302F815D199D7C5D27293BAFB2C24D5CF5E85257FA1CFFB550780A35B389EEF3 ] C:\Program Files\McAfee.com\Agent\mcagent.exe
11:09:31.0488 0x14a4 mcui_exe - ok
11:09:31.0691 0x14a4 [ 80A02F5ADDDF2D615B85A4F19424DCBB, BBAC2A551CE02625FD7F3944D4EBDC7EF5C9F2C9D698449D77695C2B1DC1CE45 ] c:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe
11:09:31.0753 0x14a4 NBAgent - ok
11:09:31.0800 0x14a4 [ 1846FCC3B3640682C5EAC1B1A42F10F3, 579B94A6CD52DC419C90398512E535FA5097BB4F757EDF171AC1B0EB7742E3FC ] C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1399.0\mswinext.exe
11:09:31.0816 0x14a4 Bing Bar - ok
11:09:31.0878 0x14a4 [ 9ED4F1D990A3D16112155EA2D50E7975, D2BAA0ACE51286774D9BC622FEE650AD918DF44AEC0BA1E43D28C1E70408FCBF ] C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe
11:09:31.0894 0x14a4 Microsoft Default Manager - ok
11:09:32.0128 0x14a4 [ 906B5E44666619B044A21D3E9ACCBFA6, 0DA3CC61EA11D8CE1BA6DA22FEDEFF10FAF56B95C1071CA962F583B1AA481B8C ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
11:09:32.0175 0x14a4 StartCCC - detected UnsignedFile.Multi.Generic ( 1 )
11:09:35.0279 0x14a4 Detect skipped due to KSN trusted
11:09:35.0279 0x14a4 StartCCC - ok
11:09:35.0404 0x14a4 [ DB04E6CBFCB38A8E224239CE2185D9E6, 7DBAF41EB3BE0A21DB9CFB72FA22879238089E32879D2E2D7FC651CC9778C30B ] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe
11:09:35.0435 0x14a4 SVPWUTIL - detected UnsignedFile.Multi.Generic ( 1 )
11:09:38.0680 0x14a4 Detect skipped due to KSN trusted
11:09:38.0680 0x14a4 SVPWUTIL - ok
11:09:38.0820 0x14a4 [ 8107E3A186C034DDEB14718D71332714, 641AD52C6F624A59648043D6E044B772B76DA1C82C4B3258A109A2FB67AACFA3 ] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe
11:09:38.0867 0x14a4 HWSetup - detected UnsignedFile.Multi.Generic ( 1 )
11:09:41.0862 0x14a4 Detect skipped due to KSN trusted
11:09:41.0862 0x14a4 HWSetup - ok
11:09:41.0909 0x14a4 [ 1FAA54E9FFEA6FD3E0CEAD951CDDFEF6, 222E10CAB93C02CFDB7B4208C053B8CA3683C6978BE964F9E801D6645B9B2182 ] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
11:09:41.0940 0x14a4 KeNotify - ok
11:09:42.0096 0x14a4 [ 80D632DC81BDF6E58630D8FA329FAE54, 4E1CE7D9ADEF7D304C208A70B25B71CAE233763821A47615A699F4261086688B ] C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
11:09:42.0190 0x14a4 TWebCamera - ok
11:09:42.0252 0x14a4 [ 541B822882607023E75FFEC0C8F90FAF, 1D734219F99EE4FEDFD8D146DCA4733C8633540CF2613A6002363B0F69859687 ] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
11:09:42.0299 0x14a4 ToshibaServiceStation - ok
11:09:42.0580 0x14a4 [ B36DFFCD2B20AF39223847D691B49357, 3639DAE0C9A31A7D1997EFB21679514BEF267F4F1735EB39230058B8B2198D32 ] C:\Program Files (x86)\AVG\AVG2015\avgui.exe
11:09:42.0705 0x14a4 AVG_UI - ok
11:09:42.0829 0x14a4 [ F4F7C86191A981C804326E2EF6F3604F, 1ECE05E643AFFB27A148A8B86615F6C167875EF29D6FF7E2FD15B8DCBE6B8A16 ] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
11:09:42.0861 0x14a4 Adobe Reader Speed Launcher - ok
11:09:43.0017 0x14a4 [ 48BE298F7FD1BEF4D8FBACB04D8D95C4, D375B3F6E850E4B0EC81BAA0E554C356BE2248AA77C6C56F5267CA05460FE4EB ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
11:09:43.0048 0x14a4 Adobe ARM - ok
11:09:43.0157 0x14a4 [ EA6EADF6314E43783BA8EEE79F93F73C, 1A4BC2D8DFBDC37AF85C73DEE76A6EE901EBA188D43856BD2FFA96B79A126F73 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
11:09:43.0282 0x14a4 Sidebar - ok
11:09:43.0313 0x14a4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
11:09:43.0360 0x14a4 mctadmin - ok
11:09:43.0407 0x14a4 [ EA6EADF6314E43783BA8EEE79F93F73C, 1A4BC2D8DFBDC37AF85C73DEE76A6EE901EBA188D43856BD2FFA96B79A126F73 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
11:09:43.0485 0x14a4 Sidebar - ok
11:09:43.0500 0x14a4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
11:09:43.0547 0x14a4 mctadmin - ok
11:09:43.0765 0x14a4 [ 05973FB5F863CDB65852D88ADB383A33, BD10E37E9B42D03719AA4FE595F44FEB75E0D598E7E36480506AF18D8236F21F ] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe
11:09:43.0937 0x14a4 TOSHIBA Online Product Information - ok
11:09:43.0937 0x14a4 Waiting for KSN requests completion. In queue: 11
11:09:44.0967 0x14a4 Waiting for KSN requests completion. In queue: 11
11:09:45.0981 0x14a4 Waiting for KSN requests completion. In queue: 11
11:09:46.0995 0x14a4 Waiting for KSN requests completion. In queue: 11
11:09:48.0477 0x14a4 AV detected via SS2: AVG Internet Security 2015, C:\Program Files (x86)\AVG\AVG2015\avgwsc.exe ( 15.0.0.5315 ), 0x41000 ( enabled : updated )
11:09:48.0477 0x14a4 AV detected via SS2: McAfee VirusScan, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 10.0.0.0 ), 0x51000 ( enabled : updated )
11:09:48.0477 0x14a4 FW detected via SS2: McAfee Personal Firewall, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 10.0.0.0 ), 0x51010 ( enabled )
11:09:48.0477 0x14a4 FW detected via SS2: AVG Internet Security 2015, C:\Program Files (x86)\AVG\AVG2015\avgwsc.exe ( 15.0.0.5315 ), 0x41010 ( enabled )
11:09:51.0456 0x14a4 ============================================================
11:09:51.0456 0x14a4 Scan finished
11:09:51.0456 0x14a4 ============================================================
11:09:51.0503 0x11f8 Detected object count: 0
11:09:51.0503 0x11f8 Actual detected object count: 0

Infine nslookpup

SPOILER (clicca per visualizzare)

Microsoft Windows [Versione 6.1.7600]
Copyright (c) 2009 Microsoft Corporation. Tutti i diritti riservati.

C:\Users\Maria Grazia>nslookup
Server predefinito: google-public-dns-a.google.com
Address: 8.8.8.8

>

Inoltre, a quanto pare, il problema si presenta solo con Chrome e non con Internet Explorer.

Web

vicky67

Posted on 14/10/2014, 10:46

Master Malware Expert

Group: Administrator

Posts: 4,519

Location: Poggio Mirteto(RI)

Status: Anonymous

ok foot82
Controlla questi dns tedeschi 94.249.192.104
1)Adesso per prima cosa vai sulle proprietà della tua scheda di rete e verifica che in tcpip protocollo internet versione 4 che in dns primario e dns secondario non ci siano settati quei dns.Metti tutto in automatico togliendo quelli di google.

2)Se è tutto in automatico segui la seconda parte di questa guida https://aiuto-pc.forumfree.it/?t=65967390
cambiando il settaggio dei dns entrando nel router ed impostandoli in automatico se li trovi impostati su manuale

3)dopo questa operazione esegui TFC By Old timer lo trovi sempre su quella guida.

4)Disinstalla chrome con dati personali quando te lo chiede all'atto della disinstallazione

Dopo questa operazione riavvia il tutto e posta il contenuto di nslookup .

fammi sapere le informazioni che ti ho chiesto soprattuto se nel router ci sono settati quei dns.

foo82

Posted on 14/10/2014, 10:59

Aiutante

Group: Member

Posts: 6,404

Status: Offline

Scusa, ma il mio nslookup corrisponde all'immagine del caso "router non infetto", però. Con i dns di google.

Web

vicky67

Posted on 14/10/2014, 11:19

Master Malware Expert

Group: Administrator

Posts: 4,519

Location: Poggio Mirteto(RI)

Status: Anonymous

Si ma il nslookup mostra anche i dns della scheda di rete.
Nel log di FRST sono mostrati quei dns che dovrebbero essere settati nel router.
Dato che la formattazione non ha risolto dobbiamo assicurarci che il router sia ok

foo82

Posted on 14/10/2014, 11:25

Aiutante

Group: Member

Posts: 6,404

Status: Offline

1) Ho rimesso gli automatici e adesso nslookup dà proprio quel dns tedesco.
2) Sono entrato nel settaggio del modem, ma non capisco dove mettere mano. Il modem è Hamlet.

Web

vicky67

Posted on 14/10/2014, 11:35

Master Malware Expert

Group: Administrator

Posts: 4,519

Location: Poggio Mirteto(RI)

Status: Anonymous

Dimmi il modello preciso.

foo82

Posted on 14/10/2014, 11:40

Aiutante

Group: Member

Posts: 6,404

Status: Offline

Hamlet Wireless ADSL2+ Router 150

Web

foo82

Posted on 14/10/2014, 12:55

Aiutante

Group: Member

Posts: 6,404

Status: Offline

Penso di esserci riuscito. Ho disinstallato Chrome e questo è il nslookup finale

SPOILER (clicca per visualizzare)

Al router ho cambiato la password di amministrazione (avevo colpevolmente lasciato le credenziali di default).
Solo che adesso che ho tolto Chrome come faccio a sapere se è tutto risolto?
E se sì, non dovrò più usare Chrome?

Web

vicky67

Posted on 14/10/2014, 13:21

Master Malware Expert

Group: Administrator

Posts: 4,519

Location: Poggio Mirteto(RI)

Status: Anonymous

Ok
Hai eseguito anche TFC by old timer?
In chrome hai cancellato anche i dati personali?
Reinstalla adesso chrome e verifica la navigazione.

foo82

Posted on 14/10/2014, 14:22

Aiutante

Group: Member

Posts: 6,404

Status: Offline

Affermativo e affermativo. Ho anche rimesso Google Chrome e finora va tutto liscio, anche sui siti che prima erano problematici.
Quindi era una banale intrusione nel router? Abbiamo formattato un pc e fatto millemila scansioni per niente? :S
C'è altro che devo fare, adesso?
Intanto grazie mille per il presiosissimo aiuto e complimenti a chi ha messo su questo fantastico forum.

Web

danawillor

Posted on 14/10/2014, 14:35

User deleted

se puo' interessare, le ho provate un po' tutte in questi giorni, ccleaner, antimalawere, combofix, tfc...ho 2 pc collegati al router wifi, uno infetto, l'altro stranamente no, in quello infetto ho inserito i dns di google (8.8.8.8 e 8.8.4.4) in risorse rete>proprietà>connessione rete locale>generale>protocollo tcp/ip e...FUNZIONA TUTTO!
il pc non infetto era già configurato con i dns di google.
appena ho un po' di tempo vedrò di resettare il router wi-fi, credo che il problema sia proprio lì.
hope this helps!

698 replies since 5/6/2013, 08:44 22513 views