grazie innazi tutto
il primo pc mi da il segunete log (piu tardi faccio il secondo che c'è l'ho a casa)
OTL logfile created on: 27/12/2012 10:52:07 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Marco\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy
3,97 Gb Total Physical Memory | 2,18 Gb Available Physical Memory | 55,02% Memory free
7,93 Gb Paging File | 5,81 Gb Available in Paging File | 73,17% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 163,24 Gb Total Space | 28,58 Gb Free Space | 17,51% Space Free | Partition Type: NTFS
Drive D: | 125,57 Gb Total Space | 123,85 Gb Free Space | 98,62% Space Free | Partition Type: NTFS
Computer Name: MARCO-VAIO | User Name: Marco | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days
========== Processes (SafeList) ========== PRC - C:\Users\Marco\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe ()
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe (ManyCam LLC)
PRC - C:\Users\Marco\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Program Files (x86)\My 190\My 190.exe ()
PRC - C:\Program Files (x86)\Allway Sync\Bin\SyncService.exe ()
PRC - C:\Users\Public\Documents\AppData\PoApp\PService.exe (PService)
PRC - C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe (Atheros)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe (Vodafone)
PRC - C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe (Vodafone)
PRC - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.)
PRC - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe (Adobe Systems Inc.)
PRC - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
PRC - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.)
========== Modules (No Company Name) ========== MOD - C:\Users\Marco\AppData\Local\Temp\XTMP1MC3VE\DEM21F6.tmp ()
MOD - C:\Users\Marco\AppData\Local\Temp\XTMP1MC3VE\DEM21A6.tmp ()
MOD - C:\Users\Marco\AppData\Local\Temp\XTMP1MC3VE\DEM2327.tmp ()
MOD - C:\Users\Marco\AppData\Local\Temp\XTMP1MC3VE\DEM2316.tmp ()
MOD - C:\Users\Marco\AppData\Local\Temp\XTMP1MC3VE\DEM2304.tmp ()
MOD - C:\Users\Marco\AppData\Local\Temp\XTMP1MC3VE\DEM22F2.tmp ()
MOD - C:\Users\Marco\AppData\Local\Temp\YTMP7MC8AA\TAA242D.tmp ()
MOD - C:\Users\Marco\AppData\Local\Temp\XTMP1MC3VE\DEM2165.tmp ()
MOD - C:\Users\Marco\AppData\Local\Temp\XTMP1MC3VE\DEM204B.tmp ()
MOD - C:\Users\Marco\AppData\Local\Temp\XTMP1MC3VE\DEM1F7E.tmp ()
MOD - C:\Users\Marco\AppData\Local\Temp\XTMP1MC3VE\DEM1F1E.tmp ()
MOD - C:\Users\Marco\AppData\Local\Temp\XTMP1MC3VE\DEM1EAF.tmp ()
MOD - C:\Users\Marco\AppData\Local\Temp\XTMP1MC3VE\DEM1E4F.tmp ()
MOD - C:\Users\Marco\AppData\Local\Temp\XTMP1MC3VE\DEM1D63.tmp ()
MOD - C:\Users\Marco\AppData\Local\Temp\XTMP1MC3VE\DEM1CC5.tmp ()
MOD - C:\Users\Marco\AppData\Local\Temp\XTMP1MC3VE\DEM1C85.tmp ()
MOD - C:\Users\Marco\AppData\Local\Temp\XTMP1MC3VE\DEM1C06.tmp ()
MOD - C:\Users\Marco\AppData\Local\Temp\XTMP1MC3VE\DEM1ABD.tmp ()
MOD - C:\Users\Marco\AppData\Local\Temp\XTMP1MC3VE\DEM1A8C.tmp ()
MOD - C:\Users\Marco\AppData\Local\Temp\XTMP1MC3VE\DEM1A2C.tmp ()
MOD - C:\Users\Marco\AppData\Local\Temp\XTMP1MC3VE\DEM19AD.tmp ()
MOD - C:\Users\Marco\AppData\Local\Temp\XTMP1MC3VE\DEM1845.tmp ()
MOD - C:\Users\Marco\AppData\Local\Temp\XTMP1MC3VE\DEM1814.tmp ()
MOD - C:\Users\Marco\AppData\Local\Temp\XTMP1MC3VE\DEM17D3.tmp ()
MOD - C:\Users\Marco\AppData\Local\Temp\XTMP1MC3VE\DEM1773.tmp ()
MOD - C:\Users\Marco\AppData\Local\Temp\XTMP1MC3VE\DEM15AC.tmp ()
MOD - C:\Users\Marco\AppData\Local\Temp\XTMP1MC3VE\DEM1673.tmp ()
MOD - C:\Users\Marco\AppData\Local\Temp\XTMP1MC3VE\DEM16B6.tmp ()
MOD - C:\Users\Marco\AppData\Local\Temp\XTMP1MC3VE\DEM16A4.tmp ()
MOD - C:\Users\Marco\AppData\Local\Temp\XTMP1MC3VE\DEM1633.tmp ()
MOD - C:\Users\Marco\AppData\Local\Temp\XTMP1MC3VE\DEM15CF.tmp ()
MOD - C:\Users\Marco\AppData\Local\Temp\XTMP1MC3VE\DEM15F2.tmp ()
MOD - C:\Users\Marco\AppData\Local\Temp\XTMP1MC3VE\DEM15E1.tmp ()
MOD - C:\Users\Marco\AppData\Local\Temp\XTMP1MC3VE\DEM15BE.tmp ()
MOD - C:\Users\Marco\AppData\Local\Temp\XTMP1MC3VE\DEM159A.tmp ()
MOD - C:\Users\Marco\AppData\Local\Temp\XTMP1MC3VE\DEM14AC.tmp ()
MOD - C:\Users\Marco\AppData\Local\Temp\XTMP1MC3VE\DEM149B.tmp ()
MOD - C:\Users\Marco\AppData\Local\Temp\XTMP1MC3VE\DEM1489.tmp ()
MOD - C:\Users\Marco\AppData\Local\Temp\XTMP1MC3VE\DEM1466.tmp ()
MOD - C:\Users\Marco\AppData\Local\Temp\XTMP1MC3VE\DEM1445.tmp ()
MOD - C:\Users\Marco\AppData\Local\Temp\XTMP1MC3VE\DEM1424.tmp ()
MOD - C:\Users\Marco\AppData\Local\Temp\XTMP1MC3VE\DEM1370.tmp ()
MOD - C:\Users\Marco\AppData\Local\Temp\XTMP1MC3VE\DEM13B4.tmp ()
MOD - C:\Users\Marco\AppData\Local\Temp\XTMP1MC3VE\DEM1478.tmp ()
MOD - C:\Users\Marco\AppData\Local\Temp\XTMP1MC3VE\DEM14AE.tmp ()
MOD - C:\Users\Marco\AppData\Local\Temp\XTMP1MC3VE\DEM1391.tmp ()
MOD - C:\Users\Marco\AppData\Local\Temp\XTMP1MC3VE\DEM13A3.tmp ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\4a29fb5e489e57ccc97b19ca70db94a8\Microsoft.VisualBasic.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\239d84cfdb9de9730c1efb43840ef2eb\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\66694f9192bd0dddc2eaf90fbcbcd555\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\5dd12eeb1db4e7bfd88d6a8d101c73a9\IAStorCommon.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\9ef96469a3cc4fc244178f64ffab63bd\IAStorUtil.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\17796f2951c17ebf92dd4b7c9b3ce556\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Design\6bae49249e89285a361b54041ebef5ea\System.Design.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\cf840dca36a7b949696ce331d0532d3e\System.Web.Services.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\413288993ff690e8251d2dbe32bee01f\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\4d7a457d9f9adcce4d201119b5179c29\System.Transactions.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\3d4e9d4f6c945d6d3b7d423fdb6bd274\System.Data.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\70705382a499703e7a595fada80b04e6\Accessibility.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\53d6d827964619285771ed72332d3659\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b311b783e1efaa9527f4c2c9680c44d1\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\3079aabe5fd4f325656d52b94b19ae2e\System.Security.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll ()
MOD - c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\WebKit.dll ()
MOD - C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe ()
MOD - C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll ()
MOD - C:\Program Files (x86)\ManyCam\Bin\CrashRpt.dll ()
MOD - C:\Program Files (x86)\My 190\My 190.exe ()
MOD - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL ()
MOD - C:\PROGRA~2\MICROS~1\Office12\ADDINS\UMOUTL~1.DLL ()
MOD - C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.View.Taskbar.dll ()
MOD - C:\Program Files (x86)\ManyCam\Bin\opencv_objdetect220.dll ()
MOD - C:\Program Files (x86)\ManyCam\Bin\opencv_highgui220.dll ()
MOD - C:\Program Files (x86)\ManyCam\Bin\opencv_video220.dll ()
MOD - C:\Program Files (x86)\ManyCam\Bin\opencv_imgproc220.dll ()
MOD - C:\Program Files (x86)\ManyCam\Bin\opencv_core220.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_it_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()
MOD - C:\Program Files (x86)\Adobe\Acrobat 9.0\PDFMaker\Common\AdobePDFMakerX.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_it_b77a5c561934e089\System.Runtime.Remoting.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Xml.resources\2.0.0.0_it_b77a5c561934e089\System.Xml.resources.dll ()
MOD - C:\Windows\SysWOW64\msjetoledb40.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll ()
MOD - C:\Program Files (x86)\Adobe\Acrobat 9.0\PDFMaker\Common\AdobePDFMakerX.ITA ()
MOD - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.ita ()
MOD - C:\PROGRA~2\MICROS~1\Office12\ADDINS\COLLEA~1.DLL ()
========== Services (SafeList) ========== SRV:
64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (Browser Manager) -- C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe ()
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (SoftwareUpd) -- C:\Users\Marco\AppData\Local\SoftwareUpdater\SoftwareUpdService.exe (SoftwareUpdService)
SRV - (PowerOffer Service) -- C:\Users\Marco\AppData\Local\PosService\Pos.exe (PowerOfferService)
SRV - (VUAgent) -- C:\Programmi\Sony\VAIO Update Common\VUAgent.exe (Sony Corporation)
SRV - (BotkindSyncService) -- C:\Program Files (x86)\Allway Sync\Bin\SyncService.exe ()
SRV - (ServUpdater) -- C:\Users\Marco\AppData\Local\ServUpdater\ServiceUpd.exe (ServiceUpd)
SRV - (ZAtheros Wlan Agent) -- C:\Program Files (x86)\Qualcomm Atheros Fast Reconnect\Ath_WlanAgent.exe (Atheros)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (NIS) -- C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe (Symantec Corporation)
SRV - (FLEXnet Licensing Service 64) -- C:\Programmi\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Acresso Software Inc.)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (VcmIAlzMgr) -- C:\Programmi\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation)
SRV - (RtkAudioService) -- C:\Programmi\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor)
SRV - (VmbService) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe (Vodafone)
SRV - (UMVPFSrv) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.)
SRV - (wlidsvc) -- C:\Programmi\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (VcmINSMgr) -- C:\Programmi\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe (Sony Corporation)
SRV - (VcmXmlIfHelper) -- C:\Programmi\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe (Sony Corporation)
SRV - (SOHDms) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe (Sony Corporation)
SRV - (SOHCImp) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation)
SRV - (SOHDs) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation)
SRV - (VSNService) -- C:\Programmi\Sony\VAIO Smart Network\VSNService.exe (Sony Corporation)
SRV - (rpcapd) -- C:\Program Files (x86)\WinPcap\rpcapd.exe (CACE Technologies, Inc.)
SRV - (VAIO Event Service) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (VAIO Power Management) -- C:\Programmi\Sony\VAIO Power Management\SPMService.exe (Sony Corporation)
SRV - (btwdins) -- C:\Programmi\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV - (Roxio Upnp Server 10) -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe (Sonic Solutions)
SRV - (Roxio UPnP Renderer 10) -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe (Sonic Solutions)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (uCamMonitor) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
========== Driver Services (SafeList) ========== DRV:
64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:
64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:
64bit: - (SymEvent) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS (Symantec Corporation)
DRV:
64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:
64bit: - (mcaudrv_simple) -- C:\Windows\SysNative\drivers\mcaudrv_x64.sys (ManyCam LLC)
DRV:
64bit: - (ManyCam) -- C:\Windows\SysNative\drivers\mcvidrv_x64.sys (ManyCam LLC)
DRV:
64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:
64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:
64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)
DRV:
64bit: - (ccSet_NIS) -- C:\Windows\SysNative\drivers\NISx64\1301000.01C\ccSetx64.sys (Symantec Corporation)
DRV:
64bit: - (SRTSP) -- C:\Windows\SysNative\drivers\NISx64\1301000.01C\srtsp64.sys (Symantec Corporation)
DRV:
64bit: - (SRTSPX) -- C:\Windows\SysNative\drivers\NISx64\1301000.01C\srtspx64.sys (Symantec Corporation)
DRV:
64bit: - (SymEFA) -- C:\Windows\SysNative\drivers\NISx64\1301000.01C\SymEFA64.sys (Symantec Corporation)
DRV:
64bit: - (SymNetS) -- C:\Windows\SysNative\drivers\NISx64\1301000.01C\symnets.sys (Symantec Corporation)
DRV:
64bit: - (SymDS) -- C:\Windows\SysNative\drivers\NISx64\1301000.01C\SymDS64.sys (Symantec Corporation)
DRV:
64bit: - (SymIRON) -- C:\Windows\SysNative\drivers\NISx64\1301000.01C\Ironx64.sys (Symantec Corporation)
DRV:
64bit: - (RTHDMIAzAudService) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys (Realtek Semiconductor Corp.)
DRV:
64bit: - (LVUVC64) -- C:\Windows\SysNative\drivers\lvuvc64.sys (Logitech Inc.)
DRV:
64bit: - (LVRS64) -- C:\Windows\SysNative\drivers\lvrs64.sys (Logitech Inc.)
DRV:
64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:
64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:
64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:
64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:
64bit: - (vodafone_K3805-z_cdc_ecm) -- C:\Windows\SysNative\drivers\vodafone_K3805-z_cdc_ecm.sys (Vodafone)
DRV:
64bit: - (vodafone_K3805-z_cdc_acm) -- C:\Windows\SysNative\drivers\vodafone_K3805-z_cdc_acm.sys (Vodafone)
DRV:
64bit: - (vodafone_K3805-z_dc_enum) -- C:\Windows\SysNative\drivers\vodafone_K3805-z_dc_enum.sys (Vodafone)
DRV:
64bit: - (vodafone_K3805-z_cpo) -- C:\Windows\SysNative\drivers\vodafone_K3805-z_cpo.sys (Vodafone)
DRV:
64bit: - (NPF) -- C:\Windows\SysNative\drivers\npf.sys (CACE Technologies, Inc.)
DRV:
64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:
64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:
64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:
64bit: - (IntcHdmiAddService) -- C:\Windows\SysNative\drivers\IntcHdmi.sys (Intel(R) Corporation)
DRV:
64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:
64bit: - (ApfiltrService) -- C:\Windows\SysNative\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV:
64bit: - (risdptsk) -- C:\Windows\SysNative\drivers\risdsn64.sys (REDC)
DRV:
64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
DRV:
64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:
64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
DRV:
64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV:
64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:
64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:
64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:
64bit: - (usb_rndisx) -- C:\Windows\SysNative\drivers\usb8023x.sys (Microsoft Corporation)
DRV:
64bit: - (rimsptsk) -- C:\Windows\SysNative\drivers\rimspx64.sys (REDC)
DRV:
64bit: - (SFEP) -- C:\Windows\SysNative\drivers\SFEP.sys (Sony Corporation)
DRV:
64bit: - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.)
DRV:
64bit: - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.)
DRV:
64bit: - (SrvHsfHDA) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.)
DRV:
64bit: - (netr28ux) -- C:\Windows\SysNative\drivers\netr28ux.sys (Ralink Technology Corp.)
DRV:
64bit: - (netw5v64) -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation)
DRV:
64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:
64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:
64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:
64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:
64bit: - (ArcSoftKsUFilter) -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.)
DRV:
64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:
64bit: - (adfs) -- C:\Windows\SysNative\drivers\adfs.sys (Adobe Systems, Inc.)
DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20121226.002\ex64.sys (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20121226.002\eng64.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (BHDrvx64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20121130.005\BHDrvx64.sys (Symantec Corporation)
DRV - (IDSVia64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20121225.001\IDSviA64.sys (Symantec Corporation)
DRV - (eeCtrl) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (Symantec Corporation)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:
64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:
64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:
64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://search.findeer.comIE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://search.findeer.comIE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://search.findeer.com IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://search.findeer.com IE - HKU\S-1-5-21-1263648278-2430053482-2179432734-1000\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page =
http://www.google.it/IE - HKU\S-1-5-21-1263648278-2430053482-2179432734-1000\SOFTWARE\Microsoft\Internet Explorer\Main,BrowserMngr Start Page =
http://search.babylon.com/?affID=112555&tt=270912_7a_3912_4&babsrc=HP_ss&mntrId=96120cf900000000000006265eff585eIE - HKU\S-1-5-21-1263648278-2430053482-2179432734-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.google.com/ig/redirectdomain?brand=SVEA&bmod=EU01IE - HKU\S-1-5-21-1263648278-2430053482-2179432734-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-1263648278-2430053482-2179432734-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://search.findeer.comIE - HKU\S-1-5-21-1263648278-2430053482-2179432734-1000\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-1263648278-2430053482-2179432734-1000\..\SearchScopes,BrowserMngrDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-1263648278-2430053482-2179432734-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-1263648278-2430053482-2179432734-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1263648278-2430053482-2179432734-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" =
http://search.babylon.com/?q={searchTerms}&affID=112555&tt=270912_7a_3912_4&babsrc=SP_ss&mntrId=96120cf900000000000006265eff585e
IE - HKU\S-1-5-21-1263648278-2430053482-2179432734-1000\..\SearchScopes\{252907AE-0E9F-4FE9-945F-F7AE8A71FE1B}: "URL" =
http://www.google.it/search?hl=it&q={searchTerms}&meta=
IE - HKU\S-1-5-21-1263648278-2430053482-2179432734-1000\..\SearchScopes\{84BE32AD-264D-4E5E-9809-3E1D3764EF29}: "URL" =
http://rover.ebay.com/rover/1/724-42445-16445-8/4?satitle={searchTerms}
IE - HKU\S-1-5-21-1263648278-2430053482-2179432734-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" =
http://isearch.avg.com/search?cid={F02C6E7A-8875-4B71-9435-2E57CD6B0223}&mid=8e56d01eb68947d09cc8d16df898bae9-c63e4cd193952cc35046d58178f19a9548200a45&lang=it&ds=gh011&pr=sa&d=2012-04-07 08:24:54&v=10.2.0.3&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-1263648278-2430053482-2179432734-1000\..\SearchScopes\{E40ED389-4D1D-4009-9C9B-8FBCEE70C161}: "URL" =
http://services.zinio.com/search?s={selection}&rf=sonyslices
IE - HKU\S-1-5-21-1263648278-2430053482-2179432734-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)"
FF - prefs.js..browser.startup.homepage: '
http://search.findeer.com'
FF - prefs.js..extensions.enabledAddons: {b64982b1-d112-42b5-b1e4-d3867c4533f8}:2.2.643.41
FF - prefs.js..extensions.enabledAddons: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.2.2
FF - prefs.js..extensions.enabledAddons: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:11.1.1.5 - 2
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "Search the web (Babylon)"
FF:
64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_135.dll File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Sun Microsystems, Inc.)
FF:
64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:
64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46: C:\Program Files (x86)\VistaCodecPack\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46: C:\Program Files (x86)\VistaCodecPack\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn\ [2012/12/27 10:41:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn\ [2012/12/27 10:41:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/12/06 08:01:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/10/25 07:47:46 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}: C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension [2012/10/11 07:05:44 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/12/06 08:01:47 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/10/25 07:47:46 | 000,000,000 | ---D | M]
[2011/07/26 14:05:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marco\AppData\Roaming\mozilla\Extensions
[2012/12/13 08:21:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marco\AppData\Roaming\mozilla\Firefox\Profiles\w0v85rm1.default\extensions
[2012/12/13 08:21:23 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Marco\AppData\Roaming\mozilla\Firefox\Profiles\w0v85rm1.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2012/09/29 13:30:17 | 000,002,222 | ---- | M] () -- C:\Users\Marco\AppData\Roaming\mozilla\firefox\profiles\w0v85rm1.default\searchplugins\BabylonMngr.xml
[2012/12/25 23:42:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012/09/13 11:32:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012/10/01 20:13:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2012/12/27 10:41:32 | 000,000,000 | ---D | M] (Norton Vulnerability Protection) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPLGN
[2012/12/06 08:01:46 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/12/06 08:01:46 | 000,001,606 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-it.xml
[2012/04/07 07:24:50 | 000,003,749 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/09/29 13:29:48 | 000,002,359 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012/08/29 13:07:30 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/12/06 08:01:46 | 000,000,957 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-it.xml
[2012/12/06 08:01:46 | 000,001,030 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\hoepli.xml
[2012/12/06 08:01:46 | 000,001,395 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-it.xml
[2012/12/06 08:01:46 | 000,001,166 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-it.xml
========== Chrome ========== CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage:
http://search.findeer.comCHR - plugin: Shockwave Flash (Enabled) = C:\Users\Marco\AppData\Local\Google\Chrome\Application\17.0.963.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np32dsw.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\VistaCodecPack\rm\browser\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\VistaCodecPack\rm\browser\plugins\nprpjplug.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Marco\AppData\Local\Google\Chrome\Application\17.0.963.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Marco\AppData\Local\Google\Chrome\Application\17.0.963.56\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Marco\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: Ricerca Google = C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: Norton Identity Protection = C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.0.140_0\
CHR - Extension: Gmail = C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\
O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:
64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:
64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:
64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\IPS\IPSBHO.DLL (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\coIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - No CLSID value found.
O4:
64bit: - HKLM..\Run: [Apoint] C:\Programmi\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4:
64bit: - HKLM..\Run: [RtHDVCpl] C:\Programmi\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:
64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [MobileBroadband] C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe (Vodafone)
O4 - HKLM..\Run: [PosService] C:\Users\Public\Documents\AppData\PoApp\PLauncher.exe (PLauncher)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1263648278-2430053482-2179432734-1000..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-1263648278-2430053482-2179432734-1000..\Run: [ManyCam] C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe (ManyCam LLC)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Marco\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\My 190.lnk = C:\Program Files (x86)\My 190\My 190.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:
64bit: - Extra context menu item: &Point&&Go - C:\Program Files (x86)\Common Files\Expert System\PGPlatform\PGPlatform.htm ()
O8:
64bit: - Extra context menu item: Aggiungi a PDF esistente - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:
64bit: - Extra context menu item: Converti destinazione link in Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:
64bit: - Extra context menu item: Converti destinazione link in PDF esistente - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:
64bit: - Extra context menu item: Converti in Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:
64bit: - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: &Point&&Go - C:\Program Files (x86)\Common Files\Expert System\PGPlatform\PGPlatform.htm ()
O8 - Extra context menu item: Aggiungi a PDF esistente - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Converti destinazione link in Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Converti destinazione link in PDF esistente - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Converti in Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9:
64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:
64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Invia a Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Invia a periferica &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:
64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programmi\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:
64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programmi\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O13
64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:
64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Reg Error: Value error.)
O16:
64bit: - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16:
64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 10.9.2)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1A7808A2-F319-4CC1-81B4-51128CFC7954}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1A7808A2-F319-4CC1-81B4-51128CFC7954}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{51B38140-05DB-4BB0-A6F5-4B1AE27532FF}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{73893C15-829A-4CB1-A5F1-261F22938D0A}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7906BAAE-2D81-4B20-B2A1-8C9CFBB904AF}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7906BAAE-2D81-4B20-B2A1-8C9CFBB904AF}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AE81C926-4857-4FF9-9A6F-4C6E18DAEBC6}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B9888811-65CC-4DB3-BFA5-E8F8A6CBFCCD}: NameServer = 176.31.229.24,176.31.229.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BF9A735B-D42D-49EC-B41A-59A1E816C361}: NameServer = 176.31.229.24,176.31.229.25
O18:
64bit: - Protocol\Handler\livecall - No CLSID value found
O18:
64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:
64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:
64bit: - Protocol\Handler\msnim - No CLSID value found
O18:
64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:
64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programmi\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~3\browse~1\23787~1.43\{16cdf~1\browse~1.dll) - c:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll ()
O20 - AppInit_DLLs: (c:\progra~3\browse~1\22643~1.41\{16cdf~1\browse~1.dll) - File not found
O20:
64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:
64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\SysWow64\VESWinlogon.dll (Sony Corporation)
O21:
64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{47595247-878d-11e1-9f2e-0024be7c531a}\Shell - "" = AutoRun
O33 - MountPoints2\{47595247-878d-11e1-9f2e-0024be7c531a}\Shell\AutoRun\command - "" = F:\setup_vmb_lite.exe /checkApplicationPresence
O33 - MountPoints2\{47595254-878d-11e1-9f2e-0024be7c531a}\Shell - "" = AutoRun
O33 - MountPoints2\{47595254-878d-11e1-9f2e-0024be7c531a}\Shell\AutoRun\command - "" = F:\setup_vmb_lite.exe /checkApplicationPresence
O34 - HKLM BootExecute: (autocheck autochk *)
O35:
64bit: - HKLM\..comfile [open] -- "%1" %*
O35:
64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:
64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:
64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 60 Days ========== [2012/12/23 16:32:29 | 000,000,000 | ---D | C] -- C:\Users\Marco\Desktop\chopin
[2012/12/22 07:20:42 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Local\ServUpdater
[2012/12/22 07:20:42 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Local\PowerOffer
[2012/12/22 07:20:42 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\AppData
[2012/12/22 07:20:41 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Local\PosService
[2012/12/22 01:39:10 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2012/12/22 01:39:10 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2012/12/22 01:39:09 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2012/12/22 01:39:09 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2012/12/21 16:19:47 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Local\SoftwareUpdater
[2012/12/21 16:19:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPcCleaner
[2012/12/21 16:19:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyPcCleaner
[2012/12/21 16:19:44 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Local\MediaHuman
[2012/12/21 16:19:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaHuman
[2012/12/21 16:19:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MediaHuman
[2012/12/20 07:03:22 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Local\{A6904D9A-AEEF-4F39-8D6B-7B23A90995E7}
[2012/12/17 16:52:43 | 000,000,000 | ---D | C] -- C:\Users\Marco\Desktop\regalo prof
[2012/12/16 22:19:14 | 000,000,000 | ---D | C] -- C:\Users\Marco\Desktop\2012_marco tesi laurea
[2012/12/16 05:14:15 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Local\{D263F761-3BB0-49A8-A31F-9AB958AEC739}
[2012/12/15 17:13:49 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Local\{4F7E0930-4BD0-4DAB-9AF3-A109C5940A45}
[2012/12/14 08:38:06 | 000,000,000 | ---D | C] -- C:\Users\Marco\Desktop\Nuova cartella
[2012/12/13 10:43:50 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/12/13 10:43:49 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/12/13 10:43:48 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/12/13 10:43:48 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/12/13 10:43:48 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/12/13 10:43:48 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/12/13 10:43:48 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/12/13 10:43:48 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/12/13 10:43:47 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/12/13 10:43:47 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/12/13 10:43:47 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/12/13 10:43:47 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/12/13 10:43:43 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/12/13 10:43:43 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/12/13 10:43:43 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/12/13 08:32:13 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2012/12/13 08:32:12 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2012/12/13 08:32:12 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2012/12/13 08:32:12 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012/12/13 08:32:11 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012/12/13 08:32:11 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2012/12/13 08:32:11 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2012/12/13 08:32:11 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2012/12/13 08:32:11 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2012/12/13 08:32:11 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2012/12/13 08:32:11 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2012/12/13 08:32:11 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2012/12/13 08:32:10 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2012/12/13 08:32:10 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2012/12/13 08:32:10 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2012/12/13 08:32:10 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2012/12/13 08:32:10 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2012/12/13 08:32:10 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2012/12/13 08:32:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/12/13 08:32:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/12/13 08:32:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2012/12/13 08:32:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2012/12/13 08:32:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2012/12/13 08:32:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2012/12/13 08:32:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/12/13 08:32:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/12/13 08:32:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/12/13 08:32:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/12/13 08:32:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/12/13 08:32:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2012/12/13 08:32:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2012/12/13 08:32:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2012/12/13 08:32:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/12/13 08:32:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/12/13 08:32:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2012/12/13 08:32:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2012/12/13 08:32:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2012/12/13 08:32:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2012/12/13 08:32:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2012/12/13 08:32:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2012/12/13 08:32:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/12/13 08:32:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2012/12/13 08:32:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2012/12/13 08:32:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2012/12/13 08:32:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2012/12/13 08:32:09 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2012/12/13 08:32:09 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2012/12/13 08:32:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2012/12/13 08:32:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2012/12/13 08:32:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2012/12/13 08:32:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2012/12/13 08:32:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2012/12/13 08:32:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2012/12/13 08:32:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2012/12/13 08:32:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2012/12/13 08:32:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2012/12/13 08:32:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2012/12/13 08:32:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2012/12/13 08:32:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/12/13 08:32:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/12/13 08:32:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2012/12/13 08:32:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2012/12/13 08:32:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2012/12/13 08:32:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2012/12/13 08:32:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2012/12/13 08:32:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2012/12/13 08:32:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2012/12/13 08:32:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2012/12/13 08:32:07 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2012/12/13 08:31:50 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll
[2012/12/13 08:31:49 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll
[2012/12/11 13:42:01 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Local\{04B6C126-C711-49C8-8526-024C119BC107}
[2012/12/09 11:15:18 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Local\{65CF16EC-D984-4888-A947-5B2D9BE7C5E4}
[2012/11/30 20:57:59 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Local\{4CCBF7B9-B271-4EF4-9E85-D2D72B7DE8DE}
[2012/11/30 08:57:48 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Local\{EFFCB845-8342-4E27-858E-8A945F8F92BA}
[2012/11/28 14:30:49 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Local\{6C29F005-BDCC-49E0-8FF6-7588004E4E29}
[2012/11/27 11:06:38 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Local\{833B4816-F0E9-49F6-8747-FC116867BC3A}
[2012/11/27 09:03:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/11/27 09:03:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012/11/26 22:12:37 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Local\{D4F32AC9-D827-4F76-9D70-1105F448F2AD}
[2012/11/26 10:12:15 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Local\{381502DE-92D9-4653-A874-754F4B2D9E3E}
[2012/11/23 10:26:38 | 000,000,000 | ---D | C] -- C:\Users\Marco\Documents\referti_scaricati
[2012/11/23 10:24:34 | 000,000,000 | ---D | C] -- C:\Users\Marco\Documents\laurea
[2012/11/23 10:22:24 | 000,000,000 | ---D | C] -- C:\Users\Marco\Documents\ricevute
[2012/11/22 08:44:01 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Local\{142ABB65-D4B2-404B-8A7F-AD63C319BFFC}
[2012/11/21 20:01:46 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Local\{FF882622-07E7-4AD2-B534-7BE9B1C15981}
[2012/11/21 08:01:26 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Local\{23262968-7FCC-4AA3-AEFA-5B57B16F7C24}
[2012/11/20 18:08:56 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Local\{8164AD23-84C6-4207-AA67-13799136AA97}
[2012/11/19 15:00:14 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Local\{FB5D598C-7518-49DB-BAE6-D64F2FF30888}
[2012/11/17 15:00:50 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Local\{EE11F71E-11CD-4B18-9948-24132E54BC55}
[2012/11/16 23:25:30 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Local\{0B947646-4E5D-4571-82A2-1859B815F7F3}
[2012/11/16 11:25:08 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Local\{F47E77F3-AF7C-44A8-9C00-AC905DB92F77}
[2012/11/15 23:28:53 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll
[2012/11/15 23:28:53 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2012/11/15 23:28:53 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
[2012/11/15 23:28:51 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys
[2012/11/15 23:28:51 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys
[2012/11/15 23:28:46 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2012/11/15 23:28:46 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe
[2012/11/15 23:28:46 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2012/11/15 23:28:46 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2012/11/15 23:28:46 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2012/11/15 23:28:46 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll
[2012/11/15 23:28:46 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll
[2012/11/15 23:28:46 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe
[2012/11/15 23:28:46 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll
[2012/11/15 23:28:46 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll
[2012/11/15 23:28:46 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2012/11/15 23:28:46 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll
[2012/11/15 23:28:46 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2012/11/15 23:28:46 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll
[2012/11/15 23:28:46 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll
[2012/11/15 23:28:45 | 004,916,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2012/11/15 23:28:45 | 003,174,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2012/11/15 23:28:45 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2012/11/15 23:28:44 | 005,773,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2012/11/15 23:27:30 | 001,448,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012/11/15 23:27:30 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012/11/15 23:24:37 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Local\{CA5EEF3C-A9CA-4524-B0B0-BBCC7F27B768}
[2012/11/15 23:03:33 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2012/11/15 23:03:33 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll
[2012/11/15 22:51:00 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2012/11/15 22:50:59 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2012/11/15 22:50:59 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2012/11/15 22:50:59 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2012/11/15 22:09:32 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
[2012/11/15 22:09:31 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
[2012/11/15 22:09:31 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2012/11/15 22:09:22 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll
[2012/11/15 22:09:22 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2012/11/15 22:09:22 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll
[2012/11/15 22:09:22 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2012/11/15 22:09:22 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2012/11/15 22:09:22 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2012/11/15 22:09:07 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll
[2012/11/15 22:09:05 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll
[2012/11/15 09:03:58 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Local\{7FAE8E78-E3D7-4F5B-B825-123B9880D11D}
[2012/11/14 14:35:23 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Local\{D31B9380-0EE6-4AF2-B537-196E2D3AD43C}
[2012/11/13 08:37:04 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Local\{9902382F-2676-4FF8-BCEC-9D9B28F6456D}
[2012/11/12 15:40:31 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Local\{1717689F-F4DC-4AF0-8FDE-27FD440110DC}
[2012/11/11 19:34:06 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Local\{88A81743-013C-4B33-9FB3-2CF84F807823}
[2012/11/10 20:15:33 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\searchplugins
[2012/11/10 20:15:33 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Extensions
[2012/11/10 10:18:38 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Local\{08B69DEA-0FDF-4863-A832-9259822C7A4E}
[2012/11/09 11:18:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Windows Genuine Advantage
[2012/11/09 10:31:58 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Local\{6400A748-5A23-40C4-BACE-F0C855213B37}
[2012/11/07 10:13:58 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Local\{7C9FFF91-7824-4525-9ECC-83274E72B42D}
[2012/11/06 20:38:55 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Local\{5067AC2D-87C0-4D90-97E3-9806B789726E}
[2012/11/06 08:38:29 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Local\{E552AE09-9FE3-46B5-93A0-AE75D7BDDB75}
[2012/11/06 07:27:29 | 000,000,000 | -HSD | C] -- C:\found.001
[2012/11/05 07:00:58 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Local\{54A1E3C9-E9AE-4A8B-9309-1F39ABE34154}
[2012/11/04 09:00:41 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Local\{BBB1AB4D-A3F1-4627-A9E1-2350BAD7C57B}
[2012/11/03 17:00:40 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Local\{A2193D13-17D5-4D37-B002-AD76C10D4931}
[2012/11/02 05:55:25 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Local\{A8C2CBAE-7C00-4119-85D2-BFCA70AF6900}
[2012/10/30 07:33:01 | 000,000,000 | -HSD | C] -- C:\found.000
[2012/10/29 08:15:19 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Local\{370D83B8-5D23-4447-8932-7846DC8D85F5}
[2012/10/28 19:12:56 | 000,000,000 | ---D | C] -- C:\Users\Marco\AppData\Local\{356E05A5-35EE-46E4-B456-F1F5656E61E3}
[2 C:\Users\Marco\Desktop\*.tmp files -> C:\Users\Marco\Desktop\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 60 Days ========== [2012/12/27 10:50:25 | 000,010,096 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/12/27 10:50:25 | 000,010,096 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/12/27 10:41:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/12/27 10:41:04 | 3195,293,696 | -HS- | M] () -- C:\hiberfil.sys
[2012/12/26 22:40:26 | 000,000,978 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/12/25 23:38:23 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/12/23 16:23:04 | 001,662,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/12/23 16:23:04 | 000,742,376 | ---- | M] () -- C:\Windows\SysNative\perfh010.dat
[2012/12/23 16:23:04 | 000,655,318 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/12/23 16:23:04 | 000,147,536 | ---- | M] () -- C:\Windows\SysNative\perfc010.dat
[2012/12/23 16:23:04 | 000,122,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/12/22 07:20:43 | 000,004,069 | ---- | M] () -- C:\Users\Marco\AppData\Local\unins000.dat
[2012/12/22 07:20:34 | 000,715,038 | ---- | M] () -- C:\Users\Marco\AppData\Local\unins000.exe
[2012/12/22 07:19:36 | 002,976,952 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/12/21 20:30:46 | 000,072,953 | ---- | M] () -- C:\Users\Marco\Desktop\BUONO%2010%20SU%2060%20VICENZA.pdf
[2012/12/21 16:20:31 | 000,001,288 | ---- | M] () -- C:\Users\Marco\Desktop\MediaHuman YouTube to MP3 Converter.lnk
[2012/12/21 16:20:31 | 000,000,069 | ---- | M] () -- C:\Users\Marco\Desktop\Visit MediaHuman Website.url
[2012/12/21 16:18:47 | 012,395,260 | ---- | M] ( ) -- C:\Users\Marco\Desktop\YouTubeToMP3.exe
[2012/12/17 22:47:51 | 000,557,585 | ---- | M] () -- C:\Users\Marco\Desktop\taniamorisoli.pdf
[2012/12/16 18:11:22 | 000,046,080 | ---- | M] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2012/12/16 15:45:03 | 000,367,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2012/12/16 15:13:28 | 000,295,424 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2012/12/16 15:13:20 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2012/12/13 08:40:43 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/12/13 08:40:43 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/12/08 10:11:43 | 000,239,877 | ---- | M] () -- C:\Users\Marco\Desktop\Marco1 [modalità compatibilità].pdf
[2012/12/07 11:08:34 | 000,812,605 | ---- | M] () -- C:\Users\Marco\Desktop\marco.sartori.12_12_2012.pdf
[2012/11/28 16:58:10 | 000,720,502 | ---- | M] () -- C:\Users\Marco\Desktop\manuale haccp.pdf
[2012/11/28 16:40:37 | 000,090,133 | ---- | M] () -- C:\Users\Marco\Desktop\res563175_PROTOCOLLO-PER-LA-GESTIONE-DEI-FARMACI.pdf
[2012/11/24 21:06:31 | 000,245,001 | ---- | M] () -- C:\Users\Marco\Desktop\soglia 300 pagine corpo tesi .jpg
[2012/11/18 17:07:44 | 000,088,877 | ---- | M] () -- C:\Users\Marco\Documents\297.full.pdf
[2012/11/14 07:11:44 | 002,312,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/11/14 07:02:49 | 001,494,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/11/14 07:02:04 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/11/14 06:58:36 | 000,816,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/11/14 06:57:46 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/11/14 06:57:35 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/11/14 06:55:26 | 000,729,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/11/14 06:53:22 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/11/14 06:46:25 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/11/14 02:58:15 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/11/14 02:55:46 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/11/14 02:49:25 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/11/14 02:49:19 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/11/14 02:45:01 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/11/14 02:41:30 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/11/08 11:52:20 | 000,025,521 | ---- | M] () -- C:\Users\Marco\Desktop\palmata.jpg
[2012/11/05 14:22:35 | 000,017,930 | ---- | M] () -- C:\Users\Marco\Desktop\buono_sconto.pdf
[2012/11/02 06:59:11 | 000,478,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll
[2012/11/02 06:11:31 | 000,376,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll
[2012/10/28 16:54:25 | 000,220,421 | ---- | M] () -- C:\Users\Marco\Desktop\Rapporti%20Istisan%200415.1234858430.pdf
[2 C:\Users\Marco\Desktop\*.tmp files -> C:\Users\Marco\Desktop\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ========== [2012/12/22 07:20:41 | 000,715,038 | ---- | C] () -- C:\Users\Marco\AppData\Local\unins000.exe
[2012/12/22 07:20:41 | 000,004,069 | ---- | C] () -- C:\Users\Marco\AppData\Local\unins000.dat
[2012/12/21 20:30:46 | 000,072,953 | ---- | C] () -- C:\Users\Marco\Desktop\BUONO%2010%20SU%2060%20VICENZA.pdf
[2012/12/21 16:19:21 | 000,001,288 | ---- | C] () -- C:\Users\Marco\Desktop\MediaHuman YouTube to MP3 Converter.lnk
[2012/12/21 16:19:21 | 000,000,069 | ---- | C] () -- C:\Users\Marco\Desktop\Visit MediaHuman Website.url
[2012/12/21 16:18:33 | 012,395,260 | ---- | C] ( ) -- C:\Users\Marco\Desktop\YouTubeToMP3.exe
[2012/12/17 22:47:51 | 000,557,585 | ---- | C] () -- C:\Users\Marco\Desktop\taniamorisoli.pdf
[2012/12/08 10:11:43 | 000,239,877 | ---- | C] () -- C:\Users\Marco\Desktop\Marco1 [modalità compatibilità].pdf
[2012/12/07 11:08:34 | 000,812,605 | ---- | C] () -- C:\Users\Marco\Desktop\marco.sartori.12_12_2012.pdf
[2012/11/28 16:58:09 | 000,720,502 | ---- | C] () -- C:\Users\Marco\Desktop\manuale haccp.pdf
[2012/11/28 16:40:37 | 000,090,133 | ---- | C] () -- C:\Users\Marco\Desktop\res563175_PROTOCOLLO-PER-LA-GESTIONE-DEI-FARMACI.pdf
[2012/11/24 21:06:31 | 000,245,001 | ---- | C] () -- C:\Users\Marco\Desktop\soglia 300 pagine corpo tesi .jpg
[2012/11/18 17:07:44 | 000,088,877 | ---- | C] () -- C:\Users\Marco\Documents\297.full.pdf
[2012/11/15 23:03:36 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012/11/15 22:50:59 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012/11/08 11:52:20 | 000,025,521 | ---- | C] () -- C:\Users\Marco\Desktop\palmata.jpg
[2012/11/05 14:22:35 | 000,017,930 | ---- | C] () -- C:\Users\Marco\Desktop\buono_sconto.pdf
[2012/10/28 16:54:25 | 000,220,421 | ---- | C] () -- C:\Users\Marco\Desktop\Rapporti%20Istisan%200415.1234858430.pdf
[2012/03/17 11:44:33 | 001,683,126 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/02/22 14:49:39 | 000,000,302 | ---- | C] () -- C:\Users\Marco\.JavaPowUpload.properties
[2011/12/14 09:38:23 | 000,004,608 | ---- | C] () -- C:\Users\Marco\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/11/10 03:36:06 | 000,204,960 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2011/11/10 03:36:06 | 000,157,152 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011/11/09 22:39:44 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2011/11/09 22:39:32 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011/09/13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/07/26 18:32:38 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/07/26 13:45:08 | 000,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI
[2011/07/26 13:30:47 | 000,002,835 | ---- | C] () -- C:\Windows\SysWow64\McOEMAppRules.dat
[2011/04/18 14:39:56 | 000,226,364 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
[2011/04/01 04:07:02 | 010,877,272 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2011/04/01 04:07:02 | 000,102,744 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2011/04/01 04:06:56 | 000,331,608 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
========== ZeroAccess Check ========== [2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== Purity Check ========== < End of report >