Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » apertura pagine

apertura pagine Opzioni
Topic Precedente · Topic Sucessivo
lifters
Inviato: Monday, March 11, 2013 7:21:56 PM
Rank: Member

Iscritto dal : 3/1/2012
Posts: 19
Salve a tutti, da un po di giorni mentre navigo ho mentre apro una pagina, mi si apre un ulteriore pagina non desiderata (pubblicità e altro), come antivirus tenevo "PANDA CLOUD" lo sostituito con "AD-AWARE" ma non trova nessun problema, ho aggiunto "SPYBOT" e nemmeno ho risolto, chi mi può dare una dritta su come risolvere?
Ringrazio anticipatamente a tutti coloro che si interesseranno.
Lifters
Torna in alto
 
Sponsor
Inviato: Monday, March 11, 2013 7:21:56 PM

 
Torna in alto
 
shapiro
Inviato: Monday, March 11, 2013 7:28:07 PM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164
ciao fai queste scansioni

scarica adwcleaner

clicca su ''delete'' e posta il log

Scarica OTL e salvalo sul desktop

Metti la spunta su SCAN ALL USERS.

Sotto output, metti la spunta su minimal output

Clicca sulla freccettina di File Age e seleziona 60 Days

Metti la spunta a LOP Check e Purity Check.

Clicca su RUN SCAN

Lascia fare la scansione senza interferire.

Al termine della scansione trovi due log sul desktop. OTL.txt ed Extras.txt,

salvali e caricali QUI

WIKISEND E' IN LAVORAZIONE
Torna in alto
 
lifters
Inviato: Monday, March 11, 2013 8:07:40 PM
Rank: Member

Iscritto dal : 3/1/2012
Posts: 19
# AdwCleaner v2.114 - Logfile creato il 11/03/2013 alle 19:31:17
# Aggiornamento 05/03/2013 by Xplode
# Sistema Operativo : Windows 7 Ultimate Service Pack 1 (32 bits)
# Utente : Ciro - CIRO-PC
# Modalità Avvio : Modalità Normale
# Eseguito da : D:\Users\Ciro\Downloads\adwcleaner.exe
# Opzioni [Elimina]


***** [Servizi] *****


***** [File / Cartelle] *****

Cartella Eliminato : D:\Program Files\adawaretb
Cartella Eliminato : D:\ProgramData\adawaretb
Cartella Eliminato : D:\ProgramData\blekko toolbars
Cartella Eliminato : D:\ProgramData\search protection
Cartella Eliminato : D:\Users\Ciro\AppData\LocalLow\adawaretb
Cartella Eliminato : D:\Users\Ciro\AppData\Roaming\pdfforge

***** [Registro] *****

Chiave Eliminata : HKCU\Software\APN PIP
Chiave Eliminata : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Chiave Eliminata : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Chiave Eliminata : HKCU\Software\Softonic
Chiave Eliminata : HKLM\SOFTWARE\Classes\CLSID\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Chiave Eliminata : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Chiave Eliminata : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Chiave Eliminata : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Chiave Eliminata : HKLM\Software\PIP
Valore Eliminata : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{6C97A91E-4524-4019-86AF-2AA2D567BF5C}]

***** [Browser Internet] *****

-\\ Internet Explorer v9.0.8112.16464

[OK] Registro Pulito.

-\\ Google Chrome v25.0.1364.160

File : D:\Users\Ciro\AppData\Local\Google\Chrome\User Data\Default\Preferences

Eliminata [l.41] : search_url = "hxxp://lavasoft.blekko.com/ws/?source=f439e2c0&tbp=rbox&toolbarid=adawaretb&u=5[...]

*************************

AdwCleaner[S1].txt - [2021 octets] - [11/03/2013 19:31:17]

########## EOF - D:\AdwCleaner[S1].txt - [2081 octets] ##########
Torna in alto
 
shapiro
Inviato: Monday, March 11, 2013 8:20:05 PM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164


mi serve la scansione con otl
Torna in alto
 
lifters
Inviato: Monday, March 11, 2013 10:03:40 PM
Rank: Member

Iscritto dal : 3/1/2012
Posts: 19
OTL logfile created on: 11/03/2013 19:43:42 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Users\Ciro\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 0,75 Gb Available Physical Memory | 37,40% Memory free
4,00 Gb Paging File | 2,55 Gb Available in Paging File | 63,80% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files
Drive C: | 294,61 Gb Total Space | 135,87 Gb Free Space | 46,12% Space Free | Partition Type: NTFS
Drive D: | 195,30 Gb Total Space | 105,94 Gb Free Space | 54,25% Space Free | Partition Type: NTFS
Drive E: | 3,46 Gb Total Space | 0,37 Gb Free Space | 10,74% Space Free | Partition Type: FAT32
Drive F: | 142,09 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF
Drive H: | 270,45 Gb Total Space | 270,34 Gb Free Space | 99,96% Space Free | Partition Type: NTFS

Computer Name: CIRO-PC | User Name: Ciro | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

========== Processes (SafeList) ==========

PRC - D:\Users\Ciro\Desktop\OTL.exe (OldTimer Tools)
PRC - D:\Program Files\Ad-Aware Antivirus\AdAwareService.exe (Lavasoft Limited)
PRC - D:\PROGRA~1\AD-AWA~1\AdAware.exe (Lavasoft Limited)
PRC - D:\Program Files\BlueStacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.)
PRC - D:\Program Files\BlueStacks\HD-Service.exe (BlueStack Systems, Inc.)
PRC - D:\Program Files\BlueStacks\HD-SharedFolder.exe (BlueStack Systems)
PRC - D:\Program Files\BlueStacks\HD-BlockDevice.exe (BlueStack Systems)
PRC - D:\Program Files\BlueStacks\HD-Network.exe (BlueStack Systems)
PRC - D:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
PRC - D:\Program Files\PDF Architect\ConversionService.exe (pdfforge GbR)
PRC - D:\Program Files\PDF Architect\HelperService.exe (pdfforge GbR)
PRC - D:\Program Files\lsm\lsm.exe (MS)
PRC - D:\Program Files\lsm\aus.exe (MS)
PRC - D:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - D:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - D:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
PRC - D:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.)
PRC - D:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.)
PRC - D:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.)
PRC - D:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe (GFI Software)
PRC - D:\Program Files\Microsoft\BingBar\7.1.391.0\BBSvc.exe (Microsoft Corporation.)
PRC - D:\Windows\explorer.exe (Microsoft Corporation)
PRC - \\?\D:\Windows\System32\wbem\WMIADAP.EXE ()
PRC - D:\Program Files\LSI SoftModem\agrsmsvc.exe (LSI Corporation)


========== Modules (No Company Name) ==========

MOD - D:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl ()
MOD - D:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl ()
MOD - D:\Program Files\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl ()
MOD - D:\Program Files\Spybot - Search & Destroy 2\JSDialogPack150.bpl ()
MOD - D:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl ()
MOD - D:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf ()


========== Services (SafeList) ==========

SRV - (SDWSCService) -- D:\Program Files\Spybot File not found
SRV - (SDUpdateService) -- D:\Program Files\Spybot File not found
SRV - (SDScannerService) -- D:\Program Files\Spybot File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- D:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (Ad-Aware Service) -- D:\Program Files\Ad-Aware Antivirus\AdAwareService.exe (Lavasoft Limited)
SRV - (BstHdLogRotatorSvc) -- D:\Program Files\BlueStacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.)
SRV - (BstHdAndroidSvc) -- D:\Program Files\BlueStacks\HD-Service.exe (BlueStack Systems, Inc.)
SRV - (WatAdminSvc) -- D:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (PDF Architect Service) -- D:\Program Files\PDF Architect\ConversionService.exe (pdfforge GbR)
SRV - (PDF Architect Helper Service) -- D:\Program Files\PDF Architect\HelperService.exe (pdfforge GbR)
SRV - (Log S.M.) -- D:\Program Files\lsm\lsm.exe (MS)
SRV - (AUS) -- D:\Program Files\lsm\aus.exe (MS)
SRV - (Microsoft SharePoint Workspace Audit Service) -- D:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
SRV - (SBAMSvc) -- D:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe (GFI Software)
SRV - (BBUpdate) -- D:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.exe (Microsoft Corporation.)
SRV - (BBSvc) -- D:\Program Files\Microsoft\BingBar\7.1.391.0\BBSvc.exe (Microsoft Corporation.)
SRV - (SensrSvc) -- D:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- D:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- D:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (AgereModemAudio) -- D:\Program Files\LSI SoftModem\agrsmsvc.exe (LSI Corporation)


========== Driver Services (SafeList) ==========

DRV - (VGPU) -- System32\drivers\rdvgkmd.sys File not found
DRV - (VBoxNetFlt) -- system32\DRIVERS\VBoxNetFlt.sys File not found
DRV - (tsusbhub) -- system32\drivers\tsusbhub.sys File not found
DRV - (Synth3dVsc) -- System32\drivers\synth3dvsc.sys File not found
DRV - (gfibto) -- D:\Windows\System32\drivers\gfibto.sys (GFI Software)
DRV - (BstHdDrv) -- D:\Program Files\BlueStacks\HD-Hypervisor-x86.sys (BlueStack Systems)
DRV - (gfiark) -- D:\Windows\System32\drivers\gfiark.sys (GFI Software)
DRV - (VBoxNetAdp) -- D:\Windows\System32\drivers\VBoxNetAdp.sys (Oracle Corporation)
DRV - (sbapifs) -- D:\Windows\System32\drivers\sbapifs.sys (GFI Software)
DRV - (RdpVideoMiniport) -- D:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- D:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (speedfan) -- D:\Windows\System32\speedfan.sys (Almico Software)
DRV - (vmbus) -- D:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- D:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- D:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (WinUsb) -- D:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (VMBusHID) -- D:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (s3cap) -- D:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (nvlddmkm) -- D:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (AgereSoftModem) -- D:\Windows\System32\drivers\AGRSM.sys (LSI Corporation)
DRV - (WSDPrintDevice) -- D:\Windows\System32\drivers\WSDPrint.sys (Microsoft Corporation)
DRV - (PID_0928) -- D:\Windows\System32\drivers\LV561AV.SYS (Logitech Inc.)
DRV - (LVUSBSta) -- D:\Windows\System32\drivers\LVUSBSta.sys (Logitech Inc.)
DRV - (giveio) -- D:\Windows\System32\giveio.sys ()


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2468678141-3928519835-1707615019-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.libero.it/
IE - HKU\S-1-5-21-2468678141-3928519835-1707615019-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://it.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-2468678141-3928519835-1707615019-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = it
IE - HKU\S-1-5-21-2468678141-3928519835-1707615019-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B8 73 5D 20 A4 00 CE 01 [binary data]
IE - HKU\S-1-5-21-2468678141-3928519835-1707615019-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2468678141-3928519835-1707615019-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2468678141-3928519835-1707615019-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-2468678141-3928519835-1707615019-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2468678141-3928519835-1707615019-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: D:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_171.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: D:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: D:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: D:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: D:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: D:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: D:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: D:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: D:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFPDFArchitectConverter@pdfarchitect.com: D:\Program Files\PDF Architect\FFPDFArchitectExt [2013/02/17 18:31:31 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - default_search_provider: SecureSearch (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url =
CHR - homepage: http://securesearch.lavasoft.com/?source=f439e2c0&tbp=homepage&toolbarid=adawaretb&v=2_5&u=5DF2F6877DBFEEA8B1456D513A57DC14
CHR - plugin: Shockwave Flash (Enabled) = D:\Program Files\Google\Chrome\Application\25.0.1364.160\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = D:\Program Files\Google\Chrome\Application\25.0.1364.160\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = D:\Program Files\Google\Chrome\Application\25.0.1364.160\pdf.dll
CHR - plugin: Google Update (Enabled) = D:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = D:\Program Files\Microsoft Silverlight\4.0.50401.0\npctrl.dll
CHR - Extension: Documenti Google = D:\Users\Ciro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = D:\Users\Ciro\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = D:\Users\Ciro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Ricerca Google = D:\Users\Ciro\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: AdBlock = D:\Users\Ciro\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.61_0\
CHR - Extension: Gmail = D:\Users\Ciro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - D:\Windows\System32\drivers\etc\hosts
O2 - BHO: (PDF Architect Helper) - {3A2D5EBA-F86D-4BD3-A177-019765996711} - D:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - D:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (PDF Architect Toolbar) - {25A3A431-30BB-47C8-AD6A-E1063801134F} - D:\Program Files\PDF Architect\PDFIEPlugin.dll (pdfforge GbR)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - D:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O4 - HKLM..\Run: [Ad-Aware Antivirus] D:\Program Files\Ad-Aware Antivirus\AdAwareLauncher.exe (Lavasoft Limited)
O4 - HKLM..\Run: [Ad-Aware Browsing Protection] D:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
O4 - HKLM..\Run: [SDTray] D:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [SearchProtection] D:\ProgramData\Search Protection\_run.bat File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] D:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] D:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://D:\PROGRA~1\MICROS~4\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: I&nvia a OneNote - res://D:\PROGRA~1\MICROS~4\Office14\ONBttnIE.dll/105 File not found
O9 - Extra Button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - D:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D6EBBB07-4548-40A9-AB06-DEB7E9FC0E17}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - D:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (D:\Windows\system32\userinit.exe) - D:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - D:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/12/10 22:18:10 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2001/07/27 20:07:38 | 000,000,000 | -HS- | M] () - E:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2004/04/30 12:01:14 | 000,000,053 | -HS- | M] () - E:\Autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 60 Days ==========

[2013/03/11 19:41:43 | 000,602,112 | ---- | C] (OldTimer Tools) -- D:\Users\Ciro\Desktop\OTL.exe
[2013/03/11 17:52:29 | 000,262,560 | ---- | C] (Oracle Corporation) -- D:\Windows\System32\javaws.exe
[2013/03/11 17:51:55 | 000,000,000 | ---D | C] -- D:\Users\Ciro\Documents\ProcAlyzer Dumps
[2013/03/11 17:51:49 | 000,174,496 | ---- | C] (Oracle Corporation) -- D:\Windows\System32\javaw.exe
[2013/03/11 17:51:49 | 000,174,496 | ---- | C] (Oracle Corporation) -- D:\Windows\System32\java.exe
[2013/03/11 17:51:49 | 000,094,112 | ---- | C] (Oracle Corporation) -- D:\Windows\System32\WindowsAccessBridge.dll
[2013/03/11 16:37:02 | 000,000,000 | ---D | C] -- D:\ProgramData\Spybot - Search & Destroy
[2013/03/11 16:36:55 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2013/03/11 16:36:47 | 000,015,224 | ---- | C] (Safer Networking Limited) -- D:\Windows\System32\sdnclean.exe
[2013/03/11 16:36:39 | 000,000,000 | ---D | C] -- D:\Program Files\Spybot - Search & Destroy 2
[2013/03/08 23:49:42 | 000,035,896 | ---- | C] (GFI Software) -- D:\Windows\System32\drivers\gfiark.sys
[2013/03/08 23:06:31 | 000,000,000 | ---D | C] -- D:\Users\Ciro\AppData\Roaming\Hide IP Speed
[2013/03/08 22:43:23 | 000,000,000 | ---D | C] -- D:\Windows\System32\drivers\VDD
[2013/03/08 22:32:55 | 000,000,000 | ---D | C] -- D:\ProgramData\Ad-Aware Antivirus
[2013/03/08 22:32:54 | 000,000,000 | ---D | C] -- D:\Users\Ciro\AppData\Roaming\LavasoftStatistics
[2013/03/08 22:29:10 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
[2013/03/08 22:28:51 | 000,000,000 | ---D | C] -- D:\ProgramData\Lavasoft
[2013/03/08 22:28:39 | 000,000,000 | ---D | C] -- D:\Program Files\Ad-Aware Antivirus
[2013/03/08 22:28:02 | 000,000,000 | ---D | C] -- D:\ProgramData\Downloaded Installations
[2013/03/08 22:27:54 | 000,000,000 | ---D | C] -- D:\Users\Ciro\AppData\Local\adawarebp
[2013/03/08 22:27:52 | 000,000,000 | ---D | C] -- D:\ProgramData\Ad-Aware Browsing Protection
[2013/03/08 22:27:46 | 000,000,000 | ---D | C] -- D:\Program Files\Toolbar Cleaner
[2013/03/08 22:27:35 | 000,000,000 | ---D | C] -- D:\Program Files\adawaretb
[2013/03/08 22:26:20 | 000,013,560 | ---- | C] (GFI Software) -- D:\Windows\System32\drivers\gfibto.sys
[2013/03/08 22:26:15 | 000,000,000 | ---D | C] -- D:\Users\Ciro\AppData\Roaming\Ad-Aware Antivirus
[2013/03/07 21:56:32 | 000,000,000 | ---D | C] -- D:\Program Files\stinger
[2013/03/07 21:44:14 | 000,000,000 | ---D | C] -- D:\Users\Ciro\AppData\Roaming\Malwarebytes
[2013/03/07 21:43:59 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/03/07 21:43:58 | 000,000,000 | ---D | C] -- D:\ProgramData\Malwarebytes
[2013/03/07 21:43:56 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- D:\Windows\System32\drivers\mbam.sys
[2013/03/07 21:43:55 | 000,000,000 | ---D | C] -- D:\Program Files\Malwarebytes' Anti-Malware
[2013/03/06 23:19:04 | 000,000,000 | ---D | C] -- D:\Users\Ciro\AppData\Roaming\Apple Computer
[2013/03/06 23:19:04 | 000,000,000 | ---D | C] -- D:\Users\Ciro\AppData\Local\Apple Computer
[2013/03/06 23:18:55 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013/03/06 23:17:59 | 000,000,000 | ---D | C] -- D:\Program Files\iPod
[2013/03/06 23:17:57 | 000,000,000 | ---D | C] -- D:\Program Files\iTunes
[2013/03/06 23:17:57 | 000,000,000 | ---D | C] -- D:\ProgramData\Apple Computer
[2013/03/06 23:17:57 | 000,000,000 | ---D | C] -- D:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013/03/06 23:16:21 | 000,000,000 | ---D | C] -- D:\Users\Ciro\AppData\Local\Apple
[2013/03/06 23:16:15 | 000,000,000 | ---D | C] -- D:\Program Files\Apple Software Update
[2013/03/06 23:15:26 | 000,000,000 | ---D | C] -- D:\Program Files\Bonjour
[2013/03/06 23:15:04 | 000,000,000 | ---D | C] -- D:\ProgramData\Apple
[2013/03/06 23:15:04 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Apple
[2013/03/05 19:10:22 | 000,000,000 | ---D | C] -- D:\Users\Ciro\Desktop\Nuova cartella (2)
[2013/03/04 17:27:56 | 000,000,000 | ---D | C] -- D:\Users\Ciro\AppData\Roaming\vlc
[2013/03/04 17:27:45 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2013/03/04 16:55:19 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
[2013/03/04 16:55:19 | 000,000,000 | ---D | C] -- D:\Program Files\BlueStacks
[2013/03/02 23:10:37 | 000,000,000 | ---D | C] -- D:\ProgramData\BlueStacks
[2013/03/02 19:44:31 | 000,000,000 | ---D | C] -- D:\ProgramData\BlueStacksSetup
[2013/03/02 18:00:49 | 000,000,000 | ---D | C] -- D:\Users\Ciro\Desktop\Nuova cartella
[2013/03/01 18:40:14 | 000,000,000 | ---D | C] -- D:\Program Files\Buffetti
[2013/03/01 18:39:38 | 000,253,952 | ---- | C] (Microsoft Corporation) -- D:\Windows\Setup1.exe
[2013/03/01 18:39:36 | 000,074,752 | ---- | C] (Microsoft Corporation) -- D:\Windows\ST6UNST.EXE
[2013/02/28 20:13:24 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Java
[2013/02/28 20:12:06 | 000,000,000 | ---D | C] -- D:\Program Files\Java
[2013/02/27 17:21:09 | 000,187,392 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\UIAnimation.dll
[2013/02/27 17:21:00 | 000,417,792 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\WMPhoto.dll
[2013/02/27 17:20:57 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/02/27 17:20:57 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/02/27 17:20:57 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/02/27 17:20:56 | 000,364,544 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XpsGdiConverter.dll
[2013/02/27 17:20:55 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/02/27 17:20:55 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/02/27 17:20:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/02/27 17:20:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
[2013/02/27 17:20:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/02/27 17:20:54 | 002,284,544 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msmpeg2vdec.dll
[2013/02/27 17:20:54 | 001,988,096 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3d10warp.dll
[2013/02/27 17:20:54 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/02/27 17:20:53 | 001,504,768 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3d11.dll
[2013/02/27 17:20:53 | 000,604,160 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3d10level9.dll
[2013/02/27 17:20:53 | 000,293,376 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\dxgi.dll
[2013/02/27 17:20:53 | 000,249,856 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3d10_1core.dll
[2013/02/27 17:20:53 | 000,220,160 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3d10core.dll
[2013/02/27 17:20:53 | 000,161,792 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3d10_1.dll
[2013/02/27 17:20:52 | 001,247,744 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\DWrite.dll
[2013/02/27 17:20:52 | 001,158,144 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XpsPrint.dll
[2013/02/27 17:20:52 | 001,080,832 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3d10.dll
[2013/02/27 17:20:52 | 000,207,872 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\WindowsCodecsExt.dll
[2013/02/27 17:20:51 | 003,419,136 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d2d1.dll
[2013/02/27 17:15:11 | 000,000,000 | ---D | C] -- D:\Users\Ciro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Productiva 2013
[2013/02/24 21:55:32 | 000,000,000 | ---D | C] -- D:\Users\Ciro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LinuxLive USB Creator
[2013/02/24 21:55:28 | 000,000,000 | ---D | C] -- D:\Program Files\LinuxLive USB Creator
[2013/02/24 21:36:37 | 000,000,000 | ---D | C] -- D:\Users\Ciro\.VirtualBox
[2013/02/24 21:34:57 | 000,188,328 | ---- | C] (Oracle Corporation) -- D:\Windows\System32\drivers\VBoxDrv.sys
[2013/02/24 21:34:39 | 000,094,632 | ---- | C] (Oracle Corporation) -- D:\Windows\System32\drivers\VBoxUSBMon.sys
[2013/02/21 17:23:08 | 000,000,000 | ---D | C] -- D:\Program Files\VideoLAN
[2013/02/20 22:54:19 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\eMule
[2013/02/20 22:54:16 | 000,000,000 | ---D | C] -- D:\Program Files\eMule
[2013/02/18 19:23:10 | 000,000,000 | ---D | C] -- D:\ProgramData\Kaspersky Lab
[2013/02/17 20:39:29 | 002,382,848 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mshtml.tlb
[2013/02/17 20:39:27 | 000,065,024 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\jsproxy.dll
[2013/02/17 20:39:26 | 000,607,744 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msfeeds.dll
[2013/02/17 20:39:26 | 000,176,640 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ieui.dll
[2013/02/17 20:39:26 | 000,142,848 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ieUnatt.exe
[2013/02/17 20:39:24 | 001,800,704 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\jscript9.dll
[2013/02/17 20:39:23 | 000,231,936 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\url.dll
[2013/02/17 20:39:21 | 001,427,968 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\inetcpl.cpl
[2013/02/17 20:33:21 | 002,347,008 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\win32k.sys
[2013/02/17 20:33:14 | 000,187,752 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\drivers\FWPKCLNT.SYS
[2013/02/17 20:32:56 | 003,967,848 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ntkrnlpa.exe
[2013/02/17 20:32:55 | 003,913,064 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ntoskrnl.exe
[2013/02/17 20:32:47 | 000,169,984 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\winsrv.dll
[2013/02/17 19:14:24 | 000,000,000 | ---D | C] -- D:\Users\Ciro\.pdfsam
[2013/02/17 19:12:14 | 000,000,000 | ---D | C] -- D:\ProgramData\Sun
[2013/02/17 19:11:46 | 000,861,088 | ---- | C] (Oracle Corporation) -- D:\Windows\System32\npDeployJava1.dll
[2013/02/17 19:11:46 | 000,782,240 | ---- | C] (Oracle Corporation) -- D:\Windows\System32\deployJava1.dll
[2013/02/17 19:07:41 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Split And Merge Basic
[2013/02/17 19:07:41 | 000,000,000 | ---D | C] -- D:\Program Files\PDF Split And Merge Basic
[2013/02/17 19:06:06 | 000,000,000 | ---D | C] -- D:\Users\Ciro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2013/02/17 19:06:05 | 000,000,000 | ---D | C] -- D:\Program Files\VS Revo Group
[2013/02/17 18:34:34 | 000,000,000 | ---D | C] -- D:\Users\Ciro\AppData\Roaming\PDF Architect
[2013/02/17 18:31:41 | 000,000,000 | ---D | C] -- D:\Users\Ciro\Documents\PDF Architect Files
[2013/02/17 18:31:36 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect
[2013/02/17 18:31:07 | 000,000,000 | ---D | C] -- D:\Program Files\PDF Architect
[2013/02/17 18:30:41 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
[2013/02/17 18:30:36 | 000,662,288 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\MSCOMCT2.OCX
[2013/02/17 18:30:36 | 000,137,000 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\MSMAPI32.OCX
[2013/02/17 18:30:36 | 000,088,576 | ---- | C] (pdfforge GbR) -- D:\Windows\System32\pdfcmon.dll
[2013/02/17 18:30:33 | 000,150,528 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\MSCMCIT.DLL
[2013/02/17 18:30:33 | 000,122,128 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\Vb6it.dll
[2013/02/17 18:30:33 | 000,063,488 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\MSCC2IT.DLL
[2013/02/17 18:30:33 | 000,023,552 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\MSMPIDE.DLL
[2013/02/17 18:30:32 | 000,000,000 | ---D | C] -- D:\Program Files\PDFCreator
[2013/02/16 22:40:21 | 000,000,000 | ---D | C] -- D:\Users\Ciro\AppData\Roaming\GlarySoft
[2013/02/16 22:15:37 | 000,000,000 | ---D | C] -- D:\ProgramData\eMule
[2013/02/16 22:12:57 | 000,000,000 | ---D | C] -- D:\Users\Ciro\AppData\Local\eMule
[2013/02/16 22:12:20 | 000,000,000 | ---D | C] -- D:\Program Files\lsm
[2013/02/16 19:40:13 | 000,000,000 | ---D | C] -- D:\Users\Ciro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2013/02/16 19:40:13 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2013/02/16 17:41:45 | 000,000,000 | ---D | C] -- D:\Users\Ciro\Documents\e.c
[2013/02/14 17:10:20 | 000,000,000 | ---D | C] -- D:\Program Files\SpeedFan
[2013/02/13 23:34:18 | 000,000,000 | ---D | C] -- D:\Users\Ciro\Documents\File di Outlook
[2013/02/11 22:55:29 | 000,000,000 | ---D | C] -- D:\Users\Ciro\AppData\Roaming\LibreOffice
[2013/02/11 22:18:02 | 000,000,000 | ---D | C] -- D:\Users\Ciro\AppData\Roaming\LibreOffice 1
[2013/02/06 19:27:37 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities
[2013/02/06 19:27:23 | 000,000,000 | ---D | C] -- D:\Program Files\Glary Utilities
[2013/02/06 19:25:34 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013/02/06 19:25:32 | 000,000,000 | ---D | C] -- D:\Program Files\CCleaner
[2013/02/06 16:47:49 | 000,000,000 | ---D | C] -- D:\Users\Ciro\Documents\Banca Popolare
[2013/02/05 19:54:46 | 000,012,288 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
[2013/02/05 19:54:45 | 000,014,848 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\drivers\rdpvideominiport.sys
[2013/02/05 19:54:44 | 000,013,312 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
[2013/02/05 19:54:44 | 000,012,800 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\RdpGroupPolicyExtension.dll
[2013/02/05 19:54:43 | 000,049,664 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\drivers\TsUsbFlt.sys
[2013/02/05 19:54:40 | 000,037,376 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\tsgqec.dll
[2013/02/05 19:54:40 | 000,032,768 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\TsUsbGDCoInstaller.dll
[2013/02/05 19:54:40 | 000,016,896 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wksprtPS.dll
[2013/02/05 19:54:39 | 000,269,312 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\aaclient.dll
[2013/02/05 19:54:39 | 000,221,184 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\rdpudd.dll
[2013/02/05 19:54:39 | 000,056,320 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\TSWbPrxy.exe
[2013/02/05 19:54:39 | 000,046,592 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\MsRdpWebAccess.dll
[2013/02/05 19:54:38 | 000,317,440 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wksprt.exe
[2013/02/05 19:54:38 | 000,192,000 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\rdpendp_winip.dll
[2013/02/05 19:54:37 | 002,739,712 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\rdpcorets.dll
[2013/02/05 19:49:02 | 000,156,672 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ncsi.dll
[2013/02/05 19:49:01 | 000,240,496 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\drivers\netio.sys
[2013/02/05 19:49:01 | 000,175,104 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\netcorehc.dll
[2013/02/05 19:49:00 | 000,018,944 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\netevent.dll
[2013/02/05 19:48:55 | 000,514,560 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\qdvd.dll
[2013/02/05 19:48:21 | 000,245,760 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\OxpsConverter.exe
[2013/02/05 19:48:14 | 000,033,280 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\drivers\RNDISMP.sys
[2013/02/05 19:48:10 | 000,193,536 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\dhcpcore6.dll
[2013/02/05 19:48:10 | 000,044,032 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\dhcpcsvc6.dll
[2013/02/05 19:45:04 | 000,049,152 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\taskhost.exe
[2013/02/04 21:47:03 | 000,000,000 | ---D | C] -- D:\Users\Ciro\AppData\Local\Microsoft Games
[2013/02/04 20:45:00 | 000,000,000 | ---D | C] -- D:\Windows\System32\SPReview
[2013/02/04 20:43:54 | 000,000,000 | ---D | C] -- D:\Windows\System32\EventProviders
[2013/02/04 20:32:36 | 000,053,760 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\LSCSHostPolicy.dll
[2013/02/04 20:32:32 | 000,954,752 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mfc40.dll
[2013/02/04 20:32:32 | 000,954,288 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mfc40u.dll
[2013/02/04 20:32:32 | 000,120,320 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\tssrvlic.dll
[2013/02/04 20:32:29 | 000,423,936 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\secproc_isv.dll
[2013/02/04 20:32:28 | 000,428,032 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\secproc.dll
[2013/02/04 20:32:28 | 000,327,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\RMActivate_isv.exe
[2013/02/04 20:32:27 | 000,322,048 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\RMActivate.exe
[2013/02/04 20:32:25 | 000,253,952 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\spwizui.dll
[2013/02/04 20:32:23 | 003,207,680 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mf.dll
[2013/02/04 20:32:23 | 001,334,272 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\CertEnroll.dll
[2013/02/04 20:32:23 | 000,520,064 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mcupdate_GenuineIntel.dll
[2013/02/04 20:32:21 | 000,295,264 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\PresentationHost.exe
[2013/02/04 20:32:21 | 000,099,176 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\PresentationHostProxy.dll
[2013/02/04 20:32:19 | 001,115,136 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\RacEngn.dll
[2013/02/04 20:32:17 | 005,066,752 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\AuthFWSnapin.dll
[2013/02/04 20:32:14 | 001,493,504 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ExplorerFrame.dll
[2013/02/04 20:32:12 | 001,828,352 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3d9.dll
[2013/02/04 20:32:11 | 000,505,856 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\taskschd.dll
[2013/02/04 20:32:09 | 000,456,192 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\spinstall.exe
[2013/02/04 20:32:09 | 000,280,576 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\spreview.exe
[2013/02/04 20:32:09 | 000,051,200 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\PushPrinterConnections.exe
[2013/02/04 20:32:08 | 000,381,440 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wer.dll
[2013/02/04 20:32:06 | 001,371,136 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\dwmcore.dll
[2013/02/04 20:32:06 | 000,863,744 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\diagperf.dll
[2013/02/04 20:32:05 | 000,136,704 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\scavengeui.dll
[2013/02/04 20:32:04 | 003,367,424 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\WinSAT.exe
[2013/02/04 20:32:03 | 000,597,504 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\TSWorkspace.dll
[2013/02/04 20:32:03 | 000,270,848 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\tsmf.dll
[2013/02/04 20:32:01 | 002,522,624 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\dbgeng.dll
[2013/02/04 20:32:00 | 000,260,608 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\rdpshell.exe
[2013/02/04 20:31:59 | 001,619,456 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\WMVDECOD.DLL
[2013/02/04 20:31:58 | 000,584,192 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\gpprefcl.dll
[2013/02/04 20:31:58 | 000,252,928 | ---- | C] (Microsoft) -- D:\Windows\System32\DShowRdpFilter.dll
[2013/02/04 20:31:57 | 002,151,936 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mmcndmgr.dll
[2013/02/04 20:31:57 | 000,049,488 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\netfxperf.dll
[2013/02/04 20:31:56 | 001,792,000 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\authui.dll
[2013/02/04 20:31:56 | 000,974,336 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\sppobjs.dll
[2013/02/04 20:31:56 | 000,732,160 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\imapi2fs.dll
[2013/02/04 20:31:56 | 000,341,504 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msdrm.dll
[2013/02/04 20:31:55 | 000,547,840 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\PortableDeviceApi.dll
[2013/02/04 20:31:55 | 000,220,672 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mcbuilder.exe
[2013/02/04 20:31:54 | 001,555,456 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\certmgr.dll
[2013/02/04 20:31:54 | 000,323,072 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\drvstore.dll
[2013/02/04 20:31:53 | 001,712,640 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xpsservices.dll
[2013/02/04 20:31:53 | 000,508,904 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\winload.exe
[2013/02/04 20:31:52 | 000,412,160 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\sppwinob.dll
[2013/02/04 20:31:52 | 000,302,592 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\cmd.exe
[2013/02/04 20:31:51 | 000,206,336 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\framedynos.dll
[2013/02/04 20:31:50 | 000,296,448 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mfds.dll
[2013/02/04 20:31:50 | 000,140,800 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\rdpendp.dll
[2013/02/04 20:31:49 | 000,762,880 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\azroles.dll
[2013/02/04 20:31:49 | 000,442,720 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\winresume.exe
[2013/02/04 20:31:49 | 000,351,232 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wmicmiplugin.dll
[2013/02/04 20:31:49 | 000,173,568 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\rdpclip.exe
[2013/02/04 20:31:48 | 001,063,936 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\werconcpl.dll
[2013/02/04 20:31:48 | 000,339,968 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\appmgr.dll
[2013/02/04 20:31:45 | 000,801,280 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\NaturalLanguage6.dll
[2013/02/04 20:31:45 | 000,196,608 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mfreadwrite.dll
[2013/02/04 20:31:45 | 000,144,768 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\basecsp.dll
[2013/02/04 20:31:44 | 000,488,448 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\evr.dll
[2013/02/04 20:31:44 | 000,305,152 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\taskcomp.dll
[2013/02/04 20:31:44 | 000,161,280 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\rdpinit.exe
[2013/02/04 20:31:43 | 000,776,192 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\calc.exe
[2013/02/04 20:31:43 | 000,335,872 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\WinSATAPI.dll
[2013/02/04 20:31:42 | 000,778,240 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\sqlsrv32.dll
[2013/02/04 20:31:42 | 000,242,176 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\vpnike.dll
[2013/02/04 20:31:41 | 002,983,424 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\UIRibbon.dll
[2013/02/04 20:31:41 | 000,477,696 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\lpksetup.exe
[2013/02/04 20:31:41 | 000,271,664 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\fveapi.dll
[2013/02/04 20:31:40 | 000,133,632 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\tspubwmi.dll
[2013/02/04 20:31:39 | 000,155,136 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\hgprint.dll
[2013/02/04 20:31:38 | 000,116,736 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\prncache.dll
[2013/02/04 20:31:37 | 000,458,752 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\WSDApi.dll
[2013/02/04 20:31:37 | 000,352,256 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wmpeffects.dll
[2013/02/04 20:31:36 | 000,690,680 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ci.dll
[2013/02/04 20:31:36 | 000,321,536 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\aepdu.dll
[2013/02/04 20:31:36 | 000,175,360 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\drivers\vmbus.sys
[2013/02/04 20:31:36 | 000,142,336 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\net1.exe
[2013/02/04 20:31:36 | 000,139,264 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\rpchttp.dll
[2013/02/04 20:31:36 | 000,119,808 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\aitagent.exe
[2013/02/04 20:31:35 | 000,246,272 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\scansetting.dll
[2013/02/04 20:31:34 | 002,504,192 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\WMVCORE.DLL
[2013/02/04 20:31:34 | 000,411,648 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wlangpui.dll
[2013/02/04 20:31:34 | 000,213,504 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\MMDevAPI.dll
[2013/02/04 20:31:33 | 001,750,528 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\pnidui.dll
[2013/02/04 20:31:33 | 000,167,936 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\QSHVHOST.DLL
[2013/02/04 20:31:33 | 000,109,056 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\t2embed.dll
[2013/02/04 20:31:33 | 000,101,760 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\consent.exe
[2013/02/04 20:31:32 | 002,146,304 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\SyncCenter.dll
[2013/02/04 20:31:32 | 000,782,336 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\webservices.dll
[2013/02/04 20:31:32 | 000,464,896 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\scrptadm.dll
[2013/02/04 20:31:32 | 000,225,792 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\netdiagfx.dll
[2013/02/04 20:31:32 | 000,154,624 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\tscfgwmi.dll
[2013/02/04 20:31:32 | 000,124,416 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\fde.dll
[2013/02/04 20:31:31 | 000,907,776 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\sdengin2.dll
[2013/02/04 20:31:31 | 000,215,552 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\vmicsvc.exe
[2013/02/04 20:31:31 | 000,051,712 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wscapi.dll
[2013/02/04 20:31:30 | 000,139,264 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\cscobj.dll
[2013/02/04 20:31:29 | 000,830,464 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\MSMPEG2ENC.DLL
[2013/02/04 20:31:29 | 000,727,040 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mcmde.dll
[2013/02/04 20:31:28 | 000,392,192 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\imapi2.dll
[2013/02/04 20:31:28 | 000,103,936 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\setupcl.exe
[2013/02/04 20:31:27 | 000,630,784 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\DXPTaskRingtone.dll
[2013/02/04 20:31:27 | 000,302,592 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\aeinv.dll
[2013/02/04 20:31:26 | 000,097,280 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\dwmredir.dll
[2013/02/04 20:31:25 | 001,624,064 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\WMPEncEn.dll
[2013/02/04 20:31:25 | 000,066,560 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\hbaapi.dll
[2013/02/04 20:31:24 | 002,217,856 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\bootres.dll
[2013/02/04 20:31:24 | 001,077,248 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\Narrator.exe
[2013/02/04 20:31:24 | 000,658,944 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\autofmt.exe
[2013/02/04 20:31:24 | 000,196,096 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\vaultsvc.dll
[2013/02/04 20:31:24 | 000,166,400 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\netiohlp.dll
[2013/02/04 20:31:24 | 000,100,864 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\audiodg.exe
[2013/02/04 20:31:23 | 000,679,424 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\autoconv.exe
[2013/02/04 20:31:23 | 000,195,584 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\AudioSes.dll
[2013/02/04 20:31:23 | 000,194,432 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\halmacpi.dll
[2013/02/04 20:31:23 | 000,194,432 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\hal.dll
[2013/02/04 20:31:23 | 000,028,672 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\proquota.exe
[2013/02/04 20:31:22 | 000,400,896 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ipsmsnap.dll
[2013/02/04 20:31:22 | 000,303,104 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msinfo32.exe
[2013/02/04 20:31:22 | 000,301,568 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\srchadmin.dll
[2013/02/04 20:31:22 | 000,181,760 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\tcpipcfg.dll
[2013/02/04 20:31:22 | 000,179,712 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\schtasks.exe
[2013/02/04 20:31:22 | 000,042,496 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mimefilt.dll
[2013/02/04 20:31:21 | 000,441,856 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\powercpl.dll
[2013/02/04 20:31:21 | 000,337,408 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msihnd.dll
[2013/02/04 20:31:21 | 000,222,208 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\eapphost.dll
[2013/02/04 20:31:21 | 000,202,752 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\framedyn.dll
[2013/02/04 20:31:21 | 000,035,968 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\drivers\winusb.sys
[2013/02/04 20:31:20 | 000,155,472 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mscorier.dll
[2013/02/04 20:31:19 | 000,665,600 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\AuxiliaryDisplayCpl.dll
[2013/02/04 20:31:19 | 000,399,872 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\DXP.dll
[2013/02/04 20:31:19 | 000,171,520 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\QAGENT.DLL
[2013/02/04 20:31:19 | 000,117,248 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\netid.dll
[2013/02/04 20:31:18 | 001,227,776 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wdc.dll
[2013/02/04 20:31:18 | 000,346,624 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\untfs.dll
[2013/02/04 20:31:17 | 001,131,008 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\sdclt.exe
[2013/02/04 20:31:17 | 000,933,376 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\Vault.dll
[2013/02/04 20:31:17 | 000,132,992 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\drivers\ataport.sys
[2013/02/04 20:31:17 | 000,078,848 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\nci.dll
[2013/02/04 20:31:16 | 001,326,592 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wlanpref.dll
[2013/02/04 20:31:16 | 001,003,008 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\WMNetMgr.dll
[2013/02/04 20:31:16 | 000,098,816 | ---- | C] (Microsoft) -- D:\Windows\System32\Robocopy.exe
[2013/02/04 20:31:15 | 001,400,320 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\DxpTaskSync.dll
[2013/02/04 20:31:14 | 001,040,384 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\Display.dll
[2013/02/04 20:31:14 | 000,417,792 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msdri.dll
[2013/02/04 20:31:14 | 000,316,416 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\sharemediacpl.dll
[2013/02/04 20:31:14 | 000,135,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XpsRasterService.dll
[2013/02/04 20:31:14 | 000,026,624 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\userinit.exe
[2013/02/04 20:31:13 | 000,352,768 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\termmgr.dll
[2013/02/04 20:31:13 | 000,324,608 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\puiobj.dll
[2013/02/04 20:31:12 | 001,188,864 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\DiagCpl.dll
[2013/02/04 20:31:12 | 000,288,256 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\eudcedit.exe
[2013/02/04 20:31:12 | 000,140,160 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\drivers\scsiport.sys
[2013/02/04 20:31:11 | 000,043,392 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\drivers\winhv.sys
[2013/02/04 20:31:11 | 000,040,704 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\drivers\vmstorfl.sys
[2013/02/04 20:31:10 | 001,066,496 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msdtctm.dll
[2013/02/04 20:31:10 | 000,428,032 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\biocpl.dll
[2013/02/04 20:31:10 | 000,416,768 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wiadefui.dll
[2013/02/04 20:31:10 | 000,233,984 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msconfig.exe
[2013/02/04 20:31:10 | 000,193,536 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\sppcomapi.dll
[2013/02/04 20:31:10 | 000,127,488 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\logoncli.dll
[2013/02/04 20:31:10 | 000,111,104 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\shsetup.dll
[2013/02/04 20:31:09 | 002,202,624 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\SensorsCpl.dll
[2013/02/04 20:31:09 | 002,157,568 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\themecpl.dll
[2013/02/04 20:31:09 | 000,856,576 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\FirewallControlPanel.dll
[2013/02/04 20:31:09 | 000,028,032 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\drivers\storvsc.sys
[2013/02/04 20:31:08 | 000,766,464 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wpccpl.dll
[2013/02/04 20:31:08 | 000,216,576 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\FWPUCLNT.DLL
[2013/02/04 20:31:08 | 000,109,056 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\dnscmmc.dll
[2013/02/04 20:31:07 | 000,413,696 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\PhotoScreensaver.scr
[2013/02/04 20:31:07 | 000,312,832 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\hgcpl.dll
[2013/02/04 20:31:06 | 000,481,792 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mscms.dll
[2013/02/04 20:31:06 | 000,429,056 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\localsec.dll
[2013/02/04 20:31:06 | 000,268,800 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mprddm.dll
[2013/02/04 20:31:06 | 000,080,720 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mscories.dll
[2013/02/04 20:31:06 | 000,078,848 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iasacct.dll
[2013/02/04 20:31:05 | 000,638,976 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\VAN.dll
[2013/02/04 20:31:05 | 000,600,576 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\PerfCenterCPL.dll
[2013/02/04 20:31:05 | 000,600,064 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\usercpl.dll
[2013/02/04 20:31:05 | 000,509,440 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\qedit.dll
[2013/02/04 20:31:05 | 000,410,112 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wlanui.dll
[2013/02/04 20:31:05 | 000,220,160 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\SndVolSSO.dll
[2013/02/04 20:31:05 | 000,133,632 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\bcdsrv.dll
[2013/02/04 20:31:04 | 001,644,032 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\netcenter.dll
[2013/02/04 20:31:04 | 000,941,568 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mblctr.exe
[2013/02/04 20:31:04 | 000,314,368 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\SndVol.exe
[2013/02/04 20:31:04 | 000,120,320 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\prntvpt.dll
[2013/02/04 20:31:04 | 000,066,048 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\w32tm.exe
[2013/02/04 20:31:03 | 003,727,872 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\accessibilitycpl.dll
[2013/02/04 20:31:03 | 000,352,768 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\spwizeng.dll
[2013/02/04 20:31:03 | 000,314,368 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\azroleui.dll
[2013/02/04 20:31:02 | 000,516,096 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\main.cpl
[2013/02/04 20:31:02 | 000,226,304 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\MSAC3ENC.DLL
[2013/02/04 20:31:02 | 000,190,976 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\drivers\ks.sys
[2013/02/04 20:31:02 | 000,161,792 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\netjoin.dll
[2013/02/04 20:31:02 | 000,059,904 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\fdeploy.dll
[2013/02/04 20:31:01 | 002,130,944 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\networkmap.dll
[2013/02/04 20:31:01 | 000,414,208 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mspbda.dll
[2013/02/04 20:31:01 | 000,320,512 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\Faultrep.dll
[2013/02/04 20:31:01 | 000,314,880 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wusa.exe
[2013/02/04 20:31:01 | 000,312,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\MCEWMDRMNDBootstrap.dll
[2013/02/04 20:31:01 | 000,186,880 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\adsldp.dll
[2013/02/04 20:31:00 | 000,755,200 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\sud.dll
[2013/02/04 20:31:00 | 000,744,448 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ActionCenter.dll
[2013/02/04 20:31:00 | 000,395,264 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\prnfldr.dll
[2013/02/04 20:31:00 | 000,218,112 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\OnLineIDCpl.dll
[2013/02/04 20:30:59 | 000,389,632 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\sysmon.ocx
[2013/02/04 20:30:59 | 000,325,632 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\slui.exe
[2013/02/04 20:30:59 | 000,271,360 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iprtrmgr.dll
[2013/02/04 20:30:59 | 000,266,752 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\MediaMetadataHandler.dll
[2013/02/04 20:30:59 | 000,233,472 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\taskbarcpl.dll
[2013/02/04 20:30:59 | 000,172,032 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iasrad.dll
[2013/02/04 20:30:58 | 000,692,736 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\bthprops.cpl
[2013/02/04 20:30:58 | 000,220,672 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\defaultlocationcpl.dll
[2013/02/04 20:30:58 | 000,137,088 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\halacpi.dll
[2013/02/04 20:30:58 | 000,082,432 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\dot3cfg.dll
[2013/02/04 20:30:58 | 000,055,808 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\drivers\hidclass.sys
[2013/02/04 20:30:58 | 000,042,496 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ftp.exe
[2013/02/04 20:30:57 | 000,577,024 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wpd_ci.dll
[2013/02/04 20:30:57 | 000,537,600 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ActionCenterCPL.dll
[2013/02/04 20:30:57 | 000,428,544 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\shwebsvc.dll
[2013/02/04 20:30:57 | 000,345,088 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\intl.cpl
[2013/02/04 20:30:57 | 000,205,312 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\efscore.dll
[2013/02/04 20:30:57 | 000,148,992 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ifsutil.dll
[2013/02/04 20:30:57 | 000,135,680 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\recovery.dll
[2013/02/04 20:30:57 | 000,019,456 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\sisbkup.dll
[2013/02/04 20:30:56 | 000,750,080 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\sdcpl.dll
[2013/02/04 20:30:56 | 000,600,576 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\TabletPC.cpl
[2013/02/04 20:30:56 | 000,484,864 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\DeviceCenter.dll
[2013/02/04 20:30:56 | 000,295,424 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\bcdedit.exe
[2013/02/04 20:30:56 | 000,146,944 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\autoplay.dll
[2013/02/04 20:30:55 | 000,738,816 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wmpmde.dll
[2013/02/04 20:30:55 | 000,115,712 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\sppnp.dll
[2013/02/04 20:30:55 | 000,068,608 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\WSTPager.ax
[2013/02/04 20:30:54 | 000,859,648 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\OobeFldr.dll
[2013/02/04 20:30:54 | 000,410,624 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\systemcpl.dll
[2013/02/04 20:30:54 | 000,297,472 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ntprint.dll
[2013/02/04 20:30:54 | 000,210,432 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\recdisc.exe
[2013/02/04 20:30:54 | 000,152,064 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\SmartcardCredentialProvider.dll
[2013/02/04 20:30:54 | 000,151,040 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\vdsutil.dll
[2013/02/04 20:30:54 | 000,146,944 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\bcdboot.exe
[2013/02/04 20:30:54 | 000,057,344 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\rdpsign.exe
[2013/02/04 20:30:53 | 000,743,424 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\blackbox.dll
[2013/02/04 20:30:53 | 000,656,384 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\nshwfp.dll
[2013/02/04 20:30:53 | 000,270,336 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\sethc.exe
[2013/02/04 20:30:53 | 000,175,104 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\fvecpl.dll
[2013/02/04 20:30:52 | 000,257,024 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\dpx.dll
[2013/02/04 20:30:52 | 000,193,536 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ksproxy.ax
[2013/02/04 20:30:52 | 000,182,272 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wmpsrcwp.dll
[2013/02/04 20:30:52 | 000,107,008 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\NAPHLPR.DLL
[2013/02/04 20:30:52 | 000,101,888 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\migisol.dll
[2013/02/04 20:30:52 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- D:\Windows\System32\fms.dll
[2013/02/04 20:30:51 | 000,346,112 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\nshipsec.dll
[2013/02/04 20:30:51 | 000,112,128 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\AuxiliaryDisplayServices.dll
[2013/02/04 20:30:51 | 000,067,584 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\asycfilt.dll
[2013/02/04 20:30:50 | 000,592,384 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msftedit.dll
[2013/02/04 20:30:50 | 000,254,976 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wsqmcons.exe
[2013/02/04 20:30:50 | 000,247,808 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ReAgent.dll
[2013/02/04 20:30:50 | 000,222,208 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wavemsp.dll
[2013/02/04 20:30:50 | 000,086,528 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\isoburn.exe
[2013/02/04 20:30:49 | 000,586,752 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\dfrgui.exe
[2013/02/04 20:30:49 | 000,428,032 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wlanmsm.dll
[2013/02/04 20:30:49 | 000,333,824 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\dot3ui.dll
[2013/02/04 20:30:48 | 000,444,928 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wvc.dll
[2013/02/04 20:30:48 | 000,406,528 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wimgapi.dll
[2013/02/04 20:30:48 | 000,198,144 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\sysclass.dll
[2013/02/04 20:30:48 | 000,197,632 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ocsetup.exe
[2013/02/04 20:30:48 | 000,047,616 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\tzutil.exe
[2013/02/04 20:30:47 | 000,438,272 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\AdmTmpl.dll
[2013/02/04 20:30:47 | 000,209,920 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\PkgMgr.exe
[2013/02/04 20:30:46 | 000,190,976 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\qcap.dll
[2013/02/04 20:30:46 | 000,113,152 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\setupugc.exe
[2013/02/04 20:30:46 | 000,051,200 | ---- | C] (Twain Working Group) -- D:\Windows\twain_32.dll
[2013/02/04 20:30:45 | 000,697,344 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\SmiEngine.dll
[2013/02/04 20:30:45 | 000,206,848 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\qasf.dll
[2013/02/04 20:30:45 | 000,170,496 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\PresentationSettings.exe
[2013/02/04 20:30:45 | 000,118,784 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\uxlib.dll
[2013/02/04 20:30:44 | 000,293,888 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ssText3d.scr
[2013/02/04 20:30:44 | 000,257,024 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\srrstr.dll
[2013/02/04 20:30:44 | 000,196,608 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wwanconn.dll
[2013/02/04 20:30:44 | 000,014,336 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\slwga.dll
[2013/02/04 20:30:43 | 000,616,960 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wmdrmsdk.dll
[2013/02/04 20:30:43 | 000,098,304 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\nslookup.exe
[2013/02/04 20:30:43 | 000,084,480 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mciavi32.dll
[2013/02/04 20:30:42 | 000,211,456 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\DevicePairingFolder.dll
[2013/02/04 20:30:41 | 000,504,320 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msscp.dll
[2013/02/04 20:30:41 | 000,327,680 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wimserv.exe
[2013/02/04 20:30:41 | 000,276,480 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\diskraid.exe
[2013/02/04 20:30:41 | 000,045,568 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\acppage.dll
[2013/02/04 20:30:40 | 000,186,368 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\rdpencom.dll
[2013/02/04 20:30:40 | 000,157,184 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\perfmon.exe
[2013/02/04 20:30:39 | 000,402,944 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\drmmgrtn.dll
[2013/02/04 20:30:39 | 000,292,864 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\WindowsAnytimeUpgradeResults.exe
[2013/02/04 20:30:39 | 000,202,240 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\input.dll
[2013/02/04 20:30:39 | 000,046,080 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\NAPCRYPT.DLL
[2013/02/04 20:30:38 | 000,327,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\nltest.exe
[2013/02/04 20:30:38 | 000,174,592 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ocsetapi.dll
[2013/02/04 20:30:38 | 000,078,848 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\UserAccountControlSettings.dll
[2013/02/04 20:30:38 | 000,025,600 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\vpnikeapi.dll
[2013/02/04 20:30:37 | 001,111,552 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\onexui.dll
[2013/02/04 20:30:37 | 000,219,648 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iTVData.dll
[2013/02/04 20:30:37 | 000,210,432 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\dxdiagn.dll
[2013/02/04 20:30:37 | 000,198,144 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wpdwcn.dll
[2013/02/04 20:30:37 | 000,160,256 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\vdsbas.dll
[2013/02/04 20:30:37 | 000,065,024 | ---- | C] (Microsoft Corporation) -- D:\Windows\bfsvc.exe
[2013/02/04 20:30:37 | 000,050,688 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\runonce.exe
[2013/02/04 20:30:36 | 000,095,232 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\logagent.exe
[2013/02/04 20:30:35 | 000,242,176 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\eapp3hst.dll
[2013/02/04 20:30:35 | 000,176,128 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\MFPlay.dll
[2013/02/04 20:30:35 | 000,117,760 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\drivers\rmcast.sys
[2013/02/04 20:30:34 | 000,507,392 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wmdrmdev.dll
[2013/02/04 20:30:34 | 000,108,032 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\shacct.dll
[2013/02/04 20:30:34 | 000,061,440 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\PnPUnattend.exe
[2013/02/04 20:30:33 | 000,186,368 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\bitsadmin.exe
[2013/02/04 20:30:33 | 000,059,392 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\unimdmat.dll
[2013/02/04 20:30:33 | 000,028,672 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iscsium.dll
[2013/02/04 20:30:33 | 000,021,504 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\lsmproxy.dll
[2013/02/04 20:30:32 | 001,160,192 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\OpcServices.dll
[2013/02/04 20:30:32 | 000,878,592 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\Bubbles.scr
[2013/02/04 20:30:32 | 000,309,760 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\sqlcese30.dll
[2013/02/04 20:30:32 | 000,183,296 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\PortableDeviceSyncProvider.dll
[2013/02/04 20:30:32 | 000,084,480 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\kstvtune.ax
[2013/02/04 20:30:32 | 000,074,240 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\tabcal.exe
[2013/02/04 20:30:32 | 000,052,224 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\rdpd3d.dll
[2013/02/04 20:30:31 | 000,427,520 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\PortableDeviceStatus.dll
[2013/02/04 20:30:31 | 000,350,720 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\WPDSp.dll
[2013/02/04 20:30:31 | 000,220,672 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\Ribbons.scr
[2013/02/04 20:30:31 | 000,132,608 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\MdSched.exe
[2013/02/04 20:30:31 | 000,099,328 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\QSVRMGMT.DLL
[2013/02/04 20:30:31 | 000,082,944 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\logman.exe
[2013/02/04 20:30:31 | 000,077,824 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\olethk32.dll
[2013/02/04 20:30:31 | 000,061,952 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\lpremove.exe
[2013/02/04 20:30:31 | 000,060,928 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ncryptui.dll
[2013/02/04 20:30:31 | 000,059,904 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\djoin.exe
[2013/02/04 20:30:31 | 000,040,960 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wwanprotdim.dll
[2013/02/04 20:30:30 | 000,902,656 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\WMADMOD.DLL
[2013/02/04 20:30:30 | 000,221,184 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\Mystify.scr
[2013/02/04 20:30:30 | 000,179,200 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ActionQueue.dll
[2013/02/04 20:30:30 | 000,142,336 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\powercfg.cpl
[2013/02/04 20:30:30 | 000,109,568 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\CscMig.dll
[2013/02/04 20:30:30 | 000,076,800 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mapistub.dll
[2013/02/04 20:30:30 | 000,076,800 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mapi32.dll
[2013/02/04 20:30:30 | 000,031,744 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\utildll.dll
[2013/02/04 20:30:29 | 000,541,184 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\WMVSDECD.DLL
[2013/02/04 20:30:29 | 000,153,600 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\VBICodec.ax
[2013/02/04 20:30:29 | 000,115,200 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\dot3msm.dll
[2013/02/04 20:30:29 | 000,109,568 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wiavideo.dll
[2013/02/04 20:30:29 | 000,107,008 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\Kswdmcap.ax
[2013/02/04 20:30:29 | 000,098,304 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\fphc.dll
[2013/02/04 20:30:29 | 000,051,200 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\takeown.exe
[2013/02/04 20:30:28 | 000,436,736 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wmdrmnet.dll
[2013/02/04 20:30:28 | 000,283,136 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\qdv.dll
[2013/02/04 20:30:28 | 000,265,216 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msnetobj.dll
[2013/02/04 20:30:28 | 000,128,512 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\EhStorAPI.dll
[2013/02/04 20:30:27 | 000,202,240 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\unattend.dll
[2013/02/04 20:30:27 | 000,100,864 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\sppinst.dll
[2013/02/04 20:30:27 | 000,084,992 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\cmstp.exe
[2013/02/04 20:30:27 | 000,071,680 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\QCLIPROV.DLL
[2013/02/04 20:30:27 | 000,066,560 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\cca.dll
[2013/02/04 20:30:26 | 000,739,328 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\WMSPDMOD.DLL
[2013/02/04 20:30:26 | 000,182,784 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\RelPost.exe
[2013/02/04 20:30:26 | 000,070,656 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\MuiUnattend.exe
[2013/02/04 20:30:26 | 000,056,832 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\vfwwdm32.dll
[2013/02/04 20:30:26 | 000,051,712 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wsnmp32.dll
[2013/02/04 20:30:26 | 000,046,592 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\pdhui.dll
[2013/02/04 20:30:26 | 000,044,032 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\basesrv.dll
[2013/02/04 20:30:26 | 000,025,088 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\qprocess.exe
[2013/02/04 20:30:25 | 000,176,128 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msorcl32.dll
[2013/02/04 20:30:25 | 000,122,880 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iasrecst.dll
[2013/02/04 20:30:25 | 000,115,712 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\setupcln.dll
[2013/02/04 20:30:25 | 000,050,688 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\umb.dll
[2013/02/04 20:30:25 | 000,028,160 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\AzSqlExt.dll
[2013/02/04 20:30:25 | 000,026,624 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\qwinsta.exe
[2013/02/04 20:30:25 | 000,024,576 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msg.exe
[2013/02/04 20:30:25 | 000,022,016 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\chglogon.exe
[2013/02/04 20:30:24 | 000,144,896 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iscsicli.exe
[2013/02/04 20:30:24 | 000,128,000 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\desk.cpl
[2013/02/04 20:30:24 | 000,126,464 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\BdeHdCfg.exe
[2013/02/04 20:30:24 | 000,061,952 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\spbcd.dll
[2013/02/04 20:30:24 | 000,047,104 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wkscli.dll
[2013/02/04 20:30:24 | 000,046,592 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\WavDest.dll
[2013/02/04 20:30:24 | 000,037,888 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\relog.exe
[2013/02/04 20:30:24 | 000,032,768 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\PrintIsolationProxy.dll
[2013/02/04 20:30:24 | 000,025,600 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\netiougc.exe
[2013/02/04 20:30:23 | 000,158,720 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\itircl.dll
[2013/02/04 20:30:23 | 000,133,632 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\diskpart.exe
[2013/02/04 20:30:23 | 000,085,504 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\secproc_ssp_isv.dll
[2013/02/04 20:30:23 | 000,085,504 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\secproc_ssp.dll
[2013/02/04 20:30:23 | 000,070,656 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\amstream.dll
[2013/02/04 20:30:23 | 000,053,248 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\MultiDigiMon.exe
[2013/02/04 20:30:23 | 000,024,064 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\netbtugc.exe
[2013/02/04 20:30:23 | 000,023,040 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\quser.exe
[2013/02/04 20:30:22 | 001,027,584 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\IMJP10.IME
[2013/02/04 20:30:22 | 000,430,080 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\FXSTIFF.dll
[2013/02/04 20:30:22 | 000,144,384 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wmpps.dll
[2013/02/04 20:30:22 | 000,065,024 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\CertPolEng.dll
[2013/02/04 20:30:22 | 000,050,176 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\setbcdlocale.dll
[2013/02/04 20:30:22 | 000,048,640 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ksxbar.ax
[2013/02/04 20:30:22 | 000,022,528 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\chgport.exe
[2013/02/04 20:30:22 | 000,022,016 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\tsdiscon.exe
[2013/02/04 20:30:22 | 000,021,504 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\qappsrv.exe
[2013/02/04 20:30:22 | 000,020,992 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\chgusr.exe
[2013/02/04 20:30:22 | 000,014,848 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\syssetup.dll
[2013/02/04 20:30:22 | 000,011,776 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\nrpsrv.dll
[2013/02/04 20:30:21 | 000,280,064 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\RMActivate_ssp.exe
[2013/02/04 20:30:21 | 000,278,016 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\RMActivate_ssp_isv.exe
[2013/02/04 20:30:21 | 000,094,208 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\eappgnui.dll
[2013/02/04 20:30:21 | 000,069,632 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\tlscsp.dll
[2013/02/04 20:30:21 | 000,062,976 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\findstr.exe
[2013/02/04 20:30:21 | 000,033,280 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wiarpc.dll
[2013/02/04 20:30:21 | 000,028,672 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\WerFaultSecure.exe
[2013/02/04 20:30:21 | 000,022,528 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\tskill.exe
[2013/02/04 20:30:21 | 000,022,016 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ReAgentc.exe
[2013/02/04 20:30:21 | 000,021,504 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\tscon.exe
[2013/02/04 20:30:21 | 000,021,504 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\logoff.exe
[2013/02/04 20:30:21 | 000,020,992 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\rwinsta.exe
[2013/02/04 20:30:20 | 000,082,944 | ---- | C] (Radius Inc.) -- D:\Windows\System32\iccvid.dll
[2013/02/04 20:30:20 | 000,036,352 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mciqtz32.dll
[2013/02/04 20:30:20 | 000,020,992 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\shadow.exe
[2013/02/04 20:30:20 | 000,013,312 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\muifontsetup.dll
[2013/02/04 20:30:19 | 000,121,344 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\sppc.dll
[2013/02/04 20:30:19 | 000,041,984 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\luainstall.dll
[2013/02/04 20:30:19 | 000,026,112 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\drivers\usbrpm.sys
[2013/02/04 20:30:19 | 000,022,528 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\HotStartUserAgent.dll
[2013/02/04 20:30:19 | 000,021,504 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\drivers\tdi.sys
[2013/02/04 20:30:19 | 000,019,968 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\spopk.dll
[2013/02/04 20:30:18 | 000,061,952 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\manage-bde.exe
[2013/02/04 20:30:18 | 000,057,344 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\repair-bde.exe
[2013/02/04 20:30:18 | 000,053,760 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\vmicres.dll
[2013/02/04 20:30:18 | 000,038,400 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\vmstorfltres.dll
[2013/02/04 20:30:18 | 000,034,304 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\unlodctr.exe
[2013/02/04 20:30:18 | 000,033,792 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\vbisurf.ax
[2013/02/04 20:30:18 | 000,031,744 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wdiasqmmodule.dll
[2013/02/04 20:30:18 | 000,030,720 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msdmo.dll
[2013/02/04 20:30:18 | 000,025,600 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\netcfg.exe
[2013/02/04 20:30:18 | 000,021,504 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\rdprefdrvapi.dll
[2013/02/04 20:30:17 | 000,052,736 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\inetmib1.dll
[2013/02/04 20:30:17 | 000,045,568 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\g711codc.ax
[2013/02/04 20:30:17 | 000,044,544 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\vmbusres.dll
[2013/02/04 20:30:17 | 000,040,960 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\odbcconf.dll
[2013/02/04 20:30:17 | 000,015,360 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\reset.exe
[2013/02/04 20:30:17 | 000,015,360 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\change.exe
[2013/02/04 20:30:17 | 000,014,848 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\query.exe
[2013/02/04 20:30:16 | 001,164,800 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\UIRibbonRes.dll
[2013/02/04 20:30:16 | 000,017,408 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\perfts.dll
[2013/02/04 20:30:15 | 000,039,424 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\FXSMON.dll
[2013/02/04 20:30:14 | 000,121,856 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\RDPENCDD.dll
[2013/02/04 20:30:14 | 000,022,528 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\elsTrans.dll
[2013/02/04 20:30:14 | 000,021,504 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\TRAPI.dll
[2013/02/04 20:30:14 | 000,019,456 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\bitsperf.dll
[2013/02/04 20:30:14 | 000,017,408 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\schedcli.dll
[2013/02/04 20:30:13 | 000,068,096 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\napdsnap.dll
[2013/02/04 20:30:13 | 000,030,208 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\dsauth.dll
[2013/02/04 20:30:12 | 000,009,728 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\sscore.dll
[2013/02/04 20:30:11 | 000,430,080 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\imkr80.ime
[2013/02/04 20:30:11 | 000,021,504 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wsdchngr.dll
[2013/02/04 20:30:11 | 000,008,704 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\riched32.dll
[2013/02/04 20:30:10 | 000,017,920 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\drivers\VMBusHID.sys
[2013/02/04 20:30:10 | 000,008,704 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\rdpcfgex.dll
[2013/02/04 20:30:08 | 000,025,856 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\drivers\USBCAMD.sys
[2013/02/04 20:30:08 | 000,011,264 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wshirda.dll
[2013/02/04 20:30:07 | 000,116,224 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\VmbusCoinstaller.dll
[2013/02/04 20:30:07 | 000,113,664 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\VmdCoinstall.dll
[2013/02/04 20:30:07 | 000,113,664 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\IcCoinstall.dll
[2013/02/04 20:30:07 | 000,047,616 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\vmictimeprovider.dll
[2013/02/04 20:30:07 | 000,025,856 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\drivers\USBCAMD2.sys
[2013/02/04 20:30:07 | 000,014,336 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\vmbuspipe.dll
[2013/02/04 20:30:07 | 000,008,192 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\spwmp.dll
[2013/02/04 20:30:06 | 000,026,624 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\RDPREFDD.dll
[2013/02/04 20:30:06 | 000,011,264 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\C_ISCII.DLL
[2013/02/04 20:30:06 | 000,010,752 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\shunimpl.dll
[2013/02/04 20:30:06 | 000,004,096 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msdxm.ocx
[2013/02/04 20:30:06 | 000,004,096 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\dxmasf.dll
[2013/02/04 20:30:04 | 012,625,408 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wmploc.DLL
[2013/02/04 20:30:04 | 000,007,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\kbdlk41a.dll
[2013/02/04 20:30:04 | 000,006,656 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\KBDSF.DLL
[2013/02/04 20:30:04 | 000,006,656 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\KBDNEPR.DLL
[2013/02/04 20:30:04 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\KBDUS.DLL
[2013/02/04 20:30:04 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\KBDUGHR1.DLL
[2013/02/04 20:30:04 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\KBDTURME.DLL
[2013/02/04 20:30:04 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\KBDTAJIK.DLL
[2013/02/04 20:30:04 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\KBDMON.DLL
[2013/02/04 20:30:04 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\KBDMAORI.DLL
[2013/02/04 20:30:04 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\KBDLT1.DLL
[2013/02/04 20:30:04 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\KBDINTEL.DLL
[2013/02/04 20:30:04 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\KBDINTAM.DLL
[2013/02/04 20:30:04 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\KBDINORI.DLL
[2013/02/04 20:30:04 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\KBDINKAN.DLL
[2013/02/04 20:30:04 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\KBDBULG.DLL
[2013/02/04 20:30:04 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\KBDBLR.DLL
[2013/02/04 20:30:04 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\KBDBASH.DLL
[2013/02/04 20:30:04 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\KBDGEO.DLL
[2013/02/04 20:30:03 | 000,069,120 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\nlsbres.dll
[2013/02/04 20:30:03 | 000,052,736 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\BlbEvents.dll
[2013/02/04 20:30:03 | 000,035,328 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\pifmgr.dll
[2013/02/04 20:30:03 | 000,007,680 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\spwizres.dll
[2013/02/04 20:30:03 | 000,007,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\KBDSG.DLL
[2013/02/04 20:30:03 | 000,007,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\KBDCZ1.DLL
[2013/02/04 20:30:03 | 000,006,656 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\KBDTUQ.DLL
[2013/02/04 20:30:03 | 000,006,656 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\KBDTUF.DLL
[2013/02/04 20:30:03 | 000,006,656 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\KBDPO.DLL
[2013/02/04 20:30:03 | 000,006,656 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\KBDINBEN.DLL
[2013/02/04 20:30:03 | 000,006,656 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\KBDGR1.DLL
[2013/02/04 20:30:03 | 000,006,656 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\KBDGKL.DLL
[2013/02/04 20:30:03 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\KBDINMAR.DLL
[2013/02/04 20:30:03 | 000,006,144 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\KBDINHIN.DLL
[2013/02/04 20:30:03 | 000,005,632 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\drivers\vms3cap.sys
[2013/02/04 20:29:46 | 000,189,952 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wdscore.dll
[2013/02/04 20:29:32 | 000,363,008 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wbemcomn.dll
[2013/02/04 20:29:22 | 000,189,952 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\sqmapi.dll
[2013/02/04 20:25:23 | 000,284,672 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\drivers\usbport.sys
[2013/02/04 20:25:22 | 000,005,888 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\drivers\usbd.sys
[2013/02/04 20:25:07 | 000,148,864 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\drivers\storport.sys
[2013/02/04 20:25:04 | 000,074,240 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\fsutil.exe
[2013/02/04 15:06:20 | 000,000,000 | ---D | C] -- D:\Users\Ciro\Documents\Money Express
[2013/02/04 14:17:08 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- D:\Windows\System32\atmfd.dll
[2013/02/04 14:17:08 | 000,070,656 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\fontsub.dll
[2013/02/04 14:17:08 | 000,034,304 | ---- | C] (Adobe Systems) -- D:\Windows\System32\atmlib.dll
[2013/02/04 11:20:38 | 000,000,000 | ---D | C] -- D:\ProgramData\NVIDIA
[2013/02/04 11:16:23 | 000,000,000 | ---D | C] -- D:\Windows\System32\Wat
[2013/02/04 00:49:51 | 000,248,448 | ---- | C] (Intel Corporation) -- D:\Windows\System32\PROUnstl.exe
[2013/02/04 00:28:18 | 000,047,720 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\drivers\WdfLdr.sys
[2013/02/04 00:28:18 | 000,009,728 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\Wdfres.dll
[2013/02/04 00:26:15 | 000,172,032 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\WUDFPlatform.dll
[2013/02/04 00:26:14 | 000,038,912 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\WUDFCoinstaller.dll
[2013/02/04 00:26:13 | 000,613,888 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\WUDFx.dll
[2013/02/04 00:22:44 | 003,695,416 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ieapfltr.dat
[2013/02/04 00:22:44 | 000,434,176 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ieapfltr.dll
[2013/02/04 00:22:44 | 000,367,104 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\html.iec
[2013/02/04 00:22:44 | 000,353,792 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\dxtmsft.dll
[2013/02/04 00:22:44 | 000,353,584 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iedkcs32.dll
[2013/02/04 00:22:44 | 000,227,840 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ieaksie.dll
[2013/02/04 00:22:44 | 000,223,232 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\dxtrans.dll
[2013/02/04 00:22:44 | 000,163,840 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ieakui.dll
[2013/02/04 00:22:44 | 000,162,304 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msrating.dll
[2013/02/04 00:22:44 | 000,161,792 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msls31.dll
[2013/02/04 00:22:44 | 000,152,064 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wextract.exe
[2013/02/04 00:22:44 | 000,150,528 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iexpress.exe
[2013/02/04 00:22:44 | 000,130,560 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ieakeng.dll
[2013/02/04 00:22:44 | 000,118,784 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iepeers.dll
[2013/02/04 00:22:44 | 000,110,592 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\IEAdvpack.dll
[2013/02/04 00:22:44 | 000,101,888 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\admparse.dll
[2013/02/04 00:22:44 | 000,086,528 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iesysprep.dll
[2013/02/04 00:22:44 | 000,078,848 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\inseng.dll
[2013/02/04 00:22:44 | 000,076,800 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\SetIEInstalledDate.exe
[2013/02/04 00:22:44 | 000,074,752 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\RegisterIEPKEYs.exe
[2013/02/04 00:22:44 | 000,074,752 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iesetup.dll
[2013/02/04 00:22:44 | 000,074,240 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ie4uinit.exe
[2013/02/04 00:22:44 | 000,054,272 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\pngfilt.dll
[2013/02/04 00:22:44 | 000,048,640 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mshtmler.dll
[2013/02/04 00:22:44 | 000,041,472 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msfeedsbs.dll
[2013/02/04 00:22:44 | 000,035,840 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\imgutil.dll
[2013/02/04 00:22:44 | 000,031,744 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iernonce.dll
[2013/02/04 00:22:44 | 000,023,552 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\licmgr10.dll
[2013/02/04 00:22:44 | 000,010,752 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msfeedssync.exe
[2013/02/04 00:20:29 | 000,293,376 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\browserchoice.exe
[2013/02/04 00:08:02 | 000,000,000 | ---D | C] -- D:\Program Files\LSI SoftModem
[2013/02/03 23:41:22 | 000,000,000 | ---D | C] -- D:\ProgramData\NVIDIA Corporation
[2013/02/03 23:41:13 | 000,000,000 | ---D | C] -- D:\Program Files\NVIDIA Corporation
[2013/02/03 23:35:16 | 000,826,880 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\rdpcore.dll
[2013/02/03 23:35:01 | 002,576,384 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\gameux.dll
[2013/02/03 23:35:01 | 000,308,736 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\Wpc.dll
[2013/02/03 23:35:01 | 000,046,592 | ---- | C] (Microsoft) -- D:\Windows\System32\fpb.rs
[2013/02/03 23:35:01 | 000,045,568 | ---- | C] (Microsoft) -- D:\Windows\System32\oflc-nz.rs
[2013/02/03 23:35:01 | 000,044,544 | ---- | C] (Microsoft) -- D:\Windows\System32\pegibbfc.rs
[2013/02/03 23:35:01 | 000,043,520 | ---- | C] (Microsoft) -- D:\Windows\System32\csrr.rs
[2013/02/03 23:35:01 | 000,040,960 | ---- | C] (Microsoft) -- D:\Windows\System32\cob-au.rs
[2013/02/03 23:35:01 | 000,030,720 | ---- | C] (Microsoft) -- D:\Windows\System32\usk.rs
[2013/02/03 23:35:01 | 000,021,504 | ---- | C] (Microsoft) -- D:\Windows\System32\grb.rs
[2013/02/03 23:35:01 | 000,020,480 | ---- | C] (Microsoft) -- D:\Windows\System32\pegi-pt.rs
[2013/02/03 23:35:01 | 000,020,480 | ---- | C] (Microsoft) -- D:\Windows\System32\pegi.rs
[2013/02/03 23:35:01 | 000,015,360 | ---- | C] (Microsoft) -- D:\Windows\System32\djctq.rs
[2013/02/03 23:34:59 | 000,055,296 | ---- | C] (Microsoft) -- D:\Windows\System32\cero.rs
[2013/02/03 23:34:59 | 000,051,712 | ---- | C] (Microsoft) -- D:\Windows\System32\esrb.rs
[2013/02/03 23:34:59 | 000,023,552 | ---- | C] (Microsoft) -- D:\Windows\System32\oflc.rs
[2013/02/03 23:34:59 | 000,020,480 | ---- | C] (Microsoft) -- D:\Windows\System32\pegi-fi.rs
[2013/02/03 23:34:39 | 000,271,360 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\conhost.exe
[2013/02/03 23:34:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2013/02/03 23:34:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/02/03 23:34:37 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2013/02/03 23:34:37 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2013/02/03 23:34:37 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2013/02/03 23:34:37 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2013/02/03 23:34:37 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/02/03 23:34:37 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2013/02/03 23:34:37 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2013/02/03 23:34:37 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2013/02/03 23:34:37 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/02/03 23:34:37 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/02/03 23:34:37 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2013/02/03 23:34:37 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2013/02/03 23:34:37 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2013/02/03 23:34:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2013/02/03 23:34:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2013/02/03 23:34:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/02/03 23:34:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2013/02/03 23:34:36 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2013/02/03 23:34:36 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2013/02/03 23:34:36 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2013/02/03 23:34:36 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2013/02/03 23:34:36 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/02/03 23:34:36 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2013/02/03 23:34:36 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2013/02/03 23:34:36 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2013/02/03 23:34:36 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2013/02/03 23:33:47 | 000,002,048 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\tzres.dll
[2013/02/03 23:33:38 | 000,038,912 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\csrsrv.dll
[2013/02/03 23:33:08 | 001,328,128 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\quartz.dll
[2013/02/03 23:32:34 | 000,642,048 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\CPFilters.dll
[2013/02/03 23:32:32 | 000,850,944 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\sbe.dll
[2013/02/03 23:32:32 | 000,199,680 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mpg2splt.ax
[2013/02/03 23:32:17 | 000,465,408 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\psisdecd.dll
[2013/02/03 23:32:17 | 000,204,288 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\MSNP.ax
[2013/02/03 23:32:17 | 000,075,776 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\psisrndr.ax
[2013/02/03 23:32:16 | 000,072,704 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\Mpeg2Data.ax
[2013/02/03 23:32:16 | 000,059,904 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\MSDvbNP.ax
[2013/02/03 23:32:10 | 000,067,072 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\packager.dll
[2013/02/03 23:31:36 | 000,031,232 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\prevhost.exe
[2013/02/03 23:31:07 | 001,549,312 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\tquery.dll
[2013/02/03 23:31:07 | 001,401,344 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mssrch.dll
[2013/02/03 23:31:05 | 000,666,624 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mssvp.dll
[2013/02/03 23:31:05 | 000,337,408 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mssph.dll
[2013/02/03 23:31:05 | 000,197,120 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mssphtb.dll
[2013/02/03 23:31:03 | 000,059,392 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msscntrs.dll
[2013/02/03 23:30:30 | 000,805,376 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\cdosys.dll
[2013/02/03 23:30:15 | 000,123,904 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\poqexec.exe
[2013/02/03 23:29:33 | 000,015,872 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\sspisrv.dll
[2013/02/03 23:29:13 | 000,314,880 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\webio.dll
[2013/02/03 23:29:10 | 000,400,896 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\srcore.dll
[2013/02/03 23:29:09 | 000,262,656 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\rstrui.exe
[2013/02/03 23:28:51 | 000,028,672 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\dnscacheugc.exe
[2013/02/03 23:28:44 | 000,802,304 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\WFS.exe
[2013/02/03 23:28:44 | 000,191,488 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\FXSCOVER.exe
[2013/02/03 23:28:37 | 000,534,528 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\EncDec.dll
[2013/02/03 23:28:33 | 000,002,048 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msxml3r.dll
[2013/02/03 23:28:31 | 000,027,008 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\drivers\Diskdump.sys
[2013/02/03 23:28:26 | 000,319,488 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\odbcjt32.dll
[2013/02/03 23:28:25 | 000,163,840 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\odbctrac.dll
[2013/02/03 23:28:25 | 000,122,880 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\odbccp32.dll
[2013/02/03 23:28:25 | 000,086,016 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\odbccu32.dll
[2013/02/03 23:28:25 | 000,081,920 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\odbccr32.dll
[2013/02/03 23:28:23 | 000,008,192 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\rdrmemptylst.exe
[2013/02/03 23:28:22 | 000,129,536 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\rdpcorekmts.dll
[2013/02/03 23:28:22 | 000,058,880 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\rdpwsx.dll
[2013/02/03 23:28:14 | 000,041,984 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\browcli.dll
[2013/02/03 23:28:09 | 000,220,160 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ncrypt.dll
[2013/02/03 23:27:48 | 001,137,664 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mfc42.dll
[2013/02/03 23:27:47 | 001,164,288 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mfc42u.dll
[2013/02/03 23:27:41 | 002,616,320 | ---- | C] (Microsoft Corporation) -- D:\Windows\explorer.exe
[2013/02/03 23:27:38 | 000,376,832 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\dpnet.dll
[2013/02/03 23:27:38 | 000,002,560 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\dpnaddr.dll
[2013/02/03 23:27:29 | 000,478,720 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\timedate.cpl
[2013/02/03 23:27:27 | 000,028,672 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\profprov.dll
[2013/02/03 23:27:13 | 000,078,336 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\synceng.dll
[2013/02/03 23:07:10 | 000,219,008 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\drivers\dxgmms1.sys
[2013/02/03 23:07:10 | 000,107,520 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\cdd.dll
[2013/02/03 22:51:28 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
[2013/02/03 22:51:28 | 000,000,000 | ---D | C] -- D:\Users\Ciro\AppData\Roaming\Foxit
[2013/02/03 22:51:27 | 000,000,000 | ---D | C] -- D:\Program Files\Foxit Software
[2013/02/03 22:38:01 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\EssentialPIM
[2013/02/03 22:37:55 | 000,000,000 | ---D | C] -- D:\Users\Ciro\AppData\Roaming\EssentialPIM
[2013/02/03 22:37:55 | 000,000,000 | ---D | C] -- D:\Program Files\EssentialPIM
[2013/02/03 21:42:32 | 000,000,000 | ---D | C] -- D:\Users\Ciro\AppData\Roaming\Windows Live Writer
[2013/02/03 21:42:32 | 000,000,000 | ---D | C] -- D:\Users\Ciro\AppData\Local\Windows Live Writer
[2013/02/03 21:41:31 | 000,000,000 | ---D | C] -- D:\Users\Ciro\Tracing
[2013/02/03 21:39:50 | 000,000,000 | ---D | C] -- D:\Windows\it
[2013/02/03 21:39:23 | 000,000,000 | ---D | C] -- D:\Windows\System32\DRVSTORE
[2013/02/03 21:39:14 | 000,000,000 | R--D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
[2013/02/02 22:28:28 | 000,000,000 | ---D | C] -- D:\Program Files\Windows Live
[2013/02/02 22:26:23 | 000,527,192 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XAudio2_7.dll
[2013/02/02 22:26:23 | 000,074,072 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XAPOFX1_5.dll
[2013/02/02 22:26:21 | 002,106,216 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\D3DCompiler_43.dll
[2013/02/02 22:26:15 | 000,248,672 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx11_43.dll
[2013/02/02 22:20:35 | 000,453,456 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx10_42.dll
[2013/02/02 22:17:02 | 003,426,072 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx9_32.dll
[2013/02/02 21:52:18 | 000,000,000 | ---D | C] -- D:\Program Files\Microsoft SkyDrive
[2013/02/02 21:52:08 | 000,000,000 | R--D | C] -- D:\Users\Ciro\SkyDrive
[2013/02/02 21:50:28 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft SkyDrive
[2013/02/02 21:43:14 | 000,000,000 | ---D | C] -- D:\Users\Ciro\AppData\Local\Windows Live
[2013/02/02 21:42:57 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Windows Live
[2013/02/02 19:56:50 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
[2013/02/02 19:56:43 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2013/02/02 19:54:47 | 000,000,000 | ---D | C] -- D:\Program Files\Microsoft Synchronization Services
[2013/02/02 19:54:45 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\DESIGNER
[2013/02/02 19:54:13 | 000,000,000 | ---D | C] -- D:\Windows\PCHEALTH
[2013/02/02 19:54:13 | 000,000,000 | ---D | C] -- D:\Program Files\Microsoft.NET
[2013/02/02 19:54:13 | 000,000,000 | ---D | C] -- D:\Program Files\Microsoft Sync Framework
[2013/02/02 19:54:13 | 000,000,000 | ---D | C] -- D:\Program Files\Microsoft SQL Server Compact Edition
[2013/02/02 19:53:07 | 000,000,000 | ---D | C] -- D:\Program Files\Microsoft Visual Studio 8
[2013/02/02 19:52:16 | 000,000,000 | ---D | C] -- D:\Program Files\Microsoft Analysis Services
[2013/02/02 19:51:45 | 000,000,000 | ---D | C] -- D:\Users\Ciro\AppData\Local\Microsoft Help
[2013/02/02 19:51:35 | 000,000,000 | ---D | C] -- D:\Program Files\Microsoft Office
[2013/02/02 19:51:34 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft Help
[2013/02/02 18:31:41 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013/02/02 18:30:54 | 000,000,000 | ---D | C] -- D:\Program Files\Google
[2013/02/02 18:30:47 | 000,000,000 | ---D | C] -- D:\Users\Ciro\AppData\Local\Google
[2013/02/02 18:30:04 | 000,000,000 | ---D | C] -- D:\Users\Ciro\AppData\Local\Deployment
[2013/02/02 18:30:04 | 000,000,000 | ---D | C] -- D:\Users\Ciro\AppData\Local\Apps
[2013/02/02 18:16:12 | 000,000,000 | ---D | C] -- D:\Program Files\Hewlett-Packard
[2013/02/02 18:15:57 | 000,000,000 | ---D | C] -- D:\Program Files\Microsoft
[2013/02/02 18:15:46 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013/02/02 18:15:02 | 000,000,000 | ---D | C] -- D:\Program Files\Microsoft Silverlight
[2013/02/02 18:14:38 | 000,000,000 | ---D | C] -- D:\ProgramData\HP Photo Creations
[2013/02/02 18:14:38 | 000,000,000 | ---D | C] -- D:\Program Files\HP Photo Creations
[2013/02/02 18:14:28 | 000,000,000 | ---D | C] -- D:\Users\Ciro\AppData\Roaming\HpUpdate
[2013/02/02 18:14:12 | 000,544,616 | ---- | C] (Hewlett-Packard Co.) -- D:\Windows\System32\HPDiscoPMa011.dll
[2013/02/02 18:14:10 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
[2013/02/02 18:13:35 | 000,000,000 | ---D | C] -- D:\ProgramData\HP
[2013/02/02 18:13:24 | 000,000,000 | ---D | C] -- D:\Program Files\HP
[2013/02/02 18:12:45 | 000,000,000 | ---D | C] -- D:\Users\Ciro\AppData\Local\HP
[2013/02/02 10:47:36 | 000,000,000 | ---D | C] -- D:\Program Files\HP disco Stampante
[2013/02/01 20:15:21 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
[2013/02/01 20:15:08 | 000,000,000 | ---D | C] -- D:\Program Files\DsNET Corp
[2013/02/01 19:58:57 | 000,000,000 | ---D | C] -- D:\Users\Ciro\AppData\Roaming\SlowBit
[2013/02/01 19:53:05 | 000,000,000 | ---D | C] -- D:\Users\Ciro\AppData\Roaming\WinRAR
[2013/02/01 19:53:05 | 000,000,000 | ---D | C] -- D:\Users\Ciro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013/02/01 19:53:05 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013/02/01 19:52:38 | 000,000,000 | ---D | C] -- D:\Program Files\WinRAR
[2013/02/01 19:49:40 | 000,000,000 | ---D | C] -- D:\Windows\System32\RTCOM
[2013/02/01 19:49:00 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- D:\Windows\System32\SRSTSXT.dll
[2013/02/01 19:49:00 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- D:\Windows\System32\SRSWOW.dll
[2013/02/01 19:48:57 | 002,417,808 | ---- | C] (Realtek Semiconductor Corp.) -- D:\Windows\System32\RtkPgExt.dll
[2013/02/01 19:48:57 | 001,497,704 | ---- | C] (Realtek Semiconductor Corp.) -- D:\Windows\System32\RTSndMgr.cpl
[2013/02/01 19:48:56 | 003,173,008 | ---- | C] (Realtek Semiconductor Corp.) -- D:\Windows\System32\RtkAPO.dll
[2013/02/01 19:48:55 | 000,359,768 | ---- | C] (Dolby Laboratories, Inc.) -- D:\Windows\System32\RTEEP32A.dll
[2013/02/01 19:48:55 | 000,170,840 | ---- | C] (Dolby Laboratories, Inc.) -- D:\Windows\System32\RTEED32A.dll
[2013/02/01 19:48:55 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- D:\Windows\System32\RTEEL32A.dll
[2013/02/01 19:48:55 | 000,064,856 | ---- | C] (Dolby Laboratories, Inc.) -- D:\Windows\System32\RTEEG32A.dll
[2013/02/01 19:48:54 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- D:\Windows\System32\RP3DHT32.dll
[2013/02/01 19:48:54 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- D:\Windows\System32\RP3DAA32.dll
[2013/02/01 19:48:49 | 000,000,000 | -H-D | C] -- D:\Program Files\InstallShield Installation Information
[2013/02/01 19:48:49 | 000,000,000 | ---D | C] -- D:\Program Files\Realtek
[2013/02/01 19:48:43 | 001,706,640 | ---- | C] (Realtek Semiconductor Corp.) -- D:\Windows\RtlExUpd.dll
[2013/02/01 19:48:43 | 000,000,000 | -H-D | C] -- D:\Program Files\Temp
[2013/02/01 19:48:38 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\InstallShield
[2013/02/01 19:47:13 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
[2013/02/01 19:46:47 | 000,000,000 | ---D | C] -- D:\Program Files\K-Lite Codec Pack
[2013/02/01 19:44:46 | 000,000,000 | ---D | C] -- D:\Users\Ciro\AppData\Local\Programs
[2013/02/01 19:43:55 | 000,000,000 | ---D | C] -- D:\Users\Ciro\AppData\Roaming\Panda Security
[2013/02/01 19:43:00 | 000,000,000 | ---D | C] -- D:\ProgramData\Panda Security
[2013/02/01 19:43:00 | 000,000,000 | ---D | C] -- D:\Program Files\Panda Security
[2013/02/01 19:42:46 | 000,000,000 | -HSD | C] -- D:\Windows\Installer
[2013/02/01 18:52:20 | 000,232,336 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\MpSigStub.exe
[2013/02/01 18:48:13 | 000,000,000 | ---D | C] -- D:\Users\Ciro\AppData\Roaming\Macromedia
[2013/02/01 18:48:13 | 000,000,000 | ---D | C] -- D:\Users\Ciro\AppData\Roaming\Adobe
[2013/02/01 18:47:58 | 000,691,568 | ---- | C] (Adobe Systems Incorporated) -- D:\Windows\System32\FlashPlayerApp.exe
[2013/02/01 18:47:58 | 000,071,024 | ---- | C] (Adobe Systems Incorporated) -- D:\Windows\System32\FlashPlayerCPLApp.cpl
[2013/02/01 18:47:56 | 000,000,000 | ---D | C] -- D:\Windows\System32\Macromed
[2013/02/01 18:47:32 | 000,000,000 | -H-D | C] -- D:\Windows\AxInstSV
[2013/02/01 18:45:10 | 002,422,272 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wucltux.dll
[2013/02/01 18:45:10 | 000,045,080 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wups2.dll
[2013/02/01 18:45:03 | 000,577,048 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wuapi.dll
[2013/02/01 18:45:03 | 000,088,576 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wudriver.dll
[2013/02/01 18:45:03 | 000,035,864 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wups.dll
[2013/02/01 18:44:51 | 000,171,904 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wuwebv.dll
[2013/02/01 18:44:51 | 000,033,792 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wuapp.exe
[2013/02/01 18:42:38 | 000,000,000 | ---D | C] -- D:\Users\Ciro\AppData\Local\NeoSmart_Technologies
[2013/02/01 18:27:37 | 000,000,000 | R--D | C] -- D:\Users\Ciro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013/02/01 18:27:37 | 000,000,000 | R--D | C] -- D:\Users\Ciro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013/02/01 18:27:36 | 000,000,000 | R--D | C] -- D:\Users\Ciro\Searches
[2013/02/01 18:27:28 | 000,000,000 | ---D | C] -- D:\Users\Ciro\AppData\Roaming\Identities
[2013/02/01 18:27:26 | 000,000,000 | R--D | C] -- D:\Users\Ciro\Contacts
[2013/02/01 18:27:17 | 000,000,000 | ---D | C] -- D:\Users\Ciro\AppData\Local\VirtualStore
[2013/02/01 18:27:15 | 000,000,000 | -HSD | C] -- D:\Users\Ciro\Documents\Video
[2013/02/01 18:27:15 | 000,000,000 | -HSD | C] -- D:\Users\Ciro\AppData\Local\Temporary Internet Files
[2013/02/01 18:27:15 | 000,000,000 | -HSD | C] -- D:\Users\Ciro\SendTo
[2013/02/01 18:27:15 | 000,000,000 | -HSD | C] -- D:\Users\Ciro\Risorse di stampa
[2013/02/01 18:27:15 | 000,000,000 | -HSD | C] -- D:\Users\Ciro\Risorse di rete
[2013/02/01 18:27:15 | 000,000,000 | -HSD | C] -- D:\Users\Ciro\Recenti
[2013/02/01 18:27:15 | 000,000,000 | -HSD | C] -- D:\Users\Ciro\Documents\Musica
[2013/02/01 18:27:15 | 000,000,000 | -HSD | C] -- D:\Users\Ciro\Modelli
[2013/02/01 18:27:15 | 000,000,000 | -HSD | C] -- D:\Users\Ciro\Menu Avvio
[2013/02/01 18:27:15 | 000,000,000 | -HSD | C] -- D:\Users\Ciro\Impostazioni locali
[2013/02/01 18:27:15 | 000,000,000 | -HSD | C] -- D:\Users\Ciro\Documents\Immagini
[2013/02/01 18:27:15 | 000,000,000 | -HSD | C] -- D:\Users\Ciro\Documenti
[2013/02/01 18:27:15 | 000,000,000 | -HSD | C] -- D:\Users\Ciro\Dati applicazioni
[2013/02/01 18:27:15 | 000,000,000 | -HSD | C] -- D:\Users\Ciro\AppData\Local\Dati applicazioni
[2013/02/01 18:27:15 | 000,000,000 | -HSD | C] -- D:\Users\Ciro\AppData\Local\Cronologia
[2013/02/01 18:27:15 | 000,000,000 | -HSD | C] -- D:\Users\Ciro\Cookies
[2013/02/01 18:27:14 | 000,000,000 | --SD | C] -- D:\Users\Ciro\AppData\Roaming\Microsoft
[2013/02/01 18:27:14 | 000,000,000 | R--D | C] -- D:\Users\Ciro\Videos
[2013/02/01 18:27:14 | 000,000,000 | R--D | C] -- D:\Users\Ciro\Saved Games
[2013/02/01 18:27:14 | 000,000,000 | R--D | C] -- D:\Users\Ciro\Pictures
[2013/02/01 18:27:14 | 000,000,000 | R--D | C] -- D:\Users\Ciro\Music
[2013/02/01 18:27:14 | 000,000,000 | R--D | C] -- D:\Users\Ciro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013/02/01 18:27:14 | 000,000,000 | R--D | C] -- D:\Users\Ciro\Links
[2013/02/01 18:27:14 | 000,000,000 | R--D | C] -- D:\Users\Ciro\Favorites
[2013/02/01 18:27:14 | 000,000,000 | R--D | C] -- D:\Users\Ciro\Downloads
[2013/02/01 18:27:14 | 000,000,000 | R--D | C] -- D:\Users\Ciro\Documents
[2013/02/01 18:27:14 | 000,000,000 | R--D | C] -- D:\Users\Ciro\Desktop
[2013/02/01 18:27:14 | 000,000,000 | R--D | C] -- D:\Users\Ciro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013/02/01 18:27:14 | 000,000,000 | -H-D | C] -- D:\Users\Ciro\AppData
[2013/02/01 18:27:14 | 000,000,000 | ---D | C] -- D:\Users\Ciro\AppData\Local\Temp
[2013/02/01 18:27:14 | 000,000,000 | ---D | C] -- D:\Users\Ciro\AppData\Local\Microsoft
[2013/02/01 18:27:14 | 000,000,000 | ---D | C] -- D:\Users\Ciro\AppData\Roaming\Media Center Programs
[2013/02/01 18:27:02 | 000,000,000 | -HSD | C] -- D:\Users\Public\Documents\Video
[2013/02/01 18:27:02 | 000,000,000 | -HSD | C] -- D:\ProgramData\Preferiti
[2013/02/01 18:27:02 | 000,000,000 | -HSD | C] -- D:\Users\Public\Documents\Musica
[2013/02/01 18:27:02 | 000,000,000 | -HSD | C] -- D:\ProgramData\Modelli
[2013/02/01 18:27:02 | 000,000,000 | -HSD | C] -- D:\ProgramData\Menu Avvio
[2013/02/01 18:27:02 | 000,000,000 | -HSD | C] -- D:\Users\Public\Documents\Immagini
[2013/02/01 18:27:02 | 000,000,000 | -HSD | C] -- D:\Program Files\File comuni
[2013/02/01 18:27:02 | 000,000,000 | -HSD | C] -- D:\ProgramData\Documenti
[2013/02/01 18:27:02 | 000,000,000 | -HSD | C] -- D:\ProgramData\Dati applicazioni
[2013/02/01 18:16:48 | 000,000,000 | ---D | C] -- D:\Windows\SoftwareDistribution
[2013/02/01 18:14:00 | 000,000,000 | ---D | C] -- D:\Windows\Prefetch
[2013/02/01 18:13:22 | 000,000,000 | ---D | C] -- D:\Windows\Panther
[2013/02/01 18:07:33 | 000,000,000 | ---D | C] -- D:\Windows.old

========== Files - Modified Within 60 Days ==========

[2013/03/11 19:47:47 | 000,739,004 | ---- | M] () -- D:\Windows\System32\perfh010.dat
[2013/03/11 19:47:47 | 000,651,938 | ---- | M] () -- D:\Windows\System32\perfh009.dat
[2013/03/11 19:47:47 | 000,146,076 | ---- | M] () -- D:\Windows\System32\perfc010.dat
[2013/03/11 19:47:47 | 000,120,870 | ---- | M] () -- D:\Windows\System32\perfc009.dat
[2013/03/11 19:46:49 | 000,014,224 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/03/11 19:46:49 | 000,014,224 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/03/11 19:41:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Users\Ciro\Desktop\OTL.exe
[2013/03/11 19:40:04 | 000,001,134 | ---- | M] () -- D:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/03/11 19:40:04 | 000,001,130 | ---- | M] () -- D:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/03/11 19:39:30 | 000,000,310 | ---- | M] () -- D:\Windows\tasks\GlaryInitialize.job
[2013/03/11 19:39:30 | 000,000,198 | ---- | M] () -- D:\Windows\tasks\AutoKMS.job
[2013/03/11 19:39:15 | 000,067,584 | --S- | M] () -- D:\Windows\bootstat.dat
[2013/03/11 19:39:12 | 1610,162,176 | -HS- | M] () -- D:\hiberfil.sys
[2013/03/11 19:22:00 | 000,000,978 | ---- | M] () -- D:\Windows\tasks\Adobe Flash Player Updater.job
[2013/03/11 19:01:00 | 000,000,254 | ---- | M] () -- D:\Windows\tasks\HP Photo Creations Messager.job
[2013/03/11 17:51:26 | 000,094,112 | ---- | M] (Oracle Corporation) -- D:\Windows\System32\WindowsAccessBridge.dll
[2013/03/11 17:51:24 | 000,861,088 | ---- | M] (Oracle Corporation) -- D:\Windows\System32\npDeployJava1.dll
[2013/03/11 17:51:24 | 000,782,240 | ---- | M] (Oracle Corporation) -- D:\Windows\System32\deployJava1.dll
[2013/03/11 17:51:24 | 000,262,560 | ---- | M] (Oracle Corporation) -- D:\Windows\System32\javaws.exe
[2013/03/11 17:51:24 | 000,174,496 | ---- | M] (Oracle Corporation) -- D:\Windows\System32\javaw.exe
[2013/03/11 17:51:24 | 000,174,496 | ---- | M] (Oracle Corporation) -- D:\Windows\System32\java.exe
[2013/03/11 16:36:56 | 000,002,128 | ---- | M] () -- D:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2013/03/08 22:45:14 | 000,463,504 | ---- | M] () -- D:\Windows\System32\FNTCACHE.DAT
[2013/03/08 22:26:17 | 000,013,560 | ---- | M] (GFI Software) -- D:\Windows\System32\drivers\gfibto.sys
[2013/03/08 21:57:07 | 000,008,494 | ---- | M] () -- D:\Users\Ciro\Documents\cc_20130308_215656.reg
[2013/03/04 17:27:45 | 000,001,033 | ---- | M] () -- D:\Users\Public\Desktop\VLC media player.lnk
[2013/03/04 16:55:47 | 000,001,809 | ---- | M] () -- D:\Users\Public\Desktop\Apps.lnk
[2013/03/04 16:55:44 | 000,001,770 | ---- | M] () -- D:\Users\Public\Desktop\Start BlueStacks.lnk
[2013/03/03 00:01:05 | 000,001,530 | ---- | M] () -- D:\Users\Ciro\Start BlueStacks.lnk
[2013/03/02 20:55:43 | 000,000,325 | ---- | M] () -- D:\Users\Ciro\Desktop\Strumenti diagnostici stampante HP.url
[2013/03/01 18:39:39 | 000,253,952 | ---- | M] (Microsoft Corporation) -- D:\Windows\Setup1.exe
[2013/03/01 18:39:37 | 000,074,752 | ---- | M] (Microsoft Corporation) -- D:\Windows\ST6UNST.EXE
[2013/03/01 17:44:11 | 000,001,784 | ---- | M] () -- D:\Users\Ciro\Documents\Nuovo database.odb
[2013/03/01 17:25:54 | 000,691,568 | ---- | M] (Adobe Systems Incorporated) -- D:\Windows\System32\FlashPlayerApp.exe
[2013/03/01 17:25:54 | 000,071,024 | ---- | M] (Adobe Systems Incorporated) -- D:\Windows\System32\FlashPlayerCPLApp.cpl
[2013/03/01 15:59:15 | 000,048,124 | ---- | M] () -- D:\Users\Ciro\Desktop\cud.PDF
[2013/02/28 20:20:58 | 000,021,474 | ---- | M] () -- D:\Users\Ciro\Desktop\Dettaglio Bonifico Italia.pdf
[2013/02/27 17:15:11 | 000,000,536 | ---- | M] () -- D:\Users\Ciro\Desktop\Productiva Suite.lnk
[2013/02/26 15:08:55 | 000,021,451 | ---- | M] () -- D:\Dettaglio Bonifico Italia (8).pdf
[2013/02/26 15:08:21 | 000,021,450 | ---- | M] () -- D:\Dettaglio Bonifico Italia (7).pdf
[2013/02/26 15:07:43 | 000,021,451 | ---- | M] () -- D:\Dettaglio Bonifico Italia (6).pdf
[2013/02/26 15:07:12 | 000,021,451 | ---- | M] () -- D:\Dettaglio Bonifico Italia (5).pdf
[2013/02/26 15:06:45 | 000,021,468 | ---- | M] () -- D:\Dettaglio Bonifico Italia (4).pdf
[2013/02/26 15:06:20 | 000,021,450 | ---- | M] () -- D:\Dettaglio Bonifico Italia (3).pdf
[2013/02/26 15:05:42 | 000,021,452 | ---- | M] () -- D:\Dettaglio Bonifico Italia (2).pdf
[2013/02/26 15:05:19 | 000,021,446 | ---- | M] () -- D:\Dettaglio Bonifico Italia (1).pdf
[2013/02/26 15:04:41 | 000,021,454 | ---- | M] () -- D:\Dettaglio Bonifico Italia.pdf
[2013/02/21 16:30:31 | 000,000,000 | -H-- | M] () -- D:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013/02/20 16:40:40 | 000,019,757 | ---- | M] () -- D:\Users\Ciro\Documents\combinatore telefonico 1.pdf
[2013/02/20 11:11:49 | 000,010,962 | ---- | M] () -- D:\2C832BDD607B59E1C1257B180038039B.PDF
[2013/02/20 10:34:34 | 000,420,922 | ---- | M] () -- D:\5779839_56560730_12366_CCEC0.pdf
[2013/02/18 20:31:12 | 000,071,710 | ---- | M] () -- D:\Users\Ciro\Desktop\203332634-40f11765-2700-4963-8ea7-7892a92d21b7.jpg
[2013/02/17 19:14:11 | 000,121,152 | ---- | M] () -- D:\Users\Ciro\Documents\urmet.pdf
[2013/02/17 18:38:45 | 000,026,590 | ---- | M] () -- D:\Users\Ciro\Documents\Procedura di reset.pdf
[2013/02/17 18:34:25 | 000,103,812 | ---- | M] () -- D:\Users\Ciro\Documents\combinatore telefonico.pdf
[2013/02/16 22:51:00 | 000,001,314 | ---- | M] () -- D:\Users\Ciro\Documents\cc_20130216_225044.reg
[2013/02/16 22:50:06 | 000,041,732 | ---- | M] () -- D:\Users\Ciro\Documents\cc_20130216_224944.reg
[2013/02/16 19:40:12 | 000,000,045 | ---- | M] () -- D:\Windows\System32\initdebug.nfo
[2013/02/14 18:22:35 | 000,651,062 | ---- | M] () -- D:\Users\Ciro\Documents\___ ATTO COMPLETO ___.pdf
[2013/02/11 23:30:37 | 000,001,561 | ---- | M] () -- D:\Users\Ciro\Desktop\PW - collegamento.lnk
[2013/02/11 11:28:31 | 000,035,896 | ---- | M] (GFI Software) -- D:\Windows\System32\drivers\gfiark.sys
[2013/02/07 12:25:08 | 000,001,214 | ---- | M] () -- D:\Users\Ciro\Desktop\GiochiDiCarte - collegamento.lnk
[2013/02/05 19:58:11 | 000,001,317 | ---- | M] () -- D:\Users\Ciro\Desktop\SOLWIN.lnk
[2013/02/04 21:02:37 | 000,152,576 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\msclmd.dll
[2013/02/04 12:14:33 | 000,000,000 | ---- | M] () -- D:\ProgramData\0x0304A000.sfl
[2013/02/04 00:22:44 | 003,695,416 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\ieapfltr.dat
[2013/02/04 00:22:44 | 000,434,176 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\ieapfltr.dll
[2013/02/04 00:22:44 | 000,367,104 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\html.iec
[2013/02/04 00:22:44 | 000,353,792 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\dxtmsft.dll
[2013/02/04 00:22:44 | 000,353,584 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\iedkcs32.dll
[2013/02/04 00:22:44 | 000,227,840 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\ieaksie.dll
[2013/02/04 00:22:44 | 000,223,232 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\dxtrans.dll
[2013/02/04 00:22:44 | 000,163,840 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\ieakui.dll
[2013/02/04 00:22:44 | 000,162,304 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\msrating.dll
[2013/02/04 00:22:44 | 000,161,792 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\msls31.dll
[2013/02/04 00:22:44 | 000,152,064 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\wextract.exe
[2013/02/04 00:22:44 | 000,150,528 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\iexpress.exe
[2013/02/04 00:22:44 | 000,130,560 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\ieakeng.dll
[2013/02/04 00:22:44 | 000,118,784 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\iepeers.dll
[2013/02/04 00:22:44 | 000,110,592 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\IEAdvpack.dll
[2013/02/04 00:22:44 | 000,101,888 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\admparse.dll
[2013/02/04 00:22:44 | 000,086,528 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\iesysprep.dll
[2013/02/04 00:22:44 | 000,078,848 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\inseng.dll
[2013/02/04 00:22:44 | 000,076,800 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\SetIEInstalledDate.exe
[2013/02/04 00:22:44 | 000,074,752 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\RegisterIEPKEYs.exe
[2013/02/04 00:22:44 | 000,074,752 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\iesetup.dll
[2013/02/04 00:22:44 | 000,074,240 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\ie4uinit.exe
[2013/02/04 00:22:44 | 000,072,822 | ---- | M] () -- D:\Windows\System32\ieuinit.inf
[2013/02/04 00:22:44 | 000,054,272 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\pngfilt.dll
[2013/02/04 00:22:44 | 000,048,640 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\mshtmler.dll
[2013/02/04 00:22:44 | 000,041,472 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\msfeedsbs.dll
[2013/02/04 00:22:44 | 000,035,840 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\imgutil.dll
[2013/02/04 00:22:44 | 000,031,744 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\iernonce.dll
[2013/02/04 00:22:44 | 000,023,552 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\licmgr10.dll
[2013/02/04 00:22:44 | 000,010,752 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\msfeedssync.exe
[2013/02/03 22:38:01 | 000,001,022 | ---- | M] () -- D:\Users\Public\Desktop\EssentialPIM.lnk
[2013/02/02 20:03:47 | 000,000,135 | ---- | M] () -- D:\Windows\AutoKMS.ini
[2013/02/02 18:13:17 | 000,000,057 | ---- | M] () -- D:\ProgramData\Ament.ini
[2013/02/01 20:15:42 | 000,002,077 | ---- | M] () -- D:\Users\Public\Desktop\Video Search.lnk
[2013/02/01 20:15:40 | 000,001,153 | ---- | M] () -- D:\Users\Public\Desktop\aTube Catcher.lnk
[2013/02/01 20:13:42 | 000,001,965 | ---- | M] () -- D:\Users\Ciro\Desktop\Documenti.lnk
[2013/02/01 20:07:22 | 000,001,514 | ---- | M] () -- D:\Users\Ciro\Desktop\Money.lnk
[2013/02/01 18:40:26 | 000,045,056 | ---- | M] () -- D:\Users\Ciro\Documents\EasyBCD Backup (2013-02-01).bcd
[2013/02/01 18:18:16 | 000,054,125 | ---- | M] () -- D:\Windows\System32\license.rtf
[2013/02/01 18:15:54 | 000,000,000 | -H-- | M] () -- D:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2013/01/23 18:42:19 | 000,411,648 | -HS- | M] () -- D:\EUMONBMP.SYS
[2013/01/17 01:28:58 | 000,232,336 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\MpSigStub.exe
[2013/01/13 22:17:03 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/01/13 22:17:02 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/01/13 22:16:42 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/01/13 22:12:46 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/01/13 22:11:21 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/01/13 22:11:08 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/01/13 22:11:07 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/01/13 22:11:07 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
[2013/01/13 22:11:07 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/01/13 21:31:00 | 001,247,744 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\DWrite.dll
[2013/01/13 21:22:22 | 001,988,096 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\d3d10warp.dll
[2013/01/13 21:20:31 | 000,293,376 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\dxgi.dll
[2013/01/13 21:09:00 | 000,249,856 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\d3d10_1core.dll
[2013/01/13 21:08:43 | 000,220,160 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\d3d10core.dll
[2013/01/13 21:08:35 | 001,504,768 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\d3d11.dll
[2013/01/13 20:54:01 | 000,604,160 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\d3d10level9.dll
[2013/01/13 20:53:58 | 000,207,872 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\WindowsCodecsExt.dll
[2013/01/13 20:53:14 | 000,187,392 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\UIAnimation.dll
[2013/01/13 20:48:47 | 000,161,792 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\d3d10_1.dll
[2013/01/13 20:46:25 | 001,080,832 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\d3d10.dll
[2013/01/13 20:37:57 | 003,419,136 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\d2d1.dll
[2013/01/13 20:02:06 | 000,417,792 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\WMPhoto.dll
[2013/01/13 19:34:58 | 000,364,544 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\XpsGdiConverter.dll
[2013/01/13 18:26:42 | 001,158,144 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\XpsPrint.dll
[2013/01/11 11:39:42 | 000,088,576 | ---- | M] (pdfforge GbR) -- D:\Windows\System32\pdfcmon.dll

========== Files Created - No Company Name ==========

[2013/03/11 16:36:56 | 000,002,140 | ---- | C] () -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2013/03/11 16:36:56 | 000,002,128 | ---- | C] () -- D:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2013/03/08 22:44:58 | 000,463,504 | ---- | C] () -- D:\Windows\System32\FNTCACHE.DAT
[2013/03/08 21:57:00 | 000,008,494 | ---- | C] () -- D:\Users\Ciro\Documents\cc_20130308_215656.reg
[2013/03/06 23:16:17 | 000,002,519 | ---- | C] () -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2013/03/04 17:27:45 | 000,001,033 | ---- | C] () -- D:\Users\Public\Desktop\VLC media player.lnk
[2013/03/04 16:55:47 | 000,001,809 | ---- | C] () -- D:\Users\Public\Desktop\Apps.lnk
[2013/03/04 16:55:44 | 000,001,770 | ---- | C] () -- D:\Users\Public\Desktop\Start BlueStacks.lnk
[2013/03/04 16:40:14 | 000,001,530 | ---- | C] () -- D:\Users\Ciro\Start BlueStacks.lnk
[2013/03/02 20:55:43 | 000,000,325 | ---- | C] () -- D:\Users\Ciro\Desktop\Strumenti diagnostici stampante HP.url
[2013/03/01 17:43:02 | 000,001,784 | ---- | C] () -- D:\Users\Ciro\Documents\Nuovo database.odb
[2013/03/01 16:01:51 | 000,048,124 | ---- | C] () -- D:\Users\Ciro\Desktop\cud.PDF
[2013/02/28 20:21:34 | 000,021,474 | ---- | C] () -- D:\Users\Ciro\Desktop\Dettaglio Bonifico Italia.pdf
[2013/02/27 17:15:11 | 000,000,536 | ---- | C] () -- D:\Users\Ciro\Desktop\Productiva Suite.lnk
[2013/02/26 15:11:53 | 000,021,468 | ---- | C] () -- D:\Dettaglio Bonifico Italia (4).pdf
[2013/02/26 15:11:53 | 000,021,454 | ---- | C] () -- D:\Dettaglio Bonifico Italia.pdf
[2013/02/26 15:11:53 | 000,021,452 | ---- | C] () -- D:\Dettaglio Bonifico Italia (2).pdf
[2013/02/26 15:11:53 | 000,021,451 | ---- | C] () -- D:\Dettaglio Bonifico Italia (8).pdf
[2013/02/26 15:11:53 | 000,021,451 | ---- | C] () -- D:\Dettaglio Bonifico Italia (6).pdf
[2013/02/26 15:11:53 | 000,021,451 | ---- | C] () -- D:\Dettaglio Bonifico Italia (5).pdf
[2013/02/26 15:11:53 | 000,021,450 | ---- | C] () -- D:\Dettaglio Bonifico Italia (7).pdf
[2013/02/26 15:11:53 | 000,021,450 | ---- | C] () -- D:\Dettaglio Bonifico Italia (3).pdf
[2013/02/26 15:11:53 | 000,021,446 | ---- | C] () -- D:\Dettaglio Bonifico Italia (1).pdf
[2013/02/21 16:30:31 | 000,000,000 | -H-- | C] () -- D:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013/02/20 16:40:39 | 000,019,757 | ---- | C] () -- D:\Users\Ciro\Documents\combinatore telefonico 1.pdf
[2013/02/20 11:12:59 | 000,010,962 | ---- | C] () -- D:\2C832BDD607B59E1C1257B180038039B.PDF
[2013/02/20 10:35:32 | 000,420,922 | ---- | C] () -- D:\5779839_56560730_12366_CCEC0.pdf
[2013/02/18 20:31:10 | 000,071,710 | ---- | C] () -- D:\Users\Ciro\Desktop\203332634-40f11765-2700-4963-8ea7-7892a92d21b7.jpg
[2013/02/17 19:14:10 | 000,121,152 | ---- | C] () -- D:\Users\Ciro\Documents\urmet.pdf
[2013/02/17 18:38:44 | 000,026,590 | ---- | C] () -- D:\Users\Ciro\Documents\Procedura di reset.pdf
[2013/02/17 18:34:23 | 000,103,812 | ---- | C] () -- D:\Users\Ciro\Documents\combinatore telefonico.pdf
[2013/02/16 22:50:53 | 000,001,314 | ---- | C] () -- D:\Users\Ciro\Documents\cc_20130216_225044.reg
[2013/02/16 22:49:50 | 000,041,732 | ---- | C] () -- D:\Users\Ciro\Documents\cc_20130216_224944.reg
[2013/02/16 19:39:46 | 000,000,045 | ---- | C] () -- D:\Windows\System32\initdebug.nfo
[2013/02/14 18:22:35 | 000,651,062 | ---- | C] () -- D:\Users\Ciro\Documents\___ ATTO COMPLETO ___.pdf
[2013/02/11 23:30:37 | 000,001,561 | ---- | C] () -- D:\Users\Ciro\Desktop\PW - collegamento.lnk
[2013/02/06 19:27:42 | 000,000,310 | ---- | C] () -- D:\Windows\tasks\GlaryInitialize.job
[2013/02/04 20:32:31 | 000,080,896 | ---- | C] () -- D:\Windows\System32\RDVGHelper.exe
[2013/02/04 20:32:16 | 000,146,852 | ---- | C] () -- D:\Windows\System32\systemsf.ebd
[2013/02/04 20:30:21 | 000,066,048 | ---- | C] () -- D:\Windows\System32\PrintBrmUi.exe
[2013/02/04 20:30:15 | 000,010,429 | ---- | C] () -- D:\Windows\System32\ScavengeSpace.xml
[2013/02/04 20:30:02 | 000,105,559 | ---- | C] () -- D:\Windows\System32\RacRules.xml
[2013/02/04 12:14:33 | 000,000,000 | ---- | C] () -- D:\ProgramData\0x0304A000.sfl
[2013/02/04 00:28:21 | 000,000,003 | ---- | C] () -- D:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2013/02/04 00:26:13 | 000,000,003 | ---- | C] () -- D:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2013/02/04 00:22:44 | 000,072,822 | ---- | C] () -- D:\Windows\System32\ieuinit.inf
[2013/02/03 22:38:01 | 000,001,022 | ---- | C] () -- D:\Users\Public\Desktop\EssentialPIM.lnk
[2013/02/03 21:39:10 | 000,001,256 | ---- | C] () -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
[2013/02/03 21:39:01 | 000,001,325 | ---- | C] () -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
[2013/02/03 21:38:34 | 000,001,409 | ---- | C] () -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
[2013/02/03 21:38:18 | 000,002,437 | ---- | C] () -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2013/02/02 21:52:01 | 000,002,206 | ---- | C] () -- D:\Users\Ciro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk
[2013/02/02 20:03:47 | 000,000,198 | ---- | C] () -- D:\Windows\tasks\AutoKMS.job
[2013/02/02 20:03:46 | 000,000,135 | ---- | C] () -- D:\Windows\AutoKMS.ini
[2013/02/02 20:03:24 | 015,823,872 | ---- | C] () -- D:\Users\Ciro\Documents\Office 2010 Toolkit.exe
[2013/02/02 18:30:59 | 000,001,134 | ---- | C] () -- D:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/02/02 18:30:58 | 000,001,130 | ---- | C] () -- D:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/02/02 18:14:46 | 000,000,254 | ---- | C] () -- D:\Windows\tasks\HP Photo Creations Messager.job
[2013/02/02 18:13:17 | 000,000,057 | ---- | C] () -- D:\ProgramData\Ament.ini
[2013/02/01 20:15:42 | 000,002,077 | ---- | C] () -- D:\Users\Public\Desktop\Video Search.lnk
[2013/02/01 20:15:40 | 000,001,153 | ---- | C] () -- D:\Users\Public\Desktop\aTube Catcher.lnk
[2013/02/01 20:14:17 | 000,001,317 | ---- | C] () -- D:\Users\Ciro\Desktop\SOLWIN.lnk
[2013/02/01 20:13:42 | 000,001,965 | ---- | C] () -- D:\Users\Ciro\Desktop\Documenti.lnk
[2013/02/01 20:13:42 | 000,001,214 | ---- | C] () -- D:\Users\Ciro\Desktop\GiochiDiCarte - collegamento.lnk
[2013/02/01 20:07:22 | 000,001,514 | ---- | C] () -- D:\Users\Ciro\Desktop\Money.lnk
[2013/02/01 19:48:54 | 000,293,889 | ---- | C] () -- D:\Windows\System32\drivers\RTAIODAT.DAT
[2013/02/01 19:47:08 | 000,178,688 | ---- | C] () -- D:\Windows\System32\unrar.dll
[2013/02/01 18:48:00 | 000,000,978 | ---- | C] () -- D:\Windows\tasks\Adobe Flash Player Updater.job
[2013/02/01 18:40:26 | 000,045,056 | ---- | C] () -- D:\Users\Ciro\Documents\EasyBCD Backup (2013-02-01).bcd
[2013/02/01 18:30:47 | 023,708,672 | ---- | C] () -- D:\Windows\w7lxe3116.exe
[2013/02/01 18:27:38 | 000,001,402 | ---- | C] () -- D:\Users\Ciro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013/02/01 18:17:51 | 000,001,345 | ---- | C] () -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2013/02/01 18:17:43 | 000,001,326 | ---- | C] () -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2013/02/01 18:15:54 | 000,000,000 | -H-- | C] () -- D:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2013/01/23 18:42:19 | 000,411,648 | -HS- | C] () -- D:\EUMONBMP.SYS
[2011/06/08 22:57:22 | 001,929,576 | ---- | C] () -- D:\Windows\System32\HPScanTRDrv_DJ3050A_J611.dll

========== ZeroAccess Check ==========

[2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- D:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013/03/08 22:43:41 | 000,000,000 | ---D | M] -- D:\Users\Ciro\AppData\Roaming\Ad-Aware Antivirus
[2013/02/03 22:42:31 | 000,000,000 | ---D | M] -- D:\Users\Ciro\AppData\Roaming\EssentialPIM
[2013/02/03 22:51:28 | 000,000,000 | ---D | M] -- D:\Users\Ciro\AppData\Roaming\Foxit
[2013/02/16 22:40:21 | 000,000,000 | ---D | M] -- D:\Users\Ciro\AppData\Roaming\GlarySoft
[2013/03/08 23:08:13 | 000,000,000 | ---D | M] -- D:\Users\Ciro\AppData\Roaming\Hide IP Speed
[2013/02/27 17:10:27 | 000,000,000 | ---D | M] -- D:\Users\Ciro\AppData\Roaming\LibreOffice
[2013/02/11 22:54:49 | 000,000,000 | ---D | M] -- D:\Users\Ciro\AppData\Roaming\LibreOffice 1
[2013/02/01 19:43:55 | 000,000,000 | ---D | M] -- D:\Users\Ciro\AppData\Roaming\Panda Security
[2013/02/17 18:34:36 | 000,000,000 | ---D | M] -- D:\Users\Ciro\AppData\Roaming\PDF Architect
[2013/02/01 19:59:03 | 000,000,000 | ---D | M] -- D:\Users\Ciro\AppData\Roaming\SlowBit
[2013/02/07 12:30:56 | 000,000,000 | ---D | M] -- D:\Users\Ciro\AppData\Roaming\Windows Live Writer

========== Purity Check ==========



< End of report >


OTL Extras logfile created on: 11/03/2013 19:43:42 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Users\Ciro\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 0,75 Gb Available Physical Memory | 37,40% Memory free
4,00 Gb Paging File | 2,55 Gb Available in Paging File | 63,80% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files
Drive C: | 294,61 Gb Total Space | 135,87 Gb Free Space | 46,12% Space Free | Partition Type: NTFS
Drive D: | 195,30 Gb Total Space | 105,94 Gb Free Space | 54,25% Space Free | Partition Type: NTFS
Drive E: | 3,46 Gb Total Space | 0,37 Gb Free Space | 10,74% Space Free | Partition Type: FAT32
Drive F: | 142,09 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF
Drive H: | 270,45 Gb Total Space | 270,34 Gb Free Space | 99,96% Space Free | Partition Type: NTFS

Computer Name: CIRO-PC | User Name: Ciro | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- D:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- D:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- D:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-2468678141-3928519835-1707615019-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "D:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "D:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" = D:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"D:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe" = D:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"D:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe" = D:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"D:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe" = D:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08D2E12A-2337-40ED-B649-64A6781AB07C}" = rport=138 | protocol=17 | dir=out | app=system |
"{3BF67BF3-BDD7-4655-9543-FC650DBD5DF9}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{4F2909A7-92AC-4129-9622-0B053D47F4B4}" = rport=139 | protocol=6 | dir=out | app=system |
"{6C29074E-D865-4278-A38F-ADEF2F9469C5}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{84835E2C-E338-4915-B48B-ABB799CD2B9A}" = lport=139 | protocol=6 | dir=in | app=system |
"{87676F16-DC6D-43E3-A7E4-B866F4001095}" = lport=138 | protocol=17 | dir=in | app=system |
"{A7DD7AAC-CDF2-4487-9050-6485EA8474DF}" = lport=445 | protocol=6 | dir=in | app=system |
"{BB052B99-4457-4C77-9B3F-884BE5101A97}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{CA8F17FA-F2B6-4BD7-8972-C64BDD687F5B}" = rport=137 | protocol=17 | dir=out | app=system |
"{CD96551F-35D0-4184-9B05-0B75314C5A32}" = rport=445 | protocol=6 | dir=out | app=system |
"{F192ACDC-D2F0-4BA1-9080-E1AB2DD4E66E}" = lport=137 | protocol=17 | dir=in | app=system |
"{FA41BF32-1C5C-4E76-B44A-A5E02DC4574B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2A73A04F-1789-46C0-83AA-19253684E6C5}" = protocol=6 | dir=in | app=d:\program files\bonjour\mdnsresponder.exe |
"{3901551B-8816-44B0-AABE-F369693D3D76}" = protocol=6 | dir=in | app=d:\program files\adawaretb\dtuser.exe |
"{3E97CE3A-8DE3-4EE9-9856-C6D4C8960713}" = dir=in | app=d:\program files\itunes\itunes.exe |
"{56FF5D9E-9988-471B-A92D-E133C2D9B878}" = protocol=17 | dir=in | app=d:\program files\adawaretb\dtuser.exe |
"{AFB05AA3-B1F8-4A27-A767-DAE34462C334}" = dir=in | app=d:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{B37BFC30-EF00-4F6E-A683-04ABCD8B00BA}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{C31389A6-FDE7-4021-A442-F4B9F1D0E098}" = protocol=17 | dir=in | app=d:\program files\hp\hp deskjet 3050a j611 series\bin\hpnetworkcommunicator.exe |
"{C8449559-1C5F-41CD-A0E8-B8B379E7CB19}" = protocol=6 | dir=in | app=d:\program files\hp\hp deskjet 3050a j611 series\bin\hpnetworkcommunicator.exe |
"{D19F6129-ACD2-472D-803D-AA024A81F85B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{DA7D1306-975B-4A58-9CED-A9424FCC1078}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{DD29343A-74C7-4366-9D86-4F2C3462EA4E}" = protocol=17 | dir=in | app=d:\program files\bonjour\mdnsresponder.exe |
"{DE32FFC3-0D95-4569-BCC6-FB9862F7254A}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"TCP Query User{0132756C-23C0-4855-A62F-B95289291BE4}D:\program files\emule\emule.exe" = protocol=6 | dir=in | app=d:\program files\emule\emule.exe |
"TCP Query User{277F3630-7DFE-4F94-9A01-893410E374FD}D:\windows.old\program files\emule\emule.exe" = protocol=6 | dir=in | app=d:\windows.old\program files\emule\emule.exe |
"TCP Query User{DF5CB73E-D0E4-4E8F-8796-809B1AB273E8}D:\program files\hp\hp deskjet 3050a j611 series\bin\hpnetworkcommunicator.exe" = protocol=6 | dir=in | app=d:\program files\hp\hp deskjet 3050a j611 series\bin\hpnetworkcommunicator.exe |
"UDP Query User{2EEC8025-DA7A-42D4-A29A-C85D70A7B65E}D:\program files\hp\hp deskjet 3050a j611 series\bin\hpnetworkcommunicator.exe" = protocol=17 | dir=in | app=d:\program files\hp\hp deskjet 3050a j611 series\bin\hpnetworkcommunicator.exe |
"UDP Query User{9CAA299A-1909-4FE4-BA1B-30D236E23FF5}D:\program files\emule\emule.exe" = protocol=17 | dir=in | app=d:\program files\emule\emule.exe |
"UDP Query User{B12EEE38-0937-4DD8-A5C6-AAC21B4ACF8D}D:\windows.old\program files\emule\emule.exe" = protocol=17 | dir=in | app=d:\windows.old\program files\emule\emule.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0FB0C4D9-73BB-4D1A-8483-5D0BD53FACC0}" = Ad-Aware Antivirus
"{19AFD9A4-B584-41C8-91EA-38EB2FC1BD50}" = Windows Live Messenger
"{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}" = Bing Bar
"{1B947146-366B-42CD-86D5-219993CE3EE2}" = Windows Live MIME IFilter
"{268278CF-FB69-4D98-B70E-BFEC1CDCA225}" = iTunes
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{32714140-CBC5-3FAF-BFC2-3A7376C3EECF}" = Microsoft .NET Framework 4 Client Profile ITA Language Pack
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{3F459DA9-0D88-452E-97A4-5B69C8C8C6B5}" = Windows Live Family Safety
"{400C31E4-796F-4E86-8FDC-C3C4FACC6847}" = Junk Mail filter update
"{4344E211-F621-3870-9A08-2F56C71BA0A7}" = Microsoft .NET Framework 4 Extended ITA Language Pack
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Supporto applicazioni Apple
"{4926AA2D-3C66-443D-A456-53AE3FA44144}" = Windows Live Family Safety
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AF53C99-315D-4536-873F-029D2D274AE2}" = Photo Common
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6CA2A835-9F83-41EE-929F-20300C47C4F7}" = Software di base della periferica HP Deskjet 3050A J611 series
"{701FE1BC-834A-4857-AF62-6EBA50CFBC78}" = Movie Maker
"{70854FE6-3BF1-4C69-94D0-BEB821102E34}" = Windows Live Mail
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{794D971F-7EC1-4F71-A51C-773074CAB8DA}" = Windows Live Writer
"{80A07844-CA64-4DE4-AB61-D37DDBE8074F}" = PDF Architect
"{8256F87F-8554-4457-8C3D-3F3324697D9F}" = Windows Live ID Sign-in Assistant
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{85DF2EED-08BC-46FB-90DA-28B0D0A8E8A8}" = HP Update
"{87425773-10F4-4858-8CBF-465093FA43DE}" = Windows Live Mail
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0410-0000-0000000FF1CE}" = Microsoft Office Access MUI (Italian) 2010
"{90140000-0015-0410-0000-0000000FF1CE}_Office14.PROPLUS_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2010
"{90140000-0016-0410-0000-0000000FF1CE}_Office14.PROPLUS_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2010
"{90140000-0018-0410-0000-0000000FF1CE}_Office14.PROPLUS_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0410-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Italian) 2010
"{90140000-0019-0410-0000-0000000FF1CE}_Office14.PROPLUS_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0410-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Italian) 2010
"{90140000-001A-0410-0000-0000000FF1CE}_Office14.PROPLUS_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2010
"{90140000-001B-0410-0000-0000000FF1CE}_Office14.PROPLUS_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUS_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2010
"{90140000-002C-0410-0000-0000000FF1CE}_Office14.PROPLUS_{711BC808-AC64-48E2-82B2-6B53BB802142}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0410-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Italian) 2010
"{90140000-0044-0410-0000-0000000FF1CE}_Office14.PROPLUS_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2010
"{90140000-006E-0410-0000-0000000FF1CE}_Office14.PROPLUS_{C9172EE7-BDCA-4E57-9217-4C589947298B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0410-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Italian) 2010
"{90140000-00A1-0410-0000-0000000FF1CE}_Office14.PROPLUS_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0410-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Italian) 2010
"{90140000-00BA-0410-0000-0000000FF1CE}_Office14.PROPLUS_{269F607C-E754-459B-AD70-F15D73EB8D10}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007A-0410-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{97C79BEC-43F7-4BD8-A6A7-85C0257E488A}" = Windows Live Writer
"{97DDCAB8-B770-4089-A10F-67568069D78A}" = HP Deskjet 3050A J611 series ?
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{B096A0E4-26A1-4E9F-8548-577964B9434B}" = Windows Live Essentials
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C91B24F6-1629-11E2-B696-21676188709B}" = PDF Split And Merge Basic
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{CBDFD98D-3BEC-4A3E-A0FB-0DE81A951AEC}" = Studio per il miglioramento del prodotto HP Deskjet 3050A J611 series
"{CD9D0827-A6D6-4E2C-B31E-23F01577E27B}" = BlueStacks Notification Center
"{CE542E0D-E056-4426-9F98-084C13E18641}" = Windows Live UX Platform Language Pack
"{D04EBB49-C985-4A38-8695-62000861293A}" = Raccolta foto
"{D2C146B1-948D-47EF-8387-5D1C6B980F7C}" = Windows Live Writer
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E14ADE0E-75F3-4A46-87E5-26692DD626EC}" = Apple Mobile Device Support
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2235E5E-7881-4293-9B6F-04B2609FBFF0}" = Windows Live Messenger
"{F54A07A9-9716-4094-9E79-F5E929679FFF}" = Windows Live Writer Resources
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"adawaretb" = Ad-Aware Security Add-on
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"aTube Catcher" = aTube Catcher
"BlueStacks App Player" = BlueStacks App Player
"CCleaner" = CCleaner
"eMule" = eMule
"EssentialPIM" = EssentialPIM
"Foxit Reader" = Foxit Reader
"Glary Utilities_is1" = Glary Utilities 2.53.0.1726
"Google Chrome" = Google Chrome
"HP Photo Creations" = HP Photo Creations
"KLiteCodecPack_is1" = K-Lite Codec Pack 9.5.0 (Standard)
"LinuxLive USB Creator" = LinuxLive USB Creator
"LSI Soft Modem" = LSI PCI Soft Modem
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versione 1.70.0.1100
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile ITA Language Pack" = Microsoft .NET Framework 4 Client Profile - Language Pack (ITA)
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended ITA Language Pack" = Microsoft .NET Framework 4 Extended - Language Pack (ITA)
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Productiva 2013" = Productiva 2013
"PROSet" = Intel(R) Network Connections Drivers
"Revo Uninstaller" = Revo Uninstaller 1.94
"SpeedFan" = SpeedFan (remove only)
"ST6UNST #1" = Buffetti Etichette-Assistant 1.1
"VLC media player" = VLC media player 2.0.5
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.20 (32-bit)

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2468678141-3928519835-1707615019-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"SkyDriveSetup.exe" = Microsoft SkyDrive

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 02/03/2013 18:07:17 | Computer Name = Ciro-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Servizi di crittografia: impossibile elaborare la chiamata OnIdentity()
nell'oggetto writer del sistema. Details: AddWin32ServiceFiles: Unable to back up
image of service BlueStacks Log Rotator Service since QueryServiceConfig API failed

System
Error: Impossibile trovare il file specificato. .

Error - 02/03/2013 18:07:17 | Computer Name = Ciro-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Servizi di crittografia: impossibile elaborare la chiamata OnIdentity()
nell'oggetto writer del sistema. Details: AddWin32ServiceFiles: Unable to back up
image of service BlueStacks Android Service since QueryServiceConfig API failed

System
Error: Impossibile trovare il file specificato. .

Error - 02/03/2013 18:07:49 | Computer Name = Ciro-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Servizi di crittografia: impossibile elaborare la chiamata OnIdentity()
nell'oggetto writer del sistema. Details: AddLegacyDriverFiles: Unable to back up
image of binary BlueStacks Hypervisor. System Error: Impossibile trovare il file
specificato. .

Error - 02/03/2013 18:07:49 | Computer Name = Ciro-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Servizi di crittografia: impossibile elaborare la chiamata OnIdentity()
nell'oggetto writer del sistema. Details: AddWin32ServiceFiles: Unable to back up
image of service BlueStacks Log Rotator Service since QueryServiceConfig API failed

System
Error: Impossibile trovare il file specificato. .

Error - 02/03/2013 18:07:49 | Computer Name = Ciro-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Servizi di crittografia: impossibile elaborare la chiamata OnIdentity()
nell'oggetto writer del sistema. Details: AddWin32ServiceFiles: Unable to back up
image of service BlueStacks Android Service since QueryServiceConfig API failed

System
Error: Impossibile trovare il file specificato. .

Error - 05/03/2013 14:21:01 | Computer Name = Ciro-PC | Source = Application Error | ID = 1000
Description = Nome dell'applicazione che ha generato l'errore: FOXITR~1.EXE, versione:
3.0.2009.1817, timestamp: 0x4a38a751 Nome del modulo che ha generato l'errore: FOXITR~1.EXE,
versione: 3.0.2009.1817, timestamp: 0x4a38a751 Codice eccezione: 0xc0000005 Offset
errore 0x0004dc00 ID processo che ha generato l'errore: 0x5f8 Ora di avvio dell'applicazione
che ha generato l'errore: 0x01ce19ce2e47b785 Percorso dell'applicazione che ha generato
l'errore: D:\PROGRA~1\FOXITS~1\FOXITR~1\FOXITR~1.EXE Percorso del modulo che ha
generato l'errore: D:\PROGRA~1\FOXITS~1\FOXITR~1\FOXITR~1.EXE ID segnalazione: 6e96fcdd-85c1-11e2-aab7-0013d32926d7

Error - 07/03/2013 13:14:33 | Computer Name = Ciro-PC | Source = Application Error | ID = 1000
Description = Nome dell'applicazione che ha generato l'errore: FOXITR~1.EXE, versione:
3.0.2009.1817, timestamp: 0x4a38a751 Nome del modulo che ha generato l'errore: FOXITR~1.EXE,
versione: 3.0.2009.1817, timestamp: 0x4a38a751 Codice eccezione: 0xc0000005 Offset
errore 0x0004dc00 ID processo che ha generato l'errore: 0x1ce8 Ora di avvio dell'applicazione
che ha generato l'errore: 0x01ce1b573b0631ad Percorso dell'applicazione che ha generato
l'errore: D:\PROGRA~1\FOXITS~1\FOXITR~1\FOXITR~1.EXE Percorso del modulo che ha
generato l'errore: D:\PROGRA~1\FOXITS~1\FOXITR~1\FOXITR~1.EXE ID segnalazione: 7a56818c-874a-11e2-8d75-0013d32926d7

Error - 08/03/2013 17:11:53 | Computer Name = Ciro-PC | Source = VSS | ID = 8194
Description =

Error - 11/03/2013 12:47:41 | Computer Name = Ciro-PC | Source = Application Hang | ID = 1002
Description = Il programma Explorer.EXE versione 6.1.7601.17567 non interagisce
più con Windows ed è stato chiuso. Per vedere se sono disponibili ulteriori informazioni
sul problema, verificare la cronologia del problema in Centro operativo nel Pannello
di controllo. ID processo: 6cc Ora di avvio: 01ce1e689f0fe858 Ora di chiusura: 982

Percorso
applicazione: D:\Windows\Explorer.EXE ID segnalazione: 5cabe8cf-8a6b-11e2-87dd-0013d32926d7


Error - 11/03/2013 12:47:51 | Computer Name = Ciro-PC | Source = Application Hang | ID = 1002
Description = Il programma SDImmunize.exe versione 2.0.12.130 non interagisce più
con Windows ed è stato chiuso. Per vedere se sono disponibili ulteriori informazioni
sul problema, verificare la cronologia del problema in Centro operativo nel Pannello
di controllo. ID processo: 14c8 Ora di avvio: 01ce1e748764af8e Ora di chiusura: 0 Percorso
applicazione: D:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe ID segnalazione:
1ac03d89-8a69-11e2-87dd-0013d32926d7

[ System Events ]
Error - 06/03/2013 12:36:22 | Computer Name = Ciro-PC | Source = DCOM | ID = 10016
Description =

Error - 07/03/2013 09:39:49 | Computer Name = Ciro-PC | Source = DCOM | ID = 10016
Description =

Error - 07/03/2013 16:56:03 | Computer Name = Ciro-PC | Source = DCOM | ID = 10016
Description =

Error - 08/03/2013 05:21:01 | Computer Name = Ciro-PC | Source = DCOM | ID = 10016
Description =

Error - 08/03/2013 14:39:51 | Computer Name = Ciro-PC | Source = DCOM | ID = 10016
Description =

Error - 08/03/2013 17:46:22 | Computer Name = Ciro-PC | Source = DCOM | ID = 10016
Description =

Error - 11/03/2013 10:57:01 | Computer Name = Ciro-PC | Source = WMPNetworkSvc | ID = 866300
Description =

Error - 11/03/2013 10:57:36 | Computer Name = Ciro-PC | Source = DCOM | ID = 10016
Description =

Error - 11/03/2013 14:39:55 | Computer Name = Ciro-PC | Source = WMPNetworkSvc | ID = 866300
Description =

Error - 11/03/2013 14:40:25 | Computer Name = Ciro-PC | Source = DCOM | ID = 10016
Description =


< End of report >
Torna in alto
 
shapiro
Inviato: Tuesday, March 12, 2013 9:55:05 AM

Rank: AiutAmico

Iscritto dal : 8/24/2008
Posts: 4,164

non c'e' niente da eliminare a parte i rimasugli di Panda e VIPRE Antivirus che puoi togliere da solo ti consiglio un buon antivirus free come avira o avast quello che hai non e' molto efficiente

rimuovi i crack che hai, rischi di prenderti una brutta infezione
Torna in alto
 
lifters
Inviato: Thursday, March 14, 2013 12:54:19 AM
Rank: Member

Iscritto dal : 3/1/2012
Posts: 19
Salve, ho disinstallato tutti gli antivirus ed ho installato avast come consigliato, premetto che tengo due h.d. di cui uno è installato w7 sp1 e l'altro xp sp3, ho fatto una scansione generale di tutto il computer con risultati di 25 minacce lievi prevalentemente sul disco contenente xp che ho spostato nel cestino, riavviato il sistema ho rilevato che le pagine indesiderate continuano ad aprirsi solo su w7 e con xp mai aperte, parlando con un mio amico mi diceva che anche lui tiene lo stesso problema, potrebbe essere la Microsoft che ha rilasciato qualche aggiornamento che produce questo problema? in w7 dove si trovano i punti di ripristino? in modo che se fosse qualche aggiornamento vado a ritroso finché non risolvo il problema.
Grazie anticipatamente.
Lifters
Torna in alto
 
Utenti presenti in questo topic
Guest

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » apertura pagine


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.