Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

aiuto: navigando si aprono in continuo pagine non richieste Opzioni
lucagian
Inviato: Wednesday, March 19, 2014 7:06:29 PM
Rank: AiutAmico

Iscritto dal : 10/14/2007
Posts: 44
forse si tratta di un virus, ma avira ha trovato solo HEUR/ MODIFIED.SYSTEMFILE che su internet dice che non e' preoccupante da togliere (e che comunque pone in quarantena ma si rigenera tutte le volte). E' molto fastidioso comunque, perche' le pagine che si scaricano in automatico e sono non volute (e ti invitano in genere a fare aggiornamenti di programmi vari), spesso non si riesce nemmno a chiuderle. ho windows 7. Grazie in anticipo a chi puo' aiutarmi.

Qui riporto il test fatto adw cleaner prima e dopo pulizia (ma il problema persiste),
REPORT PRIMA della pulizia:

# AdwCleaner v3.022 - Report created 19/03/2014 at 18:34:04
# Updated 13/03/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : utente01 - UTENTE01-PC
# Running from : C:\Users\utente01\Downloads\adwcleaner (2).exe
# Option : Scan

***** [ Services ] *****

Service Found : Wpm

***** [ Files / Folders ] *****

Folder Found C:\Program Files (x86)\SupTab
Folder Found C:\ProgramData\IePluginService
Folder Found C:\ProgramData\WPM
Folder Found C:\Users\utente01\AppData\Roaming\awesomehp
Folder Found C:\Users\utente01\AppData\Roaming\SupTab

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wpm
Key Found : HKLM\Software\supTab
Key Found : HKLM\Software\supWPM
Key Found : HKLM\Software\Wpm
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16521

Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.awesomehp.com/?type=hp&ts=1393895383&from=sien&uid=SAMSUNGXHM160HI_S18PJD0PC27056
Setting Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.awesomehp.com/?type=hp&ts=1393895383&from=sien&uid=SAMSUNGXHM160HI_S18PJD0PC27056

-\\ Mozilla Firefox v28.0 (it)

[ File : C:\Users\utente01\AppData\Roaming\Mozilla\Firefox\Profiles\nv181mqs.default\prefs.js ]


-\\ Google Chrome v33.0.1750.154

[ File : C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [2057 octets] - [05/02/2014 18:27:07]
AdwCleaner[R1].txt - [12485 octets] - [17/02/2014 01:43:30]
AdwCleaner[R2].txt - [12605 octets] - [17/02/2014 01:44:54]
AdwCleaner[R3].txt - [15566 octets] - [25/02/2014 20:44:01]
AdwCleaner[R4].txt - [1266 octets] - [25/02/2014 20:50:30]
AdwCleaner[R5].txt - [1451 octets] - [26/02/2014 01:08:08]
AdwCleaner[R6].txt - [1445 octets] - [26/02/2014 17:11:30]
AdwCleaner[R7].txt - [3133 octets] - [19/03/2014 18:34:04]
AdwCleaner[S0].txt - [2265 octets] - [05/02/2014 18:29:48]
AdwCleaner[S1].txt - [314 octets] - [17/02/2014 01:44:24]
AdwCleaner[S2].txt - [11802 octets] - [17/02/2014 01:47:10]
AdwCleaner[S3].txt - [14736 octets] - [25/02/2014 20:46:27]
AdwCleaner[S4].txt - [1514 octets] - [26/02/2014 01:09:42]
AdwCleaner[S5].txt - [1506 octets] - [26/02/2014 17:17:51]

########## EOF - C:\AdwCleaner\AdwCleaner[R7].txt - [3554 octets] ##########

E DOPO LA PULIZIA CON ADW STESSO:

# AdwCleaner v3.022 - Report created 19/03/2014 at 18:35:50
# Updated 13/03/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : utente01 - UTENTE01-PC
# Running from : C:\Users\utente01\Downloads\adwcleaner (2).exe
# Option : Clean

***** [ Services ] *****

Service Deleted : Wpm

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\IePluginService
Folder Deleted : C:\ProgramData\WPM
Folder Deleted : C:\Program Files (x86)\SupTab
Folder Deleted : C:\Users\utente01\AppData\Roaming\awesomehp
Folder Deleted : C:\Users\utente01\AppData\Roaming\SupTab

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\Software\supTab
Key Deleted : HKLM\Software\supWPM
Key Deleted : HKLM\Software\Wpm
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wpm

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16521

Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v28.0 (it)

[ File : C:\Users\utente01\AppData\Roaming\Mozilla\Firefox\Profiles\nv181mqs.default\prefs.js ]


-\\ Google Chrome v33.0.1750.154

[ File : C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [2057 octets] - [05/02/2014 18:27:07]
AdwCleaner[R1].txt - [12485 octets] - [17/02/2014 01:43:30]
AdwCleaner[R2].txt - [12605 octets] - [17/02/2014 01:44:54]
AdwCleaner[R3].txt - [15566 octets] - [25/02/2014 20:44:01]
AdwCleaner[R4].txt - [1266 octets] - [25/02/2014 20:50:30]
AdwCleaner[R5].txt - [1451 octets] - [26/02/2014 01:08:08]
AdwCleaner[R6].txt - [1445 octets] - [26/02/2014 17:11:30]
AdwCleaner[R7].txt - [3654 octets] - [19/03/2014 18:34:04]
AdwCleaner[S0].txt - [2265 octets] - [05/02/2014 18:29:48]
AdwCleaner[S1].txt - [314 octets] - [17/02/2014 01:44:24]
AdwCleaner[S2].txt - [11802 octets] - [17/02/2014 01:47:10]
AdwCleaner[S3].txt - [14736 octets] - [25/02/2014 20:46:27]
AdwCleaner[S4].txt - [1514 octets] - [26/02/2014 01:09:42]
AdwCleaner[S5].txt - [1506 octets] - [26/02/2014 17:17:51]
AdwCleaner[S6].txt - [3312 octets] - [19/03/2014 18:35:50]

########## EOF - C:\AdwCleaner\AdwCleaner[S6].txt - [3372 octets] ##########
Sponsor
Inviato: Wednesday, March 19, 2014 7:06:29 PM

 
cbbusto
Inviato: Thursday, March 20, 2014 3:04:02 PM

Rank: AiutAmico

Iscritto dal : 11/8/2008
Posts: 13,964
Avevi un dirottatore, awesomehp che è stato eliminato.
Controlla fra i componenti aggiuntivi e i motori di ricerca del browser se trovi qualche voce sconosciuta e la elimini.
Poi fai queste scansioni:

Scarica ed installa MalwareBytes:
clicca qui per il download : http://www.aiutamici.com/software?id=80346
Clicca su: Link al sito principale, poi nella pagina che appare clicca su: Free Version Download.
Prima di fare la scansione AGGIORNALO. (è molto importante)
Esegui una scansione COMPLETA del sistema. (NON veloce)
Elimina gli eventuali file infetti trovati. (li devi selezionare, e poi cliccare su "Rimuovi selezionati")
Posta il log.

Scarica JunkerRemovalTool da qui: http://thisisudax.org/downloads/JRT.exe
Una volta scaricato chiudere tutti i programmi e il browser, per evitare conflitti disattiva momentaneamente anche l’antivirus, lancialo cliccando sull’eseguibile.
Per Vista win 7 e win 8 clic col destro sull’eseguibile ed Eseguire come Amministratore.
Appare il prompt dei comandi, premere un tasto per continuare e il programma inizia la scansione, può durare diversi minuti, lascia fare senza toccare nulla anche se sembra fermo, alla fine appare il Blocco Note col log, JRT.txt copialo e postalo qui.

Tutte le scansioni vanno fatte in modalità NORMALE.

Poi posta un log di Hijack This, se non conosci il programma scaricalo da QUI, clic in alto a destra ultima vs, salvalo sul desktop in una cartella sua e poi clic sul primo pulsante, Do a systemscan and save a logfile, Il LOG di HijackThis va eseguito in avvio normale.

Ciao
lucagian
Inviato: Thursday, March 20, 2014 5:24:41 PM
Rank: AiutAmico

Iscritto dal : 10/14/2007
Posts: 44
riispondo con quote anziche' edit va bene?
prima di inviare ho cancellato quello che mi appariva qui del mio vecchio post, non so se' giusto?

fra poco scrivo nel merito del problema
lucagian
Inviato: Thursday, March 20, 2014 6:00:32 PM
Rank: AiutAmico

Iscritto dal : 10/14/2007
Posts: 44
ciao cbusto,
ora ho visto anche il tasto reply che sto usando (ma da qui non vedo piu' la tua risposta): mi servirebbe un po' piu di chiarezza (utilizzando questo forum saltuariamente non mi ricordo bene i meccanismi e le varie possibilita' che ci sono per comunicare).
Dunque:
1)avevo cominciato ad eseguire r16 (c'era un argomento dedicato che non avevo visto), ma ti dico subito che purtroppo non ha funzionato: riaccedendo al sito aiutamici sono ricominciate le pagine pubblicitarie a tratti quasi ha rendere impossibile la navigazione;
NB:avevo fatto tutto, tranne non riuscire nell'ultimo pezzo ovverosia copia incolla non funziona perche' dopo "forum link" non succedeva piu' nulla (ma ti segnaloo che gia' erano tornate interferenze e reindirizzamneti colle pagine pubblictarie);
2)comunque copio ed incollo qui tutti i risultati (le strisciate sono molto lunghe e non so se sara' possibile ma ci provo: ma c'e forse un modo piu' efficiente per postarli come file allegati?), inserisco anche il risultato di hijathis come da te richiesto e che ho scaricato no senza difficolta' per il solito problema colle pagine;
3)l'altra cosa che tu consigliavi (quella sdei siti) non l'ho fatta perche' non saprei come fare

grazie in anticipo

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:16:24, on 20/03/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16521)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\View-Password\ViewPassword_wd.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Glary Utilities 4\Integrator.exe
C:\Program Files (x86)\Microsoft Office\OFFICE11\EXCEL.EXE
C:\Program Files (x86)\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\utente01\Downloads\OTL.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:13828
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Avira SearchFree Toolbar BHO - {41564952-412D-5637-4300-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll" (file missing)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll" (file missing)
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
O4 - HKUS\S-1-5-21-2632353578-1688595292-793482499-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2632353578-1688595292-793482499-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Pianificatore (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Servizio Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: View Password (ViewPassword) - Unknown owner - C:\Program Files (x86)\View-Password\ViewPassword154.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9476 bytes

OTL logfile created on: 20/03/2014 16:22:06 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\utente01\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16521)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

4,00 Gb Total Physical Memory | 2,79 Gb Available Physical Memory | 69,80% Memory free
8,00 Gb Paging File | 6,46 Gb Available in Paging File | 80,77% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 137,56 Gb Total Space | 95,06 Gb Free Space | 69,10% Space Free | Partition Type: NTFS

Computer Name: UTENTE01-PC | User Name: utente01 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

========== Processes (SafeList) ==========

PRC - C:\Users\utente01\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Glary Utilities 4\Integrator.exe (Glarysoft Ltd)
PRC - C:\Program Files (x86)\View-Password\ViewPassword154.exe ()
PRC - C:\Program Files (x86)\View-Password\ViewPassword_wd.exe ()
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)


========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files (x86)\Glary Utilities 4\zlib1.dll ()
MOD - C:\Program Files (x86)\View-Password\ViewPassword_wd.exe ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl ()


========== Services (SafeList) ==========

SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirWebService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (c2cautoupdatesvc) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation)
SRV - (c2cpnrsvc) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Microsoft Corporation)
SRV - (ViewPassword) -- C:\Program Files (x86)\View-Password\ViewPassword154.exe ()
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (APNMCP) -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe ()
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (avgtp) -- C:\Windows\SysNative\drivers\avgtpx64.sys (AVG Technologies)
DRV:64bit: - (avnetflt) -- C:\Windows\SysNative\drivers\avnetflt.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (usb_rndisx) -- C:\Windows\SysNative\drivers\usb8023x.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (smserial) -- C:\Windows\SysNative\drivers\SmSerl64.sys (Motorola Inc.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek Corporation )
DRV:64bit: - (netw5v64) -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics, Inc.)
DRV:64bit: - (rimmptsk) -- C:\Windows\SysNative\drivers\rimmpx64.sys (REDC)
DRV:64bit: - (rismxdp) -- C:\Windows\SysNative\drivers\rixdpx64.sys (REDC)
DRV:64bit: - (rimsptsk) -- C:\Windows\SysNative\drivers\rimspx64.sys (REDC)
DRV:64bit: - (HpqRemHid) -- C:\Windows\SysNative\drivers\HpqRemHid.sys (Hewlett-Packard Development Company, L.P.)
DRV:64bit: - (HpqKbFiltr) -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd0202ff&cd=2XzuyEtN2Y1L1QzutDtDtC0EyCzz0EtAzztAyByDzzyE0FtAtN0D0Tzu0SyByBzztN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=2042390007&ir=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2632353578-1688595292-793482499-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-2632353578-1688595292-793482499-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
IE - HKU\S-1-5-21-2632353578-1688595292-793482499-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = it
IE - HKU\S-1-5-21-2632353578-1688595292-793482499-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2632353578-1688595292-793482499-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search
IE - HKU\S-1-5-21-2632353578-1688595292-793482499-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-2632353578-1688595292-793482499-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:13828

IE - HKU\S-1-5-21-2632353578-1688595292-793482499-1001\..\SearchScopes,DefaultScope =

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:28.0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2014/03/19 17:00:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\utente01\AppData\Roaming\mozilla\Extensions
[2014/03/19 16:59:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2014/03/19 16:59:42 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.it/
CHR - plugin: Error reading preferences file
CHR - Extension: Documenti Google = C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Ricerca Google = C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Skype Click to Call = C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.1.15383.6004_0\
CHR - Extension: Google Wallet = C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2014/03/07 19:06:27 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Avira SearchFree Toolbar) - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll (APN LLC.)
O2 - BHO: (Avira SearchFree Toolbar) - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll (APN LLC.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Avira SearchFree Toolbar) - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll (APN LLC.)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar) - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll (APN LLC.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-2632353578-1688595292-793482499-1000..\Run: [Spybot-S&D Cleaning] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-2632353578-1688595292-793482499-1001..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2632353578-1688595292-793482499-1001..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2632353578-1688595292-793482499-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2632353578-1688595292-793482499-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-2632353578-1688595292-793482499-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O9 - Extra Button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5911190B-706B-4DD9-BB91-0BFBE8D20233}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9B38E912-A399-4A3D-A6EF-1121914367B6}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D701520D-ADB1-4912-84D4-83A47ED47B9D}: DhcpNameServer = 192.168.50.200 192.168.50.202
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 60 Days ==========

[2014/03/20 15:44:38 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/03/19 18:25:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2014/03/19 18:25:07 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2014/03/19 16:59:54 | 000,000,000 | ---D | C] -- C:\Users\utente01\AppData\Roaming\Mozilla
[2014/03/19 16:59:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2014/03/13 19:45:22 | 000,000,000 | ---D | C] -- C:\Users\utente01\Desktop\LAURA VECCHIO MACCHIE
[2014/03/11 22:09:40 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wer.dll
[2014/03/11 22:09:40 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wer.dll
[2014/03/11 22:09:37 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/03/11 22:09:37 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/03/11 22:09:36 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/03/11 22:09:34 | 001,964,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/03/11 22:09:34 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/03/11 22:09:34 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/03/11 22:09:34 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/03/11 22:09:34 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/03/11 22:09:34 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/03/11 22:09:33 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/03/11 22:09:32 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/03/11 22:09:32 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/03/11 22:09:31 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/03/11 22:09:31 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/03/11 22:09:30 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/03/11 22:09:30 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/03/11 22:09:30 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/03/11 22:09:30 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/03/11 22:09:29 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/03/11 22:09:28 | 005,768,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/03/11 22:09:28 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/03/11 22:09:28 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/03/11 22:09:27 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/03/11 22:09:26 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014/03/11 22:08:05 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2014/03/11 22:08:05 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2014/03/11 22:08:04 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2014/03/10 10:55:49 | 000,000,000 | ---D | C] -- C:\Users\utente01\Desktop\ASSICURAZIONI
[2014/03/10 10:19:55 | 000,000,000 | ---D | C] -- C:\Users\utente01\Desktop\LIBRI
[2014/03/10 01:04:07 | 000,000,000 | ---D | C] -- C:\Users\utente01\Desktop\INFORMATICA
[2014/03/10 00:37:36 | 000,000,000 | ---D | C] -- C:\Users\utente01\Desktop\MONITOR TV
[2014/03/10 00:09:01 | 000,000,000 | ---D | C] -- C:\Users\utente01\Desktop\FOTOGRAFIE
[2014/03/10 00:07:11 | 000,000,000 | ---D | C] -- C:\Users\utente01\Desktop\SCUOLA
[2014/03/09 23:40:45 | 000,000,000 | ---D | C] -- C:\Users\utente01\Desktop\VARIE
[2014/03/09 23:39:26 | 000,000,000 | ---D | C] -- C:\Users\utente01\Desktop\BONIFICI
[2014/03/09 23:39:08 | 000,000,000 | ---D | C] -- C:\Users\utente01\Desktop\GALL
[2014/03/09 23:38:51 | 000,000,000 | ---D | C] -- C:\Users\utente01\Desktop\LAURA MIRRI
[2014/03/08 09:18:55 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014/03/07 23:16:17 | 000,000,000 | --SD | C] -- C:\ComboFix
[2014/03/07 19:09:14 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2014/03/07 18:59:41 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2014/03/07 18:59:41 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2014/03/07 18:59:41 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2014/03/07 18:56:17 | 000,000,000 | ---D | C] -- C:\Qoobox
[2014/03/07 18:55:58 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2014/03/07 17:18:12 | 000,000,000 | ---D | C] -- C:\Users\utente01\Desktop\TOPOGRAFIA
[2014/03/04 03:13:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MonitorDriver
[2014/03/04 02:09:18 | 000,000,000 | ---D | C] -- C:\Users\utente01\AppData\Roaming\ SAMSUNG T24C300EW user guide
[2014/02/26 14:21:25 | 006,574,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2014/02/26 14:21:25 | 005,694,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2014/02/25 20:45:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs
[2014/02/24 09:05:20 | 000,000,000 | ---D | C] -- C:\Users\utente01\Desktop\telecomGALL
[2014/02/24 01:25:27 | 000,000,000 | ---D | C] -- C:\Temp
[2014/02/23 12:29:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\View-Password
[2014/02/18 20:57:22 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll
[2014/02/18 20:57:19 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys
[2014/02/18 20:57:19 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
[2014/02/18 20:57:19 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2014/02/18 20:57:18 | 001,147,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2014/02/18 20:57:18 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2014/02/18 20:57:18 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe
[2014/02/18 20:57:18 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe
[2014/02/18 20:57:18 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2014/02/18 20:57:18 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll
[2014/02/18 20:57:18 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2014/02/18 20:57:18 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll
[2014/02/18 20:57:18 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll
[2014/02/18 20:57:18 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll
[2014/02/18 20:57:17 | 001,057,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdvidcrl.dll
[2014/02/18 20:57:17 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdvidcrl.dll
[2014/02/18 20:56:44 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll
[2014/02/18 20:56:42 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbGD.sys
[2014/02/18 20:56:42 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys
[2014/02/18 20:56:41 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2014/02/18 20:56:41 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll
[2014/02/18 20:56:41 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll
[2014/02/18 20:56:40 | 003,174,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2014/02/18 20:56:00 | 001,030,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWorkspace.dll
[2014/02/18 20:56:00 | 000,792,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TSWorkspace.dll
[2014/02/18 20:55:44 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2014/02/18 20:55:44 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2014/02/17 16:53:48 | 000,000,000 | ---D | C] -- C:\Users\utente01\Desktop\DANNI VIA MANTEGNA PIANO SECONDO
[2014/02/17 08:42:18 | 000,000,000 | ---D | C] -- C:\Mozilla
[2014/02/17 01:18:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 4
[2014/02/17 01:18:48 | 000,000,000 | ---D | C] -- C:\Users\utente01\AppData\Roaming\GlarySoft
[2014/02/17 01:18:47 | 000,117,024 | ---- | C] (Glarysoft Ltd) -- C:\Windows\SysNative\BootDefrag.exe
[2014/02/17 01:18:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Glary Utilities 4
[2014/02/16 23:31:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2014/02/16 23:31:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2014/02/16 23:27:32 | 000,000,000 | ---D | C] -- C:\Users\utente01\AppData\Roaming\viddyhddownload
[2014/02/16 23:27:30 | 000,000,000 | ---D | C] -- C:\Users\utente01\AppData\Roaming\53013bf0e56da1c960017f21
[2014/02/16 22:13:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2014/02/16 22:13:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2014/02/16 22:13:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014/02/16 22:12:58 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014/02/16 22:12:35 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014/02/16 22:12:35 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014/02/16 22:12:35 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014/02/16 22:12:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/02/16 22:12:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2014/02/15 22:48:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/02/14 01:25:55 | 000,548,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/02/13 15:46:56 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2014/02/13 15:46:56 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2014/02/13 15:46:37 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2014/02/13 15:46:37 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2014/02/13 15:46:37 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2014/02/13 15:46:37 | 000,572,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2014/02/13 15:46:37 | 000,553,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2014/02/13 15:46:37 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2014/02/13 15:46:37 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2014/02/13 15:46:37 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2014/02/13 15:46:37 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2014/02/13 15:46:37 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2014/02/13 15:46:36 | 000,528,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll
[2014/02/13 15:46:36 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2014/02/13 15:46:36 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2014/02/13 15:46:36 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2014/02/13 15:46:36 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2014/02/13 15:46:36 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2014/02/13 15:46:36 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2014/02/13 15:46:20 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2014/02/13 15:46:19 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2014/02/13 15:34:37 | 000,000,000 | ---D | C] -- C:\Users\utente01\AppData\Local\Diagnostics
[2014/02/12 17:25:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2014/02/12 17:25:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2014/02/12 17:25:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2014/02/12 17:23:47 | 000,000,000 | ---D | C] -- C:\Users\utente01\AppData\Local\Adobe
[2014/02/12 17:08:20 | 000,000,000 | ---D | C] -- C:\Users\utente01\AppData\Local\WinZip
[2014/02/12 17:07:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
[2014/02/12 17:07:29 | 000,000,000 | ---D | C] -- C:\ProgramData\WinZip
[2014/02/12 17:07:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinZip
[2014/02/10 16:56:52 | 000,921,000 | ---- | C] (Oracle Corporation) -- C:\Users\utente01\Desktop\jxpiinstall.exe
[2014/02/10 12:46:52 | 000,000,000 | ---D | C] -- C:\Users\utente01\Application Data
[2014/02/10 11:23:19 | 000,000,000 | ---D | C] -- C:\Users\utente01\Desktop\PROGRAMMI
[2014/02/10 00:28:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2014/02/10 00:27:55 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2014/02/10 00:27:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2014/02/07 22:12:13 | 000,000,000 | ---D | C] -- C:\Users\utente01\AppData\Roaming\Macromedia
[2014/02/07 22:12:13 | 000,000,000 | ---D | C] -- C:\Users\utente01\AppData\Local\Macromedia
[2014/02/07 22:11:19 | 000,692,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/02/07 22:11:19 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/02/07 22:11:18 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2014/02/07 22:11:16 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2014/02/05 19:14:08 | 000,000,000 | ---D | C] -- C:\Users\utente01\AppData\Roaming\LavasoftStatistics
[2014/02/05 19:14:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2014/02/05 19:13:56 | 000,000,000 | ---D | C] -- C:\Users\utente01\AppData\Roaming\Ad-Aware Antivirus
[2014/02/05 18:29:40 | 000,046,368 | ---- | C] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2014/02/05 18:27:02 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2014/02/05 18:26:56 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/02/05 18:03:01 | 000,000,000 | ---D | C] -- C:\Users\utente01\.android
[2014/02/05 18:02:59 | 000,000,000 | ---D | C] -- C:\Users\utente01\AppData\Local\cache
[2014/02/05 17:22:36 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2014/02/05 17:22:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Licenses
[2014/02/05 17:22:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
[2014/02/05 17:22:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpywareBlaster
[2014/02/05 00:21:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2014/02/05 00:21:33 | 000,021,040 | ---- | C] (Safer Networking Limited) -- C:\Windows\SysNative\sdnclean64.exe
[2014/02/05 00:21:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2014/02/05 00:21:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2014/02/05 00:19:04 | 000,000,000 | ---D | C] -- C:\Users\utente01\AppData\Roaming\Malwarebytes
[2014/02/05 00:17:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014/02/05 00:17:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/02/05 00:17:33 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/02/05 00:17:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2014/02/05 00:16:52 | 000,000,000 | ---D | C] -- C:\Users\utente01\AppData\Local\Programs
[2014/02/04 23:45:17 | 000,000,000 | ---D | C] -- C:\Users\utente01\Desktop\FILM
[2014/02/04 16:55:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014/02/04 16:53:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2014/02/04 16:53:37 | 000,000,000 | ---D | C] -- C:\Users\utente01\AppData\Local\Google
[2014/02/04 16:52:14 | 000,000,000 | ---D | C] -- C:\Users\utente01\AppData\Local\Apps
[2014/02/04 16:52:13 | 000,000,000 | ---D | C] -- C:\Users\utente01\AppData\Local\Deployment
[2014/02/04 16:43:34 | 000,000,000 | ---D | C] -- C:\Users\utente01\AppData\Local\Skype
[2014/02/04 16:43:24 | 000,000,000 | ---D | C] -- C:\Users\utente01\AppData\Roaming\Skype
[2014/02/04 16:43:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2014/02/04 16:43:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2014/02/04 16:43:16 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2014/02/04 16:43:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2014/02/04 16:12:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2014/02/04 16:12:50 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2014/02/04 15:49:43 | 000,000,000 | R--D | C] -- C:\Users\utente01\Desktop\doctor
[2014/02/04 15:25:20 | 000,000,000 | ---D | C] -- C:\Users\utente01\AppData\Local\Mozilla
[2014/02/04 15:25:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2014/02/04 15:07:31 | 000,000,000 | ---D | C] -- C:\ProgramData\AskPartnerNetwork
[2014/02/04 15:07:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AskPartnerNetwork
[2014/02/04 15:07:03 | 000,000,000 | ---D | C] -- C:\Users\utente01\AppData\Roaming\Avira
[2014/02/04 15:05:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2014/02/04 15:05:30 | 000,131,576 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2014/02/04 15:05:30 | 000,108,440 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2014/02/04 15:05:30 | 000,084,720 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avnetflt.sys
[2014/02/04 15:05:30 | 000,028,600 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2014/02/04 15:05:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2014/02/04 15:05:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2014/02/03 17:24:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2014/02/03 17:23:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2014/02/03 17:23:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2014/02/03 17:23:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio
[2014/02/03 17:22:40 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2014/02/03 17:22:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2014/02/03 17:21:39 | 000,000,000 | R--D | C] -- C:\MSOCache
[2014/02/03 16:04:32 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2014/02/03 15:29:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2014/02/03 15:28:54 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2014/02/03 15:09:30 | 000,172,032 | ---- | C] (Ricoh Company,Ltd) -- C:\Windows\SysNative\rixdicon.dll
[2014/02/03 15:09:30 | 000,060,928 | ---- | C] (REDC) -- C:\Windows\SysNative\drivers\rimmpx64.sys
[2014/02/03 15:09:30 | 000,057,856 | ---- | C] (REDC) -- C:\Windows\SysNative\drivers\rixdpx64.sys
[2014/02/03 15:09:29 | 000,090,112 | ---- | C] (Sony Corporation) -- C:\Windows\SysNative\snymsico.dll
[2014/02/03 15:09:29 | 000,055,296 | ---- | C] (REDC) -- C:\Windows\SysNative\drivers\rimspx64.sys
[2014/02/03 15:09:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2014/02/03 15:03:36 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2014/02/03 15:01:00 | 001,919,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wdfcoinstaller01005.dll
[2014/02/03 15:00:59 | 000,018,432 | ---- | C] (Hewlett-Packard Development Company, L.P.) -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys
[2014/02/03 15:00:57 | 001,560,576 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\SysWow64\BttnCmns_64.dll
[2014/02/03 15:00:57 | 001,560,576 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\SysWow64\BttnCmns.dll
[2014/02/03 15:00:57 | 000,987,136 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\SysWow64\BttnCmn.dll
[2014/02/03 15:00:57 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2014/02/03 15:00:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hewlett-Packard
[2014/02/03 15:00:39 | 000,000,000 | ---D | C] -- C:\Users\utente01\AppData\Roaming\InstallShield
[2014/02/03 15:00:11 | 000,315,392 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\HideWin.exe
[2014/02/03 14:40:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2014/02/03 14:40:05 | 000,000,000 | ---D | C] -- C:\Intel
[2014/02/03 14:40:04 | 000,000,000 | ---D | C] -- C:\swsetup
[2014/02/03 14:24:01 | 000,028,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEUDINIT.EXE
[2014/02/03 14:24:00 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2014/02/03 14:24:00 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2014/02/03 14:23:59 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2014/02/03 14:23:59 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2014/02/03 14:23:56 | 002,565,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2014/02/03 14:23:56 | 001,699,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2014/02/03 14:23:56 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2014/02/03 14:23:56 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2014/02/03 14:23:56 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe
[2014/02/03 14:23:56 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2014/02/03 14:23:56 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2014/02/03 14:23:51 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2014/02/03 14:16:40 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2014/02/03 14:16:36 | 001,051,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014/02/03 14:16:36 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll
[2014/02/03 14:16:36 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2014/02/03 14:16:36 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2014/02/03 14:16:36 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2014/02/03 14:16:36 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2014/02/03 14:16:36 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2014/02/03 14:16:36 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2014/02/03 14:16:36 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2014/02/03 14:16:36 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2014/02/03 14:16:36 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/02/03 14:16:36 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2014/02/03 14:16:36 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2014/02/03 14:16:36 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2014/02/03 14:16:36 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/02/03 14:16:36 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2014/02/03 14:16:35 | 001,228,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014/02/03 14:16:35 | 000,942,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll
[2014/02/03 14:16:35 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2014/02/03 14:16:35 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2014/02/03 14:16:35 | 000,610,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2014/02/03 14:16:35 | 000,453,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/02/03 14:16:35 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2014/02/03 14:16:35 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/02/03 14:16:35 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2014/02/03 14:16:35 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2014/02/03 14:16:35 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2014/02/03 14:16:35 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2014/02/03 14:16:35 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2014/02/03 14:16:35 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2014/02/03 14:16:35 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2014/02/03 14:16:35 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2014/02/03 14:16:35 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2014/02/03 14:16:35 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2014/02/03 14:16:35 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2014/02/03 14:16:35 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2014/02/03 14:16:35 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2014/02/03 14:16:35 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2014/02/03 14:16:35 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2014/02/03 14:16:35 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/02/03 14:16:35 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014/02/03 14:16:35 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2014/02/03 14:16:35 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2014/02/03 14:16:35 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2014/02/03 14:16:35 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2014/02/03 14:16:35 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014/02/03 14:16:35 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2014/02/03 14:16:35 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2014/02/03 14:16:35 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2014/02/03 14:16:35 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014/02/03 14:16:35 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2014/02/03 14:16:35 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2014/02/03 14:16:35 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2014/02/03 14:16:35 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2014/02/03 14:09:21 | 000,000,000 | ---D | C] -- C:\Users\utente01\AppData\Roaming\Adobe
[2014/01/31 18:50:25 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2014/01/31 18:50:24 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2014/01/31 18:50:24 | 011,410,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2014/01/31 18:50:22 | 014,631,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2014/01/31 18:27:04 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2014/01/31 18:26:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2014/01/31 18:26:34 | 006,669,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2014/01/31 18:26:34 | 003,489,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2014/01/31 18:26:34 | 002,559,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2014/01/31 18:26:34 | 000,219,424 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2014/01/31 18:26:34 | 000,063,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2014/01/31 18:26:15 | 000,061,216 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2014/01/31 18:26:15 | 000,053,024 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2014/01/31 18:24:40 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2014/01/31 18:24:35 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2014/01/31 17:27:59 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2014/01/31 17:27:59 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2014/01/31 17:27:59 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2014/01/31 17:27:59 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2014/01/31 17:27:59 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2014/01/31 17:27:59 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2014/01/31 17:27:59 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2014/01/31 17:27:59 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2014/01/31 17:27:59 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2014/01/31 17:27:59 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2014/01/31 17:27:59 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2014/01/31 17:27:59 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2014/01/31 17:27:59 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2014/01/31 17:27:59 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2014/01/31 17:27:59 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2014/01/31 17:27:59 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2014/01/31 17:27:59 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2014/01/31 17:27:59 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2014/01/31 17:27:59 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2014/01/31 17:27:59 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2014/01/31 17:27:59 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2014/01/31 17:27:59 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2014/01/31 17:27:59 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2014/01/31 17:27:59 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2014/01/31 17:27:59 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2014/01/31 17:27:59 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2014/01/31 17:27:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2014/01/31 17:27:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2014/01/31 17:27:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2014/01/31 17:27:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2014/01/31 17:27:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2014/01/31 17:27:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2014/01/31 17:27:59 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2014/01/31 17:27:59 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2014/01/31 17:12:36 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe
[2014/01/31 16:52:34 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2014/01/31 16:52:33 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2014/01/31 16:52:33 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2014/01/31 16:52:33 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2014/01/31 16:44:27 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2014/01/31 16:41:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2014/01/31 16:38:15 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2014/01/31 16:38:15 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2014/01/31 16:38:06 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2014/01/31 16:38:03 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2014/01/31 16:38:02 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2014/01/31 16:38:02 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\credui.dll
[2014/01/31 16:38:02 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmartcardCredentialProvider.dll
[2014/01/31 16:38:02 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
[2014/01/31 16:37:56 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2014/01/31 16:37:56 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2014/01/31 16:37:56 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2014/01/31 16:37:56 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2014/01/31 16:37:56 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2014/01/31 16:37:56 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2014/01/31 16:37:43 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2014/01/31 16:37:43 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2014/01/31 16:37:40 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2014/01/31 16:37:40 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2014/01/31 16:37:39 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2014/01/31 16:37:39 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2014/01/31 16:37:39 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2014/01/31 16:37:39 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2014/01/31 16:37:39 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2014/01/31 16:37:39 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2014/01/31 16:37:39 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2014/01/31 16:37:39 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2014/01/31 16:37:39 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2014/01/31 16:37:39 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2014/01/31 16:37:39 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2014/01/31 16:37:39 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2014/01/31 16:37:39 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2014/01/31 16:37:39 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2014/01/31 16:37:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2014/01/31 16:37:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2014/01/31 16:37:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2014/01/31 16:37:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2014/01/31 16:37:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2014/01/31 16:37:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2014/01/31 16:37:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2014/01/31 16:37:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2014/01/31 16:37:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2014/01/31 16:37:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2014/01/31 16:37:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2014/01/31 16:37:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2014/01/31 16:37:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2014/01/31 16:37:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2014/01/31 16:37:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2014/01/31 16:37:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2014/01/31 16:37:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2014/01/31 16:37:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2014/01/31 16:37:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/01/31 16:37:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/01/31 16:37:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2014/01/31 16:37:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2014/01/31 16:37:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2014/01/31 16:37:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2014/01/31 16:37:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2014/01/31 16:37:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2014/01/31 16:37:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2014/01/31 16:37:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2014/01/31 16:37:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2014/01/31 16:37:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2014/01/31 16:37:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2014/01/31 16:37:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2014/01/31 16:37:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2014/01/31 16:37:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2014/01/31 16:37:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2014/01/31 16:37:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2014/01/31 16:37:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2014/01/31 16:37:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2014/01/31 16:37:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2014/01/31 16:37:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2014/01/31 16:37:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2014/01/31 16:37:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2014/01/31 16:37:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2014/01/31 16:37:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2014/01/31 16:37:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2014/01/31 16:37:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2014/01/31 16:37:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2014/01/31 16:37:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2014/01/31 16:37:19 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2014/01/31 16:37:12 | 001,888,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2014/01/31 16:37:11 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2014/01/31 16:37:11 | 001,620,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2014/01/31 16:37:10 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2014/01/31 16:37:10 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2014/01/31 16:37:10 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2014/01/31 16:37:10 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2014/01/31 16:37:10 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2014/01/31 16:37:10 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2014/01/31 16:37:10 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2014/01/31 16:37:10 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2014/01/31 16:37:10 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2014/01/31 16:37:10 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2014/01/31 16:37:10 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2014/01/31 16:37:10 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2014/01/31 16:37:08 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2014/01/31 16:37:08 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2014/01/31 16:37:08 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2014/01/31 16:37:08 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2014/01/31 16:37:05 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2014/01/31 16:36:58 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2014/01/31 16:36:58 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2014/01/31 16:36:57 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2014/01/31 16:36:57 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2014/01/31 16:36:57 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2014/01/31 16:36:55 | 000,368,128 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2014/01/31 16:36:54 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2014/01/31 16:36:54 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2014/01/31 16:36:54 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2014/01/31 16:36:54 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2014/01/31 16:36:54 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lpk.dll
[2014/01/31 16:36:54 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2014/01/31 16:36:54 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll
[2014/01/31 16:36:47 | 001,474,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2014/01/31 16:36:47 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2014/01/31 16:36:44 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2014/01/31 16:36:44 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2014/01/31 16:36:42 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
[2014/01/31 16:36:42 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
[2014/01/31 16:36:42 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2014/01/31 16:36:41 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2014/01/31 16:36:28 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys
[2014/01/31 16:36:26 | 000,155,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ataport.sys
[2014/01/31 16:36:26 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2014/01/31 16:36:24 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2014/01/31 16:36:24 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2014/01/31 16:36:24 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2014/01/31 16:36:24 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2014/01/31 16:36:24 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2014/01/31 16:36:24 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2014/01/31 16:36:24 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2014/01/31 16:36:24 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2014/01/31 16:36:24 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2014/01/31 16:36:23 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2014/01/31 16:36:23 | 000,335,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msieftp.dll
[2014/01/31 16:36:23 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msieftp.dll
[2014/01/31 16:36:22 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2014/01/31 16:36:22 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2014/01/31 16:36:22 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2014/01/31 16:36:19 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll
[2014/01/31 16:36:18 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll
[2014/01/31 16:36:17 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2014/01/31 16:36:17 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2014/01/31 16:36:17 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2014/01/31 16:36:16 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2014/01/31 16:36:16 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2014/01/31 16:36:14 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rndismpx.sys
[2014/01/31 16:36:14 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023x.sys
[2014/01/31 16:36:14 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
[2014/01/31 16:36:11 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll
[2014/01/31 16:36:11 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2014/01/31 16:36:11 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll
[2014/01/31 16:36:11 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2014/01/31 16:36:11 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2014/01/31 16:36:11 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2014/01/31 16:36:09 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2014/01/31 16:36:09 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2014/01/31 16:36:09 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2014/01/31 16:36:08 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys
[2014/01/31 16:36:08 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys
[2014/01/31 16:36:04 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2014/01/31 16:36:03 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll
[2014/01/31 16:36:03 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll
[2014/01/31 16:36:02 | 001,217,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2014/01/31 16:36:02 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2014/01/31 16:36:02 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll
[2014/01/31 16:36:01 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe
[2014/01/31 16:35:52 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys
[2014/01/31 16:35:52 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidparse.sys
[2014/01/31 16:35:50 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2014/01/31 16:28:02 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2014/01/31 16:27:58 | 005,549,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2014/01/31 16:27:57 | 003,969,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2014/01/31 16:27:57 | 003,914,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2014/01/31 16:27:57 | 001,732,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2014/01/31 16:27:57 | 000,878,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
[2014/01/31 16:27:57 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdh.dll
[2014/01/31 16:27:56 | 000,619,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdh.dll
[2014/01/31 16:27:56 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2014/01/31 16:27:56 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2014/01/31 16:27:56 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2014/01/31 16:27:56 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2014/01/31 16:27:56 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2014/01/31 16:27:56 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2014/01/31 16:27:52 | 000,376,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2014/01/31 16:27:44 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
[2014/01/31 16:27:44 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2014/01/31 16:27:44 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll
[2014/01/31 16:27:44 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll
[2014/01/31 16:27:44 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs
[2014/01/31 16:27:44 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs
[2014/01/31 16:27:44 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs
[2014/01/31 16:27:44 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs
[2014/01/31 16:27:44 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs
[2014/01/31 16:27:44 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs
[2014/01/31 16:27:44 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs
[2014/01/31 16:27:44 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs
[2014/01/31 16:27:44 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs
[2014/01/31 16:27:44 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs
[2014/01/31 16:27:44 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs
[2014/01/31 16:27:44 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs
[2014/01/31 16:27:44 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs
[2014/01/31 16:27:44 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs
[2014/01/31 16:27:44 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs
[2014/01/31 16:27:44 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs
[2014/01/31 16:27:44 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs
[2014/01/31 16:27:44 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs
[2014/01/31 16:27:44 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs
[2014/01/31 16:27:44 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs
[2014/01/31 16:27:44 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs
[2014/01/31 16:27:44 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs
[2014/01/31 16:27:44 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs
[2014/01/31 16:27:44 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs
[2014/01/31 16:27:44 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs
[2014/01/31 16:27:44 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs
[2014/01/31 16:27:44 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs
[2014/01/31 16:27:44 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs
[2014/01/31 16:27:36 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2014/01/31 16:27:36 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2014/01/31 16:27:36 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2014/01/31 16:27:36 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2014/01/31 16:27:31 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptdlg.dll
[2014/01/31 16:27:31 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptdlg.dll
[2014/01/31 16:27:25 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2014/01/31 16:27:24 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2014/01/31 16:27:24 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2014/01/31 16:27:12 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2014/01/31 16:27:09 | 000,605,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2014/01/31 16:27:09 | 000,566,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2014/01/31 16:27:08 | 000,642,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2014/01/31 16:27:08 | 000,518,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2014/01/31 16:27:08 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2014/01/31 16:27:08 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2014/01/31 16:27:08 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2014/01/31 16:26:47 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2014/01/31 16:26:47 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2014/01/31 16:26:45 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll
[2014/01/31 16:26:45 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll
[2014/01/31 16:26:44 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe
[2014/01/31 16:26:43 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2014/01/31 16:26:43 | 000,492,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2014/01/31 16:26:39 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2014/01/31 16:26:34 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2014/01/31 16:26:26 | 000,124,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2014/01/31 16:26:26 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2014/01/31 16:26:25 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2014/01/31 16:26:25 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2014/01/31 16:26:24 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2014/01/31 16:26:22 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2014/01/31 16:26:22 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2014/01/31 16:26:22 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2014/01/31 16:26:22 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2014/01/31 16:26:21 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2014/01/31 16:26:18 | 001,192,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certutil.exe
[2014/01/31 16:26:18 | 000,903,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certutil.exe
[2014/01/31 16:26:17 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certenc.dll
[2014/01/31 16:26:17 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certenc.dll
[2014/01/31 16:26:10 | 000,461,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scavengeui.dll
[2014/01/31 16:26:09 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2014/01/31 16:26:06 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2014/01/31 16:26:06 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2014/01/31 16:26:02 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2014/01/31 16:26:02 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2014/01/31 16:26:01 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nshwfp.dll
[2014/01/31 16:26:01 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshwfp.dll
[2014/01/31 16:26:01 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FWPUCLNT.DLL
[2014/01/31 16:26:01 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL
[2014/01/31 16:26:00 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrrun.dll
[2014/01/31 16:26:00 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrrun.dll
[2014/01/31 16:26:00 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscript.exe
[2014/01/31 16:26:00 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshom.ocx
[2014/01/31 16:26:00 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cscript.exe
[2014/01/31 16:26:00 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshom.ocx
[2014/01/31 16:25:59 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2014/01/31 16:25:59 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2014/01/31 16:25:58 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2014/01/31 16:25:58 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2014/01/31 16:25:57 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2014/01/31 16:22:39 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2014/01/31 16:22:39 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2014/01/31 16:18:10 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2014/01/31 16:18:10 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2014/01/31 16:10:18 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2014/01/31 16:10:18 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2014/01/31 16:10:18 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2014/01/31 16:10:11 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2014/01/31 16:10:11 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2014/01/31 16:10:11 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2014/01/31 16:10:04 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2014/01/31 16:10:04 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2014/01/31 16:02:49 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2014/01/31 16:02:49 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2014/01/31 15:57:42 | 000,000,000 | R--D | C] -- C:\Users\utente01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014/01/31 15:57:42 | 000,000,000 | R--D | C] -- C:\Users\utente01\Searches
[2014/01/31 15:57:42 | 000,000,000 | R--D | C] -- C:\Users\utente01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014/01/31 15:57:33 | 000,000,000 | ---D | C] -- C:\Users\utente01\AppData\Roaming\Identities
[2014/01/31 15:57:30 | 000,000,000 | R--D | C] -- C:\Users\utente01\Contacts
[2014/01/31 15:57:28 | 000,000,000 | ---D | C] -- C:\Users\utente01\AppData\Local\VirtualStore
[2014/01/31 15:57:12 | 000,000,000 | --SD | C] -- C:\Users\utente01\AppData\Roaming\Microsoft
[2014/01/31 15:57:12 | 000,000,000 | R--D | C] -- C:\Users\utente01\Videos
[2014/01/31 15:57:12 | 000,000,000 | R--D | C] -- C:\Users\utente01\Saved Games
[2014/01/31 15:57:12 | 000,000,000 | R--D | C] -- C:\Users\utente01\Pictures
[2014/01/31 15:57:12 | 000,000,000 | R--D | C] -- C:\Users\utente01\Music
[2014/01/31 15:57:12 | 000,000,000 | R--D | C] -- C:\Users\utente01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/01/31 15:57:12 | 000,000,000 | R--D | C] -- C:\Users\utente01\Links
[2014/01/31 15:57:12 | 000,000,000 | R--D | C] -- C:\Users\utente01\Favorites
[2014/01/31 15:57:12 | 000,000,000 | R--D | C] -- C:\Users\utente01\Downloads
[2014/01/31 15:57:12 | 000,000,000 | R--D | C] -- C:\Users\utente01\Documents
[2014/01/31 15:57:12 | 000,000,000 | R--D | C] -- C:\Users\utente01\Desktop
[2014/01/31 15:57:12 | 000,000,000 | R--D | C] -- C:\Users\utente01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/01/31 15:57:12 | 000,000,000 | -HSD | C] -- C:\Users\utente01\Documents\Video
[2014/01/31 15:57:12 | 000,000,000 | -HSD | C] -- C:\Users\utente01\AppData\Local\Temporary Internet Files
[2014/01/31 15:57:12 | 000,000,000 | -HSD | C] -- C:\Users\utente01\SendTo
[2014/01/31 15:57:12 | 000,000,000 | -HSD | C] -- C:\Users\utente01\Risorse di stampa
[2014/01/31 15:57:12 | 000,000,000 | -HSD | C] -- C:\Users\utente01\Risorse di rete
[2014/01/31 15:57:12 | 000,000,000 | -HSD | C] -- C:\Users\utente01\Recenti
[2014/01/31 15:57:12 | 000,000,000 | -HSD | C] -- C:\Users\utente01\Documents\Musica
[2014/01/31 15:57:12 | 000,000,000 | -HSD | C] -- C:\Users\utente01\Modelli
[2014/01/31 15:57:12 | 000,000,000 | -HSD | C] -- C:\Users\utente01\Menu Avvio
[2014/01/31 15:57:12 | 000,000,000 | -HSD | C] -- C:\Users\utente01\Impostazioni locali
[2014/01/31 15:57:12 | 000,000,000 | -HSD | C] -- C:\Users\utente01\Documents\Immagini
[2014/01/31 15:57:12 | 000,000,000 | -HSD | C] -- C:\Users\utente01\Documenti
[2014/01/31 15:57:12 | 000,000,000 | -HSD | C] -- C:\Users\utente01\Dati applicazioni
[2014/01/31 15:57:12 | 000,000,000 | -HSD | C] -- C:\Users\utente01\AppData\Local\Dati applicazioni
[2014/01/31 15:57:12 | 000,000,000 | -HSD | C] -- C:\Users\utente01\AppData\Local\Cronologia
[2014/01/31 15:57:12 | 000,000,000 | -HSD | C] -- C:\Users\utente01\Cookies
[2014/01/31 15:57:12 | 000,000,000 | -H-D | C] -- C:\Users\utente01\AppData
[2014/01/31 15:57:12 | 000,000,000 | ---D | C] -- C:\Users\utente01\AppData\Local\Temp
[2014/01/31 15:57:12 | 000,000,000 | ---D | C] -- C:\Users\utente01\AppData\Local\Microsoft
[2014/01/31 15:57:12 | 000,000,000 | ---D | C] -- C:\Users\utente01\AppData\Roaming\Media Center Programs
[2014/01/31 15:57:06 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Video
[2014/01/31 15:57:06 | 000,000,000 | -HSD | C] -- C:\Programmi
[2014/01/31 15:57:06 | 000,000,000 | -HSD | C] -- C:\ProgramData\Preferiti
[2014/01/31 15:57:06 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Musica
[2014/01/31 15:57:06 | 000,000,000 | -HSD | C] -- C:\ProgramData\Modelli
[2014/01/31 15:57:06 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Avvio
[2014/01/31 15:57:06 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Immagini
[2014/01/31 15:57:06 | 000,000,000 | -HSD | C] -- C:\Program Files\File comuni
[2014/01/31 15:57:06 | 000,000,000 | -HSD | C] -- C:\ProgramData\Documenti
[2014/01/31 15:57:06 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dati applicazioni
[2014/01/31 15:57:06 | 000,000,000 | ---D | C] -- C:\Recovery
[2014/01/31 15:52:36 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2014/01/31 15:50:25 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2014/01/31 15:49:29 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2014/01/31 15:48:08 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[1 C:\Users\utente01\Desktop\*.tmp files -> C:\Users\utente01\Desktop\*.tmp -> ]

========== Files - Modified Within 60 Days ==========

[2014/03/20 16:04:01 | 000,001,154 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/03/20 15:36:35 | 000,000,978 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/03/20 15:36:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/03/20 12:54:54 | 001,658,888 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/03/20 12:54:54 | 000,740,896 | ---- | M] () -- C:\Windows\SysNative\perfh010.dat
[2014/03/20 12:54:54 | 000,653,724 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/03/20 12:54:54 | 000,146,918 | ---- | M] () -- C:\Windows\SysNative\perfc010.dat
[2014/03/20 12:54:54 | 000,121,596 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/03/20 12:30:00 | 000,000,398 | ---- | M] () -- C:\Windows\tasks\View Password_wd.job
[2014/03/20 12:21:50 | 000,000,410 | ---- | M] () -- C:\Windows\tasks\View Password Update.job
[2014/03/20 11:55:03 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize 4.job
[2014/03/20 11:54:04 | 000,001,150 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/03/20 11:53:20 | 3219,988,480 | -HS- | M] () -- C:\hiberfil.sys
[2014/03/20 11:52:22 | 000,016,656 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/03/20 11:52:22 | 000,016,656 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/03/19 16:59:46 | 000,001,147 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/03/19 16:35:22 | 000,000,861 | ---- | M] () -- C:\Users\utente01\Desktop\Resume Ad-Aware Free Antivirus+ Installation.lnk
[2014/03/19 09:24:43 | 000,543,125 | ---- | M] () -- C:\Users\utente01\Desktop\ultima fattura gpl 28.2.2014 baciano (lettura 1097 al 15 12 2014).pdf
[2014/03/16 12:41:12 | 000,013,550 | ---- | M] () -- C:\Users\utente01\Desktop\Elenco_6-Collaudo_statico USL8 ing gianluca AL POSTO 25.pdf
[2014/03/16 01:42:47 | 000,002,181 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/03/12 18:34:05 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/03/12 18:34:05 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/03/12 18:32:56 | 000,417,136 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/03/11 10:21:30 | 000,027,136 | ---- | M] () -- C:\Users\utente01\Desktop\compito 3° geo BIBBIENA_01.03 vers2003.xlt
[2014/03/11 10:19:46 | 000,033,280 | ---- | M] () -- C:\Users\utente01\Desktop\compito 3° geo BIBBIENA_01.03.2014 - rev 001.xlt
[2014/03/07 19:06:27 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014/03/04 03:14:09 | 000,001,638 | ---- | M] () -- C:\Users\Public\Desktop\Launch Monitor Driver Installer.lnk
[2014/03/01 06:16:26 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/03/01 05:52:55 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/03/01 05:51:59 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/03/01 05:40:43 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/03/01 05:37:12 | 000,574,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/03/01 05:33:52 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/03/01 05:33:34 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/03/01 05:32:59 | 000,708,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/03/01 05:23:49 | 000,940,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014/03/01 05:17:43 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/03/01 05:02:07 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/03/01 04:54:33 | 005,768,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/03/01 04:52:43 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/03/01 04:51:53 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/03/01 04:43:28 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/03/01 04:42:12 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/03/01 04:40:17 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/03/01 04:38:26 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/03/01 04:37:35 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/03/01 04:35:11 | 002,041,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/03/01 04:16:09 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/03/01 04:00:08 | 001,964,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/03/01 03:25:42 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/03/01 03:25:22 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/03/01 00:43:04 | 000,019,562 | ---- | M] () -- C:\Users\utente01\Documents\cc_20140301_004258.reg
[2014/02/26 16:39:40 | 026,775,824 | ---- | M] () -- C:\Users\utente01\Desktop\Firefox_Portable.zip
[2014/02/25 21:02:33 | 001,906,599 | ---- | M] () -- C:\Users\utente01\Desktop\TVClick-Standard-Setup.exe
[2014/02/25 20:53:27 | 000,002,314 | ---- | M] () -- C:\Users\utente01\Documents\cc_20140225_205318.reg
[2014/02/25 20:49:05 | 000,040,114 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20140226-005727.backup
[2014/02/25 20:12:13 | 000,018,008 | ---- | M] () -- C:\Users\utente01\Documents\cc_20140225_201206.reg
[2014/02/25 19:29:40 | 000,000,906 | ---- | M] () -- C:\Windows\SysWow64\InstallUtil.InstallLog
[2014/02/23 12:42:29 | 000,001,675 | ---- | M] () -- C:\Windows\SysWow64\${LOGFILE}
[2014/02/17 18:39:57 | 000,039,693 | ---- | M] () -- C:\Users\utente01\Desktop\via carpaccio convocazione ass straord 25022014.pdf
[2014/02/17 01:06:05 | 000,027,606 | ---- | M] () -- C:\Users\utente01\Documents\cc_20140217_010555.reg
[2014/02/16 23:50:57 | 000,000,042 | ---- | M] () -- C:\Users\utente01\AppData\Roaming\WB.CFG
[2014/02/16 23:50:09 | 000,001,144 | ---- | M] () -- C:\Users\utente01\Desktop\My VuuPC.lnk
[2014/02/16 23:31:30 | 000,001,066 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2014/02/16 22:30:47 | 000,351,427 | ---- | M] () -- C:\Users\utente01\Desktop\JBenchmarkHD.jar
[2014/02/16 22:12:20 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014/02/16 22:12:19 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014/02/16 22:12:19 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014/02/16 22:12:19 | 000,174,504 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014/02/14 01:41:09 | 000,002,707 | ---- | M] () -- C:\Users\utente01\Desktop\Microsoft Office Word 2003.lnk
[2014/02/14 01:32:22 | 001,633,894 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/02/12 17:25:43 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2014/02/12 17:07:42 | 000,002,247 | ---- | M] () -- C:\Users\Public\Desktop\WinZip.lnk
[2014/02/12 09:25:12 | 000,117,024 | ---- | M] (Glarysoft Ltd) -- C:\Windows\SysNative\BootDefrag.exe
[2014/02/10 16:56:53 | 000,921,000 | ---- | M] (Oracle Corporation) -- C:\Users\utente01\Desktop\jxpiinstall.exe
[2014/02/05 18:28:19 | 000,003,719 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
[2014/02/05 18:27:34 | 000,046,368 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2014/02/04 03:32:22 | 001,424,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2014/02/04 03:32:12 | 000,624,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2014/02/04 03:04:11 | 000,509,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2014/02/03 17:25:36 | 000,000,424 | ---- | M] () -- C:\Windows\ODBC.INI
[2014/02/03 15:03:41 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01000.Wdf
[2014/02/03 15:00:11 | 000,315,392 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\HideWin.exe
[2014/02/03 14:16:40 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2014/02/03 14:16:36 | 001,051,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014/02/03 14:16:36 | 000,645,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll
[2014/02/03 14:16:36 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2014/02/03 14:16:36 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2014/02/03 14:16:36 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2014/02/03 14:16:36 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2014/02/03 14:16:36 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2014/02/03 14:16:36 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2014/02/03 14:16:36 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2014/02/03 14:16:36 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2014/02/03 14:16:36 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/02/03 14:16:36 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2014/02/03 14:16:36 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2014/02/03 14:16:36 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2014/02/03 14:16:36 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/02/03 14:16:36 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2014/02/03 14:16:36 | 000,016,284 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2014/02/03 14:16:35 | 001,228,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014/02/03 14:16:35 | 000,942,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll
[2014/02/03 14:16:35 | 000,774,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2014/02/03 14:16:35 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2014/02/03 14:16:35 | 000,610,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2014/02/03 14:16:35 | 000,453,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/02/03 14:16:35 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2014/02/03 14:16:35 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/02/03 14:16:35 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2014/02/03 14:16:35 | 000,235,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2014/02/03 14:16:35 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2014/02/03 14:16:35 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2014/02/03 14:16:35 | 000,143,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2014/02/03 14:16:35 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2014/02/03 14:16:35 | 000,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2014/02/03 14:16:35 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2014/02/03 14:16:35 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2014/02/03 14:16:35 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2014/02/03 14:16:35 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2014/02/03 14:16:35 | 000,101,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2014/02/03 14:16:35 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2014/02/03 14:16:35 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2014/02/03 14:16:35 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2014/02/03 14:16:35 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/02/03 14:16:35 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014/02/03 14:16:35 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2014/02/03 14:16:35 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2014/02/03 14:16:35 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2014/02/03 14:16:35 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2014/02/03 14:16:35 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014/02/03 14:16:35 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2014/02/03 14:16:35 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2014/02/03 14:16:35 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2014/02/03 14:16:35 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014/02/03 14:16:35 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2014/02/03 14:16:35 | 000,016,284 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2014/02/03 14:16:35 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2014/02/03 14:16:35 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2014/02/03 14:16:35 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2014/01/31 17:27:59 | 002,776,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2014/01/31 17:27:59 | 002,284,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2014/01/31 17:27:59 | 001,682,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2014/01/31 17:27:59 | 001,643,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2014/01/31 17:27:59 | 001,238,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2014/01/31 17:27:59 | 001,158,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2014/01/31 17:27:59 | 000,648,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2014/01/31 17:27:59 | 000,522,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2014/01/31 17:27:59 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2014/01/31 17:27:59 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2014/01/31 17:27:59 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2014/01/31 17:27:59 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2014/01/31 17:27:59 | 000,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2014/01/31 17:27:59 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2014/01/31 17:27:59 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2014/01/31 17:27:59 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2014/01/31 17:27:59 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2014/01/31 17:27:59 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2014/01/31 17:27:59 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2014/01/31 17:27:59 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2014/01/31 17:27:59 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2014/01/31 17:27:59 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2014/01/31 17:27:59 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2014/01/31 17:27:59 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2014/01/31 17:27:59 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2014/01/31 17:27:59 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2014/01/31 17:27:59 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2014/01/31 17:27:59 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2014/01/31 17:27:59 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2014/01/31 17:27:59 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2014/01/31 17:27:59 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2014/01/31 17:27:59 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2014/01/31 17:27:59 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2014/01/31 17:27:59 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2014/01/31 16:03:00 | 000,419,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\systemcpl.dll
[2014/01/31 16:03:00 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\slwga.dll
[2014/01/31 16:03:00 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\slwga.dll
[2014/01/31 16:02:59 | 001,008,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\olduser32.dll
[2014/01/31 16:01:32 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2014/01/31 15:54:00 | 000,168,445 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2014/01/31 15:54:00 | 000,168,445 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2014/01/29 03:32:18 | 000,484,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wer.dll
[2014/01/29 03:06:47 | 000,381,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wer.dll
[1 C:\Users\utente01\Desktop\*.tmp files -> C:\Users\utente01\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/03/19 16:59:46 | 000,001,159 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2014/03/19 16:59:46 | 000,001,147 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/03/19 16:35:22 | 000,000,861 | ---- | C] () -- C:\Users\utente01\Desktop\Resume Ad-Aware Free Antivirus+ Installation.lnk
[2014/03/19 09:24:42 | 000,543,125 | ---- | C] () -- C:\Users\utente01\Desktop\ultima fattura gpl 28.2.2014 baciano (lettura 1097 al 15 12 2014).pdf
[2014/03/18 08:41:09 | 000,001,393 | ---- | C] () -- C:\Users\utente01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/03/16 12:41:09 | 000,013,550 | ---- | C] () -- C:\Users\utente01\Desktop\Elenco_6-Collaudo_statico USL8 ing gianluca AL POSTO 25.pdf
[2014/03/11 20:46:52 | 000,033,280 | ---- | C] () -- C:\Users\utente01\Desktop\compito 3° geo BIBBIENA_01.03.2014 - rev 001.xlt
[2014/03/11 20:46:52 | 000,027,136 | ---- | C] () -- C:\Users\utente01\Desktop\compito 3° geo BIBBIENA_01.03 vers2003.xlt
[2014/03/07 18:59:41 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2014/03/07 18:59:41 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2014/03/07 18:59:41 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2014/03/07 18:59:41 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2014/03/07 18:59:41 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2014/03/04 03:14:09 | 000,001,638 | ---- | C] () -- C:\Users\Public\Desktop\Launch Monitor Driver Installer.lnk
[2014/03/01 00:43:01 | 000,019,562 | ---- | C] () -- C:\Users\utente01\Documents\cc_20140301_004258.reg
[2014/02/26 16:38:14 | 026,775,824 | ---- | C] () -- C:\Users\utente01\Desktop\Firefox_Portable.zip
[2014/02/26 16:19:38 | 000,000,978 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/02/25 21:02:30 | 001,906,599 | ---- | C] () -- C:\Users\utente01\Desktop\TVClick-Standard-Setup.exe
[2014/02/25 20:53:25 | 000,002,314 | ---- | C] () -- C:\Users\utente01\Documents\cc_20140225_205318.reg
[2014/02/25 20:12:09 | 000,018,008 | ---- | C] () -- C:\Users\utente01\Documents\cc_20140225_201206.reg
[2014/02/23 12:42:17 | 000,001,675 | ---- | C] () -- C:\Windows\SysWow64\${LOGFILE}
[2014/02/23 12:40:12 | 000,000,906 | ---- | C] () -- C:\Windows\SysWow64\InstallUtil.InstallLog
[2014/02/23 12:29:25 | 000,000,410 | ---- | C] () -- C:\Windows\tasks\View Password Update.job
[2014/02/23 12:29:24 | 000,000,398 | ---- | C] () -- C:\Windows\tasks\View Password_wd.job
[2014/02/17 18:40:38 | 000,039,693 | ---- | C] () -- C:\Users\utente01\Desktop\via carpaccio convocazione ass straord 25022014.pdf
[2014/02/17 01:18:54 | 000,001,092 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 4.lnk
[2014/02/17 01:18:49 | 000,000,342 | ---- | C] () -- C:\Windows\tasks\GlaryInitialize 4.job
[2014/02/17 01:05:59 | 000,027,606 | ---- | C] () -- C:\Users\utente01\Documents\cc_20140217_010555.reg
[2014/02/16 23:50:57 | 000,000,042 | ---- | C] () -- C:\Users\utente01\AppData\Roaming\WB.CFG
[2014/02/16 23:50:09 | 000,001,144 | ---- | C] () -- C:\Users\utente01\Desktop\My VuuPC.lnk
[2014/02/16 23:31:30 | 000,001,066 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2014/02/16 22:30:46 | 000,351,427 | ---- | C] () -- C:\Users\utente01\Desktop\JBenchmarkHD.jar
[2014/02/12 17:25:43 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2014/02/12 17:25:43 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2014/02/12 17:07:42 | 000,002,247 | ---- | C] () -- C:\Users\Public\Desktop\WinZip.lnk
[2014/02/05 18:28:21 | 000,003,719 | ---- | C] () -- C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
[2014/02/05 00:21:37 | 000,001,391 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2014/02/04 16:55:16 | 000,002,181 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/02/04 16:53:51 | 000,001,154 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/02/04 16:53:50 | 000,001,150 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/02/03 17:25:36 | 000,000,424 | ---- | C] () -- C:\Windows\ODBC.INI
[2014/02/03 17:24:17 | 000,002,707 | ---- | C] () -- C:\Users\utente01\Desktop\Microsoft Office Word 2003.lnk
[2014/02/03 16:06:09 | 001,633,894 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/02/03 15:03:41 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01000.Wdf
[2014/02/03 14:16:36 | 000,016,284 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2014/02/03 14:16:35 | 000,016,284 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2014/01/31 16:52:33 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2014/01/31 16:36:02 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2014/01/31 16:01:32 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2014/01/31 15:53:50 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2014/01/31 15:53:38 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2014/01/31 15:49:30 | 3219,988,480 | -HS- | C] () -- C:\hiberfil.sys

========== ZeroAccess Check ==========

[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014/03/04 02:22:14 | 000,000,000 | ---D | M] -- C:\Users\utente01\AppData\Roaming\ SAMSUNG T24C300EW user guide
[2014/02/17 22:00:26 | 000,000,000 | ---D | M] -- C:\Users\utente01\AppData\Roaming\53013bf0e56da1c960017f21
[2014/02/05 19:13:56 | 000,000,000 | ---D | M] -- C:\Users\utente01\AppData\Roaming\Ad-Aware Antivirus
[2014/02/17 01:18:48 | 000,000,000 | ---D | M] -- C:\Users\utente01\AppData\Roaming\GlarySoft
[2014/02/16 23:27:32 | 000,000,000 | ---D | M] -- C:\Users\utente01\AppData\Roaming\viddyhddownload

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:5C321E34

< End of report >

OTL Extras logfile created on: 20/03/2014 16:22:06 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\utente01\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16521)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

4,00 Gb Total Physical Memory | 2,79 Gb Available Physical Memory | 69,80% Memory free
8,00 Gb Paging File | 6,46 Gb Available in Paging File | 80,77% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 137,56 Gb Total Space | 95,06 Gb Free Space | 69,10% Space Free | Partition Type: NTFS

Computer Name: UTENTE01-PC | User Name: utente01 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0B0A6E98-3744-4B4A-9846-3F02711BE5F8}" = rport=445 | protocol=6 | dir=out | app=system |
"{112D8F56-22FD-44A3-87F1-807D28F7AF4E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{205F01CB-E48C-41C9-A6AC-02FBA2AA80A8}" = rport=10243 | protocol=6 | dir=out | app=system |
"{220C1F88-2D85-41D3-A0ED-8E8C4E160665}" = lport=445 | protocol=6 | dir=in | app=system |
"{3E8290A7-0AD7-4480-BB48-F0B89DFD158E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{49386901-291C-4AF2-8B80-D64F7DB5452C}" = rport=138 | protocol=17 | dir=out | app=system |
"{4D66AFF7-E748-4A8D-8E51-876E680B9E1D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{56120283-1BC3-44B9-8B34-A61D9C533C19}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5F816882-4A60-4DBC-83B9-5DE4BEB8564D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{779CA26D-F83F-45E1-BF3A-6FA6438C5851}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{83D943FC-BCD3-4536-A897-780CB1ABF810}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9C32F6DC-07E7-4BE2-8C3A-1862DBA4DF1C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B760F4E4-6DAC-40BB-8634-D5F461DABA2A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D173987B-38CD-4FAB-AA3A-94FCCEFC09A3}" = lport=138 | protocol=17 | dir=in | app=system |
"{D197FD59-7AB8-4DC5-944A-276A6169D94D}" = rport=139 | protocol=6 | dir=out | app=system |
"{DEF5D2B3-B6C0-4A68-AFB3-4DC28C3FB90F}" = lport=137 | protocol=17 | dir=in | app=system |
"{E6F408DB-7E99-44F6-8DCC-14D1A055459F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{ED68CF5C-2BC2-4C93-BA75-B5884C41596F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F02716E6-E5BB-4134-BB51-D0439C3A808F}" = rport=137 | protocol=17 | dir=out | app=system |
"{F05881A3-B370-4B84-B424-74975C27606F}" = lport=139 | protocol=6 | dir=in | app=system |
"{FA9B90F2-4456-4BE5-901E-57D91AEDD2D5}" = lport=10243 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0038975D-20EB-470F-8516-8CBAE530E6D7}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{0B49AEED-3B64-4E7C-80BC-72D40F2537EC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1D8CEDB6-6ECD-4562-9B30-E42C1B41E694}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{2E6DA0FF-4454-44BB-9B77-02B14DF976E7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3258095C-9AF4-4918-A0A9-2D2F9F7DE72A}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{35BFBEF2-4D34-4540-B099-F1AFB7821ECF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3BE78199-41BB-49EB-B73A-E25F63265528}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{5533F97E-4A12-43C3-BBD9-869F07588706}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{69FFBAC5-F98D-4094-B0B8-1F5FEF305BA3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{8584F092-CD0F-432E-B27D-49D89AAB5CC8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{998A2173-E6CD-42F6-BB7E-4CA4F1B73E77}" = protocol=6 | dir=out | app=system |
"{9A007DE9-9DA1-41B5-B1DA-710C16141CBE}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{9D8C0F75-DA4B-4D24-828B-610B3862ABA5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{AF4E9617-9A56-4D08-8966-AB8D48D5CEB4}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C5A7B31B-B073-48D5-8F6E-E1EBBD396241}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{CEC2F206-2B0D-4394-9C8C-1C42A629EEBF}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D0C19DBF-A545-4180-838B-D43F4B75447B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D4AB16D0-D70C-42B6-B2CA-39FCD31AB1BC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D4B2CC28-939A-4581-95C5-C19AB05767BF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DB3F5FB2-FC60-4BD4-AE10-CA9D91138F55}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{5E94829C-D2B9-3779-BA6C-1ACCDED3800E}" = Microsoft .NET Framework 4.5.1 (ITA)
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1040" = Microsoft .NET Framework 4.5.1 (Italiano)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Pannello di controllo NVIDIA 331.65
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Driver grafico 331.65
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aggiornamenti NVIDIA 1.15.2
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"CCleaner" = CCleaner
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{26A24AE4-039D-4CA4-87B4-2F83217051FF}" = Java 7 Update 51
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 H2
"{41564952-412D-5637-4300-A758B70C0A00}" = Avira SearchFree Toolbar
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.52.02
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.13
"{8EA79DBF-D637-448A-89D6-410A087A4493}" = Samsung_MonSetup
"{90110410-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1040-7B44-AB0000000001}" = Adobe Reader XI (11.0.06) - Italiano
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{BB285C9F-C821-4770-8970-56C4AB52C87E}" = Skype Click to Call
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240E0}" = WinZip 18.0
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"0ba83585-9f57-4c3c-86f2-b347c7278840" = View Password
"Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"Glary Utilities 4" = Glary Utilities 4.7
"Google Chrome" = Google Chrome
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versione 1.75.0.1300
"Mozilla Firefox 28.0 (x86 it)" = Mozilla Firefox 28.0 (x86 it)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"SpywareBlaster_is1" = SpywareBlaster 5.0
"VLC media player" = VLC media player 2.0.5

< End of report >

lucagian
Inviato: Thursday, March 20, 2014 6:07:07 PM
Rank: AiutAmico

Iscritto dal : 10/14/2007
Posts: 44
aggiungo per completezza le altre scansioni mancanti e che avevo fatto nell'ordine indicato da r16


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Professional x64
Ran by utente01 on 20/03/2014 at 15:44:42,43
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\apn"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 20/03/2014 at 15:54:21,56
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


# AdwCleaner v3.022 - Report created 20/03/2014 at 11:52:06
# Updated 13/03/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : utente01 - UTENTE01-PC
# Running from : C:\Users\utente01\Desktop\doctor\INSTALLER\ADWCLEANER\adwcleaner (2).exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16521


-\\ Mozilla Firefox v28.0 (it)

[ File : C:\Users\utente01\AppData\Roaming\Mozilla\Firefox\Profiles\nv181mqs.default\prefs.js ]


-\\ Google Chrome v33.0.1750.154

[ File : C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [2057 octets] - [05/02/2014 18:27:07]
AdwCleaner[R1].txt - [12485 octets] - [17/02/2014 01:43:30]
AdwCleaner[R2].txt - [12605 octets] - [17/02/2014 01:44:54]
AdwCleaner[R3].txt - [15566 octets] - [25/02/2014 20:44:01]
AdwCleaner[R4].txt - [1266 octets] - [25/02/2014 20:50:30]
AdwCleaner[R5].txt - [1451 octets] - [26/02/2014 01:08:08]
AdwCleaner[R6].txt - [1445 octets] - [26/02/2014 17:11:30]
AdwCleaner[R7].txt - [3654 octets] - [19/03/2014 18:34:04]
AdwCleaner[R8].txt - [1846 octets] - [20/03/2014 11:50:15]
AdwCleaner[S0].txt - [2265 octets] - [05/02/2014 18:29:48]
AdwCleaner[S1].txt - [314 octets] - [17/02/2014 01:44:24]
AdwCleaner[S2].txt - [11802 octets] - [17/02/2014 01:47:10]
AdwCleaner[S3].txt - [14736 octets] - [25/02/2014 20:46:27]
AdwCleaner[S4].txt - [1514 octets] - [26/02/2014 01:09:42]
AdwCleaner[S5].txt - [1506 octets] - [26/02/2014 17:17:51]
AdwCleaner[S6].txt - [3468 octets] - [19/03/2014 18:35:50]
AdwCleaner[S7].txt - [1767 octets] - [20/03/2014 11:52:06]

########## EOF - C:\AdwCleaner\AdwCleaner[S7].txt - [1827 octets] ##########


Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Versione database: v2014.03.19.10

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16521
utente01 :: UTENTE01-PC [amministratore]

20/03/2014 01:15:33
mbam-log-2014-03-20 (01-15-33).txt

Tipo di scansione: Scansione completa (C:\|)
Opzioni di scansione attive: Memoria | Esecuzione automatica | Registro | File di sistema | Euristica/Extra | Euristica/Shuriken | PUP | PUM
Opzioni di scansione disattivate: P2P
Elementi esaminati: 349873
Tempo impiegato: 58 minuti, 9 secondi

Processi rilevati in memoria: 0
(non sono stati rilevati elementi nocivi)

Moduli di memoria rilevati: 0
(non sono stati rilevati elementi nocivi)

Chiavi di registro rilevate: 4
HKCR\Typelib\{F126C9FC-9299-40F2-BD42-C59023AD1E7F} (PUP.Optional.GetNow.A) -> Spostato in quarantena ed eliminato con successo.
HKCR\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967} (PUP.Optional.GetNow.A) -> Spostato in quarantena ed eliminato con successo.
HKLM\SOFTWARE\Google\Chrome\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma (PUP.Optional.QuickStart.A) -> Spostato in quarantena ed eliminato con successo.
HKLM\Software\awesomehpSoftware (PUP.Optional.Awesomehp.A) -> Spostato in quarantena ed eliminato con successo.

Valori di registro rilevati: 1
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings|ProxyServer (PUM.Bad.Proxy) -> Dati: http=127.0.0.1:13828 -> Spostato in quarantena ed eliminato con successo.

Voci rilevate nei dati di registro: 0
(non sono stati rilevati elementi nocivi)

Cartelle rilevate: 24
C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma (PUP.Optional.QuickStart.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.9_0 (PUP.Optional.QuickStart.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.9_0\img (PUP.Optional.QuickStart.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.9_0\img\weather (PUP.Optional.QuickStart.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.9_0\js (PUP.Optional.QuickStart.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.9_0\_locales (PUP.Optional.QuickStart.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.9_0\_locales\en (PUP.Optional.QuickStart.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.9_0\_locales\es (PUP.Optional.QuickStart.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.9_0\_locales\es_419 (PUP.Optional.QuickStart.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.9_0\_locales\fr (PUP.Optional.QuickStart.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.9_0\_locales\fr-BE (PUP.Optional.QuickStart.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.9_0\_locales\fr-CA (PUP.Optional.QuickStart.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.9_0\_locales\fr-CH (PUP.Optional.QuickStart.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.9_0\_locales\fr-LU (PUP.Optional.QuickStart.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.9_0\_locales\it (PUP.Optional.QuickStart.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.9_0\_locales\it-CH (PUP.Optional.QuickStart.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.9_0\_locales\pl (PUP.Optional.QuickStart.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.9_0\_locales\pt_BR (PUP.Optional.QuickStart.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.9_0\_locales\ru (PUP.Optional.QuickStart.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.9_0\_locales\ru-MO (PUP.Optional.QuickStart.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.9_0\_locales\tr (PUP.Optional.QuickStart.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.9_0\_locales\vi (PUP.Optional.QuickStart.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.9_0\_locales\zh_CN (PUP.Optional.QuickStart.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.9_0\_locales\zh_TW (PUP.Optional.QuickStart.A) -> Spostato in quarantena ed eliminato con successo.

File rilevati: 37
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupTab.dll.vir (PUP.Optional.SupTab.A) -> Spostato in quarantena ed eliminato con successo.
C:\AdwCleaner\Quarantine\C\ProgramData\WPM\wprotectmanager.exe.vir (PUP.Optional.WpManager) -> Spostato in quarantena ed eliminato con successo.
C:\AdwCleaner\Quarantine\C\Users\utente01\AppData\Roaming\SupTab\SupTab.dll.vir (PUP.Optional.SupTab.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv2.crx (PUP.Optional.NewTab.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.9_0\index.html (PUP.Optional.QuickStart.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.9_0\manifest.json (PUP.Optional.QuickStart.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.9_0\style.css (PUP.Optional.QuickStart.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.9_0\img\default_logo.png (PUP.Optional.QuickStart.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.9_0\img\icon128.png (PUP.Optional.QuickStart.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.9_0\img\icon16.png (PUP.Optional.QuickStart.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.9_0\img\icon48.png (PUP.Optional.QuickStart.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.9_0\img\loading.gif (PUP.Optional.QuickStart.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.9_0\img\weather\0.png (PUP.Optional.QuickStart.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.9_0\js\background.js (PUP.Optional.QuickStart.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.9_0\js\ga.js (PUP.Optional.QuickStart.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.9_0\js\jquery-base.js (PUP.Optional.QuickStart.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.9_0\js\jquery.autocomplete.js (PUP.Optional.QuickStart.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.9_0\js\js.js (PUP.Optional.QuickStart.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.9_0\js\xagainit.js (PUP.Optional.QuickStart.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.9_0\_locales\en\messages.json (PUP.Optional.QuickStart.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.9_0\_locales\es\messages.json (PUP.Optional.QuickStart.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.9_0\_locales\es_419\messages.json (PUP.Optional.QuickStart.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.9_0\_locales\fr\messages.json (PUP.Optional.QuickStart.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.9_0\_locales\fr-BE\messages.json (PUP.Optional.QuickStart.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.9_0\_locales\fr-CA\messages.json (PUP.Optional.QuickStart.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.9_0\_locales\fr-CH\messages.json (PUP.Optional.QuickStart.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.9_0\_locales\fr-LU\messages.json (PUP.Optional.QuickStart.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.9_0\_locales\it\messages.json (PUP.Optional.QuickStart.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.9_0\_locales\it-CH\messages.json (PUP.Optional.QuickStart.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.9_0\_locales\pl\messages.json (PUP.Optional.QuickStart.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.9_0\_locales\pt_BR\messages.json (PUP.Optional.QuickStart.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.9_0\_locales\ru\messages.json (PUP.Optional.QuickStart.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.9_0\_locales\ru-MO\messages.json (PUP.Optional.QuickStart.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.9_0\_locales\tr\messages.json (PUP.Optional.QuickStart.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.9_0\_locales\vi\messages.json (PUP.Optional.QuickStart.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.9_0\_locales\zh_CN\messages.json (PUP.Optional.QuickStart.A) -> Spostato in quarantena ed eliminato con successo.
C:\Users\utente01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.1.9_0\_locales\zh_TW\messages.json (PUP.Optional.QuickStart.A) -> Spostato in quarantena ed eliminato con successo.

(fine)
lucagian
Inviato: Thursday, March 20, 2014 7:27:52 PM
Rank: AiutAmico

Iscritto dal : 10/14/2007
Posts: 44
aggiungo :

-dopo aver fatto qunto detto prima e, in particolare avere temp.te disabiltato avira free, alla fine
dalla solita frecciolina "mostra icone nascoste" non compare piu' il simbolo del programma (avira) strano perche' c'e' sempre stata.
- ho riattivato avira da "tutti i programmi" (realtime e firewall) mentre web protection rimane disattiva (credo lo facesse anche prima);
- pero' avira dalla mascherina di stato generale continua ad avvisarmi "computer non sicuro" e non capisco perche' l'ho anche aggiornato!???
Utenti presenti in questo topic
Guest


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.