Aiutamici Forum
Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » messaggi pubblicitari

messaggi pubblicitari Opzioni
Topic Precedente · Topic Sucessivo
Ibisco1980
Inviato: Tuesday, March 18, 2014 6:52:49 PM
Rank: Member

Iscritto dal : 10/7/2005
Posts: 9
Ciao a tutti voi,
per favore mi potreste controllare i log? ho formattato il pc da pochissimo ma sicuramente avro installato qualcosa che mi fa bombardare di messaggi pubblicitari ogni volta che navigo su internet.
Grazie a tutti


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:47:38, on 18/03/2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.16518)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Users\Marta\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:13828
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\IPS\IPSBHO.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: ScanTack - {d332cff8-358e-4c9e-8af3-a08872ef22c1} - C:\Program Files (x86)\ScanTack\ScanTackbho.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
O4 - HKLM\..\Run: [Intel AppUp(R) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\Microsoft Office\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Easy Launcher - Samsung Electronics CO., LTD. - C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SW Update Service (SWUpdateService) - Samsung Electronics CO., LTD. - C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Update ScanTack - Unknown owner - C:\Program Files (x86)\ScanTack\updateScanTack.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: View Password (ViewPassword) - Unknown owner - C:\Program Files (x86)\View-Password\ViewPassword154.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 10391 bytes
Torna in alto
 
Sponsor
Inviato: Tuesday, March 18, 2014 6:52:49 PM

 
Torna in alto
 
Ibisco1980
Inviato: Wednesday, March 19, 2014 7:54:58 PM
Rank: Member

Iscritto dal : 10/7/2005
Posts: 9
scusate ho fatto uno scan con OTL


OTL Extras logfile created on: 19/03/2014 19:45:24 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Marta\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16518)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

7,89 Gb Total Physical Memory | 6,17 Gb Available Physical Memory | 78,14% Memory free
9,14 Gb Paging File | 7,37 Gb Available in Paging File | 80,63% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 903,33 Gb Total Space | 822,85 Gb Free Space | 91,09% Space Free | Partition Type: NTFS

Computer Name: PC-MARTA | User Name: Marta | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2830974330-3213038589-3334289725-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\Microsoft Office\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\Microsoft Office\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{4EFC7ECA-70D9-4336-B401-2A587E8DF38B}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{AB1DB9D2-02DB-4E0F-B3D6-7051439A8EE7}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{E664D53D-18A8-4E58-83FB-18C532661306}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{030D1BA1-E4EC-4B26-8B9A-3CBDB031AB60}" = dir=out | name=norton studio |
"{0338B408-2078-4C86-8A9C-1E6D87884B7A}" = dir=out | name=s camera |
"{0844397C-5BCF-453F-919C-3C86805BFF7E}" = dir=out | name=@{microsoft.bingtravel_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} |
"{120DEC1A-3502-4FA0-9110-27C76558C4E9}" = dir=out | name=cubovision |
"{16CC45AF-E7D3-4C9B-BBFD-0C57F1D0EC1F}" = dir=in | name=evernote touch |
"{1C1258C1-F432-4287-81A2-B77F3416B042}" = dir=out | name=s player |
"{23979E22-9240-4330-A24B-D9549F895041}" = dir=out | name=@{microsoft.bingsports_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} |
"{2944B169-D363-41BE-8BF0-25D253B971F7}" = dir=out | name=@{microsoft.bingtravel_2.0.0.308_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{2A3C1690-3F20-4C28-874D-8E3353F98984}" = dir=out | name=@{microsoft.bingfinance_3.0.2.234_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} |
"{2E0A1A46-E060-4DD7-9DA5-55A81154AE49}" = dir=out | name=@{microsoft.reader_6.2.9200.20780_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{2E45ADDE-67BA-4356-8FAD-838C8FBD4314}" = dir=in | name=@{microsoft.reader_6.2.9200.20780_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{2EDE9131-575B-48E6-A290-984B2AD55D08}" = dir=out | name=s gallery |
"{30680049-D2BC-43AB-9F8A-C2D729CCF854}" = dir=out | name=@{magix.musicmakerjam_2.0.1023.6_x64__a2t3txkz9j1jw?ms-resource://magix.musicmakerjam/resources/app_name} |
"{3F2E6FCA-AAAA-4E5C-BE85-A19B3C33A790}" = dir=out | name=windows_ie_ac_001 |
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn |
"{448CAC61-8461-4AD4-B195-006E3B186F03}" = dir=out | name=@{microsoft.bingsports_2.0.0.310_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{44F53BCB-740E-4FD1-9CC6-623E8F2CB215}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.2.236_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{4920077E-E6E7-4E75-B83A-4AA5A6D8E858}" = dir=in | name=microsoft solitaire collection |
"{4D2BBE69-20BF-4C6D-A14C-A4D461067B76}" = dir=out | name=evernote touch |
"{50BC5372-EA50-4491-8B04-C8267FD80F44}" = dir=out | name=@{microsoft.bingweather_2.0.0.310_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{53F96056-C812-4EAC-BDE0-14CBD3FCFF08}" = dir=out | name=windows_ie_ac_001 |
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{55110230-34E5-4F6E-BC00-E8F29970859E}" = dir=out | name=windows_ie_ac_001 |
"{55D06CF9-C82A-41AB-B238-2F3B58F9E65E}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect |
"{5CECC75C-5BD0-4D0A-ADA3-8E46CF826465}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect |
"{61B9CDD4-FCE7-41F5-AA36-BA8F73FEAA98}" = dir=out | name=sonicwall mobile connect |
"{640B1810-3FF4-4CE5-B6F9-C85D505A352A}" = dir=out | name=@{microsoft.xboxlivegames_1.3.10.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{64BE7D19-BF86-44B2-9319-12B1E3BEF1AF}" = dir=out | name=@{microsoft.zunemusic_2.2.767.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{66C29B11-6D64-4D3D-8512-4F12FB8768F4}" = dir=out | name=@{musixmatch.lyrics_1.5.2.66_x64__7gejyv32yt3te?ms-resource://musixmatch.lyrics/resources/app_title} |
"{68A77C81-44C6-4C58-829C-FC57BCCA0DF2}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{6B90EE0C-C7EE-455B-A65F-556C07BBDB80}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{6CCCE1BA-9626-424D-A833-2B7A416AD66F}" = dir=out | name=photoeditor |
"{6FEE071E-7942-4C89-959F-7FD1A3F7D5AA}" = dir=out | name=chaton |
"{7099768A-FCEB-47F9-8EA5-4F3A413E0719}" = dir=in | name=sonicwall mobile connect |
"{75E085BA-06F5-4D4D-A241-EBD67CF0F7BE}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{78CCF0F8-56E5-4317-9224-4452703AD452}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd cinema\powerdvdcinema10.exe |
"{7B8FBDD3-DFBA-468C-ADEC-88576C134D90}" = dir=out | name=juniper networks junos pulse |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{836EF0F1-7229-4661-8ADF-0E7FACB1260B}" = dir=out | name=@{microsoft.zunemusic_1.5.216.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{89340A03-BCB3-43F4-95E9-EE45FC5AAC85}" = dir=out | name=@{microsoft.zunevideo_2.2.767.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{8AB87093-532E-4E04-B954-D8B69DAA444D}" = dir=in | name=juniper networks junos pulse |
"{8D66FDD6-41E0-42D6-9A02-AE89024B2943}" = dir=out | name=skype |
"{94F693AA-C78C-4273-AB6B-D87B606657DC}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{9B8AF3EA-347B-4C0A-AF81-5C2576D663FB}" = dir=in | name=@{magix.musicmakerjam_2.0.1023.6_x64__a2t3txkz9j1jw?ms-resource://magix.musicmakerjam/resources/app_name} |
"{9CB55284-9E5F-4B95-AC71-933CB2B0534E}" = dir=out | name=fresh paint |
"{9DBC0332-2D1F-4156-904B-84FBD884D87B}" = dir=out | name=microsoft solitaire collection |
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{A465B87A-F83B-45FA-A483-C4708D63F70F}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{AB9023B3-FA40-4254-8642-F1AC2E19355D}" = dir=out | name=rai.tv |
"{B4604479-7591-493D-A208-689E65203262}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe |
"{B525D79D-1BAA-4EF0-9A2F-ED9D94BAA8ED}" = dir=out | name=repubblicatv |
"{B67D0E7F-0D1F-42C3-8DD6-8F58F6E445A5}" = dir=in | name=check point vpn |
"{B947B0D3-FF0B-4E9A-A2C8-57C602F48841}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{BBE79DFA-EDD9-4EBB-AE47-4EA0ECA890F9}" = dir=out | name=@{microsoft.bingnews_2.0.0.308_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{BE72943F-7FE9-4CA0-AF02-0721069CF871}" = dir=out | name=@{microsoft.bingweather_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{BE73D2CD-5E3D-474A-9773-B1CA4B599BCC}" = dir=out | name=check point vpn |
"{C22EDCE0-A10F-4395-8917-DA4D92610483}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{CA62FD5E-3622-4583-93CB-0F61605328C5}" = dir=in | name=skype |
"{CEB40835-1240-47C6-8690-04307658C5BD}" = dir=out | name=@{microsoft.bingfinance_2.0.0.308_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{D0C46566-A245-418D-81FF-CE4B3BFE8F9C}" = dir=out | name=paginegialle |
"{D267C6EF-7A63-4CC1-AA82-205CD70B24E0}" = dir=out | name=cinetrailer |
"{D29D6889-9DA0-4D3F-9819-498296D77395}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{D537C756-726B-4334-84A9-9D8A1E620242}" = dir=out | name=@{microsoft.bingmaps_1.6.1821.2624_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn |
"{D6BDAFC8-7A4F-4D6E-9FF0-46EE5ED6D072}" = dir=in | name=@{musixmatch.lyrics_1.5.2.66_x64__7gejyv32yt3te?ms-resource://musixmatch.lyrics/resources/app_title} |
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn |
"{DB9398F4-822F-45BB-B381-3BC2F36BB14B}" = dir=in | app=c:\program files (x86)\intel\intelappstore\bin\ismagent.exe |
"{E0522255-4D43-4033-A7F2-B3EAF955E922}" = dir=out | name=@{microsoft.zunevideo_1.5.338.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{E1E64E18-09E0-4835-A74B-BDCF0E42A27D}" = dir=out | name=f5 vpn |
"{E24DC9FA-A4AE-4892-B554-2F1ED60112FB}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{E387FF58-658C-4027-B96D-3F9D22B11F21}" = dir=out | name=ilmeteo |
"{E6A36E23-2260-4AC2-B6FE-355E66FB953C}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{E7D32D69-8909-40DF-8FF0-7A304E7C1124}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{E8F6B8CA-C802-4E18-91CF-8C4F39D1F9B6}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn |
"{EEF5AAA4-6F8F-49A5-B5D1-01DCD0E8A5A2}" = dir=in | name=f5 vpn |
"{EF213E6C-FF3E-483D-BD11-0F4B0B971181}" = dir=out | name=@{microsoft.bingnews_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} |
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client |
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client |
"{F8550490-F759-49DA-A629-E8C5AB36537C}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{FBC84975-D540-45D3-8EB7-47DE9AE248F0}" = dir=out | name=jamie's recipes |
"{FF7B1E60-120E-4A3C-BD09-28522FFFAFF1}" = dir=out | name=@{microsoft.bingmaps_2.0.2530.2317_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{17CA3A8B-8AB5-0BC2-54B5-181FD52E00DF}" = ccc-utility64
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{843A1BDC-0879-4E5B-83E1-B81CC0CF3580}" = Support Center
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0410-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Italian) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A84A4FB1-D703-48DB-89E0-68B6499D2801}" = Qualcomm Atheros Bluetooth Suite (64)
"{AEC9D273-E162-4614-83F1-722B8C74B185}" = Help Desk
"{CFEA455B-E368-45B2-A01E-1C3A6C0F06B6}" = S Agent
"{D1FE6D8B-E5EE-5205-3E53-CDA000257D99}" = AMD Catalyst Install Manager
"{EC36E2BC-86F7-44C9-84B2-93930F0FBDBF}" = Quick Starter
"{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client
"{F842F8B0-6942-4930-821F-543E976B2C66}" = MSVCRT110_amd64
"ScanTack" = ScanTack
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0477379A-BF6B-FEE0-1BC9-2E9C702795BA}" = CCC Help Turkish
"{0E81DD1E-C7B2-13B4-78F9-3023CB729715}" = PX Profile Update
"{0FE56F3B-7377-CE64-B115-0A59ED2A92D2}" = CCC Help Japanese
"{1057511B-F8FE-4230-9ED3-AB949A57EE4A}" = Windows Live PIMT Platform
"{111FBBFC-3183-4C0B-3392-CB11D22F097E}" = CCC Help Chinese Traditional
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Recovery
"{1B3A77C9-17E0-F2FD-0234-EF14EDC13E65}" = CCC Help Polish
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{222981E3-B470-FB0F-6F98-74E4EE6D62C3}" = CCC Help Portuguese
"{233B918E-99FD-4643-BEDD-A9855A56FC3A}" = Windows Live UX Platform Language Pack
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Qualcomm Atheros Client Installation Program
"{29315CEC-E6CE-4394-84DC-6F862E8D9A52}" = Windows Live UX Platform
"{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"{2DEDB440-676B-7415-6925-A5000B13DF75}" = Catalyst Control Center
"{2E261850-DB54-62DA-C711-82D106D5800D}" = CCC Help Greek
"{2FAFE37E-D796-47B8-BA8F-D09819B12DF6}" = Windows Live Essentials
"{3163143A-EA7F-4CED-B7BD-AEA38B4E0B5D}" = Dike 5.5.0
"{35BD47F4-C19B-474F-AACC-E8C0BE38148A}" = Photo Common
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup
"{4130EE75-FC86-CF60-3FB9-535F855AC75E}" = CCC Help Spanish
"{42A2C634-7EC7-EC79-B2DC-5DC7CB0316EB}" = CCC Help Norwegian
"{4689F012-C8E3-4F6E-BDEF-13671D53A6DC}" = Windows Live UX Platform Language Pack
"{485393B6-F07D-304D-A40A-574330EE1F18}" = CCC Help Finnish
"{4C0D8B3E-63F0-4773-83F5-C5B7795B0FB8}" = Photo Gallery
"{4F9A382F-4478-4036-905C-F77DF2EA0370}" = Windows Live SOXE
"{4FA8F084-C42F-45E1-B7E5-E0C8A1083DC5}" = Windows Live SOXE Definitions
"{52E5DE60-C96B-42CC-9A37-FE04725940AE}" = Settings
"{544D3874-250F-76AC-92C1-2DE3E2F4813A}" = Catalyst Control Center Localization All
"{57EC0BAF-E65F-4758-A6AB-586535C870A2}" = Windows Live Essentials
"{61889FC7-9738-439A-96B3-17AF981BDDEF}" = Movie Maker
"{618F39BD-9720-47CF-A89C-108AB41B1493}" = Windows Live UX Platform Language Pack
"{64DF7404-9D46-44AF-AFA1-A2F8D5648C2D}" = Windows Live Photo Common
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72619034-75E1-2E5D-460E-0F86C93493E8}" = Catalyst Control Center Profiles Mobile
"{741ECBB6-1A0B-42F1-A7BF-76222734A63A}" = Movie Maker
"{76EE8FE7-1957-4C51-9074-4930A8CFB1AF}" = Windows Live Installer
"{77A704E3-D8E5-EC47-27BE-1853BE8E5DF4}" = CCC Help Italian
"{78F35489-621D-4FFD-BCE7-2C7C3897E47C}" = Windows Live
"{7970D813-6799-6576-4FE6-24F9686CDD80}" = Catalyst Control Center Graphics Previews Common
"{7A1CFFB9-5E84-A8A3-8DEE-1ECA6CB7A796}" = CCC Help Swedish
"{7C5E83DF-8551-6179-AF31-B5708D379F04}" = CCC Help Chinese Standard
"{7F682A00-6497-4551-A2A6-063AE667D1CF}" = Movie Maker
"{81CDF41D-1E6A-6F5A-1E50-010CFC63C4FD}" = CCC Help Dutch
"{86CAC8DE-288A-410D-A4A4-0190060E69AE}" = Raccolta foto
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8B1A818A-F92B-4330-A9E2-21A5B5D2BD4E}" = CCC Help Danish
"{8B8A4FE8-99C2-DC29-CEA5-8A660F87EDCC}" = CCC Help Hungarian
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{90120000-0015-0410-0000-0000000FF1CE}" = Microsoft Office Access MUI (Italian) 2007
"{90120000-0015-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2007
"{90120000-0016-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2007
"{90120000-0018-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0410-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Italian) 2007
"{90120000-0019-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0410-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Italian) 2007
"{90120000-001A-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2007
"{90120000-001B-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0410-1000-0000000FF1CE}_ENTERPRISE_{C0C7E58F-D0A1-4102-855B-0B7AA2E8F1C1}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0410-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Italian) 2007
"{90120000-0044-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2007
"{90120000-006E-0410-0000-0000000FF1CE}_ENTERPRISE_{C0C7E58F-D0A1-4102-855B-0B7AA2E8F1C1}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0410-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Italian) 2007
"{90120000-00A1-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0410-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Italian) 2007
"{90120000-00BA-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{925652DC-D377-41CC-B97E-B0979B4F534D}" = Catalyst Control Center - Branding
"{9519F58B-4E7E-E679-0C1A-66CF01F8FC2F}" = CCC Help Korean
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9846E46F-07E0-4BDF-985A-E3FBA8C15877}" = Movie Maker
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B2E55F8-5BA8-4A45-9682-ACB6F2CC0DA5}" = Photo Gallery
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A1E8CD6C-F8A0-AF8F-2173-F9B1EC3C264C}" = CCC Help French
"{A6C48A9F-694A-4234-B3AA-62590B668927}" = Intel(R) Manageability Engine Firmware Recovery Agent
"{A7C37D4B-F37A-42E8-9B6A-B28C18AD4C12}" = Easy File Share
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.3) MUI
"{B19E03EA-067C-412F-A81E-271720E601AB}" = Fotogalerie
"{B27FA0A3-D80F-41A9-8BAD-C5F2D859AB22}" = Photo Common
"{B6829511-95BB-46FC-9030-957D54B8EFE2}" = Windows Live UX Platform Language Pack
"{BA73469B-D8C7-4FE3-B33C-1340D09F0709}" = Windows Live Communications Platform
"{C5BD5F26-AAB8-27F4-6D3C-F71DE9EE7486}" = CCC Help Thai
"{C7588111-1A12-4EFE-8CA0-DA4344480D92}" = User Guide
"{D531FC91-6F4E-49A7-B912-15289D05B6F8}" = Photo Common
"{D71BC54E-A4E6-4E06-866C-FD6EE16EA187}" = Movie Maker
"{DA06101F-FD76-4BF0-88BD-B26A197005E3}" = SW Update
"{DC2CB432-D3B9-4F81-8ACB-7775FD5202E5}" = Photo Common
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E653AB36-18D7-4FB3-BDAF-024283971050}" = Support Center FAQ
"{EA2CCC4F-B30D-02F6-753E-AA12408A660A}" = CCC Help Czech
"{EBFCBD05-77A3-4FC3-A6D2-27218B61D957}" = Windows Live Essentials
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F13B7FF5-A69B-51B3-A23E-B99D67736343}" = Catalyst Control Center InstallProxy
"{F722A8B8-A911-0096-C018-A8D168683DC7}" = CCC Help German
"{F759A3AE-4B1B-EC46-36FA-C57A50FC46D2}" = CCC Help Russian
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F9C2922F-D66A-FAD1-9742-807A2B9328BC}" = CCC Help English
"{FE8DFDD0-A543-4A83-B7A9-C411138194D5}" = Galerie de photos
"{FFFF6D5C-E2F1-4B40-BC89-8923312E89EB}}_is1" = ACE Mega CoDecS Pack
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Google Chrome" = Google Chrome
"InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"Intel AppUp(SM) center 33070" = Intel AppUp(R) center
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versione 1.75.0.1300
"NARA" = Norton Online Backup ARA
"NIS" = Norton Internet Security
"Revo Uninstaller" = Revo Uninstaller 1.95
"WinLiveSuite" = Windows Live Essentials

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 28/01/2014 14:29:30 | Computer Name = pc-Marta | Source = ATIeRecord | ID = 16388
Description = ATI EEU Client event error

Error - 29/01/2014 07:33:08 | Computer Name = pc-Marta | Source = Customer Experience Improvement Program | ID = 1008
Description =

Error - 01/02/2014 10:35:48 | Computer Name = pc-Marta | Source = Application Error | ID = 1000
Description = Nome dell'applicazione che ha generato l'errore: chp1B2E.tmp, versione:
1.0.0.1, timestamp: 0x40d03f1d Nome del modulo che ha generato l'errore: ntdll.dll,
versione: 6.2.9200.16578, timestamp: 0x515fac6e Codice eccezione: 0xc0000005 Offset
errore 0x00043632 ID processo che ha generato l'errore: 0xccc Ora di avvio dell'applicazione
che ha generato l'errore: 0x01cf1f581543504b Percorso dell'applicazione che ha generato
l'errore: C:\Program Files (x86)\ACE Mega CoDecS Pack\Anti-Virus\chp1B2E.tmp Percorso
del modulo che ha generato l'errore: C:\windows\SYSTEM32\ntdll.dll ID segnalazione:
23ca1b04-8b4e-11e3-be9f-50b7c3d61b77 Nome completo pacchetto che ha generato l'errore:
ID applicazione relativo al pacchetto che ha generato l'errore:

Error - 01/02/2014 10:35:50 | Computer Name = pc-Marta | Source = Application Error | ID = 1000
Description = Nome dell'applicazione che ha generato l'errore: chp1B2E.tmp, versione:
1.0.0.1, timestamp: 0x40d03f1d Nome del modulo che ha generato l'errore: unknown,
versione: 0.0.0.0, timestamp: 0x00000000 Codice eccezione: 0xc0000005 Offset errore
0x7726f9dd ID processo che ha generato l'errore: 0xccc Ora di avvio dell'applicazione
che ha generato l'errore: 0x01cf1f581543504b Percorso dell'applicazione che ha generato
l'errore: C:\Program Files (x86)\ACE Mega CoDecS Pack\Anti-Virus\chp1B2E.tmp Percorso
del modulo che ha generato l'errore: unknown ID segnalazione: 2536e7c9-8b4e-11e3-be9f-50b7c3d61b77
Nome
completo pacchetto che ha generato l'errore: ID applicazione relativo al pacchetto
che ha generato l'errore:

Error - 01/02/2014 11:04:32 | Computer Name = pc-Marta | Source = Application Hang | ID = 1002
Description = Il programma SystemSettings.exe versione 6.2.9200.16420 non interagisce
più con Windows ed è stato chiuso. Per vedere se sono disponibili ulteriori informazioni
sul problema, verificare la cronologia del problema in Centro operativo nel Pannello
di controllo. ID processo: 18c4 Ora di avvio: 01cf1f5ede4bbf9f Ora di chiusura: 0 Percorso
applicazione: C:\windows\ImmersiveControlPanel\SystemSettings.exe ID segnalazione:
25834d64-8b52-11e3-be9f-50b7c3d61b77 Nome completo pacchetto che ha generato l'errore:
windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy ID applicazione
relativo al pacchetto che ha generato l'errore: microsoft.windows.immersivecontrolpanel

Error - 02/02/2014 08:30:14 | Computer Name = pc-Marta | Source = Application Error | ID = 1000
Description = Nome dell'applicazione che ha generato l'errore: WLXTranscode.exe,
versione: 16.4.3503.728, timestamp: 0x5013b325 Nome del modulo che ha generato l'errore:
MatroskaSplitter.ax, versione: 1.0.2.4, timestamp: 0x413c82e2 Codice eccezione:
0xc0000005 Offset errore 0x000023c5 ID processo che ha generato l'errore: 0x12e0 Ora
di avvio dell'applicazione che ha generato l'errore: 0x01cf201284612ee5 Percorso
dell'applicazione che ha generato l'errore: C:\Program Files (x86)\Windows Live\Photo
Gallery\WLXTranscode.exe Percorso del modulo che ha generato l'errore: C:\Program
Files (x86)\ACE Mega CoDecS Pack\SystemS\Gabest\MatroskaSplitter.ax ID segnalazione:
c39fdab5-8c05-11e3-be9f-50b7c3d61b77 Nome completo pacchetto che ha generato l'errore:
ID applicazione relativo al pacchetto che ha generato l'errore:

Error - 02/02/2014 08:31:54 | Computer Name = pc-Marta | Source = Application Error | ID = 1000
Description = Nome dell'applicazione che ha generato l'errore: wmplayer.exe, versione:
12.0.9200.16420, timestamp: 0x505aa40e Nome del modulo che ha generato l'errore:
MatroskaSplitter.ax, versione: 1.0.2.4, timestamp: 0x413c82e2 Codice eccezione:
0xc0000005 Offset errore 0x000023c5 ID processo che ha generato l'errore: 0x1f2c Ora
di avvio dell'applicazione che ha generato l'errore: 0x01cf2012a192d7ab Percorso
dell'applicazione che ha generato l'errore: C:\Program Files (x86)\Windows Media
Player\wmplayer.exe Percorso del modulo che ha generato l'errore: C:\Program Files
(x86)\ACE Mega CoDecS Pack\SystemS\Gabest\MatroskaSplitter.ax ID segnalazione: fee9751e-8c05-11e3-be9f-50b7c3d61b77
Nome
completo pacchetto che ha generato l'errore: ID applicazione relativo al pacchetto
che ha generato l'errore:

Error - 11/02/2014 10:25:35 | Computer Name = pc-Marta | Source = ATIeRecord | ID = 16388
Description = ATI EEU Client event error

Error - 22/02/2014 09:32:36 | Computer Name = pc-Marta | Source = Perflib | ID = 1023
Description =

Error - 22/02/2014 09:44:08 | Computer Name = pc-Marta | Source = Application Error | ID = 1000
Description = Nome dell'applicazione che ha generato l'errore: FirstLogonAnim.exe,
versione: 6.3.9600.16384, timestamp: 0x5215e092 Nome del modulo che ha generato
l'errore: igd10iumd64.dll, versione: 10.18.10.3379, timestamp: 0x52b20b1c Codice
eccezione: 0xc0000005 Offset errore 0x000000000021c7b0 ID processo che ha generato
l'errore: 0xd84 Ora di avvio dell'applicazione che ha generato l'errore: 0x01cf2fd3df9da6d6
Percorso
dell'applicazione che ha generato l'errore: C:\WINDOWS\system32\oobe\FirstLogonAnim.exe
Percorso
del modulo che ha generato l'errore: C:\WINDOWS\SYSTEM32\igd10iumd64.dll ID segnalazione:
66f2f546-9bc7-11e3-824f-50b7c3d61b77 Nome completo pacchetto che ha generato l'errore:
ID applicazione relativo al pacchetto che ha generato l'errore:

[ System Events ]
Error - 28/01/2014 13:24:03 | Computer Name = pc-Marta | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Errore di installazione. Non è stato possibile installare il seguente
aggiornamento, errore 0x800f0922: Aggiornamento per il pacchetto di codec della
fotocamera Microsoft per Windows 8 per i sistemi x64 (KB2899190).

Error - 28/01/2014 13:24:03 | Computer Name = pc-Marta | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Errore di installazione. Non è stato possibile installare il seguente
aggiornamento, errore 0x800f0922: Aggiornamento della protezione per Windows 8
per sistemi basati su x64 (KB2871690).

Error - 28/01/2014 13:24:03 | Computer Name = pc-Marta | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Errore di installazione. Non è stato possibile installare il seguente
aggiornamento, errore 0x800f0922: Aggiornamento per Windows 8 per sistemi x64 (KB2785094).

Error - 28/01/2014 13:24:03 | Computer Name = pc-Marta | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Errore di installazione. Non è stato possibile installare il seguente
aggiornamento, errore 0x800f0922: Aggiornamento per Windows 8 per sistemi x64 (KB2889784).

Error - 28/01/2014 13:24:03 | Computer Name = pc-Marta | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Errore di installazione. Non è stato possibile installare il seguente
aggiornamento, errore 0x800f0922: Aggiornamento per Windows 8 per sistemi x64 (KB2883201).

Error - 28/01/2014 13:24:03 | Computer Name = pc-Marta | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Errore di installazione. Non è stato possibile installare il seguente
aggiornamento, errore 0x800f0922: Aggiornamento per Windows 8 per sistemi x64 (KB2862768).

Error - 28/01/2014 13:24:03 | Computer Name = pc-Marta | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Errore di installazione. Non è stato possibile installare il seguente
aggiornamento, errore 0x800f0922: Aggiornamento per Windows 8 per sistemi x64 (KB2903938).

Error - 01/02/2014 09:51:05 | Computer Name = pc-Marta | Source = DCOM | ID = 10010
Description =

Error - 01/02/2014 09:57:53 | Computer Name = pc-Marta | Source = DCOM | ID = 10010
Description =

Error - 01/02/2014 09:57:53 | Computer Name = pc-Marta | Source = Microsoft-Windows-LanguagePackSetup | ID = 1000
Description = Inizializzazione del client CBS non riuscita. Ultimo errore: 0x80080005


< End of report >
Torna in alto
 
r16
Inviato: Wednesday, March 19, 2014 9:28:59 PM
Rank: AiutAmico

Iscritto dal : 8/7/2007
Posts: 11,016
Sinceramente il log Extra non è che mi sia molto utile.
Serve di più il log OTL.txt.

Elimina questa voce di HijackThis
Commenta:
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:13828
Torna in alto
 
Ibisco1980
Inviato: Saturday, March 22, 2014 10:08:46 AM
Rank: Member

Iscritto dal : 10/7/2005
Posts: 9
grazie mille, ti allego il log OTL, aiutami perche qui i messaggi pubblicitari mi stanno bombardando, pc formatto e riportato ad impostazioni di fabbrica con win 8.1 e solo dopo alcuni giorni è un massacro di messaggi, ho il norton e malwarebyte eppure ho preso un sacco di immondizia con pochi giorni, non capisco prp
grazie

OTL logfile created on: 22/03/2014 09:59:20 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Marta\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16521)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

7,89 Gb Total Physical Memory | 5,54 Gb Available Physical Memory | 70,15% Memory free
9,14 Gb Paging File | 6,70 Gb Available in Paging File | 73,28% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 903,33 Gb Total Space | 819,56 Gb Free Space | 90,73% Space Free | Partition Type: NTFS

Computer Name: PC-MARTA | User Name: Marta | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Marta\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files (x86)\View-Password\ViewPassword154.exe ()
PRC - C:\Program Files (x86)\View-Password\ViewPassword_wd.exe ()
PRC - C:\ProgramData\SAMSUNG\SW Update Service\SWMAgent.exe (Samsung Electronics CO., LTD.)
PRC - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros)
PRC - C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe (Samsung Electronics CO., LTD.)
PRC - C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe ()
PRC - C:\Program Files (x86)\Samsung\Settings\sSettings.exe (Samsung Electronics CO., LTD.)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
PRC - C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (CyberLink)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)


========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libegl.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Servf73e6522#\fd55ac3f3e215b2ad0cfe87d56ae21b8\System.ServiceModel.Web.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\2155ee74acbc0781a44c2077ab3b95af\System.IdentityModel.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorDataMcfeeca6f#\8f274a0e4d3667a11dab1fcb145adf80\IAStorDataMgrSvcInterfaces.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorCommon\b95bc732481350017e7cfc595a2a8d04\IAStorCommon.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorUtil\479b2ef25b87874c75a8901e7d3be217\IAStorUtil.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\805be8b7f84002fd634adf0a6cc01047\System.ServiceModel.Internals.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\c2f2c5073965c1d04b9023f65d3fe349\SMDiagnostics.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\fd6afdb3a9309e9af89222b778f5901c\System.Xml.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\ec3e85d83522363e943a978c0572e360\System.Windows.Forms.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\31db5628e84268154f3bbeba0f7780df\System.ServiceModel.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\b110ef93e43ad2abdfa7b12c99443144\System.Runtime.Serialization.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\15ead42b8d352194f0f3fbba4f7ae02b\System.Drawing.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\9ab0202718d44c5bfe5120745304808a\System.Configuration.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\ab8978239d891c4afffd6a6df3996a6e\System.Core.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\8455c031f8ffe82a0109c563873260e8\System.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\ebdd49343f711b2029293f8e621b28a2\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\View-Password\ViewPassword_wd.exe ()
MOD - C:\Program Files (x86)\Intel\IntelAppStore\bin\sqlite3.dll ()
MOD - C:\Program Files (x86)\Intel\IntelAppStore\bin\zlib1.dll ()
MOD - C:\Program Files (x86)\Intel\IntelAppStore\bin\osEvents.dll ()
MOD - C:\Program Files (x86)\Intel\IntelAppStore\bin\log4cplus.dll ()
MOD - C:\Program Files (x86)\Intel\IntelAppStore\bin\libgsoap.dll ()
MOD - C:\Program Files (x86)\Intel\IntelAppStore\bin\eventsSender.dll ()
MOD - C:\Program Files (x86)\Intel\IntelAppStore\bin\featureController.dll ()
MOD - C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManagerStarter.dll ()
MOD - C:\Program Files (x86)\Intel\IntelAppStore\bin\deviceProfile.dll ()
MOD - C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll ()
MOD - C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll ()
MOD - C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll ()
MOD - C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll ()
MOD - C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll ()


========== Services (SafeList) ==========

SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (IEEtwCollectorService) -- C:\WINDOWS\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (AppXSvc) -- C:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (workfolderssvc) -- C:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation)
SRV:64bit: - (AppReadiness) -- C:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (lfsvc) -- C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (WEPHOSTSVC) -- C:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicguestinterface) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (smphost) -- C:\Windows\SysNative\smphost.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (ScDeviceEnum) -- C:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcbService) -- C:\Windows\SysNative\ncbservice.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV - (ViewPassword) -- C:\Program Files (x86)\View-Password\ViewPassword154.exe ()
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (lfsvc) -- C:\Windows\SysWOW64\GeofenceMonitorService.dll (Microsoft Corporation)
SRV - (SWUpdateService) -- C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe (Samsung Electronics CO., LTD.)
SRV - (NIS) -- C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe (Symantec Corporation)
SRV - (PrintNotify) -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (smphost) -- C:\Windows\SysWOW64\smphost.dll (Microsoft Corporation)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (AtherosSvc) -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe (Qualcomm Atheros Commnucations)
SRV - (ZAtheros Bt and Wlan Coex Agent) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros)
SRV - (Easy Launcher) -- C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe (Samsung Electronics CO., LTD.)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (NOBU) -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (Symantec Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
SRV - (Intel(R) -- C:\Programmi\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)


========== Driver Services (SafeList) ==========

DRV:64bit: - (spaceport) -- C:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (SerCx2) -- C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (intelpep) -- C:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation)
DRV:64bit: - (SymEvent) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS (Symantec Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (intaud_WaveExtensible) -- C:\Windows\SysNative\drivers\intelaud.sys (Intel Corporation)
DRV:64bit: - (iwdbus) -- C:\Windows\SysNative\drivers\iwdbus.sys (Intel Corporation)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmpfd) -- C:\Windows\SysNative\drivers\amdkmpfd.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (stornvme) -- C:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (WdNisDrv) -- C:\Windows\SysNative\drivers\WdNisDrv.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (SymEFA) -- C:\Windows\SysNative\drivers\NISx64\1501000.012\SymEFA64.sys (Symantec Corporation)
DRV:64bit: - (SymIRON) -- C:\Windows\SysNative\drivers\NISx64\1501000.012\Ironx64.sys (Symantec Corporation)
DRV:64bit: - (SRTSP) -- C:\Windows\SysNative\drivers\NISx64\1501000.012\srtsp64.sys (Symantec Corporation)
DRV:64bit: - (SymNetS) -- C:\Windows\SysNative\drivers\NISx64\1501000.012\symnets.sys (Symantec Corporation)
DRV:64bit: - (ccSet_NIS) -- C:\Windows\SysNative\drivers\NISx64\1501000.012\ccSetx64.sys (Symantec Corporation)
DRV:64bit: - (SymELAM) -- C:\Windows\SysNative\drivers\NISx64\1501000.012\SymELAM.sys (Symantec Corporation)
DRV:64bit: - (SymDS) -- C:\Windows\SysNative\drivers\NISx64\1501000.012\SymDS64.sys (Symantec Corporation)
DRV:64bit: - (SRTSPX) -- C:\Windows\SysNative\drivers\NISx64\1501000.012\srtspx64.sys (Symantec Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (LSI_SAS3) -- C:\Windows\SysNative\drivers\lsi_sas3.sys (LSI Corporation)
DRV:64bit: - (ADP80XX) -- C:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (ReFS) -- C:\WINDOWS\SysNative\drivers\refs.sys (Microsoft Corporation)
DRV:64bit: - (UEFI) -- C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (ahcache) -- C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (netvsc) -- C:\Windows\SysNative\drivers\netvsc63.sys (Microsoft Corporation)
DRV:64bit: - (BthLEEnum) -- C:\Windows\SysNative\drivers\BthLEEnum.sys (Microsoft Corporation)
DRV:64bit: - (NdisVirtualBus) -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (iaStorAV) -- C:\Windows\SysNative\drivers\iaStorAV.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation)
DRV:64bit: - (RTL8168) -- C:\Windows\SysNative\drivers\Rt630x64.sys (Realtek )
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athw8x.sys (Qualcomm Atheros Communications, Inc.)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\drivers\btfilter.sys (Qualcomm Atheros)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\drivers\iaStorA.sys (Intel Corporation)
DRV:64bit: - (RadioHIDMini) -- C:\Windows\SysNative\drivers\RadioHIDMini.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (CLVirtualDrive) -- C:\Windows\SysNative\drivers\CLVirtualDrive.sys (CyberLink)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (RSUSBVSTOR) -- C:\Windows\SysNative\drivers\RtsUVStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (ccSet_NARA) -- C:\Windows\SysNative\drivers\NARAx64\0401000.00E\ccSetx64.sys (Symantec Corporation)
DRV:64bit: - (KMWDFILTER) -- C:\Windows\SysNative\drivers\KMWDFILTER.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (IDSVia64) -- C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140321.001\IDSvia64.sys (Symantec Corporation)
DRV - (NAVEX15) -- C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140321.023\EX64.SYS (Symantec Corporation)
DRV - (eeCtrl) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (NAVENG) -- C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140321.023\ENG64.SYS (Symantec Corporation)
DRV - (BHDrvx64) -- C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140214.001\BHDrvx64.sys (Symantec Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {5F6AE902-9EA7-4329-89CC-8F8737BA95CD}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{5F6AE902-9EA7-4329-89CC-8F8737BA95CD}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{5F6AE902-9EA7-4329-89CC-8F8737BA95CD}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2830974330-3213038589-3334289725-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-2830974330-3213038589-3334289725-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
IE - HKU\S-1-5-21-2830974330-3213038589-3334289725-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.it.msn.com/
IE - HKU\S-1-5-21-2830974330-3213038589-3334289725-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = it-IT
IE - HKU\S-1-5-21-2830974330-3213038589-3334289725-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 21 EE E5 F9 50 35 CF 01 [binary data]
IE - HKU\S-1-5-21-2830974330-3213038589-3334289725-1001\..\SearchScopes,DefaultScope = {5F6AE902-9EA7-4329-89CC-8F8737BA95CD}
IE - HKU\S-1-5-21-2830974330-3213038589-3334289725-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKU\S-1-5-21-2830974330-3213038589-3334289725-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-2830974330-3213038589-3334289725-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:13828


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3503.0728: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5: C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\intel.com/AppUp: C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll (Intel)
FF - HKCU\Software\MozillaPlugins\intel.com/AppUpx64: C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\ [2014/03/19 19:16:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF [2014/01/18 13:30:40 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2013/08/22 14:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
O2:64bit: - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\IPS\IPSBHO.DLL (Symantec Corporation)
O3:64bit: - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
O3:64bit: - HKU\S-1-5-21-2830974330-3213038589-3334289725-1001\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
O3 - HKU\S-1-5-21-2830974330-3213038589-3334289725-1001\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [BtTray] C:\Program Files (x86)\Bluetooth Suite\BtTray.exe (Qualcomm Atheros)
O4:64bit: - HKLM..\Run: [BtvStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [CLMLServer_For_P2G8] C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (CyberLink)
O4 - HKLM..\Run: [CLVirtualDrive] C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe (CyberLink Corp.)
O4 - HKLM..\Run: [fst_it_62] File not found
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4 - HKLM..\Run: [Intel AppUp(R) center] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe (Intel Corporation)
O4 - HKLM..\Run: [Intel AppUp(SM) center] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe (Intel Corporation)
O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O9 - Extra Button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F811A574-8392-4A1E-B776-9B8BA0CCDD6F}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programmi\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{d67274b0-9bc2-11e3-824e-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{d67274b0-9bc2-11e3-824e-806e6f6e6963}\Shell\AutoRun\command - "" = "D:\SETUP.EXE"
O33 - MountPoints2\{d67274b0-9bc2-11e3-824e-806e6f6e6963}\Shell\configure\command - "" = D:\SETUP.EXE
O33 - MountPoints2\{d67274b0-9bc2-11e3-824e-806e6f6e6963}\Shell\install\command - "" = D:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 60 Days ==========

[2014/03/22 09:45:48 | 000,000,000 | ---D | C] -- C:\Users\Marta\Desktop\Nuova cartella
[2014/03/22 08:56:05 | 000,000,000 | R--D | C] -- C:\Users\Marta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2014/03/19 20:02:59 | 000,000,000 | ---D | C] -- C:\Users\Marta\Desktop\backups
[2014/03/19 19:38:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2014/03/19 19:17:28 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2014/03/19 19:14:08 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/03/18 18:38:22 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Marta\Desktop\HijackThis.exe
[2014/03/18 18:22:18 | 018,576,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2014/03/18 18:22:16 | 013,949,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2014/03/18 18:22:10 | 000,960,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFMediaEngine.dll
[2014/03/18 18:22:09 | 000,914,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ReAgent.dll
[2014/03/18 18:22:09 | 000,802,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll
[2014/03/18 18:22:09 | 000,481,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsvr.dll
[2014/03/18 18:22:08 | 000,770,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ReAgent.dll
[2014/03/18 18:22:08 | 000,749,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncCore.dll
[2014/03/18 18:22:08 | 000,628,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncHost.exe
[2014/03/18 18:22:08 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncHost.exe
[2014/03/18 18:22:08 | 000,461,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XpsGdiConverter.dll
[2014/03/18 18:22:08 | 000,381,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsvr.dll
[2014/03/18 18:22:07 | 000,842,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MsSpellCheckingFacility.dll
[2014/03/18 18:22:07 | 000,588,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncCore.dll
[2014/03/18 18:22:07 | 000,419,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hal.dll
[2014/03/18 18:22:07 | 000,382,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2014/03/18 18:22:07 | 000,336,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XpsGdiConverter.dll
[2014/03/18 18:22:07 | 000,325,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBXHCI.SYS
[2014/03/18 18:22:07 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSClient.dll
[2014/03/18 18:22:07 | 000,174,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSClient.dll
[2014/03/18 18:22:06 | 001,720,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2014/03/18 18:22:06 | 000,947,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\reseteng.dll
[2014/03/18 18:22:06 | 000,630,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MsSpellCheckingFacility.dll
[2014/03/18 18:22:06 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sti.dll
[2014/03/18 18:22:06 | 000,178,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\easwrt.dll
[2014/03/18 18:22:06 | 000,131,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\easinvoker.exe
[2014/03/18 18:22:05 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\easwrt.dll
[2014/03/15 13:54:04 | 001,643,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2014/03/15 13:54:04 | 001,507,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2014/03/15 13:53:58 | 005,768,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2014/03/15 13:53:58 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2014/03/15 13:53:58 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2014/03/15 13:53:58 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2014/03/15 13:53:58 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2014/03/15 13:53:38 | 006,640,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll
[2014/03/15 13:53:38 | 005,770,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll
[2014/03/15 13:53:38 | 004,175,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dbgeng.dll
[2014/03/15 13:53:38 | 002,143,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2014/03/15 13:53:38 | 002,133,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2014/03/15 13:53:38 | 001,928,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\combase.dll
[2014/03/15 13:53:38 | 001,371,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\combase.dll
[2014/03/15 13:53:38 | 001,287,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kernel32.dll
[2014/03/15 13:53:38 | 000,764,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmpeg2srcsnk.dll
[2014/03/15 13:53:38 | 000,669,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll
[2014/03/15 13:53:38 | 000,407,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Faultrep.dll
[2014/03/15 13:53:37 | 002,873,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dbgeng.dll
[2014/03/15 13:53:37 | 001,486,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dbghelp.dll
[2014/03/15 13:53:37 | 001,238,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dbghelp.dll
[2014/03/15 13:53:37 | 001,057,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdvidcrl.dll
[2014/03/15 13:53:37 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdvidcrl.dll
[2014/03/15 13:53:37 | 000,458,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerFault.exe
[2014/03/15 13:53:37 | 000,447,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppcomapi.dll
[2014/03/15 13:53:37 | 000,408,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerFault.exe
[2014/03/15 13:53:37 | 000,369,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Faultrep.dll
[2014/03/15 13:53:37 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpencom.dll
[2014/03/15 13:53:37 | 000,233,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfps.dll
[2014/03/15 13:53:37 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdpencom.dll
[2014/03/15 13:53:37 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DWWIN.EXE
[2014/03/15 13:53:37 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DWWIN.EXE
[2014/03/15 13:53:37 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tsgqec.dll
[2014/03/15 13:53:37 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tsgqec.dll
[2014/03/15 13:53:20 | 000,236,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdFilter.sys
[2014/03/15 13:53:20 | 000,124,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdNisDrv.sys
[2014/03/15 13:53:20 | 000,035,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdBoot.sys
[2014/03/15 13:53:09 | 000,586,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\qedit.dll
[2014/03/15 13:53:09 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\qedit.dll
[2014/03/01 14:08:25 | 002,051,696 | ---- | C] (Bitdefender SRL) -- C:\Users\Marta\AppData\Local\qs64.dll
[2014/03/01 14:08:25 | 000,733,224 | ---- | C] (Bitdefender SRL) -- C:\Users\Marta\AppData\Local\qs.dll
[2014/02/27 18:04:34 | 000,000,000 | ---D | C] -- C:\Users\Marta\dikeDownload
[2014/02/27 18:03:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InfoCert S.p.A
[2014/02/27 18:03:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\InfoCert
[2014/02/27 18:02:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Installations
[2014/02/27 17:55:39 | 030,826,464 | ---- | C] (InfoCert S.p.A ) -- C:\Program Files\Dike 5.5.0.exe
[2014/02/25 22:53:19 | 000,000,000 | R--D | C] -- C:\WINDOWS\BrowserChoice
[2014/02/25 22:06:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\PCHEALTH
[2014/02/23 12:27:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2014/02/22 14:48:08 | 000,000,000 | R--D | C] -- C:\Users\Marta\SkyDrive
[2014/02/22 14:42:41 | 000,036,096 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SysNative\drivers\amdkmpfd.sys
[2014/02/22 14:42:18 | 000,000,000 | ---D | C] -- C:\Users\Marta\AppData\Roaming\Identities
[2014/02/22 14:35:33 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Video
[2014/02/22 14:35:33 | 000,000,000 | -HSD | C] -- C:\Programmi
[2014/02/22 14:35:33 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Musica
[2014/02/22 14:35:33 | 000,000,000 | -HSD | C] -- C:\ProgramData\Modelli
[2014/02/22 14:35:33 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Avvio
[2014/02/22 14:35:33 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Immagini
[2014/02/22 14:35:33 | 000,000,000 | -HSD | C] -- C:\Program Files\File comuni
[2014/02/22 14:35:33 | 000,000,000 | -HSD | C] -- C:\ProgramData\Documenti
[2014/02/22 14:35:33 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dati applicazioni
[2014/02/22 14:19:14 | 000,000,000 | --SD | C] -- C:\Users\Marta\AppData\Roaming\Microsoft
[2014/02/22 14:19:14 | 000,000,000 | R--D | C] -- C:\Users\Marta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2014/02/22 14:19:14 | 000,000,000 | R--D | C] -- C:\Users\Marta\Favorites
[2014/02/22 14:19:14 | 000,000,000 | R--D | C] -- C:\Users\Marta\Documents
[2014/02/22 14:19:14 | 000,000,000 | R--D | C] -- C:\Users\Marta\Desktop
[2014/02/22 14:19:14 | 000,000,000 | R--D | C] -- C:\Users\Marta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/02/22 14:19:14 | 000,000,000 | R--D | C] -- C:\Users\Marta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2014/02/22 14:19:14 | 000,000,000 | -HSD | C] -- C:\Users\Marta\Documents\Video
[2014/02/22 14:19:14 | 000,000,000 | -HSD | C] -- C:\Users\Marta\AppData\Local\Temporary Internet Files
[2014/02/22 14:19:14 | 000,000,000 | -HSD | C] -- C:\Users\Marta\SendTo
[2014/02/22 14:19:14 | 000,000,000 | -HSD | C] -- C:\Users\Marta\Risorse di stampa
[2014/02/22 14:19:14 | 000,000,000 | -HSD | C] -- C:\Users\Marta\Risorse di rete
[2014/02/22 14:19:14 | 000,000,000 | -HSD | C] -- C:\Users\Marta\Recenti
[2014/02/22 14:19:14 | 000,000,000 | -HSD | C] -- C:\Users\Marta\Documents\Musica
[2014/02/22 14:19:14 | 000,000,000 | -HSD | C] -- C:\Users\Marta\Modelli
[2014/02/22 14:19:14 | 000,000,000 | -HSD | C] -- C:\Users\Marta\Menu Avvio
[2014/02/22 14:19:14 | 000,000,000 | -HSD | C] -- C:\Users\Marta\Impostazioni locali
[2014/02/22 14:19:14 | 000,000,000 | -HSD | C] -- C:\Users\Marta\Documents\Immagini
[2014/02/22 14:19:14 | 000,000,000 | -HSD | C] -- C:\Users\Marta\Documenti
[2014/02/22 14:19:14 | 000,000,000 | -HSD | C] -- C:\Users\Marta\Dati applicazioni
[2014/02/22 14:19:14 | 000,000,000 | -HSD | C] -- C:\Users\Marta\AppData\Local\Dati applicazioni
[2014/02/22 14:19:14 | 000,000,000 | -HSD | C] -- C:\Users\Marta\AppData\Local\Cronologia
[2014/02/22 14:19:14 | 000,000,000 | -HSD | C] -- C:\Users\Marta\Cookies
[2014/02/22 14:19:14 | 000,000,000 | -H-D | C] -- C:\Users\Marta\AppData
[2014/02/22 14:19:14 | 000,000,000 | ---D | C] -- C:\Users\Marta\AppData\Local\Temp
[2014/02/22 14:19:14 | 000,000,000 | ---D | C] -- C:\Users\Marta\AppData\Local\Microsoft
[2014/02/22 14:19:14 | 000,000,000 | ---D | C] -- C:\Users\Marta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/02/22 14:14:40 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2014/02/22 14:14:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\SRSLabs
[2014/02/22 14:14:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\RTCOM
[2014/02/22 14:14:31 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2014/02/22 14:14:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel
[2014/02/22 14:13:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2014/02/22 14:13:39 | 000,000,000 | ---D | C] -- C:\AMD
[2014/02/22 14:13:30 | 000,000,000 | ---D | C] -- C:\Program Files\AMD
[2014/02/22 14:13:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2014/02/22 14:11:01 | 000,000,000 | -HSD | C] -- C:\Recovery
[2014/02/22 14:10:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\Panther
[2014/02/22 14:09:51 | 000,548,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2014/02/22 14:09:47 | 000,570,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msdrm.dll
[2014/02/22 14:09:40 | 000,075,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\imagehlp.dll
[2014/02/22 14:09:33 | 001,113,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2014/02/22 14:09:29 | 000,787,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uDWM.dll
[2014/02/22 14:09:26 | 000,393,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMPhoto.dll
[2014/02/22 14:09:26 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMPhoto.dll
[2014/02/22 14:09:23 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pcaui.exe
[2014/02/22 14:09:23 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\pcaui.exe
[2014/02/22 14:09:19 | 003,395,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSService.dll
[2014/02/22 14:09:19 | 000,848,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSShared.dll
[2014/02/22 14:09:19 | 000,695,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSShared.dll
[2014/02/22 14:09:19 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/02/22 14:09:19 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/02/22 14:09:19 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSCollect.exe
[2014/02/22 14:08:53 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\scrrun.dll
[2014/02/22 14:08:53 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\scrrun.dll
[2014/02/22 14:08:43 | 000,615,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MDMAgent.exe
[2014/02/22 14:08:43 | 000,287,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mdmregistration.dll
[2014/02/22 14:08:43 | 000,240,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mdmregistration.dll
[2014/02/22 14:08:33 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll
[2014/02/22 14:08:33 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrating.dll
[2014/02/22 14:08:33 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieUnatt.exe
[2014/02/22 14:08:33 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieUnatt.exe
[2014/02/22 14:08:33 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollector.exe
[2014/02/22 14:08:33 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesetup.dll
[2014/02/22 14:08:33 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesetup.dll
[2014/02/22 14:08:33 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieetwproxystub.dll
[2014/02/22 14:08:33 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwproxystub.dll
[2014/02/22 14:08:33 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iernonce.dll
[2014/02/22 14:08:33 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iernonce.dll
[2014/02/22 14:08:33 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollectorres.dll
[2014/02/22 14:08:32 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2014/02/22 14:08:32 | 001,964,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2014/02/22 14:08:32 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9diag.dll
[2014/02/22 14:08:32 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msrating.dll
[2014/02/22 14:07:44 | 013,209,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2014/02/22 14:07:44 | 011,702,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2014/02/22 14:07:44 | 007,416,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Search.dll
[2014/02/22 14:07:44 | 004,961,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Search.dll
[2014/02/22 14:07:44 | 001,462,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\propsys.dll
[2014/02/22 14:07:44 | 001,105,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchFolder.dll
[2014/02/22 14:07:26 | 004,217,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncEngine.dll
[2014/02/22 14:07:26 | 002,804,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll
[2014/02/22 14:07:26 | 000,919,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MrmCoreR.dll
[2014/02/22 14:07:26 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDrive.exe
[2014/02/22 14:07:26 | 000,720,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDriveTelemetry.dll
[2014/02/22 14:07:26 | 000,628,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MrmCoreR.dll
[2014/02/22 14:07:26 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDriveShell.dll
[2014/02/22 14:07:26 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winbici.dll
[2014/02/22 14:07:26 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SkyDriveShell.dll
[2014/02/22 14:07:07 | 004,604,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d2d1.dll
[2014/02/22 14:07:07 | 002,397,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d10warp.dll
[2014/02/22 14:06:40 | 003,210,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msmpeg2vdec.dll
[2014/02/22 14:06:40 | 002,804,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msmpeg2vdec.dll
[2014/02/22 14:06:40 | 002,617,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll
[2014/02/22 14:06:40 | 002,295,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll
[2014/02/22 14:06:40 | 001,415,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2014/02/22 14:06:40 | 001,399,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winmde.dll
[2014/02/22 14:06:40 | 001,374,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmpmde.dll
[2014/02/22 14:06:40 | 001,227,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mispace.dll
[2014/02/22 14:06:40 | 001,204,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winmde.dll
[2014/02/22 14:06:40 | 000,980,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mispace.dll
[2014/02/22 14:06:40 | 000,809,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmp4srcsnk.dll
[2014/02/22 14:06:40 | 000,745,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\oleaut32.dll
[2014/02/22 14:06:40 | 000,663,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmp4srcsnk.dll
[2014/02/22 14:06:40 | 000,589,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rastls.dll
[2014/02/22 14:06:40 | 000,513,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rastls.dll
[2014/02/22 14:06:40 | 000,470,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfds.dll
[2014/02/22 14:06:40 | 000,433,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfds.dll
[2014/02/22 14:06:40 | 000,306,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msieftp.dll
[2014/02/22 14:06:40 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemEventsBrokerServer.dll
[2014/02/22 14:06:40 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msieftp.dll
[2014/02/22 14:06:40 | 000,273,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Graphics.dll
[2014/02/22 14:06:40 | 000,263,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bisrv.dll
[2014/02/22 14:06:40 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Graphics.dll
[2014/02/22 14:06:40 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\deviceregistration.dll
[2014/02/22 14:06:40 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ubpm.dll
[2014/02/22 14:06:40 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\psmsrv.dll
[2014/02/22 14:06:40 | 000,032,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ploptin.dll
[2014/02/22 14:06:40 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bi.dll
[2014/02/22 14:06:40 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BtaMPM.sys
[2014/02/22 14:05:15 | 007,399,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2014/02/22 14:05:15 | 002,896,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msftedit.dll
[2014/02/22 14:05:15 | 002,570,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers.dll
[2014/02/22 14:05:15 | 002,266,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msftedit.dll
[2014/02/22 14:05:15 | 002,143,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2014/02/22 14:05:15 | 002,140,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d11.dll
[2014/02/22 14:05:15 | 001,843,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Display.dll
[2014/02/22 14:05:15 | 001,816,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Display.dll
[2014/02/22 14:05:15 | 001,765,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d11.dll
[2014/02/22 14:05:15 | 001,765,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2014/02/22 14:05:15 | 001,756,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMPDMC.exe
[2014/02/22 14:05:15 | 001,476,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi
[2014/02/22 14:05:15 | 001,391,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMPDMC.exe
[2014/02/22 14:05:15 | 001,345,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe
[2014/02/22 14:05:15 | 001,302,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2014/02/22 14:05:15 | 000,922,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.dll
[2014/02/22 14:05:15 | 000,747,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidcli.dll
[2014/02/22 14:05:15 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpncore.dll
[2014/02/22 14:05:15 | 000,544,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlidcli.dll
[2014/02/22 14:05:15 | 000,516,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxgi.dll
[2014/02/22 14:05:15 | 000,372,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys
[2014/02/22 14:05:15 | 000,358,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dcomp.dll
[2014/02/22 14:05:15 | 000,254,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentClient.dll
[2014/02/22 14:05:15 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dcomp.dll
[2014/02/22 14:05:15 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppXDeploymentClient.dll
[2014/02/22 14:05:15 | 000,146,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\SerCx2.sys
[2014/02/22 14:05:15 | 000,086,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\pdc.sys
[2014/02/22 14:05:15 | 000,039,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\intelpep.sys
[2014/02/22 14:05:15 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CredentialMigrationHandler.dll
[2014/02/22 14:05:15 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CredentialMigrationHandler.dll
[2014/02/22 14:02:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reference Assemblies
[2014/02/22 14:02:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\XPSViewer
[2014/02/22 14:02:07 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2014/02/22 14:02:07 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2014/02/22 14:02:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSBuild
[2014/02/22 14:01:40 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2014/02/22 14:01:40 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TsWpfWrp.exe
[2014/02/22 14:01:39 | 000,778,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PresentationNative_v0300.dll
[2014/02/22 14:01:39 | 000,124,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2014/02/22 14:01:39 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TsWpfWrp.exe
[2014/02/22 14:01:38 | 001,166,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PresentationNative_v0300.dll
[2014/02/22 13:47:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014/02/22 10:58:06 | 000,000,000 | ---D | C] -- C:\Users\Marta\AppData\Roaming\Malwarebytes
[2014/02/22 10:57:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014/02/22 10:57:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/02/22 10:57:48 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2014/02/22 10:57:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2014/02/22 10:53:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2014/02/22 10:53:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio
[2014/02/22 10:53:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2014/02/22 10:48:21 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2014/02/22 10:48:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2014/02/22 10:47:23 | 000,000,000 | ---D | C] -- C:\Users\Marta\AppData\Local\Microsoft Help
[2014/02/22 10:47:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2014/02/22 10:46:59 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2014/02/22 10:39:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group
[2014/02/22 10:39:42 | 000,000,000 | ---D | C] -- C:\Users\Marta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2014/02/22 10:37:49 | 000,000,000 | ---D | C] -- C:\Users\Marta\AppData\Local\Programs
[2014/02/22 10:37:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\View-Password
[2014/02/22 10:17:51 | 000,000,000 | R--D | C] -- C:\Users\Marta\Documents\RocketLifeNetwork
[2014/02/22 10:17:51 | 000,000,000 | ---D | C] -- C:\Users\Marta\AppData\Roaming\Visan
[2014/02/22 10:12:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Visan
[2014/02/02 13:34:38 | 000,000,000 | ---D | C] -- C:\Users\Marta\AppData\Roaming\WebApp
[2014/02/02 13:30:27 | 000,000,000 | ---D | C] -- C:\Users\Marta\AppData\Local\Windows Live
[2014/02/02 13:27:48 | 000,000,000 | ---D | C] -- C:\Users\Marta\Documents\CyberLink
[2014/02/02 13:27:47 | 000,000,000 | ---D | C] -- C:\Users\Marta\AppData\Roaming\CyberLink
[2014/02/01 15:54:17 | 000,000,000 | ---D | C] -- C:\Users\Marta\AppData\Local\ElevatedDiagnostics
[2014/02/01 15:40:09 | 000,000,000 | ---D | C] -- C:\Users\Marta\AppData\Local\Diagnostics
[2014/02/01 15:35:50 | 000,000,000 | ---D | C] -- C:\Users\Marta\AppData\Local\CrashDumps
[2014/02/01 14:42:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ACE Mega CoDecS Pack
[2014/02/01 14:40:57 | 001,650,688 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\SysWow64\mplva6.dll
[2014/02/01 14:40:57 | 001,581,056 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\SysWow64\mplvw7.dll
[2014/02/01 14:40:57 | 001,552,384 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\SysWow64\mplvm6.dll
[2014/02/01 14:40:57 | 001,122,304 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\SysWow64\mplvpx.dll
[2014/02/01 14:40:57 | 000,077,824 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\SysWow64\mplaw7.dll
[2014/02/01 14:40:57 | 000,077,824 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\SysWow64\mplaa6.dll
[2014/02/01 14:40:57 | 000,065,536 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\SysWow64\mplapx.dll
[2014/02/01 14:40:57 | 000,065,536 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\SysWow64\mplam6.dll
[2014/02/01 14:40:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ACE Mega CoDecS Pack
[2014/01/28 18:41:46 | 000,000,000 | ---D | C] -- C:\Users\Marta\Documents\Torta soffice con cioccolato al latte con uova di pasqua_files
[2014/01/28 18:41:42 | 000,000,000 | ---D | C] -- C:\Users\Marta\Documents\Torcolo al cioccolato._files
[2014/01/28 18:41:41 | 000,000,000 | ---D | C] -- C:\Users\Marta\Documents\Ricette avanzi uova di pasqua, la torta marmorizzata_files
[2014/01/23 09:04:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2014/01/23 09:04:17 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2014/01/23 09:04:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2014/01/23 08:38:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2014/01/23 08:38:49 | 000,000,000 | ---D | C] -- C:\Users\Marta\AppData\Local\Google
[2014/01/23 08:38:08 | 000,000,000 | ---D | C] -- C:\Users\Marta\AppData\Local\Apps
[2014/01/18 14:56:46 | 002,063,240 | ---- | C] (Samsung Electronics) -- C:\ProgramData\MakeMarkerFile.exe

========== Files - Modified Within 60 Days ==========

[2014/03/22 09:50:10 | 000,001,166 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/03/22 08:57:18 | 001,816,434 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014/03/22 08:57:18 | 000,804,602 | ---- | M] () -- C:\WINDOWS\SysNative\perfh010.dat
[2014/03/22 08:57:18 | 000,723,514 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014/03/22 08:57:18 | 000,157,224 | ---- | M] () -- C:\WINDOWS\SysNative\perfc010.dat
[2014/03/22 08:57:18 | 000,136,128 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014/03/22 08:56:18 | 000,002,201 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/03/22 08:56:12 | 000,001,162 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/03/22 08:55:43 | 000,000,422 | ---- | M] () -- C:\WINDOWS\tasks\View Password Update.job
[2014/03/22 08:55:39 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
[2014/03/22 08:55:37 | 000,000,410 | ---- | M] () -- C:\WINDOWS\tasks\View Password_wd.job
[2014/03/22 08:55:21 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/03/19 23:22:19 | 000,480,832 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2014/03/19 23:22:04 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/03/19 23:22:02 | 2485,940,223 | -HS- | M] () -- C:\hiberfil.sys
[2014/03/19 21:45:56 | 006,039,473 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\Cat.DB
[2014/03/19 19:12:43 | 001,950,720 | ---- | M] () -- C:\Users\Marta\Desktop\adwcleaner.exe
[2014/03/19 10:35:12 | 000,030,281 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\VT20140319.007
[2014/03/18 18:52:23 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2014/03/18 18:38:24 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Marta\Desktop\HijackThis.exe
[2014/03/15 15:55:00 | 000,000,870 | ---- | M] () -- C:\WINDOWS\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
[2014/03/12 09:29:19 | 000,000,172 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\NISx64\1502000.026\isolate.ini
[2014/03/04 23:53:05 | 000,105,464 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2014/03/04 23:53:04 | 000,693,240 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2014/03/04 05:18:12 | 001,148,120 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\NISx64\1502000.026\symefa64.sys
[2014/03/04 05:18:12 | 000,030,068 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\NISx64\1502000.026\symvtcer.dat
[2014/03/04 05:18:12 | 000,008,194 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\NISx64\1502000.026\symefa64.cat
[2014/03/04 05:18:12 | 000,003,433 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\NISx64\1502000.026\symefa.inf
[2014/03/01 14:08:25 | 002,051,696 | ---- | M] (Bitdefender SRL) -- C:\Users\Marta\AppData\Local\qs64.dll
[2014/03/01 14:08:25 | 000,733,224 | ---- | M] (Bitdefender SRL) -- C:\Users\Marta\AppData\Local\qs.dll
[2014/03/01 05:17:43 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2014/03/01 04:54:33 | 005,768,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2014/03/01 04:42:12 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2014/03/01 03:25:42 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2014/03/01 03:25:22 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2014/02/28 09:34:20 | 000,000,324 | ---- | M] () -- C:\Users\Marta\dike.ini
[2014/02/27 18:03:51 | 000,002,725 | ---- | M] () -- C:\Users\Public\Desktop\Dike.lnk
[2014/02/27 17:57:09 | 030,826,464 | ---- | M] (InfoCert S.p.A ) -- C:\Program Files\Dike 5.5.0.exe
[2014/02/27 10:04:48 | 000,082,893 | ---- | M] () -- C:\Users\Marta\Desktop\INAIL.pdf
[2014/02/22 15:47:30 | 000,002,060 | ---- | M] () -- C:\Users\Public\Desktop\Support Center.lnk
[2014/02/22 14:34:52 | 000,020,958 | ---- | M] () -- C:\WINDOWS\diagwrn.xml
[2014/02/22 14:34:52 | 000,020,958 | ---- | M] () -- C:\WINDOWS\diagerr.xml
[2014/02/22 14:34:35 | 000,022,928 | ---- | M] () -- C:\WINDOWS\SysNative\emptyregdb.dat
[2014/02/22 14:32:42 | 001,839,776 | ---- | M] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2014/02/22 14:14:49 | 000,000,264 | ---- | M] () -- C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job
[2014/02/22 14:14:48 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2014/02/22 14:09:51 | 000,548,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2014/02/22 14:09:47 | 000,570,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msdrm.dll
[2014/02/22 14:09:40 | 000,075,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\imagehlp.dll
[2014/02/22 14:09:33 | 001,113,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2014/02/22 14:09:29 | 000,787,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uDWM.dll
[2014/02/22 14:09:26 | 000,393,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMPhoto.dll
[2014/02/22 14:09:26 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMPhoto.dll
[2014/02/22 14:09:23 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pcaui.exe
[2014/02/22 14:09:23 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\pcaui.exe
[2014/02/22 14:09:19 | 003,395,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSService.dll
[2014/02/22 14:09:19 | 000,848,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSShared.dll
[2014/02/22 14:09:19 | 000,695,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSShared.dll
[2014/02/22 14:09:19 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/02/22 14:09:19 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/02/22 14:09:19 | 000,084,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSCollect.exe
[2014/02/22 14:08:53 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\scrrun.dll
[2014/02/22 14:08:53 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\scrrun.dll
[2014/02/22 14:08:43 | 000,615,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MDMAgent.exe
[2014/02/22 14:08:43 | 000,287,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mdmregistration.dll
[2014/02/22 14:08:43 | 000,240,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mdmregistration.dll
[2014/02/22 14:08:33 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll
[2014/02/22 14:08:33 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrating.dll
[2014/02/22 14:08:33 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieUnatt.exe
[2014/02/22 14:08:33 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieUnatt.exe
[2014/02/22 14:08:33 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollector.exe
[2014/02/22 14:08:33 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesetup.dll
[2014/02/22 14:08:33 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesetup.dll
[2014/02/22 14:08:33 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieetwproxystub.dll
[2014/02/22 14:08:33 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwproxystub.dll
[2014/02/22 14:08:33 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iernonce.dll
[2014/02/22 14:08:33 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iernonce.dll
[2014/02/22 14:08:33 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollectorres.dll
[2014/02/22 14:08:32 | 002,041,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2014/02/22 14:08:32 | 001,964,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2014/02/22 14:08:32 | 000,708,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9diag.dll
[2014/02/22 14:08:32 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msrating.dll
[2014/02/22 14:07:44 | 013,209,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2014/02/22 14:07:44 | 011,702,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2014/02/22 14:07:44 | 007,416,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Search.dll
[2014/02/22 14:07:44 | 004,961,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Search.dll
[2014/02/22 14:07:44 | 001,462,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\propsys.dll
[2014/02/22 14:07:44 | 001,105,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchFolder.dll
[2014/02/22 14:07:44 | 000,009,701 | ---- | M] () -- C:\WINDOWS\SysWow64\connectedsearch-results.searchconnector-ms
[2014/02/22 14:07:44 | 000,009,701 | ---- | M] () -- C:\WINDOWS\SysNative\connectedsearch-results.searchconnector-ms
[2014/02/22 14:07:26 | 004,217,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncEngine.dll
[2014/02/22 14:07:26 | 002,804,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll
[2014/02/22 14:07:26 | 000,919,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MrmCoreR.dll
[2014/02/22 14:07:26 | 000,870,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDrive.exe
[2014/02/22 14:07:26 | 000,720,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDriveTelemetry.dll
[2014/02/22 14:07:26 | 000,628,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MrmCoreR.dll
[2014/02/22 14:07:26 | 000,121,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDriveShell.dll
[2014/02/22 14:07:26 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winbici.dll
[2014/02/22 14:07:26 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SkyDriveShell.dll
[2014/02/22 14:07:07 | 004,604,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d2d1.dll
[2014/02/22 14:07:07 | 002,397,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d10warp.dll
[2014/02/22 14:06:40 | 003,210,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msmpeg2vdec.dll
[2014/02/22 14:06:40 | 002,804,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msmpeg2vdec.dll
[2014/02/22 14:06:40 | 002,617,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll
[2014/02/22 14:06:40 | 002,295,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll
[2014/02/22 14:06:40 | 001,415,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2014/02/22 14:06:40 | 001,399,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winmde.dll
[2014/02/22 14:06:40 | 001,374,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmpmde.dll
[2014/02/22 14:06:40 | 001,227,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mispace.dll
[2014/02/22 14:06:40 | 001,204,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winmde.dll
[2014/02/22 14:06:40 | 000,980,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mispace.dll
[2014/02/22 14:06:40 | 000,809,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmp4srcsnk.dll
[2014/02/22 14:06:40 | 000,745,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\oleaut32.dll
[2014/02/22 14:06:40 | 000,663,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmp4srcsnk.dll
[2014/02/22 14:06:40 | 000,589,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rastls.dll
[2014/02/22 14:06:40 | 000,513,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rastls.dll
[2014/02/22 14:06:40 | 000,470,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfds.dll
[2014/02/22 14:06:40 | 000,433,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfds.dll
[2014/02/22 14:06:40 | 000,306,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msieftp.dll
[2014/02/22 14:06:40 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemEventsBrokerServer.dll
[2014/02/22 14:06:40 | 000,273,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msieftp.dll
[2014/02/22 14:06:40 | 000,273,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Graphics.dll
[2014/02/22 14:06:40 | 000,263,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bisrv.dll
[2014/02/22 14:06:40 | 000,218,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Graphics.dll
[2014/02/22 14:06:40 | 000,207,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\deviceregistration.dll
[2014/02/22 14:06:40 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ubpm.dll
[2014/02/22 14:06:40 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\psmsrv.dll
[2014/02/22 14:06:40 | 000,032,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ploptin.dll
[2014/02/22 14:06:40 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bi.dll
[2014/02/22 14:06:40 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BtaMPM.sys
[2014/02/22 14:05:15 | 007,399,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2014/02/22 14:05:15 | 002,896,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msftedit.dll
[2014/02/22 14:05:15 | 002,570,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers.dll
[2014/02/22 14:05:15 | 002,266,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msftedit.dll
[2014/02/22 14:05:15 | 002,143,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2014/02/22 14:05:15 | 002,140,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d11.dll
[2014/02/22 14:05:15 | 001,843,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Display.dll
[2014/02/22 14:05:15 | 001,816,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Display.dll
[2014/02/22 14:05:15 | 001,765,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d11.dll
[2014/02/22 14:05:15 | 001,765,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2014/02/22 14:05:15 | 001,756,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMPDMC.exe
[2014/02/22 14:05:15 | 001,476,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi
[2014/02/22 14:05:15 | 001,391,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMPDMC.exe
[2014/02/22 14:05:15 | 001,345,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe
[2014/02/22 14:05:15 | 001,302,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2014/02/22 14:05:15 | 000,922,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.dll
[2014/02/22 14:05:15 | 000,747,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidcli.dll
[2014/02/22 14:05:15 | 000,566,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpncore.dll
[2014/02/22 14:05:15 | 000,544,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlidcli.dll
[2014/02/22 14:05:15 | 000,516,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxgi.dll
[2014/02/22 14:05:15 | 000,372,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys
[2014/02/22 14:05:15 | 000,358,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dcomp.dll
[2014/02/22 14:05:15 | 000,254,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentClient.dll
[2014/02/22 14:05:15 | 000,225,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dcomp.dll
[2014/02/22 14:05:15 | 000,198,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppXDeploymentClient.dll
[2014/02/22 14:05:15 | 000,146,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\SerCx2.sys
[2014/02/22 14:05:15 | 000,086,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\pdc.sys
[2014/02/22 14:05:15 | 000,039,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\intelpep.sys
[2014/02/22 14:05:15 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CredentialMigrationHandler.dll
[2014/02/22 14:05:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CredentialMigrationHandler.dll
[2014/02/22 10:57:50 | 000,001,141 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/02/22 10:39:43 | 000,001,296 | ---- | M] () -- C:\Users\Marta\Desktop\Revo Uninstaller.lnk
[2014/02/20 03:34:24 | 000,008,192 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\NISx64\1502000.026\symnet64.cat
[2014/02/18 02:32:41 | 000,593,112 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\NISx64\1502000.026\symnets.sys
[2014/02/18 02:32:35 | 000,001,440 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\NISx64\1502000.026\symnet.inf
[2014/02/13 02:59:49 | 000,875,736 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\NISx64\1502000.026\srtsp64.sys
[2014/02/13 02:59:49 | 000,008,192 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\NISx64\1502000.026\srtsp64.cat
[2014/02/13 02:59:49 | 000,001,437 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\NISx64\1502000.026\srtsp64.inf
[2014/02/11 03:43:06 | 000,488,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\qedit.dll
[2014/02/11 03:04:45 | 000,586,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\qedit.dll
[2014/01/31 17:07:00 | 000,233,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfps.dll
[2014/01/31 17:06:52 | 002,133,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2014/01/31 14:47:35 | 002,143,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2014/01/29 10:55:22 | 001,287,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kernel32.dll
[2014/01/29 09:53:43 | 000,458,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerFault.exe
[2014/01/29 09:53:43 | 000,407,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Faultrep.dll
[2014/01/29 09:49:19 | 001,928,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\combase.dll
[2014/01/29 08:44:15 | 000,408,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerFault.exe
[2014/01/29 08:44:15 | 000,369,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Faultrep.dll
[2014/01/29 08:44:10 | 001,371,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\combase.dll
[2014/01/29 07:41:41 | 000,208,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdpencom.dll
[2014/01/29 01:36:40 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpencom.dll
[2014/01/28 18:07:10 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2014/01/27 20:07:57 | 004,175,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dbgeng.dll
[2014/01/27 20:06:07 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tsgqec.dll
[2014/01/27 20:04:17 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DWWIN.EXE
[2014/01/27 19:23:33 | 002,873,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dbgeng.dll
[2014/01/27 19:21:36 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tsgqec.dll
[2014/01/27 19:20:16 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DWWIN.EXE
[2014/01/27 19:15:28 | 001,057,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdvidcrl.dll
[2014/01/27 18:43:19 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdvidcrl.dll
[2014/01/27 18:18:53 | 001,486,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dbghelp.dll
[2014/01/27 18:00:35 | 001,238,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dbghelp.dll
[2014/01/27 16:58:36 | 005,770,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll
[2014/01/27 16:50:47 | 006,640,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll
[2014/01/27 12:45:53 | 000,386,722 | ---- | M] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2014/01/24 10:24:54 | 000,241,129 | ---- | M] () -- C:\Users\Marta\caCertsList
[2014/01/23 08:27:45 | 604,306,573 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP

========== Files Created - No Company Name ==========

[2014/03/19 19:13:26 | 001,950,720 | ---- | C] () -- C:\Users\Marta\Desktop\adwcleaner.exe
[2014/03/18 18:52:23 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2014/03/18 18:22:03 | 000,138,240 | ---- | C] () -- C:\WINDOWS\SysNative\OEMLicense.dll
[2014/03/18 18:22:02 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2014/03/15 13:53:37 | 000,386,722 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2014/03/04 20:42:34 | 000,000,299 | ---- | C] () -- C:\Users\Marta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gruppo home.lnk
[2014/02/27 18:04:34 | 000,241,129 | ---- | C] () -- C:\Users\Marta\caCertsList
[2014/02/27 18:04:34 | 000,000,324 | ---- | C] () -- C:\Users\Marta\dike.ini
[2014/02/27 18:03:50 | 000,002,725 | ---- | C] () -- C:\Users\Public\Desktop\Dike.lnk
[2014/02/27 10:04:48 | 000,082,893 | ---- | C] () -- C:\Users\Marta\Desktop\INAIL.pdf
[2014/02/22 14:42:34 | 000,001,426 | ---- | C] () -- C:\Users\Marta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/02/22 14:34:35 | 000,022,928 | ---- | C] () -- C:\WINDOWS\SysNative\emptyregdb.dat
[2014/02/22 14:23:03 | 000,001,547 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2014/02/22 14:19:07 | 000,020,958 | ---- | C] () -- C:\WINDOWS\diagwrn.xml
[2014/02/22 14:19:07 | 000,020,958 | ---- | C] () -- C:\WINDOWS\diagerr.xml
[2014/02/22 14:14:49 | 000,000,264 | ---- | C] () -- C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job
[2014/02/22 14:14:48 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2014/02/22 14:07:44 | 000,009,701 | ---- | C] () -- C:\WINDOWS\SysWow64\connectedsearch-results.searchconnector-ms
[2014/02/22 14:07:44 | 000,009,701 | ---- | C] () -- C:\WINDOWS\SysNative\connectedsearch-results.searchconnector-ms
[2014/02/22 13:47:38 | 000,002,201 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/02/22 13:45:47 | 000,001,166 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/02/22 13:45:43 | 000,001,162 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/02/22 10:57:50 | 000,001,141 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/02/22 10:39:43 | 000,001,296 | ---- | C] () -- C:\Users\Marta\Desktop\Revo Uninstaller.lnk
[2014/02/22 10:37:22 | 000,000,422 | ---- | C] () -- C:\WINDOWS\tasks\View Password Update.job
[2014/02/22 10:37:21 | 000,000,410 | ---- | C] () -- C:\WINDOWS\tasks\View Password_wd.job
[2014/02/01 15:15:32 | 000,053,248 | ---- | C] () -- C:\WINDOWS\SysWow64\vp6dec_settings.cpl
[2014/02/01 15:15:18 | 000,000,761 | ---- | C] () -- C:\WINDOWS\m3jp2k.ini
[2014/02/01 15:15:18 | 000,000,714 | ---- | C] () -- C:\WINDOWS\m3jpeg.ini
[2014/02/01 15:15:18 | 000,000,702 | ---- | C] () -- C:\WINDOWS\mmtvmj.ini
[2014/02/01 15:15:16 | 000,152,064 | ---- | C] () -- C:\WINDOWS\SysWow64\unrar.dll
[2014/02/01 15:15:16 | 000,019,968 | ---- | C] () -- C:\WINDOWS\SysWow64\cpuinf32.dll
[2014/02/01 15:15:15 | 000,761,856 | ---- | C] () -- C:\WINDOWS\SysWow64\xvidcore.dll
[2014/02/01 14:40:53 | 000,417,792 | ---- | C] () -- C:\WINDOWS\SysWow64\ac3filter.cpl
[2014/01/28 18:41:41 | 000,120,545 | ---- | C] () -- C:\Users\Marta\Documents\Torta soffice con cioccolato al latte con uova di pasqua.htm
[2014/01/28 18:41:41 | 000,093,623 | ---- | C] () -- C:\Users\Marta\Documents\Ricette avanzi uova di pasqua, la torta marmorizzata.htm
[2014/01/28 18:41:41 | 000,077,932 | ---- | C] () -- C:\Users\Marta\Documents\Torcolo al cioccolato..htm
[2014/01/28 18:07:10 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2014/01/18 14:56:46 | 000,003,004 | ---- | C] () -- C:\ProgramData\MakeMarkerFile.xml
[2013/12/21 00:02:44 | 000,280,064 | ---- | C] () -- C:\WINDOWS\SysWow64\igdmd32.dll
[2013/12/21 00:02:40 | 000,182,272 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2013/12/21 00:02:40 | 000,142,848 | ---- | C] () -- C:\WINDOWS\SysWow64\igdail32.dll
[2013/12/13 10:23:56 | 000,204,952 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsvl.dat
[2013/12/13 10:23:54 | 000,157,144 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsva.dat
[2013/12/13 10:23:46 | 000,003,917 | ---- | C] () -- C:\WINDOWS\SysWow64\atipblag.dat
[2013/12/13 10:23:24 | 000,995,342 | ---- | C] () -- C:\WINDOWS\SysWow64\amdocl_as32.exe
[2013/12/13 10:23:24 | 000,798,734 | ---- | C] () -- C:\WINDOWS\SysWow64\amdocl_ld32.exe
[2013/12/13 10:23:14 | 000,123,392 | ---- | C] () -- C:\WINDOWS\SysWow64\amdhdl32.dll
[2013/08/22 16:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/22 16:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 15:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 08:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/22 04:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013/08/22 00:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/22 00:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2012/11/26 07:25:14 | 001,839,776 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2012/11/26 06:57:19 | 000,003,917 | ---- | C] () -- C:\WINDOWS\SysWow64\atipblup.dat
[2012/11/26 06:57:11 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2012/04/20 05:59:44 | 000,001,536 | ---- | C] () -- C:\WINDOWS\SysWow64\IusEventLog.dll

========== ZeroAccess Check ==========

[2014/03/19 19:47:24 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/12/09 09:05:24 | 021,199,256 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/12/09 05:51:04 | 018,643,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 10:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/22 03:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 10:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014/01/20 08:26:06 | 000,000,000 | ---D | M] -- C:\Users\Marta\AppData\Roaming\Easy File Share
[2014/01/18 12:16:55 | 000,000,000 | ---D | M] -- C:\Users\Marta\AppData\Roaming\Synaptics
[2014/02/22 10:17:51 | 000,000,000 | ---D | M] -- C:\Users\Marta\AppData\Roaming\Visan
[2014/02/02 13:34:38 | 000,000,000 | ---D | M] -- C:\Users\Marta\AppData\Roaming\WebApp

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 199 bytes -> C:\Users\Marta\SkyDrive:ms-properties

< End of report >
Torna in alto
 
Utenti presenti in questo topic
Guest

Aiutamici Forum » FORUM - Istruzioni e Guide » Sicurezza VIRUS » messaggi pubblicitari


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.