www.MegaLab.it

da **Andrexli** » lun gen 13, 2014 9:13 pm

Webroot zeroacces remover : Error! This tool works only on 32 bit systems :-/

da GERONIMO* » mar gen 14, 2014 11:01 am

sembra un problema di visual basic,o lo stesso rootkit ha danneggiato qualche libreria

vedi se riesci a lanciare questo tool
Windoctor ToolKit.exe
lo apri
vai sulla voce fix
e clicca su Ripristina Rete
poi vai sulla voce Script
e copia\incolla questo codice EQPbnRsV
nella casella dove dice Inserire codice script
e clicca sul pulsante Esegui
attendi la fine

poi
scarica questo file di registro sul desktop
Fixexe.reg
e doppio clic su di esso per unirlo al registro
se ti esce il messaggio del controllo account utente clicca su Esegui
conferma l'operazione
RIAVVIA IL PC

e riprova con Ads Spy o Hijackthis

da **Andrexli** » mar gen 14, 2014 7:44 pm

Sono riuscito a eseguire entrambi. Poi ho riprovato con ADSSpy " invalid picture" e Hijackthis , che mi da il solito errore di prima. E' grave?

da GERONIMO* » mer gen 15, 2014 10:57 am

ok

ora scarica OTL http://www.windoctor.it/download/otl/

apri otl metti la spunta su
Scan All Users
poi sotto su
LOP Check
Purity Check
Clicca su Run Scan
Attendere la fine della scansione, OTL lascierà due file di log (OTL.txt ed Extras.txt),
postali qui

da **Andrexli** » mer gen 15, 2014 8:06 pm

Geronimo, grazie per la pazienza. Ecco la prima parte del file OTL.txt

OTL logfile created on: 15/01/2014 19:29:53 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Utente\Desktop\antivirus
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

1,99 Gb Total Physical Memory | 1,02 Gb Available Physical Memory | 51,23% Memory free
3,98 Gb Paging File | 2,80 Gb Available in Paging File | 70,37% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 164,69 Gb Total Space | 77,75 Gb Free Space | 47,21% Space Free | Partition Type: NTFS

Computer Name: UTENTE-PC | User Name: Utente | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/01/15 19:27:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Utente\Desktop\antivirus\OTL.exe
PRC - [2012/12/18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/01/18 05:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
PRC - [2010/12/20 18:24:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010/12/20 18:24:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

========== Modules (No Company Name) ==========

========== Services (SafeList) ==========

SRV:64bit: - [2013/11/26 10:18:09 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\svchost.exe -- (RemoteAccess)
SRV - [2013/12/11 19:37:21 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/12/18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/01/18 05:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011/03/28 20:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programmi\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010/12/20 18:24:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/12/20 18:24:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programmi\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2014/01/10 19:18:27 | 000,032,512 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hitmanpro37.sys -- (hitmanpro37)
DRV:64bit: - [2013/11/14 19:46:38 | 000,046,368 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2013/10/24 22:25:58 | 000,194,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2013/02/12 05:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2012/05/11 06:34:12 | 000,099,384 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2012/03/08 17:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/18 05:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2011/08/22 09:11:13 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/08/22 09:11:13 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/06/10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/11/21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/10/19 16:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/08/04 20:17:14 | 001,342,064 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2009/12/15 23:38:56 | 000,045,824 | ---- | M] (Advanced Card Systems Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\a38ccid.sys -- (A38CCID)
DRV:64bit: - [2009/09/23 18:23:02 | 006,180,832 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {26B51A6E-72A2-4B46-B2BF-358B8D2E44D4}
IE:64bit: - HKLM\..\SearchScopes\{26B51A6E-72A2-4B46-B2BF-358B8D2E44D4}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MNMTDF&pc=MANM&src=IE-SearchBox
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{26B51A6E-72A2-4B46-B2BF-358B8D2E44D4}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MNMTDF&pc=MANM&src=IE-SearchBox

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-3393571389-480633730-1725549892-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
IE - HKU\S-1-5-21-3393571389-480633730-1725549892-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3393571389-480633730-1725549892-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Utente\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

[2013/12/30 19:24:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012/10/06 09:05:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}

O1 HOSTS File: ([2014/01/14 19:37:28 | 000,000,741 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3393571389-480633730-1725549892-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3393571389-480633730-1725549892-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3393571389-480633730-1725549892-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programmi\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programmi\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O13 - gopher Prefix: missing
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_35)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{285A2710-D3B3-4551-BDF8-55ECD625CD6B}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8BD34EAC-90E7-449D-808E-1B9C688D6DF1}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E437150C-38BE-4031-89EA-69B81030B138}: DhcpNameServer = 192.168.42.129
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll File not found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll File not found
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programmi\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/01/15 08:33:18 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2014/01/15 08:33:18 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2014/01/15 08:33:13 | 000,376,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2014/01/12 15:16:21 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/01/12 15:16:20 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/01/12 15:16:20 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/01/12 15:16:20 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/01/12 15:16:19 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/01/12 15:16:19 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/01/12 15:16:19 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/01/12 15:16:19 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/01/12 15:16:19 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/01/12 15:16:18 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/01/12 15:16:18 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/01/12 15:16:18 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/01/12 15:16:18 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/01/12 15:16:17 | 001,928,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/01/12 15:16:16 | 001,995,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/01/12 15:16:14 | 005,769,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/01/12 10:09:49 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2014/01/12 10:09:49 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2014/01/12 10:09:46 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2014/01/11 15:49:45 | 000,028,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEUDINIT.EXE
[2014/01/11 15:46:17 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014/01/11 15:46:17 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2014/01/11 15:46:11 | 001,051,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014/01/11 15:46:11 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll
[2014/01/11 15:46:11 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2014/01/11 15:46:11 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2014/01/11 15:46:11 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2014/01/11 15:46:11 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2014/01/11 15:46:11 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/01/11 15:46:11 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2014/01/11 15:46:11 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2014/01/11 15:46:11 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2014/01/11 15:46:11 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2014/01/11 15:46:11 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/01/11 15:46:11 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2014/01/11 15:46:11 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2014/01/11 15:46:11 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/01/11 15:46:11 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/01/11 15:46:11 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/01/11 15:46:11 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2014/01/11 15:46:10 | 001,228,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014/01/11 15:46:10 | 000,942,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll
[2014/01/11 15:46:10 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2014/01/11 15:46:10 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/01/11 15:46:10 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2014/01/11 15:46:10 | 000,610,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2014/01/11 15:46:10 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/01/11 15:46:10 | 000,453,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/01/11 15:46:10 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2014/01/11 15:46:10 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/01/11 15:46:10 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2014/01/11 15:46:10 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2014/01/11 15:46:10 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/01/11 15:46:10 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2014/01/11 15:46:10 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2014/01/11 15:46:10 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2014/01/11 15:46:10 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2014/01/11 15:46:10 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2014/01/11 15:46:10 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2014/01/11 15:46:10 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2014/01/11 15:46:10 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/01/11 15:46:10 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2014/01/11 15:46:10 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2014/01/11 15:46:10 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2014/01/11 15:46:10 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2014/01/11 15:46:10 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2014/01/11 15:46:10 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2014/01/11 15:46:10 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/01/11 15:46:10 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014/01/11 15:46:10 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2014/01/11 15:46:10 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2014/01/11 15:46:10 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2014/01/11 15:46:10 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2014/01/11 15:46:10 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014/01/11 15:46:10 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2014/01/11 15:46:10 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/01/11 15:46:10 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2014/01/11 15:46:10 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2014/01/11 15:46:10 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2014/01/11 15:46:10 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014/01/11 15:46:10 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2014/01/11 15:46:10 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2014/01/11 15:46:10 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2014/01/11 15:46:10 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2014/01/11 15:40:32 | 000,422,216 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\zhfvymlc.sys.bak
[2014/01/11 15:40:32 | 000,422,216 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\xinwaihy.sys.bak
[2014/01/11 15:40:32 | 000,016,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wmilib.sys.bak
[2014/01/11 15:40:31 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys.bak
[2014/01/11 15:40:31 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\watchdog.sys.bak
[2014/01/11 15:40:29 | 001,342,064 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\SysNative\drivers\viahduaa.sys.bak
[2014/01/11 15:40:29 | 000,129,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\videoprt.sys.bak
[2014/01/11 15:40:28 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys.bak
[2014/01/11 15:40:28 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbrpm.sys.bak
[2014/01/11 15:40:27 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBCAMD2.sys.bak
[2014/01/11 15:40:27 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023x.sys.bak
[2014/01/11 15:40:27 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys.bak
[2014/01/11 15:40:27 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys.bak
[2014/01/11 15:40:26 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys.bak
[2014/01/11 15:40:26 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbGD.sys.bak
[2014/01/11 15:40:25 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tape.sys.bak
[2014/01/11 15:40:25 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tdi.sys.bak
[2014/01/11 15:40:24 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys.bak
[2014/01/11 15:40:24 | 000,099,384 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudbus.sys.bak
[2014/01/11 15:40:24 | 000,068,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\stream.sys.bak
[2014/01/11 15:40:24 | 000,024,656 | ---- | C] (Promise Technology) -- C:\Windows\SysNative\drivers\stexstor.sys.bak
[2014/01/11 15:40:23 | 000,426,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\spsys.sys.bak
[2014/01/11 15:40:23 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\smclib.sys.bak
[2014/01/11 15:40:22 | 000,171,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\scsiport.sys.bak
[2014/01/11 15:40:21 | 000,539,240 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys.bak
[2014/01/11 15:40:21 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rndismpx.sys.bak
[2014/01/11 15:40:21 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys.bak
[2014/01/11 15:40:21 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rootmdm.sys.bak
[2014/01/11 15:40:20 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rmcast.sys.bak
[2014/01/11 15:40:18 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys.bak
[2014/01/11 15:40:18 | 000,048,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pciidex.sys.bak
[2014/01/11 15:40:16 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys.bak
[2014/01/11 15:40:14 | 000,422,216 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\mwxpjilt.sys.bak
[2014/01/11 15:40:11 | 000,422,216 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\mbufbarj.sys.bak
[2014/01/11 15:40:11 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys.bak
[2014/01/11 15:40:11 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mcd.sys.bak
[2014/01/11 15:40:10 | 004,865,568 | ---- | C] (Logitech Inc.) -- C:\Windows\SysNative\drivers\lvuvc64.sys.bak
[2014/01/11 15:40:10 | 000,065,600 | ---- | C] (LSI Corporation) -- C:\Windows\SysNative\drivers\lsi_sas2.sys.bak
[2014/01/11 15:40:09 | 000,422,216 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\llrowzja.sys.bak
[2014/01/11 15:40:08 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\irda.sys.bak
[2014/01/11 15:40:07 | 006,180,832 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\igdkmd64.sys.bak
[2014/01/11 15:40:06 | 000,078,720 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\SysNative\drivers\HpSAMD.sys.bak
[2014/01/11 15:40:06 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys.bak
[2014/01/11 15:40:06 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidparse.sys.bak
[2014/01/11 15:40:05 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS.bak
[2014/01/11 15:40:05 | 000,056,344 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\HECIx64.sys.bak
[2014/01/11 15:40:05 | 000,031,232 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysNative\drivers\hcw85cir.sys.bak
[2014/01/11 15:40:04 | 000,048,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fssfltr.sys.bak
[2014/01/11 15:40:04 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys.bak
[2014/01/11 15:40:03 | 003,286,016 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\evbda.sys.bak
[2014/01/11 15:40:03 | 000,422,216 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\fefnpaue.sys.bak
[2014/01/11 15:40:02 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys.bak
[2014/01/11 15:40:02 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxg.sys.bak
[2014/01/11 15:40:02 | 000,055,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dumpfve.sys.bak
[2014/01/11 15:40:02 | 000,028,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Dumpata.sys.bak
[2014/01/11 15:40:02 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxapi.sys.bak
[2014/01/11 15:40:01 | 000,422,216 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\coykfbcl.sys.bak
[2014/01/11 15:40:01 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys.bak
[2014/01/11 15:40:01 | 000,039,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\crashdmp.sys.bak
[2014/01/11 15:40:01 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys.bak
[2014/01/11 15:40:00 | 000,179,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys.bak
[2014/01/11 15:39:59 | 000,468,480 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\bxvbda.sys.bak
[2014/01/11 15:39:58 | 000,028,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\battc.sys.bak
[2014/01/11 15:39:57 | 000,422,216 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\avwqopgy.sys.bak
[2014/01/11 15:39:57 | 000,294,712 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgloga.sys.bak
[2014/01/11 15:39:57 | 000,270,848 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\b57nd60a.sys.bak
[2014/01/11 15:39:57 | 000,251,192 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys.bak
[2014/01/11 15:39:57 | 000,212,280 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgldx64.sys.bak
[2014/01/11 15:39:57 | 000,123,704 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgmfx64.sys.bak
[2014/01/11 15:39:57 | 000,046,368 | ---- | C] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys.bak
[2014/01/11 15:39:57 | 000,031,544 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgrkx64.sys.bak
[2014/01/11 15:39:56 | 000,240,920 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys.bak
[2014/01/11 15:39:56 | 000,194,872 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgidsha.sys.bak
[2014/01/11 15:39:56 | 000,155,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ataport.sys.bak
[2014/01/11 15:39:56 | 000,150,808 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgdiska.sys.bak
[2014/01/11 15:39:55 | 000,194,128 | ---- | C] (AMD Technologies Inc.) -- C:\Windows\SysNative\drivers\amdsbs.sys.bak
[2014/01/11 15:39:55 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys.bak
[2014/01/11 15:39:55 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys.bak
[2014/01/11 15:39:53 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\1394bus.sys.bak
[2014/01/11 15:39:53 | 000,045,824 | ---- | C] (Advanced Card Systems Ltd.) -- C:\Windows\SysNative\drivers\a38ccid.sys.bak
[2014/01/11 15:38:42 | 000,000,000 | ---D | C] -- C:\Users\Utente\Desktop\RK_Quarantine
[2014/01/11 12:49:06 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2014/01/11 12:49:05 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2014/01/11 12:49:05 | 011,410,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2014/01/11 12:49:04 | 014,631,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2014/01/11 11:29:37 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2014/01/11 11:29:37 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2014/01/11 11:29:37 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2014/01/11 11:29:37 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2014/01/11 11:29:37 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2014/01/11 11:29:37 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2014/01/11 11:29:37 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2014/01/11 11:29:37 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2014/01/11 11:29:37 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2014/01/11 11:29:37 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2014/01/11 11:29:37 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2014/01/11 11:29:37 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2014/01/11 11:29:37 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2014/01/11 11:29:37 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2014/01/11 11:29:37 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2014/01/11 11:29:37 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2014/01/11 11:29:37 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2014/01/11 11:29:37 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2014/01/11 11:29:37 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2014/01/11 11:29:37 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2014/01/11 11:29:37 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2014/01/11 11:29:37 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2014/01/11 11:29:37 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2014/01/11 11:29:37 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2014/01/11 11:29:37 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2014/01/11 11:29:37 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2014/01/11 11:29:37 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2014/01/11 11:29:37 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2014/01/11 11:29:37 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2014/01/11 11:29:37 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2014/01/11 11:29:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2014/01/11 11:29:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2014/01/11 11:29:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2014/01/11 11:29:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2014/01/11 11:29:37 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2014/01/11 11:29:37 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2014/01/11 11:13:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2014/01/11 11:11:42 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2014/01/11 11:11:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2014/01/11 10:56:22 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2014/01/11 10:56:22 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2014/01/11 10:56:22 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2014/01/11 10:56:22 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2014/01/11 10:48:07 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2014/01/11 10:06:53 | 000,335,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msieftp.dll
[2014/01/11 10:06:52 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2014/01/11 10:06:52 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msieftp.dll
[2014/01/11 10:06:25 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
[2014/01/11 10:06:25 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
[2014/01/11 10:06:25 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2014/01/11 10:06:14 | 003,717,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2014/01/11 10:06:13 | 003,217,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2014/01/11 10:06:12 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2014/01/11 10:06:12 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2014/01/11 10:06:12 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2014/01/11 10:06:12 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2014/01/11 10:05:57 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2014/01/11 10:05:13 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2014/01/11 10:04:46 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll
[2014/01/11 10:04:41 | 001,474,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2014/01/11 10:04:41 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2014/01/11 10:04:22 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2014/01/11 10:03:43 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys
[2014/01/11 10:03:43 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys
[2014/01/11 10:03:42 | 000,155,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ataport.sys
[2014/01/11 10:03:36 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll

da **Andrexli** » mer gen 15, 2014 8:07 pm

Seconda parte

[2014/01/11 10:03:36 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2014/01/11 10:03:36 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\credui.dll
[2014/01/11 10:03:36 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmartcardCredentialProvider.dll
[2014/01/11 10:03:35 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
[2014/01/11 10:03:18 | 000,368,128 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2014/01/11 10:03:18 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2014/01/11 10:03:18 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2014/01/11 10:03:18 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2014/01/11 10:03:18 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2014/01/11 10:03:18 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lpk.dll
[2014/01/11 10:03:18 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2014/01/11 10:03:18 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll
[2014/01/11 10:03:16 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2014/01/11 10:03:15 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2014/01/11 10:03:15 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2014/01/11 10:03:15 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2014/01/11 10:03:15 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2014/01/11 10:03:06 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2014/01/11 10:03:06 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2014/01/11 10:03:02 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2014/01/11 10:03:02 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2014/01/11 10:03:02 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2014/01/11 10:03:02 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2014/01/11 10:03:02 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2014/01/11 10:03:02 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2014/01/11 10:03:01 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2014/01/11 10:03:01 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2014/01/11 10:03:01 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2014/01/11 10:03:01 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2014/01/11 10:03:01 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2014/01/11 10:03:01 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2014/01/11 10:03:01 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2014/01/11 10:03:01 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2014/01/11 10:03:01 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2014/01/11 10:03:01 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2014/01/11 10:03:01 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2014/01/11 10:03:01 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2014/01/11 10:03:01 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2014/01/11 10:03:01 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2014/01/11 10:03:01 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2014/01/11 10:03:01 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2014/01/11 10:03:01 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2014/01/11 10:03:01 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2014/01/11 10:03:01 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2014/01/11 10:02:48 | 001,888,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2014/01/11 10:02:48 | 001,620,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2014/01/11 10:02:47 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023x.sys
[2014/01/11 10:02:47 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
[2014/01/11 10:02:45 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2014/01/11 10:02:45 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll
[2014/01/11 10:02:44 | 001,217,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2014/01/11 10:02:37 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll
[2014/01/11 10:02:37 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2014/01/11 10:02:37 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2014/01/11 10:02:36 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll
[2014/01/11 10:02:36 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2014/01/11 10:02:36 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2014/01/11 10:02:28 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys
[2014/01/11 10:02:28 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidparse.sys
[2014/01/11 10:01:38 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2014/01/11 10:01:36 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll
[2014/01/11 10:01:35 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll
[2014/01/11 10:01:34 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2014/01/11 10:01:34 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2014/01/11 10:01:31 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2014/01/11 10:01:23 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
[2014/01/11 10:01:23 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2014/01/11 10:01:23 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll
[2014/01/11 10:01:23 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs
[2014/01/11 10:01:23 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs
[2014/01/11 10:01:23 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs
[2014/01/11 10:01:23 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs
[2014/01/11 10:01:23 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs
[2014/01/11 10:01:23 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs
[2014/01/11 10:01:23 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs
[2014/01/11 10:01:23 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs
[2014/01/11 10:01:23 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs
[2014/01/11 10:01:23 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs
[2014/01/11 10:01:23 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs
[2014/01/11 10:01:23 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs
[2014/01/11 10:01:23 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs
[2014/01/11 10:01:23 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs
[2014/01/11 10:01:23 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs
[2014/01/11 10:01:23 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs
[2014/01/11 10:01:23 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs
[2014/01/11 10:01:23 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs
[2014/01/11 10:01:23 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs
[2014/01/11 10:01:23 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs
[2014/01/11 10:01:22 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll
[2014/01/11 10:01:22 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs
[2014/01/11 10:01:22 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs
[2014/01/11 10:01:22 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs
[2014/01/11 10:01:22 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs
[2014/01/11 10:01:22 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs
[2014/01/11 10:01:22 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs
[2014/01/11 10:01:22 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs
[2014/01/11 10:01:22 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs
[2014/01/11 10:00:19 | 005,549,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2014/01/11 10:00:19 | 003,969,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2014/01/11 10:00:19 | 003,914,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2014/01/11 10:00:18 | 001,732,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2014/01/11 10:00:18 | 000,878,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
[2014/01/11 10:00:18 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdh.dll
[2014/01/11 10:00:18 | 000,619,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdh.dll
[2014/01/11 10:00:18 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2014/01/11 10:00:17 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2014/01/11 10:00:17 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2014/01/11 10:00:17 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2014/01/11 10:00:17 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2014/01/11 10:00:16 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2014/01/11 10:00:06 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2014/01/11 10:00:06 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2014/01/11 10:00:06 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2014/01/11 09:59:07 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll
[2014/01/11 09:59:07 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll
[2014/01/11 09:59:04 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2014/01/11 09:58:49 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe
[2014/01/11 09:58:48 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2014/01/11 09:58:45 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2014/01/11 09:58:45 | 000,492,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2014/01/11 09:58:38 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptdlg.dll
[2014/01/11 09:58:38 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptdlg.dll
[2014/01/11 09:58:21 | 000,124,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2014/01/11 09:58:21 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2014/01/11 09:58:19 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2014/01/11 09:58:11 | 001,192,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certutil.exe
[2014/01/11 09:58:10 | 000,903,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certutil.exe
[2014/01/11 09:58:10 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certenc.dll
[2014/01/11 09:58:10 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certenc.dll
[2014/01/11 09:57:37 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrrun.dll
[2014/01/11 09:57:37 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscript.exe
[2014/01/11 09:57:37 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshom.ocx
[2014/01/11 09:57:37 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshom.ocx
[2014/01/11 09:57:36 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrrun.dll
[2014/01/11 09:57:36 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cscript.exe
[2014/01/11 09:57:35 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2014/01/11 09:57:35 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2014/01/11 09:56:26 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nshwfp.dll
[2014/01/11 09:56:26 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshwfp.dll
[2014/01/11 09:56:26 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FWPUCLNT.DLL
[2014/01/11 09:56:26 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL
[2014/01/11 09:52:17 | 000,461,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scavengeui.dll
[2014/01/10 22:05:25 | 000,000,000 | ---D | C] -- C:\Users\Utente\Desktop\antivirus
[2014/01/10 19:23:59 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/01/10 19:04:27 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro
[2014/01/10 19:02:52 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2014/01/09 08:55:48 | 000,000,000 | --SD | C] -- C:\$RECYCLE.BIN
[2014/01/08 21:57:22 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2014/01/08 21:48:43 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2014/01/08 21:48:43 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2014/01/08 21:48:43 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2014/01/08 21:48:16 | 000,000,000 | ---D | C] -- C:\Qoobox
[2014/01/08 21:48:09 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2014/01/08 21:47:53 | 005,160,001 | R--- | C] (Swearware) -- C:\Users\Utente\Desktop\ComboFix.exe
[2014/01/07 22:09:05 | 000,422,216 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\xinwaihy.sys
[2014/01/07 22:09:04 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013/12/30 20:34:47 | 000,422,216 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\fefnpaue.sys
[2013/12/30 19:32:51 | 000,422,216 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\llrowzja.sys
[2013/12/30 18:21:29 | 000,422,216 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\mwxpjilt.sys
[2013/12/30 15:47:50 | 000,422,216 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\zhfvymlc.sys
[2013/12/30 15:42:54 | 000,422,216 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\mbufbarj.sys
[2013/12/30 15:38:24 | 000,422,216 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\avwqopgy.sys
[2013/12/30 15:37:25 | 000,422,216 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\coykfbcl.sys
[2013/12/30 13:50:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Local Settings
[2013/12/28 18:24:53 | 000,000,000 | ---D | C] -- C:\Users\Utente\AppData\Local\{2D619A0E-7052-456A-B552-72F37B0D9453}
[2013/12/27 15:51:21 | 000,000,000 | ---D | C] -- C:\Users\Utente\AppData\Local\{1C64CCD8-665D-4233-8AE0-D3391DBA14F0}
[2013/12/25 11:16:54 | 000,000,000 | ---D | C] -- C:\Users\Utente\AppData\Local\{3DFFD47A-E019-4FD8-AC4E-594B563A2A71}
[2013/12/25 11:08:32 | 000,000,000 | ---D | C] -- C:\Users\Utente\Desktop\Nuova cartella
[2013/12/19 10:14:12 | 000,000,000 | ---D | C] -- C:\Users\Utente\AppData\Roaming\VSStore
[2013/12/18 19:28:23 | 000,000,000 | ---D | C] -- C:\Users\Utente\Desktop\presentazione Serena
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/01/15 19:32:16 | 004,980,736 | -HS- | M] () -- C:\Users\Utente\ntuser.dat
[2014/01/15 19:06:07 | 000,025,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/15 19:06:07 | 000,025,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/15 19:02:46 | 001,548,930 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/01/15 19:02:46 | 000,701,188 | ---- | M] () -- C:\Windows\SysNative\perfh010.dat
[2014/01/15 19:02:46 | 000,618,714 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/01/15 19:02:46 | 000,128,534 | ---- | M] () -- C:\Windows\SysNative\perfc010.dat
[2014/01/15 19:02:46 | 000,107,034 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/01/15 18:58:32 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2014/01/15 18:58:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/15 18:58:22 | 1602,985,984 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/15 14:51:28 | 000,415,144 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/01/15 08:37:00 | 000,000,978 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/01/14 22:15:10 | 001,145,673 | -H-- | M] () -- C:\Users\Utente\AppData\Local\IconCache.db
[2014/01/14 19:37:28 | 000,000,741 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014/01/14 19:37:03 | 000,422,216 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\zhfvymlc.sys.bak
[2014/01/14 19:37:02 | 000,422,216 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\xinwaihy.sys.bak
[2014/01/14 19:37:02 | 000,054,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys.bak
[2014/01/14 19:37:02 | 000,016,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wmilib.sys.bak
[2014/01/14 19:37:01 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\watchdog.sys.bak
[2014/01/14 19:37:00 | 001,342,064 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\SysNative\drivers\viahduaa.sys.bak
[2014/01/14 19:37:00 | 000,129,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\videoprt.sys.bak
[2014/01/14 19:36:59 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys.bak
[2014/01/14 19:36:59 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbrpm.sys.bak
[2014/01/14 19:36:59 | 000,007,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys.bak
[2014/01/14 19:36:58 | 000,032,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBCAMD2.sys.bak
[2014/01/14 19:36:58 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbGD.sys.bak
[2014/01/14 19:36:58 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023x.sys.bak
[2014/01/14 19:36:58 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys.bak
[2014/01/14 19:36:57 | 000,059,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys.bak
[2014/01/14 19:36:57 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tdi.sys.bak
[2014/01/14 19:36:56 | 000,189,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys.bak
[2014/01/14 19:36:56 | 000,099,384 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudbus.sys.bak
[2014/01/14 19:36:56 | 000,068,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\stream.sys.bak
[2014/01/14 19:36:56 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tape.sys.bak
[2014/01/14 19:36:56 | 000,024,656 | ---- | M] (Promise Technology) -- C:\Windows\SysNative\drivers\stexstor.sys.bak
[2014/01/14 19:36:55 | 000,426,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\spsys.sys.bak
[2014/01/14 19:36:55 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\smclib.sys.bak
[2014/01/14 19:36:54 | 000,171,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\scsiport.sys.bak
[2014/01/14 19:36:53 | 000,539,240 | ---- | M] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys.bak
[2014/01/14 19:36:53 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rmcast.sys.bak
[2014/01/14 19:36:53 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rndismpx.sys.bak
[2014/01/14 19:36:53 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys.bak
[2014/01/14 19:36:53 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rootmdm.sys.bak
[2014/01/14 19:36:51 | 000,230,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys.bak
[2014/01/14 19:36:51 | 000,048,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pciidex.sys.bak
[2014/01/14 19:36:49 | 000,376,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys.bak
[2014/01/14 19:36:48 | 000,422,216 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\mwxpjilt.sys.bak
[2014/01/14 19:36:46 | 004,865,568 | ---- | M] (Logitech Inc.) -- C:\Windows\SysNative\drivers\lvuvc64.sys.bak
[2014/01/14 19:36:46 | 000,422,216 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\mbufbarj.sys.bak
[2014/01/14 19:36:46 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys.bak
[2014/01/14 19:36:46 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mcd.sys.bak
[2014/01/14 19:36:45 | 000,422,216 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\llrowzja.sys.bak
[2014/01/14 19:36:45 | 000,065,600 | ---- | M] (LSI Corporation) -- C:\Windows\SysNative\drivers\lsi_sas2.sys.bak
[2014/01/14 19:36:44 | 000,120,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\irda.sys.bak
[2014/01/14 19:36:43 | 006,180,832 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\igdkmd64.sys.bak
[2014/01/14 19:36:42 | 000,078,720 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\SysNative\drivers\HpSAMD.sys.bak
[2014/01/14 19:36:42 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys.bak
[2014/01/14 19:36:42 | 000,056,344 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\HECIx64.sys.bak
[2014/01/14 19:36:42 | 000,032,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidparse.sys.bak
[2014/01/14 19:36:42 | 000,032,512 | ---- | M] () -- C:\Windows\SysNative\drivers\hitmanpro37.sys.bak
[2014/01/14 19:36:42 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysNative\drivers\hcw85cir.sys.bak
[2014/01/14 19:36:41 | 000,288,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS.bak
[2014/01/14 19:36:41 | 000,023,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys.bak
[2014/01/14 19:36:40 | 000,422,216 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\fefnpaue.sys.bak
[2014/01/14 19:36:40 | 000,048,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fssfltr.sys.bak
[2014/01/14 19:36:38 | 003,286,016 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\evbda.sys.bak
[2014/01/14 19:36:37 | 000,265,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys.bak
[2014/01/14 19:36:37 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxg.sys.bak
[2014/01/14 19:36:36 | 000,422,216 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\coykfbcl.sys.bak
[2014/01/14 19:36:36 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys.bak
[2014/01/14 19:36:36 | 000,055,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dumpfve.sys.bak
[2014/01/14 19:36:36 | 000,039,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\crashdmp.sys.bak
[2014/01/14 19:36:36 | 000,028,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Dumpata.sys.bak
[2014/01/14 19:36:36 | 000,027,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys.bak
[2014/01/14 19:36:36 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxapi.sys.bak
[2014/01/14 19:36:35 | 000,468,480 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\bxvbda.sys.bak
[2014/01/14 19:36:35 | 000,179,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys.bak
[2014/01/14 19:36:34 | 000,422,216 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\avwqopgy.sys.bak
[2014/01/14 19:36:34 | 000,270,848 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\b57nd60a.sys.bak
[2014/01/14 19:36:34 | 000,251,192 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys.bak
[2014/01/14 19:36:34 | 000,123,704 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgmfx64.sys.bak
[2014/01/14 19:36:34 | 000,046,368 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys.bak
[2014/01/14 19:36:34 | 000,031,544 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgrkx64.sys.bak
[2014/01/14 19:36:34 | 000,028,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\battc.sys.bak
[2014/01/14 19:36:33 | 000,294,712 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgloga.sys.bak
[2014/01/14 19:36:33 | 000,240,920 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys.bak
[2014/01/14 19:36:33 | 000,212,280 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgldx64.sys.bak
[2014/01/14 19:36:33 | 000,194,872 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgidsha.sys.bak
[2014/01/14 19:36:33 | 000,194,128 | ---- | M] (AMD Technologies Inc.) -- C:\Windows\SysNative\drivers\amdsbs.sys.bak
[2014/01/14 19:36:33 | 000,155,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ataport.sys.bak
[2014/01/14 19:36:33 | 000,150,808 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgdiska.sys.bak
[2014/01/14 19:36:33 | 000,107,904 | ---- | M] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys.bak
[2014/01/14 19:36:33 | 000,027,008 | ---- | M] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys.bak
[2014/01/14 19:36:32 | 000,079,824 | ---- | M] () -- C:\Windows\SysNative\drivers\201ffaf37a80d188.sys.bak
[2014/01/14 19:36:32 | 000,068,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\1394bus.sys.bak
[2014/01/14 19:36:32 | 000,045,824 | ---- | M] (Advanced Card Systems Ltd.) -- C:\Windows\SysNative\drivers\a38ccid.sys.bak
[2014/01/14 19:30:08 | 000,001,205 | ---- | M] () -- C:\Users\Utente\Desktop\Fixexe.reg
[2014/01/13 21:40:53 | 000,053,645 | ---- | M] () -- C:\Users\Utente\Desktop\bonificosepadettaglio.pdf
[2014/01/11 15:46:17 | 000,940,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014/01/11 15:46:17 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2014/01/11 15:46:11 | 001,051,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014/01/11 15:46:11 | 000,645,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll
[2014/01/11 15:46:11 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2014/01/11 15:46:11 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2014/01/11 15:46:11 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2014/01/11 15:46:11 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2014/01/11 15:46:11 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/01/11 15:46:11 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2014/01/11 15:46:11 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2014/01/11 15:46:11 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2014/01/11 15:46:11 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2014/01/11 15:46:11 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/01/11 15:46:11 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2014/01/11 15:46:11 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2014/01/11 15:46:11 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/01/11 15:46:11 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/01/11 15:46:11 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/01/11 15:46:11 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2014/01/11 15:46:11 | 000,016,284 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2014/01/11 15:46:10 | 001,228,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014/01/11 15:46:10 | 000,942,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll
[2014/01/11 15:46:10 | 000,774,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2014/01/11 15:46:10 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/01/11 15:46:10 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2014/01/11 15:46:10 | 000,610,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2014/01/11 15:46:10 | 000,548,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/01/11 15:46:10 | 000,453,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/01/11 15:46:10 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2014/01/11 15:46:10 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/01/11 15:46:10 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2014/01/11 15:46:10 | 000,235,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2014/01/11 15:46:10 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/01/11 15:46:10 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2014/01/11 15:46:10 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2014/01/11 15:46:10 | 000,143,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2014/01/11 15:46:10 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2014/01/11 15:46:10 | 000,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2014/01/11 15:46:10 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2014/01/11 15:46:10 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2014/01/11 15:46:10 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/01/11 15:46:10 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2014/01/11 15:46:10 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2014/01/11 15:46:10 | 000,101,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2014/01/11 15:46:10 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2014/01/11 15:46:10 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2014/01/11 15:46:10 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2014/01/11 15:46:10 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/01/11 15:46:10 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014/01/11 15:46:10 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2014/01/11 15:46:10 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2014/01/11 15:46:10 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2014/01/11 15:46:10 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2014/01/11 15:46:10 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014/01/11 15:46:10 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2014/01/11 15:46:10 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/01/11 15:46:10 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2014/01/11 15:46:10 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2014/01/11 15:46:10 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2014/01/11 15:46:10 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014/01/11 15:46:10 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2014/01/11 15:46:10 | 000,016,284 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2014/01/11 15:46:10 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2014/01/11 15:46:10 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2014/01/11 15:46:10 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2014/01/11 14:42:20 | 000,109,296 | ---- | M] () -- C:\Users\Utente\AppData\Local\GDIPFONTCACHEV1.DAT
[2014/01/11 11:29:37 | 003,928,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2014/01/11 11:29:37 | 002,776,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2014/01/11 11:29:37 | 002,565,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2014/01/11 11:29:37 | 002,284,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2014/01/11 11:29:37 | 001,682,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2014/01/11 11:29:37 | 001,643,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2014/01/11 11:29:37 | 001,238,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2014/01/11 11:29:37 | 001,158,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2014/01/11 11:29:37 | 000,648,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2014/01/11 11:29:37 | 000,522,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2014/01/11 11:29:37 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2014/01/11 11:29:37 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2014/01/11 11:29:37 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2014/01/11 11:29:37 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2014/01/11 11:29:37 | 000,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2014/01/11 11:29:37 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2014/01/11 11:29:37 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2014/01/11 11:29:37 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2014/01/11 11:29:37 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2014/01/11 11:29:37 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2014/01/11 11:29:37 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2014/01/11 11:29:37 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2014/01/11 11:29:37 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2014/01/11 11:29:37 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2014/01/11 11:29:37 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2014/01/11 11:29:37 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2014/01/11 11:29:37 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2014/01/11 11:29:37 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2014/01/11 11:29:37 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2014/01/11 11:29:37 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2014/01/11 11:29:37 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2014/01/11 11:29:37 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2014/01/11 11:29:37 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2014/01/11 11:29:37 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2014/01/11 11:29:37 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2014/01/11 11:29:37 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2014/01/11 10:43:51 | 000,000,478 | ---- | M] () -- C:\Windows\win.ini
[2014/01/10 19:18:32 | 000,000,270 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2014/01/10 19:18:27 | 000,032,512 | ---- | M] () -- C:\Windows\SysNative\drivers\hitmanpro37.sys
[2014/01/10 19:09:34 | 000,004,250 | ---- | M] () -- C:\Windows\SysNative\.crusader
[2014/01/08 21:54:53 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini
[2014/01/08 10:28:10 | 005,160,001 | R--- | M] (Swearware) -- C:\Users\Utente\Desktop\ComboFix.exe
[2014/01/08 10:26:38 | 069,342,960 | ---- | M] () -- C:\Users\Utente\Desktop\avira_antivir_personal_en.exe
[2014/01/07 22:09:05 | 000,422,216 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\xinwaihy.sys
[2013/12/30 20:34:47 | 000,422,216 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\fefnpaue.sys
[2013/12/30 19:32:51 | 000,422,216 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\llrowzja.sys
[2013/12/30 18:21:29 | 000,422,216 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\mwxpjilt.sys
[2013/12/30 15:52:24 | 000,000,829 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/12/30 15:47:50 | 000,422,216 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\zhfvymlc.sys
[2013/12/30 15:42:54 | 000,422,216 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\mbufbarj.sys
[2013/12/30 15:38:24 | 000,422,216 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\avwqopgy.sys
[2013/12/30 15:37:25 | 000,422,216 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\coykfbcl.sys
[2013/12/30 13:51:13 | 000,079,824 | ---- | M] () -- C:\Windows\SysNative\drivers\201ffaf37a80d188.sys
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/01/14 22:15:10 | 001,145,673 | -H-- | C] () -- C:\Users\Utente\AppData\Local\IconCache.db
[2014/01/14 19:30:08 | 000,001,205 | ---- | C] () -- C:\Users\Utente\Desktop\Fixexe.reg
[2014/01/13 21:40:53 | 000,053,645 | ---- | C] () -- C:\Users\Utente\Desktop\bonificosepadettaglio.pdf
[2014/01/11 15:46:11 | 000,016,284 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2014/01/11 15:46:10 | 000,016,284 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2014/01/11 15:40:06 | 000,032,512 | ---- | C] () -- C:\Windows\SysNative\drivers\hitmanpro37.sys.bak
[2014/01/11 15:39:53 | 000,079,824 | ---- | C] () -- C:\Windows\SysNative\drivers\201ffaf37a80d188.sys.bak
[2014/01/11 14:38:07 | 000,001,400 | ---- | C] () -- C:\Users\Utente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/01/11 10:56:21 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2014/01/11 10:02:45 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2014/01/11 10:00:07 | 000,420,064 | ---- | C] () -- C:\Windows\SysWow64\locale.nls
[2014/01/11 10:00:07 | 000,420,064 | ---- | C] () -- C:\Windows\SysNative\locale.nls
[2014/01/10 19:09:34 | 000,004,250 | ---- | C] () -- C:\Windows\SysNative\.crusader
[2014/01/10 19:07:24 | 000,032,512 | ---- | C] () -- C:\Windows\SysNative\drivers\hitmanpro37.sys
[2014/01/08 21:48:43 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2014/01/08 21:48:43 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2014/01/08 21:48:43 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2014/01/08 21:48:43 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2014/01/08 21:48:43 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2014/01/08 21:25:43 | 069,342,960 | ---- | C] () -- C:\Users\Utente\Desktop\avira_antivir_personal_en.exe
[2013/12/30 13:51:13 | 000,079,824 | ---- | C] () -- C:\Windows\SysNative\drivers\201ffaf37a80d188.sys
[2013/10/31 20:41:16 | 000,524,288 | -HS- | C] () -- C:\Users\Utente\ntuser.dat{54be9be6-4264-11e3-9e60-002522efcac3}.TMContainer00000000000000000002.regtrans-ms
[2013/10/31 20:41:16 | 000,524,288 | -HS- | C] () -- C:\Users\Utente\ntuser.dat{54be9be6-4264-11e3-9e60-002522efcac3}.TMContainer00000000000000000001.regtrans-ms
[2013/10/31 20:41:16 | 000,065,536 | -HS- | C] () -- C:\Users\Utente\ntuser.dat{54be9be6-4264-11e3-9e60-002522efcac3}.TM.blf
[2013/10/31 18:27:57 | 000,000,000 | ---- | C] () -- C:\ProgramData\frfjlfb7.fvv
[2013/10/31 18:27:56 | 095,025,368 | ---- | C] () -- C:\ProgramData\frfjlfb7.bxx
[2013/10/27 19:36:51 | 000,000,270 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2013/10/10 18:04:44 | 000,524,288 | -HS- | C] () -- C:\Users\Utente\ntuser.dat{52e91cee-31cd-11e3-9826-fb4049233c18}.TMContainer00000000000000000002.regtrans-ms
[2013/10/10 18:04:44 | 000,524,288 | -HS- | C] () -- C:\Users\Utente\ntuser.dat{52e91cee-31cd-11e3-9826-fb4049233c18}.TMContainer00000000000000000001.regtrans-ms
[2013/10/10 18:04:44 | 000,065,536 | -HS- | C] () -- C:\Users\Utente\ntuser.dat{52e91cee-31cd-11e3-9826-fb4049233c18}.TM.blf
[2013/05/18 12:31:20 | 000,007,605 | ---- | C] () -- C:\Users\Utente\AppData\Local\Resmon.ResmonCfg
[2012/08/11 13:35:14 | 000,027,520 | ---- | C] () -- C:\Users\Utente\AppData\Local\dt.dat
[2012/07/16 18:55:07 | 000,008,192 | ---- | C] () -- C:\Users\Utente\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/05/29 19:10:48 | 000,109,296 | ---- | C] () -- C:\Users\Utente\AppData\Local\GDIPFONTCACHEV1.DAT
[2012/05/28 15:54:30 | 000,146,432 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2012/05/28 15:54:30 | 000,072,704 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2012/01/18 05:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2012/01/18 05:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2012/01/18 05:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2012/01/11 23:44:03 | 004,980,736 | -HS- | C] () -- C:\Users\Utente\ntuser.dat
[2012/01/11 23:44:03 | 000,524,288 | -HS- | C] () -- C:\Users\Utente\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2012/01/11 23:44:03 | 000,524,288 | -HS- | C] () -- C:\Users\Utente\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2012/01/11 23:44:03 | 000,065,536 | -HS- | C] () -- C:\Users\Utente\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2012/01/11 23:44:03 | 000,000,020 | -HS- | C] () -- C:\Users\Utente\ntuser.ini

========== ZeroAccess Check ==========

[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"ThreadingModel" = Both
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/07/09 21:54:15 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software
[2013/07/09 21:54:15 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software
[2013/05/18 12:39:11 | 000,000,000 | ---D | M] -- C:\Users\Utente\AppData\Roaming\AVG2013
[2013/11/18 22:29:29 | 000,000,000 | ---D | M] -- C:\Users\Utente\AppData\Roaming\AVG2014
[2013/05/18 12:36:57 | 000,000,000 | ---D | M] -- C:\Users\Utente\AppData\Roaming\TuneUp Software
[2014/01/13 20:46:09 | 000,000,000 | ---D | M] -- C:\Users\Utente\AppData\Roaming\uTorrent
[2013/12/30 13:59:01 | 000,000,000 | ---D | M] -- C:\Users\Utente\AppData\Roaming\VSStore
[2013/12/30 15:25:37 | 000,000,000 | ---D | M] -- C:\Users\Utente\AppData\Roaming\Ypit

========== Purity Check ==========

< End of report >

da **Andrexli** » mer gen 15, 2014 8:08 pm

Extras

OTL Extras logfile created on: 15/01/2014 19:29:54 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Utente\Desktop\antivirus
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

1,99 Gb Total Physical Memory | 1,02 Gb Available Physical Memory | 51,23% Memory free
3,98 Gb Paging File | 2,80 Gb Available in Paging File | 70,37% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 164,69 Gb Total Space | 77,75 Gb Free Space | 47,21% Space Free | Partition Type: NTFS

Computer Name: UTENTE-PC | User Name: Utente | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~4\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~4\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallDisableNotify" = 0
"FirewallOverride" = 1
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{24C216B5-5E30-4F58-936D-F96E837938B9}" = IDProtect Client 5.32
"{25B473DB-CC8D-384A-ACE7-7CFB119B7E03}" = Microsoft .NET Framework 4 Client Profile ITA Language Pack
"{26A24AE4-039D-4CA4-87B4-2F86416030FF}" = Java(TM) 6 Update 30 (64-bit)
"{27B3E5AA-5B75-414A-AC37-F5ADDFA68BDB}" = Windows Live Family Safety
"{2C22EA92-CB30-4932-0052-000001000000}" = InfraRecorder 0.52 (x64 edition)
"{34883B9C-CDFE-46F0-9C5B-935484C218C3}" = AVG 2014
"{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}" = Paint.NET v3.5.10
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources
"{7F624BD1-4FE0-432F-B928-68302E156D04}" = AVG 2014
"{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C775E70-A791-4DA8-BCC3-6AB7136F4484}" = Visual Studio 2012 x64 Redistributables
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0410-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Italian) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"CutePDF Writer Installation" = CutePDF Writer 2.8
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"KLiteCodecPack64_is1" = K-Lite Codec Pack 5.6.0 (64-bit)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile ITA Language Pack" = Microsoft .NET Framework 4 Client Profile - Language Pack (ITA)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216035FF}" = Java(TM) 6 Update 35
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack
"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6E8AFC13-F7B8-41D8-88AB-F1D0CFC56305}" = Windows Live Messenger
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0410-0000-0000000FF1CE}" = Microsoft Office Access MUI (Italian) 2007
"{90120000-0015-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2007
"{90120000-0016-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2007
"{90120000-0018-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0410-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Italian) 2007
"{90120000-0019-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0410-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Italian) 2007
"{90120000-001A-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2007
"{90120000-001B-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0410-1000-0000000FF1CE}_ENTERPRISE_{C0C7E58F-D0A1-4102-855B-0B7AA2E8F1C1}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0410-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Italian) 2007
"{90120000-0044-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2007
"{90120000-006E-0410-0000-0000000FF1CE}_ENTERPRISE_{C0C7E58F-D0A1-4102-855B-0B7AA2E8F1C1}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0410-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Italian) 2007
"{90120000-00A1-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0410-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Italian) 2007
"{90120000-00BA-0410-0000-0000000FF1CE}_ENTERPRISE_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A20A58C4-6784-4B4B-86CC-94E2E3671040}" = Nero 7 Premium
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1040-7B44-AA1000000001}" = Adobe Reader X (10.1.6) - Italiano
"{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}" = Windows Live Mesh ActiveX Control for Remote Connections
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DE29025A-091F-4998-AD2D-24C84421190F}" = Railroad Tycoon 3
"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1CECE09-7CBE-4E98-B435-DA87CDA86167}" = Skype™ 5.5
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Bit4Id - miniLector" = Bit4Id - miniLector
"eMule" = eMule
"ENTERPRISE" = Microsoft Office Enterprise 2007
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 8.1.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versione 1.75.0.1300
"Picasa 3" = Picasa 3
"VLC media player" = VLC media player 1.1.11
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.20 (32-bit)

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3393571389-480633730-1725549892-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 14/01/2014 14:46:10 | Computer Name = Utente-PC | Source = Windows Search Service | ID = 3029
Description =

Error - 14/01/2014 14:46:22 | Computer Name = Utente-PC | Source = Windows Search Service | ID = 3029
Description =

Error - 14/01/2014 14:46:22 | Computer Name = Utente-PC | Source = Windows Search Service | ID = 3028
Description =

Error - 14/01/2014 14:46:22 | Computer Name = Utente-PC | Source = Windows Search Service | ID = 3058
Description =

Error - 14/01/2014 14:46:22 | Computer Name = Utente-PC | Source = Windows Search Service | ID = 7010
Description =

Error - 14/01/2014 14:46:22 | Computer Name = Utente-PC | Source = Windows Search Service | ID = 7042
Description =

Error - 14/01/2014 14:47:36 | Computer Name = Utente-PC | Source = WinMgmt | ID = 10
Description =

Error - 15/01/2014 03:20:17 | Computer Name = Utente-PC | Source = WinMgmt | ID = 10
Description =

Error - 15/01/2014 09:52:22 | Computer Name = Utente-PC | Source = WinMgmt | ID = 10
Description =

Error - 15/01/2014 14:00:16 | Computer Name = Utente-PC | Source = WinMgmt | ID = 10
Description =

[ Media Center Events ]
Error - 20/12/2013 04:15:34 | Computer Name = Utente-PC | Source = MCUpdate | ID = 0
Description = 09:15:33 - Impossibile recuperare UpdateableMarkup-2.cab (Errore:
BITS 0x80070424)

Error - 21/12/2013 04:21:57 | Computer Name = Utente-PC | Source = MCUpdate | ID = 0
Description = 09:21:56 - Impossibile recuperare UpdateableMarkup-2.cab (Errore:
BITS 0x80070424)

Error - 22/12/2013 06:07:28 | Computer Name = Utente-PC | Source = MCUpdate | ID = 0
Description = 11:07:27 - Impossibile recuperare UpdateableMarkup-2.cab (Errore:
BITS 0x80070424)

Error - 23/12/2013 04:01:18 | Computer Name = Utente-PC | Source = MCUpdate | ID = 0
Description = 09:01:17 - Impossibile recuperare UpdateableMarkup-2.cab (Errore:
BITS 0x80070424)

Error - 24/12/2013 05:37:30 | Computer Name = Utente-PC | Source = MCUpdate | ID = 0
Description = 10:37:29 - Impossibile recuperare UpdateableMarkup-2.cab (Errore:
BITS 0x80070424)

Error - 25/12/2013 05:47:46 | Computer Name = Utente-PC | Source = MCUpdate | ID = 0
Description = 10:47:45 - Impossibile recuperare UpdateableMarkup-2.cab (Errore:
BITS 0x80070424)

Error - 26/12/2013 04:36:01 | Computer Name = Utente-PC | Source = MCUpdate | ID = 0
Description = 09:36:00 - Impossibile recuperare UpdateableMarkup-2.cab (Errore:
BITS 0x80070424)

Error - 27/12/2013 10:22:25 | Computer Name = Utente-PC | Source = MCUpdate | ID = 0
Description = 15:22:24 - Impossibile recuperare UpdateableMarkup-2.cab (Errore:
BITS 0x80070424)

Error - 28/12/2013 10:51:47 | Computer Name = Utente-PC | Source = MCUpdate | ID = 0
Description = 15:51:42 - Impossibile recuperare UpdateableMarkup-2.cab (Errore:
BITS 0x80070424)

Error - 29/12/2013 06:04:59 | Computer Name = Utente-PC | Source = MCUpdate | ID = 0
Description = 11:04:58 - Impossibile recuperare UpdateableMarkup-2.cab (Errore:
BITS 0x80070424)

[ System Events ]
Error - 15/01/2014 09:51:17 | Computer Name = Utente-PC | Source = Service Control Manager | ID = 7023
Description = Servizio Pubblicazione risorse per individuazione terminato con l'errore:
%%-2147024891

Error - 15/01/2014 09:51:22 | Computer Name = Utente-PC | Source = Service Control Manager | ID = 7023
Description = Servizio Browser di computer terminato con l'errore: %%1060

Error - 15/01/2014 09:53:30 | Computer Name = Utente-PC | Source = Service Control Manager | ID = 7023
Description = Servizio Pubblicazione risorse per individuazione terminato con l'errore:
%%-2147024891

Error - 15/01/2014 09:53:30 | Computer Name = Utente-PC | Source = Service Control Manager | ID = 7001
Description = Il servizio Provider Gruppo Home dipende dal servizio Pubblicazione
risorse per individuazione che non è stato avviato per il seguente errore: %%-2147024891

Error - 15/01/2014 13:58:35 | Computer Name = Utente-PC | Source = Service Control Manager | ID = 7023
Description = Servizio Browser di computer terminato con l'errore: %%1060

Error - 15/01/2014 13:58:35 | Computer Name = Utente-PC | Source = Service Control Manager | ID = 7000
Description = Il servizio vToolbarUpdater17.3.0 non è stato avviato per il seguente
errore: %%2

Error - 15/01/2014 13:58:36 | Computer Name = Utente-PC | Source = Service Control Manager | ID = 7023
Description = Servizio Pubblicazione risorse per individuazione terminato con l'errore:
%%-2147024891

Error - 15/01/2014 13:58:43 | Computer Name = Utente-PC | Source = Service Control Manager | ID = 7023
Description = Servizio Browser di computer terminato con l'errore: %%1060

Error - 15/01/2014 14:00:44 | Computer Name = Utente-PC | Source = Service Control Manager | ID = 7023
Description = Servizio Pubblicazione risorse per individuazione terminato con l'errore:
%%-2147024891

Error - 15/01/2014 14:00:44 | Computer Name = Utente-PC | Source = Service Control Manager | ID = 7001
Description = Il servizio Provider Gruppo Home dipende dal servizio Pubblicazione
risorse per individuazione che non è stato avviato per il seguente errore: %%-2147024891

< End of report >

da **stevens** » mer gen 15, 2014 11:27 pm

che strano log [boh]

ci sono dei driver di avast moooolto sospetti

io ho avast e non sono nel mio pc.....ma da dove lo hai scaricato [nonono]

[2014/01/07 22:09:05 | 000,422,216 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\xinwaihy.sys
[2013/12/30 20:34:47 | 000,422,216 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\fefnpaue.sys
[2013/12/30 19:32:51 | 000,422,216 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\llrowzja.sys
[2013/12/30 18:21:29 | 000,422,216 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\mwxpjilt.sys
[2013/12/30 15:52:24 | 000,000,829 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/12/30 15:47:50 | 000,422,216 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\zhfvymlc.sys
[2013/12/30 15:42:54 | 000,422,216 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\mbufbarj.sys
[2013/12/30 15:38:24 | 000,422,216 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\avwqopgy.sys
[2013/12/30 15:37:25 | 000,422,216 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\coykfbcl.sys

consigliabile scansione con combofix, senti cosa dice Geronimo

da **stevens** » gio gen 16, 2014 12:21 am

non avevo visto combofix

oltre quei driver c'e'

"ImagePath"="\SystemRoot\System32\Drivers\201ffaf37a80d188.sys

e un servizio che rigenera l'infezione

[HKEY_LOCAL_MACHINE\system\ControlSet001\services\201ffaf37a80d188]

da GERONIMO* » gio gen 16, 2014 10:37 am

Andrexli
prima di andare avanti,volevo sapere una cosa
avevi detto che non riuscivi ad installare un antivirus
nel report vedo AVAST,lo hai installato recentemente?

da **Andrexli** » gio gen 16, 2014 7:35 pm

Geronimo, avast l'ho avuto qualche mese fa, forse intorno a novembre, l'ho tenuto un po' poi mi rallentava molto il pc e lo disinstallai per mettere AVG. Ho fatto un "cerca" mettendo avast, ma non mi trova niente...

da **stevens** » gio gen 16, 2014 8:28 pm

avast l'ho avuto qualche mese fa, forse intorno a novembre, l'ho tenuto un po' poi mi rallentava molto il pc e lo disinstallai

qui c'e' la data della scansione dove risulta avast installato

ComboFix 14-01-04.03 - Utente 08/01/2014 21:50:19.1.2 - x64 NETWORK
Eseguito da: C:\Users\Utente\Desktop\ComboFix.exe

da GERONIMO* » ven gen 17, 2014 10:21 am

Andrexli ha scritto:Geronimo, avast l'ho avuto qualche mese fa, forse intorno a novembre, l'ho tenuto un po' poi mi rallentava molto il pc e lo disinstallai per mettere AVG. Ho fatto un "cerca" mettendo avast, ma non mi trova niente...

qualche residuo è rimasto

ora segui qui

Apri OTL
e copia/incolla tutto questo Script che vedi sotto nella finestra Custom Scans/Fixes
clicca su RUN FIX
Lascia finire la scansione
Riavvia il pc quando richiesto cliccando su Ok
Al Riavvio del pc trovi il log sul Desktop
postalo qui sul forum.

Codice: Seleziona tutto: :OTL DRV:64bit: - [2013/11/14 19:46:38 | 000,046,368 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp) DRV:64bit: - [2013/10/24 22:25:58 | 000,194,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA) FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found [2013/12/30 19:24:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll File not found O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll File not found O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. [2014/01/11 15:40:14 | 000,422,216 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\mwxpjilt.sys.bak [2014/01/11 15:40:11 | 000,422,216 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\mbufbarj.sys.bak [2014/01/11 15:39:57 | 000,422,216 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\avwqopgy.sys.bak [2014/01/11 15:39:57 | 000,294,712 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgloga.sys.bak [2014/01/11 15:39:57 | 000,251,192 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys.bak [2014/01/11 15:39:57 | 000,212,280 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgldx64.sys.bak [2014/01/11 15:39:57 | 000,123,704 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgmfx64.sys.bak [2014/01/11 15:39:57 | 000,046,368 | ---- | C] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys.bak [2014/01/11 15:39:57 | 000,031,544 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgrkx64.sys.bak [2014/01/11 15:39:56 | 000,240,920 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys.bak [2014/01/11 15:39:56 | 000,194,872 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgidsha.sys.bak [2014/01/11 15:39:56 | 000,150,808 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgdiska.sys.bak [2014/01/14 19:37:03 | 000,422,216 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\zhfvymlc.sys.bak [2014/01/14 19:37:02 | 000,422,216 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\xinwaihy.sys.bak [2014/01/14 19:36:48 | 000,422,216 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\mwxpjilt.sys.bak [2014/01/14 19:36:46 | 000,422,216 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\mbufbarj.sys.bak [2014/01/14 19:36:45 | 000,422,216 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\llrowzja.sys.bak [2014/01/14 19:36:40 | 000,422,216 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\fefnpaue.sys.bak [2014/01/14 19:36:34 | 000,123,704 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgmfx64.sys.bak [2014/01/14 19:36:34 | 000,046,368 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys.bak [2014/01/14 19:36:34 | 000,031,544 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgrkx64.sys.bak [2014/01/14 19:36:33 | 000,240,920 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys.bak [2014/01/14 19:36:33 | 000,212,280 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgldx64.sys.bak [2014/01/14 19:36:33 | 000,194,872 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgidsha.sys.bak [2014/01/07 22:09:05 | 000,422,216 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\xinwaihy.sys [2013/12/30 20:34:47 | 000,422,216 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\fefnpaue.sys [2013/12/30 19:32:51 | 000,422,216 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\llrowzja.sys [2013/12/30 18:21:29 | 000,422,216 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\mwxpjilt.sys [2013/12/30 15:47:50 | 000,422,216 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\zhfvymlc.sys [2013/12/30 15:42:54 | 000,422,216 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\mbufbarj.sys [2013/12/30 15:38:24 | 000,422,216 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\avwqopgy.sys [2013/12/30 15:37:25 | 000,422,216 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\coykfbcl.sys [2013/12/30 13:51:13 | 000,079,824 | ---- | M] () -- C:\Windows\SysNative\drivers\201ffaf37a80d188.sys [2014/01/11 15:39:53 | 000,079,824 | ---- | C] () -- C:\Windows\SysNative\drivers\201ffaf37a80d188.sys.bak [2013/10/31 18:27:56 | 095,025,368 | ---- | C] () -- C:\ProgramData\frfjlfb7.bxx [2013/10/27 19:36:51 | 000,000,270 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2013/05/18 12:39:11 | 000,000,000 | ---D | M] -- C:\Users\Utente\AppData\Roaming\AVG2013 [2013/11/18 22:29:29 | 000,000,000 | ---D | M] -- C:\Users\Utente\AppData\Roaming\AVG2014 :Reg 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{34883B9C-CDFE-46F0-9C5B-935484C218C3}" =- "{7F624BD1-4FE0-432F-B928-68302E156D04}" =- [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command] ""=""%1" %*" :Files ipconfig /flushdns /c C:\Users\Utente\AppData\Local\GDIPFONTCACHEV1.DAT :commands [purity] [emptytemp] [Emptyjava] [EMPTYFLASH] [start explorer] [Reboot]

da **Andrexli** » ven gen 17, 2014 9:33 pm

Non mi ha chiesto di riavviare, ed il log me lo ha dato a fine scansione.. eccolo qua

========== OTL ==========
Service avgtp stopped successfully!
Service avgtp deleted successfully!
C:\Windows\SysNative\drivers\avgtpx64.sys moved successfully.
Error: Unable to stop service AVGIDSHA!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AVGIDSHA deleted successfully.
C:\Windows\SysNative\drivers\avgidsha.sys moved successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\content folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions folder moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\grooveLocalGWS\ deleted successfully.
File Protocol\Handler\grooveLocalGWS - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\linkscanner\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}\ deleted successfully.
File {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll File not found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
File Protocol\Handler\livecall - No CLSID value found not found.

OTL by OldTimer - Version 3.2.69.0 log created on 01172014_213037

da GERONIMO* » ven gen 17, 2014 9:49 pm

un po' strano questo log [rotfl]

hai copiato tutto tutto lo script?
sembrerebbe di no [sh]

hai fatto così?
Immagine

da **Andrexli** » sab gen 18, 2014 2:14 pm

In effetti mi sa che mancava qualcosa prima [B)]

. Comunque, ho eseguito secondo indicazioni, premuto run fix, gira per circa 5 secondi e poi si blocca con scritta sulla finestra (Non Risponde) . Ho provato a lasciarlo ma dopo un'ora era sempre lì... [boh]

da GERONIMO* » sab gen 18, 2014 7:53 pm

si dovrebbe fare una nuova scansione con otl
non puoi rifare la procedura con lo stesso script,perché alcuni file non ci sono più e ovvio che otl si inceppa

da **Andrexli** » sab gen 18, 2014 9:03 pm

Ecco il nuovo OTL.txt 1°parte

TL logfile created on: 18/01/2014 20:51:00 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Utente\Desktop\antivirus
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

1,99 Gb Total Physical Memory | 1,11 Gb Available Physical Memory | 55,64% Memory free
3,98 Gb Paging File | 2,94 Gb Available in Paging File | 73,73% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 164,69 Gb Total Space | 77,68 Gb Free Space | 47,17% Space Free | Partition Type: NTFS

Computer Name: UTENTE-PC | User Name: Utente | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/01/15 19:27:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Utente\Desktop\antivirus\OTL.exe
PRC - [2012/12/18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2010/12/20 18:24:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010/12/20 18:24:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

========== Modules (No Company Name) ==========

========== Services (SafeList) ==========

SRV:64bit: - [2013/11/26 10:18:09 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\svchost.exe -- (RemoteAccess)
SRV - [2013/12/11 19:37:21 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/12/18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/01/18 05:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011/03/28 20:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programmi\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010/12/20 18:24:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/12/20 18:24:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programmi\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2014/01/10 19:18:27 | 000,032,512 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hitmanpro37.sys -- (hitmanpro37)
DRV:64bit: - [2013/02/12 05:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2012/05/11 06:34:12 | 000,099,384 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2012/03/08 17:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/18 05:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2011/08/22 09:11:13 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/08/22 09:11:13 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/06/10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/11/21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/10/19 16:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/08/04 20:17:14 | 001,342,064 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2009/12/15 23:38:56 | 000,045,824 | ---- | M] (Advanced Card Systems Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\a38ccid.sys -- (A38CCID)
DRV:64bit: - [2009/09/23 18:23:02 | 006,180,832 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {26B51A6E-72A2-4B46-B2BF-358B8D2E44D4}
IE:64bit: - HKLM\..\SearchScopes\{26B51A6E-72A2-4B46-B2BF-358B8D2E44D4}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MNMTDF&pc=MANM&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{26B51A6E-72A2-4B46-B2BF-358B8D2E44D4}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MNMTDF&pc=MANM&src=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Utente\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

O1 HOSTS File: ([2014/01/14 19:37:28 | 000,000,741 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Guida per l'accesso a Windows Live ID) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programmi\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programmi\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_35)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{285A2710-D3B3-4551-BDF8-55ECD625CD6B}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8BD34EAC-90E7-449D-808E-1B9C688D6DF1}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E437150C-38BE-4031-89EA-69B81030B138}: DhcpNameServer = 192.168.42.129
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programmi\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (livessp) - C:\Windows\SysNative\livessp.dll (Microsoft Corp.)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\SysWow64\livessp.dll (Microsoft Corp.)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/01/17 21:30:37 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/01/17 09:02:46 | 000,000,000 | ---D | C] -- C:\Users\Utente\AppData\Local\Paint.NET
[2014/01/15 08:33:18 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2014/01/15 08:33:18 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2014/01/15 08:33:13 | 000,376,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2014/01/12 15:16:21 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/01/12 15:16:20 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/01/12 15:16:20 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/01/12 15:16:20 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/01/12 15:16:19 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/01/12 15:16:19 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/01/12 15:16:19 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/01/12 15:16:19 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/01/12 15:16:19 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/01/12 15:16:18 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/01/12 15:16:18 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/01/12 15:16:18 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/01/12 15:16:18 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/01/12 15:16:17 | 001,928,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/01/12 15:16:16 | 001,995,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/01/12 15:16:14 | 005,769,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/01/12 10:09:49 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2014/01/12 10:09:49 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2014/01/12 10:09:46 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2014/01/11 15:49:45 | 000,028,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEUDINIT.EXE
[2014/01/11 15:46:17 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014/01/11 15:46:17 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2014/01/11 15:46:11 | 001,051,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014/01/11 15:46:11 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll
[2014/01/11 15:46:11 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2014/01/11 15:46:11 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2014/01/11 15:46:11 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2014/01/11 15:46:11 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2014/01/11 15:46:11 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/01/11 15:46:11 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2014/01/11 15:46:11 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2014/01/11 15:46:11 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2014/01/11 15:46:11 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2014/01/11 15:46:11 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/01/11 15:46:11 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2014/01/11 15:46:11 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2014/01/11 15:46:11 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/01/11 15:46:11 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/01/11 15:46:11 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/01/11 15:46:11 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2014/01/11 15:46:10 | 001,228,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014/01/11 15:46:10 | 000,942,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll
[2014/01/11 15:46:10 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2014/01/11 15:46:10 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/01/11 15:46:10 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2014/01/11 15:46:10 | 000,610,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2014/01/11 15:46:10 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/01/11 15:46:10 | 000,453,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/01/11 15:46:10 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2014/01/11 15:46:10 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/01/11 15:46:10 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2014/01/11 15:46:10 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2014/01/11 15:46:10 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/01/11 15:46:10 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2014/01/11 15:46:10 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2014/01/11 15:46:10 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2014/01/11 15:46:10 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2014/01/11 15:46:10 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2014/01/11 15:46:10 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2014/01/11 15:46:10 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2014/01/11 15:46:10 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/01/11 15:46:10 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2014/01/11 15:46:10 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2014/01/11 15:46:10 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2014/01/11 15:46:10 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2014/01/11 15:46:10 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2014/01/11 15:46:10 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2014/01/11 15:46:10 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/01/11 15:46:10 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014/01/11 15:46:10 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2014/01/11 15:46:10 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2014/01/11 15:46:10 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2014/01/11 15:46:10 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2014/01/11 15:46:10 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014/01/11 15:46:10 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2014/01/11 15:46:10 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/01/11 15:46:10 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2014/01/11 15:46:10 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2014/01/11 15:46:10 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2014/01/11 15:46:10 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014/01/11 15:46:10 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2014/01/11 15:46:10 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2014/01/11 15:46:10 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2014/01/11 15:46:10 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2014/01/11 15:40:32 | 000,016,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wmilib.sys.bak
[2014/01/11 15:40:31 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys.bak
[2014/01/11 15:40:31 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\watchdog.sys.bak
[2014/01/11 15:40:29 | 001,342,064 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\SysNative\drivers\viahduaa.sys.bak
[2014/01/11 15:40:29 | 000,129,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\videoprt.sys.bak
[2014/01/11 15:40:28 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys.bak
[2014/01/11 15:40:28 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbrpm.sys.bak
[2014/01/11 15:40:27 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBCAMD2.sys.bak
[2014/01/11 15:40:27 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023x.sys.bak
[2014/01/11 15:40:27 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys.bak
[2014/01/11 15:40:27 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys.bak
[2014/01/11 15:40:26 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys.bak
[2014/01/11 15:40:26 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbGD.sys.bak
[2014/01/11 15:40:25 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tape.sys.bak
[2014/01/11 15:40:25 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tdi.sys.bak
[2014/01/11 15:40:24 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys.bak
[2014/01/11 15:40:24 | 000,099,384 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudbus.sys.bak
[2014/01/11 15:40:24 | 000,068,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\stream.sys.bak
[2014/01/11 15:40:24 | 000,024,656 | ---- | C] (Promise Technology) -- C:\Windows\SysNative\drivers\stexstor.sys.bak
[2014/01/11 15:40:23 | 000,426,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\spsys.sys.bak
[2014/01/11 15:40:23 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\smclib.sys.bak
[2014/01/11 15:40:22 | 000,171,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\scsiport.sys.bak
[2014/01/11 15:40:21 | 000,539,240 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys.bak
[2014/01/11 15:40:21 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rndismpx.sys.bak
[2014/01/11 15:40:21 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys.bak
[2014/01/11 15:40:21 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rootmdm.sys.bak
[2014/01/11 15:40:20 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rmcast.sys.bak
[2014/01/11 15:40:18 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys.bak
[2014/01/11 15:40:18 | 000,048,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pciidex.sys.bak
[2014/01/11 15:40:16 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys.bak
[2014/01/11 15:40:11 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys.bak
[2014/01/11 15:40:11 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mcd.sys.bak
[2014/01/11 15:40:10 | 004,865,568 | ---- | C] (Logitech Inc.) -- C:\Windows\SysNative\drivers\lvuvc64.sys.bak
[2014/01/11 15:40:10 | 000,065,600 | ---- | C] (LSI Corporation) -- C:\Windows\SysNative\drivers\lsi_sas2.sys.bak
[2014/01/11 15:40:08 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\irda.sys.bak
[2014/01/11 15:40:07 | 006,180,832 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\igdkmd64.sys.bak
[2014/01/11 15:40:06 | 000,078,720 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\SysNative\drivers\HpSAMD.sys.bak
[2014/01/11 15:40:06 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys.bak
[2014/01/11 15:40:06 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidparse.sys.bak
[2014/01/11 15:40:05 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS.bak
[2014/01/11 15:40:05 | 000,056,344 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\HECIx64.sys.bak
[2014/01/11 15:40:05 | 000,031,232 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysNative\drivers\hcw85cir.sys.bak
[2014/01/11 15:40:04 | 000,048,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fssfltr.sys.bak
[2014/01/11 15:40:04 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys.bak
[2014/01/11 15:40:03 | 003,286,016 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\evbda.sys.bak
[2014/01/11 15:40:02 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys.bak
[2014/01/11 15:40:02 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxg.sys.bak
[2014/01/11 15:40:02 | 000,055,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dumpfve.sys.bak
[2014/01/11 15:40:02 | 000,028,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Dumpata.sys.bak
[2014/01/11 15:40:02 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxapi.sys.bak
[2014/01/11 15:40:01 | 000,422,216 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\coykfbcl.sys.bak
[2014/01/11 15:40:01 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys.bak
[2014/01/11 15:40:01 | 000,039,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\crashdmp.sys.bak
[2014/01/11 15:40:01 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys.bak
[2014/01/11 15:40:00 | 000,179,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys.bak
[2014/01/11 15:39:59 | 000,468,480 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\bxvbda.sys.bak
[2014/01/11 15:39:58 | 000,028,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\battc.sys.bak
[2014/01/11 15:39:57 | 000,270,848 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\b57nd60a.sys.bak
[2014/01/11 15:39:56 | 000,155,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ataport.sys.bak
[2014/01/11 15:39:55 | 000,194,128 | ---- | C] (AMD Technologies Inc.) -- C:\Windows\SysNative\drivers\amdsbs.sys.bak
[2014/01/11 15:39:55 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys.bak
[2014/01/11 15:39:55 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys.bak
[2014/01/11 15:39:53 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\1394bus.sys.bak
[2014/01/11 15:39:53 | 000,045,824 | ---- | C] (Advanced Card Systems Ltd.) -- C:\Windows\SysNative\drivers\a38ccid.sys.bak
[2014/01/11 15:38:42 | 000,000,000 | ---D | C] -- C:\Users\Utente\Desktop\RK_Quarantine
[2014/01/11 12:49:06 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2014/01/11 12:49:05 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2014/01/11 12:49:05 | 011,410,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2014/01/11 12:49:04 | 014,631,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2014/01/11 11:29:37 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2014/01/11 11:29:37 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2014/01/11 11:29:37 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2014/01/11 11:29:37 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2014/01/11 11:29:37 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2014/01/11 11:29:37 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2014/01/11 11:29:37 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2014/01/11 11:29:37 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2014/01/11 11:29:37 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2014/01/11 11:29:37 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2014/01/11 11:29:37 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2014/01/11 11:29:37 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2014/01/11 11:29:37 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2014/01/11 11:29:37 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2014/01/11 11:29:37 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2014/01/11 11:29:37 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2014/01/11 11:29:37 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2014/01/11 11:29:37 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2014/01/11 11:29:37 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2014/01/11 11:29:37 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2014/01/11 11:29:37 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2014/01/11 11:29:37 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2014/01/11 11:29:37 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2014/01/11 11:29:37 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2014/01/11 11:29:37 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2014/01/11 11:29:37 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2014/01/11 11:29:37 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2014/01/11 11:29:37 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2014/01/11 11:29:37 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2014/01/11 11:29:37 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2014/01/11 11:29:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2014/01/11 11:29:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2014/01/11 11:29:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2014/01/11 11:29:37 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2014/01/11 11:29:37 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2014/01/11 11:29:37 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2014/01/11 11:13:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2014/01/11 11:11:42 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2014/01/11 11:11:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2014/01/11 10:56:22 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2014/01/11 10:56:22 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2014/01/11 10:56:22 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2014/01/11 10:56:22 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2014/01/11 10:48:07 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2014/01/11 10:06:53 | 000,335,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msieftp.dll
[2014/01/11 10:06:52 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2014/01/11 10:06:52 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msieftp.dll
[2014/01/11 10:06:25 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
[2014/01/11 10:06:25 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
[2014/01/11 10:06:25 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2014/01/11 10:06:14 | 003,717,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2014/01/11 10:06:13 | 003,217,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2014/01/11 10:06:12 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2014/01/11 10:06:12 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2014/01/11 10:06:12 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2014/01/11 10:06:12 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll

da **Andrexli** » sab gen 18, 2014 9:04 pm

2°

[2014/01/11 10:05:57 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2014/01/11 10:05:13 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2014/01/11 10:04:46 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll
[2014/01/11 10:04:41 | 001,474,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2014/01/11 10:04:41 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2014/01/11 10:04:22 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2014/01/11 10:03:43 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys
[2014/01/11 10:03:43 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys
[2014/01/11 10:03:42 | 000,155,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ataport.sys
[2014/01/11 10:03:36 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2014/01/11 10:03:36 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2014/01/11 10:03:36 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\credui.dll
[2014/01/11 10:03:36 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmartcardCredentialProvider.dll
[2014/01/11 10:03:35 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
[2014/01/11 10:03:18 | 000,368,128 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2014/01/11 10:03:18 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2014/01/11 10:03:18 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2014/01/11 10:03:18 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2014/01/11 10:03:18 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2014/01/11 10:03:18 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lpk.dll
[2014/01/11 10:03:18 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2014/01/11 10:03:18 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll
[2014/01/11 10:03:16 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2014/01/11 10:03:15 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2014/01/11 10:03:15 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2014/01/11 10:03:15 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2014/01/11 10:03:15 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2014/01/11 10:03:06 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2014/01/11 10:03:06 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2014/01/11 10:03:02 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2014/01/11 10:03:02 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2014/01/11 10:03:02 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2014/01/11 10:03:02 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2014/01/11 10:03:02 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2014/01/11 10:03:02 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2014/01/11 10:03:01 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2014/01/11 10:03:01 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2014/01/11 10:03:01 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2014/01/11 10:03:01 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2014/01/11 10:03:01 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2014/01/11 10:03:01 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2014/01/11 10:03:01 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2014/01/11 10:03:01 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2014/01/11 10:03:01 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2014/01/11 10:03:01 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2014/01/11 10:03:01 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2014/01/11 10:03:01 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2014/01/11 10:03:01 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2014/01/11 10:03:01 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2014/01/11 10:03:01 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2014/01/11 10:03:01 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2014/01/11 10:03:01 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2014/01/11 10:03:01 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2014/01/11 10:03:01 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2014/01/11 10:03:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2014/01/11 10:02:48 | 001,888,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2014/01/11 10:02:48 | 001,620,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2014/01/11 10:02:47 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023x.sys
[2014/01/11 10:02:47 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
[2014/01/11 10:02:45 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2014/01/11 10:02:45 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll
[2014/01/11 10:02:44 | 001,217,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2014/01/11 10:02:37 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll
[2014/01/11 10:02:37 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2014/01/11 10:02:37 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2014/01/11 10:02:36 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll
[2014/01/11 10:02:36 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2014/01/11 10:02:36 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2014/01/11 10:02:28 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys
[2014/01/11 10:02:28 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidparse.sys
[2014/01/11 10:01:38 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2014/01/11 10:01:36 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll
[2014/01/11 10:01:35 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpnet.dll
[2014/01/11 10:01:34 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2014/01/11 10:01:34 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2014/01/11 10:01:31 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2014/01/11 10:01:23 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
[2014/01/11 10:01:23 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2014/01/11 10:01:23 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll
[2014/01/11 10:01:23 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs
[2014/01/11 10:01:23 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs
[2014/01/11 10:01:23 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs
[2014/01/11 10:01:23 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs
[2014/01/11 10:01:23 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs
[2014/01/11 10:01:23 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs
[2014/01/11 10:01:23 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs
[2014/01/11 10:01:23 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs
[2014/01/11 10:01:23 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs
[2014/01/11 10:01:23 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs
[2014/01/11 10:01:23 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs
[2014/01/11 10:01:23 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs
[2014/01/11 10:01:23 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs
[2014/01/11 10:01:23 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs
[2014/01/11 10:01:23 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs
[2014/01/11 10:01:23 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs
[2014/01/11 10:01:23 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs
[2014/01/11 10:01:23 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs
[2014/01/11 10:01:23 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs
[2014/01/11 10:01:23 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs
[2014/01/11 10:01:22 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll
[2014/01/11 10:01:22 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs
[2014/01/11 10:01:22 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs
[2014/01/11 10:01:22 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs
[2014/01/11 10:01:22 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs
[2014/01/11 10:01:22 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs
[2014/01/11 10:01:22 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs
[2014/01/11 10:01:22 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs
[2014/01/11 10:01:22 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs
[2014/01/11 10:00:19 | 005,549,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2014/01/11 10:00:19 | 003,969,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2014/01/11 10:00:19 | 003,914,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2014/01/11 10:00:18 | 001,732,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2014/01/11 10:00:18 | 000,878,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
[2014/01/11 10:00:18 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdh.dll
[2014/01/11 10:00:18 | 000,619,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdh.dll
[2014/01/11 10:00:18 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2014/01/11 10:00:17 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2014/01/11 10:00:17 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2014/01/11 10:00:17 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2014/01/11 10:00:17 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2014/01/11 10:00:16 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2014/01/11 10:00:06 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2014/01/11 10:00:06 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2014/01/11 10:00:06 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2014/01/11 09:59:07 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll
[2014/01/11 09:59:07 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll
[2014/01/11 09:59:04 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2014/01/11 09:58:49 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe
[2014/01/11 09:58:48 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2014/01/11 09:58:45 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2014/01/11 09:58:45 | 000,492,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2014/01/11 09:58:38 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptdlg.dll
[2014/01/11 09:58:38 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptdlg.dll
[2014/01/11 09:58:21 | 000,124,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2014/01/11 09:58:21 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2014/01/11 09:58:19 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2014/01/11 09:58:11 | 001,192,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certutil.exe
[2014/01/11 09:58:10 | 000,903,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certutil.exe
[2014/01/11 09:58:10 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certenc.dll
[2014/01/11 09:58:10 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certenc.dll
[2014/01/11 09:57:37 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrrun.dll
[2014/01/11 09:57:37 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscript.exe
[2014/01/11 09:57:37 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshom.ocx
[2014/01/11 09:57:37 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshom.ocx
[2014/01/11 09:57:36 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrrun.dll
[2014/01/11 09:57:36 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cscript.exe
[2014/01/11 09:57:35 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2014/01/11 09:57:35 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2014/01/11 09:56:26 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nshwfp.dll
[2014/01/11 09:56:26 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshwfp.dll
[2014/01/11 09:56:26 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FWPUCLNT.DLL
[2014/01/11 09:56:26 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL
[2014/01/11 09:52:17 | 000,461,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scavengeui.dll
[2014/01/10 22:05:25 | 000,000,000 | ---D | C] -- C:\Users\Utente\Desktop\antivirus
[2014/01/10 19:23:59 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/01/10 19:04:27 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro
[2014/01/10 19:02:52 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2014/01/09 08:55:48 | 000,000,000 | --SD | C] -- C:\$RECYCLE.BIN
[2014/01/08 21:57:22 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2014/01/08 21:48:43 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2014/01/08 21:48:43 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2014/01/08 21:48:43 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2014/01/08 21:48:16 | 000,000,000 | ---D | C] -- C:\Qoobox
[2014/01/08 21:48:09 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2014/01/08 21:47:53 | 005,160,001 | R--- | C] (Swearware) -- C:\Users\Utente\Desktop\ComboFix.exe
[2014/01/07 22:09:04 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013/12/30 13:50:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Local Settings
[2013/12/28 18:24:53 | 000,000,000 | ---D | C] -- C:\Users\Utente\AppData\Local\{2D619A0E-7052-456A-B552-72F37B0D9453}
[2013/12/27 15:51:21 | 000,000,000 | ---D | C] -- C:\Users\Utente\AppData\Local\{1C64CCD8-665D-4233-8AE0-D3391DBA14F0}
[2013/12/25 11:16:54 | 000,000,000 | ---D | C] -- C:\Users\Utente\AppData\Local\{3DFFD47A-E019-4FD8-AC4E-594B563A2A71}
[2013/12/25 11:08:32 | 000,000,000 | ---D | C] -- C:\Users\Utente\Desktop\Nuova cartella
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/01/18 20:45:56 | 001,548,930 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/01/18 20:45:56 | 000,701,188 | ---- | M] () -- C:\Windows\SysNative\perfh010.dat
[2014/01/18 20:45:56 | 000,618,714 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/01/18 20:45:56 | 000,128,534 | ---- | M] () -- C:\Windows\SysNative\perfc010.dat
[2014/01/18 20:45:56 | 000,107,034 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/01/18 20:39:01 | 000,000,978 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/01/18 20:38:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/18 13:58:44 | 000,025,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/18 13:58:44 | 000,025,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/18 13:51:22 | 1602,985,984 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/15 14:51:28 | 000,415,144 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/01/14 19:37:28 | 000,000,741 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014/01/14 19:37:02 | 000,054,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys.bak
[2014/01/14 19:37:02 | 000,016,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wmilib.sys.bak
[2014/01/14 19:37:01 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\watchdog.sys.bak
[2014/01/14 19:37:00 | 001,342,064 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\SysNative\drivers\viahduaa.sys.bak
[2014/01/14 19:37:00 | 000,129,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\videoprt.sys.bak
[2014/01/14 19:36:59 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys.bak
[2014/01/14 19:36:59 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbrpm.sys.bak
[2014/01/14 19:36:59 | 000,007,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys.bak
[2014/01/14 19:36:58 | 000,032,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBCAMD2.sys.bak
[2014/01/14 19:36:58 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbGD.sys.bak
[2014/01/14 19:36:58 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023x.sys.bak
[2014/01/14 19:36:58 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys.bak
[2014/01/14 19:36:57 | 000,059,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys.bak
[2014/01/14 19:36:57 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tdi.sys.bak
[2014/01/14 19:36:56 | 000,189,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys.bak
[2014/01/14 19:36:56 | 000,099,384 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudbus.sys.bak
[2014/01/14 19:36:56 | 000,068,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\stream.sys.bak
[2014/01/14 19:36:56 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tape.sys.bak
[2014/01/14 19:36:56 | 000,024,656 | ---- | M] (Promise Technology) -- C:\Windows\SysNative\drivers\stexstor.sys.bak
[2014/01/14 19:36:55 | 000,426,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\spsys.sys.bak
[2014/01/14 19:36:55 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\smclib.sys.bak
[2014/01/14 19:36:54 | 000,171,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\scsiport.sys.bak
[2014/01/14 19:36:53 | 000,539,240 | ---- | M] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys.bak
[2014/01/14 19:36:53 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rmcast.sys.bak
[2014/01/14 19:36:53 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rndismpx.sys.bak
[2014/01/14 19:36:53 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys.bak
[2014/01/14 19:36:53 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rootmdm.sys.bak
[2014/01/14 19:36:51 | 000,230,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys.bak
[2014/01/14 19:36:51 | 000,048,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pciidex.sys.bak
[2014/01/14 19:36:49 | 000,376,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys.bak
[2014/01/14 19:36:46 | 004,865,568 | ---- | M] (Logitech Inc.) -- C:\Windows\SysNative\drivers\lvuvc64.sys.bak
[2014/01/14 19:36:46 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys.bak
[2014/01/14 19:36:46 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mcd.sys.bak
[2014/01/14 19:36:45 | 000,065,600 | ---- | M] (LSI Corporation) -- C:\Windows\SysNative\drivers\lsi_sas2.sys.bak
[2014/01/14 19:36:44 | 000,120,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\irda.sys.bak
[2014/01/14 19:36:43 | 006,180,832 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\igdkmd64.sys.bak
[2014/01/14 19:36:42 | 000,078,720 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\SysNative\drivers\HpSAMD.sys.bak
[2014/01/14 19:36:42 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys.bak
[2014/01/14 19:36:42 | 000,056,344 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\HECIx64.sys.bak
[2014/01/14 19:36:42 | 000,032,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidparse.sys.bak
[2014/01/14 19:36:42 | 000,032,512 | ---- | M] () -- C:\Windows\SysNative\drivers\hitmanpro37.sys.bak
[2014/01/14 19:36:42 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysNative\drivers\hcw85cir.sys.bak
[2014/01/14 19:36:41 | 000,288,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS.bak
[2014/01/14 19:36:41 | 000,023,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys.bak
[2014/01/14 19:36:40 | 000,048,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fssfltr.sys.bak
[2014/01/14 19:36:38 | 003,286,016 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\evbda.sys.bak
[2014/01/14 19:36:37 | 000,265,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys.bak
[2014/01/14 19:36:37 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxg.sys.bak
[2014/01/14 19:36:36 | 000,422,216 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\coykfbcl.sys.bak
[2014/01/14 19:36:36 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys.bak
[2014/01/14 19:36:36 | 000,055,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dumpfve.sys.bak
[2014/01/14 19:36:36 | 000,039,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\crashdmp.sys.bak
[2014/01/14 19:36:36 | 000,028,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Dumpata.sys.bak
[2014/01/14 19:36:36 | 000,027,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys.bak
[2014/01/14 19:36:36 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxapi.sys.bak
[2014/01/14 19:36:35 | 000,468,480 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\bxvbda.sys.bak
[2014/01/14 19:36:35 | 000,179,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys.bak
[2014/01/14 19:36:34 | 000,270,848 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\b57nd60a.sys.bak
[2014/01/14 19:36:34 | 000,028,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\battc.sys.bak
[2014/01/14 19:36:33 | 000,194,128 | ---- | M] (AMD Technologies Inc.) -- C:\Windows\SysNative\drivers\amdsbs.sys.bak
[2014/01/14 19:36:33 | 000,155,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ataport.sys.bak
[2014/01/14 19:36:33 | 000,107,904 | ---- | M] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys.bak
[2014/01/14 19:36:33 | 000,027,008 | ---- | M] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys.bak
[2014/01/14 19:36:32 | 000,068,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\1394bus.sys.bak
[2014/01/14 19:36:32 | 000,045,824 | ---- | M] (Advanced Card Systems Ltd.) -- C:\Windows\SysNative\drivers\a38ccid.sys.bak
[2014/01/14 19:30:08 | 000,001,205 | ---- | M] () -- C:\Users\Utente\Desktop\Fixexe.reg
[2014/01/13 21:40:53 | 000,053,645 | ---- | M] () -- C:\Users\Utente\Desktop\bonificosepadettaglio.pdf
[2014/01/11 15:46:17 | 000,940,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014/01/11 15:46:17 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2014/01/11 15:46:11 | 001,051,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014/01/11 15:46:11 | 000,645,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll
[2014/01/11 15:46:11 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2014/01/11 15:46:11 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2014/01/11 15:46:11 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2014/01/11 15:46:11 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2014/01/11 15:46:11 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/01/11 15:46:11 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2014/01/11 15:46:11 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2014/01/11 15:46:11 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2014/01/11 15:46:11 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2014/01/11 15:46:11 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/01/11 15:46:11 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2014/01/11 15:46:11 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2014/01/11 15:46:11 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/01/11 15:46:11 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/01/11 15:46:11 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/01/11 15:46:11 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2014/01/11 15:46:11 | 000,016,284 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2014/01/11 15:46:10 | 001,228,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014/01/11 15:46:10 | 000,942,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll
[2014/01/11 15:46:10 | 000,774,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2014/01/11 15:46:10 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/01/11 15:46:10 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2014/01/11 15:46:10 | 000,610,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2014/01/11 15:46:10 | 000,548,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/01/11 15:46:10 | 000,453,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/01/11 15:46:10 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2014/01/11 15:46:10 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/01/11 15:46:10 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2014/01/11 15:46:10 | 000,235,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2014/01/11 15:46:10 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/01/11 15:46:10 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2014/01/11 15:46:10 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2014/01/11 15:46:10 | 000,143,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2014/01/11 15:46:10 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2014/01/11 15:46:10 | 000,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2014/01/11 15:46:10 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2014/01/11 15:46:10 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2014/01/11 15:46:10 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/01/11 15:46:10 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2014/01/11 15:46:10 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2014/01/11 15:46:10 | 000,101,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2014/01/11 15:46:10 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2014/01/11 15:46:10 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2014/01/11 15:46:10 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2014/01/11 15:46:10 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/01/11 15:46:10 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014/01/11 15:46:10 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2014/01/11 15:46:10 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2014/01/11 15:46:10 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2014/01/11 15:46:10 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2014/01/11 15:46:10 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014/01/11 15:46:10 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2014/01/11 15:46:10 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/01/11 15:46:10 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2014/01/11 15:46:10 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2014/01/11 15:46:10 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2014/01/11 15:46:10 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014/01/11 15:46:10 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2014/01/11 15:46:10 | 000,016,284 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2014/01/11 15:46:10 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2014/01/11 15:46:10 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2014/01/11 15:46:10 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2014/01/11 11:29:37 | 003,928,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2014/01/11 11:29:37 | 002,776,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2014/01/11 11:29:37 | 002,565,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2014/01/11 11:29:37 | 002,284,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2014/01/11 11:29:37 | 001,682,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2014/01/11 11:29:37 | 001,643,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2014/01/11 11:29:37 | 001,238,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2014/01/11 11:29:37 | 001,158,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2014/01/11 11:29:37 | 000,648,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2014/01/11 11:29:37 | 000,522,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2014/01/11 11:29:37 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2014/01/11 11:29:37 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2014/01/11 11:29:37 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2014/01/11 11:29:37 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2014/01/11 11:29:37 | 000,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2014/01/11 11:29:37 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2014/01/11 11:29:37 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2014/01/11 11:29:37 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2014/01/11 11:29:37 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2014/01/11 11:29:37 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2014/01/11 11:29:37 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2014/01/11 11:29:37 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2014/01/11 11:29:37 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2014/01/11 11:29:37 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2014/01/11 11:29:37 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2014/01/11 11:29:37 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2014/01/11 11:29:37 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2014/01/11 11:29:37 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2014/01/11 11:29:37 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2014/01/11 11:29:37 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2014/01/11 11:29:37 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2014/01/11 11:29:37 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2014/01/11 11:29:37 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2014/01/11 11:29:37 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2014/01/11 11:29:37 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2014/01/11 11:29:37 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2014/01/10 19:18:27 | 000,032,512 | ---- | M] () -- C:\Windows\SysNative\drivers\hitmanpro37.sys
[2014/01/10 19:09:34 | 000,004,250 | ---- | M] () -- C:\Windows\SysNative\.crusader
[2014/01/08 10:28:10 | 005,160,001 | R--- | M] (Swearware) -- C:\Users\Utente\Desktop\ComboFix.exe
[2014/01/08 10:26:38 | 069,342,960 | ---- | M] () -- C:\Users\Utente\Desktop\avira_antivir_personal_en.exe
[2013/12/30 15:52:24 | 000,000,829 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/01/14 19:30:08 | 000,001,205 | ---- | C] () -- C:\Users\Utente\Desktop\Fixexe.reg
[2014/01/13 21:40:53 | 000,053,645 | ---- | C] () -- C:\Users\Utente\Desktop\bonificosepadettaglio.pdf
[2014/01/11 15:46:11 | 000,016,284 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2014/01/11 15:46:10 | 000,016,284 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2014/01/11 15:40:06 | 000,032,512 | ---- | C] () -- C:\Windows\SysNative\drivers\hitmanpro37.sys.bak
[2014/01/11 14:38:07 | 000,001,400 | ---- | C] () -- C:\Users\Utente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/01/11 10:56:21 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2014/01/11 10:02:45 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2014/01/10 19:09:34 | 000,004,250 | ---- | C] () -- C:\Windows\SysNative\.crusader
[2014/01/10 19:07:24 | 000,032,512 | ---- | C] () -- C:\Windows\SysNative\drivers\hitmanpro37.sys
[2014/01/08 21:48:43 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2014/01/08 21:48:43 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2014/01/08 21:48:43 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2014/01/08 21:48:43 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2014/01/08 21:48:43 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2014/01/08 21:25:43 | 069,342,960 | ---- | C] () -- C:\Users\Utente\Desktop\avira_antivir_personal_en.exe
[2013/10/31 18:27:57 | 000,000,000 | ---- | C] () -- C:\ProgramData\frfjlfb7.fvv
[2013/05/18 12:31:20 | 000,007,605 | ---- | C] () -- C:\Users\Utente\AppData\Local\Resmon.ResmonCfg
[2012/08/11 13:35:14 | 000,027,520 | ---- | C] () -- C:\Users\Utente\AppData\Local\dt.dat
[2012/07/16 18:55:07 | 000,008,192 | ---- | C] () -- C:\Users\Utente\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/05/28 15:54:30 | 000,146,432 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2012/05/28 15:54:30 | 000,072,704 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL

========== ZeroAccess Check ==========

[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"ThreadingModel" = Both
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/05/18 12:36:57 | 000,000,000 | ---D | M] -- C:\Users\Utente\AppData\Roaming\TuneUp Software
[2014/01/13 20:46:09 | 000,000,000 | ---D | M] -- C:\Users\Utente\AppData\Roaming\uTorrent
[2013/12/30 13:59:01 | 000,000,000 | ---D | M] -- C:\Users\Utente\AppData\Roaming\VSStore
[2013/12/30 15:25:37 | 000,000,000 | ---D | M] -- C:\Users\Utente\AppData\Roaming\Ypit

========== Purity Check ==========

< End of report >

da GERONIMO* » dom gen 19, 2014 12:27 pm

ok
Apri OTL
e copia/incolla tutto questo Script che vedi sotto nella finestra Custom Scans/Fixes
clicca su RUN FIX
Lascia finire la scansione
Riavvia il pc quando richiesto cliccando su Ok
Al Riavvio del pc trovi il log sul Desktop
postalo qui sul forum.

Codice: Seleziona tutto: :OTL :Reg [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command] ""=""%1" %*" :Files ipconfig /flushdns /c C:\ProgramData\frfjlfb7.fvv :commands [purity] [emptytemp] [Emptyjava] [EMPTYFLASH] [start explorer] [Reboot]

poi direi che abbiamo finito
il pc è pulito

dopo scarica un solo antivirus,vedi quello che riesci a installare
Avira
http://www.avira.com/it/avira-free-antivirus

ZoneAllarm
http://www.zonealarm.it/security/it/zon ... rewall.htm

Panda Cloud
http://www.cloudantivirus.com/en/#!/fre ... s-download

www.MegaLab.it

Trojan.agent in HKLM\ è [LOG] ComboFix

Re: Trojan.agent in HKLM\ è [LOG] ComboFix

Re: Trojan.agent in HKLM\ è [LOG] ComboFix

Re: Trojan.agent in HKLM\ è [LOG] ComboFix

Re: Trojan.agent in HKLM\ è [LOG] ComboFix

Re: Trojan.agent in HKLM\ è [LOG] ComboFix

Re: Trojan.agent in HKLM\ è [LOG] ComboFix

Re: Trojan.agent in HKLM\ è [LOG] ComboFix

Re: Trojan.agent in HKLM\ è [LOG] ComboFix

Re: Trojan.agent in HKLM\ è [LOG] ComboFix

Re: Trojan.agent in HKLM\ è [LOG] ComboFix

Re: Trojan.agent in HKLM\ è [LOG] ComboFix

Re: Trojan.agent in HKLM\ è [LOG] ComboFix

Re: Trojan.agent in HKLM\ è [LOG] ComboFix

Re: Trojan.agent in HKLM\ è [LOG] ComboFix

Re: Trojan.agent in HKLM\ è [LOG] ComboFix

Re: Trojan.agent in HKLM\ è [LOG] ComboFix

Re: Trojan.agent in HKLM\ è [LOG] ComboFix

Re: Trojan.agent in HKLM\ è [LOG] ComboFix

Re: Trojan.agent in HKLM\ è [LOG] ComboFix

Re: Trojan.agent in HKLM\ è [LOG] ComboFix

Chi c’è in linea