OTL logfile created on: 25/11/2012 15:10:32 - Run 6 OTL by OldTimer - Version 3.2.69.0 Folder = D:\Utenti\Paul\dowloads\OTL 64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16433) Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy 3,98 Gb Total Physical Memory | 2,68 Gb Available Physical Memory | 67,47% Memory free 10,00 Gb Paging File | 8,60 Gb Available in Paging File | 85,95% Paging File free Paging file location(s): c:\pagefile.sys 64 64e:\pagefile. [Binary data over 200 bytes] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86) Drive C: | 279,46 Gb Total Space | 200,43 Gb Free Space | 71,72% Space Free | Partition Type: NTFS Drive D: | 288,74 Gb Total Space | 190,37 Gb Free Space | 65,93% Space Free | Partition Type: NTFS Drive E: | 19,06 Gb Total Space | 12,66 Gb Free Space | 66,41% Space Free | Partition Type: NTFS Drive F: | 86,37 Gb Total Space | 30,97 Gb Free Space | 35,86% Space Free | Partition Type: NTFS Drive G: | 30,61 Mb Total Space | 19,36 Mb Free Space | 63,23% Space Free | Partition Type: NTFS Drive N: | 24,98 Gb Total Space | 5,12 Gb Free Space | 20,48% Space Free | Partition Type: FAT32 Computer Name: ASUSC123 | User Name: Paul | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012/11/25 02:07:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Utenti\Paul\dowloads\OTL\OTL.exe PRC - [2012/11/16 08:01:55 | 000,255,992 | ---- | M] (Microsoft Corporation) -- C:\Users\Paul\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe PRC - [2012/10/11 12:17:59 | 002,312,216 | ---- | M] () -- C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe PRC - [2012/10/10 19:29:14 | 000,143,928 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Norton 360\Engine\20.2.0.19\ccSvcHst.exe PRC - [2012/06/20 16:21:46 | 001,556,640 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe PRC - [2012/06/15 13:08:30 | 001,149,912 | ---- | M] (Crystal Dew World) -- D:\Program Files (x86)\CrystalDiskInfo\DiskInfo.exe PRC - [2012/02/06 18:32:34 | 000,102,568 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe PRC - [2012/02/03 15:24:50 | 000,277,120 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe PRC - [2012/02/03 14:40:42 | 000,277,120 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe PRC - [2012/01/20 00:42:54 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe PRC - [2011/12/23 15:39:38 | 000,174,720 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe PRC - [2011/12/22 18:58:42 | 000,318,080 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe PRC - [2011/11/21 13:22:08 | 000,080,512 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe PRC - [2011/11/21 13:19:50 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe PRC - [2011/10/24 16:20:38 | 000,174,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe PRC - [2011/10/03 10:45:58 | 000,375,424 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe PRC - [2011/10/01 00:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe PRC - [2011/10/01 00:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe PRC - [2011/08/10 21:52:54 | 000,138,760 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe PRC - [2011/05/30 12:48:16 | 000,155,648 | ---- | M] (ASUSTeK) -- C:\Windows\SysWOW64\ACEngSvr.exe PRC - [2011/04/06 08:27:56 | 002,535,296 | ---- | M] (ashampoo GmbH & Co. KG) -- D:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 4\UIWatcher.exe PRC - [2010/12/21 03:24:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2010/12/21 03:24:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2010/08/20 18:57:06 | 000,107,816 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe PRC - [2009/06/19 09:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe PRC - [2009/04/07 08:13:10 | 000,673,616 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe PRC - [2007/06/15 11:57:42 | 000,145,504 | ---- | M] (B.H.A Corporation) -- C:\Windows\SysWOW64\bgsvcgen.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2012/11/19 21:31:12 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\6cb04d32b2897d0745ade5b7a0689189\System.Configuration.ni.dll MOD - [2012/11/18 20:40:42 | 005,452,800 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\6c34b9c8df4997ebbd2cd0ec01592eb2\System.Xml.ni.dll MOD - [2012/11/18 20:40:39 | 012,436,480 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\b5fbb0525df9de99970c60a5891939eb\System.Windows.Forms.ni.dll MOD - [2012/11/18 20:40:32 | 001,592,832 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\a2ce5fa5ddc467113d344183228ad23e\System.Drawing.ni.dll MOD - [2012/11/18 20:40:26 | 014,344,704 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e77619e856b76cb3cafaf8978fa50a3c\PresentationFramework.ni.dll MOD - [2012/11/18 20:40:26 | 000,368,128 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\451a19701e7295e052a28fc3fc496922\PresentationFramework.Aero.ni.dll MOD - [2012/11/18 20:40:12 | 012,240,384 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationCore\d3c3e4130d3b3fabf8e856ef4da0b05d\PresentationCore.ni.dll MOD - [2012/11/18 20:40:02 | 003,349,504 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsBase\20da735ec72bc50c0041364d82b87e7a\WindowsBase.ni.dll MOD - [2012/11/18 20:39:59 | 007,988,224 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\7a3f4b6e28bff7fc6e201f3444e38d06\System.ni.dll MOD - [2012/11/18 20:39:54 | 011,494,912 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\0d4a97f42b4d71125220c04a3a2fee75\mscorlib.ni.dll MOD - [2012/10/11 12:17:59 | 002,312,216 | ---- | M] () -- C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe MOD - [2012/10/11 12:17:06 | 002,069,528 | ---- | M] () -- C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll MOD - [2012/09/13 23:04:00 | 000,307,200 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_it_b77a5c561934e089\mscorlib.resources.dll MOD - [2012/07/06 03:01:04 | 000,241,664 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_it_31bf3856ad364e35\PresentationFramework.resources.dll MOD - [2012/07/06 03:01:04 | 000,086,016 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\WindowsBase.resources\3.0.0.0_it_31bf3856ad364e35\WindowsBase.resources.dll MOD - [2012/07/06 03:01:02 | 000,425,984 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_it_b77a5c561934e089\System.Windows.Forms.resources.dll MOD - [2012/05/30 07:51:08 | 000,699,280 | R--- | M] () -- C:\PROGRAM FILES (X86)\NORTON 360\NORTON 360\ENGINE\20.2.0.19\wincfi39.dll MOD - [2012/02/06 18:32:30 | 000,009,216 | ---- | M] () -- C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll MOD - [2010/08/20 18:57:06 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll MOD - [2010/08/20 18:57:00 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll MOD - [2009/03/12 14:45:32 | 000,135,168 | ---- | M] () -- C:\PROGRA~2\EPSONS~1\EVENTM~1\ASSIST~1\SCANAS~1\SCANEN~1.DLL MOD - [2008/11/21 12:58:42 | 000,057,344 | ---- | M] () -- C:\PROGRA~2\EPSONS~1\EVENTM~1\ASSIST~1\SCANAS~1\SATWAIN.dll [color=#E56717]========== Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2012/10/29 04:20:49 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder) SRV:[b]64bit:[/b] - [2012/10/20 08:43:53 | 006,746,280 | ---- | M] (Prevx) [Auto | Running] -- C:\Program Files\Prevx\prevx.exe -- (CSIScanner) SRV:[b]64bit:[/b] - [2012/09/20 10:10:47 | 002,367,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService) SRV:[b]64bit:[/b] - [2012/09/20 09:18:03 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify) SRV:[b]64bit:[/b] - [2012/09/20 07:32:59 | 000,169,984 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker) SRV:[b]64bit:[/b] - [2012/09/20 07:32:58 | 000,178,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker) SRV:[b]64bit:[/b] - [2012/09/20 07:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc) SRV:[b]64bit:[/b] - [2012/09/20 07:30:41 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure) SRV:[b]64bit:[/b] - [2012/07/26 04:08:33 | 000,025,088 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\mqsvc.exe -- (MSMQ) SRV:[b]64bit:[/b] - [2012/07/26 04:08:04 | 001,968,128 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc) SRV:[b]64bit:[/b] - [2012/07/26 04:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc) SRV:[b]64bit:[/b] - [2012/07/26 04:07:42 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc) SRV:[b]64bit:[/b] - [2012/07/26 04:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc) SRV:[b]64bit:[/b] - [2012/07/26 04:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc) SRV:[b]64bit:[/b] - [2012/07/26 04:06:36 | 000,463,872 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm) SRV:[b]64bit:[/b] - [2012/07/26 04:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon) SRV:[b]64bit:[/b] - [2012/07/26 04:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc) SRV:[b]64bit:[/b] - [2012/07/26 04:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup) SRV:[b]64bit:[/b] - [2012/07/26 04:06:00 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM) SRV:[b]64bit:[/b] - [2012/07/26 04:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso) SRV:[b]64bit:[/b] - [2012/07/26 04:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS) SRV:[b]64bit:[/b] - [2012/07/26 04:05:28 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc) SRV:[b]64bit:[/b] - [2012/07/26 04:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService) SRV:[b]64bit:[/b] - [2012/07/26 04:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent) SRV:[b]64bit:[/b] - [2012/07/26 04:05:04 | 000,187,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV:[b]64bit:[/b] - [2012/07/26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss) SRV:[b]64bit:[/b] - [2012/07/26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync) SRV:[b]64bit:[/b] - [2012/07/26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown) SRV:[b]64bit:[/b] - [2012/07/26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv) SRV:[b]64bit:[/b] - [2012/07/26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange) SRV:[b]64bit:[/b] - [2012/07/26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat) SRV:[b]64bit:[/b] - [2012/05/29 16:19:44 | 000,035,680 | ---- | M] (TuneUp Software) [Auto | Stopped] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp) SRV:[b]64bit:[/b] - [2011/03/04 01:57:58 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent) SRV - [2012/11/22 00:58:46 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012/11/10 20:36:28 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012/10/25 20:17:30 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2012/10/11 12:17:59 | 002,312,216 | ---- | M] () [Auto | Running] -- C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe -- (Browser Manager) SRV - [2012/10/10 19:29:14 | 000,143,928 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton 360\Norton 360\Engine\20.2.0.19\ccSvcHst.exe -- (N360) SRV - [2012/09/23 19:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012/09/20 09:18:03 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify) SRV - [2012/09/11 18:13:02 | 001,494,144 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programmi\Microsoft Office 15\ClientX64\integratedoffice.exe -- (OfficeSvc) SRV - [2012/07/26 04:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc) SRV - [2012/07/26 04:18:41 | 000,408,064 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS) SRV - [2012/07/26 04:18:41 | 000,408,064 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC) SRV - [2012/07/26 04:17:52 | 000,060,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc) SRV - [2012/07/05 17:41:46 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Disabled | Stopped] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service) SRV - [2012/06/23 17:18:38 | 005,132,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programmi\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc) SRV - [2012/05/29 16:19:46 | 002,143,072 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc) SRV - [2012/05/29 16:19:44 | 000,029,024 | ---- | M] (TuneUp Software) [Auto | Stopped] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp) SRV - [2012/02/03 15:24:50 | 000,277,120 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe -- (ASUS InstantOn) SRV - [2011/11/21 13:22:08 | 000,080,512 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService) SRV - [2011/11/21 13:19:50 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv) SRV - [2011/11/04 08:57:32 | 002,234,992 | ---- | M] (mobile concepts) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MC Common\BoostService.exe -- (SpeedBoosterSvc) SRV - [2011/11/04 08:57:30 | 005,663,856 | ---- | M] (mobile concepts) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MC Common\AMDSrv.exe -- (MCDefragService) SRV - [2011/10/01 00:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa) SRV - [2011/10/01 00:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist) SRV - [2011/08/10 21:52:54 | 000,138,760 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe -- (NSL) SRV - [2010/12/21 03:24:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2010/12/21 03:24:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2010/09/23 02:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programmi\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2007/12/17 04:00:00 | 000,163,840 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE -- (EPSON_EB_RPCV4_01) SRV - [2007/06/15 11:57:42 | 000,145,504 | ---- | M] (B.H.A Corporation) [Auto | Running] -- C:\Windows\SysWOW64\bgsvcgen.exe -- (bgsvcgen) SRV - [2007/01/11 04:02:00 | 000,126,464 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE -- (EPSON_PM_RPCV4_01) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2012/11/24 16:28:46 | 000,177,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS -- (SymEvent) DRV:[b]64bit:[/b] - [2012/10/20 08:43:54 | 000,065,736 | ---- | M] (Prevx) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\pxrts.sys -- (pxrts) DRV:[b]64bit:[/b] - [2012/10/20 08:43:54 | 000,036,384 | ---- | M] (Prevx) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pxscan.sys -- (pxscan) DRV:[b]64bit:[/b] - [2012/10/20 08:43:53 | 000,024,024 | ---- | M] (Prevx) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\pxkbf.sys -- (pxkbf) DRV:[b]64bit:[/b] - [2012/10/18 07:17:18 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc) DRV:[b]64bit:[/b] - [2012/10/12 09:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:[b]64bit:[/b] - [2012/10/11 08:25:48 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor) DRV:[b]64bit:[/b] - [2012/10/11 08:13:54 | 000,194,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus) DRV:[b]64bit:[/b] - [2012/10/11 08:13:49 | 000,058,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam) DRV:[b]64bit:[/b] - [2012/10/08 18:00:02 | 000,776,864 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\Drivers\N360x64\1402000.013\srtsp64.sys -- (SRTSP) DRV:[b]64bit:[/b] - [2012/10/03 18:40:36 | 001,133,216 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\N360x64\1402000.013\SymEFA64.sys -- (SymEFA) DRV:[b]64bit:[/b] - [2012/10/03 18:40:20 | 000,493,216 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\N360x64\1402000.013\SymDS64.sys -- (SymDS) DRV:[b]64bit:[/b] - [2012/10/03 18:19:14 | 000,168,096 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\N360x64\1402000.013\ccSetx64.sys -- (ccSet_N360) DRV:[b]64bit:[/b] - [2012/09/20 08:55:33 | 000,445,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3) DRV:[b]64bit:[/b] - [2012/09/20 08:55:33 | 000,337,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI) DRV:[b]64bit:[/b] - [2012/09/20 08:55:33 | 000,212,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000) DRV:[b]64bit:[/b] - [2012/09/20 08:55:30 | 000,120,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101) DRV:[b]64bit:[/b] - [2012/09/20 08:55:29 | 000,028,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32) DRV:[b]64bit:[/b] - [2012/09/20 08:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2012/09/20 08:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2012/09/20 08:03:08 | 000,148,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM) DRV:[b]64bit:[/b] - [2012/09/20 07:09:11 | 000,031,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg) DRV:[b]64bit:[/b] - [2012/09/20 07:08:27 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid) DRV:[b]64bit:[/b] - [2012/09/06 19:05:14 | 000,432,800 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\N360x64\1402000.013\symnets.sys -- (SymNetS) DRV:[b]64bit:[/b] - [2012/09/06 19:05:08 | 000,043,680 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\SymIMV.sys -- (SymIM) DRV:[b]64bit:[/b] - [2012/09/06 19:05:06 | 000,023,448 | R--- | M] (Symantec Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\N360x64\1402000.013\SymELAM.sys -- (SymELAM) DRV:[b]64bit:[/b] - [2012/09/06 18:48:08 | 000,224,416 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\N360x64\1402000.013\Ironx64.sys -- (SymIRON) DRV:[b]64bit:[/b] - [2012/09/06 18:40:52 | 000,037,496 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\N360x64\1402000.013\srtspx64.sys -- (SRTSPX) DRV:[b]64bit:[/b] - [2012/08/21 17:56:38 | 000,091,648 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\AtihdW86.sys -- (AtiHDAudioService) DRV:[b]64bit:[/b] - [2012/08/20 16:23:52 | 000,147,288 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VBoxNetAdp.sys -- (VBoxNetAdp) DRV:[b]64bit:[/b] - [2012/08/01 03:03:18 | 003,618,304 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\athw8x.sys -- (athr) DRV:[b]64bit:[/b] - [2012/07/26 06:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2012/07/26 06:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv) DRV:[b]64bit:[/b] - [2012/07/26 06:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID) DRV:[b]64bit:[/b] - [2012/07/26 06:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt) DRV:[b]64bit:[/b] - [2012/07/26 06:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor) DRV:[b]64bit:[/b] - [2012/07/26 06:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex) DRV:[b]64bit:[/b] - [2012/07/26 06:00:55 | 000,283,888 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport) DRV:[b]64bit:[/b] - [2012/07/26 06:00:55 | 000,077,552 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci) DRV:[b]64bit:[/b] - [2012/07/26 06:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis) DRV:[b]64bit:[/b] - [2012/07/26 06:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2012/07/26 06:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2012/07/26 06:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS) DRV:[b]64bit:[/b] - [2012/07/26 06:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2012/07/26 06:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv) DRV:[b]64bit:[/b] - [2012/07/26 06:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass) DRV:[b]64bit:[/b] - [2012/07/26 06:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2012/07/26 06:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware) DRV:[b]64bit:[/b] - [2012/07/26 06:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2012/07/26 06:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2012/07/26 05:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS) DRV:[b]64bit:[/b] - [2012/07/26 05:54:34 | 000,096,496 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS) DRV:[b]64bit:[/b] - [2012/07/26 05:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci) DRV:[b]64bit:[/b] - [2012/07/26 05:44:30 | 000,258,288 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter) DRV:[b]64bit:[/b] - [2012/07/26 05:36:15 | 000,034,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot) DRV:[b]64bit:[/b] - [2012/07/26 04:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt) DRV:[b]64bit:[/b] - [2012/07/26 03:30:26 | 000,185,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\mqac.sys -- (MQAC) DRV:[b]64bit:[/b] - [2012/07/26 03:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf) DRV:[b]64bit:[/b] - [2012/07/26 03:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay) DRV:[b]64bit:[/b] - [2012/07/26 03:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo) DRV:[b]64bit:[/b] - [2012/07/26 03:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender) DRV:[b]64bit:[/b] - [2012/07/26 03:27:58 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM) DRV:[b]64bit:[/b] - [2012/07/26 03:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter) DRV:[b]64bit:[/b] - [2012/07/26 03:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic) DRV:[b]64bit:[/b] - [2012/07/26 03:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime) DRV:[b]64bit:[/b] - [2012/07/26 03:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig) DRV:[b]64bit:[/b] - [2012/07/26 03:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr) DRV:[b]64bit:[/b] - [2012/07/26 03:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr) DRV:[b]64bit:[/b] - [2012/07/26 03:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd) DRV:[b]64bit:[/b] - [2012/07/26 03:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx) DRV:[b]64bit:[/b] - [2012/07/26 03:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx) DRV:[b]64bit:[/b] - [2012/07/26 03:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD) DRV:[b]64bit:[/b] - [2012/07/26 03:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum) DRV:[b]64bit:[/b] - [2012/07/26 03:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc) DRV:[b]64bit:[/b] - [2012/07/26 03:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2012/07/26 03:25:54 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c) DRV:[b]64bit:[/b] - [2012/07/26 03:25:26 | 000,203,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\Vid.sys -- (Vid) DRV:[b]64bit:[/b] - [2012/07/26 03:25:22 | 000,067,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\storvsp.sys -- (storvsp) DRV:[b]64bit:[/b] - [2012/07/26 03:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr) DRV:[b]64bit:[/b] - [2012/07/26 03:25:12 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmbusr.sys -- (vmbusr) DRV:[b]64bit:[/b] - [2012/07/26 03:25:12 | 000,066,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpcivsp.sys -- (vpcivsp) DRV:[b]64bit:[/b] - [2012/07/26 03:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform) DRV:[b]64bit:[/b] - [2012/07/26 03:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp) DRV:[b]64bit:[/b] - [2012/07/26 03:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu) DRV:[b]64bit:[/b] - [2012/07/25 23:53:22 | 011,926,528 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\atikmdag.sys -- (amdkmdag) DRV:[b]64bit:[/b] - [2012/06/29 03:00:48 | 000,360,448 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\atikmpag.sys -- (amdkmdap) DRV:[b]64bit:[/b] - [2012/06/02 15:31:31 | 000,100,864 | ---- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\L1C63x64.sys -- (L1C) DRV:[b]64bit:[/b] - [2012/03/09 09:57:36 | 000,023,816 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\cpuz135_x64.sys -- (cpuz135) DRV:[b]64bit:[/b] - [2011/10/01 00:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Sftvolwin7.sys -- (Sftvol) DRV:[b]64bit:[/b] - [2011/10/01 00:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Sftplaywin7.sys -- (Sftplay) DRV:[b]64bit:[/b] - [2011/10/01 00:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Sftredirwin7.sys -- (Sftredir) DRV:[b]64bit:[/b] - [2011/10/01 00:30:16 | 000,765,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Sftfswin7.sys -- (Sftfs) DRV:[b]64bit:[/b] - [2011/08/09 00:38:05 | 000,167,048 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\NSTx64\0200000.010\ccSetx64.sys -- (ccSet_NST) DRV:[b]64bit:[/b] - [2011/07/29 12:54:56 | 000,016,776 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\epmntdrv.sys -- (epmntdrv) DRV:[b]64bit:[/b] - [2011/07/29 12:54:56 | 000,009,096 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\EuGdiDrv.sys -- (EuGdiDrv) DRV:[b]64bit:[/b] - [2011/05/13 23:37:54 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fssfltr.sys -- (fssfltr) DRV:[b]64bit:[/b] - [2011/04/26 04:07:36 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\iaStor.sys -- (iaStor) DRV:[b]64bit:[/b] - [2010/12/31 17:30:10 | 000,138,024 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\ETD.sys -- (ETD) DRV:[b]64bit:[/b] - [2010/10/19 23:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\HECIx64.sys -- (MEIx64) DRV:[b]64bit:[/b] - [2009/05/18 12:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:[b]64bit:[/b] - [2008/05/23 16:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WimFltr.sys -- (WimFltr) DRV:[b]64bit:[/b] - [2006/08/25 13:36:52 | 000,039,208 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\cdrbsdrv.sys -- (cdrbsdrv) DRV - [2012/11/23 16:36:10 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\IPSDefs\20121123.001\IDSviA64.sys -- (IDSVia64) DRV - [2012/11/23 01:00:00 | 002,084,000 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\VirusDefs\20121124.005\ex64.sys -- (NAVEX15) DRV - [2012/11/23 01:00:00 | 000,126,112 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\VirusDefs\20121124.005\eng64.sys -- (NAVENG) DRV - [2012/11/18 01:48:50 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) DRV - [2012/10/24 00:34:23 | 001,384,608 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\BASHDefs\20121106.001\BHDrvx64.sys -- (BHDrvx64) DRV - [2012/09/29 07:26:46 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl) DRV - [2011/10/31 14:00:20 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv) DRV - [2011/09/07 08:55:04 | 000,017,536 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO_) DRV - [2011/07/29 12:54:56 | 000,014,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\epmntdrv.sys -- (epmntdrv) DRV - [2011/07/29 12:54:56 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\EuGdiDrv.sys -- (EuGdiDrv) DRV - [2009/07/02 16:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://forum.mozillaitalia.org/ind [Binary data over 200 bytes] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/ IE - HKCU\..\SearchScopes,DefaultScope = {0EBB234C-42D8-48A5-A996-DC65E2E0B99D} IE - HKCU\..\SearchScopes\{0EBB234C-42D8-48A5-A996-DC65E2E0B99D}: "URL" = http://www.google.it/#hl=it&source=hp&q={searchTerms}&aq=f&aqi=g10&aql=&oq=&gs_rfai=&fp=9fca69c98b5d77d7 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.5 FF - prefs.js..extensions.enabledAddons: text2voice%40vik.josh:1.10 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0 FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_5_502_110.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\windows\system32\npDeployJava1.dll (Oracle Corporation) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll () FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: D:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fmconverter@gmail.com: D:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [2012/07/22 10:46:39 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\coFFPlgn\ [2012/11/24 17:14:37 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\IPSFFPlgn\ [2012/11/24 16:32:05 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/11/24 16:08:46 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 13.0.1\extensions\\Components: D:\Program Files (x86)\Mozilla Thunderbird\components [2012/11/01 18:33:11 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Components: D:\Program Files (x86)\Mozilla Thunderbird\components [2012/11/01 18:33:11 | 000,000,000 | ---D | M] [2012/07/01 08:08:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Paul\AppData\Roaming\mozilla\Extensions [2012/11/24 09:37:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Paul\AppData\Roaming\mozilla\Firefox\Profiles\f86jyhcc.default-1353537215881\extensions [2012/11/24 09:37:23 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Paul\AppData\Roaming\mozilla\Firefox\Profiles\f86jyhcc.default-1353537215881\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2012/11/22 01:23:10 | 000,061,608 | ---- | M] () (No name found) -- C:\Users\Paul\AppData\Roaming\mozilla\firefox\profiles\f86jyhcc.default-1353537215881\extensions\text2voice@vik.josh.xpi [2012/11/24 09:37:14 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\Paul\AppData\Roaming\mozilla\firefox\profiles\f86jyhcc.default-1353537215881\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012/11/22 01:23:10 | 000,243,496 | ---- | M] () (No name found) -- C:\Users\Paul\AppData\Roaming\mozilla\firefox\profiles\f86jyhcc.default-1353537215881\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2012/11/24 16:08:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012/11/22 00:58:43 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012/11/20 07:17:00 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012/11/20 11:04:28 | 000,001,606 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-it.xml [2012/11/20 11:04:28 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012/11/20 11:04:28 | 000,000,957 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-it.xml [2012/11/20 11:04:28 | 000,001,030 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\hoepli.xml [2012/11/20 11:04:28 | 000,001,395 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-it.xml [2012/11/20 11:04:28 | 000,001,166 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-it.xml [color=#E56717]========== Chrome ==========[/color] CHR - homepage: CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter} CHR - homepage: CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\pdf.dll CHR - plugin: Application Manager (Enabled) = C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\spext.dll CHR - plugin: Freemake np-plugin for google chrome (Enabled) = C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj\1.0.0_0\npFreemake.dll CHR - plugin: Norton Confidential (Enabled) = C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.6.10_0\npcoplgn.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = D:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = D:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = D:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = D:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = D:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = D:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = D:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Disabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll CHR - plugin: Java(TM) Platform SE 7 U9 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Microsoft Office 2013 (Enabled) = C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL CHR - plugin: Shockwave Flash (Enabled) = C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll CHR - plugin: Java Deployment Toolkit 7.0.90.5 (Enabled) = C:\windows\SysWOW64\npDeployJava1.dll CHR - plugin: DocuCom PDF Plus (Enabled) = D:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll CHR - plugin: VLC Web Plugin (Enabled) = D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll CHR - Extension: Google Drive = C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: GreaseGoogle = C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\apeeedokdcajckokidhdkbkflkpfpgko\1.61_0\ CHR - Extension: YouTube = C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Ricerca Google = C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Freemake Video Converter = C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj\1.0.0_0\ CHR - Extension: Norton Identity Protection = C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.6.10_0\ CHR - Extension: Norton Identity Protection = C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.2.0.18_0\ CHR - Extension: Tastiera virtuale (di Google) = C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpphfcjpaldmedbbomcdhgonmhjngfig\0.9.8.8_0\ CHR - Extension: Settings Protector = C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\ CHR - Extension: Gmail = C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ CHR - Extension: OneClickDownload = C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmlghpafmmnmmkjdhacccolfgnkiboco\1.2_0\ O1 HOSTS File: ([2012/11/25 15:01:08 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2:[b]64bit:[/b] - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programmi\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmi\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:[b]64bit:[/b] - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programmi\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) O2:[b]64bit:[/b] - BHO: (Microsoft SPFS Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Programmi\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmi\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Norton 360\Engine\20.2.0.19\coIEPlg.dll (Symantec Corporation) O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Norton 360\Engine\20.2.0.19\IPS\IPSBHO.DLL (Symantec Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - D:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programmi\Microsoft Office 15\root\office15\urlredir.dll (Microsoft Corporation) O2 - BHO: (Microsoft SPFS Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Programmi\Microsoft Office 15\root\office15\grooveex.dll (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Norton 360\Engine\20.2.0.19\coIEPlg.dll (Symantec Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.) O4:[b]64bit:[/b] - HKLM..\Run: [ETDCtrl] C:\Programmi\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.) O4:[b]64bit:[/b] - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Microsoft Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [IntelliType Pro] c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation) O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS) O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.) O4 - HKLM..\Run: [EEventManager] C:\PROGRA~2\EPSONS~1\EVENTM~1\EEventManager.exe (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS) O4 - HKLM..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited) O4 - HKLM..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe (Virage Logic Corporation / Sonic Focus) O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Paul\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) O4 - HKCU..\Run: [EPSON SX510W Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFIE.EXE /FU "C:\Windows\TEMP\E_SAD9F.tmp" /EF "HKCU" File not found O4 - HKCU..\Run: [EPSON SX510W Series (Copia 2)] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFIE.EXE /FU "C:\Windows\TEMP\E_S1862.tmp" /EF "HKCU" File not found O4 - HKCU..\Run: [Minimem] D:\Program Files (x86)\Kerkia\Minimem\minimem.exe (Kerkia) O4 - HKCU..\Run: [SkyDrive] c:\users\paul\appdata\local\microsoft\skydrive\skydrive.exe (Microsoft Corporation) O4 - HKCU..\Run: [UIWatcher] D:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 4\UIWatcher.exe (ashampoo GmbH & Co. KG) O4 - Startup: C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Start Prism HUD.lnk = D:\Program Files (x86)\Prism HUD\prism.exe (Util's Haven) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 00 00 01 00 [binary data] O8:[b]64bit:[/b] - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation) O8:[b]64bit:[/b] - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation) O8:[b]64bit:[/b] - Extra context menu item: Traduci pagina con Google - C:\ProgramData\TuneUp Software\TuneUp Utilities 2012\Web\gtranslate.htm () O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation) O8 - Extra context menu item: Traduci pagina con Google - C:\ProgramData\TuneUp Software\TuneUp Utilities 2012\Web\gtranslate.htm () O9:[b]64bit:[/b] - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programmi\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation) O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programmi\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation) O9:[b]64bit:[/b] - Extra Button: Microsoft Lync add-on - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programmi\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Microsoft Lync add-on - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programmi\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) O9:[b]64bit:[/b] - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programmi\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:[b]64bit:[/b] - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programmi\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programmi\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programmi\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation) O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programmi\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programmi\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programmi\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: hijackthis.de ([www] https in Siti attendibili) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 193.70.152.15 212.52.97.15 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{39069E62-4E84-4576-B0D1-97E4429FCA4A}: DhcpNameServer = 193.70.152.15 212.52.97.15 192.168.1.1 O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\osf - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Programmi\Microsoft Office 15\root\office15\msosb.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - D:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - AppInit_DLLs: (c:\progra~3\browse~1\23796~1.11\{16cdf~1\browse~1.dll) - c:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll () O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O27:[b]64bit:[/b] - HKLM IFEO\aom.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:[b]64bit:[/b] - HKLM IFEO\aomx.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:[b]64bit:[/b] - HKLM IFEO\appvlp.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:[b]64bit:[/b] - HKLM IFEO\ar505ita.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:[b]64bit:[/b] - HKLM IFEO\autopatcher.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:[b]64bit:[/b] - HKLM IFEO\autopatcherx.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:[b]64bit:[/b] - HKLM IFEO\ccleaner64.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:[b]64bit:[/b] - HKLM IFEO\checkdiskgui.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:[b]64bit:[/b] - HKLM IFEO\chrome.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:[b]64bit:[/b] - HKLM IFEO\excel.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:[b]64bit:[/b] - HKLM IFEO\groove.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:[b]64bit:[/b] - HKLM IFEO\i2p.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:[b]64bit:[/b] - HKLM IFEO\i2psvc.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:[b]64bit:[/b] - HKLM IFEO\images2pdf.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:[b]64bit:[/b] - HKLM IFEO\integratedoffice.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:[b]64bit:[/b] - HKLM IFEO\isuspm.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:[b]64bit:[/b] - HKLM IFEO\itunes.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:[b]64bit:[/b] - HKLM IFEO\launcher.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:[b]64bit:[/b] - HKLM IFEO\msaccess.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:[b]64bit:[/b] - HKLM IFEO\msouc.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:[b]64bit:[/b] - HKLM IFEO\mspub.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:[b]64bit:[/b] - HKLM IFEO\onenote.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:[b]64bit:[/b] - HKLM IFEO\outlook.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:[b]64bit:[/b] - HKLM IFEO\pdfarchitect.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:[b]64bit:[/b] - HKLM IFEO\pdfreader.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:[b]64bit:[/b] - HKLM IFEO\powerpnt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:[b]64bit:[/b] - HKLM IFEO\prism.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:[b]64bit:[/b] - HKLM IFEO\selfcert.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:[b]64bit:[/b] - HKLM IFEO\setlang.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:[b]64bit:[/b] - HKLM IFEO\setup.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:[b]64bit:[/b] - HKLM IFEO\skype.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:[b]64bit:[/b] - HKLM IFEO\soda 3d pdf reader.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:[b]64bit:[/b] - HKLM IFEO\sonicfocus.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:[b]64bit:[/b] - HKLM IFEO\system restore manager.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:[b]64bit:[/b] - HKLM IFEO\transtool.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:[b]64bit:[/b] - HKLM IFEO\tvosa.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:[b]64bit:[/b] - HKLM IFEO\uninst.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:[b]64bit:[/b] - HKLM IFEO\winword.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27:[b]64bit:[/b] - HKLM IFEO\x-lite.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\aom.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\aomx.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\appvlp.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\ar505ita.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\autopatcher.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\autopatcherx.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\ccleaner64.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\checkdiskgui.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\chrome.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\excel.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\groove.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\i2p.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\i2psvc.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\images2pdf.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\integratedoffice.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\isuspm.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\itunes.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\launcher.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\msaccess.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\msouc.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\mspub.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\onenote.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\outlook.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\pdfarchitect.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\pdfreader.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\powerpnt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\prism.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\selfcert.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\setlang.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\setup.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\skype.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\soda 3d pdf reader.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\sonicfocus.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\system restore manager.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\transtool.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\tvosa.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\uninst.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\winword.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O27 - HKLM IFEO\x-lite.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software) O30 - LSA: Security Packages - (livessp) - File not found O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012/11/25 11:34:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASM104xUSB3 [2012/11/25 03:52:31 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++ [2012/11/25 03:52:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++ [2012/11/25 03:52:29 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Notepad++ [2012/11/24 16:45:58 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\NPE [2012/11/24 16:30:53 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360 [2012/11/24 16:23:22 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton [2012/11/24 10:25:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\appmgmt [2012/11/24 09:42:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 [2012/11/23 08:03:03 | 000,000,000 | ---D | C] -- C:\HijackThis [2012/11/22 00:58:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2012/11/22 00:48:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2012/11/22 00:46:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator [2012/11/22 00:46:35 | 000,100,864 | ---- | C] (pdfforge GbR) -- C:\WINDOWS\SysNative\pdfcmon.dll [2012/11/21 23:33:41 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\Dati precedenti di Firefox [2012/11/20 08:59:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP [2012/11/20 08:58:25 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies [2012/11/20 08:48:56 | 000,000,000 | ---D | C] -- C:\AMD [2012/11/19 02:49:50 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\Apps [2012/11/18 21:11:01 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Malwarebytes [2012/11/18 21:10:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012/11/18 21:10:36 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys [2012/11/18 19:02:19 | 000,000,000 | R--D | C] -- C:\WINDOWS\BrowserChoice [2012/11/18 16:28:25 | 000,000,000 | ---D | C] -- C:\ProgramData\PRICache [2012/11/18 16:28:25 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\Packages [2012/11/18 16:13:58 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Video [2012/11/18 16:13:58 | 000,000,000 | -HSD | C] -- C:\Programmi [2012/11/18 16:13:58 | 000,000,000 | -HSD | C] -- C:\ProgramData\Preferiti [2012/11/18 16:13:58 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Musica [2012/11/18 16:13:58 | 000,000,000 | -HSD | C] -- C:\ProgramData\Modelli [2012/11/18 16:13:58 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Avvio [2012/11/18 16:13:58 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Immagini [2012/11/18 16:13:58 | 000,000,000 | -HSD | C] -- C:\Program Files\File comuni [2012/11/18 16:13:58 | 000,000,000 | -HSD | C] -- C:\ProgramData\Documenti [2012/11/18 16:13:58 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dati applicazioni [2012/11/18 16:09:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC [2012/11/18 15:58:16 | 000,000,000 | --SD | C] -- C:\Users\Paul\AppData\Roaming\Microsoft [2012/11/18 15:58:16 | 000,000,000 | R--D | C] -- C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools [2012/11/18 15:58:16 | 000,000,000 | R--D | C] -- C:\Users\Paul\Favorites [2012/11/18 15:58:16 | 000,000,000 | R--D | C] -- C:\Users\Paul\Desktop [2012/11/18 15:58:16 | 000,000,000 | R--D | C] -- C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2012/11/18 15:58:16 | 000,000,000 | R--D | C] -- C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility [2012/11/18 15:58:16 | 000,000,000 | -HSD | C] -- C:\Users\Paul\AppData\Local\Temporary Internet Files [2012/11/18 15:58:16 | 000,000,000 | -HSD | C] -- C:\Users\Paul\SendTo [2012/11/18 15:58:16 | 000,000,000 | -HSD | C] -- C:\Users\Paul\Risorse di stampa [2012/11/18 15:58:16 | 000,000,000 | -HSD | C] -- C:\Users\Paul\Risorse di rete [2012/11/18 15:58:16 | 000,000,000 | -HSD | C] -- C:\Users\Paul\Recenti [2012/11/18 15:58:16 | 000,000,000 | -HSD | C] -- C:\Users\Paul\Modelli [2012/11/18 15:58:16 | 000,000,000 | -HSD | C] -- C:\Users\Paul\Menu Avvio [2012/11/18 15:58:16 | 000,000,000 | -HSD | C] -- C:\Users\Paul\Impostazioni locali [2012/11/18 15:58:16 | 000,000,000 | -HSD | C] -- C:\Users\Paul\Documenti [2012/11/18 15:58:16 | 000,000,000 | -HSD | C] -- C:\Users\Paul\Dati applicazioni [2012/11/18 15:58:16 | 000,000,000 | -HSD | C] -- C:\Users\Paul\AppData\Local\Dati applicazioni [2012/11/18 15:58:16 | 000,000,000 | -HSD | C] -- C:\Users\Paul\AppData\Local\Cronologia [2012/11/18 15:58:16 | 000,000,000 | -HSD | C] -- C:\Users\Paul\Cookies [2012/11/18 15:58:16 | 000,000,000 | -H-D | C] -- C:\Users\Paul\AppData [2012/11/18 15:58:16 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\Temp [2012/11/18 15:58:16 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\Microsoft [2012/11/18 15:58:16 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2012/11/18 15:55:18 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek [2012/11/18 15:55:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\RTCOM [2012/11/18 15:54:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch [2012/11/18 15:52:50 | 000,000,000 | ---D | C] -- C:\Windows.old [2012/11/18 15:48:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reference Assemblies [2012/11/18 15:48:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSBuild [2012/11/18 15:48:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\XPSViewer [2012/11/18 15:48:56 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies [2012/11/18 15:48:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\msmq [2012/11/18 15:48:56 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild [2012/11/18 15:48:56 | 000,000,000 | ---D | C] -- C:\inetpub [2012/11/18 15:48:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\BestPractices [2012/11/18 15:48:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\BestPractices [2012/11/18 15:46:02 | 000,000,000 | ---D | C] -- C:\Program Files\Elantech [2012/11/18 15:13:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\Panther [2012/11/18 14:56:50 | 000,000,000 | ---D | C] -- D:\Utenti\Paul\Documenti\AAAPcMover [2012/11/18 04:27:09 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Manager [2012/11/18 04:27:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Browser Manager [2012/11/18 04:26:04 | 000,000,000 | ---D | C] -- C:\Users\Paul\Downloads [2012/11/18 03:30:19 | 000,000,000 | ---D | C] -- C:\archdb [2012/11/18 03:25:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Paragon [2012/11/17 22:13:48 | 000,037,392 | ---- | C] (Paragon Software Group) -- C:\WINDOWS\SysNative\drivers\hotcore3.sys [2012/11/17 22:13:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paragon Hard Disk Manager™ 10 Special Edition [2012/11/17 12:17:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2012/11/17 00:42:16 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\sun [2012/11/17 00:40:23 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1 [2012/11/17 00:36:20 | 000,000,000 | ---D | C] -- C:\Users\Paul\Desktop\open office [2012/11/10 20:45:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Laplink [2012/11/10 20:44:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Laplink PCmover [2012/11/10 20:44:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Laplink [2012/11/10 11:21:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Agent Ransack (64-bit) [2012/11/09 23:53:44 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\{5190CE6A-5CC5-4B5A-AF43-0230C7367BD9} [2012/11/04 12:05:57 | 002,578,576 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\WavesGUILib.dll [2012/11/04 12:05:56 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\WINDOWS\SysNative\SRSTSX64.dll [2012/11/04 12:05:56 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\WINDOWS\SysNative\SRSTSH64.dll [2012/11/04 12:05:56 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\WINDOWS\SysNative\SRSHP64.dll [2012/11/04 12:05:56 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\WINDOWS\SysNative\SRSWOW64.dll [2012/11/04 12:05:54 | 000,220,496 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\WINDOWS\SysNative\SFNHK64.dll [2012/11/04 12:05:53 | 000,081,232 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\WINDOWS\SysNative\SFCOM64.dll [2012/11/04 12:05:53 | 000,078,160 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\WINDOWS\SysNative\SFAPO64.dll [2012/11/04 12:05:53 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\WINDOWS\SysWow64\SFCOM.dll [2012/11/04 12:05:49 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RTEEP64A.dll [2012/11/04 12:05:49 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RP3DHT64.dll [2012/11/04 12:05:49 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RP3DAA64.dll [2012/11/04 12:05:49 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RTEED64A.dll [2012/11/04 12:05:49 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RTEEL64A.dll [2012/11/04 12:05:49 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\WINDOWS\SysNative\RTEEG64A.dll [2012/11/04 12:05:48 | 001,718,616 | ---- | C] (Dolby Laboratories) -- C:\WINDOWS\SysNative\R4EEP64A.dll [2012/11/04 12:05:48 | 000,421,720 | ---- | C] (Dolby Laboratories) -- C:\WINDOWS\SysNative\R4EED64A.dll [2012/11/04 12:05:48 | 000,127,832 | ---- | C] (Dolby Laboratories) -- C:\WINDOWS\SysNative\R4EEL64A.dll [2012/11/04 12:05:48 | 000,108,888 | ---- | C] (Dolby Laboratories) -- C:\WINDOWS\SysNative\R4EEA64A.dll [2012/11/04 12:05:48 | 000,074,584 | ---- | C] (Dolby Laboratories) -- C:\WINDOWS\SysNative\R4EEG64A.dll [2012/11/04 12:05:47 | 002,197,264 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxAudioEQ.dll [2012/11/04 12:05:47 | 001,868,944 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxAudioRealtek.dll [2012/11/04 12:05:47 | 000,341,336 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxAudioAPO30.dll [2012/11/04 12:05:47 | 000,334,680 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxVolumeSDAPO.dll [2012/11/04 12:05:47 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\WINDOWS\SysNative\MaxxAudioAPO20.dll [2012/11/04 12:05:44 | 001,943,616 | ---- | C] (Fortemedia Corporation) -- C:\WINDOWS\SysNative\FMAPO64.dll [2012/11/04 12:05:44 | 001,327,208 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSS2SpeakerDLL64.dll [2012/11/04 12:05:44 | 001,179,752 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSS2HeadphoneDLL64.dll [2012/11/04 12:05:44 | 000,491,112 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSSymmetryDLL64.dll [2012/11/04 12:05:44 | 000,475,752 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSVoiceClarityDLL64.dll [2012/11/04 12:05:44 | 000,317,032 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSNeoPCDLL64.dll [2012/11/04 12:05:44 | 000,269,928 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSLimiterDLL64.dll [2012/11/04 12:05:44 | 000,126,056 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSLFXAPO64.dll [2012/11/04 12:05:44 | 000,125,544 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSGFXAPO64.dll [2012/11/04 12:05:44 | 000,125,032 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSGFXAPONS64.dll [2012/11/04 12:05:43 | 001,111,656 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSBoostDLL64.dll [2012/11/04 12:05:43 | 000,504,936 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSBassEnhancementDLL64.dll [2012/11/04 12:05:43 | 000,266,856 | ---- | C] (DTS) -- C:\WINDOWS\SysNative\DTSGainCompensatorDLL64.dll [2012/11/03 17:57:09 | 000,000,000 | ---D | C] -- D:\Utenti\Paul\Documenti\Balabolka [2012/11/03 17:57:09 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Balabolka [2012/11/03 16:49:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ScanSoft [2012/11/03 15:35:27 | 000,000,000 | ---D | C] -- D:\Utenti\Paul\Documenti\Regedit [2012/11/03 14:12:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eSpeak [2012/11/03 14:12:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\eSpeak [2012/11/03 13:11:34 | 000,000,000 | ---D | C] -- C:\CepTemp [2012/11/03 05:49:23 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\{4E71E243-27AA-46B3-9735-F952AC738221} [2012/11/02 20:36:54 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\WildBit Viewer [2012/11/01 19:35:51 | 000,000,000 | RH-D | C] -- C:\ESD [2012/10/30 05:19:08 | 000,000,000 | ---D | C] -- C:\NST [2012/10/30 05:15:47 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EasyBCD [2012/10/30 05:14:12 | 000,000,000 | ---D | C] -- C:\BCD_Back [2012/10/28 16:24:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Centro gestione Mouse e Tastiere Microsoft [2012/10/28 16:22:41 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Mouse and Keyboard Center [2012/10/28 10:48:22 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartEd Lite [2012/10/28 10:07:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NeoSmart Technologies [2012/10/28 09:58:54 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Local\NeoSmart_Technologies [2012/10/28 07:16:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2012/10/28 07:15:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2012/10/28 07:09:41 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2012/10/26 20:13:00 | 000,000,000 | -H-D | C] -- C:\SkyDriveTemp [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012/11/25 15:08:38 | 002,064,206 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI [2012/11/25 15:08:38 | 000,897,946 | ---- | M] () -- C:\WINDOWS\SysNative\perfh010.dat [2012/11/25 15:08:38 | 000,804,122 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat [2012/11/25 15:08:38 | 000,195,368 | ---- | M] () -- C:\WINDOWS\SysNative\perfc010.dat [2012/11/25 15:08:38 | 000,166,122 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat [2012/11/25 15:05:50 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012/11/25 15:04:33 | 000,000,376 | ---- | M] () -- C:\Users\Paul\AppData\Roaming\sp_data.sys [2012/11/25 15:03:41 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys [2012/11/25 15:03:38 | 3415,941,120 | -HS- | M] () -- C:\hiberfil.sys [2012/11/25 15:01:08 | 000,000,098 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\etc\Hosts [2012/11/25 12:06:21 | 000,001,146 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2012/11/25 12:06:21 | 000,001,142 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012/11/25 11:58:42 | 001,892,929 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\N360x64\1402000.013\Cat.DB [2012/11/24 16:43:40 | 000,001,720 | ---- | M] () -- C:\{9C9295E7-21BD-49A1-8CEF-3F1AE03B965F} [2012/11/24 16:32:11 | 000,001,294 | ---- | M] () -- C:\Users\Paul\Desktop\File di installazione Norton.lnk [2012/11/24 16:31:38 | 000,002,620 | ---- | M] () -- C:\WINDOWS\SysNative\AutoRunFilter.ini [2012/11/24 16:30:09 | 000,013,946 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\N360x64\1402000.013\VT20121114.016 [2012/11/24 16:28:46 | 000,177,312 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\SYMEVENT64x86.SYS [2012/11/24 16:28:46 | 000,007,466 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\SYMEVENT64x86.CAT [2012/11/24 16:28:46 | 000,000,855 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\SYMEVENT64x86.INF [2012/11/24 10:08:00 | 000,463,512 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT [2012/11/24 08:28:07 | 000,053,248 | ---- | M] () -- D:\Utenti\Paul\Documenti\EasyBCD Backup (2012-11-24).bcd [2012/11/19 14:01:31 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf [2012/11/18 21:10:42 | 000,000,790 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012/11/18 18:59:39 | 000,001,146 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012/11/18 16:13:32 | 000,026,673 | ---- | M] () -- C:\WINDOWS\diagwrn.xml [2012/11/18 16:13:32 | 000,026,673 | ---- | M] () -- C:\WINDOWS\diagerr.xml [2012/11/18 16:13:15 | 000,022,928 | ---- | M] () -- C:\WINDOWS\SysNative\emptyregdb.dat [2012/11/18 15:57:13 | 002,000,694 | ---- | M] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI [2012/11/18 15:55:35 | 000,000,000 | ---- | M] () -- C:\WINDOWS\ativpsrm.bin [2012/11/18 15:55:35 | 000,000,000 | ---- | M] () -- C:\WINDOWS\SysNative\atiicdxx.dat [2012/11/18 15:51:01 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2012/11/18 15:16:13 | 000,009,920 | -H-- | M] () -- C:\WINDOWS\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/11/18 15:16:13 | 000,009,920 | -H-- | M] () -- C:\WINDOWS\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/11/18 15:08:01 | 000,327,680 | ---- | M] () -- C:\WINDOWS\SysNative\Ikeext.etl [2012/11/18 11:31:24 | 000,001,267 | -H-- | M] () -- C:\WINDOWS\EPMBatch.ept [2012/11/18 05:16:02 | 000,001,574 | ---- | M] () -- C:\WINDOWS\SysNative\ServiceFilter.ini [2012/11/17 00:40:24 | 000,000,983 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk [2012/11/11 00:15:29 | 000,001,746 | ---- | M] () -- C:\Users\Public\Desktop\PCmover Windows 7 Upgrade Assistant.lnk [2012/11/11 00:09:56 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2012/11/03 17:57:09 | 000,000,658 | ---- | M] () -- C:\Users\Paul\Desktop\Balabolka.lnk [2012/11/02 16:25:03 | 000,003,584 | ---- | M] () -- C:\Users\Paul\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012/10/31 02:28:36 | 000,000,450 | -H-- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for Paul.job [2012/10/30 03:42:20 | 000,028,672 | ---- | M] () -- D:\Utenti\Paul\Documenti\EasyBCD Backup (2012-10-30).bcd [2012/10/28 16:24:24 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_point64_01011.Wdf [2012/10/28 16:24:23 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\MsftWdf_Kernel_01011_Coinstaller_Critical.Wdf [2012/10/28 10:48:23 | 000,000,704 | ---- | M] () -- C:\Users\Paul\Desktop\StartEd Lite.lnk [2012/10/28 10:18:19 | 000,028,672 | ---- | M] () -- D:\Utenti\Paul\Documenti\EasyBCD Backup (2012-10-28).bcd [2012/10/28 10:07:26 | 000,000,882 | ---- | M] () -- C:\Users\Public\Desktop\EasyBCD 2.2.lnk [2012/10/27 18:12:11 | 000,019,256 | ---- | M] () -- C:\Users\Paul\Desktop\bookmarks-2012-10-27.json [2012/10/27 18:11:36 | 000,036,639 | ---- | M] () -- C:\Users\Paul\Desktop\bookmarks27102012.html [2012/10/27 16:35:24 | 000,000,017 | ---- | M] () -- C:\WINDOWS\SysWow64\shortcut_ex.dat [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012/11/24 16:43:40 | 000,001,720 | ---- | C] () -- C:\{9C9295E7-21BD-49A1-8CEF-3F1AE03B965F} [2012/11/24 16:23:22 | 000,001,294 | ---- | C] () -- C:\Users\Paul\Desktop\File di installazione Norton.lnk [2012/11/24 08:28:07 | 000,053,248 | ---- | C] () -- D:\Utenti\Paul\Documenti\EasyBCD Backup (2012-11-24).bcd [2012/11/21 15:05:19 | 000,000,992 | ---- | C] () -- C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AgentRansack.lnk [2012/11/19 23:28:57 | 000,031,841 | ---- | C] () -- C:\WINDOWS\ProfessionalWMC.xml [2012/11/19 14:01:31 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf [2012/11/18 22:05:43 | 000,463,512 | ---- | C] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT [2012/11/18 21:10:41 | 000,000,790 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012/11/18 18:59:39 | 000,001,146 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012/11/18 17:15:16 | 000,361,934 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml [2012/11/18 17:15:03 | 000,110,592 | ---- | C] () -- C:\WINDOWS\SysNative\OEMLicense.dll [2012/11/18 17:15:03 | 000,083,968 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll [2012/11/18 16:31:36 | 000,001,409 | ---- | C] () -- C:\Users\Paul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2012/11/18 16:13:15 | 000,022,928 | ---- | C] () -- C:\WINDOWS\SysNative\emptyregdb.dat [2012/11/18 15:58:17 | 000,026,673 | ---- | C] () -- C:\WINDOWS\diagwrn.xml [2012/11/18 15:58:17 | 000,026,673 | ---- | C] () -- C:\WINDOWS\diagerr.xml [2012/11/18 15:57:13 | 002,000,694 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI [2012/11/18 15:55:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin [2012/11/18 15:55:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SysNative\atiicdxx.dat [2012/11/18 15:53:45 | 268,435,456 | -HS- | C] () -- C:\swapfile.sys [2012/11/17 13:06:24 | 000,001,267 | -H-- | C] () -- C:\WINDOWS\EPMBatch.ept [2012/11/17 00:40:24 | 000,000,983 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk [2012/11/10 20:44:33 | 000,001,746 | ---- | C] () -- C:\Users\Public\Desktop\PCmover Windows 7 Upgrade Assistant.lnk [2012/11/03 17:57:09 | 000,000,658 | ---- | C] () -- C:\Users\Paul\Desktop\Balabolka.lnk [2012/11/02 16:17:01 | 000,003,584 | ---- | C] () -- C:\Users\Paul\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012/10/30 03:42:20 | 000,028,672 | ---- | C] () -- D:\Utenti\Paul\Documenti\EasyBCD Backup (2012-10-30).bcd [2012/10/28 16:24:24 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_point64_01011.Wdf [2012/10/28 16:24:23 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\MsftWdf_Kernel_01011_Coinstaller_Critical.Wdf [2012/10/28 10:48:23 | 000,000,704 | ---- | C] () -- C:\Users\Paul\Desktop\StartEd Lite.lnk [2012/10/28 10:18:19 | 000,028,672 | ---- | C] () -- D:\Utenti\Paul\Documenti\EasyBCD Backup (2012-10-28).bcd [2012/10/28 10:07:26 | 000,000,882 | ---- | C] () -- C:\Users\Public\Desktop\EasyBCD 2.2.lnk [2012/10/27 18:12:11 | 000,019,256 | ---- | C] () -- C:\Users\Paul\Desktop\bookmarks-2012-10-27.json [2012/10/27 18:11:36 | 000,036,639 | ---- | C] () -- C:\Users\Paul\Desktop\bookmarks27102012.html [2012/10/27 16:35:24 | 000,000,017 | ---- | C] () -- C:\WINDOWS\SysWow64\shortcut_ex.dat [2012/09/10 22:17:30 | 000,000,270 | -H-- | C] () -- C:\WINDOWS\sysreg.dat [2012/07/27 01:22:05 | 000,001,152 | ---- | C] () -- C:\Users\Paul\.swfinfo [2012/07/26 09:13:10 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat [2012/07/26 09:13:09 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT [2012/07/26 08:21:26 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2012/07/26 02:17:42 | 000,043,520 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll [2012/07/25 21:37:29 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin [2012/07/25 21:28:31 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll [2012/07/10 20:40:32 | 002,468,520 | ---- | C] () -- C:\WINDOWS\SysWow64\BootMan.exe [2012/07/10 20:40:32 | 000,086,408 | ---- | C] () -- C:\WINDOWS\SysWow64\setupempdrv03.exe [2012/07/10 20:40:32 | 000,019,840 | ---- | C] () -- C:\WINDOWS\SysWow64\EuEpmGdi.dll [2012/07/10 20:40:32 | 000,014,216 | ---- | C] () -- C:\WINDOWS\SysWow64\epmntdrv.sys [2012/07/10 20:40:32 | 000,008,456 | ---- | C] () -- C:\WINDOWS\SysWow64\EuGdiDrv.sys [2012/07/07 17:43:21 | 000,109,488 | ---- | C] () -- C:\WINDOWS\123w.exe [2012/07/07 17:33:52 | 000,012,971 | ---- | C] () -- C:\WINDOWS\123r5.ini [2012/07/07 17:33:52 | 000,000,999 | ---- | C] () -- C:\WINDOWS\lotus.ini [2012/07/02 21:12:31 | 000,007,605 | ---- | C] () -- C:\Users\Paul\AppData\Local\Resmon.ResmonCfg [2012/06/24 08:27:59 | 000,111,932 | ---- | C] () -- C:\WINDOWS\SysWow64\EPPICPrinterDB.dat [2012/06/24 08:27:59 | 000,031,053 | ---- | C] () -- C:\WINDOWS\SysWow64\EPPICPattern131.dat [2012/06/24 08:27:59 | 000,027,417 | ---- | C] () -- C:\WINDOWS\SysWow64\EPPICPattern121.dat [2012/06/24 08:27:59 | 000,024,903 | ---- | C] () -- C:\WINDOWS\SysWow64\EPPICPattern3.dat [2012/06/24 08:27:59 | 000,021,390 | ---- | C] () -- C:\WINDOWS\SysWow64\EPPICPattern5.dat [2012/06/24 08:27:59 | 000,020,148 | ---- | C] () -- C:\WINDOWS\SysWow64\EPPICPattern2.dat [2012/06/24 08:27:59 | 000,011,811 | ---- | C] () -- C:\WINDOWS\SysWow64\EPPICPattern4.dat [2012/06/24 08:27:59 | 000,004,943 | ---- | C] () -- C:\WINDOWS\SysWow64\EPPICPattern6.dat [2012/06/24 08:27:59 | 000,001,146 | ---- | C] () -- C:\WINDOWS\SysWow64\EPPICPresetData_DU.dat [2012/06/24 08:27:59 | 000,001,139 | ---- | C] () -- C:\WINDOWS\SysWow64\EPPICPresetData_PT.dat [2012/06/24 08:27:59 | 000,001,139 | ---- | C] () -- C:\WINDOWS\SysWow64\EPPICPresetData_BP.dat [2012/06/24 08:27:59 | 000,001,136 | ---- | C] () -- C:\WINDOWS\SysWow64\EPPICPresetData_ES.dat [2012/06/24 08:27:59 | 000,001,129 | ---- | C] () -- C:\WINDOWS\SysWow64\EPPICPresetData_FR.dat [2012/06/24 08:27:59 | 000,001,129 | ---- | C] () -- C:\WINDOWS\SysWow64\EPPICPresetData_CF.dat [2012/06/24 08:27:59 | 000,001,120 | ---- | C] () -- C:\WINDOWS\SysWow64\EPPICPresetData_IT.dat [2012/06/24 08:27:59 | 000,001,107 | ---- | C] () -- C:\WINDOWS\SysWow64\EPPICPresetData_GE.dat [2012/06/24 08:27:59 | 000,001,104 | ---- | C] () -- C:\WINDOWS\SysWow64\EPPICPresetData_EN.dat [2012/06/24 08:27:59 | 000,000,097 | ---- | C] () -- C:\WINDOWS\SysWow64\PICSDK.ini [2012/06/24 08:27:58 | 000,026,154 | ---- | C] () -- C:\WINDOWS\SysWow64\EPPICPattern1.dat [2012/06/24 04:18:50 | 000,000,376 | ---- | C] () -- C:\Users\Paul\AppData\Roaming\sp_data.sys [2012/06/23 20:06:35 | 000,034,149 | ---- | C] () -- C:\Users\Paul\Grub Interfaccia grafica per modificare GRUB.htm [2012/06/23 19:21:18 | 000,000,000 | ---- | C] () -- C:\Users\Paul\AppData\Local\prvlcl.dat [2012/06/18 20:10:09 | 000,193,688 | ---- | C] () -- C:\ProgramData\nvModes.dat [2012/06/18 20:10:09 | 000,193,688 | ---- | C] () -- C:\ProgramData\nvModes.001 [2012/06/18 20:10:09 | 000,000,270 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2012/06/18 20:10:09 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2012/06/14 21:25:19 | 000,045,056 | ---- | C] () -- C:\WINDOWS\SysWow64\acovcnt.exe [2012/06/02 15:31:19 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat [2011/10/19 05:26:32 | 000,131,984 | ---- | C] () -- C:\ProgramData\FullRemove.exe [color=#E56717]========== ZeroAccess Check ==========[/color] [2012/11/18 19:07:16 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012/10/11 06:45:39 | 019,789,824 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012/10/11 06:07:29 | 017,560,576 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/07/26 04:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/26 04:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/07/26 04:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] [color=#E56717]========== LOP Check ==========[/color] [2012/09/29 12:48:59 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\AppBooster [2012/07/24 22:26:10 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Ashampoo [2012/06/14 21:30:28 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\ASUS WebStorage [2012/11/06 05:47:32 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Audacity [2012/06/23 19:24:56 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Blackberry Desktop [2012/08/07 12:18:14 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Epson [2012/06/23 19:25:24 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\FMRTEv5 [2012/07/08 02:47:43 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\FreeFileSync [2012/07/28 10:18:41 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Ghostbuster [2012/10/13 20:17:54 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\I2P [2012/09/01 14:59:31 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\ImgBurn [2012/10/07 15:01:21 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\JAM Software [2012/06/24 10:43:08 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\minimem [2012/11/25 03:53:10 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Notepad++ [2012/07/24 05:38:16 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Nuance [2012/06/15 01:01:09 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\OpenOffice.org [2012/07/22 18:55:20 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Panasonic [2012/10/07 06:29:06 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\PDF Software [2012/11/22 00:43:02 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\pdfforge [2012/11/21 23:22:23 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\SoftGrid Client [2012/06/19 20:04:00 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Sports Interactive [2012/08/04 15:59:01 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\T-App [2012/07/09 10:00:15 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\TeraCopy [2012/06/15 00:54:22 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Thunderbird [2012/06/24 09:17:41 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\TP [2012/08/31 17:09:15 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\TuneUp Software [2012/09/27 20:58:34 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\UpdateStar [2012/11/03 05:46:44 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\WildBit Viewer [2012/06/18 21:59:24 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Zeon [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:AC57032B < End of report >