Sometimes my computer works without there is no running program even in background. In fact, by opening the task manager, I notice that the processor runs at around 40%. Typically, a virus or malware starts processes that take up the CPU to 90-99%. But I definitely wanted to also check out my system.
I wanted to do a scan with HiJackThis and OTL and I noticed something in winsock.
I ask for your help in analyzing the log because I'm not an expert and I do not want to risk removing something for nothing.
OTL logfile created on: 25/02/2011 18:07:03 - Run 2
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\Andrea\Desktop\Sicurezza
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy
8,00 Gb Total Physical Memory | 6,00 Gb Available Physical Memory | 78,00% Memory free
16,00 Gb Paging File | 14,00 Gb Available in Paging File | 89,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,61 Gb Total Space | 303,68 Gb Free Space | 65,22% Space Free | Partition Type: NTFS
Drive E: | 931,51 Gb Total Space | 25,42 Gb Free Space | 2,73% Space Free | Partition Type: NTFS
Drive F: | 931,51 Gb Total Space | 467,44 Gb Free Space | 50,18% Space Free | Partition Type: NTFS
Drive G: | 931,51 Gb Total Space | 37,41 Gb Free Space | 4,02% Space Free | Partition Type: NTFS
Drive H: | 931,51 Gb Total Space | 65,23 Gb Free Space | 7,00% Space Free | Partition Type: NTFS
Computer Name: ANDREA-PC | User Name: Andrea | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Andrea\Desktop\Sicurezza\OTL.com (OldTimer Tools)
PRC - C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
PRC - C:\Windows\SysWOW64\nlssrv32.exe (Nalpeiron Ltd.)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
PRC - C:\Program Files (x86)\Winstep\Nexus.exe (Winstep Software Technologies)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac (ArcSoft Inc.)
PRC - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis)
PRC - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
PRC - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
PRC - C:\Program Files (x86)\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe ()
PRC - C:\Windows\vspc1330.exe (Sonix)
PRC - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
PRC - C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
PRC - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
PRC - C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe (SafeNet, Inc)
PRC - C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe (SafeNet, Inc.)
PRC - C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe (SafeNet, Inc.)
PRC - C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe (Nikon Corporation)
PRC - C:\Program Files (x86)\Winstep\WsxService.exe (Winstep Software Technologies)
========== Modules (SafeList) ==========
MOD - C:\Users\Andrea\Desktop\Sicurezza\OTL.com (OldTimer Tools)
MOD - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll (RealNetworks, Inc.)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4974_none_50940634bcb759cb\msvcr90.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4974_none_50940634bcb759cb\msvcp90.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV:64bit: - (HoudiniLicenseServer) -- C:\Windows\SysNative\sesinetd.exe (Side Effects Software Inc.)
SRV:64bit: - (HoudiniServer) -- C:\Windows\SysNative\hserver.exe (Side Effects Software Inc.)
SRV:64bit: - (cFosSpeedS) -- C:\Program Files\cFosSpeed\spd.exe (cFos Software GmbH)
SRV:64bit: - (FLEXnet Licensing Service 64) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Acresso Software Inc.)
SRV:64bit: - (CGVPNCliSrvc) -- C:\Program Files\CyberGhost VPN\CGVPNCliService.exe (mobile concepts GmbH)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
SRV:64bit: - (LBTServ) -- C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe (Logitech, Inc.)
SRV:64bit: - (AMD Reservation Manager) -- C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe (Advanced Micro Devices)
SRV:64bit: - (Diskeeper) -- C:\Program Files\Diskeeper\DkService.exe (Diskeeper Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (nlsX86cc) -- C:\Windows\SysWOW64\nlssrv32.exe (Nalpeiron Ltd.)
SRV - (Futuremark SystemInfo Service) -- C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe (Futuremark Corporation)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirWebService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira GmbH)
SRV - (AntiVirMailService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe (Avira GmbH)
SRV - (AntiVirFirewallService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe (Avira GmbH)
SRV - (afcdpsrv) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis)
SRV - (AODService) -- C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe ()
SRV - (rpcapd) Remote Packet Capture Protocol v.0 (experimental) -- C:\Program Files (x86)\WinPcap\rpcapd.exe (CACE Technologies, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (PSI_SVC_2) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
SRV - (mi-raysat_3dsmax2011_32) -- C:\Program Files (x86)\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe ()
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (AcrSch2Svc) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (SentinelProtectionServer) -- C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe (SafeNet, Inc)
SRV - (SentinelKeysServer) -- C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe (SafeNet, Inc.)
SRV - (SentinelSecurityRuntime) -- C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe (SafeNet, Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (WindowBlinds) -- C:\Program Files (x86)\Stardock\Object Desktop\WindowBlinds\VistaSrv.exe (Stardock Corporation)
SRV - (Winstep Xtreme Service) -- C:\Program Files (x86)\Winstep\WsxService.exe (Winstep Software Technologies)
SRV - (EPSON_PM_RPCV4_01) EPSON V3 Service4(01) -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE (SEIKO EPSON CORPORATION)
========== Driver Services (SafeList) ==========
DRV:64bit: - (cFosSpeed) cFosSpeed for faster Internet connections (NDIS 6) -- C:\Windows\SysNative\drivers\cfosspeed6.sys (cFos Software GmbH)
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (DRIVER_B) -- C:\Windows\SysNative\drivers\DRIVER_BIN64 ()
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (cpuz135) -- C:\Windows\SysNative\drivers\cpuz135_x64.sys (CPUID)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV:64bit: - (AnyDVD) -- C:\Windows\SysNative\drivers\AnyDVD.sys (SlySoft, Inc.)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (oem-drv64) OEM-SLP2.1 Driver (HPD64) -- C:\Windows\SysNative\drivers\oem-drv64.sys (secr9tos)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avfwot) -- C:\Windows\SysNative\drivers\avfwot.sys (Avira GmbH)
DRV:64bit: - (avfwim) -- C:\Windows\SysNative\drivers\avfwim.sys (Avira GmbH)
DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV:64bit: - (L8042Kbd) -- C:\Windows\SysNative\drivers\L8042Kbd.sys (Logitech, Inc.)
DRV:64bit: - (afcdp) -- C:\Windows\SysNative\drivers\afcdp.sys (Acronis)
DRV:64bit: - (tdrpman258) Acronis Try&Decide and Restore Points filter (build 258) -- C:\Windows\SysNative\drivers\tdrpm258.sys (Acronis)
DRV:64bit: - (timounter) -- C:\Windows\SysNative\drivers\timntr.sys (Acronis)
DRV:64bit: - (snapman) -- C:\Windows\SysNative\drivers\snapman.sys (Acronis)
DRV:64bit: - (NPF) -- C:\Windows\SysNative\drivers\npf.sys (CACE Technologies, Inc.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (RimUsb) -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys (Research In Motion Limited)
DRV:64bit: - (WmVirHid) -- C:\Windows\SysNative\drivers\WmVirHid.sys (Logitech Inc.)
DRV:64bit: - (WmHidLo) -- C:\Windows\SysNative\drivers\WmHidLo.sys (Logitech Inc.)
DRV:64bit: - (WmBEnum) -- C:\Windows\SysNative\drivers\WmBEnum.sys (Logitech Inc.)
DRV:64bit: - (WmXlCore) -- C:\Windows\SysNative\drivers\WmXlCore.sys (Logitech Inc.)
DRV:64bit: - (WmFilter) -- C:\Windows\SysNative\drivers\WmFilter.sys (Logitech Inc.)
DRV:64bit: - (cpuz133) -- C:\Windows\SysNative\drivers\cpuz133_x64.sys (Windows ® Win 7 DDK provider)
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (tap0901) -- C:\Windows\SysNative\drivers\tap0901.sys (The OpenVPN Project)
DRV:64bit: - (amdiox64) -- C:\Windows\SysNative\drivers\amdiox64.sys (Advanced Micro Devices)
DRV:64bit: - (SPC1330) USB2.0 PC Camera (SPC1330) -- C:\Windows\SysNative\drivers\spc1330.sys ()
DRV:64bit: - (DKRtWrt) -- C:\Windows\SysNative\drivers\DKRtWrt.sys (Diskeeper Corporation)
DRV:64bit: - (WIBUKEY) -- C:\Windows\SysNative\drivers\WibuKey64.sys (WIBU-SYSTEMS AG)
DRV:64bit: - (BCMH43XX) -- C:\Windows\SysNative\drivers\bcmwlhigh664.sys (Broadcom Corporation)
DRV:64bit: - (phaudlwr) -- C:\Windows\SysNative\drivers\phaudlwr.sys (Philips Applied Technologies)
DRV:64bit: - (Sentinel64) -- C:\Windows\SysNative\drivers\sentinel64.sys (SafeNet, Inc.)
DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ROOTMODEM) -- C:\Windows\SysNative\drivers\rootmdm.sys (Microsoft Corporation)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (MEMSWEEP2) -- C:\Windows\SysNative\C0FB.tmp (Sophos Plc)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (RimVSerPort) -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys (Research in Motion Ltd)
DRV - (AnyDVD) -- C:\Windows\SysWOW64\drivers\AnyDVD.sys (SlySoft, Inc.)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.it/
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "http://www.google.it"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.2
FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:4.0
FF - prefs.js..extensions.enabledItems: [email protected]:3.76
FF - prefs.js..extensions.enabledItems: [email protected]:4.3.2
FF - prefs.js..extensions.enabledItems: [email protected]:0.1
FF - prefs.js..extensions.enabledItems: {01A8CA0A-4C96-465b-A49B-65C46FAD54F9}:6.0
FF - prefs.js..extensions.enabledItems: {8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}:0.16
FF - prefs.js..extensions.enabledItems: {038dc421-b19e-4711-a218-1fd10de9163b}:1.0.0.2
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.13
FF - prefs.js..extensions.enabledItems: {9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}:3.76
FF - HKLM\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2011/01/29 20:33:54 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/02/15 18:25:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/02/19 20:24:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/02/19 10:12:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.5\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011/02/19 10:12:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.5\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
[2010/11/28 14:44:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Andrea\AppData\Roaming\Mozilla\Extensions
[2010/06/01 11:44:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Andrea\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010/11/28 14:44:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Andrea\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2011/02/24 20:22:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\1jo37h64.default\extensions
[2011/02/13 17:13:00 | 000,000,000 | ---D | M] (Add N Edit Cookies) -- C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\1jo37h64.default\extensions\{038dc421-b19e-4711-a218-1fd10de9163b}
[2011/02/08 06:33:37 | 000,000,000 | ---D | M] (FlashGot) -- C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\1jo37h64.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2011/02/19 15:01:59 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\1jo37h64.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2011/02/04 14:22:43 | 000,000,000 | ---D | M] (Live HTTP Headers) -- C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\1jo37h64.default\extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}
[2011/02/19 15:01:59 | 000,000,000 | ---D | M] (ImTranslator) -- C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\1jo37h64.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}
[2010/11/28 14:47:38 | 000,000,000 | ---D | M] (Noia 2.0 (eXtreme)) -- C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\1jo37h64.default\extensions\{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}
[2010/11/28 14:48:20 | 000,000,000 | ---D | M] (Personal Menu) -- C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\1jo37h64.default\extensions\[email protected]
[2011/01/06 15:24:56 | 000,000,000 | ---D | M] (Firesheep) -- C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\1jo37h64.default\extensions\[email protected]
[2010/11/28 14:48:20 | 000,000,000 | ---D | M] (Noia 2.0 eXtreme OPT) -- C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\1jo37h64.default\extensions\[email protected]
[2011/02/24 20:22:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/12/10 19:54:03 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2010/05/31 20:49:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011/01/29 20:33:54 | 000,000,000 | ---D | M] (Adobe Contribute Toolbar) -- C:\PROGRAM FILES (X86)\ADOBE\ADOBE CONTRIBUTE CS5\PLUGINS\FIREFOXPLUGIN\{01A8CA0A-4C96-465B-A49B-65C46FAD54F9}
[2011/02/15 18:25:01 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
[2010/12/10 19:54:00 | 000,025,048 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browserdirprovider.dll
[2010/12/10 19:54:01 | 000,140,248 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\brwsrcmp.dll
[2010/05/31 20:49:44 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/12/10 19:54:02 | 000,066,520 | ---- | M] (mozilla.org) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npnul32.dll
[2011/01/30 14:57:00 | 000,103,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
[2011/02/15 18:24:58 | 000,150,712 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll
[2011/02/19 10:12:52 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
[2011/02/19 10:12:52 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
[2011/02/19 10:12:52 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
[2011/02/19 10:12:52 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
[2011/02/19 10:12:52 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
[2011/02/19 10:12:52 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
[2011/02/19 10:12:52 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
[2011/02/15 18:25:15 | 000,011,776 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll
[2011/02/15 18:24:50 | 000,100,864 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll
[2010/09/20 18:58:32 | 000,001,534 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\creativecommons.xml
[2010/09/20 18:58:32 | 000,000,744 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-it.xml
[2010/09/20 18:58:32 | 000,002,371 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\google.xml
[2010/09/20 18:58:32 | 000,000,825 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\hoepli.xml
[2010/09/20 18:58:32 | 000,001,182 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-it.xml
[2010/09/20 18:58:32 | 000,000,953 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-it.xml
O1 HOSTS File: ([2011/02/13 11:28:44 | 000,002,207 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (IeMonitorBho Class) - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files (x86)\Megaupload\Mega Manager\MegaIEMn.dll (Megaupload Limited)
O2 - BHO: (Microsoft Web Test Recorder 10.0 Helper) - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [PLF1330] C:\Windows\PLF1330.exe (sonix)
O4:64bit: - HKLM..\Run: [Servizio Acronis Scheduler2] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4:64bit: - HKLM..\Run: [spc1330] C:\Windows\vspc1330.exe (Sonix)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BCSSync] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Nikon Transfer Monitor] C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe (Nikon Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKCU..\Run: [Corel Photo Downloader] C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe (Corel, Inc.)
O4 - HKCU..\Run: [Google Update] C:\Users\Andrea\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKCU..\Run: [googletalk] C:\Program Files (x86)\Google\Google Talk\googletalk.exe (Google)
O4 - HKCU..\Run: [Nexus] C:\Program Files (x86)\Winstep\Nexus.exe (Winstep Software Technologies)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9:64bit: - Extra Button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - c:\Program Files (x86)\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (wbsys.dll) - C:\Windows\SysWow64\wbsys.dll (Stardock.Net, Inc)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\SYSTEM32\Userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - Reg Error: Key error. - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
O20:64bit: - Winlogon\Notify\WB: DllName - Reg Error: Key error. - Reg Error: Value error. File not found
O20 - Winlogon\Notify\WBSrv: DllName - C:\Program Files (x86)\Stardock\Object Desktop\WindowBlinds\wbsrv.dll - C:\Program Files (x86)\Stardock\Object Desktop\WindowBlinds\wbsrv.dll (Stardock Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (livessp) - C:\Windows\SysNative\livessp.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\SysWow64\livessp.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/12/08 20:14:12 | 245,540,863 | ---- | M] () - G:\AUTOMATON_TRANSFUSION.iso -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/02/25 15:36:15 | 000,000,000 | ---D | C] -- C:\Users\Andrea\Documents\Mozilla
[2011/02/25 15:36:15 | 000,000,000 | ---D | C] -- C:\Users\Andrea\Documents\.hbrowser
[2011/02/25 15:22:54 | 000,000,000 | ---D | C] -- C:\Program Files\Side Effects Soft
[2011/02/24 16:01:01 | 000,000,000 | ---D | C] -- C:\Windows\keys
[2011/02/24 15:52:37 | 002,545,152 | ---- | C] (Side Effects Software Inc.) -- C:\Windows\SysNative\sesinetd.exe.bak
[2011/02/24 15:52:37 | 002,545,152 | ---- | C] (Side Effects Software Inc.) -- C:\Windows\SysNative\sesinetd.exe
[2011/02/24 15:48:34 | 000,000,000 | ---D | C] -- C:\Users\Andrea\Documents\houdini11.0
[2011/02/24 15:25:04 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Next Limit
[2011/02/24 15:25:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Next Limit
[2011/02/24 15:25:02 | 000,000,000 | ---D | C] -- C:\Users\Andrea\Documents\Maxwell
[2011/02/24 15:24:56 | 000,000,000 | ---D | C] -- C:\Program Files\Next Limit
[2011/02/24 15:17:56 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\Xara
[2011/02/24 15:17:56 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Roaming\MAGIX
[2011/02/24 15:17:56 | 000,000,000 | ---D | C] -- C:\ProgramData\MAGIX
[2011/02/24 15:16:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Xara
[2011/02/24 15:16:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xara
[2011/02/24 15:16:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Xara
[2011/02/24 15:13:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pixologic
[2011/02/24 15:13:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pixologic
[2011/02/23 15:21:48 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Talk
[2011/02/23 15:21:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Talk
[2011/02/23 02:49:42 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2011/02/23 02:49:42 | 000,475,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2011/02/23 02:49:42 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2011/02/23 02:49:41 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2011/02/22 13:57:22 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
[2011/02/22 13:57:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU
[2011/02/22 13:56:56 | 010,915,840 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\libmfxhw32.dll
[2011/02/22 13:56:56 | 010,833,920 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\libmfxsw32.dll
[2011/02/22 13:56:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVS4YOU
[2011/02/21 22:17:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD
[2011/02/21 22:17:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD
[2011/02/21 21:16:20 | 001,643,704 | ---- | C] (cFos Software GmbH) -- C:\Windows\SysNative\drivers\cfosspeed6.sys
[2011/02/21 21:16:20 | 000,000,000 | ---D | C] -- C:\Program Files\cFosSpeed
[2011/02/21 20:50:06 | 000,021,992 | ---- | C] (CPUID) -- C:\Windows\SysNative\drivers\cpuz135_x64.sys
[2011/02/21 20:43:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2011/02/21 20:42:35 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2011/02/21 14:55:18 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Roaming\SIGER STUDIO
[2011/02/20 22:12:29 | 000,000,000 | ---D | C] -- C:\Users\Andrea\.NewTek
[2011/02/20 22:04:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewTek
[2011/02/20 22:03:02 | 000,145,448 | ---- | C] (SafeNet, Inc.) -- C:\Windows\SysNative\drivers\sentinel64.sys
[2011/02/20 22:02:56 | 000,000,000 | ---D | C] -- C:\ProgramData\SafeNet Sentinel
[2011/02/20 22:02:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SafeNet Sentinel
[2011/02/20 22:02:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SafeNet Sentinel
[2011/02/20 22:01:53 | 000,000,000 | ---D | C] -- C:\Users\Andrea\Documents\Downloaded Installations
[2011/02/20 22:01:14 | 000,000,000 | ---D | C] -- C:\Program Files\NewTek
[2011/02/20 21:34:48 | 000,000,000 | ---D | C] -- C:\ProgramData\OptiTex
[2011/02/20 21:34:43 | 000,000,000 | ---D | C] -- C:\Windows\XSxS
[2011/02/20 21:34:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Xenocode
[2011/02/20 21:11:37 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Axialis Software
[2011/02/20 21:11:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Axialis Software
[2011/02/20 21:11:32 | 000,000,000 | R--D | C] -- C:\Users\Andrea\Documents\Axialis Librarian
[2011/02/20 21:11:32 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Roaming\Axialis
[2011/02/20 21:11:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Axialis
[2011/02/20 20:34:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\jv16 PowerTools 2011
[2011/02/20 19:57:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Imandix Cover Pro 0.9.3.0
[2011/02/20 17:10:16 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\Axialis
[2011/02/20 15:57:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Temp
[2011/02/20 15:57:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Graphics
[2011/02/20 15:55:49 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Roaming\Bc
[2011/02/20 15:48:26 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\Bibble Labs
[2011/02/20 15:47:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bibble Labs
[2011/02/20 15:47:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bibble Labs
[2011/02/20 13:46:15 | 000,000,000 | -H-D | C] -- C:\ProgramData\{8ACF4A90-3313-48C4-A875-BE25613AFBF1}
[2011/02/20 13:38:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ChaosGroup
[2011/02/20 13:37:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chaos Group
[2011/02/20 13:37:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Chaos Group
[2011/02/20 13:27:35 | 000,021,504 | ---- | C] (WIBU-SYSTEMS AG) -- C:\Windows\SysNative\WkWin64.lit
[2011/02/20 13:27:35 | 000,021,504 | ---- | C] (WIBU-SYSTEMS AG) -- C:\Windows\SysWow64\WkWin32.lit
[2011/02/20 13:27:34 | 000,451,584 | ---- | C] (WIBU-SYSTEMS AG) -- C:\Windows\SysNative\WibuXpm4J64.dll
[2011/02/20 13:27:34 | 000,430,080 | ---- | C] (WIBU-SYSTEMS AG) -- C:\Windows\SysNative\wibuKJni64.dll
[2011/02/20 13:27:34 | 000,418,304 | ---- | C] (WIBU-SYSTEMS AG) -- C:\Windows\SysNative\WkExt64.dll
[2011/02/20 13:27:34 | 000,356,352 | ---- | C] (WIBU-SYSTEMS AG) -- C:\Windows\SysWow64\WibuXpm4J32.dll
[2011/02/20 13:27:34 | 000,344,576 | ---- | C] (WIBU-SYSTEMS AG) -- C:\Windows\SysWow64\wibuKJni.dll
[2011/02/20 13:27:34 | 000,333,824 | ---- | C] (WIBU-SYSTEMS AG) -- C:\Windows\SysWow64\WkExt32.dll
[2011/02/20 13:27:28 | 000,016,896 | ---- | C] (WIBU-SYSTEMS AG) -- C:\Windows\SysNative\drivers\Wibukey2_64.sys
[2011/02/20 13:27:19 | 000,169,984 | ---- | C] (WIBU-SYSTEMS AG) -- C:\Windows\SysNative\WkWin64.dll
[2011/02/20 13:27:19 | 000,150,528 | ---- | C] (WIBU-SYSTEMS AG) -- C:\Windows\SysWow64\WkWin32.dll
[2011/02/20 13:27:19 | 000,103,224 | ---- | C] (WIBU-SYSTEMS AG) -- C:\Windows\SysNative\drivers\WibuKey64.sys
[2011/02/20 13:25:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WIBU-SYSTEMS
[2011/02/20 13:25:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WIBUKEY
[2011/02/20 12:27:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Advanced Archive Password Recovery
[2011/02/20 12:26:11 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zip Password Recovery Master
[2011/02/20 12:26:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zip Password Recovery Master
[2011/02/20 12:26:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Zip Password Recovery Master
[2011/02/20 11:46:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ElcomSoft
[2011/02/19 21:58:22 | 000,000,000 | ---D | C] -- C:\Users\Andrea\Documents\Presentazioni Corel
[2011/02/19 21:52:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Protexis
[2011/02/19 21:50:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel PaintShop Photo Pro X3
[2011/02/19 21:50:55 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\Corel
[2011/02/19 21:50:44 | 000,000,000 | ---D | C] -- C:\Users\Andrea\Documents\My PSP Files
[2011/02/19 21:49:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Ulead Systems
[2011/02/19 21:49:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Corel
[2011/02/19 21:34:19 | 000,000,000 | ---D | C] -- C:\Users\Andrea\Documents\Mie tavolozze
[2011/02/19 21:33:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Protexis
[2011/02/19 21:33:44 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Roaming\Corel
[2011/02/19 21:28:43 | 000,000,000 | ---D | C] -- C:\Users\Andrea\Documents\Corel
[2011/02/19 21:26:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Corel
[2011/02/19 21:24:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Corel
[2011/02/19 10:12:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011/02/19 10:12:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2011/02/19 10:12:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2011/02/18 21:14:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\S.A.D
[2011/02/18 21:14:17 | 000,000,000 | ---D | C] -- C:\Program Files\CyberGhost VPN
[2011/02/18 20:28:09 | 000,029,696 | ---- | C] (The OpenVPN Project) -- C:\Windows\SysNative\drivers\tap0901.sys
[2011/02/18 15:34:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Inspector File Recovery
[2011/02/18 15:34:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Inspector File Recovery
[2011/02/18 13:58:55 | 000,000,000 | ---D | C] -- C:\Program Files\Recuva
[2011/02/18 13:45:51 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
[2011/02/18 13:45:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JDownloader
[2011/02/16 19:55:24 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Roaming\MAXON
[2011/02/16 15:14:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Hacker 2
[2011/02/16 15:14:59 | 000,000,000 | ---D | C] -- C:\Program Files\Process Hacker 2
[2011/02/16 15:12:21 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps
[2011/02/16 12:25:07 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Roaming\DMCache
[2011/02/16 09:08:40 | 002,411,520 | ---- | C] (Side Effects Software Inc.) -- C:\Windows\SysNative\hserver.exe
[2011/02/15 22:44:53 | 000,000,000 | ---D | C] -- C:\ProgramData\vsosdk
[2011/02/15 18:25:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\xing shared
[2011/02/15 18:24:58 | 000,198,848 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\rmoc3260.dll
[2011/02/15 18:24:49 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5016.dll
[2011/02/15 18:24:49 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5032.dll
[2011/02/15 18:24:48 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll
[2011/02/14 22:14:41 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Roaming\AKVIS LLC
[2011/02/14 21:59:54 | 000,000,000 | R--D | C] -- C:\Users\Andrea\Desktop\PhotoShop Standalone
[2011/02/14 21:54:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Electric Rain
[2011/02/14 21:52:50 | 000,086,016 | ---- | C] (MindVision Software) -- C:\Windows\unvise32.exe
[2011/02/14 21:52:44 | 000,000,000 | ---D | C] -- C:\Windows\Splash Screens
[2011/02/14 21:52:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auto FX Software
[2011/02/14 16:57:15 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Roaming\Alien Skin
[2011/02/14 16:57:15 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\Alien Skin
[2011/02/14 15:34:56 | 000,066,560 | ---- | C] (Nalpeiron Ltd.) -- C:\Windows\SysWow64\nlssrv32.exe
[2011/02/14 15:12:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Alien Skin
[2011/02/14 15:12:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Alien Skin
[2011/02/14 15:12:42 | 000,000,000 | ---D | C] -- C:\Program Files\Alien Skin
[2011/02/14 13:39:13 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\Research In Motion
[2011/02/13 16:34:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Collage Creator
[2011/02/13 16:34:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMS Photo Collage Creator
[2011/02/12 14:28:59 | 000,066,560 | ---- | C] (Nalpeiron Ltd.) -- C:\Windows\SysNative\nlssrv32.exe
[2011/02/11 22:42:00 | 000,000,000 | -H-D | C] -- C:\ProgramData\{13BDCF71-8D1E-4F03-AB17-50DB253031A4}
[2011/02/11 22:41:55 | 000,000,000 | -H-D | C] -- C:\ProgramData\{C8DF6520-3E59-4590-A678-CB275CEADF10}
[2011/02/11 22:41:52 | 000,000,000 | -H-D | C] -- C:\ProgramData\{63B3AF69-722B-4FA9-965F-94DEB1E78796}
[2011/02/11 22:41:46 | 000,000,000 | -H-D | C] -- C:\ProgramData\{83F263BF-0076-4C4C-93DC-A3EA0CEB7184}
[2011/02/11 22:41:43 | 000,000,000 | -H-D | C] -- C:\ProgramData\{BB60AA31-EF33-4542-8C8D-78DC85BFEDC1}
[2011/02/11 22:41:35 | 000,000,000 | -H-D | C] -- C:\ProgramData\{13795121-80CF-4D45-9175-8FD79D18EF7E}
[2011/02/11 22:41:33 | 000,000,000 | -H-D | C] -- C:\ProgramData\{4D790C15-A3FF-476F-9F6C-FA6FF12EFFC3}
[2011/02/11 22:41:25 | 000,000,000 | -H-D | C] -- C:\ProgramData\{682FE305-7958-4875-9B95-34673E7151AD}
[2011/02/11 22:41:23 | 000,000,000 | -H-D | C] -- C:\ProgramData\{E3119013-3906-4E62-8407-060230D405CD}
[2011/02/11 22:41:15 | 000,000,000 | -H-D | C] -- C:\ProgramData\{D9E0EE67-1483-4783-8326-7E411B3B012D}
[2011/02/11 22:41:13 | 000,000,000 | -H-D | C] -- C:\ProgramData\{E25B3CC7-9347-4C9D-9339-1E15F9DA7A07}
[2011/02/11 22:41:06 | 000,000,000 | -H-D | C] -- C:\ProgramData\{E6AF2639-F710-4F5B-8830-95A396FB523F}
[2011/02/11 22:41:04 | 000,000,000 | -H-D | C] -- C:\ProgramData\{E3A665DD-A92C-4869-9411-856C6F971538}
[2011/02/11 22:40:57 | 000,000,000 | -H-D | C] -- C:\ProgramData\{5E083C87-F3C2-42C0-B4DC-F0A0AA28F2DD}
[2011/02/11 22:40:55 | 000,000,000 | -H-D | C] -- C:\ProgramData\{9DE75BC9-6CF5-4972-8A4E-86BAAD477DC6}
[2011/02/11 22:40:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Topaz Labs
[2011/02/11 22:40:44 | 000,000,000 | -H-D | C] -- C:\ProgramData\{8265C354-3D13-4FE5-95C7-65F277FF3041}
[2011/02/11 22:40:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Topaz Labs
[2011/02/11 22:40:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Topaz Labs
[2011/02/11 22:40:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Topaz Labs
[2011/02/11 22:39:03 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\PackageAware
[2011/02/11 21:35:26 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Roaming\onOne Software
[2011/02/11 21:33:16 | 000,227,840 | ---- | C] (Iterated Systems, Inc.) -- C:\Windows\SysWow64\Deco_32.dll
[2011/02/11 21:33:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\onOne Software
[2011/02/11 21:33:08 | 000,000,000 | ---D | C] -- C:\Program Files\onOne Software
[2011/02/11 21:33:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\onOne Software
[2011/02/11 21:33:07 | 000,000,000 | ---D | C] -- C:\ProgramData\onOne Software
[2011/02/08 23:04:18 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011/02/08 23:04:18 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2011/02/08 23:04:17 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011/02/08 23:04:17 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011/02/08 23:04:17 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011/02/08 23:04:17 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011/02/08 23:04:17 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011/02/08 23:04:17 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/02/08 23:04:17 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011/02/08 23:04:17 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011/02/08 23:04:17 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011/02/08 23:04:17 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011/02/08 23:03:33 | 000,264,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\upnp.dll
[2011/02/08 23:03:33 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\upnp.dll
[2011/02/08 23:03:32 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2011/02/08 23:03:31 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\davclnt.dll
[2011/02/08 23:03:31 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wscapi.dll
[2011/02/08 23:03:31 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wscapi.dll
[2011/02/08 23:03:31 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\slwga.dll
[2011/02/08 23:03:31 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\slwga.dll
[2011/02/08 23:03:21 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2011/02/08 23:03:18 | 000,265,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2011/02/08 23:03:18 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2011/02/08 23:03:14 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011/02/08 23:03:14 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011/02/08 23:03:14 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011/02/08 23:03:13 | 005,510,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2011/02/08 23:03:13 | 001,739,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2011/02/08 23:03:12 | 003,957,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2011/02/08 23:03:12 | 003,901,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2011/02/08 23:03:11 | 000,366,080 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2011/02/08 23:03:11 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2011/02/08 23:03:11 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2011/02/08 23:03:11 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2011/02/08 13:42:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wise Registry Cleaner
[2011/02/08 13:35:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wise Disk Cleaner
[2011/02/07 21:06:57 | 000,000,000 | ---D | C] -- C:\Users\Andrea\Documents\3dsMax
[2011/02/07 20:59:41 | 000,000,000 | ---D | C] -- C:\Users\Andrea\Documents\Inventor
[2011/02/07 20:59:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Macrovision Shared
[2011/02/07 20:49:41 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2011/02/07 20:49:41 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2011/02/07 20:49:41 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2011/02/07 20:49:41 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2011/02/07 20:49:40 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2011/02/07 20:49:40 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2011/02/06 13:10:46 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Roaming\TIAB
[2011/02/04 14:47:02 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\Autodesk
[2011/02/04 14:45:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Autodesk Shared
[2011/02/03 20:14:44 | 000,000,000 | ---D | C] -- C:\Users\Andrea\Documents\maya
[2011/02/03 20:14:44 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet
[2011/02/03 19:26:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Alias Shared
[2011/02/03 19:26:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Autodesk
[2011/02/03 19:22:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared
[2011/02/03 19:22:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
[2011/02/03 19:22:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Autodesk Shared
[2011/02/03 19:20:29 | 000,000,000 | ---D | C] -- C:\Program Files\Autodesk
[2011/02/03 19:14:07 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Roaming\Autodesk
[2011/02/03 19:14:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Autodesk
[2011/02/03 19:12:26 | 000,254,528 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2011/02/03 19:12:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2011/02/03 19:00:23 | 000,000,000 | R--D | C] -- C:\Users\Andrea\Desktop\Grafica 3D e Professionale
[2011/02/03 14:28:05 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Roaming\vlc
[2011/02/03 14:08:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 3.1
[2011/02/03 14:08:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Phyton3.1
[2011/02/03 14:02:11 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Roaming\Blender Foundation
[2011/02/03 14:02:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Blender
[2011/01/31 15:08:37 | 000,000,000 | ---D | C] -- C:\ProgramData\SecTaskMan
[2011/01/31 15:07:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Security Task Manager
[2011/01/30 19:09:39 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\AKVIS
[2011/01/30 19:00:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AKVIS
[2011/01/30 18:31:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AKVIS
[2011/01/29 20:47:29 | 000,000,000 | ---D | C] -- C:\ProgramData\ALM
[2011/01/29 20:39:31 | 000,000,000 | ---D | C] -- C:\Users\Andrea\Adobe Flash Builder 4
[2011/01/29 20:34:57 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Adobe
[2011/01/29 20:32:54 | 000,000,000 | R--D | C] -- C:\Users\Andrea\Desktop\Adobe Suite
[2011/01/29 20:30:30 | 000,010,224 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\cdralw2k.sys
[2011/01/29 20:30:30 | 000,010,224 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\cdr4_xp.sys
[2011/01/29 20:30:29 | 000,055,280 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\PxHlpa64.sys
[2011/01/29 20:30:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sonic Shared
[2011/01/29 20:30:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2011/01/29 20:30:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\My Company Name
[2011/01/29 20:26:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS5
[2011/01/29 20:12:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImageShack Uploader
[2011/01/29 20:12:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ImageShack Uploader
[2011/01/29 18:56:44 | 000,000,000 | ---D | C] -- C:\Users\Andrea\AppData\Local\AMD
[2011/01/29 18:56:25 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2011/01/29 18:53:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI
[2011/01/29 18:53:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2011/01/29 18:53:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2011/01/29 18:50:23 | 000,046,136 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdiox64.sys
[2011/01/29 18:49:49 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2011/01/29 14:20:53 | 000,000,000 | R--D | C] -- C:\Users\Andrea\Documents\Documents
[2011/01/27 00:37:20 | 009,085,952 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\atikmdag.sys
[2011/01/27 00:22:18 | 022,295,040 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atio6axx.dll
[2011/01/27 00:00:44 | 000,143,360 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiapfxx.exe
[2011/01/26 23:59:46 | 017,204,736 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atioglxx.dll
[2011/01/26 23:56:14 | 000,479,232 | ---- | C] (AMD) -- C:\Windows\SysNative\atieclxx.exe
[2011/01/26 23:55:36 | 000,203,776 | ---- | C] (AMD) -- C:\Windows\SysNative\atiesrxx.exe
[2011/01/26 23:54:20 | 000,120,320 | ---- | C] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2011/01/26 23:53:54 | 000,356,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\atipdlxx.dll
[2011/01/26 23:53:42 | 000,278,528 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\Oemdspif.dll
[2011/01/26 23:53:36 | 000,016,384 | ---- | C] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2011/01/26 23:53:32 | 000,059,392 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atiedu64.dll
[2011/01/26 23:53:26 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\ati2edxx.dll
[2011/01/26 23:49:44 | 004,105,728 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\SysWow64\atidxx32.dll
[2011/01/26 23:32:46 | 001,208,320 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6v.dll
[2011/01/26 23:32:12 | 001,912,832 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdmv.dll
[2011/01/26 23:27:52 | 000,051,200 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalrt64.dll
[2011/01/26 23:27:50 | 000,046,080 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalrt.dll
[2011/01/26 23:27:42 | 000,044,544 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalcl64.dll
[2011/01/26 23:27:40 | 000,044,032 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalcl.dll
[2011/01/26 23:27:30 | 006,982,144 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticaldd64.dll
[2011/01/26 23:25:50 | 005,580,800 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticaldd.dll
[2011/01/26 23:14:08 | 000,249,856 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxy.dll
[2011/01/26 23:13:56 | 000,014,848 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6pxx.dll
[2011/01/26 23:13:52 | 000,012,800 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiglpxx.dll
[2011/01/26 23:13:52 | 000,012,800 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiglpxx.dll
[2011/01/26 23:13:50 | 000,039,936 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6txx.dll
[2011/01/26 23:13:42 | 000,032,768 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atigktxx.dll
[2011/01/26 23:13:32 | 000,299,520 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmpag.sys
[2011/01/26 23:12:40 | 000,030,720 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiuxpag.dll
[2011/01/26 23:11:46 | 000,053,248 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\ati2erec.dll
[2011/01/26 23:08:46 | 000,053,760 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atimpc64.dll
[2011/01/26 23:08:46 | 000,053,760 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdpcom64.dll
[2011/01/26 23:08:40 | 000,052,736 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atimpc32.dll
[2011/01/26 23:08:40 | 000,052,736 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdpcom32.dll
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/02/25 18:01:00 | 000,001,162 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1547008528-1873345074-567467698-1001UA.job
[2011/02/25 18:01:00 | 000,001,148 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/02/25 17:44:31 | 000,017,168 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/02/25 17:44:31 | 000,017,168 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/02/25 17:42:50 | 004,456,518 | ---- | M] () -- C:\Windows\SysNative\perfh010.dat
[2011/02/25 17:42:50 | 002,033,406 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/02/25 17:42:50 | 001,410,782 | ---- | M] () -- C:\Windows\SysNative\perfc010.dat
[2011/02/25 17:42:50 | 001,346,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/02/25 17:42:50 | 000,006,634 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/02/25 17:39:17 | 005,090,904 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/02/25 17:36:17 | 000,001,144 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/02/25 17:35:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/02/25 16:01:02 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1547008528-1873345074-567467698-1001Core.job
[2011/02/23 15:55:32 | 000,604,300 | ---- | M] () -- C:\Users\Andrea\Documents\LoaderBackup-(2011-02-23).ipd
[2011/02/23 15:55:22 | 021,877,099 | ---- | M] () -- C:\Users\Andrea\Documents\LoaderBackup-(2011-02-23).cab
[2011/02/23 15:44:49 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_RimUsb_AMD64_01009.Wdf
[2011/02/20 20:34:07 | 000,000,022 | -HS- | M] () -- C:\Windows\System5537 Data.Repository
[2011/02/20 20:34:07 | 000,000,022 | -HS- | M] () -- C:\Users\Andrea\AppData\Roaming\Sys2662.Config.Repository.bin
[2011/02/20 16:09:35 | 000,003,764 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys
[2011/02/19 22:07:34 | 000,000,088 | RHS- | M] () -- C:\ProgramData\D8A71230D7.sys
[2011/02/19 21:58:49 | 000,006,144 | ---- | M] () -- C:\Users\Andrea\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/02/18 08:35:42 | 000,001,024 | ---- | M] () -- C:\Windows\SysNative\AutoPartNt.let
[2011/02/18 08:34:36 | 003,705,184 | ---- | M] (Acronis) -- C:\Windows\SysNative\AutoPartNt.exe
[2011/02/17 21:39:22 | 002,545,152 | ---- | M] (Side Effects Software Inc.) -- C:\Windows\SysNative\sesinetd.exe.bak
[2011/02/17 21:39:22 | 002,545,152 | ---- | M] (Side Effects Software Inc.) -- C:\Windows\SysNative\sesinetd.exe
[2011/02/16 09:41:42 | 000,005,012 | ---- | M] () -- C:\Windows\SysNative\hserver.ini
[2011/02/16 09:08:40 | 002,411,520 | ---- | M] (Side Effects Software Inc.) -- C:\Windows\SysNative\hserver.exe
[2011/02/15 18:24:58 | 000,198,848 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\rmoc3260.dll
[2011/02/15 18:24:49 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5016.dll
[2011/02/15 18:24:49 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5032.dll
[2011/02/15 18:24:48 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll
[2011/02/15 18:13:26 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp71.dll
[2011/02/15 18:13:26 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr71.dll
[2011/02/14 22:04:19 | 000,000,007 | ---- | M] () -- C:\Windows\Swift3DPS.INI
[2011/02/12 15:11:12 | 000,007,629 | ---- | M] () -- C:\Users\Andrea\AppData\Local\resmon.resmoncfg
[2011/02/10 21:21:04 | 000,270,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011/02/10 21:21:04 | 000,270,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/02/10 21:19:10 | 000,268,560 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2011/02/09 12:46:08 | 001,643,704 | ---- | M] (cFos Software GmbH) -- C:\Windows\SysNative\drivers\cfosspeed6.sys
[2011/02/04 16:08:08 | 000,066,560 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysWow64\nlssrv32.exe
[2011/02/04 16:08:08 | 000,066,560 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysNative\nlssrv32.exe
[2011/02/03 19:22:40 | 000,001,157 | ---- | M] () -- C:\Users\Andrea\Application Data\Microsoft\Internet Explorer\Quick Launch\Autodesk Maya 2011 64-bit.lnk
[2011/02/03 19:12:26 | 000,254,528 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2011/02/03 16:44:04 | 000,227,840 | ---- | M] (Iterated Systems, Inc.) -- C:\Windows\SysWow64\Deco_32.dll
[2011/02/01 19:13:58 | 000,026,424 | --S- | M] () -- C:\Windows\SysNative\drivers\DRIVER_BIN64
[2011/01/27 00:37:20 | 009,085,952 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\atikmdag.sys
[2011/01/27 00:22:18 | 022,295,040 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atio6axx.dll
[2011/01/27 00:00:48 | 000,145,280 | ---- | M] () -- C:\Windows\SysNative\atiapfxx.blb
[2011/01/27 00:00:44 | 000,143,360 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiapfxx.exe
[2011/01/27 00:00:30 | 000,596,480 | ---- | M] (ATI Technologies Inc. ) -- C:\Windows\SysWow64\aticfx32.dll
[2011/01/26 23:59:46 | 017,204,736 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atioglxx.dll
[2011/01/26 23:59:10 | 000,708,608 | ---- | M] (ATI Technologies Inc. ) -- C:\Windows\SysNative\aticfx64.dll
[2011/01/26 23:56:30 | 000,462,848 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\ATIDEMGX.dll
[2011/01/26 23:56:14 | 000,479,232 | ---- | M] (AMD) -- C:\Windows\SysNative\atieclxx.exe
[2011/01/26 23:55:36 | 000,203,776 | ---- | M] (AMD) -- C:\Windows\SysNative\atiesrxx.exe
[2011/01/26 23:54:20 | 000,120,320 | ---- | M] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2011/01/26 23:54:00 | 000,423,424 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atipdl64.dll
[2011/01/26 23:53:54 | 000,356,352 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\atipdlxx.dll
[2011/01/26 23:53:42 | 000,278,528 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\Oemdspif.dll
[2011/01/26 23:53:36 | 000,016,384 | ---- | M] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2011/01/26 23:53:32 | 000,059,392 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atiedu64.dll
[2011/01/26 23:53:26 | 000,043,520 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\ati2edxx.dll
[2011/01/26 23:49:44 | 004,105,728 | ---- | M] (ATI Technologies Inc. ) -- C:\Windows\SysWow64\atidxx32.dll
[2011/01/26 23:40:02 | 004,847,616 | ---- | M] (ATI Technologies Inc. ) -- C:\Windows\SysNative\atidxx64.dll
[2011/01/26 23:32:46 | 001,208,320 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6v.dll
[2011/01/26 23:32:12 | 001,912,832 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdmv.dll
[2011/01/26 23:32:00 | 003,222,016 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6a.dll
[2011/01/26 23:29:38 | 000,756,736 | ---- | M] () -- C:\Windows\SysNative\atiumd6a.cap
[2011/01/26 23:28:52 | 004,170,752 | ---- | M] (ATI Technologies Inc. ) -- C:\Windows\SysWow64\atiumdag.dll
[2011/01/26 23:27:52 | 000,051,200 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalrt64.dll
[2011/01/26 23:27:50 | 000,046,080 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalrt.dll
[2011/01/26 23:27:42 | 000,044,544 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalcl64.dll
[2011/01/26 23:27:40 | 000,044,032 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalcl.dll
[2011/01/26 23:27:30 | 006,982,144 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticaldd64.dll
[2011/01/26 23:25:50 | 005,580,800 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticaldd.dll
[2011/01/26 23:24:18 | 003,463,680 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdva.dll
[2011/01/26 23:23:50 | 000,756,736 | ---- | M] () -- C:\Windows\SysWow64\atiumdva.cap
[2011/01/26 23:21:58 | 005,316,096 | ---- | M] (ATI Technologies Inc. ) -- C:\Windows\SysNative\atiumd64.dll
[2011/01/26 23:20:46 | 000,058,880 | ---- | M] (AMD) -- C:\Windows\SysNative\coinst.dll
[2011/01/26 23:14:14 | 000,354,304 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiadlxx.dll
[2011/01/26 23:14:08 | 000,249,856 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxy.dll
[2011/01/26 23:13:56 | 000,014,848 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6pxx.dll
[2011/01/26 23:13:52 | 000,012,800 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiglpxx.dll
[2011/01/26 23:13:52 | 000,012,800 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiglpxx.dll
[2011/01/26 23:13:50 | 000,039,936 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6txx.dll
[2011/01/26 23:13:42 | 000,032,768 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atigktxx.dll
[2011/01/26 23:13:32 | 000,299,520 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmpag.sys
[2011/01/26 23:12:46 | 000,039,936 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiuxp64.dll
[2011/01/26 23:12:40 | 000,030,720 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiuxpag.dll
[2011/01/26 23:12:32 | 000,038,400 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiu9p64.dll
[2011/01/26 23:12:24 | 000,028,672 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiu9pag.dll
[2011/01/26 23:11:46 | 000,053,248 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\ati2erec.dll
[2011/01/26 23:08:46 | 000,053,760 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atimpc64.dll
[2011/01/26 23:08:46 | 000,053,760 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdpcom64.dll
[2011/01/26 23:08:40 | 000,052,736 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atimpc32.dll
[2011/01/26 23:08:40 | 000,052,736 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdpcom32.dll
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/02/23 15:55:32 | 000,604,300 | ---- | C] () -- C:\Users\Andrea\Documents\LoaderBackup-(2011-02-23).ipd
[2011/02/23 15:55:22 | 021,877,099 | ---- | C] () -- C:\Users\Andrea\Documents\LoaderBackup-(2011-02-23).cab
[2011/02/23 15:44:49 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_RimUsb_AMD64_01009.Wdf
[2011/02/20 20:34:07 | 000,000,022 | -HS- | C] () -- C:\Windows\System5537 Data.Repository
[2011/02/20 20:34:07 | 000,000,022 | -HS- | C] () -- C:\Users\Andrea\AppData\Roaming\Sys2662.Config.Repository.bin
[2011/02/19 21:53:13 | 000,003,764 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2011/02/19 21:53:13 | 000,000,088 | RHS- | C] () -- C:\ProgramData\D8A71230D7.sys
[2011/02/18 15:34:41 | 000,006,200 | ---- | C] () -- C:\Windows\SysWow64\INT13EXT.VXD
[2011/02/16 09:41:42 | 000,005,012 | ---- | C] () -- C:\Windows\SysNative\hserver.ini
[2011/02/14 22:08:03 | 000,007,698 | ---- | C] () -- C:\Users\Andrea\AppData\Roaming\PS12_panel.log
[2011/02/14 22:04:19 | 000,000,007 | ---- | C] () -- C:\Windows\Swift3DPS.INI
[2011/02/10 20:35:25 | 000,002,134 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Lightroom 3.2 64-bit.lnk
[2011/02/03 19:22:40 | 000,001,157 | ---- | C] () -- C:\Users\Andrea\Application Data\Microsoft\Internet Explorer\Quick Launch\Autodesk Maya 2011 64-bit.lnk
[2011/01/29 21:03:58 | 000,001,159 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mocha for After Effects CS5.lnk
[2011/01/27 00:00:48 | 000,145,280 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb
[2011/01/26 23:29:38 | 000,756,736 | ---- | C] () -- C:\Windows\SysNative\atiumd6a.cap
[2011/01/26 23:23:50 | 000,756,736 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.cap
[2011/01/04 15:41:55 | 000,000,071 | ---- | C] () -- C:\Windows\EPSONCD.INI
[2010/12/21 20:38:02 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Galactic Static
[2010/12/21 20:38:02 | 000,000,268 | RH-- | C] () -- C:\Users\Andrea\AppData\Roaming\Framework
[2010/12/21 20:38:02 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdw.DAT
[2010/12/21 20:36:41 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Fruit
[2010/12/21 20:36:41 | 000,000,268 | RH-- | C] () -- C:\Users\Andrea\AppData\Roaming\Font Book
[2010/12/21 20:36:41 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdu.DAT
[2010/10/14 01:36:44 | 000,179,263 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2010/10/04 14:21:06 | 000,001,540 | ---- | C] () -- C:\Users\Andrea\AppData\Roaming\Rim.Desktop.Exception.log
[2010/10/04 14:17:59 | 000,002,767 | ---- | C] () -- C:\Users\Andrea\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
[2010/09/21 17:50:56 | 000,057,904 | ---- | C] () -- C:\Windows\SysWow64\wbload.dll
[2010/08/14 15:31:12 | 000,000,129 | ---- | C] () -- C:\Users\Andrea\AppData\Roaming\default.rss
[2010/08/14 15:30:58 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010/08/05 15:13:15 | 000,000,097 | ---- | C] () -- C:\Windows\SMM_HCEditor.INI
[2010/08/05 15:10:38 | 000,006,144 | ---- | C] () -- C:\Users\Andrea\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/08/04 13:35:24 | 000,000,193 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
[2010/07/29 17:01:46 | 004,142,592 | ---- | C] () -- C:\Windows\SysWow64\qtintf.dll
[2010/07/09 12:42:58 | 000,000,166 | ---- | C] () -- C:\Windows\ITALIA~2.INI
[2010/06/28 17:06:36 | 000,000,125 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010/06/25 18:03:12 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2010/06/04 14:24:43 | 000,000,008 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010/06/02 15:27:57 | 000,006,616 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/06/01 13:52:58 | 000,022,846 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2010/06/01 11:24:12 | 000,007,629 | ---- | C] () -- C:\Users\Andrea\AppData\Local\resmon.resmoncfg
[2010/06/01 10:42:19 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini
[2010/06/01 10:40:37 | 000,000,041 | ---- | C] () -- C:\Windows\CDER285DEFGIPS.ini
[2010/02/08 06:33:04 | 000,359,320 | ---- | C] () -- C:\Windows\SysWow64\vfprintpthelper.dll
[2010/01/05 02:39:54 | 000,851,968 | ---- | C] () -- C:\Windows\SysWow64\Dll_Volume_Ctrl.dll
[2010/01/05 02:38:56 | 000,015,497 | ---- | C] () -- C:\Windows\spc1330.ini
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2007/04/27 09:43:58 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
========== LOP Check ==========
[2010/09/24 18:19:03 | 000,000,000 | ---D | M] -- C:\Users\Andrea\AppData\Roaming\Acronis
[2011/02/14 22:14:41 | 000,000,000 | ---D | M] -- C:\Users\Andrea\AppData\Roaming\AKVIS LLC
[2011/02/14 17:03:30 | 000,000,000 | ---D | M] -- C:\Users\Andrea\AppData\Roaming\Alien Skin
[2011/02/13 08:59:14 | 000,000,000 | ---D | M] -- C:\Users\Andrea\AppData\Roaming\Autodesk
[2011/02/20 21:11:32 | 000,000,000 | ---D | M] -- C:\Users\Andrea\AppData\Roaming\Axialis
[2011/02/20 15:55:49 | 000,000,000 | ---D | M] -- C:\Users\Andrea\AppData\Roaming\Bc
[2010/11/21 16:55:24 | 000,000,000 | ---D | M] -- C:\Users\Andrea\AppData\Roaming\Blackberry Desktop
[2011/02/03 14:02:11 | 000,000,000 | ---D | M] -- C:\Users\Andrea\AppData\Roaming\Blender Foundation
[2010/10/13 19:40:45 | 000,000,000 | ---D | M] -- C:\Users\Andrea\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/09/27 10:55:52 | 000,000,000 | ---D | M] -- C:\Users\Andrea\AppData\Roaming\DAEMON Tools Lite
[2010/08/04 12:50:48 | 000,000,000 | ---D | M] -- C:\Users\Andrea\AppData\Roaming\Dev-Cpp
[2011/02/16 20:33:29 | 000,000,000 | ---D | M] -- C:\Users\Andrea\AppData\Roaming\DMCache
[2010/10/18 21:02:19 | 000,000,000 | ---D | M] -- C:\Users\Andrea\AppData\Roaming\DriverCure
[2011/02/15 17:49:59 | 000,000,000 | ---D | M] -- C:\Users\Andrea\AppData\Roaming\FileZilla
[2010/09/23 20:35:00 | 000,000,000 | ---D | M] -- C:\Users\Andrea\AppData\Roaming\IcoFX
[2010/06/01 12:46:34 | 000,000,000 | ---D | M] -- C:\Users\Andrea\AppData\Roaming\Leadertech
[2011/02/24 15:17:56 | 000,000,000 | ---D | M] -- C:\Users\Andrea\AppData\Roaming\MAGIX
[2011/02/16 19:55:24 | 000,000,000 | ---D | M] -- C:\Users\Andrea\AppData\Roaming\MAXON
[2010/07/25 16:39:15 | 000,000,000 | ---D | M] -- C:\Users\Andrea\AppData\Roaming\Megaupload
[2010/12/31 11:46:53 | 000,000,000 | ---D | M] -- C:\Users\Andrea\AppData\Roaming\Nikon
[2011/02/14 17:04:35 | 000,000,000 | ---D | M] -- C:\Users\Andrea\AppData\Roaming\onOne Software
[2010/10/18 21:02:19 | 000,000,000 | ---D | M] -- C:\Users\Andrea\AppData\Roaming\ParetoLogic
[2010/10/04 14:21:13 | 000,000,000 | ---D | M] -- C:\Users\Andrea\AppData\Roaming\Research In Motion
[2010/09/22 13:32:46 | 000,000,000 | ---D | M] -- C:\Users\Andrea\AppData\Roaming\Runscanner.net
[2011/02/21 14:55:18 | 000,000,000 | ---D | M] -- C:\Users\Andrea\AppData\Roaming\SIGER STUDIO
[2010/06/01 11:44:14 | 000,000,000 | ---D | M] -- C:\Users\Andrea\AppData\Roaming\Thunderbird
[2011/02/07 17:09:15 | 000,000,000 | ---D | M] -- C:\Users\Andrea\AppData\Roaming\TIAB
[2010/07/29 14:54:54 | 000,000,000 | ---D | M] -- C:\Users\Andrea\AppData\Roaming\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
[2011/02/19 18:50:06 | 000,000,000 | ---D | M] -- C:\Users\Andrea\AppData\Roaming\uTorrent
[2010/10/25 13:06:24 | 000,000,000 | ---D | M] -- C:\Users\Andrea\AppData\Roaming\VSO
[2010/08/12 17:48:55 | 000,000,000 | ---D | M] -- C:\Users\Andrea\AppData\Roaming\Windows Live Writer
[2011/02/18 21:16:53 | 000,032,620 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:FF566C71
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:456A69E6
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:1AAB2E68
< End of report >
Attached Files
-
OTL&HIJT_LOG.zip 24.81KB
94 downloads
Edited by nirvanastarr, 25 February 2011 - 03:35 PM.
Sign In
Create Account
