Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Computer slow down


  • Please log in to reply

#1
Egon32

Egon32

    New Member

  • Member
  • Pip
  • 5 posts
Hi,

my name is Lorenzo. I have noticed a consistent computer slow down during the last two months. When I have run a CHKDSK the computer got stuck. The computer is relatively new, I bought it one year ago. Since then, I had Kaspersky Suite installed. I also tried Kaspersky Removal Tool to get rid of this problem. Recently, I have followed the instructions on a Microsoft forum, and I've run Wise Registry Cleaner. I also have a problem with pop up windows.
I thank you for your attention in advance.

Here is OTL log:

OTL logfile created on: 22/01/2014 13.56.26 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lorenzo\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16476)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

3,82 Gb Total Physical Memory | 2,26 Gb Available Physical Memory | 59,25% Memory free
7,73 Gb Paging File | 5,50 Gb Available in Paging File | 71,16% Paging File free
Paging file location(s): c:\pagefile.sys 4000 8000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 445,85 Gb Total Space | 345,23 Gb Free Space | 77,43% Space Free | Partition Type: NTFS

Computer Name: PC-LORENZO | User Name: Lorenzo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/01/22 13.56.08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Lorenzo\Desktop\OTL.exe
PRC - [2014/01/11 11.29.23 | 000,866,584 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/12/21 07.04.16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/04/25 02.50.20 | 001,075,296 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
PRC - [2012/10/09 00.15.51 | 000,039,808 | ---- | M] (Wacom Technology) -- C:\Programmi\Tablet\Pen\WacomHost.exe
PRC - [2012/08/22 23.04.22 | 000,025,232 | ---- | M] () -- C:\Programmi\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
PRC - [2012/08/22 23.04.20 | 000,044,176 | ---- | M] () -- C:\Programmi\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe


========== Modules (No Company Name) ==========

MOD - [2014/01/11 11.29.21 | 000,399,640 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll
MOD - [2014/01/11 11.29.19 | 013,615,896 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll
MOD - [2014/01/11 11.29.17 | 004,055,320 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\pdf.dll
MOD - [2014/01/11 11.28.15 | 000,715,544 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\libglesv2.dll
MOD - [2014/01/11 11.28.14 | 000,100,120 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\libegl.dll
MOD - [2014/01/11 11.28.11 | 001,634,584 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ffmpegsumo.dll
MOD - [2013/04/25 02.50.52 | 000,108,128 | ---- | M] () -- C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\zlib1.dll
MOD - [2012/08/22 23.04.22 | 000,025,232 | ---- | M] () -- C:\Programmi\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
MOD - [2012/08/22 23.04.20 | 000,044,176 | ---- | M] () -- C:\Programmi\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe


========== Services (SafeList) ==========

SRV:64bit: - [2014/01/07 13.49.01 | 001,302,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2013/11/27 16.36.30 | 003,395,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2013/11/27 10.17.40 | 000,263,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2013/11/23 05.50.00 | 000,282,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/11/14 08.36.05 | 001,584,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2013/11/14 08.36.05 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/11/14 08.36.04 | 000,533,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2013/11/14 08.29.15 | 001,555,456 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013/11/14 08.29.15 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2013/11/14 08.29.14 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2013/08/22 13.31.56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2013/08/22 12.32.02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013/08/22 12.31.43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013/08/22 12.22.45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013/08/22 12.21.15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013/08/22 12.16.57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013/08/22 11.25.28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013/08/22 11.19.28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013/08/22 11.19.28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013/08/22 11.19.28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013/08/22 11.19.28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013/08/22 11.19.28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013/08/22 11.19.28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013/08/22 11.19.28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013/08/22 11.04.53 | 000,716,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2013/08/22 11.02.47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013/08/22 10.59.26 | 000,832,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2013/08/22 10.57.25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013/08/22 10.54.59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013/08/22 10.50.59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/08/22 10.50.00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/08/22 10.45.59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013/08/22 10.40.49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013/08/22 10.40.14 | 000,398,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2013/08/22 10.39.33 | 000,198,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013/08/22 10.31.03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/08/22 10.15.54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV - [2014/01/07 18.51.58 | 000,096,880 | ---- | M] (Dritek System INC.) [Disabled | Stopped] -- C:\Windows\RfBtnSvc64.exe -- (RfButtonDriverService)
SRV - [2013/12/21 07.04.16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/12/17 02.17.18 | 000,627,992 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Programmi\Tablet\Pen\WTabletServiceCon.exe -- (WTabletServiceCon)
SRV - [2013/12/11 09.23.28 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/11/14 08.29.13 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2013/09/16 11.29.40 | 003,273,088 | ---- | M] (Skype Technologies S.A.) [Disabled | Stopped] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013/09/12 18.03.04 | 000,279,024 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2013/09/07 01.52.20 | 000,312,448 | ---- | M] (Windows ® Win 7 DDK provider) [Disabled | Stopped] -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe -- (AtherosSvc)
SRV - [2013/09/05 09.34.30 | 000,171,680 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/09/04 07.53.48 | 000,390,616 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2013/09/04 07.53.42 | 000,169,432 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2013/08/22 13.31.56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2013/08/22 04.55.35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013/08/22 03.53.34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2013/08/01 09.40.36 | 001,364,256 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/07/10 13.41.20 | 002,650,696 | ---- | M] (Acer Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe -- (CCDMonitorService)
SRV - [2013/05/11 17.45.54 | 000,822,232 | ---- | M] (Intel® Corporation) [Disabled | Stopped] -- C:\Programmi\Intel\iCLS Client\SocketHeciServer.exe -- (Intel®
SRV - [2013/05/11 17.45.38 | 000,733,696 | ---- | M] (Intel® Corporation) [Disabled | Stopped] -- C:\Programmi\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV - [2012/11/30 14.54.55 | 000,655,624 | ---- | M] (Acresso Software Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012/08/28 20.01.29 | 000,348,784 | ---- | M] (Dritek System Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2012/08/23 07.24.38 | 000,259,136 | ---- | M] (NTI Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2012/08/23 05.36.28 | 000,468,624 | ---- | M] (Acer Incorporated) [Disabled | Stopped] -- C:\Programmi\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe -- (DeviceFastLaneService)
SRV - [2012/08/23 05.02.36 | 000,658,576 | ---- | M] (Acer Incorporated) [Disabled | Stopped] -- C:\Programmi\Acer\Acer Power Management\ePowerSvc.exe -- (ePowerSvc)
SRV - [2012/07/12 04.10.24 | 000,174,160 | ---- | M] (Egis Technology Inc. ) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe -- (EgisTec Ticket Service)
SRV - [2012/04/24 14.37.56 | 000,169,752 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
SRV - [2010/10/12 18.59.12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/02/19 13.37.14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2008/01/22 18.35.52 | 000,103,808 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE -- (IJPLMSVC)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2014/01/10 10.18.41 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2014/01/07 18.51.23 | 000,026,736 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\aPs2Kb2Hid.sys -- (Ps2Kb2Hid)
DRV:64bit: - [2014/01/07 13.49.02 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2014/01/07 13.49.01 | 000,372,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2014/01/07 13.49.01 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2014/01/07 13.49.01 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2014/01/07 13.49.01 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2013/12/15 00.34.54 | 000,039,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2013/11/14 08.36.03 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2013/11/14 08.29.13 | 000,467,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013/11/14 08.29.13 | 000,236,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013/11/14 08.29.13 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2013/11/14 08.25.07 | 000,136,536 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2013/11/14 08.16.55 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013/11/14 08.16.52 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013/11/12 01.16.02 | 000,014,136 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hidkmdf.sys -- (hidkmdf)
DRV:64bit: - [2013/11/11 16.16.02 | 000,090,424 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wachidrouter.sys -- (WacHidRouter)
DRV:64bit: - [2013/11/11 16.16.02 | 000,015,160 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacomrouterfilter.sys -- (wacomrouterfilter)
DRV:64bit: - [2013/09/10 01.41.08 | 000,449,528 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2013/09/10 01.35.42 | 004,170,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2013/09/07 01.29.14 | 000,594,120 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2013/09/07 01.29.14 | 000,338,120 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2013/09/07 01.29.14 | 000,179,432 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2013/09/07 01.29.14 | 000,137,928 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2013/09/07 01.29.14 | 000,116,424 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt)
DRV:64bit: - [2013/09/07 01.29.14 | 000,089,800 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2013/09/07 01.29.14 | 000,077,464 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2013/09/07 01.29.14 | 000,034,384 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2013/09/06 13.00.02 | 000,370,504 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2013/09/05 02.37.00 | 000,030,496 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2013/09/04 07.53.44 | 000,099,288 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverx64.sys -- (MEIx64)
DRV:64bit: - [2013/08/28 20.41.52 | 000,034,544 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:64bit: - [2013/08/22 23.51.12 | 000,026,008 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2013/08/22 14.25.40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/22 14.25.40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 13.50.19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/22 13.49.54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 13.49.33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/22 13.43.49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 13.43.48 | 000,146,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2013/08/22 13.43.48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 13.43.45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 13.43.45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 13.43.45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 13.43.45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 13.43.44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 13.43.41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 13.43.41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 13.43.41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 13.43.41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 13.43.41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 13.43.40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 13.43.40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 13.43.40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 13.43.34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 13.43.33 | 000,189,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2013/08/22 13.43.33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 13.43.32 | 000,078,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2013/08/22 13.43.32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 13.43.31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 13.43.31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 13.43.31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 13.41.08 | 000,054,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2013/08/22 13.39.44 | 000,377,696 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2013/08/22 13.39.15 | 000,924,512 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2013/08/22 13.39.15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 13.37.27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013/08/22 13.36.12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 13.34.22 | 000,265,056 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013/08/22 13.34.22 | 000,124,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2013/08/22 13.31.28 | 000,034,760 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013/08/22 12.39.54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013/08/22 12.39.31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 12.39.28 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2013/08/22 12.39.20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 12.39.06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 12.38.58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 12.38.48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 12.38.39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 12.38.26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 12.38.23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 12.38.22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 12.38.16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 12.37.49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 12.37.46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/08/22 12.37.42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013/08/22 12.37.28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 12.37.28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 12.37.14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 12.36.43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013/08/22 12.36.37 | 000,224,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2013/08/22 12.36.25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 12.36.17 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2013/08/22 12.36.07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013/08/22 12.35.42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013/08/22 09.46.33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/13 00.25.46 | 000,017,624 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/10 01.39.30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/07/30 19.47.35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/25 20.05.39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013/07/23 18.23.08 | 000,059,088 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bScsiMSa.sys -- (bScsiMSa)
DRV:64bit: - [2013/07/19 14.26.32 | 000,082,128 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bScsiSDa.sys -- (bScsiSDa)
DRV:64bit: - [2013/07/10 14.30.54 | 000,072,912 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57xdbd.sys -- (b57xdbd)
DRV:64bit: - [2013/07/10 14.30.54 | 000,025,296 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57xdmp.sys -- (b57xdmp)
DRV:64bit: - [2013/06/18 15.45.14 | 000,425,984 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2013/06/18 15.45.02 | 003,680,256 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athw8x.sys -- (athr)
DRV:64bit: - [2012/11/02 04.41.38 | 000,062,776 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2012/11/02 04.41.38 | 000,022,648 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2012/11/02 04.41.38 | 000,020,520 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2012/07/09 22.43.12 | 000,645,952 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2010/07/09 04.51.38 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2010/04/20 03.35.14 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {40573663-2193-4728-BB8D-1E1977C6F2D4}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{40573663-2193-4728-BB8D-1E1977C6F2D4}: "URL" = http://www.bing.com/...E10TR&pc=MAARJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {40573663-2193-4728-BB8D-1E1977C6F2D4}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{40573663-2193-4728-BB8D-1E1977C6F2D4}: "URL" = http://www.bing.com/...E10TR&pc=MAARJS

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\URLSearchHook: {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {40573663-2193-4728-BB8D-1E1977C6F2D4}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.3: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.3: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)


[2013/12/04 10.10.07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013/12/04 10.10.07 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2014/01/08 08.39.32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2013/12/04 10.10.06 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
CHR - Extension: Google Drive = C:\Users\Lorenzo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Lorenzo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Adblock Plus = C:\Users\Lorenzo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.2_0\
CHR - Extension: Ricerca Google = C:\Users\Lorenzo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Wallet = C:\Users\Lorenzo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\
CHR - Extension: Gmail = C:\Users\Lorenzo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2013/08/22 14.25.41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (greatsiaver) - {A1BAD648-9661-EB11-26B3-3724C7BE8CAE} - C:\Program Files (x86)\greatsiaver\dZ_c4.x64.dll ()
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found.
O2 - BHO: (greatsiaver) - {A1BAD648-9661-EB11-26B3-3724C7BE8CAE} - C:\Program Files (x86)\greatsiaver\dZ_c4.dll ()
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Programmi\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Adobe Creative Cloud] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BambooCore] C:\Program Files (x86)\Bamboo Dock\BambooCore.exe ()
O4 - HKLM..\Run: [Dolby Home Theater v4] C:\Dolby PCEE4\pcee4.exe (Dolby Laboratories Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKCU..\Run: [SanDiskSecureAccess_Manager.exe] C:\Users\Lorenzo\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe (Gemalto N.V.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: BtvStack = "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" (Atheros Communications)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DA7872F0-7A7F-4458-90DF-73C13DFA80A9}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20:64bit: - AppInit_DLLs: (C:\WINDOWS\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\WINDOWS\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 0
O33 - MountPoints2\{7a0ccfa9-79be-11e3-8194-689423c52362}\Shell - "" = AutoRun
O33 - MountPoints2\{7a0ccfa9-79be-11e3-8194-689423c52362}\Shell\AutoRun\command - "" = "E:\Gnomon_Workshop.exe"
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/01/22 13.56.06 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Lorenzo\Desktop\OTL.exe
[2014/01/20 21.22.22 | 000,000,000 | ---D | C] -- C:\Users\Lorenzo\Desktop\Font
[2014/01/20 14.40.25 | 000,000,000 | ---D | C] -- C:\Users\Lorenzo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaHuman
[2014/01/20 14.40.23 | 000,000,000 | ---D | C] -- C:\Users\Lorenzo\AppData\Local\MediaHuman
[2014/01/20 14.40.23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MediaHuman
[2014/01/20 13.08.25 | 000,000,000 | ---D | C] -- C:\ProgramData\greatsiaver
[2014/01/20 13.08.24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\greatsiaver
[2014/01/20 13.08.15 | 000,000,000 | ---D | C] -- C:\Users\Lorenzo\AppData\Local\Torch
[2014/01/20 13.08.15 | 000,000,000 | ---D | C] -- C:\Users\Lorenzo\AppData\Local\Comodo
[2014/01/20 13.08.15 | 000,000,000 | ---D | C] -- C:\ProgramData\af2a2fb36f296d7d
[2014/01/19 19.46.59 | 000,000,000 | ---D | C] -- C:\Users\Lorenzo\AppData\Local\Apple Computer
[2014/01/17 10.02.44 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom
[2014/01/17 10.00.10 | 000,000,000 | ---D | C] -- C:\Users\Lorenzo\AppData\Roaming\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1
[2014/01/17 09.59.56 | 000,000,000 | ---D | C] -- C:\ProgramData\Wacom
[2014/01/17 09.59.56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bamboo Dock
[2014/01/17 09.59.17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bamboo Dock
[2014/01/17 09.58.49 | 000,000,000 | ---D | C] -- C:\Users\Lorenzo\AppData\Roaming\WTablet
[2014/01/17 09.58.34 | 000,000,000 | ---D | C] -- C:\Program Files\TabletPlugins
[2014/01/17 09.58.34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TabletPlugins
[2014/01/17 09.58.26 | 000,015,160 | ---- | C] (Wacom Technology) -- C:\WINDOWS\SysNative\drivers\wacomrouterfilter.sys
[2014/01/17 09.58.22 | 000,090,424 | ---- | C] (Wacom Technology) -- C:\WINDOWS\SysNative\drivers\wachidrouter.sys
[2014/01/17 09.58.15 | 001,906,968 | ---- | C] (Wacom Technology, Corp.) -- C:\WINDOWS\SysNative\Pen_Touch_Tablet.dll
[2014/01/17 09.58.15 | 001,544,472 | ---- | C] (Wacom Technology, Corp.) -- C:\WINDOWS\SysWow64\Pen_Touch_Tablet.dll
[2014/01/17 09.58.14 | 001,780,504 | ---- | C] (Wacom Technology, Corp.) -- C:\WINDOWS\SysNative\WacomMT.dll
[2014/01/17 09.58.14 | 001,778,968 | ---- | C] (Wacom Technology, Corp.) -- C:\WINDOWS\SysNative\Wintab32.dll
[2014/01/17 09.58.14 | 001,551,640 | ---- | C] (Wacom Technology, Corp.) -- C:\WINDOWS\SysWow64\Pen_Tablet.dll
[2014/01/17 09.58.14 | 001,432,344 | ---- | C] (Wacom Technology, Corp.) -- C:\WINDOWS\SysWow64\WacomMT.dll
[2014/01/17 09.58.14 | 001,428,248 | ---- | C] (Wacom Technology, Corp.) -- C:\WINDOWS\SysWow64\Wintab32.dll
[2014/01/17 09.58.13 | 001,913,624 | ---- | C] (Wacom Technology, Corp.) -- C:\WINDOWS\SysNative\Pen_Tablet.dll
[2014/01/16 11.22.36 | 000,000,000 | ---D | C] -- C:\Users\Lorenzo\AppData\Roaming\Wise Registry Cleaner
[2014/01/16 11.21.04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Registry Cleaner
[2014/01/16 11.21.03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wise
[2014/01/16 11.12.00 | 000,000,000 | ---D | C] -- C:\ProgramData\ALM
[2014/01/12 19.10.24 | 000,000,000 | ---D | C] -- C:\Users\Lorenzo\Desktop\helmet design
[2014/01/12 12.51.13 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\NV
[2014/01/12 12.51.13 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\NV
[2014/01/11 17.56.05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDjView
[2014/01/11 17.56.03 | 000,000,000 | ---D | C] -- C:\Program Files\WinDjView
[2014/01/11 12.00.05 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2014/01/11 12.00.00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2014/01/11 11.59.34 | 000,000,000 | ---D | C] -- C:\Users\Lorenzo\AppData\Local\Programs
[2014/01/10 20.20.54 | 000,000,000 | ---D | C] -- C:\Users\Lorenzo\AppData\Roaming\Apple Computer
[2014/01/10 16.12.31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2014/01/10 16.12.26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2014/01/10 16.12.26 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2014/01/10 16.11.21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2014/01/10 16.11.15 | 000,000,000 | ---D | C] -- C:\Users\Lorenzo\AppData\Local\Apple
[2014/01/10 16.11.12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2014/01/10 16.11.12 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2014/01/10 16.10.01 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2014/01/10 10.18.58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2014/01/10 10.18.41 | 000,283,064 | ---- | C] (Disc Soft Ltd) -- C:\WINDOWS\SysNative\drivers\dtsoftbus01.sys
[2014/01/10 10.18.38 | 000,000,000 | ---D | C] -- C:\Users\Lorenzo\AppData\Roaming\DAEMON Tools Lite
[2014/01/10 10.18.37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2014/01/10 10.16.35 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2014/01/09 09.50.59 | 000,000,000 | R--D | C] -- C:\WINDOWS\BrowserChoice
[2014/01/08 14.28.06 | 000,000,000 | --SD | C] -- C:\Users\Lorenzo\Documents\Passwords Database
[2014/01/08 14.16.30 | 000,000,000 | ---D | C] -- C:\KAV
[2014/01/08 08.38.51 | 000,000,000 | ---D | C] -- C:\Users\Lorenzo\AppData\Local\Intel_Corporation
[2014/01/07 20.20.38 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2014/01/07 19.08.45 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2014/01/07 18.51.27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RadioController
[2014/01/07 18.51.23 | 000,284,240 | ---- | C] (Dritek System Inc.) -- C:\WINDOWS\UnInstRfBtn.EXE
[2014/01/07 18.51.23 | 000,026,736 | ---- | C] (Dritek System Inc.) -- C:\WINDOWS\SysNative\drivers\aPs2Kb2Hid.sys
[2014/01/07 18.45.55 | 000,000,000 | ---D | C] -- C:\Program Files\Broadcom
[2014/01/07 18.45.14 | 000,000,000 | ---D | C] -- C:\ProgramData\Atheros
[2014/01/07 18.45.12 | 000,000,000 | ---D | C] -- C:\Users\Lorenzo\AppData\Roaming\Atheros
[2014/01/07 18.11.35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\QCA_Bluetooth
[2014/01/07 18.11.32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bluetooth Suite
[2014/01/07 17.58.09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014/01/07 15.14.59 | 000,000,000 | ---D | C] -- C:\Users\Lorenzo\AppData\Local\NVIDIA Corporation
[2014/01/07 14.54.00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2014/01/07 14.52.48 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2014/01/07 14.46.00 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2014/01/07 14.37.53 | 000,000,000 | R--D | C] -- C:\Users\Lorenzo\SkyDrive
[2014/01/07 14.33.29 | 000,000,000 | ---D | C] -- C:\Users\Lorenzo\AppData\Roaming\Identities
[2014/01/07 14.22.48 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Video
[2014/01/07 14.22.48 | 000,000,000 | -HSD | C] -- C:\Programmi
[2014/01/07 14.22.48 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Musica
[2014/01/07 14.22.48 | 000,000,000 | -HSD | C] -- C:\ProgramData\Modelli
[2014/01/07 14.22.48 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Avvio
[2014/01/07 14.22.48 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Immagini
[2014/01/07 14.22.48 | 000,000,000 | -HSD | C] -- C:\Program Files\File comuni
[2014/01/07 14.22.48 | 000,000,000 | -HSD | C] -- C:\ProgramData\Documenti
[2014/01/07 14.22.48 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dati applicazioni
[2014/01/07 14.00.13 | 000,000,000 | -HSD | C] -- C:\Users\Lorenzo\Documents\Video
[2014/01/07 14.00.13 | 000,000,000 | -HSD | C] -- C:\Users\Lorenzo\AppData\Local\Temporary Internet Files
[2014/01/07 14.00.13 | 000,000,000 | -HSD | C] -- C:\Users\Lorenzo\SendTo
[2014/01/07 14.00.13 | 000,000,000 | -HSD | C] -- C:\Users\Lorenzo\Risorse di stampa
[2014/01/07 14.00.13 | 000,000,000 | -HSD | C] -- C:\Users\Lorenzo\Risorse di rete
[2014/01/07 14.00.13 | 000,000,000 | -HSD | C] -- C:\Users\Lorenzo\Recenti
[2014/01/07 14.00.13 | 000,000,000 | -HSD | C] -- C:\Users\Lorenzo\Documents\Musica
[2014/01/07 14.00.13 | 000,000,000 | -HSD | C] -- C:\Users\Lorenzo\Modelli
[2014/01/07 14.00.13 | 000,000,000 | -HSD | C] -- C:\Users\Lorenzo\Menu Avvio
[2014/01/07 14.00.13 | 000,000,000 | -HSD | C] -- C:\Users\Lorenzo\Impostazioni locali
[2014/01/07 14.00.13 | 000,000,000 | -HSD | C] -- C:\Users\Lorenzo\Documents\Immagini
[2014/01/07 14.00.13 | 000,000,000 | -HSD | C] -- C:\Users\Lorenzo\Documenti
[2014/01/07 14.00.13 | 000,000,000 | -HSD | C] -- C:\Users\Lorenzo\Dati applicazioni
[2014/01/07 14.00.13 | 000,000,000 | -HSD | C] -- C:\Users\Lorenzo\AppData\Local\Dati applicazioni
[2014/01/07 14.00.13 | 000,000,000 | -HSD | C] -- C:\Users\Lorenzo\AppData\Local\Cronologia
[2014/01/07 14.00.13 | 000,000,000 | -HSD | C] -- C:\Users\Lorenzo\Cookies
[2014/01/07 14.00.12 | 000,000,000 | --SD | C] -- C:\Users\Lorenzo\AppData\Roaming\Microsoft
[2014/01/07 14.00.12 | 000,000,000 | R--D | C] -- C:\Users\Lorenzo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2014/01/07 14.00.12 | 000,000,000 | R--D | C] -- C:\Users\Lorenzo\Favorites
[2014/01/07 14.00.12 | 000,000,000 | R--D | C] -- C:\Users\Lorenzo\Documents
[2014/01/07 14.00.12 | 000,000,000 | R--D | C] -- C:\Users\Lorenzo\Desktop
[2014/01/07 14.00.12 | 000,000,000 | R--D | C] -- C:\Users\Lorenzo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/01/07 14.00.12 | 000,000,000 | R--D | C] -- C:\Users\Lorenzo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2014/01/07 14.00.12 | 000,000,000 | -H-D | C] -- C:\Users\Lorenzo\AppData
[2014/01/07 14.00.12 | 000,000,000 | ---D | C] -- C:\Users\Lorenzo\AppData\Local\Temp
[2014/01/07 14.00.12 | 000,000,000 | ---D | C] -- C:\Users\Lorenzo\AppData\Local\Microsoft
[2014/01/07 14.00.12 | 000,000,000 | ---D | C] -- C:\Users\Lorenzo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/01/07 13.55.17 | 000,000,000 | ---D | C] -- C:\Program Files\Elantech
[2014/01/07 13.55.09 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\RTCOM
[2014/01/07 13.55.09 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2014/01/07 13.55.06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2014/01/07 13.55.02 | 000,064,000 | ---- | C] (Khronos Group) -- C:\WINDOWS\SysNative\OpenCL.DLL
[2014/01/07 13.55.02 | 000,060,416 | ---- | C] (Khronos Group) -- C:\WINDOWS\SysWow64\OpenCL.DLL
[2014/01/07 13.54.51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel
[2014/01/07 13.53.46 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2014/01/07 13.53.46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2014/01/07 13.53.22 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2014/01/07 13.51.35 | 000,000,000 | -HSD | C] -- C:\Recovery
[2014/01/07 13.51.26 | 000,000,000 | ---D | C] -- C:\WINDOWS\Panther
[2014/01/07 13.45.28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reference Assemblies
[2014/01/07 13.45.28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSBuild
[2014/01/07 13.45.27 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\XPSViewer
[2014/01/07 13.45.27 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2014/01/07 13.45.27 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2014/01/07 10.26.58 | 000,000,000 | ---D | C] -- C:\Users\Lorenzo\AppData\Roaming\wacomid-desktop-launcher
[2014/01/07 10.26.53 | 000,000,000 | ---D | C] -- C:\Users\Lorenzo\AppData\Roaming\Wacom
[2014/01/07 10.24.43 | 000,014,136 | ---- | C] (Windows ® Win 7 DDK provider) -- C:\WINDOWS\SysNative\drivers\hidkmdf.sys
[2014/01/07 10.09.26 | 000,000,000 | ---D | C] -- C:\Users\Lorenzo\AppData\Local\ElevatedDiagnostics
[2014/01/06 21.09.32 | 000,000,000 | ---D | C] -- C:\Program Files\Tablet
[2013/12/29 10.48.11 | 000,000,000 | ---D | C] -- C:\Users\Lorenzo\Desktop\Canada
[4 C:\WINDOWS\SysNative\*.tmp files -> C:\WINDOWS\SysNative\*.tmp -> ]
[2 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/01/22 13.56.08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Lorenzo\Desktop\OTL.exe
[2014/01/22 13.08.00 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/01/22 13.04.07 | 000,001,174 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/22 12.07.44 | 013,718,675 | ---- | M] () -- C:\Users\Lorenzo\Desktop\wwoof.ai
[2014/01/22 10.36.49 | 001,813,012 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014/01/22 10.36.49 | 000,803,564 | ---- | M] () -- C:\WINDOWS\SysNative\perfh010.dat
[2014/01/22 10.36.49 | 000,722,476 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014/01/22 10.36.49 | 000,156,688 | ---- | M] () -- C:\WINDOWS\SysNative\perfc010.dat
[2014/01/22 10.36.49 | 000,135,592 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014/01/22 10.34.31 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/01/22 10.33.02 | 000,001,170 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/22 10.32.27 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/01/22 10.32.25 | 3281,010,688 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/21 15.33.11 | 006,531,488 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2014/01/20 21.09.58 | 000,160,635 | ---- | M] () -- C:\Users\Lorenzo\Desktop\fs.jpg
[2014/01/20 14.40.25 | 000,001,261 | ---- | M] () -- C:\Users\Lorenzo\Desktop\MediaHuman Audio Converter.lnk
[2014/01/20 11.22.55 | 000,000,492 | ---- | M] () -- C:\WINDOWS\tasks\Wise Registry Cleaner Schedule Task.job
[2014/01/18 22.23.55 | 000,469,475 | ---- | M] () -- C:\Users\Lorenzo\Desktop\tomorrow.jpg
[2014/01/17 11.39.39 | 021,897,828 | ---- | M] () -- C:\Users\Lorenzo\Desktop\casco.psd
[2014/01/17 09.59.56 | 000,001,163 | ---- | M] () -- C:\Users\Public\Desktop\Bamboo Dock.lnk
[2014/01/16 11.21.04 | 000,001,247 | ---- | M] () -- C:\Users\Public\Desktop\Wise Registry Cleaner.lnk
[2014/01/15 17.30.33 | 000,090,570 | ---- | M] () -- C:\Users\Lorenzo\Desktop\HornedLizard-CloseUp-WebJAE-1480c.jpg
[2014/01/15 16.40.54 | 000,096,704 | ---- | M] () -- C:\Users\Lorenzo\Desktop\Robert_Nanteuil_-_Louis_XIV_-_WGA16427.jpg
[2014/01/15 16.40.54 | 000,001,456 | ---- | M] () -- C:\Users\Lorenzo\AppData\Local\Adobe Save for Web 13.0 Prefs
[2014/01/15 16.17.01 | 000,083,330 | ---- | M] () -- C:\Users\Lorenzo\Desktop\993402_591650440910817_1313166945_n.jpg
[2014/01/13 22.52.28 | 000,635,689 | ---- | M] () -- C:\Users\Lorenzo\Desktop\palete.ai
[2014/01/12 23.12.25 | 008,735,344 | ---- | M] () -- C:\Users\Lorenzo\Desktop\migraine.psd
[2014/01/11 13.11.22 | 000,859,115 | ---- | M] () -- C:\Users\Lorenzo\Desktop\soo-cute-3-dogs-1120747_1280_1024.jpg
[2014/01/11 12.35.13 | 000,000,085 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2014/01/10 21.14.05 | 000,045,993 | ---- | M] () -- C:\Users\Lorenzo\Desktop\Dog-Portrait-1-630x420.jpg
[2014/01/10 21.12.26 | 000,099,865 | ---- | M] () -- C:\Users\Lorenzo\Desktop\powerful-animal-portraits-by-wolf-ademeit-L-66B7Xj.jpeg
[2014/01/10 21.03.48 | 000,590,149 | ---- | M] () -- C:\Users\Lorenzo\Desktop\104_Portrait_Lighting.jpg
[2014/01/10 16.52.13 | 000,737,330 | ---- | M] () -- C:\Users\Lorenzo\Desktop\155839main_microbe1_hr.jpg
[2014/01/10 16.51.50 | 000,193,746 | ---- | M] () -- C:\Users\Lorenzo\Desktop\45-clipboard-1.jpg
[2014/01/10 16.43.23 | 000,049,683 | ---- | M] () -- C:\Users\Lorenzo\Desktop\060809_s_zoo_molerat_tarantula_chameleon3673_hr.JPG
[2014/01/10 16.12.31 | 000,001,861 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2014/01/10 10.18.58 | 000,001,966 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2014/01/10 10.18.41 | 000,283,064 | ---- | M] (Disc Soft Ltd) -- C:\WINDOWS\SysNative\drivers\dtsoftbus01.sys
[2014/01/10 09.44.17 | 000,089,572 | ---- | M] () -- C:\Users\Lorenzo\Desktop\hornet_2111372i.jpg
[2014/01/10 09.32.56 | 002,090,036 | ---- | M] () -- C:\Users\Lorenzo\Desktop\Eric_Holder_official_portrait.jpg
[2014/01/10 09.08.44 | 000,114,634 | ---- | M] () -- C:\Users\Lorenzo\Desktop\martin-schoeller-bill-murray-portrait-up-close-and-personal.jpg
[2014/01/10 09.06.08 | 002,875,530 | ---- | M] () -- C:\Users\Lorenzo\Desktop\Wahlster_Portrait5_gross.jpg
[2014/01/10 09.04.51 | 000,071,141 | ---- | M] () -- C:\Users\Lorenzo\Desktop\BULLPATO6.jpg
[2014/01/10 08.54.28 | 000,248,643 | ---- | M] () -- C:\Users\Lorenzo\Desktop\bulldog-horror.jpeg
[2014/01/10 08.51.03 | 000,803,500 | ---- | M] () -- C:\Users\Lorenzo\Desktop\Official_portrait_of_Barack_Obama.jpg
[2014/01/10 08.29.58 | 000,680,082 | ---- | M] () -- C:\Users\Lorenzo\Desktop\3385371605_e799b6a0d6_o.jpg
[2014/01/10 08.09.34 | 011,461,842 | ---- | M] () -- C:\Users\Lorenzo\Desktop\397875_muzhchina_profil_ochki_kreativ_6161x4700_(www.GdeFon.ru).jpg
[2014/01/10 07.53.34 | 000,655,235 | ---- | M] () -- C:\Users\Lorenzo\Desktop\rospo_frog.jpg
[2014/01/10 00.15.03 | 241,572,494 | ---- | M] () -- C:\Users\Lorenzo\Desktop\cop2.psd
[2014/01/07 20.13.35 | 000,018,290 | ---- | M] () -- C:\WINDOWS\SysNative\results.xml
[2014/01/07 19.08.47 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
[2014/01/07 18.51.58 | 000,284,240 | ---- | M] (Dritek System Inc.) -- C:\WINDOWS\UnInstRfBtn.EXE
[2014/01/07 18.51.58 | 000,096,880 | ---- | M] (Dritek System INC.) -- C:\WINDOWS\RfBtnSvc64.exe
[2014/01/07 18.51.45 | 000,000,186 | ---- | M] () -- C:\WINDOWS\UnInstRfBtn.UNI
[2014/01/07 18.51.23 | 000,026,736 | ---- | M] (Dritek System Inc.) -- C:\WINDOWS\SysNative\drivers\aPs2Kb2Hid.sys
[2014/01/07 18.50.15 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
[2014/01/07 14.22.05 | 000,028,578 | ---- | M] () -- C:\WINDOWS\diagwrn.xml
[2014/01/07 14.22.05 | 000,028,578 | ---- | M] () -- C:\WINDOWS\diagerr.xml
[2014/01/07 14.21.42 | 000,022,928 | ---- | M] () -- C:\WINDOWS\SysNative\emptyregdb.dat
[2014/01/07 11.02.57 | 001,374,009 | ---- | M] () -- C:\Users\Lorenzo\Desktop\palette.jpg
[2014/01/06 15.40.43 | 000,054,221 | ---- | M] () -- C:\Users\Lorenzo\Desktop\genoa460276.jpg
[2014/01/06 15.40.21 | 000,061,908 | ---- | M] () -- C:\Users\Lorenzo\Desktop\G8 3.jpg
[2014/01/06 15.39.57 | 000,103,588 | ---- | M] () -- C:\Users\Lorenzo\Desktop\genova_g8.jpg
[2014/01/05 13.27.52 | 001,184,430 | ---- | M] () -- C:\Users\Lorenzo\Desktop\Akhenaten_skull_profile.png
[2014/01/05 12.49.35 | 000,168,652 | ---- | M] () -- C:\Users\Lorenzo\Desktop\migraine.ai
[2014/01/05 11.53.16 | 000,079,778 | ---- | M] () -- C:\Users\Lorenzo\Desktop\pistolexplodedview.jpg
[2014/01/04 17.05.40 | 000,056,109 | ---- | M] () -- C:\Users\Lorenzo\Desktop\exp.ai
[2014/01/04 13.49.02 | 001,923,814 | ---- | M] () -- C:\Users\Lorenzo\Desktop\poster.psd
[2014/01/01 22.48.45 | 024,334,964 | ---- | M] () -- C:\Users\Lorenzo\Desktop\artwork.psd
[2014/01/01 14.48.33 | 000,000,132 | ---- | M] () -- C:\Users\Lorenzo\AppData\Roaming\Adobe PNG Format CS6 Prefs
[4 C:\WINDOWS\SysNative\*.tmp files -> C:\WINDOWS\SysNative\*.tmp -> ]
[2 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/01/22 11.07.29 | 013,718,675 | ---- | C] () -- C:\Users\Lorenzo\Desktop\wwoof.ai
[2014/01/20 21.09.57 | 000,160,635 | ---- | C] () -- C:\Users\Lorenzo\Desktop\fs.jpg
[2014/01/20 14.40.25 | 000,001,261 | ---- | C] () -- C:\Users\Lorenzo\Desktop\MediaHuman Audio Converter.lnk
[2014/01/18 22.23.51 | 000,469,475 | ---- | C] () -- C:\Users\Lorenzo\Desktop\tomorrow.jpg
[2014/01/17 11.39.38 | 021,897,828 | ---- | C] () -- C:\Users\Lorenzo\Desktop\casco.psd
[2014/01/17 09.59.56 | 000,001,163 | ---- | C] () -- C:\Users\Public\Desktop\Bamboo Dock.lnk
[2014/01/16 11.56.48 | 000,385,614 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2014/01/16 11.53.27 | 000,001,117 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Content Viewer.lnk
[2014/01/16 11.24.36 | 000,000,492 | ---- | C] () -- C:\WINDOWS\tasks\Wise Registry Cleaner Schedule Task.job
[2014/01/16 11.21.04 | 000,001,247 | ---- | C] () -- C:\Users\Public\Desktop\Wise Registry Cleaner.lnk
[2014/01/16 11.14.25 | 000,001,682 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CS6.lnk
[2014/01/16 11.12.03 | 000,001,550 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CS6 (64 Bit).lnk
[2014/01/16 10.37.33 | 000,001,215 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe InDesign CS6.lnk
[2014/01/16 10.31.56 | 000,001,189 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6.lnk
[2014/01/16 10.29.12 | 000,001,305 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CS6.lnk
[2014/01/15 16.17.01 | 000,083,330 | ---- | C] () -- C:\Users\Lorenzo\Desktop\993402_591650440910817_1313166945_n.jpg
[2014/01/15 16.16.26 | 000,096,704 | ---- | C] () -- C:\Users\Lorenzo\Desktop\Robert_Nanteuil_-_Louis_XIV_-_WGA16427.jpg
[2014/01/15 07.23.26 | 000,138,240 | ---- | C] () -- C:\WINDOWS\SysNative\OEMLicense.dll
[2014/01/15 07.23.26 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2014/01/13 22.52.24 | 000,635,689 | ---- | C] () -- C:\Users\Lorenzo\Desktop\palete.ai
[2014/01/11 13.11.21 | 000,859,115 | ---- | C] () -- C:\Users\Lorenzo\Desktop\soo-cute-3-dogs-1120747_1280_1024.jpg
[2014/01/11 12.35.06 | 000,000,085 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2014/01/10 21.14.05 | 000,045,993 | ---- | C] () -- C:\Users\Lorenzo\Desktop\Dog-Portrait-1-630x420.jpg
[2014/01/10 21.12.26 | 000,099,865 | ---- | C] () -- C:\Users\Lorenzo\Desktop\powerful-animal-portraits-by-wolf-ademeit-L-66B7Xj.jpeg
[2014/01/10 21.03.47 | 000,590,149 | ---- | C] () -- C:\Users\Lorenzo\Desktop\104_Portrait_Lighting.jpg
[2014/01/10 16.52.12 | 000,737,330 | ---- | C] () -- C:\Users\Lorenzo\Desktop\155839main_microbe1_hr.jpg
[2014/01/10 16.51.49 | 000,193,746 | ---- | C] () -- C:\Users\Lorenzo\Desktop\45-clipboard-1.jpg
[2014/01/10 16.43.21 | 000,049,683 | ---- | C] () -- C:\Users\Lorenzo\Desktop\060809_s_zoo_molerat_tarantula_chameleon3673_hr.JPG
[2014/01/10 16.12.31 | 000,001,861 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2014/01/10 16.11.12 | 000,002,535 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2014/01/10 10.18.58 | 000,001,966 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2014/01/10 09.44.17 | 000,089,572 | ---- | C] () -- C:\Users\Lorenzo\Desktop\hornet_2111372i.jpg
[2014/01/10 09.32.56 | 002,090,036 | ---- | C] () -- C:\Users\Lorenzo\Desktop\Eric_Holder_official_portrait.jpg
[2014/01/10 09.08.44 | 000,114,634 | ---- | C] () -- C:\Users\Lorenzo\Desktop\martin-schoeller-bill-murray-portrait-up-close-and-personal.jpg
[2014/01/10 09.06.08 | 002,875,530 | ---- | C] () -- C:\Users\Lorenzo\Desktop\Wahlster_Portrait5_gross.jpg
[2014/01/10 09.04.51 | 000,071,141 | ---- | C] () -- C:\Users\Lorenzo\Desktop\BULLPATO6.jpg
[2014/01/10 08.54.28 | 000,248,643 | ---- | C] () -- C:\Users\Lorenzo\Desktop\bulldog-horror.jpeg
[2014/01/10 08.51.03 | 000,803,500 | ---- | C] () -- C:\Users\Lorenzo\Desktop\Official_portrait_of_Barack_Obama.jpg
[2014/01/10 08.29.57 | 000,680,082 | ---- | C] () -- C:\Users\Lorenzo\Desktop\3385371605_e799b6a0d6_o.jpg
[2014/01/10 08.09.33 | 011,461,842 | ---- | C] () -- C:\Users\Lorenzo\Desktop\397875_muzhchina_profil_ochki_kreativ_6161x4700_(www.GdeFon.ru).jpg
[2014/01/10 08.00.18 | 000,090,570 | ---- | C] () -- C:\Users\Lorenzo\Desktop\HornedLizard-CloseUp-WebJAE-1480c.jpg
[2014/01/10 07.53.32 | 000,655,235 | ---- | C] () -- C:\Users\Lorenzo\Desktop\rospo_frog.jpg
[2014/01/07 20.20.29 | 003,349,466 | ---- | C] () -- C:\WINDOWS\SysNative\nvcoproc.bin
[2014/01/07 20.16.50 | 000,022,581 | ---- | C] () -- C:\WINDOWS\SysNative\nvinfo.pb
[2014/01/07 19.08.47 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
[2014/01/07 18.51.28 | 000,000,186 | ---- | C] () -- C:\WINDOWS\UnInstRfBtn.UNI
[2014/01/07 18.50.15 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
[2014/01/07 17.54.52 | 000,001,174 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/07 17.54.51 | 000,001,170 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/07 15.35.37 | 241,572,494 | ---- | C] () -- C:\Users\Lorenzo\Desktop\cop2.psd
[2014/01/07 14.33.36 | 000,001,426 | ---- | C] () -- C:\Users\Lorenzo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/01/07 14.21.42 | 000,022,928 | ---- | C] () -- C:\WINDOWS\SysNative\emptyregdb.dat
[2014/01/07 14.05.28 | 000,001,547 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2014/01/07 14.00.03 | 000,028,578 | ---- | C] () -- C:\WINDOWS\diagwrn.xml
[2014/01/07 14.00.03 | 000,028,578 | ---- | C] () -- C:\WINDOWS\diagerr.xml
[2014/01/07 11.02.57 | 001,374,009 | ---- | C] () -- C:\Users\Lorenzo\Desktop\palette.jpg
[2014/01/06 15.40.43 | 000,054,221 | ---- | C] () -- C:\Users\Lorenzo\Desktop\genoa460276.jpg
[2014/01/06 15.40.21 | 000,061,908 | ---- | C] () -- C:\Users\Lorenzo\Desktop\G8 3.jpg
[2014/01/06 15.39.56 | 000,103,588 | ---- | C] () -- C:\Users\Lorenzo\Desktop\genova_g8.jpg
[2014/01/05 13.27.52 | 001,184,430 | ---- | C] () -- C:\Users\Lorenzo\Desktop\Akhenaten_skull_profile.png
[2014/01/05 11.56.29 | 008,735,344 | ---- | C] () -- C:\Users\Lorenzo\Desktop\migraine.psd
[2014/01/05 11.53.16 | 000,079,778 | ---- | C] () -- C:\Users\Lorenzo\Desktop\pistolexplodedview.jpg
[2014/01/04 18.00.59 | 000,168,652 | ---- | C] () -- C:\Users\Lorenzo\Desktop\migraine.ai
[2014/01/04 13.49.01 | 001,923,814 | ---- | C] () -- C:\Users\Lorenzo\Desktop\poster.psd
[2013/12/30 16.56.50 | 024,334,964 | ---- | C] () -- C:\Users\Lorenzo\Desktop\artwork.psd
[2013/12/29 01.07.53 | 000,056,109 | ---- | C] () -- C:\Users\Lorenzo\Desktop\exp.ai
[2013/09/22 13.33.53 | 000,000,400 | ---- | C] () -- C:\WINDOWS\i_nhqnsp975.ini
[2013/09/22 13.33.53 | 000,000,400 | ---- | C] () -- C:\WINDOWS\SysWow64\drivers\fhtrugl639.dat
[2013/09/10 01.35.18 | 000,303,104 | ---- | C] () -- C:\WINDOWS\SysWow64\igdmd32.dll
[2013/09/10 01.35.10 | 000,180,736 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2013/09/10 01.35.08 | 000,142,848 | ---- | C] () -- C:\WINDOWS\SysWow64\igdail32.dll
[2013/08/22 16.36.43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/22 16.36.42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 15.46.23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 08.01.23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/22 04.32.36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013/08/22 00.55.20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/22 00.52.39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2013/05/14 06.15.58 | 000,000,288 | ---- | C] () -- C:\Users\Lorenzo\AppData\Roaming\.backup.dm
[2013/04/17 14.35.09 | 000,000,132 | ---- | C] () -- C:\Users\Lorenzo\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2013/04/16 07.41.15 | 000,001,456 | ---- | C] () -- C:\Users\Lorenzo\AppData\Local\Adobe Save for Web 13.0 Prefs
[2013/03/16 19.56.16 | 000,017,408 | ---- | C] () -- C:\Users\Lorenzo\AppData\Local\WebpageIcons.db
[2012/11/30 14.32.20 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2012/04/20 22.59.44 | 000,001,536 | ---- | C] () -- C:\WINDOWS\SysWow64\IusEventLog.dll

========== ZeroAccess Check ==========


[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/11/23 12.49.06 | 021,196,664 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/11/23 09.19.35 | 018,642,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 10.49.49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/22 03.45.10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 10.45.17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/09/28 13.00.03 | 000,000,000 | ---D | M] -- C:\Users\Lorenzo\AppData\Roaming\acer
[2013/12/17 16.13.33 | 000,000,000 | ---D | M] -- C:\Users\Lorenzo\AppData\Roaming\Canon
[2013/10/23 11.24.30 | 000,000,000 | ---D | M] -- C:\Users\Lorenzo\AppData\Roaming\chc
[2013/10/23 11.24.30 | 000,000,000 | ---D | M] -- C:\Users\Lorenzo\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2014/01/10 10.21.04 | 000,000,000 | ---D | M] -- C:\Users\Lorenzo\AppData\Roaming\DAEMON Tools Lite
[2013/04/18 15.11.46 | 000,000,000 | ---D | M] -- C:\Users\Lorenzo\AppData\Roaming\DigiCel
[2013/03/18 15.59.53 | 000,000,000 | ---D | M] -- C:\Users\Lorenzo\AppData\Roaming\LibreOffice
[2013/03/15 16.19.59 | 000,000,000 | ---D | M] -- C:\Users\Lorenzo\AppData\Roaming\lm
[2013/09/22 13.38.36 | 000,000,000 | ---D | M] -- C:\Users\Lorenzo\AppData\Roaming\McNeel
[2013/12/08 09.43.57 | 000,000,000 | ---D | M] -- C:\Users\Lorenzo\AppData\Roaming\Notepad++
[2013/05/23 11.41.14 | 000,000,000 | ---D | M] -- C:\Users\Lorenzo\AppData\Roaming\SanDisk
[2013/05/18 09.13.35 | 000,000,000 | ---D | M] -- C:\Users\Lorenzo\AppData\Roaming\SanDisk SecureAccess
[2013/03/17 14.12.31 | 000,000,000 | ---D | M] -- C:\Users\Lorenzo\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013/12/08 09.46.27 | 000,000,000 | ---D | M] -- C:\Users\Lorenzo\AppData\Roaming\Sublime Text 2
[2014/01/22 13.46.14 | 000,000,000 | ---D | M] -- C:\Users\Lorenzo\AppData\Roaming\tixati
[2013/12/19 10.12.20 | 000,000,000 | ---D | M] -- C:\Users\Lorenzo\AppData\Roaming\TypeDNA-FontManager
[2013/12/19 10.12.20 | 000,000,000 | ---D | M] -- C:\Users\Lorenzo\AppData\Roaming\TypeDNA-FontManager.7DD754936347AC45CE70988FE6EE6CC92F266EC1.1
[2013/11/11 21.45.01 | 000,000,000 | ---D | M] -- C:\Users\Lorenzo\AppData\Roaming\Ultra Fractal 5
[2014/01/17 10.00.03 | 000,000,000 | ---D | M] -- C:\Users\Lorenzo\AppData\Roaming\Wacom
[2014/01/07 10.26.58 | 000,000,000 | ---D | M] -- C:\Users\Lorenzo\AppData\Roaming\wacomid-desktop-launcher
[2014/01/17 10.00.10 | 000,000,000 | ---D | M] -- C:\Users\Lorenzo\AppData\Roaming\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1
[2014/01/06 00.29.57 | 000,000,000 | ---D | M] -- C:\Users\Lorenzo\AppData\Roaming\WildTangent
[2014/01/16 11.24.01 | 000,000,000 | ---D | M] -- C:\Users\Lorenzo\AppData\Roaming\Wise Registry Cleaner

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 199 bytes -> C:\Users\Lorenzo\SkyDrive:ms-properties

< End of report >
  • 0

Advertisements


#2
Egon32

Egon32

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
OTL Extras logfile created on: 22/01/2014 13.56.26 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lorenzo\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16476)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

3,82 Gb Total Physical Memory | 2,26 Gb Available Physical Memory | 59,25% Memory free
7,73 Gb Paging File | 5,50 Gb Available in Paging File | 71,16% Paging File free
Paging file location(s): c:\pagefile.sys 4000 8000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 445,85 Gb Total Space | 345,23 Gb Free Space | 77,43% Space Free | Partition Type: NTFS

Computer Name: PC-LORENZO | User Name: Lorenzo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS6\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS6\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{216D7E7E-099B-4677-B00E-8E1C0558FD2A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6918CA5A-C85F-46E3-9593-6579941D9550}" = lport=10243 | protocol=6 | dir=in | app=system |
"{97A66DA5-5009-4F4A-B25B-C638006D2409}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B3B8FB03-BD9F-4436-B80D-12F71E90009E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C8D762CA-18D1-4C8F-815B-6140B801DEA6}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D420B66A-F052-43DA-AA60-E8F19358DA48}" = rport=10243 | protocol=6 | dir=out | app=system |
"{D500F770-716B-4E3B-82A5-CADE061EB167}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F34D76DE-BEF9-4787-80BA-BB9A9A806024}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F8D8DE12-E959-4145-9274-439216252313}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0019AEA1-9609-4664-9D80-EAAB2AC96031}" = dir=in | app=c:\program files (x86)\nti\acer backup manager\fileexplorer.exe |
"{001AD689-B507-4626-93F1-E71D5273DA73}" = dir=out | name=@{microsoft.zunevideo_1.1.134.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{05B81CDE-F7FD-43F9-B8C4-D3E195A38A70}" = dir=out | name=evernote touch |
"{077D33B1-6A68-4D57-928F-552A6A7911E0}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer cloud\sdd.exe |
"{0A1D06E1-369F-4994-965B-20AA127CCE8D}" = dir=out | name=weatherbug |
"{0E3CA217-CDDE-45D3-BA09-31C6660E7FFA}" = dir=out | name=microsoft solitaire collection |
"{136E6610-E385-410D-BA86-554609C9C6C1}" = dir=in | name=juniper networks junos pulse |
"{18F0160B-B64A-4554-88B3-28AD2D6CD9FE}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\windowsupnp.exe |
"{1FDA8CD3-896E-4449-A26B-1E8F4B45EE88}" = dir=in | name=skype |
"{217092CA-C954-403E-9EF9-E2F2B1BCD5B8}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{21A7647D-7D4B-485E-971E-95402969B3DB}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\dmcdaemon.exe |
"{24CEEFBC-EA88-44C4-BFDF-49BE07909D64}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi media\dmcdaemon.exe |
"{24E9D97A-6C06-4EF4-B637-5489FD478266}" = dir=in | name=taptiles |
"{26108497-61CF-4C98-84A7-948339CA445A}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{26EE7008-B93D-4CA8-93B1-C9A6ACADC6DF}" = dir=out | name=@{microsoft.bingsports_3.0.1.203_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{27B6DA4F-3E96-4D35-86A4-AEBB5797EF1B}" = dir=out | name=sonicwall mobile connect |
"{2844F75D-6AD2-456D-8B23-7A43B07212D2}" = dir=out | name=wordament |
"{2893D801-5278-4782-BBDC-CF1AAA2EE709}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{28A32CBC-7DEB-4039-BCC2-BA75D8844E25}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi media\windowsupnpmv.exe |
"{2BADD734-5A61-4A2C-BF7D-C666819B2B94}" = dir=out | name=skitch touch |
"{2C8C54EC-E1D1-48FD-B296-9C03FE1BD7AD}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{323EA640-0C2C-4496-97E0-A3A3A12BC7B4}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{36D1023B-EA95-49D3-A215-D07F90D0327A}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\windowsupnp.exe |
"{36FA6AFF-E86D-4A43-A624-C7C1BE3A81CA}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer cloud\virtualdrive.exe |
"{39CDCF8C-6BBE-4A0A-B797-B3811A89BA51}" = dir=out | name=@{microsoft.reader_6.2.9200.20623_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{3B27616D-1541-4DDC-9CA9-2782C6BCE359}" = dir=in | name=pinball fx2 |
"{3BCCED07-A572-4544-9402-67D98769F17A}" = dir=in | name=check point vpn |
"{3F031823-62BB-4BF2-9509-ECC0B5ABA182}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{3FAADACD-EE9F-4117-9C48-4D43453EFB1F}" = dir=out | name=taptiles |
"{411936F7-3285-4983-A854-2B1D25EB3113}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer cloud\sdd.exe |
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn |
"{432CAA54-16FF-427C-9C57-6F716E0ACC70}" = dir=out | name=@{microsoft.bingfinance_1.7.0.38_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{45C46402-2FB6-4DEA-BFAC-84D6E82C8BA3}" = dir=in | name=evernote touch |
"{49030249-2A7D-4ABE-9DD4-3E0EE5D258A0}" = dir=in | name=microsoft solitaire collection |
"{4B003D0D-3A68-4F52-B43D-FA06D2BD9BDA}" = dir=in | name=acer explorer |
"{4F731E0E-E6CB-4C06-AB07-257C61D84572}" = dir=out | name=@{microsoft.bingfinance_3.0.1.299_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{50E6B2C0-9701-42EB-A1FC-3D04D51387F7}" = dir=out | name=@{microsoft.bingweather_3.0.1.203_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{53B23B14-F661-4CF5-9A38-2DB65403CA65}" = dir=out | name=@{microsoft.bingsports_1.8.0.51_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{55110230-34E5-4F6E-BC00-E8F29970859E}" = dir=out | name=windows_ie_ac_001 |
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect |
"{58681DD6-8CD1-449D-951D-0236E8EAEBB2}" = dir=out | name=@{microsoft.bingnews_1.7.0.38_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{59BF3F4D-5D7B-457F-87B6-B5FE56B6DDB9}" = dir=in | name=newsxpresso |
"{5A6CC701-2A0B-4FCC-9E54-109B280F87A0}" = dir=out | name=f5 vpn |
"{5B367D6A-80AB-4CB8-94F2-DDFE935CF781}" = dir=in | name=f5 vpn |
"{5D9BECA9-22A0-4A41-8F6F-057142690FFF}" = dir=out | name=@{microsoft.bingmaps_1.5.1.240_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect |
"{6286C431-D98B-4547-863F-DA59F46B8C16}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\dmcdaemon.exe |
"{63E24587-15E5-4B79-A658-5249FD6DAE88}" = dir=out | name=newsxpresso |
"{6430CBAC-CD2C-40AE-B63A-494269D6B40C}" = dir=out | name=7digital music store |
"{656E3B37-FAC4-455A-889B-7FDE6D39230D}" = dir=out | name=skype |
"{688E7152-D0AC-490E-BB79-A1E98AF8D1D3}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{70730199-0702-49E9-BD43-2E19687971F6}" = dir=out | name=@{microsoft.bingtravel_3.0.1.202_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{741A8F4A-2277-4532-9E38-594EF10EF43E}" = dir=in | name=@{microsoft.skypeapp_1.6.0.115_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |
"{760CDF8B-A5B0-4E22-BAD3-7AE085483910}" = dir=out | name=@{microsoft.bingmaps_2.0.2210.2401_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{77B49BED-E8FD-4742-AEF4-97DD956DFD78}" = dir=in | name=sonicwall mobile connect |
"{7C1F17DE-6B07-4407-BE86-68314C54BDB8}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi media\dmcdaemon.exe |
"{7D8BA811-D66B-413C-9A71-EB4ED6793081}" = dir=out | name=acer explorer |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{84AF5754-9423-44D0-8F84-9330638978FC}" = dir=out | name=@{microsoft.bingnews_3.0.1.321_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/apptitle} |
"{85A6F233-32F2-40BB-A8B5-3DD1145476FF}" = dir=out | name=@{microsoft.xboxlivegames_1.1.134.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{85DE3126-4527-42F2-B84D-3FFB3C73803C}" = dir=out | name=kindle |
"{86E9F537-CFBE-41A0-B99D-AEE04B98D700}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{87254385-673F-4B06-BFF4-63C07A62638E}" = dir=out | name=@{microsoft.skypeapp_1.6.0.115_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |
"{8B5E377D-902F-488A-8D9D-C18FD76E4D39}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.1.335_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{8B626428-BDDB-4391-A85D-6A24ECF2652D}" = dir=out | name=canon inkjet print utility |
"{8E1BF934-54BE-4DEE-BD93-53A37E60B9BA}" = dir=out | name=@{microsoft.bingweather_1.7.0.26_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{958E97D5-7948-4575-89C9-D078A4D0E78E}" = dir=out | name=windows_ie_ac_001 |
"{95BF6441-9395-4A5D-9A57-CD70E56BFE44}" = dir=out | name=@{microsoft.zunemusic_1.1.144.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{95D0B749-D812-4CB0-A287-0F4C518CA864}" = dir=out | name=cut the rope |
"{9732650B-48ED-40D9-BEF1-4B9ED6BC9803}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{9BBEDD1A-4D9D-4075-8368-88C875A6CCDB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9C73F98B-5D7B-4F84-AE42-504F1BAE5A1D}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi media\windowsupnpmv.exe |
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{9E9038E1-5D41-4A67-AEC8-4CB54BB1896E}" = dir=out | name=juniper networks junos pulse |
"{9F0D9DBB-8A25-4FBC-9435-FC7FFEE68677}" = dir=out | name=acer crystal eye |
"{A2171306-F7F8-46DE-B148-C1162007A03E}" = protocol=6 | dir=out | app=system |
"{AB4A0651-63E3-441D-8621-8A372A1051A7}" = dir=in | app=c:\program files (x86)\acer\clear.fi sdk21\video\videoplayer.exe |
"{ABFFB58F-6206-480F-B121-343E92D8AC7E}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer cloud\virtualdrive.exe |
"{B200BFF1-876E-4F71-BDB4-4987F020C243}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{B700C5A6-6BD2-4D7F-90A9-2C48DBBFC891}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer cloud\ccd.exe |
"{B96FE0D5-1D48-41FE-9DFB-B5380ABB0142}" = dir=out | name=shark dash |
"{BBA0EED7-CBE2-4E89-8685-D77895ABE3D2}" = dir=out | name=tunein radio |
"{BD7B5A98-D5E9-4D01-BD9F-9BBAD1F77C55}" = dir=out | name=@{microsoft.zunevideo_2.2.338.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{BE7B2F24-B59D-43C6-93EF-D1EA4D14ED6F}" = dir=out | name=pinball fx2 |
"{BF28E9F2-BD42-49C5-BA1B-B9F92E0F55EE}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{C0338A3E-18EA-4117-B536-51CB0A6F0B5A}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer cloud\ccd.exe |
"{C0A74B45-1F55-4E59-BCCD-AACBA2672C14}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C107E5E8-0FE1-4CC6-AA6A-FBED9A7C4554}" = dir=out | name=@{microsoft.zunemusic_2.2.339.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{C2F19464-7392-4BBD-94F9-485FCC55D53A}" = dir=in | name=microsoft mahjong |
"{C646F6E7-2717-4C16-8FAE-1202F2B2F2C2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C8C327A2-85FD-472A-AD27-6ACCDDFF699D}" = dir=out | name=social jogger |
"{C9AABD65-4594-4AAC-92E5-20B9E4729DF5}" = dir=in | name=canon inkjet print utility |
"{D2992B7E-7268-493E-9D8E-FF508484C06D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D2F0A95E-2272-4D0A-B9E2-9A013004ECA6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D319FAE0-D677-4487-9C3C-90EB174ECECD}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{D6332C72-6A9A-43D6-99F2-9B9F874EFFA6}" = dir=in | app=c:\program files (x86)\nti\acer backup manager\ischedulesvc.exe |
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn |
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn |
"{DEDB8EE2-6CC7-4E86-8B00-1854E6BA11F6}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E2A53E85-7912-4819-91B9-12A7DBBBCBF7}" = dir=out | name=@{microsoft.bingtravel_1.7.0.26_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{E4800DD5-0170-4EE6-922D-34837197C6F7}" = dir=in | name=@{microsoft.reader_6.2.9200.20623_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{E5FEC595-E2F2-47D3-BBB6-5EBADA9943D1}" = dir=out | name=the treasures of montezuma 3 |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{EB125F75-30E9-4E77-A32B-A328E270285F}" = dir=in | app=c:\program files (x86)\nti\acer backup manager\backupmanager.exe |
"{EBFF6675-4827-4998-B62B-A21924B8AE69}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn |
"{EE5B4BAA-C958-44D7-94F2-413BAAD160B1}" = dir=out | name=microsoft mahjong |
"{F58C3B5A-3ECE-4FD3-84B2-A04CD98C38E1}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.1.337_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{F5A5F9E4-5F70-4F31-B715-671F4A04F8F3}" = dir=out | name=check point vpn |
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client |
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client |
"{F7EDD6BD-0295-41AA-97A2-A885946411E7}" = dir=out | name=windows_ie_ac_001 |
"{FCA6E83B-C20C-4479-BCF7-2504F2EAF869}" = dir=out | name=adera |
"TCP Query User{806F2624-159D-48E5-86D3-62CF3815261B}C:\program files\tixati\tixati.exe" = protocol=6 | dir=in | app=c:\program files\tixati\tixati.exe |
"TCP Query User{E7A1B197-8CCD-4065-B632-2F887FAD727B}C:\program files\tixati\tixati.exe" = protocol=6 | dir=in | app=c:\program files\tixati\tixati.exe |
"UDP Query User{4D50D409-D715-4809-9791-2DD192B9A522}C:\program files\tixati\tixati.exe" = protocol=17 | dir=in | app=c:\program files\tixati\tixati.exe |
"UDP Query User{731911A1-C139-475D-91AB-156D6CBAE049}C:\program files\tixati\tixati.exe" = protocol=17 | dir=in | app=c:\program files\tixati\tixati.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}" = Acer Recovery Management
"{0B78ECB0-1A6B-4E6D-89D7-0E7CE77F0427}" = MyWinLocker
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2413" = CanoScan LiDE 100 Scanner Driver
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder
"{23170F69-40C1-2702-0922-000001000000}" = 7-Zip 9.22 (x64 edition)
"{38628AC5-EFA4-4CF1-97A5-EA45C7E8701B}}_is1" = TypeDNA 2.4.0
"{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}" = Acer Device Fast-lane
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{67AA948F-8D83-4566-B84A-7CAABCF64E3F}" = Broadcom Card Reader Driver Installer
"{8215A318-CC27-435E-B3EA-2E3443C8998C}" = Acer Instant Update Service
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89AFB053-A343-46EF-97E4-D593AD7184E6}" = Intel® Trusted Connect Service Client
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{91F52DE4-B789-42B0-9311-A349F10E5479}" = Acer Power Management
"{A84A4FB1-D703-48DB-89E0-68B6499D2801}" = Qualcomm Atheros Bluetooth Suite (64)
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Pannello di controllo NVIDIA 327.02
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Driver grafico 327.02
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.14.17
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.13.0725
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aggiornamenti NVIDIA 1.14.17
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"Elantech" = ETDWare PS/2-X64 11.6.27.201_WHQL
"Pen Tablet Driver" = Wacom
"Sublime Text 2_is1" = Sublime Text 2.0.2
"Wacom WebTabletPlugin for Internet Explorer and Netscape" = WebTablet FB Plugin 64 bit
"WinDjView" = WinDjView 2.0.2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}" = MyWinLocker Suite
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FCC073B-CC01-4443-AD20-E559F66E6E83}" = Office Addin 2003
"{26A24AE4-039D-4CA4-87B4-2F83217045FF}" = Java 7 Update 45
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Qualcomm Atheros WLAN and Bluetooth Client Installation Program
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{33C89CD4-AC59-E859-97B3-5B9157735E07}" = TypeDNA Font Manager
"{35DA427D-BB23-49B8-9AFD-CFFCFE3B708D}" = clear.fi SDK- Movie 2
"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime
"{39F15B50-A977-4CA6-B1C3-6A8724CDA025}" = MyWinLocker 4
"{3D9CB654-99AD-4301-89C6-0D12A790767C}" = Identity Card
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{4869414E-7AEA-4C8E-BE1C-8D40977FD517}" = Adobe Illustrator CS6
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.10
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Supporto applicazioni Apple
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{6D2BBE1D-E600-4695-BA37-0B0E605542CC}" = Office Addin
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer" = WildTangent Games App
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}" = NVIDIA PhysX
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8FB53850-246A-3507-8ADE-0060093FFEA6}" = Visual Studio Tools for the Office system 3.0 Runtime
"{90DFD61B-8224-00C6-3D69-A983B60A394E}" = Bamboo Dock
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}" = Backup Manager v4
"{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}" = AcerCloud Portal
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.06)
"{AC76BA86-7AD7-1040-7B44-AB0000000001}" = Adobe Reader XI (11.0.06) - Italiano
"{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager
"{B26438B4-BF51-49C3-9567-7F14A5E40CB9}" = Dolby Home Theater v4
"{B5AD89F2-03D3-4206-8487-018298007DD0}" = Acer Photo
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B91B14D5-B817-4C79-BEF6-0A7A23FE6C61}" = NWZ-B170 WALKMAN Guide
"{B92C2C6C-F70E-497B-88A7-1FEF9888272B}" = Adobe AIR
"{BA731FF4-DA48-D1D7-2BF6-E155339D9A27}" = Adobe® Content Viewer
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder
"{CA41BB14-E67B-1653-C57B-5CA99418A866}" = greatsiaver
"{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}" = Acer Docs
"{CFB770D7-8D43-1014-922B-CC2715FADE3F}" = Adobe InDesign CS6
"{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9
"{DD3CB916-F91A-41B9-B276-CAC090E91021}" = LibreOffice 4.1.2.3
"{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso 6.5
"{E9AF1707-3F3A-49E2-8345-4F2D629D0876}" = Acer Media
"{EBA33CAD-E071-48d5-A168-FBA4EEB42E93}" = clear.fi SDK - Video 2
"{EE26E302-876A-48D9-9058-3129E5B99999}" = Live Updater
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel® SDK for OpenCL - CPU Only Runtime Package
"Adobe AIR" = Adobe AIR
"Adobe Creative Cloud" = Adobe Creative Cloud
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Bamboo Dock" = Bamboo Dock
"CANONIJPLM100" = Inkjet Printer/Scanner Extended Survey Program
"CDisplay_is1" = CDisplay 1.8
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager
"com.adobe.dmp.contentviewer" = Adobe® Content Viewer
"DAEMON Tools Lite" = DAEMON Tools Lite
"Google Chrome" = Google Chrome
"InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}" = MyWinLocker Suite
"InstallShield_{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}" = Acer Backup Manager
"InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9
"InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso 6.5
"LManager" = Launch Manager
"MediaHuman Audio Converter_is1" = MediaHuman Audio Converter version 1.8.9
"Microsoft Visual Studio 2005 Tools for Office Runtime" = Visual Studio 2005 Tools per Office Second Edition Runtime
"MP Navigator EX 2.0" = Canon MP Navigator EX 2.0
"RadioController" = Dritek Radio Controller
"tixati" = Tixati
"TypeDNA-FontManager.7DD754936347AC45CE70988FE6EE6CC92F266EC1.1" = TypeDNA Font Manager
"Visual Studio Tools for the Office system 3.0 Runtime" = Visual Studio Tools for the Office system 3.0 Runtime
"VLC media player" = VLC media player 2.1.2
"Wacom WebTabletPlugin for Internet Explorer and Netscape" = WebTablet FB Plugin 32 bit
"wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1" = Bamboo Dock
"WildTangent wildgames Master Uninstall" = WildTangent Games
"Wise Registry Cleaner_is1" = Wise Registry Cleaner 7.92
"WTA-0f70623e-a7c8-414b-812a-259fd65605e0" = Bejeweled 3
"WTA-1232a605-888e-464d-9cbd-bdf979a79f4b" = Magic Academy
"WTA-243ad700-fe81-401c-bbb6-28fb7f941dae" = Polar Bowler
"WTA-2b0fb711-4c2f-4fcd-ac58-4f2cce7d9c7e" = Delicious: Emily's True Love Premium Edition
"WTA-2da04e97-7d1d-46a1-b9d8-50244960fbba" = Plants vs. Zombies - Game of the Year
"WTA-41bc2c58-b116-4985-8548-97d138a760f2" = Governor of Poker 2 Premium Edition
"WTA-4c8e0c71-6fd0-4c65-a00d-9d42ec9a321c" = Island Tribe
"WTA-6396e918-8db9-484a-b249-6749fc0ef09d" = Aloha TriPeaks
"WTA-72eef4ff-6c94-406b-81d7-ddb70c8bc5eb" = Penguins!
"WTA-8cb45c96-db4a-4332-bda4-4cfe32683226" = Zuma's Revenge
"WTA-a3e769bd-12eb-4975-ab09-221d6c973d92" = Jewel Match 3
"WTA-b6291e84-3a8b-4835-b3bf-0c4d327e62d5" = Agatha Christie - Death on the Nile
"WTA-e34813a9-942e-4067-ae5a-cd2a939a15d5" = Tales of Lagoona
"WTA-ec2b7e76-92aa-458d-9dc1-87b588f70c67" = John Deere Drive Green

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"@@__UNKNOWN__@@SanDiskSecureAccess_Manager.exe" = SanDiskSecureAccess_Manager.exe

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 07/01/2014 09.54.53 | Computer Name = PC-LORENZO | Source = NvStreamSvc | ID = 131073
Description =

Error - 07/01/2014 09.54.53 | Computer Name = PC-LORENZO | Source = NvStreamSvc | ID = 131073
Description =

Error - 07/01/2014 10.14.53 | Computer Name = PC-LORENZO | Source = NvStreamSvc | ID = 131073
Description =

Error - 07/01/2014 10.14.53 | Computer Name = PC-LORENZO | Source = NvStreamSvc | ID = 131073
Description =

Error - 07/01/2014 13.50.17 | Computer Name = PC-LORENZO | Source = LMS | ID = 2
Description =

Error - 07/01/2014 15.20.52 | Computer Name = PC-LORENZO | Source = Windows Search Service Profile Notification | ID = 6
Description =

Error - 08/01/2014 05.21.02 | Computer Name = PC-LORENZO | Source = Application Hang | ID = 1002
Description = Il programma Illustrator.exe versione 16.0.0.682 non interagisce piů
con Windows ed č stato chiuso. Per vedere se sono disponibili ulteriori informazioni
sul problema, verificare la cronologia del problema in Centro operativo nel Pannello
di controllo. ID processo: 1664 Ora di avvio: 01cf0c529ae668be Ora di chiusura: 40

Percorso
applicazione: C:\Program Files\Adobe\Adobe Illustrator CS6 (64 Bit)\Support Files\Contents\Windows\Illustrator.exe

ID
segnalazione: 28392ad9-7846-11e3-818f-689423c52362 Nome completo pacchetto che ha
generato l'errore: ID applicazione relativo al pacchetto che ha generato l'errore:


Error - 08/01/2014 06.57.13 | Computer Name = PC-LORENZO | Source = Application Error | ID = 1000
Description = Nome dell'applicazione che ha generato l'errore: Explorer.EXE, versione:
6.3.9600.16441, timestamp: 0x5265dec8 Nome del modulo che ha generato l'errore:
Windows.UI.Xaml.dll, versione: 6.3.9600.16456, timestamp: 0x52791760 Codice eccezione:
0xc000027b Offset errore 0x0000000000a4f17a ID processo che ha generato l'errore:
0x8dc Ora di avvio dell'applicazione che ha generato l'errore: 0x01cf0c37b93e70c5
Percorso
dell'applicazione che ha generato l'errore: C:\WINDOWS\Explorer.EXE Percorso del
modulo che ha generato l'errore: C:\Windows\System32\Windows.UI.Xaml.dll ID segnalazione:
a0e2727f-7853-11e3-818f-689423c52362 Nome completo pacchetto che ha generato l'errore:
ID applicazione relativo al pacchetto che ha generato l'errore:

Error - 08/01/2014 09.14.31 | Computer Name = PC-LORENZO | Source = Application Error | ID = 1000
Description = Nome dell'applicazione che ha generato l'errore: explorer.exe, versione:
6.3.9600.16441, timestamp: 0x5265dec8 Nome del modulo che ha generato l'errore:
Windows.UI.Xaml.dll, versione: 6.3.9600.16456, timestamp: 0x52791760 Codice eccezione:
0xc000027b Offset errore 0x0000000000a4f17a ID processo che ha generato l'errore:
0x13a4 Ora di avvio dell'applicazione che ha generato l'errore: 0x01cf0c607c30fccd
Percorso
dell'applicazione che ha generato l'errore: C:\WINDOWS\explorer.exe Percorso del
modulo che ha generato l'errore: C:\Windows\System32\Windows.UI.Xaml.dll ID segnalazione:
cea9781c-7866-11e3-818f-689423c52362 Nome completo pacchetto che ha generato l'errore:
ID applicazione relativo al pacchetto che ha generato l'errore:

Error - 08/01/2014 09.53.31 | Computer Name = PC-LORENZO | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Attivazione dell'app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1
non riuscita con errore: -2144927141 Per ulteriori informazioni, consulta il registro
Microsoft-Windows-TWinUI/Operativo.

[ System Events ]
Error - 19/01/2014 05.00.01 | Computer Name = PC-LORENZO | Source = DCOM | ID = 10016
Description =

Error - 19/01/2014 13.20.01 | Computer Name = PC-LORENZO | Source = disk | ID = 262155
Description = Il driver ha rilevato un errore del controller su \Device\Harddisk1\DR1.

Error - 19/01/2014 14.21.47 | Computer Name = PC-LORENZO | Source = disk | ID = 262155
Description = Il driver ha rilevato un errore del controller su \Device\Harddisk1\DR1.

Error - 20/01/2014 05.00.01 | Computer Name = PC-LORENZO | Source = DCOM | ID = 10016
Description =

Error - 20/01/2014 09.49.17 | Computer Name = PC-LORENZO | Source = disk | ID = 262155
Description = Il driver ha rilevato un errore del controller su \Device\Harddisk1\DR2.

Error - 20/01/2014 10.05.07 | Computer Name = PC-LORENZO | Source = volsnap | ID = 393252
Description = Le copie shadow del volume C: sono state interrotte. Impossibile espandere
l'archivio delle copie shadow a causa di un limite imposto da un utente.

Error - 20/01/2014 16.55.23 | Computer Name = PC-LORENZO | Source = disk | ID = 262155
Description = Il driver ha rilevato un errore del controller su \Device\Harddisk1\DR5.

Error - 21/01/2014 05.00.01 | Computer Name = PC-LORENZO | Source = DCOM | ID = 10016
Description =

Error - 21/01/2014 13.16.03 | Computer Name = PC-LORENZO | Source = disk | ID = 262155
Description = Il driver ha rilevato un errore del controller su \Device\Harddisk1\DR1.

Error - 22/01/2014 05.39.39 | Computer Name = PC-LORENZO | Source = DCOM | ID = 10016
Description =


< End of report >
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP