
pulizia da virus

Come rimuovere virus e spyware? Le carte di credito sono davvero sicure in rete? È possibile navigare anonimi? Con quali programmi tutelare la propria privacy? Come proteggere i file importanti? Se volete una risposta a queste e altre domande questo è il luogo giusto!

Moderatori: m.paolo, kadosh, Luke57

pulizia da virus

Postdi maci » 19/02/14 21:48

quakche gg fa ho preso un virus che mi ha bloccato tutto io ho formattato il pc che e' tornato a vista avevo l'aggiornamento a 7 ora ho reistallato 7, ho ritrovato dei file ma mene mancano ancora ,ma la cosa che mi serve piu' urgente e' pulire molto bene il pc. avira mi dice che ci sono dei virus e malwer bittes mi dice che ce pieno di poput adesso malwere bittes lo ho tolto continuava a raffica a darmi messaggi di poput ,poi ho una un browser che mi rompe con l'ingresso in internet non mi lascia usare IE,spero che qualcuno abbia la pazienza di aiutarmi non sono molto pratico quindi chiedo molta chiarezza nei vari passaggi,grazie PACE E BENE.
Utente Junior
Post: 77
Iscritto il: 14/01/14 11:00


Re: pulizia da virus

Postdi shel » 19/02/14 22:40

ciao maci dovresti allegare i log delle scansioni che hai fatto, poi fai abche questa scansione

scarica OTL
Metti la spunta su SCAN ALL USERS.
Sotto output spunta minimal output
Clicca sulla freccettina di File Age e seleziona 60 Days
Metti la spunta a LOP Check and Purity Check.
A fine scansione OTL produrrà due file di log (OTL.txt ed Extras.txt)
Postali nel forum
Utente Senior
Post: 1326
Iscritto il: 29/08/08 21:56

Re: pulizia da virus

Postdi maci » 20/02/14 08:38

hai fatto aprire ora ti allego il report abbi tComboFix 14-02-19.01 - colors 19/02/2014 17:55:15.1.2 - x86
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.39.1040.18.2009.1048 [GMT 1:00]
Eseguito da: c:\users\colors\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RJ7TKW1D\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lldccefpmmdbpfinbkekhfeeolblkekp
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lldccefpmmdbpfinbkekhfeeolblkekp\2.1\background.html
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lldccefpmmdbpfinbkekhfeeolblkekp\2.1\content.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lldccefpmmdbpfinbkekhfeeolblkekp\2.1\DisVUn.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lldccefpmmdbpfinbkekhfeeolblkekp\2.1\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lldccefpmmdbpfinbkekhfeeolblkekp\2.1\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfgpnapbkhgghccokiecnilpoedcigco
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfgpnapbkhgghccokiecnilpoedcigco\2.1\background.html
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfgpnapbkhgghccokiecnilpoedcigco\2.1\content.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfgpnapbkhgghccokiecnilpoedcigco\2.1\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfgpnapbkhgghccokiecnilpoedcigco\2.1\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfgpnapbkhgghccokiecnilpoedcigco\2.1\n6P.js
c:\users\colors\AppData\Local\Microsoft\Windows\Temporary Internet Files\crimsolite_iels
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\lldccefpmmdbpfinbkekhfeeolblkekp
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\lldccefpmmdbpfinbkekhfeeolblkekp\2.1\background.html
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\lldccefpmmdbpfinbkekhfeeolblkekp\2.1\content.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\lldccefpmmdbpfinbkekhfeeolblkekp\2.1\DisVUn.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\lldccefpmmdbpfinbkekhfeeolblkekp\2.1\lsdb.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\lldccefpmmdbpfinbkekhfeeolblkekp\2.1\manifest.json
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfgpnapbkhgghccokiecnilpoedcigco
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfgpnapbkhgghccokiecnilpoedcigco\2.1\background.html
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfgpnapbkhgghccokiecnilpoedcigco\2.1\content.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfgpnapbkhgghccokiecnilpoedcigco\2.1\lsdb.js
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfgpnapbkhgghccokiecnilpoedcigco\2.1\manifest.json
c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfgpnapbkhgghccokiecnilpoedcigco\2.1\n6P.js
((((((((((((((((((((((((((((((((((((((( Driver/Servizi )))))))))))))))))))))))))))))))))))))))))))))))))
((((((((((((((((((((((((( Files Creati Da 2014-01-19 al 2014-02-19 )))))))))))))))))))))))))))))))))))
2014-02-19 14:02 . 2014-02-19 14:02 -------- d-----w- c:\programdata\Malwarebytes
2014-02-19 12:07 . 2014-02-19 12:07 -------- d-----w- c:\programdata\APN
2014-02-19 11:19 . 2014-02-19 11:19 -------- d-----w- c:\program files\Microsoft.NET
2014-02-19 11:18 . 2014-02-19 11:37 -------- d-----w- c:\programdata\Package Cache
2014-02-19 11:17 . 2014-02-19 11:17 -------- d-----w- c:\program files\SoftwareUpdater
2014-02-19 10:52 . 2014-02-19 10:53 -------- d-----w- c:\program files\Google
2014-02-19 10:36 . 2014-02-19 10:36 -------- d-----w- c:\windows\system32\wbem\en-US
2014-02-19 10:36 . 2014-02-19 10:36 -------- d-----w- c:\windows\system32\Wat
2014-02-19 08:07 . 2012-12-16 14:25 295424 ----a-w- c:\windows\system32\atmfd.dll
2014-02-19 08:07 . 2012-12-16 14:25 34304 ----a-w- c:\windows\system32\atmlib.dll
2014-02-19 08:04 . 2009-09-10 05:52 257024 ----a-w- c:\windows\system32\msv1_0.dll
2014-02-19 07:54 . 2009-11-25 11:47 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2014-02-19 07:54 . 2009-11-25 11:47 49472 ----a-w- c:\windows\system32\netfxperf.dll
2014-02-19 07:54 . 2009-11-25 11:47 297808 ----a-w- c:\windows\system32\mscoree.dll
2014-02-19 07:54 . 2009-11-25 11:47 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2014-02-19 07:54 . 2009-11-25 11:47 1130824 ----a-w- c:\windows\system32\dfshim.dll
2014-02-19 07:23 . 2014-02-19 07:25 -------- d-----w- c:\windows\system32\MRT
2014-02-19 07:22 . 2012-07-26 03:39 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2014-02-19 07:22 . 2012-07-26 03:39 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2014-02-19 07:22 . 2012-07-26 02:46 9728 ----a-w- c:\windows\system32\Wdfres.dll
2014-02-19 07:21 . 2012-07-26 03:21 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2014-02-19 07:21 . 2012-07-26 03:20 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2014-02-19 07:21 . 2012-07-26 03:20 613888 ----a-w- c:\windows\system32\WUDFx.dll
2014-02-19 07:21 . 2012-07-26 03:20 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2014-02-19 07:21 . 2012-07-26 03:20 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2014-02-19 07:21 . 2012-07-26 02:33 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2014-02-19 07:21 . 2012-07-26 02:32 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2014-02-19 07:19 . 2012-03-01 05:53 19312 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2014-02-19 07:19 . 2012-03-01 05:45 158720 ----a-w- c:\windows\system32\imagehlp.dll
2014-02-19 07:19 . 2012-03-01 05:40 5120 ----a-w- c:\windows\system32\wmi.dll
2014-02-19 07:16 . 2010-02-11 07:10 293376 ----a-w- c:\windows\system32\browserchoice.exe
2014-02-19 07:11 . 2010-03-04 04:04 146304 ----a-w- c:\windows\system32\drivers\usbvideo.sys
2014-02-19 07:11 . 2010-03-04 03:57 190976 ----a-w- c:\windows\system32\drivers\ks.sys
2014-02-19 07:10 . 2010-09-14 06:07 276992 ----a-w- c:\windows\system32\wcncsvc.dll
2014-02-19 07:08 . 2010-10-16 04:34 573440 ----a-w- c:\windows\system32\odbc32.dll
2014-02-19 07:08 . 2010-10-16 04:33 372736 ----a-w- c:\program files\Common Files\System\ado\msadox.dll
2014-02-19 07:08 . 2010-10-16 04:33 352256 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll
2014-02-19 07:08 . 2010-10-16 04:33 208896 ----a-w- c:\program files\Common Files\System\msadc\msadco.dll
2014-02-19 07:08 . 2010-06-19 06:23 37376 ----a-w- c:\windows\system32\rtutils.dll
2014-02-19 07:06 . 2013-02-12 15:13 2691072 ----a-w- c:\windows\system32\mstscax.dll
2014-02-19 07:05 . 2010-11-02 04:41 351232 ----a-w- c:\windows\system32\wmicmiplugin.dll
2014-02-19 07:01 . 2011-11-17 05:39 314368 ----a-w- c:\windows\system32\webio.dll
2014-02-19 07:01 . 2011-11-17 05:39 99840 ----a-w- c:\windows\system32\sspicli.dll
2014-02-19 07:01 . 2011-11-17 05:39 15360 ----a-w- c:\windows\system32\sspisrv.dll
2014-02-19 07:01 . 2011-11-17 05:39 22016 ----a-w- c:\windows\system32\secur32.dll
2014-02-19 07:01 . 2011-11-17 05:38 1037312 ----a-w- c:\windows\system32\lsasrv.dll
2014-02-19 07:01 . 2011-11-17 05:36 22528 ----a-w- c:\windows\system32\lsass.exe
2014-02-19 07:00 . 2012-03-03 05:40 1074176 ----a-w- c:\windows\system32\DWrite.dll
2014-02-19 07:00 . 2012-03-03 05:40 1170944 ----a-w- c:\windows\system32\d3d10warp.dll
2014-02-19 07:00 . 2012-03-03 05:40 739840 ----a-w- c:\windows\system32\d2d1.dll
2014-02-19 07:00 . 2012-03-03 05:40 218624 ----a-w- c:\windows\system32\d3d10_1core.dll
2014-02-19 07:00 . 2012-03-03 05:40 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2014-02-19 06:58 . 2010-11-02 04:36 801792 ----a-w- c:\windows\system32\FntCache.dll
2014-02-19 06:58 . 2010-05-23 10:11 3181568 ----a-w- c:\windows\system32\mf.dll
2014-02-19 06:58 . 2010-11-02 04:41 135168 ----a-w- c:\windows\system32\XpsRasterService.dll
2014-02-19 06:58 . 2010-06-26 05:14 1495040 ----a-w- c:\windows\system32\ExplorerFrame.dll
2014-02-19 06:58 . 2010-05-23 10:15 1619456 ----a-w- c:\windows\system32\WMVDECOD.DLL
2014-02-19 06:58 . 2010-05-23 10:11 196608 ----a-w- c:\windows\system32\mfreadwrite.dll
2014-02-19 06:58 . 2011-02-23 05:05 69632 ----a-w- c:\windows\system32\drivers\bowser.sys
2014-02-19 06:56 . 2012-11-20 05:10 219136 ----a-w- c:\windows\system32\ncrypt.dll
2014-02-19 06:55 . 2012-01-04 09:03 442880 ----a-w- c:\windows\system32\ntshrui.dll
2014-02-19 06:55 . 2010-12-21 05:38 73728 ----a-w- c:\windows\system32\wscsvc.dll
2014-02-19 06:55 . 2010-12-21 05:38 51200 ----a-w- c:\windows\system32\wscapi.dll
2014-02-19 06:55 . 2010-12-21 05:38 350720 ----a-w- c:\windows\system32\winhttp.dll
2014-02-19 06:55 . 2010-12-21 05:38 204800 ----a-w- c:\windows\system32\WebClnt.dll
2014-02-19 06:55 . 2010-12-21 05:38 204288 ----a-w- c:\windows\system32\upnp.dll
2014-02-19 06:55 . 2010-12-21 05:38 14336 ----a-w- c:\windows\system32\slwga.dll
2014-02-19 06:55 . 2010-12-21 05:34 80384 ----a-w- c:\windows\system32\davclnt.dll
2014-02-19 06:55 . 2012-09-06 16:48 245616 ----a-w- c:\windows\system32\drivers\volsnap.sys
2014-02-19 06:53 . 2012-03-17 07:20 56688 ----a-w- c:\windows\system32\drivers\partmgr.sys
2014-02-19 06:53 . 2011-04-22 19:36 26496 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2014-02-18 20:14 . 2014-02-18 20:14 -------- d-----w- c:\programdata\UDL
2014-02-18 20:10 . 2014-02-18 20:10 -------- d-----w- c:\program files\Common Files\EPSON
2014-02-18 20:07 . 2014-02-18 20:13 -------- d-----w- c:\program files\Epson Software
2014-02-18 20:06 . 2012-11-12 19:41 458310 ----a-w- c:\windows\system32\ensppui.dll
2014-02-18 20:06 . 2012-11-12 19:41 458310 ----a-w- c:\windows\system32\enppui.dll
2014-02-18 20:06 . 2012-11-12 14:15 476027 ----a-w- c:\windows\system32\ensppmon.dll
2014-02-18 20:06 . 2012-11-12 14:15 476027 ----a-w- c:\windows\system32\enppmon.dll
2014-02-18 20:06 . 2012-10-22 16:19 218112 ----a-w- c:\windows\system32\enspres.dll
2014-02-18 20:06 . 2012-10-22 16:19 218112 ----a-w- c:\windows\system32\enpres.dll
2014-02-18 20:06 . 2014-02-18 20:13 -------- d--h--w- c:\program files\InstallShield Installation Information
2014-02-18 20:06 . 2014-02-18 20:06 -------- d-----w- c:\program files\EpsonNet
2014-02-18 20:06 . 2012-07-23 23:00 342016 ----a-w- c:\windows\system32\esw2ud.dll
2014-02-18 20:06 . 2011-12-11 23:00 122000 ----a-w- c:\windows\system32\escsvc.exe
2014-02-18 20:06 . 2014-02-18 20:08 -------- d-----w- c:\program files\epson
2014-02-18 20:05 . 2007-04-10 00:06 8192 ----a-w- c:\windows\system32\E_DCINST.DLL
2014-02-18 20:05 . 2011-04-19 02:03 95232 ----a-w- c:\windows\system32\E_TLBIWE.DLL
2014-02-18 20:05 . 2011-03-14 02:03 81408 ----a-w- c:\windows\system32\E_TD4BIWE.DLL
2014-02-18 20:04 . 2014-02-18 20:14 -------- d-----w- c:\programdata\EPSON
2014-02-18 19:55 . 2014-02-18 19:55 -------- d-----w- c:\program files\OpenOffice 4
2014-02-18 19:42 . 2014-02-18 19:44 -------- d-----w- c:\programdata\IePluginService
2014-02-18 19:42 . 2014-02-18 19:42 -------- d-----w- c:\program files\SupTab
2014-02-18 19:42 . 2014-02-18 19:44 -------- d-----w- c:\programdata\WPM
2014-02-18 19:41 . 2014-02-18 19:43 -------- d-----w- c:\program files\HiDefMedia
2014-02-18 19:38 . 2012-02-15 05:44 826368 ----a-w- c:\windows\system32\rdpcore.dll
2014-02-18 19:38 . 2012-02-15 04:22 24064 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2014-02-18 19:37 . 2010-01-09 06:52 132608 ----a-w- c:\windows\system32\cabview.dll
2014-02-18 19:33 . 2014-02-19 12:20 -------- d-----w- C:\Support
2014-02-18 19:33 . 2014-02-19 16:50 -------- d-----w- c:\program files\Supporter
2014-02-18 19:33 . 2014-02-18 19:57 -------- d-----w- c:\programdata\SaveClicker
2014-02-18 19:33 . 2014-02-18 19:46 -------- d-----w- c:\programdata\1adde57018183b33
2014-02-18 19:33 . 2014-02-18 19:46 -------- d-----w- c:\program files\SaveClicker
2014-02-18 19:33 . 2014-02-18 19:33 -------- d-----w- c:\users\Administrator
2014-02-18 17:02 . 2014-02-18 08:21 -------- d-----w- c:\windows\Panther
2014-02-18 16:54 . 2014-02-18 16:54 -------- d-----w- C:\Windows.old
2014-02-18 12:30 . 2014-02-18 12:30 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-02-18 12:30 . 2014-02-18 12:30 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-02-18 12:30 . 2014-02-18 12:30 -------- d-----w- c:\windows\system32\Macromed
2014-02-18 09:08 . 2014-02-17 00:32 7947048 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3535E3F6-2534-4529-8A78-78A55C673A29}\mpengine.dll
2014-02-18 09:07 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe
2014-02-18 09:07 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll
2014-02-18 09:07 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2014-02-18 09:07 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll
2014-02-18 09:07 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll
2014-02-18 09:07 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll
2014-02-18 09:07 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll
2014-02-18 09:06 . 2012-06-02 14:19 171904 ----a-w- c:\windows\system32\wuwebv.dll
2014-02-18 09:06 . 2012-06-02 14:12 33792 ----a-w- c:\windows\system32\wuapp.exe
2014-02-18 09:02 . 2014-02-18 09:02 -------- d-----w- c:\programdata\Vodafone
2014-02-18 09:02 . 2014-02-18 09:02 -------- d-----w- c:\programdata\FLEXnet
2014-02-18 09:02 . 2014-02-18 09:02 -------- d-----w- c:\program files\Vodafone
2014-02-18 09:01 . 2014-02-19 16:51 -------- d-sh--w- c:\windows\Installer
2014-02-18 08:31 . 2014-02-18 18:11 -------- d-----w- c:\programdata\WinClon
2014-02-18 08:31 . 2014-02-18 08:31 -------- d-----w- c:\programdata\SiteAdvisor
2014-02-18 08:31 . 2014-02-18 08:31 -------- d-----w- c:\programdata\McAfee
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
"EPLTarget\P0000000000000000"="c:\windows\system32\spool\DRIVERS\W32X86\3\E_TATIIWE.EXE" [2012-02-27 249440]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"MobileBroadband"="c:\program files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe" [2011-04-19 408576]
"FUFAXRCV"="c:\program files\Epson Software\FAX Utility\FUFAXRCV.exe" [2012-04-03 502912]
"FUFAXSTM"="c:\program files\Epson Software\FAX Utility\FUFAXSTM.exe" [2012-04-03 863360]
"EEventManager"="c:\program files\Epson Software\Event Manager\EEventManager.exe" [2012-04-02 1058912]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
R2 40030ae4;Supporter;c:\windows\system32\rundll32.exe [2009-07-14 44544]
R2 Update crimsolite;Update crimsolite;c:\program files\crimsolite\updatecrimsolite.exe [x]
R3 vodafone_K3805-z_cdc_acm;Vodafone K3805-z CDC-ACM driver (ZTE);c:\windows\system32\DRIVERS\vodafone_K3805-z_cdc_acm.sys [2010-09-01 67584]
R3 vodafone_K3805-z_cdc_ecm;vodafone_K3805-z_cdc_ecm;c:\windows\system32\DRIVERS\vodafone_K3805-z_cdc_ecm.sys [2010-09-01 79360]
R3 vodafone_K3805-z_cpo;Vodafone K3805-z Install;c:\windows\system32\DRIVERS\vodafone_K3805-z_cpo.sys [2010-09-01 9728]
R3 vodafone_K3805-z_dc_enum;Vodafone K3805-z DC Enumerator (ZTE);c:\windows\system32\DRIVERS\vodafone_K3805-z_dc_enum.sys [2010-09-01 61952]
R3 WatAdminSvc;Servizio Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2014-02-19 1343400]
S2 EPSON_PM_RPCV4_05;EPSON V3 Service4(05);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_JT50RP.EXE [2012-02-27 142432]
S2 EpsonScanSvc;Epson Scanner Service;c:\windows\system32\EscSvc.exe [2011-12-11 122000]
S2 VmbService;Servizio Vodafone Mobile Broadband;c:\program files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe [2011-04-19 9216]
S3 RTL8167;Driver Realtek 8167 NT;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-02-19 10:53 1211720 ----a-w- c:\program files\Google\Chrome\Application\32.0.1700.107\Installer\chrmstp.exe
Contenuto della cartella 'Scheduled Tasks'
2014-02-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-18 12:30]
2014-02-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2014-02-19 10:52]
2014-02-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2014-02-19 10:52]
------- Scansione supplementare -------
uStart Page = hxxp://
mStart Page = hxxp:// ... XX5VC95GFK
TCP: DhcpNameServer =
TCP: Interfaces\{8AB96269-4154-4286-8A24-8AC111F6F354}: NameServer =
WebBrowser-{41564952-412D-5637-4300-7A786E7484D7} - (no file)
AddRemove-S-649636217 - c:\support\couponsupport.exe
AddRemove-{5F189DF5-2D05-472B-9091-84D9848AE48B}{40030ae4} - c:\progra~1\SUPPOR~1\SUPPOR~1.DLL
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
@Denied: (2) (LocalSystem)
@Denied: (2) (LocalSystem)
@Denied: (2) (LocalSystem)
@Denied: (2) (LocalSystem)
@Denied: (2) (LocalSystem)
@Denied: (A 2) (Everyone)
@Denied: (A 2) (Everyone)
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
@Denied: (Full) (Everyone)
------------------------ Altri processi in esecuzione ------------------------
c:\program files\Windows Media Player\wmpnetwk.exe
Ora fine scansione: 2014-02-19 18:07:45 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2014-02-19 17:07
Pre-Run: 84.611.477.504 byte disponibili
Post-Run: 84.859.428.864 byte disponibili
- - End Of File - - C27DD365F559690E241FEE8DC321A048
Utente Junior
Post: 77
Iscritto il: 14/01/14 11:00

Re: pulizia da virus

Postdi maci » 20/02/14 09:01

ti mando il report in 2 volte spero di fare giusOTL logfile created on: 20/02/2014 08:42:22 - Run 1
OTL by OldTimer - Version Folder = C:\Users\colors\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

1,96 Gb Total Physical Memory | 0,97 Gb Available Physical Memory | 49,56% Memory free
3,92 Gb Paging File | 2,61 Gb Available in Paging File | 66,48% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,88 Gb Total Space | 99,29 Gb Free Space | 66,24% Space Free | Partition Type: NTFS
Drive D: | 70,00 Gb Total Space | 40,99 Gb Free Space | 58,56% Space Free | Partition Type: NTFS

Computer Name: ALFA | User Name: colors | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

========== Processes (SafeList) ==========

PRC - C:\Users\colors\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\AskPartnerNetwork\Toolbar\Toolbar.exe (APN LLC.)
PRC - C:\Program Files\AskPartnerNetwork\Toolbar\ServiceLocator.exe (APN LLC.)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION)
PRC - C:\Program Files\Epson Software\FAX Utility\FUFAXRCV.exe (SEIKO EPSON CORPORATION)
PRC - C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
PRC - C:\Windows\System32\spool\drivers\w32x86\3\E_TATIIWE.EXE (SEIKO EPSON CORPORATION)
PRC - C:\Windows\System32\escsvc.exe (Seiko Epson Corporation)
PRC - C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe (Vodafone)
PRC - C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe (Vodafone)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)

========== Modules (No Company Name) ==========

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\6f3b99ed0b791ff4d8aa52f2f0cd0bcf\ ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\fbc05b5b05dc6366b02b8e2f77d080f1\ ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\2ad23de8284d4594aa658dfb5e667d97\ ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf293040f3a93afa1ea782487acae816\ ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\20008c75bb41e2febf84d4d4aea5b4e8\ ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\9859a6e0562f64eacfb8ad76f260a2d6\ ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\3afcd5168c7a6cb02eab99d7fd71e102\ ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Design\52873358b397c328168f0a5be7f3b9ae\ ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\5cae93d923c8378370758489e5535820\ ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\ad18f93fc713db2c4b29b25116c13bd8\ ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\1e85062785e286cd9eae9c26d2c61f73\ ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\dbfe8642a8ed7b2b103ad28e0c96418a\ ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\d9a485330ec2708456134e4a9712a4ab\ ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\461d3b6b3f43e6fbe6c897d5936e17e4\ ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bc09ad2d49d8535371845cd7532f9271\ ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9e0a3b9b9f457233a335d7fba8f95419\ ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\62a0b3e4b40ec0e8c5cfaa0c8848e64a\ ()
MOD - C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.View.Taskbar.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Data\\System.Data.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\\mscorlib.resources.dll ()
MOD - C:\Windows\System32\msjetoledb40.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Transactions\\System.Transactions.dll ()

========== Services (SafeList) ==========

SRV - (Update FindRight) -- C:\Program Files\FindRight\updateFindRight.exe File not found
SRV - (Update crimsolite) -- C:\Program Files\crimsolite\updatecrimsolite.exe File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (APNMCP) -- C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe ()
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirWebService) -- C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (EpsonScanSvc) -- C:\Windows\System32\escsvc.exe (Seiko Epson Corporation)
SRV - (VmbService) -- C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe (Vodafone)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (catchme) -- C:\Users\colors\AppData\Local\Temp\catchme.sys File not found
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avnetflt) -- C:\Windows\System32\drivers\avnetflt.sys (Avira Operations GmbH & Co. KG)
DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (vodafone_K3805-z_cdc_ecm) -- C:\Windows\System32\drivers\vodafone_K3805-z_cdc_ecm.sys (Vodafone)
DRV - (vodafone_K3805-z_cdc_acm) -- C:\Windows\System32\drivers\vodafone_K3805-z_cdc_acm.sys (Vodafone)
DRV - (vodafone_K3805-z_dc_enum) -- C:\Windows\System32\drivers\vodafone_K3805-z_dc_enum.sys (Vodafone)
DRV - (vodafone_K3805-z_cpo) -- C:\Windows\System32\drivers\vodafone_K3805-z_cpo.sys (Vodafone)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = ... 163651&ir=
IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" ={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = ... VC95GFK&q={searchTerms}
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" ={searchTerms}&a=aw0202ie&cd=2XzuyEtN2Y1L1QzutD0C0E0E0EyC0B0DzzzzyEzyyC0CtB0AtN0D0Tzu0SyBzztCtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=21163651&ir=
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" ={searchTerms}&{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}: "URL" ={searchTerms}&{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-513858742-2781386515-4175486259-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-513858742-2781386515-4175486259-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\S-1-5-21-513858742-2781386515-4175486259-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-513858742-2781386515-4175486259-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\ disabled File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

========== Chrome ==========

CHR - default_search_provider: EazelBar (Enabled)
CHR - default_search_provider: search_url ={searchTerms}&id=4BFF7EA220AB452190AC645E6771FD79&oid=1
CHR - default_search_provider: suggest_url =
CHR - homepage: ... 163651&ir=
CHR - Extension: Documenti Google = C:\Users\colors\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\colors\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\colors\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Ricerca Google = C:\Users\colors\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\\
CHR - Extension: Google Wallet = C:\Users\colors\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\\
CHR - Extension: Avira SearchFree Toolbar plus Web Protection = C:\Users\colors\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcoohmdcpejoeggdnihdfhohjgdbllgm\30.1_0\
CHR - Extension: Gmail = C:\Users\colors\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2014/02/19 18:03:47 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: localhost
O2 - BHO: (OKitSpace Object) - {3543619C-D563-43f7-95EA-4DA7E1CC396A} - C:\Users\colors\AppData\Roaming\okitSpace\IE\OkitSpace.dll File not found
O2 - BHO: (Avira SearchFree Toolbar) - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll (APN LLC.)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar) - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll (APN LLC.)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
O3 - HKU\S-1-5-21-513858742-2781386515-4175486259-1000\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar) - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll (APN LLC.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [FUFAXRCV] C:\Program Files\Epson Software\FAX Utility\FUFAXRCV.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [FUFAXSTM] C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [MobileBroadband] C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe (Vodafone)
O4 - HKLM..\Run: [VNT] C:\Program Files\VNT\vntldr.exe (APN LLC.)
O4 - HKU\S-1-5-21-513858742-2781386515-4175486259-1000..\Run: [EPLTarget\P0000000000000000] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_TATIIWE.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\.DEFAULT..\RunOnce: [SPReview] C:\Windows\System32\SPReview\SPReview.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [SPReview] C:\Windows\System32\SPReview\SPReview.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-513858742-2781386515-4175486259-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-513858742-2781386515-4175486259-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ... (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer =
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{43015D11-F36F-4057-A5D8-D833613D1B9A}: DhcpNameServer =
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8AB96269-4154-4286-8A24-8AC111F6F354}: NameServer =
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\ [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 60 Days ==========

[2014/02/20 08:21:24 | 000,000,000 | ---D | C] -- C:\Users\colors\Desktop\2013 varie
[2014/02/20 08:08:36 | 000,000,000 | ---D | C] -- C:\Users\colors\Desktop\curriculum
[2014/02/19 23:23:12 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview
[2014/02/19 23:22:00 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2014/02/19 23:09:44 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014/02/19 20:05:59 | 000,692,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014/02/19 20:05:59 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2014/02/19 20:03:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2014/02/19 20:03:47 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2014/02/19 20:03:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2014/02/19 20:02:14 | 000,000,000 | ---D | C] -- C:\Users\colors\AppData\Local\Adobe
[2014/02/19 19:05:46 | 000,000,000 | ---D | C] -- C:\Users\colors\AppData\Local\AskPartnerNetwork
[2014/02/19 18:57:56 | 000,000,000 | ---D | C] -- C:\Users\colors\AppData\Local\VNT
[2014/02/19 18:57:52 | 000,000,000 | ---D | C] -- C:\Program Files\VNT
[2014/02/19 18:57:52 | 000,000,000 | ---D | C] -- C:\ProgramData\AskPartnerNetwork
[2014/02/19 18:57:51 | 000,000,000 | ---D | C] -- C:\Program Files\AskPartnerNetwork
[2014/02/19 18:57:32 | 000,000,000 | ---D | C] -- C:\Users\colors\AppData\Roaming\Avira
[2014/02/19 18:55:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2014/02/19 18:54:49 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2014/02/19 18:54:48 | 000,135,648 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys
[2014/02/19 18:54:48 | 000,090,400 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys
[2014/02/19 18:54:48 | 000,069,240 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avnetflt.sys
[2014/02/19 18:54:48 | 000,037,352 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys
[2014/02/19 18:54:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2014/02/19 18:54:47 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2014/02/19 18:44:36 | 000,000,000 | ---D | C] -- C:\OETemp
[2014/02/19 18:03:50 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2014/02/19 18:01:28 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2014/02/19 17:52:57 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2014/02/19 17:52:57 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2014/02/19 17:52:57 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2014/02/19 17:41:16 | 000,000,000 | ---D | C] -- C:\Qoobox
[2014/02/19 17:40:52 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2014/02/19 16:36:30 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\TsUsbFlt.sys
[2014/02/19 16:36:30 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
[2014/02/19 16:36:27 | 001,171,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2014/02/19 16:36:26 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2014/02/19 16:36:26 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2014/02/19 16:36:25 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2014/02/19 16:36:24 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2014/02/19 16:36:23 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2014/02/19 16:36:23 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2014/02/19 16:36:22 | 000,322,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2014/02/19 16:36:20 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizui.dll
[2014/02/19 16:36:19 | 003,207,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2014/02/19 16:36:18 | 001,334,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
[2014/02/19 16:36:18 | 000,520,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcupdate_GenuineIntel.dll
[2014/02/19 16:36:16 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2014/02/19 16:36:16 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2014/02/19 16:36:15 | 001,115,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RacEngn.dll
[2014/02/19 16:36:14 | 005,066,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuthFWSnapin.dll
[2014/02/19 16:36:12 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2014/02/19 16:36:11 | 001,828,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll
[2014/02/19 16:36:10 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2014/02/19 16:36:10 | 000,505,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2014/02/19 16:36:08 | 001,371,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmcore.dll
[2014/02/19 16:36:08 | 000,456,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spinstall.exe
[2014/02/19 16:36:08 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wer.dll
[2014/02/19 16:36:08 | 000,280,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spreview.exe
[2014/02/19 16:36:07 | 000,863,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diagperf.dll
[2014/02/19 16:36:06 | 003,367,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSAT.exe
[2014/02/19 16:36:06 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSWorkspace.dll
[2014/02/19 16:36:06 | 000,270,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsmf.dll
[2014/02/19 16:36:06 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scavengeui.dll
[2014/02/19 16:36:04 | 002,522,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dbgeng.dll
[2014/02/19 16:36:04 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2014/02/19 16:36:03 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2014/02/19 16:36:02 | 002,151,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mmcndmgr.dll
[2014/02/19 16:36:02 | 000,252,928 | ---- | C] (Microsoft) -- C:\Windows\System32\DShowRdpFilter.dll
[2014/02/19 16:36:01 | 000,732,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2fs.dll
[2014/02/19 16:36:01 | 000,049,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2014/02/19 16:36:00 | 001,792,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2014/02/19 16:36:00 | 000,974,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppobjs.dll
[2014/02/19 16:36:00 | 000,547,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2014/02/19 16:36:00 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2014/02/19 16:36:00 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcbuilder.exe
[2014/02/19 16:35:59 | 001,712,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2014/02/19 16:35:59 | 001,555,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certmgr.dll
[2014/02/19 16:35:59 | 000,508,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2014/02/19 16:35:59 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drvstore.dll
[2014/02/19 16:35:58 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppwinob.dll
[2014/02/19 16:35:58 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe
[2014/02/19 16:35:57 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfds.dll
[2014/02/19 16:35:57 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framedynos.dll
[2014/02/19 16:35:56 | 001,063,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\werconcpl.dll
[2014/02/19 16:35:56 | 000,762,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroles.dll
[2014/02/19 16:35:56 | 000,442,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2014/02/19 16:35:56 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2014/02/19 16:35:56 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncsi.dll
[2014/02/19 16:35:54 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
[2014/02/19 16:35:54 | 000,508,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2014/02/19 16:35:54 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2014/02/19 16:35:54 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2014/02/19 16:35:54 | 000,144,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basecsp.dll
[2014/02/19 16:35:53 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\evr.dll
[2014/02/19 16:35:53 | 000,335,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSATAPI.dll
[2014/02/19 16:35:52 | 002,983,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbon.dll
[2014/02/19 16:35:52 | 000,778,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlsrv32.dll
[2014/02/19 16:35:52 | 000,776,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\calc.exe
[2014/02/19 16:35:52 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vpnike.dll
[2014/02/19 16:35:51 | 000,477,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpksetup.exe
[2014/02/19 16:35:51 | 000,271,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fveapi.dll
[2014/02/19 16:35:50 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hgprint.dll
[2014/02/19 16:35:50 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prncache.dll
[2014/02/19 16:35:49 | 000,458,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2014/02/19 16:35:49 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2014/02/19 16:35:48 | 000,690,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2014/02/19 16:35:48 | 000,321,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepdu.dll
[2014/02/19 16:35:48 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scansetting.dll
[2014/02/19 16:35:48 | 000,213,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll
[2014/02/19 16:35:48 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\net1.exe
[2014/02/19 16:35:48 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll
[2014/02/19 16:35:48 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aitagent.exe
[2014/02/19 16:35:47 | 002,504,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2014/02/19 16:35:47 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlangpui.dll
[2014/02/19 16:35:47 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QSHVHOST.DLL
[2014/02/19 16:35:47 | 000,101,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2014/02/19 16:35:46 | 001,750,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll
[2014/02/19 16:35:46 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2014/02/19 16:35:45 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll
[2014/02/19 16:35:45 | 000,782,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webservices.dll
[2014/02/19 16:35:45 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netdiagfx.dll
[2014/02/19 16:35:45 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fde.dll
[2014/02/19 16:35:44 | 000,907,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdengin2.dll
[2014/02/19 16:35:44 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
[2014/02/19 16:35:44 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbGDCoInstaller.dll
[2014/02/19 16:35:42 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2ENC.DLL
[2014/02/19 16:35:42 | 000,727,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcmde.dll
[2014/02/19 16:35:42 | 000,630,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DXPTaskRingtone.dll
[2014/02/19 16:35:42 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll
[2014/02/19 16:35:42 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupcl.exe
[2014/02/19 16:35:41 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2014/02/19 16:35:40 | 001,624,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPEncEn.dll
[2014/02/19 16:35:40 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dwmredir.dll
[2014/02/19 16:35:40 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hbaapi.dll
[2014/02/19 16:35:39 | 002,217,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bootres.dll
[2014/02/19 16:35:39 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Narrator.exe
[2014/02/19 16:35:39 | 000,658,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autofmt.exe
[2014/02/19 16:35:39 | 000,196,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vaultsvc.dll
[2014/02/19 16:35:39 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2014/02/19 16:35:39 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
[2014/02/19 16:35:39 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\proquota.exe
[2014/02/19 16:35:38 | 000,679,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoconv.exe
[2014/02/19 16:35:38 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercpl.dll
[2014/02/19 16:35:38 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ipsmsnap.dll
[2014/02/19 16:35:38 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll
[2014/02/19 16:35:38 | 000,303,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msinfo32.exe
[2014/02/19 16:35:38 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
[2014/02/19 16:35:38 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapphost.dll
[2014/02/19 16:35:38 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\framedyn.dll
[2014/02/19 16:35:38 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
[2014/02/19 16:35:38 | 000,194,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\halmacpi.dll
[2014/02/19 16:35:38 | 000,194,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hal.dll
[2014/02/19 16:35:38 | 000,181,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tcpipcfg.dll
[2014/02/19 16:35:38 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe
[2014/02/19 16:35:38 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll
[2014/02/19 16:35:37 | 000,665,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayCpl.dll
[2014/02/19 16:35:37 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QAGENT.DLL
[2014/02/19 16:35:37 | 000,155,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2014/02/19 16:35:37 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netid.dll
[2014/02/19 16:35:36 | 001,227,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdc.dll
[2014/02/19 16:35:36 | 001,131,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2014/02/19 16:35:36 | 000,933,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Vault.dll
[2014/02/19 16:35:36 | 000,399,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DXP.dll
[2014/02/19 16:35:36 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\untfs.dll
[2014/02/19 16:35:36 | 000,132,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys
[2014/02/19 16:35:36 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nci.dll
[2014/02/19 16:35:35 | 001,326,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanpref.dll
[2014/02/19 16:35:35 | 001,003,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2014/02/19 16:35:34 | 001,400,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DxpTaskSync.dll
[2014/02/19 16:35:34 | 001,040,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Display.dll
[2014/02/19 16:35:34 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
[2014/02/19 16:35:34 | 000,098,816 | ---- | C] (Microsoft) -- C:\Windows\System32\Robocopy.exe
[2014/02/19 16:35:33 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\termmgr.dll
[2014/02/19 16:35:33 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\puiobj.dll
[2014/02/19 16:35:33 | 000,316,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sharemediacpl.dll
[2014/02/19 16:35:33 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2014/02/19 16:35:33 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\userinit.exe
[2014/02/19 16:35:32 | 001,188,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DiagCpl.dll
[2014/02/19 16:35:32 | 001,066,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtctm.dll
[2014/02/19 16:35:32 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\biocpl.dll
[2014/02/19 16:35:32 | 000,416,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiadefui.dll
[2014/02/19 16:35:32 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eudcedit.exe
[2014/02/19 16:35:32 | 000,233,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msconfig.exe
[2014/02/19 16:35:32 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppcomapi.dll
[2014/02/19 16:35:32 | 000,140,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\scsiport.sys
[2014/02/19 16:35:32 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logoncli.dll
[2014/02/19 16:35:32 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shsetup.dll
[2014/02/19 16:35:31 | 002,202,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SensorsCpl.dll
[2014/02/19 16:35:31 | 002,157,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\themecpl.dll
[2014/02/19 16:35:31 | 000,856,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FirewallControlPanel.dll
[2014/02/19 16:35:31 | 000,766,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpccpl.dll
[2014/02/19 16:35:31 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
[2014/02/19 16:35:31 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscmmc.dll
[2014/02/19 16:35:30 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll
[2014/02/19 16:35:30 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localsec.dll
[2014/02/19 16:35:30 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoScreensaver.scr
[2014/02/19 16:35:30 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\hgcpl.dll
[2014/02/19 16:35:30 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mprddm.dll
[2014/02/19 16:35:30 | 000,080,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2014/02/19 16:35:29 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PerfCenterCPL.dll
[2014/02/19 16:35:29 | 000,600,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\usercpl.dll
[2014/02/19 16:35:29 | 000,410,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanui.dll
[2014/02/19 16:35:29 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVolSSO.dll
[2014/02/19 16:35:29 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdsrv.dll
[2014/02/19 16:35:29 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasacct.dll
[2014/02/19 16:35:28 | 003,727,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\accessibilitycpl.dll
[2014/02/19 16:35:28 | 001,644,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcenter.dll
[2014/02/19 16:35:28 | 000,941,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mblctr.exe
[2014/02/19 16:35:28 | 000,638,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VAN.dll
[2014/02/19 16:35:28 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
[2014/02/19 16:35:28 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizeng.dll
[2014/02/19 16:35:28 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SndVol.exe
[2014/02/19 16:35:28 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\azroleui.dll
[2014/02/19 16:35:28 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wksprt.exe
[2014/02/19 16:35:28 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prntvpt.dll
[2014/02/19 16:35:28 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\w32tm.exe
[2014/02/19 16:35:27 | 000,516,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\main.cpl
[2014/02/19 16:35:27 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSAC3ENC.DLL
[2014/02/19 16:35:27 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2014/02/19 16:35:27 | 000,186,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adsldp.dll
[2014/02/19 16:35:27 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netjoin.dll
[2014/02/19 16:35:27 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fdeploy.dll
[2014/02/19 16:35:26 | 002,130,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\networkmap.dll
[2014/02/19 16:35:26 | 000,755,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sud.dll
[2014/02/19 16:35:26 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionCenter.dll
[2014/02/19 16:35:26 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mspbda.dll
[2014/02/19 16:35:26 | 000,395,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prnfldr.dll
[2014/02/19 16:35:26 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll
[2014/02/19 16:35:26 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wusa.exe
[2014/02/19 16:35:26 | 000,312,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MCEWMDRMNDBootstrap.dll
[2014/02/19 16:35:26 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OnLineIDCpl.dll
[2014/02/19 16:35:25 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysmon.ocx
[2014/02/19 16:35:25 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slui.exe
[2014/02/19 16:35:25 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iprtrmgr.dll
[2014/02/19 16:35:25 | 000,266,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MediaMetadataHandler.dll
[2014/02/19 16:35:25 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskbarcpl.dll
[2014/02/19 16:35:25 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrad.dll
[2014/02/19 16:35:25 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
[2014/02/19 16:35:24 | 000,750,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdcpl.dll
[2014/02/19 16:35:24 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl
[2014/02/19 16:35:24 | 000,577,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll
[2014/02/19 16:35:24 | 000,537,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionCenterCPL.dll
[2014/02/19 16:35:24 | 000,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shwebsvc.dll
[2014/02/19 16:35:24 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\intl.cpl
[2014/02/19 16:35:24 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\defaultlocationcpl.dll
[2014/02/19 16:35:24 | 000,205,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\efscore.dll
[2014/02/19 16:35:24 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ifsutil.dll
[2014/02/19 16:35:24 | 000,137,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\halacpi.dll
[2014/02/19 16:35:24 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\recovery.dll
[2014/02/19 16:35:24 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3cfg.dll
[2014/02/19 16:35:24 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys
[2014/02/19 16:35:24 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ftp.exe
[2014/02/19 16:35:24 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sisbkup.dll
[2014/02/19 16:35:23 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2014/02/19 16:35:23 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TabletPC.cpl
[2014/02/19 16:35:23 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DeviceCenter.dll
[2014/02/19 16:35:23 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdedit.exe
[2014/02/19 16:35:23 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\autoplay.dll
[2014/02/19 16:35:23 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppnp.dll
[2014/02/19 16:35:22 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OobeFldr.dll
[2014/02/19 16:35:22 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\blackbox.dll
[2014/02/19 16:35:22 | 000,656,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshwfp.dll
[2014/02/19 16:35:22 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\systemcpl.dll
[2014/02/19 16:35:22 | 000,297,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntprint.dll
[2014/02/19 16:35:22 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sethc.exe
[2014/02/19 16:35:22 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\recdisc.exe
[2014/02/19 16:35:22 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmartcardCredentialProvider.dll
[2014/02/19 16:35:22 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsutil.dll
[2014/02/19 16:35:22 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bcdboot.exe
[2014/02/19 16:35:22 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\
[2014/02/19 16:35:21 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpx.dll
[2014/02/19 16:35:21 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\
[2014/02/19 16:35:21 | 000,182,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpsrcwp.dll
[2014/02/19 16:35:21 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AuxiliaryDisplayServices.dll
[2014/02/19 16:35:21 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPHLPR.DLL
[2014/02/19 16:35:21 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\migisol.dll
[2014/02/19 16:35:21 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\System32\fms.dll
[2014/02/19 16:35:20 | 000,592,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll
[2014/02/19 16:35:20 | 000,586,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dfrgui.exe
[2014/02/19 16:35:20 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2014/02/19 16:35:20 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshipsec.dll
[2014/02/19 16:35:20 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3ui.dll
[2014/02/19 16:35:20 | 000,254,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsqmcons.exe
[2014/02/19 16:35:20 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ReAgent.dll
[2014/02/19 16:35:20 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wavemsp.dll
[2014/02/19 16:35:20 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\isoburn.exe
[2014/02/19 16:35:20 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2014/02/19 16:35:19 | 000,444,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wvc.dll
[2014/02/19 16:35:19 | 000,406,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wimgapi.dll
[2014/02/19 16:35:19 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sysclass.dll
[2014/02/19 16:35:19 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetup.exe
[2014/02/19 16:35:19 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzutil.exe
[2014/02/19 16:35:18 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SmiEngine.dll
[2014/02/19 16:35:18 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PkgMgr.exe
[2014/02/19 16:35:18 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qasf.dll
[2014/02/19 16:35:18 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qcap.dll
[2014/02/19 16:35:18 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\uxlib.dll
[2014/02/19 16:35:18 | 000,113,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupugc.exe
[2014/02/19 16:35:18 | 000,051,200 | ---- | C] (Twain Working Group) -- C:\Windows\twain_32.dll
[2014/02/19 16:35:17 | 000,616,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmsdk.dll
[2014/02/19 16:35:17 | 000,293,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ssText3d.scr
[2014/02/19 16:35:17 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srrstr.dll
[2014/02/19 16:35:17 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wwanconn.dll
[2014/02/19 16:35:17 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nslookup.exe
[2014/02/19 16:35:17 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2014/02/19 16:35:17 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll
[2014/02/19 16:35:16 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscp.dll
[2014/02/19 16:35:16 | 000,402,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmmgrtn.dll
[2014/02/19 16:35:16 | 000,327,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wimserv.exe
[2014/02/19 16:35:16 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskraid.exe
[2014/02/19 16:35:16 | 000,211,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DevicePairingFolder.dll
[2014/02/19 16:35:16 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\input.dll
[2014/02/19 16:35:16 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll
[2014/02/19 16:35:16 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfmon.exe
[2014/02/19 16:35:16 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\acppage.dll
[2014/02/19 16:35:15 | 000,327,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nltest.exe
[2014/02/19 16:35:15 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wito.
Utente Junior
Post: 77
Iscritto il: 14/01/14 11:00

Re: pulizia da virus

Postdi maci » 20/02/14 09:05

[2014/02/19 16:35:15 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgradeResults.exe
[2014/02/19 16:35:15 | 000,174,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ocsetapi.dll
[2014/02/19 16:35:15 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UserAccountControlSettings.dll
[2014/02/19 16:35:15 | 000,046,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NAPCRYPT.DLL
[2014/02/19 16:35:15 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vpnikeapi.dll
[2014/02/19 16:35:14 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\onexui.dll
[2014/02/19 16:35:14 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iTVData.dll
[2014/02/19 16:35:14 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll
[2014/02/19 16:35:14 | 000,198,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpdwcn.dll
[2014/02/19 16:35:14 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vdsbas.dll
[2014/02/19 16:35:14 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2014/02/19 16:35:14 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\bfsvc.exe
[2014/02/19 16:35:14 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\runonce.exe
[2014/02/19 16:35:13 | 000,507,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmdev.dll
[2014/02/19 16:35:13 | 000,242,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eapp3hst.dll
[2014/02/19 16:35:13 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFPlay.dll
[2014/02/19 16:35:13 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2014/02/19 16:35:13 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shacct.dll
[2014/02/19 16:35:13 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PnPUnattend.exe
[2014/02/19 16:35:12 | 000,878,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Bubbles.scr
[2014/02/19 16:35:12 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqlcese30.dll
[2014/02/19 16:35:12 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsadmin.exe
[2014/02/19 16:35:12 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tabcal.exe
[2014/02/19 16:35:12 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unimdmat.dll
[2014/02/19 16:35:12 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpd3d.dll
[2014/02/19 16:35:12 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsium.dll
[2014/02/19 16:35:12 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsmproxy.dll
[2014/02/19 16:35:11 | 001,160,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2014/02/19 16:35:11 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceStatus.dll
[2014/02/19 16:35:11 | 000,350,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDSp.dll
[2014/02/19 16:35:11 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mystify.scr
[2014/02/19 16:35:11 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Ribbons.scr
[2014/02/19 16:35:11 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceSyncProvider.dll
[2014/02/19 16:35:11 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\powercfg.cpl
[2014/02/19 16:35:11 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MdSched.exe
[2014/02/19 16:35:11 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QSVRMGMT.DLL
[2014/02/19 16:35:11 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\
[2014/02/19 16:35:11 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logman.exe
[2014/02/19 16:35:11 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\olethk32.dll
[2014/02/19 16:35:11 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lpremove.exe
[2014/02/19 16:35:11 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncryptui.dll
[2014/02/19 16:35:11 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\djoin.exe
[2014/02/19 16:35:11 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wwanprotdim.dll
[2014/02/19 16:35:10 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMADMOD.DLL
[2014/02/19 16:35:10 | 000,541,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSDECD.DLL
[2014/02/19 16:35:10 | 000,436,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmdrmnet.dll
[2014/02/19 16:35:10 | 000,318,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll
[2014/02/19 16:35:10 | 000,257,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsAnytimeUpgrade.exe
[2014/02/19 16:35:10 | 000,179,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ActionQueue.dll
[2014/02/19 16:35:10 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\
[2014/02/19 16:35:10 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dot3msm.dll
[2014/02/19 16:35:10 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiavideo.dll
[2014/02/19 16:35:10 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\
[2014/02/19 16:35:10 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fphc.dll
[2014/02/19 16:35:10 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mapistub.dll
[2014/02/19 16:35:10 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mapi32.dll
[2014/02/19 16:35:10 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\takeown.exe
[2014/02/19 16:35:10 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\utildll.dll
[2014/02/19 16:35:10 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
[2014/02/19 16:35:09 | 000,283,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdv.dll
[2014/02/19 16:35:09 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msnetobj.dll
[2014/02/19 16:35:09 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unattend.dll
[2014/02/19 16:35:09 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EhStorAPI.dll
[2014/02/19 16:35:09 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppinst.dll
[2014/02/19 16:35:09 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cmstp.exe
[2014/02/19 16:35:09 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\QCLIPROV.DLL
[2014/02/19 16:35:09 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cca.dll
[2014/02/19 16:35:08 | 000,739,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2014/02/19 16:35:08 | 000,182,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RelPost.exe
[2014/02/19 16:35:08 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msorcl32.dll
[2014/02/19 16:35:08 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iscsicli.exe
[2014/02/19 16:35:08 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\desk.cpl
[2014/02/19 16:35:08 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2014/02/19 16:35:08 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setupcln.dll
[2014/02/19 16:35:08 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MuiUnattend.exe
[2014/02/19 16:35:08 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vfwwdm32.dll
[2014/02/19 16:35:08 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsnmp32.dll
[2014/02/19 16:35:08 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\umb.dll
[2014/02/19 16:35:08 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WavDest.dll
[2014/02/19 16:35:08 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pdhui.dll
[2014/02/19 16:35:08 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\basesrv.dll
[2014/02/19 16:35:08 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\relog.exe
[2014/02/19 16:35:08 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PrintIsolationProxy.dll
[2014/02/19 16:35:08 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\AzSqlExt.dll
[2014/02/19 16:35:08 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiougc.exe
[2014/02/19 16:35:07 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\itircl.dll
[2014/02/19 16:35:07 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\diskpart.exe
[2014/02/19 16:35:07 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2014/02/19 16:35:07 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2014/02/19 16:35:07 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amstream.dll
[2014/02/19 16:35:07 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spbcd.dll
[2014/02/19 16:35:07 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MultiDigiMon.exe
[2014/02/19 16:35:07 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wkscli.dll
[2014/02/19 16:35:07 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netbtugc.exe
[2014/02/19 16:35:07 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nrpsrv.dll
[2014/02/19 16:35:06 | 001,027,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IMJP10.IME
[2014/02/19 16:35:06 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSTIFF.dll
[2014/02/19 16:35:06 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2014/02/19 16:35:06 | 000,278,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2014/02/19 16:35:06 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpps.dll
[2014/02/19 16:35:06 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\eappgnui.dll
[2014/02/19 16:35:06 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tlscsp.dll
[2014/02/19 16:35:06 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertPolEng.dll
[2014/02/19 16:35:06 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\findstr.exe
[2014/02/19 16:35:06 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setbcdlocale.dll
[2014/02/19 16:35:06 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\
[2014/02/19 16:35:06 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wiarpc.dll
[2014/02/19 16:35:06 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WerFaultSecure.exe
[2014/02/19 16:35:06 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ReAgentc.exe
[2014/02/19 16:35:06 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\syssetup.dll
[2014/02/19 16:35:05 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sppc.dll
[2014/02/19 16:35:05 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2014/02/19 16:35:05 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciqtz32.dll
[2014/02/19 16:35:05 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\muifontsetup.dll
[2014/02/19 16:35:04 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\manage-bde.exe
[2014/02/19 16:35:04 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\repair-bde.exe
[2014/02/19 16:35:04 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetmib1.dll
[2014/02/19 16:35:04 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\
[2014/02/19 16:35:04 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\luainstall.dll
[2014/02/19 16:35:04 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unlodctr.exe
[2014/02/19 16:35:04 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\
[2014/02/19 16:35:04 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdiasqmmodule.dll
[2014/02/19 16:35:04 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdmo.dll
[2014/02/19 16:35:04 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbrpm.sys
[2014/02/19 16:35:04 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netcfg.exe
[2014/02/19 16:35:04 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HotStartUserAgent.dll
[2014/02/19 16:35:04 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\tdi.sys
[2014/02/19 16:35:04 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdprefdrvapi.dll
[2014/02/19 16:35:04 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spopk.dll
[2014/02/19 16:35:03 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbonRes.dll
[2014/02/19 16:35:03 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcconf.dll
[2014/02/19 16:35:03 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perfts.dll
[2014/02/19 16:35:02 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RDPENCDD.dll
[2014/02/19 16:35:02 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\napdsnap.dll
[2014/02/19 16:35:02 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSMON.dll
[2014/02/19 16:35:02 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dsauth.dll
[2014/02/19 16:35:02 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\elsTrans.dll
[2014/02/19 16:35:02 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TRAPI.dll
[2014/02/19 16:35:02 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\bitsperf.dll
[2014/02/19 16:35:02 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schedcli.dll
[2014/02/19 16:35:01 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imkr80.ime
[2014/02/19 16:35:01 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsdchngr.dll
[2014/02/19 16:35:01 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sscore.dll
[2014/02/19 16:35:01 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\riched32.dll
[2014/02/19 16:35:00 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcfgex.dll
[2014/02/19 16:34:59 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshirda.dll
[2014/02/19 16:34:58 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RDPREFDD.dll
[2014/02/19 16:34:58 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD2.sys
[2014/02/19 16:34:58 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\USBCAMD.sys
[2014/02/19 16:34:58 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\C_ISCII.DLL
[2014/02/19 16:34:58 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2014/02/19 16:34:57 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2014/02/19 16:34:57 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\shunimpl.dll
[2014/02/19 16:34:57 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2014/02/19 16:34:57 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2014/02/19 16:34:56 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlsbres.dll
[2014/02/19 16:34:56 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BlbEvents.dll
[2014/02/19 16:34:56 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pifmgr.dll
[2014/02/19 16:34:56 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwizres.dll
[2014/02/19 16:34:56 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDSG.DLL
[2014/02/19 16:34:56 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kbdlk41a.dll
[2014/02/19 16:34:56 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDCZ1.DLL
[2014/02/19 16:34:56 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTUQ.DLL
[2014/02/19 16:34:56 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTUF.DLL
[2014/02/19 16:34:56 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDSF.DLL
[2014/02/19 16:34:56 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDPO.DLL
[2014/02/19 16:34:56 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDNEPR.DLL
[2014/02/19 16:34:56 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINBEN.DLL
[2014/02/19 16:34:56 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDGR1.DLL
[2014/02/19 16:34:56 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDGKL.DLL
[2014/02/19 16:34:56 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDUS.DLL
[2014/02/19 16:34:56 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDUGHR1.DLL
[2014/02/19 16:34:56 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTURME.DLL
[2014/02/19 16:34:56 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDTAJIK.DLL
[2014/02/19 16:34:56 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDMON.DLL
[2014/02/19 16:34:56 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDMAORI.DLL
[2014/02/19 16:34:56 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDLT1.DLL
[2014/02/19 16:34:56 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINTEL.DLL
[2014/02/19 16:34:56 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINTAM.DLL
[2014/02/19 16:34:56 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINORI.DLL
[2014/02/19 16:34:56 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINMAR.DLL
[2014/02/19 16:34:56 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINKAN.DLL
[2014/02/19 16:34:56 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDINHIN.DLL
[2014/02/19 16:34:56 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDBULG.DLL
[2014/02/19 16:34:56 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDBLR.DLL
[2014/02/19 16:34:56 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDBASH.DLL
[2014/02/19 16:34:56 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDGEO.DLL
[2014/02/19 16:34:42 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wdscore.dll
[2014/02/19 16:34:32 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wbemcomn.dll
[2014/02/19 16:34:25 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sqmapi.dll
[2014/02/19 16:04:39 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2014/02/19 16:02:15 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2014/02/19 16:02:15 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys
[2014/02/19 16:02:10 | 000,148,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\storport.sys
[2014/02/19 16:02:10 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fsutil.exe
[2014/02/19 15:02:54 | 000,000,000 | ---D | C] -- C:\Users\colors\AppData\Roaming\Malwarebytes
[2014/02/19 15:02:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/02/19 15:02:27 | 000,000,000 | ---D | C] -- C:\Users\colors\AppData\Local\Programs
[2014/02/19 13:07:27 | 000,000,000 | ---D | C] -- C:\ProgramData\APN
[2014/02/19 12:19:35 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2014/02/19 12:18:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2014/02/19 11:52:06 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2014/02/19 11:51:53 | 000,000,000 | ---D | C] -- C:\Users\colors\AppData\Local\Deployment
[2014/02/19 11:51:53 | 000,000,000 | ---D | C] -- C:\Users\colors\AppData\Local\Apps
[2014/02/19 11:36:07 | 000,000,000 | ---D | C] -- C:\Windows\System32\Wat
[2014/02/19 09:07:17 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2014/02/19 09:07:17 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2014/02/19 09:07:17 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2014/02/19 08:23:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\MRT
[2014/02/19 08:22:51 | 000,047,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2014/02/19 08:22:51 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wdfres.dll
[2014/02/19 08:21:44 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll
[2014/02/19 08:21:44 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll
[2014/02/19 08:21:44 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll
[2014/02/19 08:18:08 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2014/02/19 08:18:08 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2014/02/19 08:18:07 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2014/02/19 08:18:07 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2014/02/19 08:18:07 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2014/02/19 08:18:07 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2014/02/19 08:18:07 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2014/02/19 08:18:07 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2014/02/19 08:18:07 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2014/02/19 08:18:07 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2014/02/19 08:18:07 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2014/02/19 08:18:07 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2014/02/19 08:18:07 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2014/02/19 08:18:07 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2014/02/19 08:18:07 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2014/02/19 08:18:07 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2014/02/19 08:18:07 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2014/02/19 08:18:07 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2014/02/19 08:18:07 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2014/02/19 08:18:07 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2014/02/19 08:18:07 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2014/02/19 08:18:07 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2014/02/19 08:18:07 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2014/02/19 08:18:07 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2014/02/19 08:18:07 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2014/02/19 08:18:07 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2014/02/19 08:18:07 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2014/02/19 08:18:07 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2014/02/19 08:18:06 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014/02/19 08:18:06 | 001,806,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2014/02/19 08:18:06 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2014/02/19 08:18:06 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2014/02/19 08:18:06 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2014/02/19 08:18:06 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2014/02/19 08:18:06 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2014/02/19 08:18:06 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2014/02/19 08:18:06 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2014/02/19 08:16:02 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[2014/02/19 08:07:26 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2014/02/19 08:07:26 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wpc.dll
[2014/02/19 08:07:26 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\System32\
[2014/02/19 08:07:26 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\System32\
[2014/02/19 08:07:26 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\System32\
[2014/02/19 08:07:26 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\System32\
[2014/02/19 08:07:26 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\System32\
[2014/02/19 08:07:26 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\System32\
[2014/02/19 08:07:26 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\System32\
[2014/02/19 08:07:26 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\System32\
[2014/02/19 08:07:26 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\System32\
[2014/02/19 08:07:26 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\System32\
[2014/02/19 08:07:26 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\System32\
[2014/02/19 08:07:26 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\System32\
[2014/02/19 08:07:26 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\System32\
[2014/02/19 08:07:26 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\System32\
[2014/02/19 08:07:09 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdosys.dll
[2014/02/19 08:07:07 | 003,968,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2014/02/19 08:07:07 | 003,913,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2014/02/19 08:07:06 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2014/02/19 08:07:03 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2014/02/19 08:07:03 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2014/02/19 08:07:02 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2014/02/19 08:06:58 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2014/02/19 08:06:58 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2014/02/19 08:06:50 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2014/02/19 08:06:50 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2014/02/19 08:06:49 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2014/02/19 08:06:49 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll
[2014/02/19 08:06:49 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2014/02/19 08:06:49 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll
[2014/02/19 08:06:48 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll
[2014/02/19 08:06:47 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2014/02/19 08:06:47 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\
[2014/02/19 08:06:44 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2014/02/19 08:06:43 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2014/02/19 08:06:43 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2014/02/19 08:06:43 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2014/02/19 08:06:43 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2014/02/19 08:06:43 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2014/02/19 08:06:43 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2014/02/19 08:06:43 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2014/02/19 08:06:43 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2014/02/19 08:06:43 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2014/02/19 08:06:43 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2014/02/19 08:06:43 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2014/02/19 08:06:43 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2014/02/19 08:06:43 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2014/02/19 08:06:43 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/02/19 08:06:43 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2014/02/19 08:06:43 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2014/02/19 08:06:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2014/02/19 08:06:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2014/02/19 08:06:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2014/02/19 08:06:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2014/02/19 08:06:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2014/02/19 08:06:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2014/02/19 08:06:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2014/02/19 08:06:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2014/02/19 08:06:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2014/02/19 08:06:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2014/02/19 08:06:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2014/02/19 08:06:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2014/02/19 08:06:04 | 000,240,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2014/02/19 08:06:04 | 000,187,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2014/02/19 08:05:52 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
[2014/02/19 08:05:46 | 002,347,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2014/02/19 08:05:45 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browcli.dll
[2014/02/19 08:05:39 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2014/02/19 08:05:28 | 000,802,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WFS.exe
[2014/02/19 08:05:28 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSCOVER.exe
[2014/02/19 08:05:28 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2014/02/19 08:05:24 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
[2014/02/19 08:05:22 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2014/02/19 08:05:22 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\
[2014/02/19 08:05:22 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\
[2014/02/19 08:05:22 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\
[2014/02/19 08:05:22 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\
[2014/02/19 08:05:18 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys
[2014/02/19 08:05:16 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnet.dll
[2014/02/19 08:05:16 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prevhost.exe
[2014/02/19 08:05:15 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnaddr.dll
[2014/02/19 08:05:10 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2014/02/19 08:05:10 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2014/02/19 08:05:08 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll
[2014/02/19 08:05:07 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2014/02/19 08:05:05 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2014/02/19 08:05:04 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2014/02/19 08:01:10 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webio.dll
[2014/02/19 08:00:42 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2014/02/19 07:56:21 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2014/02/19 07:54:27 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2014/02/19 07:54:19 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2014/02/19 07:54:18 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2014/02/19 07:54:16 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2014/02/19 07:54:11 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcjt32.dll
[2014/02/19 07:54:11 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll
[2014/02/19 07:54:10 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbctrac.dll
[2014/02/19 07:54:10 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccu32.dll
[2014/02/19 07:54:10 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccr32.dll
[2014/02/19 07:54:08 | 000,219,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys
[2014/02/19 07:54:08 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2014/02/19 07:54:06 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\synceng.dll
[2014/02/19 07:54:05 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\poqexec.exe
[2014/02/19 07:54:02 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorekmts.dll
[2014/02/19 07:54:02 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2014/02/19 07:54:02 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdrmemptylst.exe
[2014/02/19 07:54:00 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\profprov.dll
[2014/02/19 07:53:48 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2014/02/19 07:53:48 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2014/02/19 07:53:47 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2014/02/18 21:14:05 | 000,000,000 | ---D | C] -- C:\ProgramData\UDL
[2014/02/18 21:10:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\EPSON
[2014/02/18 21:07:41 | 000,000,000 | ---D | C] -- C:\Users\colors\AppData\Roaming\Epson
[2014/02/18 21:07:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software
[2014/02/18 21:07:29 | 000,000,000 | ---D | C] -- C:\Program Files\Epson Software
[2014/02/18 21:06:56 | 000,476,027 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\ensppmon.dll
[2014/02/18 21:06:56 | 000,476,027 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\enppmon.dll
[2014/02/18 21:06:56 | 000,458,310 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\ensppui.dll
[2014/02/18 21:06:56 | 000,458,310 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\enppui.dll
[2014/02/18 21:06:56 | 000,218,112 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\enspres.dll
[2014/02/18 21:06:56 | 000,218,112 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\enpres.dll
[2014/02/18 21:06:55 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2014/02/18 21:06:55 | 000,000,000 | ---D | C] -- C:\Program Files\EpsonNet
[2014/02/18 21:06:28 | 000,342,016 | ---- | C] (Seiko Epson Corporation) -- C:\Windows\System32\esw2ud.dll
[2014/02/18 21:06:28 | 000,122,000 | ---- | C] (Seiko Epson Corporation) -- C:\Windows\System32\escsvc.exe
[2014/02/18 21:06:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
[2014/02/18 21:06:20 | 000,000,000 | ---D | C] -- C:\Program Files\epson
[2014/02/18 21:05:05 | 000,008,192 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\System32\E_DCINST.DLL
[2014/02/18 21:05:04 | 000,095,232 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\E_TLBIWE.DLL
[2014/02/18 21:05:04 | 000,081,408 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\E_TD4BIWE.DLL
[2014/02/18 21:04:57 | 000,000,000 | ---D | C] -- C:\ProgramData\EPSON
[2014/02/18 21:00:28 | 000,000,000 | ---D | C] -- C:\Users\colors\AppData\Roaming\OpenOffice
[2014/02/18 20:56:20 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.0
[2014/02/18 20:55:47 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice 4
[2014/02/18 20:42:57 | 000,000,000 | ---D | C] -- C:\Users\colors\Documents\PC Health Kit
[2014/02/18 20:42:55 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2014/02/18 20:42:22 | 000,000,000 | ---D | C] -- C:\ProgramData\IePluginService
[2014/02/18 20:42:21 | 000,000,000 | ---D | C] -- C:\Program Files\SupTab
[2014/02/18 20:42:18 | 000,000,000 | ---D | C] -- C:\ProgramData\WPM
[2014/02/18 20:41:55 | 000,000,000 | ---D | C] -- C:\Users\colors\AppData\Roaming\awesomehp
[2014/02/18 20:41:38 | 000,000,000 | ---D | C] -- C:\Program Files\HiDefMedia
[2014/02/18 20:38:05 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcore.dll
[2014/02/18 20:33:38 | 000,000,000 | ---D | C] -- C:\Support
[2014/02/18 20:33:34 | 000,000,000 | ---D | C] -- C:\Program Files\Supporter
[2014/02/18 20:33:24 | 000,000,000 | ---D | C] -- C:\Users\colors\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Lollipop
[2014/02/18 20:33:23 | 000,000,000 | ---D | C] -- C:\Users\colors\AppData\Local\Torch
[2014/02/18 20:33:23 | 000,000,000 | ---D | C] -- C:\ProgramData\SaveClicker
[2014/02/18 20:33:23 | 000,000,000 | ---D | C] -- C:\Program Files\SaveClicker
[2014/02/18 20:33:23 | 000,000,000 | ---D | C] -- C:\Users\colors\AppData\Local\Comodo
[2014/02/18 20:33:23 | 000,000,000 | ---D | C] -- C:\ProgramData\1adde57018183b33
[2014/02/18 20:33:22 | 000,000,000 | ---D | C] -- C:\Users\colors\AppData\Local\Google
[2014/02/18 18:02:37 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2014/02/18 17:54:15 | 000,000,000 | ---D | C] -- C:\Windows.old
[2014/02/18 13:30:35 | 000,000,000 | ---D | C] -- C:\Users\colors\AppData\Roaming\Macromedia
[2014/02/18 13:30:35 | 000,000,000 | ---D | C] -- C:\Users\colors\AppData\Roaming\Adobe
[2014/02/18 13:30:29 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2014/02/18 12:02:38 | 000,000,000 | ---D | C] -- C:\Users\colors\AppData\Roaming\FLEXnet
[2014/02/18 10:07:13 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2014/02/18 10:07:13 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2014/02/18 10:07:01 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2014/02/18 10:07:01 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2014/02/18 10:07:01 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
Utente Junior
Post: 77
Iscritto il: 14/01/14 11:00

Re: pulizia da virus

Postdi maci » 20/02/14 09:06

(Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2014/02/18 10:06:53 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2014/02/18 10:06:53 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2014/02/18 10:04:01 | 000,000,000 | ---D | C] -- C:\Users\colors\AppData\Roaming\Vodafone
[2014/02/18 10:02:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vodafone
[2014/02/18 10:02:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Vodafone
[2014/02/18 10:02:23 | 000,000,000 | ---D | C] -- C:\Program Files\Vodafone
[2014/02/18 10:02:23 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet
[2014/02/18 10:01:50 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2014/02/18 10:01:50 | 000,000,000 | ---D | C] -- C:\Users\colors\AppData\Local\{8314F6CC-1BDB-460C-9713-87A61A156F26}
[2014/02/18 09:38:05 | 000,000,000 | ---D | C] -- C:\Users\colors\AppData\Local\Diagnostics
[2014/02/18 09:31:50 | 000,000,000 | ---D | C] -- C:\ProgramData\WinClon
[2014/02/18 09:31:50 | 000,000,000 | ---D | C] -- C:\ProgramData\SiteAdvisor
[2014/02/18 09:31:50 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2014/02/18 09:23:27 | 000,000,000 | ---D | C] -- C:\Users\colors\AppData\Roaming\Identities
[2014/02/18 09:23:22 | 000,000,000 | R--D | C] -- C:\Users\colors\Contacts
[2014/02/18 09:21:43 | 000,000,000 | ---D | C] -- C:\Users\colors\AppData\Local\VirtualStore
[2014/02/18 09:21:40 | 000,000,000 | --SD | C] -- C:\Users\colors\AppData\Roaming\Microsoft
[2014/02/18 09:21:40 | 000,000,000 | R--D | C] -- C:\Users\colors\Videos
[2014/02/18 09:21:40 | 000,000,000 | R--D | C] -- C:\Users\colors\Saved Games
[2014/02/18 09:21:40 | 000,000,000 | R--D | C] -- C:\Users\colors\Pictures
[2014/02/18 09:21:40 | 000,000,000 | R--D | C] -- C:\Users\colors\Music
[2014/02/18 09:21:40 | 000,000,000 | R--D | C] -- C:\Users\colors\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/02/18 09:21:40 | 000,000,000 | R--D | C] -- C:\Users\colors\Links
[2014/02/18 09:21:40 | 000,000,000 | R--D | C] -- C:\Users\colors\Favorites
[2014/02/18 09:21:40 | 000,000,000 | R--D | C] -- C:\Users\colors\Downloads
[2014/02/18 09:21:40 | 000,000,000 | R--D | C] -- C:\Users\colors\Documents
[2014/02/18 09:21:40 | 000,000,000 | R--D | C] -- C:\Users\colors\Desktop
[2014/02/18 09:21:40 | 000,000,000 | R--D | C] -- C:\Users\colors\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/02/18 09:21:40 | 000,000,000 | -HSD | C] -- C:\Users\colors\Documents\Video
[2014/02/18 09:21:40 | 000,000,000 | -HSD | C] -- C:\Users\colors\AppData\Local\Temporary Internet Files
[2014/02/18 09:21:40 | 000,000,000 | -HSD | C] -- C:\Users\colors\SendTo
[2014/02/18 09:21:40 | 000,000,000 | -HSD | C] -- C:\Users\colors\Risorse di stampa
[2014/02/18 09:21:40 | 000,000,000 | -HSD | C] -- C:\Users\colors\Risorse di rete
[2014/02/18 09:21:40 | 000,000,000 | -HSD | C] -- C:\Users\colors\Recenti
[2014/02/18 09:21:40 | 000,000,000 | -HSD | C] -- C:\Users\colors\Documents\Musica
[2014/02/18 09:21:40 | 000,000,000 | -HSD | C] -- C:\Users\colors\Modelli
[2014/02/18 09:21:40 | 000,000,000 | -HSD | C] -- C:\Users\colors\Menu Avvio
[2014/02/18 09:21:40 | 000,000,000 | -HSD | C] -- C:\Users\colors\Impostazioni locali
[2014/02/18 09:21:40 | 000,000,000 | -HSD | C] -- C:\Users\colors\Documents\Immagini
[2014/02/18 09:21:40 | 000,000,000 | -HSD | C] -- C:\Users\colors\Documenti
[2014/02/18 09:21:40 | 000,000,000 | -HSD | C] -- C:\Users\colors\Dati applicazioni
[2014/02/18 09:21:40 | 000,000,000 | -HSD | C] -- C:\Users\colors\AppData\Local\Dati applicazioni
[2014/02/18 09:21:40 | 000,000,000 | -HSD | C] -- C:\Users\colors\AppData\Local\Cronologia
[2014/02/18 09:21:40 | 000,000,000 | -HSD | C] -- C:\Users\colors\Cookies
[2014/02/18 09:21:40 | 000,000,000 | -H-D | C] -- C:\Users\colors\AppData
[2014/02/18 09:21:40 | 000,000,000 | ---D | C] -- C:\Users\colors\AppData\Local\Temp
[2014/02/18 09:21:40 | 000,000,000 | ---D | C] -- C:\Users\colors\AppData\Local\Microsoft
[2014/02/18 09:21:40 | 000,000,000 | ---D | C] -- C:\Users\colors\AppData\Roaming\Media Center Programs
[2014/02/18 09:21:28 | 000,000,000 | ---D | C] -- C:\Recovery
[2014/02/18 09:21:27 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Video
[2014/02/18 09:21:27 | 000,000,000 | -HSD | C] -- C:\Programmi
[2014/02/18 09:21:27 | 000,000,000 | -HSD | C] -- C:\ProgramData\Preferiti
[2014/02/18 09:21:27 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Musica
[2014/02/18 09:21:27 | 000,000,000 | -HSD | C] -- C:\ProgramData\Modelli
[2014/02/18 09:21:27 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Avvio
[2014/02/18 09:21:27 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Immagini
[2014/02/18 09:21:27 | 000,000,000 | -HSD | C] -- C:\Program Files\File comuni
[2014/02/18 09:21:27 | 000,000,000 | -HSD | C] -- C:\ProgramData\Documenti
[2014/02/18 09:21:27 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dati applicazioni
[2014/02/18 09:06:48 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2014/02/18 09:03:25 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2014/02/07 21:11:38 | 000,000,000 | ---D | C] -- C:\Users\colors\Desktop\2013
[2014/01/20 13:36:08 | 000,000,000 | ---D | C] -- C:\Users\colors\Desktop\matrimonio maci roby

========== Files - Modified Within 60 Days ==========

[2014/02/20 08:10:00 | 000,000,978 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/02/20 07:54:18 | 000,698,570 | ---- | M] () -- C:\Windows\System32\perfh010.dat
[2014/02/20 07:54:18 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/02/20 07:54:18 | 000,127,764 | ---- | M] () -- C:\Windows\System32\perfc010.dat
[2014/02/20 07:54:18 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/02/20 07:47:09 | 000,298,128 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014/02/20 07:47:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/02/20 07:46:43 | 1579,634,688 | -HS- | M] () -- C:\hiberfil.sys
[2014/02/20 07:45:33 | 000,010,144 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/02/20 07:45:33 | 000,010,144 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/02/20 07:31:44 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msclmd.dll
[2014/02/19 23:04:39 | 000,043,267 | ---- | M] () -- C:\Users\colors\Documents\ricerca d arte di gloria.odt
[2014/02/19 20:05:59 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014/02/19 20:05:59 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2014/02/19 20:03:51 | 000,001,949 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2014/02/19 19:46:00 | 000,000,047 | ---- | M] () -- C:\Users\colors\AppData\Roaming\WB.CFG
[2014/02/19 19:29:05 | 000,000,224 | ---- | M] () -- C:\Users\colors\Desktop\Posta in arrivo - - Gmail.url
[2014/02/19 18:55:05 | 000,001,972 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2014/02/19 18:03:47 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2014/02/19 16:04:25 | 231,085,622 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2014/02/19 08:18:08 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2014/02/19 08:18:08 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2014/02/19 08:18:07 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2014/02/19 08:18:07 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2014/02/19 08:18:07 | 000,607,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2014/02/19 08:18:07 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2014/02/19 08:18:07 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2014/02/19 08:18:07 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2014/02/19 08:18:07 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2014/02/19 08:18:07 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2014/02/19 08:18:07 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2014/02/19 08:18:07 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2014/02/19 08:18:07 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2014/02/19 08:18:07 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2014/02/19 08:18:07 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2014/02/19 08:18:07 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2014/02/19 08:18:07 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2014/02/19 08:18:07 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2014/02/19 08:18:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2014/02/19 08:18:07 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2014/02/19 08:18:07 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2014/02/19 08:18:07 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2014/02/19 08:18:07 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2014/02/19 08:18:07 | 000,065,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2014/02/19 08:18:07 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2014/02/19 08:18:07 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2014/02/19 08:18:07 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2014/02/19 08:18:07 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2014/02/19 08:18:07 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2014/02/19 08:18:06 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2014/02/19 08:18:06 | 001,806,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2014/02/19 08:18:06 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2014/02/19 08:18:06 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2014/02/19 08:18:06 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2014/02/19 08:18:06 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2014/02/19 08:18:06 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2014/02/19 08:18:06 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2014/02/19 08:18:06 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2014/02/18 21:13:10 | 000,000,308 | ---- | M] () -- C:\Windows\setup.iss
[2014/02/18 20:56:20 | 000,001,098 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice 4.0.0.lnk
[2014/02/18 18:02:24 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2014/02/18 10:05:37 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_vodafone_K3805-z_cdc_acm_01009.Wdf
[2014/02/18 10:05:30 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_vodafone_K3805-z_cdc_ecm_01009.Wdf
[2014/02/18 10:02:53 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_vodafone_K3805-z_dc_enum_01009.Wdf
[2014/02/18 10:01:13 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2014/02/18 09:08:12 | 000,039,252 | ---- | M] () -- C:\Windows\System32\license.rtf

========== Files Created - No Company Name ==========

[2014/02/19 22:28:36 | 000,043,267 | ---- | C] () -- C:\Users\colors\Documents\ricerca d arte di gloria.odt
[2014/02/19 20:06:00 | 000,000,978 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/02/19 20:03:51 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2014/02/19 20:03:51 | 000,001,949 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2014/02/19 19:46:00 | 000,000,047 | ---- | C] () -- C:\Users\colors\AppData\Roaming\WB.CFG
[2014/02/19 19:29:05 | 000,000,224 | ---- | C] () -- C:\Users\colors\Desktop\Posta in arrivo - - Gmail.url
[2014/02/19 18:55:05 | 000,001,972 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2014/02/19 17:52:57 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2014/02/19 17:52:57 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2014/02/19 17:52:57 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2014/02/19 17:52:57 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2014/02/19 17:52:57 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2014/02/19 16:36:13 | 000,146,852 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2014/02/19 16:35:02 | 000,010,429 | ---- | C] () -- C:\Windows\System32\ScavengeSpace.xml
[2014/02/19 16:34:54 | 000,105,559 | ---- | C] () -- C:\Windows\System32\RacRules.xml
[2014/02/19 16:04:25 | 231,085,622 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2014/02/19 08:22:52 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2014/02/19 08:21:44 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2014/02/19 08:18:07 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2014/02/18 21:12:56 | 000,000,308 | ---- | C] () -- C:\Windows\setup.iss
[2014/02/18 20:56:20 | 000,001,098 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice 4.0.0.lnk
[2014/02/18 10:05:37 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_vodafone_K3805-z_cdc_acm_01009.Wdf
[2014/02/18 10:05:30 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_vodafone_K3805-z_cdc_ecm_01009.Wdf
[2014/02/18 10:02:53 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_vodafone_K3805-z_dc_enum_01009.Wdf
[2014/02/18 10:01:13 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2014/02/18 09:07:49 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2014/02/18 09:07:43 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2014/02/18 09:03:23 | 1579,634,688 | -HS- | C] () -- C:\hiberfil.sys
[2011/04/18 15:39:56 | 000,226,364 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4

========== ZeroAccess Check ==========

[2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini



"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2014/02/18 20:43:25 | 000,000,000 | ---D | M] -- C:\Users\colors\AppData\Roaming\awesomehp
[2014/02/20 08:07:49 | 000,000,000 | ---D | M] -- C:\Users\colors\AppData\Roaming\Epson
[2014/02/18 21:00:28 | 000,000,000 | ---D | M] -- C:\Users\colors\AppData\Roaming\OpenOffice
[2014/02/18 10:04:01 | 000,000,000 | ---D | M] -- C:\Users\colors\AppData\Roaming\Vodafone

========== Purity Check ==========

< End of report >
Utente Junior
Post: 77
Iscritto il: 14/01/14 11:00

Re: pulizia da virus

Postdi maci » 20/02/14 09:10

te lo ho mandato in 3 volte spero vada bene,ora tene mOTL Extras logfile created on: 20/02/2014 08:42:22 - Run 1
OTL by OldTimer - Version Folder = C:\Users\colors\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

1,96 Gb Total Physical Memory | 0,97 Gb Available Physical Memory | 49,56% Memory free
3,92 Gb Paging File | 2,61 Gb Available in Paging File | 66,48% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,88 Gb Total Space | 99,29 Gb Free Space | 66,24% Space Free | Partition Type: NTFS
Drive D: | 70,00 Gb Total Space | 40,99 Gb Free Space | 58,56% Space Free | Partition Type: NTFS

Computer Name: ALFA | User Name: colors | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 60 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========




"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0


"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

========== Authorized Applications List ==========



========== Vista Active Open Ports Exception List ==========

"{1141BE0D-B119-4719-A011-F39293269416}" = lport=2869 | protocol=6 | dir=in | app=system |
"{1EF283DA-A68B-4606-A9A8-F891B2AB96F0}" = rport=10243 | protocol=6 | dir=out | app=system |
"{24235853-8598-44EA-959B-4C0768D65A03}" = rport=139 | protocol=6 | dir=out | app=system |
"{25429F81-B20F-4F03-9692-A63C0E156DDA}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{273DC806-5FC4-4EC2-ABC5-CB8CBB8705FA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{37A84D68-C747-49F3-B68A-CA507FDEE5DE}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{39C9550D-2951-4C73-BF62-B6F32584EEC8}" = lport=137 | protocol=17 | dir=in | app=system |
"{48B20D4E-02D7-4DF9-AC2D-7E34DC958D45}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{4D7EED54-B05F-4F89-A623-9F5953F37843}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5779EF6B-90A5-4BB0-A20E-B3FB54C9163E}" = rport=445 | protocol=6 | dir=out | app=system |
"{5B7CE753-409C-4703-9EE3-0C825CF11708}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6EE9C8B4-6B84-45C1-9493-513CA0B4FBC2}" = rport=137 | protocol=17 | dir=out | app=system |
"{6F24ED90-FCCB-4254-B572-D7ACED452173}" = lport=445 | protocol=6 | dir=in | app=system |
"{729BF19D-FA2D-4259-B7E3-30B79EE339E8}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{7524E4EE-9646-4959-B361-66379FE0B182}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{86E9BBEF-DE3A-454F-9788-BA9B20AE9BD1}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{885FC005-17C3-4D1C-8978-5112746361F9}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9DE4325B-F7AE-49A5-8047-E00DFA97A634}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A6E4D92F-3C4E-481D-8044-260716DCDDE2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B2088288-BBE3-4AC1-92A3-AF769A07600B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{B327A11B-7FE4-45DE-9024-80E6FC858463}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{BF0D8616-785C-4BCE-AA69-D66024BFC5B5}" = lport=139 | protocol=6 | dir=in | app=system |
"{C0FF14CB-2E91-472E-8156-F701C0916152}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C43AED4E-8707-4FD1-9F5B-C30BDB224D55}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{D48EF977-11A6-4474-AD5C-1486CCFFB0ED}" = lport=10243 | protocol=6 | dir=in | app=system |
"{E4272013-BF0E-46CA-8A27-29ACD62B5E32}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E75490AB-4934-4C80-AD2A-2646D7EEA779}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{EBF12E81-98D8-4B79-B5FF-499E4DCFBBDF}" = rport=138 | protocol=17 | dir=out | app=system |
"{ECF1247E-BF68-4548-A11A-2D9A3DF62666}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EE39B204-5373-46B3-8ADA-22100A1DD4B8}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FC56BB95-DBFA-4060-A69E-D07C2259ADD3}" = lport=138 | protocol=17 | dir=in | app=system |

========== Vista Active Application Exception List ==========

"{517F4AA7-AD62-487B-B077-D54DB02B6EBB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{51F06647-D5ED-4895-B337-EDC72EABB924}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{6B0EDBD8-BF4E-4DDC-B8FE-7EE6FE9025AE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6C65B424-9896-4271-8C18-ABD6A23ACCD8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{719DCA04-E973-4E26-B38C-71A545FD7077}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{928E9CD3-8762-43CC-92DE-0B55EB5415A7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A07DE887-D1D4-4179-9D7F-5858F8BA08FF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B87D7DC6-D8C2-43E4-B921-5CF0CE304D93}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{BCA80716-B37C-44C5-B697-671DA9F1B44B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{CEBC12FC-3DCB-4D6C-9735-81B1DFDD99D8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D23400ED-A2D8-466E-8E1D-44E0DF22C726}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D70CD1C5-E579-43A4-B0E1-C14E00F4AF19}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DA654163-FDB8-4DBB-8E62-B7ADD965A180}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{DB7B1291-F1C9-42BF-87DC-724F5C4FDB00}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{DCF73DC9-409E-4492-AEAC-EBB475743C8E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E08A9FF9-2428-479B-B40F-FD7DEF2B8970}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E7F5DBD8-3482-4B69-B995-EE30720424BF}" = protocol=6 | dir=out | app=system |
"TCP Query User{71F005E6-0617-413E-9718-9A42A2C43379}C:\program files\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe |
"TCP Query User{9EF660EC-AE4C-4097-A49F-033E3AA7F412}C:\program files\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe |
"UDP Query User{5CA6B4D9-9C49-4425-8FD8-0D140910EEB3}C:\program files\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe |
"UDP Query User{60F77D68-8BB0-4279-9F97-F757BBDF75E4}C:\program files\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files\epson software\event manager\eeventmanager.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

"{02A312B5-1542-47B6-BFE9-F51358C39E86}" = Epson Easy Photo Print 2
"{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}" = Epson FAX Utility
"{32714140-CBC5-3FAF-BFC2-3A7376C3EECF}" = Microsoft .NET Framework 4 Client Profile ITA Language Pack
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E31400D-274E-4647-916C-2CACC3741799}" = EpsonNet Print
"{41564952-412D-5637-4300-A758B70C0A00}" = Avira SearchFree Toolbar
"{6C29152D-3FF9-43B2-84E4-9B35FC0BF5C2}" = Vodafone Mobile Broadband Lite
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{8F01524C-0676-4CC1-B4AE-64753C723391}" = Epson Event Manager
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{AC76BA86-7AD7-1040-7B44-AB0000000001}" = Adobe Reader XI (11.0.06) - Italiano
"{B2D55EB8-32C5-4B43-9006-9E97DECBA178}" = Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)
"{B73A5540-CC29-489E-B513-B58EEDEB3A69}" = OpenOffice 4.0.0
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX
"Avira AntiVir Desktop" = Avira Free Antivirus
"Epson Connect Guide" = Guida di Epson Connect
"EPSON PC-FAX Driver 2" = Epson PC-FAX Driver
"EPSON Scanner" = EPSON Scan
"EPSON WF-2520 Series" = EPSON WF-2520 Series Printer Uninstall
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile ITA Language Pack" = Microsoft .NET Framework 4 Client Profile - Language Pack (ITA)
"SupTab" = SupTab
"WF-2520 Series Netg" = Epson Guida di rete WF-2520 Series
"WF-2520 Series Useg" = Epson Guida utente WF-2520 Series

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 20/02/2014 02:45:09 | Computer Name = ALFA | Source = .NET Runtime Optimization Service | ID = 1107
Description =

Error - 20/02/2014 02:45:09 | Computer Name = ALFA | Source = .NET Runtime Optimization Service | ID = 1107
Description =

Error - 20/02/2014 02:45:09 | Computer Name = ALFA | Source = .NET Runtime Optimization Service | ID = 1107
Description =

Error - 20/02/2014 02:45:09 | Computer Name = ALFA | Source = .NET Runtime Optimization Service | ID = 1107
Description =

Error - 20/02/2014 02:45:10 | Computer Name = ALFA | Source = .NET Runtime Optimization Service | ID = 1107
Description =

Error - 20/02/2014 02:45:10 | Computer Name = ALFA | Source = .NET Runtime Optimization Service | ID = 1107
Description =

Error - 20/02/2014 02:45:10 | Computer Name = ALFA | Source = .NET Runtime Optimization Service | ID = 1107
Description =

Error - 20/02/2014 02:45:10 | Computer Name = ALFA | Source = .NET Runtime Optimization Service | ID = 1107
Description =

Error - 20/02/2014 02:47:48 | Computer Name = ALFA | Source = VmbService | ID = 0
Description = conflictManagerTypeValue

Error - 20/02/2014 02:59:26 | Computer Name = ALFA | Source = ESENT | ID = 215
Description = WinMail (1268) WindowsMail0: Il backup è stato interrotto. L'operazione
è stata interrotta dal client o la connessione al client non è riuscita.

[ System Events ]
Error - 20/02/2014 02:45:05 | Computer Name = ALFA | Source = WMPNetworkSvc | ID = 866321
Description =

Error - 20/02/2014 02:45:05 | Computer Name = ALFA | Source = WMPNetworkSvc | ID = 866317
Description =

Error - 20/02/2014 02:45:05 | Computer Name = ALFA | Source = WMPNetworkSvc | ID = 866321
Description =

Error - 20/02/2014 02:45:05 | Computer Name = ALFA | Source = WMPNetworkSvc | ID = 866317
Description =

Error - 20/02/2014 02:45:07 | Computer Name = ALFA | Source = DCOM | ID = 10010
Description =

Error - 20/02/2014 02:45:07 | Computer Name = ALFA | Source = Microsoft-Windows-LanguagePackSetup | ID = 1000
Description = Inizializzazione del client CBS non riuscita. Ultimo errore: 0x80080005

Error - 20/02/2014 02:47:42 | Computer Name = ALFA | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 millisecondi) durante l'attesa della connessione del
servizio Supporter.

Error - 20/02/2014 02:47:42 | Computer Name = ALFA | Source = Service Control Manager | ID = 7000
Description = Il servizio Update crimsolite non è stato avviato per il seguente
errore: %%2

Error - 20/02/2014 02:47:42 | Computer Name = ALFA | Source = Service Control Manager | ID = 7000
Description = Il servizio Update FindRight non è stato avviato per il seguente errore:

Error - 20/02/2014 03:00:49 | Computer Name = ALFA | Source = DCOM | ID = 10000
Description =

< End of report >
ando un altro di report che ho trovato di OTL.
Utente Junior
Post: 77
Iscritto il: 14/01/14 11:00

Re: pulizia da virus

Postdi shel » 20/02/14 10:35

per ora fai questo

apri otl e copia questo codice nel box bianco

Codice: Seleziona tutto
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = ... 163651&ir=
IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = ... VC95GFK&q={searchTerms}
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" ={searchTerms}&a=aw0202ie&cd=2XzuyEtN2Y1L1QzutD0C0E0E0EyC0B0DzzzzyEzyyC0CtB0AtN0D0Tzu0SyBzztCtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=21163651&ir=
CHR - default_search_provider: search_url ={searchTerms}&id=4BFF7EA220AB452190AC645E6771FD79&oid=1
CHR - homepage: ... 163651&ir=
[2014/02/18 20:33:23 | 000,000,000 | ---D | C] -- C:\ProgramData\SaveClicker
[2014/02/18 20:33:23 | 000,000,000 | ---D | C] -- C:\Program Files\SaveClicker
[2014/02/18 20:43:25 | 000,000,000 | ---D | M] -- C:\Users\colors\AppData\Roaming\awesomehp

ipconfig /flushdns /c


premi run fix e allega il log

Scarica Adwcleaner sul desktop: ... adwcleaner
Chiudi tutti i browser (è importante che siano chiusi: IE,Firefox, Chrome ecc...)
Clicca sul pulsante "Scan".
Finita la scansione clicca su "Clean"
Conferma con OK le varie finestre che ti compariranno.
Il pc si riavvierà, e uscirà il log con le eliminazioni.
Postalo qui.
Utente Senior
Post: 1326
Iscritto il: 29/08/08 21:56

Re: pulizia da virus

Postdi maci » 20/02/14 10:56

All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}\ not found.
Use Chrome's Settings page to remove the default_search_provider items.
Use Chrome's Settings page to change the HomePage.
C:\ProgramData\SaveClicker folder moved successfully.
C:\Program Files\SaveClicker folder moved successfully.
C:\Users\colors\AppData\Roaming\awesomehp\log folder moved successfully.
C:\Users\colors\AppData\Roaming\awesomehp folder moved successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Configurazione IP di Windows
Cache del resolver DNS svuotata.
C:\Users\colors\Downloads\cmd.bat deleted successfully.
C:\Users\colors\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========


User: Administrator
->Temp folder emptied: 0 bytes

User: All Users

User: colors
->Temp folder emptied: 3160207 bytes
->Temporary Internet Files folder emptied: 4685961 bytes
->Google Chrome cache emptied: 18454756 bytes
->Flash cache emptied: 612 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 53651220 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 22985331 bytes
RecycleBin emptied: 943402 bytes

Total Files Cleaned = 99,00 mb

File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.
Error: Unble to create default HOSTS file!

OTL by OldTimer - Version log created on 02202014_104804

Files\Folders moved on Reboot...
C:\Users\colors\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U1UQQD8B\ads[1].htm moved successfully.
C:\Users\colors\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\U1UQQD8B\medium[1].css moved successfully.
C:\Users\colors\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\M05ZFW8X\large[1].css moved successfully.
C:\Users\colors\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\M05ZFW8X\normal[1].css moved successfully.
C:\Users\colors\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\M05ZFW8X\viewtopic[1].htm moved successfully.
C:\Users\colors\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\M05ZFW8X\xd_arbiter[1].htm moved successfully.
C:\Users\colors\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\M05ZFW8X\zrt_lookup[1].htm moved successfully.
C:\Users\colors\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2OCZZMYA\xd_arbiter[1].htm moved successfully.
C:\Users\colors\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\ED8654D5-B9F0-4DD9-B3E8-F8F560086FDF.dat moved successfully.
C:\Users\colors\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
Utente Junior
Post: 77
Iscritto il: 14/01/14 11:00

Re: pulizia da virus

Postdi maci » 20/02/14 11:06

# AdwCleaner v3.019 - Report created 20/02/2014 at 11:01:45
# Updated 17/02/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : colors - ALFA
# Running from : C:\Users\colors\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VVS5340J\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\IePluginService
Folder Deleted : C:\ProgramData\WPM
Folder Deleted : C:\Program Files\SupTab
Folder Deleted : C:\Users\colors\AppData\Local\torch
Folder Deleted : C:\Users\colors\AppData\LocalLow\Mysearchdial
Folder Deleted : C:\Users\colors\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Lollipop
Folder Deleted : C:\Users\colors\Documents\PC Health Kit

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Users\colors\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\colors\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk

***** [ Registry ] *****

Key Deleted : HKCU\Software\Classes\Applications\lollipop.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftwareUpdater_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftwareUpdater_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasmancs
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3543619C-D563-43F7-95EA-4DA7E1CC396A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3543619C-D563-43F7-95EA-4DA7E1CC396A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3543619C-D563-43F7-95EA-4DA7E1CC396A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3543619C-D563-43F7-95EA-4DA7E1CC396A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Deleted : HKCU\Software\FLEXnet
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\lollipop
Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\Software\SoftwareUpdater
Key Deleted : HKLM\Software\supTab
Key Deleted : HKLM\Software\supWPM
Key Deleted : HKLM\Software\Vittalia
Key Deleted : HKLM\Software\Wpm
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\supTab

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16533

Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]

-\\ Google Chrome v

[ File : C:\Users\colors\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : icon_url
Deleted : search_url
Deleted : homepage


AdwCleaner[R0].txt - [4093 octets] - [20/02/2014 10:59:38]
AdwCleaner[S0].txt - [3805 octets] - [20/02/2014 11:01:45]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3865 octets] ##########
Utente Junior
Post: 77
Iscritto il: 14/01/14 11:00

Re: pulizia da virus

Postdi shel » 20/02/14 11:49

apri otl e clica clean UP

scarica e installa ccleaner
In fase d’installazione togli la spunta altrimenti viene installata Yahoo Tollbar.
Avvialo e clicca su:
- Opzioni Avanzate
Togli la spunta da:
- Elimina file solo se più vecchi di 48 ore
Clicca i tasti:
- Pulizia (il primo in alto a Sinistra)
- Analizza ( Pulsante in basso Centrale)
- Avvia Pulizia (Pulsante in basso a Destra)

Correzione errori File di Registro
Clicca i tasti:
- Registro (Secondo tasto in alto a Sinistra)
- Trova Problemi (Pulsante in basso Centrale)
- Ripara selezionati Pulsante in basso a Destra
- alla domanda:
- Vuoi eseguire il Backup delle modifiche del Registro”
- clicca:
- SI

Riavvia il pc e controlla se il problema permane
Utente Senior
Post: 1326
Iscritto il: 29/08/08 21:56

Re: pulizia da virus

Postdi maci » 20/02/14 12:19

ma ora OTL e Cleaner devo toglierli?
Utente Junior
Post: 77
Iscritto il: 14/01/14 11:00

Re: pulizia da virus

Postdi maci » 20/02/14 12:20

scusa ho visto ora che mi dici di scaricare cleaner ora lo faccio ed eseguo cio che mi hai detto
Utente Junior
Post: 77
Iscritto il: 14/01/14 11:00

Re: pulizia da virus

Postdi maci » 20/02/14 12:37

IE si apre regolarmente senza piu' il browser che mi rompeva,per vedere se ho virus devo provare a fare una scansione con avira?poi malwerebittes lo posso reinstallare per la pulizia dai pooput,cosa davo fare con otl e cleaner, ultima cosa riesco a recuperare le cartelle e i file che avevo prima che combinassi tutto sto casino con la formattazione tornando a windows vista da 7 ora ho rimesso 7 qualchecosa si e' recuperato con aggiornamenti dasolo se si puo vorrei recuperare il piu possibile grazie della pazienza aspetto istruzioni.PACE E BENE.
Utente Junior
Post: 77
Iscritto il: 14/01/14 11:00

Re: pulizia da virus

Postdi maci » 22/02/14 10:40

ok il pc e' pulito grazie mille per l'aiuto
Utente Junior
Post: 77
Iscritto il: 14/01/14 11:00

Torna a Sicurezza e Privacy

Topic correlati a "pulizia da virus":

Chi c’è in linea

Visitano il forum: Nessuno e 22 ospiti