Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

infected with websearch.just.info


  • This topic is locked This topic is locked
15 replies to this topic

#1 sara.cortelazzi

sara.cortelazzi

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:51 AM

Posted 01 October 2013 - 07:15 AM

Dear users,

I've been infected some months ago by websearch.just.info....

when I opne google chrome it opens 2 new windows with websearch.just.info.

My pc has gone slower and slower day by day.

I'e just formatted my pc but there's no way to solver this problem.

Can pls someone help me ?

Thanks a lot in advance

Sara



BC AdBot (Login to Remove)

 


#2 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:51 AM

Posted 01 October 2013 - 08:06 AM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 

 

 

Scan with OTL

  • Download OTL by OldTimer and save it to your desktop.
  • Double click on the OTL.exe icon on your desktop. If you are using Vista, please right-click and select run as administrator
  • Click the "Scan All Users" checkbox.


    Note: If you are using a Windows 64bit machine, please make sure the checkbox next to Include 64Bit Scans is checked. It will be checked by default.

  • Push the runscanbutton.png button.
  • It will now begin to scan, please be paitent while it scans.
  • Two reports will open once it's done.
  • Please copy and paste them in your next reply:
  • OTL.txt <-- Will be opened
  • Extras.txt <-- Will be minimized

 

 

 

 

Scan with Gmer rootkit scanner

Please download Gmer from here by clicking on the "Download EXE" Button.

  • Double click on the randomly named GMER.exe. If asked to allow gmer.sys driver to load, please consent.
  • If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.
  • In the right panel, you will see several boxes that have been checked. Uncheck the following ...
    • Sections
    • IAT/EAT
    • Show All ( should be unchecked by default )
  • Leave everything else as it is.
  • Close all other running programs as well as your Browser.
  • Click the Scan button & wait for it to finish.
  • Once done click on the Save.. button, and in the File name area, type in "ark.txt" or it will save as a .log file which cannot be uploaded to your post.
  • Save it where you can easily find it, such as your desktop.
  • Please post the content of the ark.txt here.

**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#3 sara.cortelazzi

sara.cortelazzi
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:51 AM

Posted 01 October 2013 - 08:27 AM

Dear Marius,

here are the log files:

 

OTL logfile created on: 01/10/2013 15:11:54 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Sara Cortelazzi\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy
 
5,92 Gb Total Physical Memory | 3,73 Gb Available Physical Memory | 63,02% Memory free
11,83 Gb Paging File | 9,29 Gb Available in Paging File | 78,50% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 449,41 Gb Total Space | 382,95 Gb Free Space | 85,21% Space Free | Partition Type: NTFS
 
Computer Name: SARACORTELAZZI | User Name: Sara Cortelazzi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013/10/01 15:10:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Sara Cortelazzi\Desktop\OTL.exe
PRC - [2013/09/30 13:41:17 | 000,217,992 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
PRC - [2013/09/12 04:15:01 | 000,389,528 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
PRC - [2013/09/03 15:53:50 | 001,467,768 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
PRC - [2013/09/03 06:53:50 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/06/27 16:11:08 | 020,097,696 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe
PRC - [2013/06/05 19:28:40 | 027,370,808 | ---- | M] (Dropbox, Inc.) -- C:\Users\Sara Cortelazzi\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2013/03/21 15:19:46 | 001,341,664 | ---- | M] (ESET) -- C:\Programmi\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
PRC - [2011/03/29 07:47:46 | 000,009,216 | ---- | M] (Vodafone) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
PRC - [2011/03/08 22:03:39 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2011/03/08 22:03:30 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2011/03/05 16:42:36 | 000,180,928 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2011/03/05 16:42:36 | 000,064,704 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
PRC - [2011/02/23 14:05:04 | 000,105,024 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
PRC - [2011/02/15 11:47:02 | 002,757,312 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
PRC - [2011/02/14 13:23:50 | 000,044,736 | ---- | M] (Sony Corporation) -- C:\Programmi\Sony\VAIO Care\VCService.exe
PRC - [2011/02/14 01:21:30 | 000,308,040 | ---- | M] (AuthenTec, Inc.) -- C:\Programmi\TrueSuite\x86\TrueSuite.ClientAppLogonExe.exe
PRC - [2011/01/29 05:36:18 | 000,081,016 | ---- | M] (Sony of America Corporation) -- C:\Programmi\Sony\VAIO Care\listener.exe
PRC - [2010/11/27 00:55:42 | 000,648,032 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
PRC - [2010/11/27 00:55:42 | 000,398,176 | ---- | M] (Sony Corporation) -- c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
PRC - [2010/11/05 23:54:22 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/11/05 23:54:20 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/09/30 03:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) -- c:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
PRC - [2008/01/25 12:14:26 | 000,077,824 | ---- | M] () -- C:\Program Files (x86)\SmarThru Office\LegacyLauncher.exe
PRC - [2008/01/25 12:12:34 | 000,086,016 | ---- | M] () -- C:\Program Files (x86)\SmarThru Office\BackUpSvr.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013/10/01 14:59:20 | 000,014,336 | ---- | M] () -- C:\Users\Sara Cortelazzi\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_Updater.ITA
MOD - [2013/10/01 14:59:13 | 000,099,328 | ---- | M] () -- C:\Users\Sara Cortelazzi\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_EScript.ITA
MOD - [2013/10/01 14:59:08 | 000,313,344 | ---- | M] () -- C:\Users\Sara Cortelazzi\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_DigSig.ITA
MOD - [2013/10/01 14:59:06 | 001,309,696 | ---- | M] () -- C:\Users\Sara Cortelazzi\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_AcroForm.ITA
MOD - [2013/10/01 14:58:39 | 000,022,528 | ---- | M] () -- C:\Users\Sara Cortelazzi\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_SendMail.ITA
MOD - [2013/10/01 14:58:33 | 003,048,448 | ---- | M] () -- C:\Users\Sara Cortelazzi\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_Annots.ITA
MOD - [2013/10/01 14:58:04 | 009,466,880 | ---- | M] () -- C:\Users\Sara Cortelazzi\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_rdlang32.ita
MOD - [2013/10/01 14:56:50 | 000,128,512 | ---- | M] () -- C:\Users\SARACO~1\AppData\Local\Temp\_MEI41802\_elementtree.pyd
MOD - [2013/10/01 14:56:50 | 000,098,816 | ---- | M] () -- C:\Users\SARACO~1\AppData\Local\Temp\_MEI41802\win32api.pyd
MOD - [2013/10/01 14:56:50 | 000,044,032 | ---- | M] () -- C:\Users\SARACO~1\AppData\Local\Temp\_MEI41802\_socket.pyd
MOD - [2013/10/01 14:56:49 | 000,557,056 | ---- | M] () -- C:\Users\SARACO~1\AppData\Local\Temp\_MEI41802\pysqlite2._sqlite.pyd
MOD - [2013/10/01 14:56:49 | 000,320,512 | ---- | M] () -- C:\Users\SARACO~1\AppData\Local\Temp\_MEI41802\win32com.shell.shell.pyd
MOD - [2013/10/01 14:56:49 | 000,026,624 | ---- | M] () -- C:\Users\SARACO~1\AppData\Local\Temp\_MEI41802\_multiprocessing.pyd
MOD - [2013/10/01 14:56:49 | 000,022,528 | ---- | M] () -- C:\Users\SARACO~1\AppData\Local\Temp\_MEI41802\win32ts.pyd
MOD - [2013/10/01 14:56:48 | 000,805,888 | ---- | M] () -- C:\Users\SARACO~1\AppData\Local\Temp\_MEI41802\wx._gdi_.pyd
MOD - [2013/10/01 14:56:48 | 000,070,656 | ---- | M] () -- C:\Users\SARACO~1\AppData\Local\Temp\_MEI41802\wx._html2.pyd
MOD - [2013/10/01 14:56:48 | 000,011,264 | ---- | M] () -- C:\Users\SARACO~1\AppData\Local\Temp\_MEI41802\win32crypt.pyd
MOD - [2013/10/01 14:56:47 | 000,504,832 | ---- | M] () -- C:\Users\SARACO~1\AppData\Local\Temp\_MEI41802\windows._cacheinvalidation.pyd
MOD - [2013/10/01 14:56:47 | 000,364,544 | ---- | M] () -- C:\Users\SARACO~1\AppData\Local\Temp\_MEI41802\pythoncom27.dll
MOD - [2013/10/01 14:56:47 | 000,087,040 | ---- | M] () -- C:\Users\SARACO~1\AppData\Local\Temp\_MEI41802\_ctypes.pyd
MOD - [2013/10/01 14:56:47 | 000,017,408 | ---- | M] () -- C:\Users\SARACO~1\AppData\Local\Temp\_MEI41802\win32profile.pyd
MOD - [2013/10/01 14:56:46 | 001,175,040 | ---- | M] () -- C:\Users\SARACO~1\AppData\Local\Temp\_MEI41802\wx._core_.pyd
MOD - [2013/10/01 14:56:46 | 000,735,232 | ---- | M] () -- C:\Users\SARACO~1\AppData\Local\Temp\_MEI41802\wx._misc_.pyd
MOD - [2013/10/01 14:56:46 | 000,110,080 | ---- | M] () -- C:\Users\SARACO~1\AppData\Local\Temp\_MEI41802\pywintypes27.dll
MOD - [2013/10/01 14:56:46 | 000,108,544 | ---- | M] () -- C:\Users\SARACO~1\AppData\Local\Temp\_MEI41802\win32security.pyd
MOD - [2013/10/01 14:56:45 | 001,153,024 | ---- | M] () -- C:\Users\SARACO~1\AppData\Local\Temp\_MEI41802\_ssl.pyd
MOD - [2013/10/01 14:56:45 | 000,811,008 | ---- | M] () -- C:\Users\SARACO~1\AppData\Local\Temp\_MEI41802\wx._windows_.pyd
MOD - [2013/10/01 14:56:45 | 000,711,680 | ---- | M] () -- C:\Users\SARACO~1\AppData\Local\Temp\_MEI41802\_hashlib.pyd
MOD - [2013/10/01 14:56:45 | 000,035,840 | ---- | M] () -- C:\Users\SARACO~1\AppData\Local\Temp\_MEI41802\win32process.pyd
MOD - [2013/10/01 14:56:45 | 000,025,600 | ---- | M] () -- C:\Users\SARACO~1\AppData\Local\Temp\_MEI41802\win32pdh.pyd
MOD - [2013/10/01 14:56:44 | 000,122,368 | ---- | M] () -- C:\Users\SARACO~1\AppData\Local\Temp\_MEI41802\wx._wizard.pyd
MOD - [2013/10/01 14:56:44 | 000,119,808 | ---- | M] () -- C:\Users\SARACO~1\AppData\Local\Temp\_MEI41802\win32file.pyd
MOD - [2013/10/01 14:56:43 | 001,062,400 | ---- | M] () -- C:\Users\SARACO~1\AppData\Local\Temp\_MEI41802\wx._controls_.pyd
MOD - [2013/10/01 14:56:43 | 000,686,080 | ---- | M] () -- C:\Users\SARACO~1\AppData\Local\Temp\_MEI41802\unicodedata.pyd
MOD - [2013/10/01 14:56:43 | 000,127,488 | ---- | M] () -- C:\Users\SARACO~1\AppData\Local\Temp\_MEI41802\pyexpat.pyd
MOD - [2013/10/01 14:56:43 | 000,038,912 | ---- | M] () -- C:\Users\SARACO~1\AppData\Local\Temp\_MEI41802\win32inet.pyd
MOD - [2013/10/01 14:56:43 | 000,018,432 | ---- | M] () -- C:\Users\SARACO~1\AppData\Local\Temp\_MEI41802\win32event.pyd
MOD - [2013/10/01 14:56:42 | 000,010,240 | ---- | M] () -- C:\Users\SARACO~1\AppData\Local\Temp\_MEI41802\select.pyd
MOD - [2013/09/30 12:53:14 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_it_b77a5c561934e089\mscorlib.resources.dll
MOD - [2013/09/30 12:53:12 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_it_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2013/09/30 12:04:28 | 000,475,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\678976af204af0e5d892f9e69c2df0b3\IAStorUtil.ni.dll
MOD - [2013/09/30 12:04:28 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\3956b6af532aee63d53f0c15d071b14b\IAStorCommon.ni.dll
MOD - [2013/09/12 04:14:39 | 000,022,424 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
MOD - [2013/09/12 04:14:38 | 000,158,104 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
MOD - [2013/09/12 04:14:34 | 003,007,384 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
MOD - [2013/09/03 15:54:06 | 000,055,808 | ---- | M] () -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\it_it\brdlang32.ITA
MOD - [2013/09/03 15:53:50 | 000,305,520 | ---- | M] () -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\sqlite.dll
MOD - [2013/03/13 22:48:52 | 024,978,944 | ---- | M] () -- C:\Users\Sara Cortelazzi\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2012/11/14 01:32:50 | 003,558,400 | ---- | M] () -- C:\Users\Sara Cortelazzi\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2012/07/27 22:51:34 | 006,549,432 | ---- | M] () -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\authplay.dll
MOD - [2010/11/21 05:49:13 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\5cae93d923c8378370758489e5535820\System.Runtime.Remoting.ni.dll
MOD - [2010/11/21 05:48:49 | 012,432,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\3afcd5168c7a6cb02eab99d7fd71e102\System.Windows.Forms.ni.dll
MOD - [2010/11/21 05:48:42 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\dbfe8642a8ed7b2b103ad28e0c96418a\System.Drawing.ni.dll
MOD - [2010/11/21 05:48:30 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf293040f3a93afa1ea782487acae816\WindowsBase.ni.dll
MOD - [2010/11/21 05:48:25 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\461d3b6b3f43e6fbe6c897d5936e17e4\System.Xml.ni.dll
MOD - [2010/11/21 05:48:22 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bc09ad2d49d8535371845cd7532f9271\System.Configuration.ni.dll
MOD - [2010/11/21 05:48:21 | 007,963,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9e0a3b9b9f457233a335d7fba8f95419\System.ni.dll
MOD - [2010/11/21 05:48:14 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\62a0b3e4b40ec0e8c5cfaa0c8848e64a\mscorlib.ni.dll
MOD - [2008/01/25 12:14:26 | 000,077,824 | ---- | M] () -- C:\Program Files (x86)\SmarThru Office\LegacyLauncher.exe
MOD - [2008/01/25 12:12:34 | 000,086,016 | ---- | M] () -- C:\Program Files (x86)\SmarThru Office\BackUpSvr.exe
MOD - [2008/01/25 12:03:08 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\SmarThru Office\CABFilesWrapper.dll
MOD - [2008/01/25 11:57:06 | 000,172,032 | ---- | M] () -- C:\Program Files (x86)\SmarThru Office\ConfigurationManager.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2011/04/06 10:33:13 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011/01/29 05:36:18 | 000,259,192 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe -- (SampleCollector)
SRV - [2013/09/12 04:14:25 | 000,118,680 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/09/03 06:53:50 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/03/21 15:19:46 | 001,341,664 | ---- | M] (ESET) [Auto | Running] -- C:\Programmi\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV - [2011/03/30 09:09:12 | 001,021,112 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programmi\Sony\VAIO Update 5\VUAgent.exe -- (VUAgent)
SRV - [2011/03/29 16:48:58 | 000,852,160 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programmi\Sony\VAIO Smart Network\VSNService.exe -- (VSNService)
SRV - [2011/03/29 07:47:46 | 000,009,216 | ---- | M] (Vodafone) [Auto | Running] -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe -- (VmbService)
SRV - [2011/03/08 22:03:39 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011/03/08 22:03:30 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2011/03/05 16:42:36 | 000,064,704 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2011/02/23 14:05:04 | 000,105,024 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)
SRV - [2011/02/21 12:55:08 | 000,113,824 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp)
SRV - [2011/02/21 12:55:08 | 000,067,232 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2011/02/18 22:15:06 | 000,099,104 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programmi\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper)
SRV - [2011/02/18 22:10:06 | 000,546,608 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programmi\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV - [2011/02/18 22:02:08 | 000,385,336 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programmi\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe -- (VcmINSMgr)
SRV - [2011/02/14 17:54:50 | 000,550,080 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programmi\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV - [2011/02/14 13:23:50 | 000,044,736 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programmi\Sony\VAIO Care\VCService.exe -- (VCService)
SRV - [2011/02/14 01:21:00 | 000,290,120 | ---- | M] (AuthenTec, Inc) [Auto | Running] -- C:\Programmi\TrueSuite\TrueSuite.Service.exe -- (FPLService)
SRV - [2011/01/20 12:27:18 | 000,286,936 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programmi\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe -- (SpfService)
SRV - [2011/01/20 12:16:26 | 000,887,000 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2011/01/05 13:41:38 | 001,515,792 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Programmi\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2011/01/05 13:28:50 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Programmi\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV - [2011/01/05 13:26:56 | 000,836,880 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Programmi\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2010/11/27 00:55:42 | 000,398,176 | ---- | M] (Sony Corporation) [Auto | Running] -- c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2010/11/05 23:54:22 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/09/30 03:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- c:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor9.0)
SRV - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programmi\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010/09/21 14:49:00 | 002,286,976 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programmi\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010/07/29 19:39:24 | 000,951,584 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Programmi\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2010/03/18 23:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
DRV:64bit: - [2013/02/14 12:21:04 | 000,213,416 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2013/01/10 09:25:22 | 000,139,768 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2013/01/10 09:25:20 | 000,150,616 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2011/05/11 05:29:24 | 000,438,808 | R--- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/04/06 10:33:41 | 012,273,408 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2011/04/06 10:33:16 | 009,079,808 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/04/06 10:33:16 | 000,299,520 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/04/06 10:32:55 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2011/04/06 09:41:24 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2011/04/06 09:41:23 | 000,344,616 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2011/04/06 09:41:23 | 000,135,720 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2011/04/06 09:41:23 | 000,102,952 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2011/04/06 09:41:07 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2011/03/24 08:53:02 | 000,413,696 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbnet.sys -- (ewusbnet)
DRV:64bit: - [2011/03/24 08:53:02 | 000,219,008 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2011/03/24 08:53:02 | 000,085,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV:64bit: - [2011/03/24 08:53:02 | 000,013,952 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter)
DRV:64bit: - [2011/03/24 08:53:00 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV:64bit: - [2011/03/08 22:03:28 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2011/02/24 00:03:42 | 000,181,760 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2011/02/24 00:03:42 | 000,082,432 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2011/02/18 22:16:39 | 000,329,832 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2011/01/30 03:19:52 | 000,425,064 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/01/27 12:41:18 | 000,894,240 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATSwpWDF.sys -- (ATSwpWDF)
DRV:64bit: - [2011/01/04 11:29:46 | 008,507,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2010/12/06 22:38:55 | 000,316,024 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2010/12/01 05:02:22 | 000,042,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WDKMD.sys -- (wdkmd)
DRV:64bit: - [2010/11/21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 05:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/21 05:23:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010/11/21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/21 05:23:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/04/26 22:20:29 | 000,012,032 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP)
DRV:64bit: - [2010/03/19 03:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 01:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009/06/20 04:09:57 | 001,394,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/06/10 22:35:02 | 000,281,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\e1y60x64.sys -- (e1yexpress)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/26 14:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV:64bit: - [2007/03/23 13:01:05 | 000,011,576 | R--- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\SSPORT.SYS -- (SSPORT)
DRV:64bit: - [2007/03/23 12:58:47 | 000,054,072 | R--- | M] (Samsung Electronics) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\DgivEcp.sys -- (DgiVecp)
DRV - [2013/09/30 14:29:11 | 000,056,540 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysWow64\NULL -- (Null)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-3170728469-4140063368-75880603-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.eu/vaioportal
IE - HKU\S-1-5-21-3170728469-4140063368-75880603-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-3170728469-4140063368-75880603-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3170728469-4140063368-75880603-1000\..\SearchScopes\{8A640E48-E6A5-4461-AEE5-32F1E7131E51}: "URL" = http://services.zinio.com/search?s={searchTerms}&rf=sonyslices
IE - HKU\S-1-5-21-3170728469-4140063368-75880603-1000\..\SearchScopes\{C94AF040-1A68-4B58-A033-BD7E127E3D5B}: "URL" = http://rover.ebay.com/rover/1/724-42445-16445-26/4?satitle={searchTerms}
IE - HKU\S-1-5-21-3170728469-4140063368-75880603-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3170728469-4140063368-75880603-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2013/09/30 21:05:29 | 000,000,000 | ---D | M]
 
[2013/09/30 13:50:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sara Cortelazzi\AppData\Roaming\mozilla\Extensions
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\pdf.dll
CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Adobe Acrobat (Enabled) = c:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 6 U22 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll
CHR - Extension: Documenti Google = C:\Users\Sara Cortelazzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Sara Cortelazzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Sara Cortelazzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Ricerca Google = C:\Users\Sara Cortelazzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: MightyText - Send/Receive SMS Text Messages = C:\Users\Sara Cortelazzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkfhfaphfkopdgpbfkebjfcblcafcmpi\9.8_0\
CHR - Extension: Gmail Offline = C:\Users\Sara Cortelazzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0\
CHR - Extension: Box - 5 GB di memoria gratuita = C:\Users\Sara Cortelazzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejnkaeblpdcamcioiiabclakabcbjmbl\1.1.6_0\
CHR - Extension: Dropbox = C:\Users\Sara Cortelazzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl\3.0.8_0\
CHR - Extension: Pocket Website = C:\Users\Sara Cortelazzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\jijgclgmgjipgefcnnnibgllfonlfdap\1.0.2_0\
CHR - Extension: Autodesk Homestyler = C:\Users\Sara Cortelazzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdmmkfaghgcicheaimnpffeeekheafkb\2.6_0\
CHR - Extension: Evernote Web = C:\Users\Sara Cortelazzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol\1.0.7_0\
CHR - Extension: Pocket (formerly Read It Later) = C:\Users\Sara Cortelazzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj\1.5.6_0\
CHR - Extension: Chrome In-App Payments service = C:\Users\Sara Cortelazzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
CHR - Extension: Website Logon = C:\Users\Sara Cortelazzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokdoppleiafjmfmggefbkghfblaplo\1.0_0\
CHR - Extension: Picasa = C:\Users\Sara Cortelazzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb\6.2.2_0\
CHR - Extension: Gmail = C:\Users\Sara Cortelazzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Programmi\TrueSuite\TrueSuite.IEBHO.dll (AuthenTec Inc.)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Programmi\TrueSuite\x86\TrueSuite.IEBHO.dll (AuthenTec Inc.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Apoint] C:\Programmi\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [BoxSyncHelper] C:\Program Files\Box Sync\BoxSyncHelper.exe (Box, Inc.)
O4:64bit: - HKLM..\Run: [ClientAppLogon] C:\Programmi\TrueSuite\TrueSuite.ClientAppLogonExe.exe (AuthenTec, Inc.)
O4:64bit: - HKLM..\Run: [ClientAppLogon32] C:\Programmi\TrueSuite\x86\TrueSuite.ClientAppLogonExe.exe (AuthenTec, Inc.)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [MobileBroadband] C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe (Vodafone)
O4 - HKLM..\Run: [PMBVolumeWatcher] c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [STO Backup Service] C:\Program Files (x86)\SmarThru Office\BackUpSvr.exe ()
O4 - HKLM..\Run: [STO Launcher Service] C:\Program Files (x86)\SmarThru Office\LegacyLauncher.exe ()
O4 - HKLM..\Run: [VAIO Boot Manager] C:\Program Files (x86)\Sony\VAIO Boot Manager\StartUpProcessDelayTool.exe (Sony Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3170728469-4140063368-75880603-1000..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Sara Cortelazzi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Sara Cortelazzi\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Acquisisci selezione - {A36A58CC-70D5-4462-9C90-C0E9D244B230} - C:\Program Files (x86)\SmarThru Office\WebCapture.dll ()
O9 - Extra 'Tools' menuitem : Acquisisci selezio - {A36A58CC-70D5-4462-9C90-C0E9D244B230} - C:\Program Files (x86)\SmarThru Office\WebCapture.dll ()
O9 - Extra Button: Salva testo selezionato - {A5183750-A927-4ec3-B027-C633A2D5418C} - C:\Program Files (x86)\SmarThru Office\WebCapture.dll ()
O9 - Extra 'Tools' menuitem : Salva testo selezio - {A5183750-A927-4ec3-B027-C633A2D5418C} - C:\Program Files (x86)\SmarThru Office\WebCapture.dll ()
O9 - Extra Button: Salva come HTML - {BDC4DF0E-D605-48d6-B4AF-CA5927A463EE} - C:\Program Files (x86)\SmarThru Office\WebCapture.dll ()
O9 - Extra 'Tools' menuitem : Salva come HTce - {BDC4DF0E-D605-48d6-B4AF-CA5927A463EE} - C:\Program Files (x86)\SmarThru Office\WebCapture.dll ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programmi\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programmi\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{07EA4B87-950C-46D1-9AAE-D278CA3876B8}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/09/30 15:28:40 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{03d1334e-29f9-11e3-9aac-f0bf97610f0f}\Shell - "" = AutoRun
O33 - MountPoints2\{03d1334e-29f9-11e3-9aac-f0bf97610f0f}\Shell\AutoRun\command - "" = E:\setup_vmb_lite.exe /checkApplicationPresence
O33 - MountPoints2\{b8705219-2a03-11e3-830f-f0bf97610f0f}\Shell - "" = AutoRun
O33 - MountPoints2\{b8705219-2a03-11e3-830f-f0bf97610f0f}\Shell\AutoRun\command - "" = F:\setup_vmb_lite.exe /checkApplicationPresence
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\setup_vmb_lite.exe /checkApplicationPresence
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/10/01 15:09:59 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Sara Cortelazzi\Desktop\OTL.exe
[2013/10/01 14:50:58 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/10/01 13:12:25 | 000,000,000 | ---D | C] -- C:\Users\Sara Cortelazzi\AppData\Roaming\FLEXnet
[2013/09/30 22:26:51 | 000,000,000 | ---D | C] -- C:\Users\Sara Cortelazzi\AppData\Roaming\OpenOffice
[2013/09/30 22:18:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.0
[2013/09/30 22:17:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenOffice 4
[2013/09/30 22:12:55 | 000,000,000 | ---D | C] -- C:\Users\Sara Cortelazzi\Desktop\OpenOffice 4.0.0 (it) Installation Files
[2013/09/30 21:10:57 | 000,000,000 | ---D | C] -- C:\Users\Sara Cortelazzi\AppData\Roaming\Vodafone
[2013/09/30 21:05:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2013/09/30 21:05:29 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2013/09/30 21:05:28 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2013/09/30 20:57:50 | 001,490,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wdfcoinstaller01007.dll
[2013/09/30 20:57:50 | 000,117,248 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys
[2013/09/30 20:57:50 | 000,085,504 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_jubusenum.sys
[2013/09/30 20:57:49 | 000,013,952 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_usbenumfilter.sys
[2013/09/30 20:57:48 | 000,219,008 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbmdm.sys
[2013/09/30 20:57:47 | 000,413,696 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbnet.sys
[2013/09/30 20:57:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vodafone
[2013/09/30 20:57:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Vodafone
[2013/09/30 20:56:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Vodafone
[2013/09/30 20:56:59 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet
[2013/09/30 20:56:17 | 000,000,000 | ---D | C] -- C:\Users\Sara Cortelazzi\AppData\Local\{39C0E0A2-0193-49A4-9D69-DABD740C37FE}
[2013/09/30 19:51:39 | 000,000,000 | ---D | C] -- C:\Panda Software
[2013/09/30 15:27:14 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2013/09/30 15:25:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2013/09/30 15:03:40 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2013/09/30 15:03:40 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2013/09/30 14:55:49 | 000,000,000 | ---D | C] -- C:\Windows\FltMgr
[2013/09/30 14:51:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Backup
[2013/09/30 14:50:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Panda Security
[2013/09/30 14:50:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Panda Security
[2013/09/30 14:33:13 | 000,138,776 | R--- | C] (TWAIN Working Group) -- C:\Windows\SysWow64\TWAINDSM.dll
[2013/09/30 14:32:08 | 000,000,000 | ---D | C] -- C:\Program Files\Scan Assistant
[2013/09/30 14:31:14 | 000,000,000 | ---D | C] -- C:\Users\Sara Cortelazzi\Documents\Readiris
[2013/09/30 14:31:05 | 000,000,000 | ---D | C] -- C:\Users\Sara Cortelazzi\AppData\Local\S2PC
[2013/09/30 14:29:24 | 000,000,000 | ---D | C] -- C:\Users\Sara Cortelazzi\AppData\Roaming\InstallShield
[2013/09/30 14:29:19 | 000,701,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml2.dll
[2013/09/30 14:29:19 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml4a.dll
[2013/09/30 14:29:19 | 000,038,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml2r.dll
[2013/09/30 14:29:19 | 000,021,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml2a.dll
[2013/09/30 14:29:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung CLX-6200 Series
[2013/09/30 14:29:18 | 000,000,000 | ---D | C] -- C:\Windows\Samsung
[2013/09/30 14:29:10 | 000,000,000 | ---D | C] -- C:\Users\Sara Cortelazzi\Documents\SmarThru Desktop
[2013/09/30 14:29:10 | 000,000,000 | ---D | C] -- C:\Users\Sara Cortelazzi\AppData\Roaming\Samsung
[2013/09/30 14:28:59 | 000,054,072 | R--- | C] (Samsung Electronics) -- C:\Windows\SysNative\drivers\DgivEcp.sys
[2013/09/30 14:28:45 | 000,458,752 | ---- | C] (Samsung Software Center) -- C:\Windows\prinst.exe
[2013/09/30 14:28:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SRC Shared
[2013/09/30 14:28:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Applicazioni I.R.I.S
[2013/09/30 14:26:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Readiris10
[2013/09/30 14:26:02 | 000,146,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mfcoleui.dll
[2013/09/30 14:25:32 | 000,931,840 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LTR13N.DLL
[2013/09/30 14:25:32 | 000,760,320 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\ltocx13n.ocx
[2013/09/30 14:25:32 | 000,533,504 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LTRVW13N.OCX
[2013/09/30 14:25:32 | 000,465,920 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LTRPR13n.DLL
[2013/09/30 14:25:32 | 000,326,144 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LTRIO13N.DLL
[2013/09/30 14:25:32 | 000,027,648 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfiff13n.dll
[2013/09/30 14:25:31 | 000,427,008 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LFCMP13s.DLL
[2013/09/30 14:25:31 | 000,275,456 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LFJ2K13s.dll
[2013/09/30 14:25:31 | 000,185,856 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\Lfpng13s.dll
[2013/09/30 14:25:31 | 000,131,584 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfjbg13s.dll
[2013/09/30 14:25:31 | 000,114,176 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lffax13s.dll
[2013/09/30 14:25:31 | 000,111,104 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfpsd13s.dll
[2013/09/30 14:25:31 | 000,081,920 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfeps13s.dll
[2013/09/30 14:25:31 | 000,073,728 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lffax13n.dll
[2013/09/30 14:25:31 | 000,070,656 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfbmp13s.dll
[2013/09/30 14:25:31 | 000,068,096 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfiff13s.dll
[2013/09/30 14:25:31 | 000,065,536 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfpcx13s.dll
[2013/09/30 14:25:31 | 000,065,024 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfclp13s.dll
[2013/09/30 14:25:31 | 000,062,976 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LFPNM13s.dll
[2013/09/30 14:25:31 | 000,060,928 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfimg13s.dll
[2013/09/30 14:25:31 | 000,060,416 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfitg13s.dll
[2013/09/30 14:25:31 | 000,059,904 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfpcd13s.dll
[2013/09/30 14:25:31 | 000,059,392 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfmsp13s.dll
[2013/09/30 14:25:31 | 000,058,880 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfavi13s.dll
[2013/09/30 14:25:31 | 000,020,992 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfimg13n.dll
[2013/09/30 14:25:31 | 000,019,968 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfitg13n.dll
[2013/09/30 14:25:30 | 001,693,696 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LTCLR13n.dll
[2013/09/30 14:25:30 | 000,172,032 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lftif13s.dll
[2013/09/30 14:25:30 | 000,158,720 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\Ltpnt13n.dll
[2013/09/30 14:25:30 | 000,077,312 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LTTLB13n.dll
[2013/09/30 14:25:30 | 000,069,632 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\ltbar13n.dll
[2013/09/30 14:25:30 | 000,065,536 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfani13s.dll
[2013/09/30 14:25:30 | 000,047,616 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfeps13n.dll
[2013/09/30 14:25:30 | 000,044,032 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lttwn13n.dll
[2013/09/30 14:25:30 | 000,031,744 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfclp13n.dll
[2013/09/30 14:25:30 | 000,026,624 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfpcx13n.dll
[2013/09/30 14:25:30 | 000,025,600 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfani13n.dll
[2013/09/30 14:25:30 | 000,019,968 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfpcd13n.dll
[2013/09/30 14:25:30 | 000,019,968 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfavi13n.dll
[2013/09/30 14:25:29 | 000,389,120 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LFCMP13n.DLL
[2013/09/30 14:25:29 | 000,246,272 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LFJ2K13n.dll
[2013/09/30 14:25:29 | 000,206,848 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\ltefx13n.dll
[2013/09/30 14:25:29 | 000,182,784 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\Lfpng13n.dll
[2013/09/30 14:25:29 | 000,114,176 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LTOCR13n.dll
[2013/09/30 14:25:29 | 000,067,072 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\ltpdg13n.dll
[2013/09/30 14:25:28 | 000,142,848 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lftif13n.dll
[2013/09/30 14:25:28 | 000,057,344 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfpsd13n.dll
[2013/09/30 14:25:28 | 000,031,232 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LFPNM13n.dll
[2013/09/30 14:25:28 | 000,018,944 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfmsp13n.dll
[2013/09/30 14:25:27 | 000,445,440 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\ltimg13n.dll
[2013/09/30 14:25:27 | 000,265,216 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\LTDIS13n.dll
[2013/09/30 14:25:27 | 000,090,112 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfjbg13n.dll
[2013/09/30 14:25:27 | 000,032,256 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lttmb13n.dll
[2013/09/30 14:25:27 | 000,030,208 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\lfbmp13n.dll
[2013/09/30 14:25:26 | 001,402,368 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\ltdlg13n.dll
[2013/09/30 14:25:26 | 000,453,120 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\ltkrn13n.dll
[2013/09/30 14:25:26 | 000,051,712 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\ltlst13n.dll
[2013/09/30 14:25:25 | 001,009,664 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\Ltwvc13n.dll
[2013/09/30 14:25:25 | 000,154,112 | ---- | C] (LEAD Technologies, Inc.) -- C:\Windows\SysWow64\ltfil13n.DLL
[2013/09/30 14:22:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SmarThru Office
[2013/09/30 14:22:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmarThru Office
[2013/09/30 14:21:05 | 000,151,552 | ---- | C] (SS) -- C:\Windows\SysNative\smx620ci.exe
[2013/09/30 14:21:05 | 000,089,600 | ---- | C] (SS) -- C:\Windows\SysNative\smx620ci.dll
[2013/09/30 14:16:00 | 000,049,152 | ---- | C] (Samsung Electronics) -- C:\Windows\SysWow64\Ssusbpn.dll
[2013/09/30 14:16:00 | 000,047,104 | ---- | C] (Samsung Electronics) -- C:\Windows\SysNative\Ssusbp64.dll
[2013/09/30 14:15:59 | 000,081,920 | ---- | C] (Samsung Electronics) -- C:\Windows\SysWow64\ssdevm.dll
[2013/09/30 14:15:59 | 000,073,728 | ---- | C] (Samsung Electronics) -- C:\Windows\SysNative\Ssdevm64.dll
[2013/09/30 14:15:06 | 000,151,552 | ---- | C] (SS) -- C:\Windows\SysNative\c620cci.exe
[2013/09/30 14:15:05 | 000,089,600 | ---- | C] (SS) -- C:\Windows\SysNative\c620cci.dll
[2013/09/30 14:13:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Samsung
[2013/09/30 13:52:25 | 000,000,000 | R--D | C] -- C:\Users\Sara Cortelazzi\Google Drive
[2013/09/30 13:51:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
[2013/09/30 13:50:59 | 000,000,000 | ---D | C] -- C:\Users\Sara Cortelazzi\AppData\Roaming\Mozilla
[2013/09/30 13:50:55 | 000,000,000 | ---D | C] -- C:\Users\Sara Cortelazzi\AppData\Roaming\Thunderbird
[2013/09/30 13:50:55 | 000,000,000 | ---D | C] -- C:\Users\Sara Cortelazzi\AppData\Local\Thunderbird
[2013/09/30 13:50:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2013/09/30 13:50:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013/09/30 13:50:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2013/09/30 13:46:10 | 000,000,000 | ---D | C] -- C:\Users\Sara Cortelazzi\Documents\My Box Files
[2013/09/30 13:43:00 | 000,000,000 | ---D | C] -- C:\Users\Sara Cortelazzi\AppData\Roaming\Box Sync
[2013/09/30 13:42:59 | 000,000,000 | ---D | C] -- C:\Users\Sara Cortelazzi\AppData\Roaming\Box Desktop
[2013/09/30 13:42:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013/09/30 13:41:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Box Sync
[2013/09/30 13:41:56 | 000,000,000 | ---D | C] -- C:\Program Files\Box Sync
[2013/09/30 13:41:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2013/09/30 13:41:11 | 000,000,000 | ---D | C] -- C:\Users\Sara Cortelazzi\AppData\Local\Google
[2013/09/30 13:40:39 | 000,000,000 | ---D | C] -- C:\Users\Sara Cortelazzi\AppData\Local\Apps
[2013/09/30 13:40:38 | 000,000,000 | ---D | C] -- C:\Users\Sara Cortelazzi\AppData\Local\Deployment
[2013/09/30 13:40:38 | 000,000,000 | ---D | C] -- C:\Users\Sara Cortelazzi\AppData\Local\Box Sync
[2013/09/30 13:35:40 | 000,000,000 | R--D | C] -- C:\Users\Sara Cortelazzi\Dropbox
[2013/09/30 13:34:19 | 000,000,000 | ---D | C] -- C:\Users\Sara Cortelazzi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2013/09/30 13:33:27 | 000,000,000 | ---D | C] -- C:\Users\Sara Cortelazzi\AppData\Roaming\Dropbox
[2013/09/30 13:32:19 | 000,000,000 | ---D | C] -- C:\Users\Sara Cortelazzi\AppData\Roaming\Adobe
[2013/09/30 13:32:02 | 000,000,000 | ---D | C] -- C:\Users\Sara Cortelazzi\AppData\Roaming\Intel Corporation
[2013/09/30 13:31:57 | 000,000,000 | ---D | C] -- C:\Users\Sara Cortelazzi\AppData\Roaming\ATI
[2013/09/30 13:31:57 | 000,000,000 | ---D | C] -- C:\Users\Sara Cortelazzi\AppData\Local\ATI
[2013/09/30 13:31:57 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2013/09/30 13:31:00 | 000,000,000 | ---D | C] -- C:\Users\Sara Cortelazzi\Documents\Cartella Scambio Bluetooth
[2013/09/30 13:31:00 | 000,000,000 | ---D | C] -- C:\Users\Sara Cortelazzi\AppData\Local\Broadcom
[2013/09/30 13:30:55 | 000,000,000 | ---D | C] -- C:\Users\Sara Cortelazzi\AppData\Local\Adobe
[2013/09/30 13:29:08 | 000,000,000 | R--D | C] -- C:\Users\Sara Cortelazzi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013/09/30 13:29:08 | 000,000,000 | R--D | C] -- C:\Users\Sara Cortelazzi\Searches
[2013/09/30 13:29:08 | 000,000,000 | R--D | C] -- C:\Users\Sara Cortelazzi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013/09/30 13:29:00 | 000,000,000 | ---D | C] -- C:\Users\Sara Cortelazzi\AppData\Roaming\Identities
[2013/09/30 13:28:57 | 000,000,000 | R--D | C] -- C:\Users\Sara Cortelazzi\Contacts
[2013/09/30 13:28:55 | 000,000,000 | ---D | C] -- C:\Users\Sara Cortelazzi\AppData\Local\VirtualStore
[2013/09/30 13:27:57 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\VAIO Startup Setting Tool
[2013/09/30 13:27:57 | 000,000,000 | ---D | C] -- C:\Users\Sara Cortelazzi\AppData\Roaming\Sony Corporation
[2013/09/30 13:27:57 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2013/09/30 13:27:41 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2013/09/30 13:27:41 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2013/09/30 13:27:41 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2013/09/30 13:27:16 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2013/09/30 13:27:16 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2013/09/30 13:27:16 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2013/09/30 13:26:59 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2013/09/30 13:26:59 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2013/09/30 13:26:41 | 000,000,000 | ---D | C] -- C:\Users\Sara Cortelazzi\AppData\Roaming\Intel
[2013/09/30 13:26:40 | 000,000,000 | -HSD | C] -- C:\Users\Sara Cortelazzi\Documents\Video
[2013/09/30 13:26:40 | 000,000,000 | -HSD | C] -- C:\Users\Sara Cortelazzi\AppData\Local\Temporary Internet Files
[2013/09/30 13:26:40 | 000,000,000 | -HSD | C] -- C:\Users\Sara Cortelazzi\SendTo
[2013/09/30 13:26:40 | 000,000,000 | -HSD | C] -- C:\Users\Sara Cortelazzi\Risorse di stampa
[2013/09/30 13:26:40 | 000,000,000 | -HSD | C] -- C:\Users\Sara Cortelazzi\Risorse di rete
[2013/09/30 13:26:40 | 000,000,000 | -HSD | C] -- C:\Users\Sara Cortelazzi\Recenti
[2013/09/30 13:26:40 | 000,000,000 | -HSD | C] -- C:\Users\Sara Cortelazzi\Documents\Musica
[2013/09/30 13:26:40 | 000,000,000 | -HSD | C] -- C:\Users\Sara Cortelazzi\Modelli
[2013/09/30 13:26:40 | 000,000,000 | -HSD | C] -- C:\Users\Sara Cortelazzi\Menu Avvio
[2013/09/30 13:26:40 | 000,000,000 | -HSD | C] -- C:\Users\Sara Cortelazzi\Impostazioni locali
[2013/09/30 13:26:40 | 000,000,000 | -HSD | C] -- C:\Users\Sara Cortelazzi\Documents\Immagini
[2013/09/30 13:26:40 | 000,000,000 | -HSD | C] -- C:\Users\Sara Cortelazzi\Documenti
[2013/09/30 13:26:40 | 000,000,000 | -HSD | C] -- C:\Users\Sara Cortelazzi\Dati applicazioni
[2013/09/30 13:26:40 | 000,000,000 | -HSD | C] -- C:\Users\Sara Cortelazzi\AppData\Local\Dati applicazioni
[2013/09/30 13:26:40 | 000,000,000 | -HSD | C] -- C:\Users\Sara Cortelazzi\AppData\Local\Cronologia
[2013/09/30 13:26:40 | 000,000,000 | -HSD | C] -- C:\Users\Sara Cortelazzi\Cookies
[2013/09/30 13:26:39 | 000,000,000 | --SD | C] -- C:\Users\Sara Cortelazzi\AppData\Roaming\Microsoft
[2013/09/30 13:26:39 | 000,000,000 | R--D | C] -- C:\Users\Sara Cortelazzi\Videos
[2013/09/30 13:26:39 | 000,000,000 | R--D | C] -- C:\Users\Sara Cortelazzi\Saved Games
[2013/09/30 13:26:39 | 000,000,000 | R--D | C] -- C:\Users\Sara Cortelazzi\Pictures
[2013/09/30 13:26:39 | 000,000,000 | R--D | C] -- C:\Users\Sara Cortelazzi\Music
[2013/09/30 13:26:39 | 000,000,000 | R--D | C] -- C:\Users\Sara Cortelazzi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013/09/30 13:26:39 | 000,000,000 | R--D | C] -- C:\Users\Sara Cortelazzi\Links
[2013/09/30 13:26:39 | 000,000,000 | R--D | C] -- C:\Users\Sara Cortelazzi\Favorites
[2013/09/30 13:26:39 | 000,000,000 | R--D | C] -- C:\Users\Sara Cortelazzi\Downloads
[2013/09/30 13:26:39 | 000,000,000 | R--D | C] -- C:\Users\Sara Cortelazzi\Documents
[2013/09/30 13:26:39 | 000,000,000 | R--D | C] -- C:\Users\Sara Cortelazzi\Desktop
[2013/09/30 13:26:39 | 000,000,000 | R--D | C] -- C:\Users\Sara Cortelazzi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013/09/30 13:26:39 | 000,000,000 | -H-D | C] -- C:\Users\Sara Cortelazzi\AppData
[2013/09/30 13:26:39 | 000,000,000 | ---D | C] -- C:\Users\Sara Cortelazzi\AppData\Local\Temp
[2013/09/30 13:26:39 | 000,000,000 | ---D | C] -- C:\Users\Sara Cortelazzi\Roaming
[2013/09/30 13:26:39 | 000,000,000 | ---D | C] -- C:\Users\Sara Cortelazzi\AppData\Local\Microsoft
[2013/09/30 13:26:39 | 000,000,000 | ---D | C] -- C:\Users\Sara Cortelazzi\AppData\Roaming\Media Center Programs
[2013/09/30 13:26:39 | 000,000,000 | ---D | C] -- C:\Users\Sara Cortelazzi\AppData\Roaming\Macromedia
[2013/09/30 13:26:16 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Video
[2013/09/30 13:26:16 | 000,000,000 | -HSD | C] -- C:\Programmi
[2013/09/30 13:26:16 | 000,000,000 | -HSD | C] -- C:\ProgramData\Preferiti
[2013/09/30 13:26:16 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Musica
[2013/09/30 13:26:16 | 000,000,000 | -HSD | C] -- C:\ProgramData\Modelli
[2013/09/30 13:26:16 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Avvio
[2013/09/30 13:26:16 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Immagini
[2013/09/30 13:26:16 | 000,000,000 | -HSD | C] -- C:\Program Files\File comuni
[2013/09/30 13:26:16 | 000,000,000 | -HSD | C] -- C:\ProgramData\Documenti
[2013/09/30 13:26:16 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dati applicazioni
[2013/09/30 12:55:41 | 000,000,000 | ---D | C] -- C:\Program Files\Sony
[2013/09/30 12:54:50 | 000,438,808 | R--- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStor.sys
[2013/09/30 12:53:56 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\winrm
[2013/09/30 12:53:56 | 000,000,000 | ---D | C] -- C:\Windows\it-IT
[2013/09/30 12:53:55 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\XPSViewer
[2013/09/30 12:53:55 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\winrm
[2013/09/30 12:53:55 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\WCN
[2013/09/30 12:53:55 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\UMDF
[2013/09/30 12:53:55 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sysprep
[2013/09/30 12:53:55 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\slmgr
[2013/09/30 12:53:55 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Printing_Admin_Scripts
[2013/09/30 12:53:55 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\UMDF\it-IT
[2013/09/30 12:53:55 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\it-IT
[2013/09/30 12:53:55 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\it
[2013/09/30 12:53:55 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\0410
[2013/09/30 12:53:53 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\WCN
[2013/09/30 12:53:53 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\slmgr
[2013/09/30 12:53:53 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Printing_Admin_Scripts
[2013/09/30 12:53:53 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\it-IT
[2013/09/30 12:53:53 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\it
[2013/09/30 12:53:53 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0410
[2013/09/30 12:53:39 | 000,000,000 | -H-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care
[2013/09/30 12:53:31 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\usbrpm.sys.mui
[2013/09/30 12:53:28 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\fvevol.sys.mui
[2013/09/30 12:53:22 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\nwifi.sys.mui
[2013/09/30 12:53:22 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\qwavedrv.sys.mui
[2013/09/30 12:53:20 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\it-IT\qwavedrv.sys.mui
[2013/09/30 12:53:17 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\volsnap.sys.mui
[2013/09/30 12:53:17 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\usbport.sys.mui
[2013/09/30 12:53:17 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\processr.sys.mui
[2013/09/30 12:53:17 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\intelppm.sys.mui
[2013/09/30 12:53:17 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\amdppm.sys.mui
[2013/09/30 12:53:17 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\amdk8.sys.mui
[2013/09/30 12:53:17 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\usbhub.sys.mui
[2013/09/30 12:53:17 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\ohci1394.sys.mui
[2013/09/30 12:53:17 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\1394ohci.sys.mui
[2013/09/30 12:53:17 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\serial.sys.mui
[2013/09/30 12:53:17 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\i8042prt.sys.mui
[2013/09/30 12:53:17 | 000,011,264 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\it-IT\BrSerId.sys.mui
[2013/09/30 12:53:17 | 000,011,264 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\it-IT\BrSerIb.sys.mui
[2013/09/30 12:53:17 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\acpi.sys.mui
[2013/09/30 12:53:17 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\battc.sys.mui
[2013/09/30 12:53:17 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\pci.sys.mui
[2013/09/30 12:53:17 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\IPMIDrv.sys.mui
[2013/09/30 12:53:17 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\sermouse.sys.mui
[2013/09/30 12:53:17 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\mouclass.sys.mui
[2013/09/30 12:53:17 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\kbdclass.sys.mui
[2013/09/30 12:53:17 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\wacompen.sys.mui
[2013/09/30 12:53:17 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vhdmp.sys.mui
[2013/09/30 12:53:17 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vdrvroot.sys.mui
[2013/09/30 12:53:17 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\tpm.sys.mui
[2013/09/30 12:53:17 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\isapnp.sys.mui
[2013/09/30 12:53:17 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\hdaudbus.sys.mui
[2013/09/30 12:53:17 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\parport.sys.mui
[2013/09/30 12:53:17 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\ataport.sys.mui
[2013/09/30 12:53:17 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\umbus.sys.mui
[2013/09/30 12:53:17 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\mssmbios.sys.mui
[2013/09/30 12:53:17 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vwifibus.sys.mui
[2013/09/30 12:53:17 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\ULIAGPKX.SYS.mui
[2013/09/30 12:53:17 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\UAGP35.SYS.mui
[2013/09/30 12:53:17 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\NV_AGP.SYS.mui
[2013/09/30 12:53:17 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\MTConfig.sys.mui
[2013/09/30 12:53:17 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\mouhid.sys.mui
[2013/09/30 12:53:17 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\kbdhid.sys.mui
[2013/09/30 12:53:17 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\GAGP30KX.SYS.mui
[2013/09/30 12:53:17 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\disk.sys.mui
[2013/09/30 12:53:17 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\AGP440.sys.mui
[2013/09/30 12:53:17 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\wd.sys.mui
[2013/09/30 12:53:17 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\cdrom.sys.mui
[2013/09/30 12:53:17 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\amdide.sys.mui
[2013/09/30 12:53:16 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\it-IT\tcpip.sys.mui
[2013/09/30 12:53:16 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\mpio.sys.mui
[2013/09/30 12:53:16 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\bthport.sys.mui
[2013/09/30 12:53:16 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\msdsm.sys.mui
[2013/09/30 12:53:16 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\bthpan.sys.mui
[2013/09/30 12:53:16 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\pcmcia.sys.mui
[2013/09/30 12:53:16 | 000,003,584 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\SysNative\drivers\it-IT\pscr.sys.mui
[2013/09/30 12:53:16 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\tsusbflt.sys.mui
[2013/09/30 12:53:16 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\portcls.sys.mui
[2013/09/30 12:53:16 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\HdAudio.sys.mui
[2013/09/30 12:53:16 | 000,003,584 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\it-IT\atikmdag.sys.mui
[2013/09/30 12:53:16 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\rndismpx.sys.mui
[2013/09/30 12:53:16 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\rndismp6.sys.mui
[2013/09/30 12:53:16 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\hidbth.sys.mui
[2013/09/30 12:53:16 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\serscan.sys.mui
[2013/09/30 12:53:16 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\pnpmem.sys.mui
[2013/09/30 12:53:16 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\Dot4usb.sys.mui
[2013/09/30 12:53:16 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\BTHUSB.SYS.mui
[2013/09/30 12:53:16 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\it-IT\BrParwdm.sys.mui
[2013/09/30 12:53:16 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\bthenum.sys.mui
[2013/09/30 12:53:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\fltmgr.sys.mui
[2013/09/30 12:53:14 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\wdf01000.sys.mui
[2013/09/30 12:53:13 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\ndis.sys.mui
[2013/09/30 12:53:13 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\it-IT\bfe.dll.mui
[2013/09/30 12:53:13 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\it-IT\pacer.sys.mui
[2013/09/30 12:53:13 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\scsiport.sys.mui
[2013/09/30 12:53:12 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\tcpip.sys.mui
[2013/09/30 12:53:12 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\http.sys.mui
[2013/09/30 12:53:12 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\ws2ifsl.sys.mui
[2013/09/30 12:53:10 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\pacer.sys.mui
[2013/09/30 12:53:10 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\rdpwd.sys.mui
[2013/09/30 12:53:09 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\bfe.dll.mui
[2013/09/30 12:53:08 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\afd.sys.mui
[2013/09/30 12:53:08 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\modem.sys.mui
[2013/09/30 12:53:08 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\ipnat.sys.mui
[2013/09/30 12:53:08 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\volmgrx.sys.mui
[2013/09/30 12:53:06 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\ntfs.sys.mui
[2013/09/30 12:53:06 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\tunnel.sys.mui
[2013/09/30 12:53:06 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\luafv.sys.mui
[2013/09/30 12:53:06 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\rdbss.sys.mui
[2013/09/30 12:53:06 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\srv.sys.mui
[2013/09/30 12:53:06 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\it-IT\scfilter.sys.mui
[2013/09/30 12:53:04 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\it-IT\ndiscap.sys.mui
[2013/09/30 12:53:04 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\ndisuio.sys.mui
[2013/09/30 12:53:04 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\partmgr.sys.mui
[2013/09/30 12:53:04 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\mountmgr.sys.mui
[2013/09/30 12:53:03 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\ndiscap.sys.mui
[2013/09/30 12:53:03 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\RNDISMP.sys.mui
[2013/09/30 12:53:03 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\scfilter.sys.mui
[2013/09/30 12:52:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation
[2013/09/30 12:52:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel Corporation
[2013/09/30 12:52:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel Corporation
[2013/09/30 12:51:27 | 000,000,000 | ---D | C] -- C:\VAIO Sample Contents
[2013/09/30 12:51:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
[2013/09/30 12:50:01 | 000,000,000 | ---D | C] -- C:\ProgramData\TrueSuite
[2013/09/30 12:49:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrueSuite
[2013/09/30 12:49:58 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\wocaffe
[2013/09/30 12:49:58 | 000,000,000 | ---D | C] -- C:\Program Files\TrueSuite
[2013/09/30 12:49:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Downloaded Installations
[2013/09/30 12:49:46 | 000,000,000 | ---D | C] -- C:\Infineon
[2013/09/30 12:49:41 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2013/09/30 12:49:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013/09/30 12:49:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013/09/30 12:49:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2013/09/30 12:49:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nascom
[2013/09/30 12:49:27 | 066,145,323 | ---- | C] (Axialis Software) -- C:\Windows\SysNative\VAIO S Series - Summer 2011.scr
[2013/09/30 12:49:17 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2013/09/30 12:49:17 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2013/09/30 12:49:02 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayStation Strumenti
[2013/09/30 12:48:35 | 000,000,000 | -H-D | C] -- C:\SPLASH.000
[2013/09/30 12:48:06 | 000,000,000 | -H-D | C] -- C:\SPLASH.SYS
[2013/09/30 12:47:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Downloaded Installations
[2013/09/30 12:43:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2013/09/30 12:43:19 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2013/09/30 12:43:18 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2013/09/30 12:43:18 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2013/09/30 12:43:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PMB
[2013/09/30 12:38:55 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll
[2013/09/30 12:38:55 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2013/09/30 12:38:55 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2013/09/30 12:38:55 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2013/09/30 12:38:55 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll
[2013/09/30 12:38:55 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll
[2013/09/30 12:38:55 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2013/09/30 12:38:55 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2013/09/30 12:38:55 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2013/09/30 12:38:55 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2013/09/30 12:38:55 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2013/09/30 12:38:55 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2013/09/30 12:38:55 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll
[2013/09/30 12:38:55 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll
[2013/09/30 12:38:54 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2013/09/30 12:38:54 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2013/09/30 12:37:37 | 000,212,480 | ---- | C] (Eastman Kodak) -- C:\Windows\SysWow64\PCDLIB32.DLL
[2013/09/30 12:37:34 | 000,055,808 | ---- | C] (ArcSoft, Inc.) -- C:\Windows\System\ArcSoftKsUFilter.dll
[2013/09/30 12:37:34 | 000,019,968 | ---- | C] (ArcSoft, Inc.) -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys
[2013/09/30 12:37:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Webcam Suite
[2013/09/30 12:37:26 | 000,000,000 | ---D | C] -- C:\ProgramData\ArcSoft
[2013/09/30 12:37:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ArcSoft
[2013/09/30 12:37:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ArcSoft
[2013/09/30 12:35:42 | 000,000,000 | ---D | C] -- C:\ProgramData\SmartSound Software Inc
[2013/09/30 12:35:42 | 000,000,000 | ---D | C] -- C:\ProgramData\eSellerate
[2013/09/30 12:35:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SmartSound Software
[2013/09/30 12:30:27 | 000,055,856 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\PxHlpa64.sys
[2013/09/30 12:30:27 | 000,010,224 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\cdralw2k.sys
[2013/09/30 12:30:27 | 000,010,224 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\cdr4_xp.sys
[2013/09/30 12:29:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sonic Shared
[2013/09/30 12:29:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2013/09/30 12:29:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2013/09/30 12:27:05 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2013/09/30 12:27:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2013/09/30 12:27:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2013/09/30 12:27:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2013/09/30 12:26:21 | 000,000,000 | ---D | C] -- C:\Windows\en
[2013/09/30 12:25:23 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
[2013/09/30 12:25:21 | 000,000,000 | ---D | C] -- C:\Windows\uk
[2013/09/30 12:25:18 | 000,000,000 | ---D | C] -- C:\Windows\tr
[2013/09/30 12:25:15 | 000,000,000 | ---D | C] -- C:\Windows\sv
[2013/09/30 12:25:12 | 000,000,000 | ---D | C] -- C:\Windows\sk
[2013/09/30 12:25:10 | 000,000,000 | ---D | C] -- C:\Windows\ru
[2013/09/30 12:25:06 | 000,000,000 | ---D | C] -- C:\Windows\ro
[2013/09/30 12:25:04 | 000,000,000 | ---D | C] -- C:\Windows\pt-pt
[2013/09/30 12:25:01 | 000,000,000 | ---D | C] -- C:\Windows\pl
[2013/09/30 12:24:58 | 000,000,000 | ---D | C] -- C:\Windows\no
[2013/09/30 12:24:54 | 000,000,000 | ---D | C] -- C:\Windows\it
[2013/09/30 12:24:50 | 000,000,000 | ---D | C] -- C:\Windows\hu
[2013/09/30 12:24:46 | 000,000,000 | ---D | C] -- C:\Windows\el
[2013/09/30 12:24:43 | 000,000,000 | ---D | C] -- C:\Windows\de
[2013/09/30 12:24:40 | 000,000,000 | ---D | C] -- C:\Windows\fr
[2013/09/30 12:24:36 | 000,000,000 | ---D | C] -- C:\Windows\fi
[2013/09/30 12:24:34 | 000,000,000 | ---D | C] -- C:\Windows\nl
[2013/09/30 12:24:31 | 000,000,000 | ---D | C] -- C:\Windows\da
[2013/09/30 12:24:27 | 000,000,000 | ---D | C] -- C:\Windows\cs
[2013/09/30 12:24:23 | 000,000,000 | ---D | C] -- C:\Windows\bg
[2013/09/30 12:24:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2013/09/30 12:20:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2013/09/30 12:19:52 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2013/09/30 12:19:48 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2013/09/30 12:19:40 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2013/09/30 12:19:40 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2013/09/30 12:19:40 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2013/09/30 12:19:40 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2013/09/30 12:19:38 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2013/09/30 12:19:38 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2013/09/30 12:19:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013/09/30 12:19:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2013/09/30 12:19:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2013/09/30 12:17:44 | 000,000,000 | ---D | C] -- C:\temp
[2013/09/30 12:17:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2013/09/30 12:17:15 | 000,000,000 | ---D | C] -- C:\_FS_SWRINFO
[2013/09/30 12:17:13 | 000,000,000 | ---D | C] -- C:\Documentation
[2013/09/30 12:16:13 | 000,000,000 | ---D | C] -- C:\Windows\Sonysys
[2013/09/30 12:14:53 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2013/09/30 12:14:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2013/09/30 12:14:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013/09/30 12:14:21 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2013/09/30 12:14:21 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2013/09/30 12:14:21 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2013/09/30 12:14:21 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2013/09/30 12:14:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2013/09/30 12:14:15 | 000,521,448 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\deployJava1.dll
[2013/09/30 12:14:15 | 000,189,216 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaws.exe
[2013/09/30 12:14:15 | 000,171,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaw.exe
[2013/09/30 12:14:15 | 000,171,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\java.exe
[2013/09/30 12:14:12 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013/09/30 12:14:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Sony Shared
[2013/09/30 12:14:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sony Shared
[2013/09/30 12:13:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony
[2013/09/30 12:11:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Roaming
[2013/09/30 12:10:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
[2013/09/30 12:10:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
[2013/09/30 12:10:38 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2013/09/30 12:10:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco
[2013/09/30 12:10:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Renesas Electronics
[2013/09/30 12:10:08 | 000,000,000 | ---D | C] -- C:\Program Files\Apoint
[2013/09/30 12:10:05 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sda
[2013/09/30 12:10:01 | 009,888,360 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysWow64\RtsPStorIcon.dll
[2013/09/30 12:10:01 | 000,329,832 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\drivers\RtsPStor.sys
[2013/09/30 12:09:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent
[2013/09/30 12:09:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel
[2013/09/30 12:09:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel
[2013/09/30 12:09:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2013/09/30 12:09:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2013/09/30 12:09:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ATI Stream SDK v2
[2013/09/30 12:09:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Stream
[2013/09/30 12:09:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2013/09/30 12:08:44 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2013/09/30 12:08:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2013/09/30 12:08:06 | 000,000,000 | ---D | C] -- C:\Program Files\Fingerprint Sensor
[2013/09/30 12:07:28 | 000,425,064 | ---- | C] (Realtek                                            ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2013/09/30 12:07:28 | 000,107,552 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RTNUninst64.dll
[2013/09/30 12:06:51 | 000,344,616 | ---- | C] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwampfl.sys
[2013/09/30 12:06:51 | 000,135,720 | ---- | C] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwavdt.sys
[2013/09/30 12:06:51 | 000,102,952 | ---- | C] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwaudio.sys
[2013/09/30 12:06:51 | 000,039,464 | ---- | C] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwl2cap.sys
[2013/09/30 12:06:51 | 000,021,544 | ---- | C] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwrchid.sys
[2013/09/30 12:06:22 | 000,000,000 | ---D | C] -- C:\Program Files\WIDCOMM
[2013/09/30 12:05:53 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2013/09/30 12:05:53 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2013/09/30 12:05:43 | 002,651,240 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll
[2013/09/30 12:05:43 | 002,580,824 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2013/09/30 12:05:43 | 002,197,264 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll
[2013/09/30 12:05:43 | 002,051,176 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2013/09/30 12:05:43 | 001,770,328 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek.dll
[2013/09/30 12:05:43 | 001,716,368 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll
[2013/09/30 12:05:43 | 001,239,656 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2013/09/30 12:05:43 | 001,146,984 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2013/09/30 12:05:43 | 000,618,600 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2013/09/30 12:05:43 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2013/09/30 12:05:43 | 000,477,800 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoRes64.dat
[2013/09/30 12:05:43 | 000,419,472 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll
[2013/09/30 12:05:43 | 000,372,936 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2013/09/30 12:05:43 | 000,341,336 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll
[2013/09/30 12:05:43 | 000,334,680 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll
[2013/09/30 12:05:43 | 000,332,392 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll
[2013/09/30 12:05:43 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2013/09/30 12:05:43 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2013/09/30 12:05:43 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2013/09/30 12:05:43 | 000,220,496 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysNative\SFNHK64.dll
[2013/09/30 12:05:43 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2013/09/30 12:05:43 | 000,201,928 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2013/09/30 12:05:43 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2013/09/30 12:05:43 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2013/09/30 12:05:43 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll
[2013/09/30 12:05:43 | 000,125,584 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll
[2013/09/30 12:05:43 | 000,120,208 | ---- | C] (Sony Corporation) -- C:\Windows\SysNative\SFSS_APO.dll
[2013/09/30 12:05:43 | 000,106,640 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll
[2013/09/30 12:05:43 | 000,099,016 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2013/09/30 12:05:43 | 000,081,232 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysNative\SFCOM64.dll
[2013/09/30 12:05:43 | 000,080,488 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInst64.dll
[2013/09/30 12:05:43 | 000,078,160 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysNative\SFAPO64.dll
[2013/09/30 12:05:43 | 000,076,488 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2013/09/30 12:05:43 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll
[2013/09/30 12:05:43 | 000,071,824 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll
[2013/09/30 12:05:42 | 001,325,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
[2013/09/30 12:05:42 | 001,251,944 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2013/09/30 12:05:42 | 001,178,336 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
[2013/09/30 12:05:42 | 001,110,240 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
[2013/09/30 12:05:42 | 000,503,520 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
[2013/09/30 12:05:42 | 000,489,696 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll
[2013/09/30 12:05:42 | 000,474,336 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
[2013/09/30 12:05:42 | 000,338,336 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2013/09/30 12:05:42 | 000,315,616 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
[2013/09/30 12:05:42 | 000,268,512 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
[2013/09/30 12:05:42 | 000,265,440 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
[2013/09/30 12:05:42 | 000,200,800 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll
[2013/09/30 12:05:42 | 000,124,640 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
[2013/09/30 12:05:42 | 000,124,128 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
[2013/09/30 12:05:42 | 000,123,616 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll
[2013/09/30 12:05:42 | 000,108,960 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll
[2013/09/30 12:05:42 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2013/09/30 12:05:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2013/09/30 12:05:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2013/09/30 12:04:28 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
[2013/09/30 12:04:17 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2013/09/30 12:02:58 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2013/09/30 12:02:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2013/09/30 12:02:55 | 000,000,000 | ---D | C] -- C:\Intel
[2013/09/30 12:02:50 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2013/09/30 12:00:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony Corporation
[2013/09/30 11:56:15 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013/10/01 15:10:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Sara Cortelazzi\Desktop\OTL.exe
[2013/10/01 15:06:29 | 000,020,992 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/10/01 15:06:29 | 000,020,992 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/10/01 15:02:12 | 001,652,418 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/10/01 15:02:12 | 000,738,754 | ---- | M] () -- C:\Windows\SysNative\perfh010.dat
[2013/10/01 15:02:12 | 000,651,648 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/10/01 15:02:12 | 000,145,794 | ---- | M] () -- C:\Windows\SysNative\perfc010.dat
[2013/10/01 15:02:12 | 000,120,580 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/10/01 14:57:41 | 000,000,156 | ---- | M] () -- C:\Windows\ODBC.INI
[2013/10/01 14:56:07 | 000,001,164 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/10/01 14:55:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/10/01 14:55:43 | 470,700,031 | -HS- | M] () -- C:\hiberfil.sys
[2013/10/01 14:47:21 | 003,489,793 | ---- | M] () -- C:\Users\Sara Cortelazzi\Desktop\w_I_20130715.pdf
[2013/10/01 14:46:02 | 000,001,168 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/10/01 12:53:27 | 000,325,784 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/09/30 22:18:54 | 000,001,140 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice 4.0.0.lnk
[2013/09/30 21:55:04 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013/09/30 20:57:52 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ew_jubusenum_01007.Wdf
[2013/09/30 20:57:12 | 000,002,747 | ---- | M] () -- C:\Users\Public\Desktop\SMS.lnk
[2013/09/30 20:57:12 | 000,002,196 | ---- | M] () -- C:\Users\Public\Desktop\Vodafone Mobile Broadband.lnk
[2013/09/30 20:55:50 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2013/09/30 15:28:40 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2013/09/30 15:18:42 | 000,008,627 | ---- | M] () -- C:\Windows\SysWow64\PAV_FOG.OPC
[2013/09/30 14:34:57 | 000,000,138 | ---- | M] () -- C:\Users\Public\Desktop\SAMSUNG Dr.Printer.url
[2013/09/30 14:29:11 | 000,056,540 | ---- | M] () -- C:\Windows\SysWow64\NULL
[2013/09/30 14:28:45 | 000,000,998 | ---- | M] () -- C:\Users\Public\Desktop\SmarThru Office.lnk
[2013/09/30 14:28:41 | 000,000,136 | ---- | M] () -- C:\Windows\Readiris.ini
[2013/09/30 13:52:26 | 000,001,729 | ---- | M] () -- C:\Users\Sara Cortelazzi\Desktop\Google Drive.lnk
[2013/09/30 13:46:10 | 000,001,579 | ---- | M] () -- C:\Users\Sara Cortelazzi\Desktop\My Box Files.lnk
[2013/09/30 13:42:37 | 000,002,255 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/09/30 13:42:01 | 000,001,854 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Box Sync.lnk
[2013/09/30 13:35:40 | 000,001,055 | ---- | M] () -- C:\Users\Sara Cortelazzi\Desktop\Dropbox.lnk
[2013/09/30 13:34:30 | 000,001,065 | ---- | M] () -- C:\Users\Sara Cortelazzi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013/09/30 13:28:52 | 000,000,000 | RH-- | M] () -- C:\Windows\SysWow64\drivers\104D_Sony_VPCSB2C5E.mrk
[2013/09/30 13:28:52 | 000,000,000 | RH-- | M] () -- C:\Windows\SysNative\drivers\104D_Sony_VPCSB2C5E.mrk
[2013/09/30 13:25:34 | 000,175,736 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2013/09/30 13:25:34 | 000,175,736 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2013/09/30 12:53:48 | 000,335,478 | ---- | M] () -- C:\Windows\SysNative\perfi010.dat
[2013/09/30 12:53:48 | 000,037,534 | ---- | M] () -- C:\Windows\SysNative\perfd010.dat
[2013/09/30 12:53:31 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\usbrpm.sys.mui
[2013/09/30 12:53:28 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\fvevol.sys.mui
[2013/09/30 12:53:24 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\UMDF\it-IT\WpdMtpDr.dll.mui
[2013/09/30 12:53:22 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\nwifi.sys.mui
[2013/09/30 12:53:22 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\qwavedrv.sys.mui
[2013/09/30 12:53:20 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\it-IT\qwavedrv.sys.mui
[2013/09/30 12:53:17 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\volsnap.sys.mui
[2013/09/30 12:53:17 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\usbport.sys.mui
[2013/09/30 12:53:17 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\processr.sys.mui
[2013/09/30 12:53:17 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\intelppm.sys.mui
[2013/09/30 12:53:17 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\amdppm.sys.mui
[2013/09/30 12:53:17 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\amdk8.sys.mui
[2013/09/30 12:53:17 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\usbhub.sys.mui
[2013/09/30 12:53:17 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\ohci1394.sys.mui
[2013/09/30 12:53:17 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\1394ohci.sys.mui
[2013/09/30 12:53:17 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\serial.sys.mui
[2013/09/30 12:53:17 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\i8042prt.sys.mui
[2013/09/30 12:53:17 | 000,011,264 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\it-IT\BrSerId.sys.mui
[2013/09/30 12:53:17 | 000,011,264 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\it-IT\BrSerIb.sys.mui
[2013/09/30 12:53:17 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\acpi.sys.mui
[2013/09/30 12:53:17 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\battc.sys.mui
[2013/09/30 12:53:17 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\pci.sys.mui
[2013/09/30 12:53:17 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\IPMIDrv.sys.mui
[2013/09/30 12:53:17 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\sermouse.sys.mui
[2013/09/30 12:53:17 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\mouclass.sys.mui
[2013/09/30 12:53:17 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\kbdclass.sys.mui
[2013/09/30 12:53:17 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\wacompen.sys.mui
[2013/09/30 12:53:17 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vhdmp.sys.mui
[2013/09/30 12:53:17 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vdrvroot.sys.mui
[2013/09/30 12:53:17 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\tpm.sys.mui
[2013/09/30 12:53:17 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\isapnp.sys.mui
[2013/09/30 12:53:17 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\hdaudbus.sys.mui
[2013/09/30 12:53:17 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\parport.sys.mui
[2013/09/30 12:53:17 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\ataport.sys.mui
[2013/09/30 12:53:17 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\umbus.sys.mui
[2013/09/30 12:53:17 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\mssmbios.sys.mui
[2013/09/30 12:53:17 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vwifibus.sys.mui
[2013/09/30 12:53:17 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\ULIAGPKX.SYS.mui
[2013/09/30 12:53:17 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\UAGP35.SYS.mui
[2013/09/30 12:53:17 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\NV_AGP.SYS.mui
[2013/09/30 12:53:17 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\MTConfig.sys.mui
[2013/09/30 12:53:17 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\mouhid.sys.mui
[2013/09/30 12:53:17 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\kbdhid.sys.mui
[2013/09/30 12:53:17 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\GAGP30KX.SYS.mui
[2013/09/30 12:53:17 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\disk.sys.mui
[2013/09/30 12:53:17 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\AGP440.sys.mui
[2013/09/30 12:53:17 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\wd.sys.mui
[2013/09/30 12:53:17 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\cdrom.sys.mui
[2013/09/30 12:53:17 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\amdide.sys.mui
[2013/09/30 12:53:16 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\it-IT\tcpip.sys.mui
[2013/09/30 12:53:16 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\mpio.sys.mui
[2013/09/30 12:53:16 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\bthport.sys.mui
[2013/09/30 12:53:16 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\msdsm.sys.mui
[2013/09/30 12:53:16 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\UMDF\it-IT\WUDFUsbccidDriver.dll.mui
[2013/09/30 12:53:16 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\bthpan.sys.mui
[2013/09/30 12:53:16 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\pcmcia.sys.mui
[2013/09/30 12:53:16 | 000,003,584 | ---- | M] (SCM Microsystems, Inc.) -- C:\Windows\SysNative\drivers\it-IT\pscr.sys.mui
[2013/09/30 12:53:16 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\tsusbflt.sys.mui
[2013/09/30 12:53:16 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\portcls.sys.mui
[2013/09/30 12:53:16 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\HdAudio.sys.mui
[2013/09/30 12:53:16 | 000,003,584 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\it-IT\atikmdag.sys.mui
[2013/09/30 12:53:16 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\rndismpx.sys.mui
[2013/09/30 12:53:16 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\rndismp6.sys.mui
[2013/09/30 12:53:16 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\hidbth.sys.mui
[2013/09/30 12:53:16 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\serscan.sys.mui
[2013/09/30 12:53:16 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\pnpmem.sys.mui
[2013/09/30 12:53:16 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\Dot4usb.sys.mui
[2013/09/30 12:53:16 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\BTHUSB.SYS.mui
[2013/09/30 12:53:16 | 000,002,560 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\it-IT\BrParwdm.sys.mui
[2013/09/30 12:53:16 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\bthenum.sys.mui
[2013/09/30 12:53:14 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\fltmgr.sys.mui
[2013/09/30 12:53:14 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\wdf01000.sys.mui
[2013/09/30 12:53:13 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\ndis.sys.mui
[2013/09/30 12:53:13 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\it-IT\bfe.dll.mui
[2013/09/30 12:53:13 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\it-IT\pacer.sys.mui
[2013/09/30 12:53:13 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\scsiport.sys.mui
[2013/09/30 12:53:12 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\tcpip.sys.mui
[2013/09/30 12:53:12 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\http.sys.mui
[2013/09/30 12:53:12 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\ws2ifsl.sys.mui
[2013/09/30 12:53:10 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\pacer.sys.mui
[2013/09/30 12:53:10 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\rdpwd.sys.mui
[2013/09/30 12:53:09 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\bfe.dll.mui
[2013/09/30 12:53:08 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\afd.sys.mui
[2013/09/30 12:53:08 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\modem.sys.mui
[2013/09/30 12:53:08 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\ipnat.sys.mui
[2013/09/30 12:53:08 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\volmgrx.sys.mui
[2013/09/30 12:53:06 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\ntfs.sys.mui
[2013/09/30 12:53:06 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\tunnel.sys.mui
[2013/09/30 12:53:06 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\luafv.sys.mui
[2013/09/30 12:53:06 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\rdbss.sys.mui
[2013/09/30 12:53:06 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\srv.sys.mui
[2013/09/30 12:53:06 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\it-IT\scfilter.sys.mui
[2013/09/30 12:53:04 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\it-IT\ndiscap.sys.mui
[2013/09/30 12:53:04 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\ndisuio.sys.mui
[2013/09/30 12:53:04 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\partmgr.sys.mui
[2013/09/30 12:53:04 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\mountmgr.sys.mui
[2013/09/30 12:53:03 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\ndiscap.sys.mui
[2013/09/30 12:53:03 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\RNDISMP.sys.mui
[2013/09/30 12:53:03 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\scfilter.sys.mui
[2013/09/30 12:52:36 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WDKMD_01009.Wdf
[2013/09/30 12:51:57 | 000,196,608 | ---- | M] () -- C:\Windows\ocsetup_install_OEMHelpCustomization.etl
[2013/09/30 12:49:28 | 066,145,323 | ---- | M] (Axialis Software) -- C:\Windows\SysNative\VAIO S Series - Summer 2011.scr
[2013/09/30 12:48:36 | 000,000,074 | -H-- | M] () -- C:\splash.idx
[2013/09/30 12:14:19 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2013/09/30 12:14:19 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2013/09/30 12:14:19 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2013/09/30 12:14:19 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2013/09/30 12:14:13 | 000,521,448 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\deployJava1.dll
[2013/09/30 12:14:13 | 000,189,216 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaws.exe
[2013/09/30 12:14:13 | 000,171,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaw.exe
[2013/09/30 12:14:13 | 000,171,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\java.exe
[2013/09/30 12:13:10 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2013/09/30 12:10:09 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_Apfiltr_01009.Wdf
[2013/09/30 12:08:08 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ATSwpWDF_01009.Wdf
[2013/09/30 12:06:55 | 000,000,834 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
[2013/09/30 12:02:17 | 001,619,738 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013/10/01 14:47:16 | 003,489,793 | ---- | C] () -- C:\Users\Sara Cortelazzi\Desktop\w_I_20130715.pdf
[2013/09/30 22:18:54 | 000,001,140 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice 4.0.0.lnk
[2013/09/30 21:55:04 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013/09/30 20:57:52 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ew_jubusenum_01007.Wdf
[2013/09/30 20:57:12 | 000,002,747 | ---- | C] () -- C:\Users\Public\Desktop\SMS.lnk
[2013/09/30 20:57:12 | 000,002,196 | ---- | C] () -- C:\Users\Public\Desktop\Vodafone Mobile Broadband.lnk
[2013/09/30 20:55:50 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2013/09/30 15:28:40 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2013/09/30 15:18:42 | 000,008,627 | ---- | C] () -- C:\Windows\SysWow64\PAV_FOG.OPC
[2013/09/30 14:34:53 | 000,000,138 | ---- | C] () -- C:\Users\Public\Desktop\SAMSUNG Dr.Printer.url
[2013/09/30 14:29:19 | 000,482,408 | ---- | C] () -- C:\Windows\ssndii.exe
[2013/09/30 14:29:14 | 000,000,156 | ---- | C] () -- C:\Windows\ODBC.INI
[2013/09/30 14:29:11 | 000,056,540 | ---- | C] () -- C:\Windows\SysWow64\NULL
[2013/09/30 14:28:59 | 000,007,297 | ---- | C] () -- C:\Windows\SysWow64\SSPORT.CAT
[2013/09/30 14:28:59 | 000,007,297 | ---- | C] () -- C:\Windows\SysWow64\DgivEcp.cat
[2013/09/30 14:28:57 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\SvcMan.exe
[2013/09/30 14:28:45 | 000,172,032 | ---- | C] () -- C:\Windows\SysWow64\SecSNMP.dll
[2013/09/30 14:28:45 | 000,000,998 | ---- | C] () -- C:\Users\Public\Desktop\SmarThru Office.lnk
[2013/09/30 14:28:44 | 000,080,896 | ---- | C] () -- C:\Windows\SysNative\STOFaxPort64.dll
[2013/09/30 14:28:41 | 000,000,136 | ---- | C] () -- C:\Windows\Readiris.ini
[2013/09/30 14:28:33 | 000,023,040 | ---- | C] () -- C:\Windows\SysWow64\irisco32.dll
[2013/09/30 14:25:30 | 000,000,422 | ---- | C] () -- C:\Windows\SysWow64\ltocx13.lic
[2013/09/30 14:21:05 | 000,215,552 | ---- | C] () -- C:\Windows\SysNative\secsnmp6.dll
[2013/09/30 14:20:37 | 000,113,768 | R--- | C] () -- C:\Windows\Wiainst.exe
[2013/09/30 14:16:00 | 000,014,848 | ---- | C] () -- C:\Windows\SysNative\sssegfilter.dll
[2013/09/30 14:15:59 | 000,253,440 | ---- | C] () -- C:\Windows\SysNative\ssminidriver.dll
[2013/09/30 14:15:59 | 000,036,864 | ---- | C] () -- C:\Windows\SysNative\ssimgfilter.dll
[2013/09/30 14:15:59 | 000,013,312 | ---- | C] () -- C:\Windows\SysNative\sserrhandler.dll
[2013/09/30 14:15:04 | 000,000,357 | ---- | C] () -- C:\Windows\SysNative\c620cl6.smt
[2013/09/30 14:15:03 | 000,022,016 | ---- | C] () -- C:\Windows\SysNative\c620cl6.dll
[2013/09/30 13:52:26 | 000,001,729 | ---- | C] () -- C:\Users\Sara Cortelazzi\Desktop\Google Drive.lnk
[2013/09/30 13:50:39 | 000,002,098 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
[2013/09/30 13:46:10 | 000,001,579 | ---- | C] () -- C:\Users\Sara Cortelazzi\Desktop\My Box Files.lnk
[2013/09/30 13:42:37 | 000,002,255 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/09/30 13:42:01 | 000,001,854 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Box Sync.lnk
[2013/09/30 13:41:33 | 000,001,168 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/09/30 13:41:25 | 000,001,164 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/09/30 13:35:40 | 000,001,055 | ---- | C] () -- C:\Users\Sara Cortelazzi\Desktop\Dropbox.lnk
[2013/09/30 13:34:30 | 000,001,065 | ---- | C] () -- C:\Users\Sara Cortelazzi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013/09/30 13:30:17 | 000,001,389 | ---- | C] () -- C:\Users\Sara Cortelazzi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2013/09/30 13:29:13 | 000,001,423 | ---- | C] () -- C:\Users\Sara Cortelazzi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013/09/30 13:28:52 | 000,000,000 | RH-- | C] () -- C:\Windows\SysWow64\drivers\104D_Sony_VPCSB2C5E.mrk
[2013/09/30 13:28:52 | 000,000,000 | RH-- | C] () -- C:\Windows\SysNative\drivers\104D_Sony_VPCSB2C5E.mrk
[2013/09/30 13:28:46 | 000,001,961 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music Unlimited powered by Qriocity.lnk
[2013/09/30 12:54:23 | 000,335,478 | ---- | C] () -- C:\Windows\SysNative\perfi010.dat
[2013/09/30 12:54:21 | 000,738,754 | ---- | C] () -- C:\Windows\SysNative\perfh010.dat
[2013/09/30 12:54:21 | 000,145,794 | ---- | C] () -- C:\Windows\SysNative\perfc010.dat
[2013/09/30 12:54:21 | 000,037,534 | ---- | C] () -- C:\Windows\SysNative\perfd010.dat
[2013/09/30 12:53:57 | 470,700,031 | -HS- | C] () -- C:\hiberfil.sys
[2013/09/30 12:53:38 | 000,002,017 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care.lnk
[2013/09/30 12:53:06 | 000,002,193 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Smart Network.lnk
[2013/09/30 12:52:36 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WDKMD_01009.Wdf
[2013/09/30 12:52:32 | 000,002,112 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® Wireless Display.lnk
[2013/09/30 12:51:45 | 000,196,608 | ---- | C] () -- C:\Windows\ocsetup_install_OEMHelpCustomization.etl
[2013/09/30 12:51:38 | 000,001,271 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Transfer.lnk
[2013/09/30 12:50:49 | 000,002,068 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Gate.lnk
[2013/09/30 12:50:21 | 000,001,848 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Easy Connect.lnk
[2013/09/30 12:50:16 | 000,002,265 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Data Restore Tool.lnk
[2013/09/30 12:49:03 | 000,001,185 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remote Keyboard.lnk
[2013/09/30 12:43:11 | 000,001,155 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PMB.lnk
[2013/09/30 12:38:56 | 000,001,299 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Gallery.lnk
[2013/09/30 12:36:50 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2013/09/30 12:34:56 | 000,002,267 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Elements 9.lnk
[2013/09/30 12:32:05 | 000,001,515 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.lnk
[2013/09/30 12:32:00 | 000,000,997 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
[2013/09/30 12:30:31 | 000,001,892 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 9.lnk
[2013/09/30 12:24:20 | 000,001,305 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
[2013/09/30 12:24:12 | 000,001,374 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
[2013/09/30 12:23:00 | 000,001,458 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
[2013/09/30 12:21:10 | 000,002,486 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2013/09/30 12:17:37 | 000,001,151 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
[2013/09/30 12:17:15 | 000,001,991 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Manual.lnk
[2013/09/30 12:16:50 | 000,001,527 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Control Center.lnk
[2013/09/30 12:13:10 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013/09/30 12:10:09 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_Apfiltr_01009.Wdf
[2013/09/30 12:09:49 | 000,008,192 | ---- | C] () -- C:\Windows\SysNative\drivers\IntelMEFWVer.dll
[2013/09/30 12:09:07 | 000,003,143 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat
[2013/09/30 12:09:07 | 000,003,143 | ---- | C] () -- C:\Windows\SysNative\atipblup.dat
[2013/09/30 12:08:08 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ATSwpWDF_01009.Wdf
[2013/09/30 12:07:28 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll
[2013/09/30 12:06:25 | 000,000,834 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
[2013/09/30 12:05:44 | 000,002,204 | ---- | C] () -- C:\Windows\SysNative\drivers\RtPCEE3.DAT
[2013/09/30 11:58:42 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2013/09/30 11:58:40 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2011/03/24 08:50:52 | 000,226,366 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
 
========== ZeroAccess Check ==========
 
[2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2010/11/21 05:23:55 | 014,174,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010/11/21 05:24:02 | 012,872,192 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >

 

 

 

OTL Extras logfile created on: 01/10/2013 15:11:54 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Sara Cortelazzi\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy
 
5,92 Gb Total Physical Memory | 3,73 Gb Available Physical Memory | 63,02% Memory free
11,83 Gb Paging File | 9,29 Gb Available in Paging File | 78,50% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 449,41 Gb Total Space | 382,95 Gb Free Space | 85,21% Space Free | Partition Type: NTFS
 
Computer Name: SARACORTELAZZI | User Name: Sara Cortelazzi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-3170728469-4140063368-75880603-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1EC459F0-2C83-4FA9-9887-622DC6C179E6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{256A5605-B618-49AE-83FE-F81AFAD716F5}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{29C2A75F-3A43-441E-941C-0E86AF99AD98}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2DD57364-69F8-486A-8D9F-F15CB5B364C8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3B01FF7D-ACFC-4A01-88D9-E9B510280F39}" = rport=139 | protocol=6 | dir=out | app=system |
"{3F1543D8-8F55-4A8F-890D-1759B210C204}" = rport=138 | protocol=17 | dir=out | app=system |
"{4381FC69-3169-430C-93AE-BCC375FF59FD}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4737DE71-CDF5-472F-979E-CDC11D00409B}" = lport=10243 | protocol=6 | dir=in | app=system |
"{478A6255-50BC-4FBD-B8EA-FCA11130DF2A}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{4C26E507-C338-4E49-A453-7622E1133BEA}" = lport=137 | protocol=17 | dir=in | app=system |
"{53B6FF29-273C-492A-B272-DA6535E06D89}" = rport=137 | protocol=17 | dir=out | app=system |
"{550F6997-ABF9-43D0-80E5-69E465D587EF}" = rport=10243 | protocol=6 | dir=out | app=system |
"{555898DA-03D9-4B6F-A681-6FC649C1A10C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{562D7814-15C1-4623-B718-0724B9193B24}" = lport=445 | protocol=6 | dir=in | app=system |
"{707E73A6-86E1-44EC-986C-1587A226CF81}" = lport=139 | protocol=6 | dir=in | app=system |
"{74A9782A-1804-43D7-86D0-D643A5C89251}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{74EB551E-68C9-40D2-9572-C2F81DA77F4B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{7C7A881F-EDA2-46A3-8EA4-7A6DE17E67E1}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{8CD4BAAE-35AB-426F-AC11-446574AA3EAA}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{AF5A8B52-A773-48E4-BEEE-3564597EC56A}" = lport=138 | protocol=17 | dir=in | app=system |
"{CE1B227F-209A-49C9-9D98-D8BC1ED09BF7}" = rport=445 | protocol=6 | dir=out | app=system |
"{D5114C12-88BD-40E9-B066-C141FFE7E7D7}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E5F67D49-3DB6-44B2-8571-778CC5B4B948}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0401B34C-B9C1-4DA8-8766-521C10497C55}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0CACD976-8658-42EE-80E9-E8CB4545CE67}" = protocol=17 | dir=in | app=c:\program files\sony\vaio care\vcagent.exe |
"{0CE46709-5F41-44FB-8DA5-8F570FA7BC75}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2358D4E0-515F-4BF9-B09F-13900ABC638D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{24686175-CCB2-4EA1-95EA-E1F5FBEEBE0E}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{2D5A911C-6A99-4C08-B14C-6EDB6C5866E9}" = dir=in | app=c:\program files (x86)\intel corporation\intel wireless display\widiapp.exe |
"{35F7E553-5C63-4358-ADCB-BF24CD17CF5A}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{3D25F4D8-04C4-477C-87FB-3558DBC4754A}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{40ED5376-68E6-4BF5-BBB9-3A6AFBB3C1E8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4160B8FC-CF3F-49B5-A195-705314CC4F7A}" = protocol=6 | dir=in | app=c:\program files\sony\vaio care\vcagent.exe |
"{4BD50371-994F-470A-B9E7-4B21E6094A2A}" = protocol=6 | dir=in | app=c:\users\sara cortelazzi\appdata\roaming\dropbox\bin\dropbox.exe |
"{5506A088-0846-4418-BA8B-5DAF2774FD7B}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{57209198-C01F-4FB0-8D02-08F5217F8ADF}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{5B5FC2BF-5BED-44F8-A279-0EB92CA7232A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{70285A36-130E-457A-A6B7-303EF0FEB814}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{73CDCF0F-3BFA-4B33-A2E0-D8C7F7060631}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{745884A5-67DE-4E6A-B9F5-216DC4A77BFC}" = protocol=6 | dir=in | app=c:\program files\sony\vaio care\vaiocaremain.exe |
"{78ABC4F5-CE11-4739-A29D-00FC25EB17BE}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8390FB2B-458F-4177-AF0E-00E38B22A42E}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8590149A-3B24-49AE-B808-980349500175}" = protocol=6 | dir=out | app=system |
"{9BDAA8B3-EE8E-4E03-889E-7DF22E31CFE9}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{AD5EDAA5-59A3-41AE-846D-C6A807F5D8D1}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AE4649D9-BB90-40F4-8A8B-7F2DA572D4AC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C3C9AD0B-6C48-4B5D-A231-63D7C4AF4717}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C3F7D45F-63F3-471D-BF95-9AE569775AD9}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{C9215834-2910-45B1-BAF9-65A81A68C95A}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{CDD5147F-E135-4A4A-93F0-A782F05510E3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CE81AB64-972D-4236-A8FC-CA94B9DCBA2C}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{D1BBE7EC-1FD8-46AD-BB5A-5EF09DC8C85E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D986A449-498E-4D01-BD6F-05C257F817D0}" = protocol=6 | dir=in | app=c:\program files\sony\vaio care\selfhealupdate.exe |
"{DC58CD15-0440-4F40-A5C2-CAD560270CEB}" = protocol=17 | dir=in | app=c:\users\sara cortelazzi\appdata\roaming\dropbox\bin\dropbox.exe |
"{DFA1F296-303F-4A0F-9351-4CB28BB58616}" = protocol=17 | dir=in | app=c:\program files\sony\vaio care\selfhealupdate.exe |
"{E72B8135-7CB8-4134-8051-689F8418ABE3}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{E76A9761-917E-49B2-962C-EAB1C5A46DA8}" = protocol=17 | dir=in | app=c:\program files\sony\vaio care\vaiocaremain.exe |
"{FA6047FC-F992-4FA9-A883-8A3C30A16301}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{FF434EE2-3514-4E72-A771-8F69DE4FE979}C:\users\sara cortelazzi\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\sara cortelazzi\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{28302A14-500D-490F-934E-47537539CF2C}C:\users\sara cortelazzi\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\sara cortelazzi\appdata\roaming\dropbox\bin\dropbox.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1080AA78-393C-49BE-D65F-0C2E66D93FDA}" = ATI Catalyst Install Manager
"{115B60D5-BBDB-490E-AF2E-064D37A3CE01}" = Media Gallery
"{133D3F07-D558-46CE-80E8-F4D75DBBAD63}" = PMB VAIO Edition Plug-in
"{1685AE50-97ED-485B-80F6-145071EE14B0}" = Windows Live Remote Service Resources
"{17A4FD95-A507-43F1-BC92-D8572AF8340A}" = Windows Live Remote Service Resources
"{1927E640-A2C6-4BA7-8F43-FFD2AE3DFCF3}" = Software Intel® PROSet/Wireless WiFi
"{19F09425-3C20-4730-9E2A-FC2E17C9F362}" = Windows Live Remote Service Resources
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources
"{20F5F93B-9A27-4508-87B0-BFD7494FBEC4}" = AuthenTec WinBio FingerPrint Software
"{22441735-5983-AD2A-5CC5-FA2CCD7EF732}" = ATI Stream SDK v2 Developer
"{22AB5CFD-B3DB-414E-9F99-4D024CCF1DA6}" = Windows Live Remote Client Resources
"{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources
"{25B473DB-CC8D-384A-ACE7-7CFB119B7E03}" = Microsoft .NET Framework 4 Client Profile ITA Language Pack
"{26A24AE4-039D-4CA4-87B4-2F86416022FF}" = Java™ 6 Update 22 (64-bit)
"{28EF7372-9087-4AC3-9B9F-D9751FCDF830}" = Intel® Wireless Display
"{2C1A6191-9804-4FDC-AB01-6F9183C91A13}" = Windows Live Remote Client Resources
"{2F304EF4-0C31-47F4-8557-0641AAE4197C}" = Windows Live Remote Client Resources
"{312395BC-7CC2-434C-A660-30250276A926}" = SSLx64
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = WIDCOMM Bluetooth Software
"{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources
"{4C2E49C0-9276-4324-841D-774CCCE5DB48}" = Windows Live Remote Client Resources
"{4EFA8109-732B-4026-9F0C-B70ECF3F9293}" = Windows Live Remote Service Resources
"{4F31AC31-0A28-4F5A-8416-513972DA1F79}" = Sony Corporation
"{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}" = Windows Live Remote Service Resources
"{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}" = Windows Live Remote Service Resources
"{57F2BD1C-14A3-4785-8E48-2075B96EB2DF}" = Windows Live Remote Service Resources
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5F44A3A1-5D24-4708-8776-66B42B174C64}" = Windows Live Remote Client Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources
"{61407251-7F7D-4303-810D-226A04D5CFF3}" = Windows Live Remote Service Resources
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources
"{6C9D3F1D-DBBE-46F9-96A0-726CC72935AF}" = Windows Live Remote Service Resources
"{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources
"{75C95C84-264F-4CC7-8A7E-346444E6C7C1}" = VAIO Improvement Validation
"{7AEC844D-448A-455E-A34E-E1032196BBCD}" = Windows Live Remote Service Resources
"{815B2D45-A469-4002-8167-214F60A1E2AB}" = ESET NOD32 Antivirus
"{81B43AC9-B334-45D0-8D15-0A3642AFBDA1}" = AuthenTec TrueSuite
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{850B8072-2EA7-4EDC-B930-7FE569495E76}" = Windows Live Remote Client Resources
"{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B57A772-BC72-3430-A198-46D48D4F1CCA}" = Microsoft .NET Framework 4 Extended ITA Language Pack
"{9E9C960F-7F47-46D5-A95D-950B354DE2B8}" = Windows Live Remote Service Resources
"{9F672527-2BE4-47AB-B061-C057BDE30B30}" = Windows Live Remote Client Resources
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO
"{A060182D-CDBE-4AD6-B9B4-860B435D6CBD}" = Windows Live Remote Client Resources
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{C1135974-554F-476D-B04F-0B79CFE49364}" = Box Sync (64 bit)
"{C504EC13-E122-4939-BD6E-EE5A3BAA5FEC}" = Windows Live Remote Client Resources
"{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D1C1556C-7FF3-48A3-A5D6-7126F0FAFB66}" = Windows Live Remote Client Resources
"{D4273BA2-0CA1-AC48-8474-A36D3C390D64}" = WMV9/VC-1 Video Playback
"{D55EAC07-7207-44BD-B524-0F063F327743}" = VIx64
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{DBEAA361-F8A4-4298-B41C-9E9DCB9AAB84}" = VPMx64
"{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}" = Windows Live Remote Client Resources
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{ED421F97-E1C3-4E78-9F54-A53888215D58}" = Windows Live Remote Client Resources
"{F1DC5C16-9B1F-467B-85E3-CB48C27AC50D}" = VESx64
"{F2611404-06BF-4E67-A5B7-8DB2FFC1CBF6}" = VSNx64
"{F507DC5D-DB8C-286D-6ECF-ED99D1E0B435}" = ccc-utility64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6CB2C5F-B2C1-4DF1-BF44-39D0DC06FE6F}" = Windows Live Remote Service Resources
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile ITA Language Pack" = Microsoft .NET Framework 4 Client Profile - Language Pack (ITA)
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended ITA Language Pack" = Microsoft .NET Framework 4 Extended - Language Pack (ITA)
"ProInst" = Intel PROSet Wireless
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{007F778D-F15C-4EAB-AE92-071D21FAF632}" = Adobe Photoshop Elements 9
"{00884F14-05BD-4D8E-90E5-1ABF78948CA4}" = Windows Live Mesh
"{011C2E62-D1D1-DBD7-04E3-90988C241CD7}" = Catalyst Control Center Graphics Previews Common
"{0125DB4D-98A0-4DBF-B68A-23BF08FFA6A3}" = Windows Live Messenger
"{02066575-C693-BDAB-43D7-085CE18AC6C1}" = CCC Help French
"{039480EE-6933-4845-88B8-77FD0C3D059D}" = Windows Live Mesh
"{03AA4AEE-545E-E1DA-D3AF-A39370D8038D}" = CCC Help Italian
"{040AB45A-A179-62A2-CE3D-9385ACE9811A}" = CCC Help Turkish
"{046885A1-B4AE-4459-A0D1-8C93706698D6}" =
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{07441A52-E208-478A-92B7-5C337CA8C131}" = VAIO - Riproduzione remota con PlayStation®3
"{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}" = VAIO Smart Network
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{08D7BC86-7358-464C-8AD0-0D84B5F0A0C9}" = Remote Keyboard
"{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack
"{09B7C7EB-3140-4B5E-842F-9C79A7137139}" = Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger
"{0A9256E0-C924-46DE-921B-F6C4548A1C64}" = Windows Live Messenger
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack
"{0C975FCC-A06E-4CB6-8F54-A9B52CF37781}" = Windows Liven sähköposti
"{0E86A175-4AE9-A9E7-A195-6B405FE5C734}" = Catalyst Control Center InstallProxy
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{10186F1A-6A14-43DF-A404-F0105D09BB07}" = Windows Live Mail
"{110668B7-54C6-47C9-BAC4-1CE77F156AF5}" = Windows Live Mesh
"{11417707-1F72-4279-95A3-01E0B898BBF5}" = Windows Live Mesh
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{1203DC60-D9BD-44F9-B372-2B8F227E6094}" = Windows Live Temel Parçalar
"{12EDC60F-282F-12CA-B369-88C5D467F460}" = CCC Help Spanish
"{133D51EE-3B24-6C17-5DE7-8DCE34F55B3A}" = CCC Help Greek
"{133D9D67-D475-4407-AC3C-D558087B2453}" = Windows Live Movie Maker
"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
"{14D08502-FEE4-40E5-90D3-8A967A1D8BA2}" = Readiris Pro 10
"{168E7302-890A-4138-9109-A225ACAF7AD1}" = Windows Live Photo Common
"{17835B63-8308-427F-8CF5-D76E0D5FE457}" = Windows Live Essentials
"{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1A72337E-D126-4BAF-AC89-E6122DB71866}" = Windows Liven valokuvavalikoima
"{1B0545C4-620F-4661-A369-C4D113F24932}" = Windows Live Writer Resources
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{220C7F8C-929D-4F71-9DC7-F7A6823B38E4}" = Windows Live UX Platform Language Pack
"{2303F9E7-6293-4A85-BC21-CA226FAD5CE4}" = Windows Live Mail
"{241E7104-937A-4366-AD57-8FDDDB003939}" = Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi
"{24DF33E0-F924-4D0D-9B96-11F28F0D602D}" = Windows Live UX Platform Language Pack
"{25175695-4B20-4298-9F34-C2C57CD277B3}" = Elements STI Installer
"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
"{25CD4B12-8CC5-433E-B723-C9CB41FA8C5A}" = Windows Live Writer
"{260E3D78-94E6-47EC-8E29-46301572BB1E}" = Control ActiveX Windows Live Mesh pentru conexiuni la distanță
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java™ 6 Update 22
"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources
"{270380EB-8812-42E1-8289-53700DB840D2}" = PMB VAIO Edition Plug-in
"{271B32E5-509E-79D1-CE99-77178D909D5E}" = CCC Help Thai
"{28B9D2D8-4304-483F-AD71-51890A063A74}" = Windows Live Photo Common
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2A15182A-8F9E-B1B4-D55C-00944EE56537}" = ccc-core-static
"{2AD2DD70-27F7-4343-BB4E-DE50A32D854B}" = Windows Live Messenger
"{2BA5FD10-653F-4CAF-9CCD-F685082A1DC1}" = Windows Live Writer
"{2C7E8AA1-9C03-4606-BF34-5D99D07964DA}" = Windows Live Messenger
"{2C8FBAB0-4564-47B8-AC4B-9C7401B94BF2}" = Основи Windows Live
"{2D3E034E-F76B-410A-A169-55755D2637BB}" = Windows Live Mesh
"{2E50E321-4747-4EB5-9ECB-BBC6C3AC0F31}" = Windows Live Writer Resources
"{2EDAE323-B052-E609-7075-190946ACC2F8}" = CCC Help Chinese Standard
"{2F59A94B-D127-B1EA-A5EB-E8A915C648E8}" = CCC Help Danish
"{303143DD-1F6D-4BC5-9342-FFC2E19B2DBD}" = Windows Live Messenger
"{3125D9DE-8D7A-4987-95F3-8A42389833D8}" = Windows Live Writer Resources
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}" = PMB VAIO Edition Guide
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34C4F5AF-D757-4E6A-ABCA-65AB5A50A1A8}" = Windows Live Messenger
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}" = VAIO Care
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}" = ActiveX-kontroll för fjärranslutningar för Windows Live Mesh
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{39BDD209-5704-480C-9F4A-B69D0370DDBB}" = Windows Live Messenger
"{39F95B0B-A0B7-4FA7-BB6C-197DA2546468}" = Windows Live Mesh
"{3A26D9BD-0F73-432D-B522-2BA18138F7EF}" = VAIO Improvement
"{3A94F54D-A8A4-4B82-B346-92B4D56A2708}" = VESx86
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3D0B50EE-F666-545B-9753-C70B52FE4E68}" = Catalyst Control Center Profiles Mobile
"{3D0C22FA-96D7-4789-BC5B-991A5A99BFFA}" = Windows Live Messenger
"{3D3513EB-B4C4-2036-D544-185074D08B40}" = CCC Help Swedish
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{3E8A0EF4-87FE-22C3-254A-94B268DD3529}" = CCC Help Japanese
"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}" = Windows Live Photo Gallery
"{433EACD8-4747-4A6A-826A-FFA9F39B0D40}" = Elements 9 Organizer
"{4444F27C-B1A8-464E-9486-4C37BAB39A09}" = Фотогалерия на Windows Live
"{45160C56-61F6-468D-A5B0-9FAE2C3E68D6}" = Catalyst Control Center - Branding
"{458F399F-62AC-4747-99F5-499BBF073D29}" = Windows Live Writer Resources
"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A04DB63-8F81-4EF4-9D09-61A2057EF419}" = Windows Live Essentials
"{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer
"{4C378B16-46B7-4DA1-A2CE-2EE676F74680}" = Windows Live UX Platform Language Pack
"{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}" = Windows Live Meshin etäyhteyksien ActiveX-komponentti
"{50300123-F8FC-4B50-B449-E847D04F1BA2}" = Windows Live Messenger
"{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack
"{523DF2BB-3A85-4047-9898-29DC8AEB7E69}" = Windows Live UX Platform Language Pack
"{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{5451D7B3-8141-41F6-5DAF-1C9FB55A2953}" = CCC Help English
"{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}" = VAIO Sample Contents
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{57220148-3B2B-412A-A2E0-82B9DF423696}" = Windows Live Mesh ActiveX-objekt til fjernforbindelser
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool
"{5A92468F-3ED8-4F96-A9E1-4F176C80EC29}" = VAIO Quick Web Access
"{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update
"{5C2F5C1B-9732-4F81-8FBF-6711627DC508}" = Windows Live Fotogalleri
"{5D2E7BD7-4B6F-4086-BA8A-E88484750624}" = Windows Live Writer Resources
"{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = Supporto trasferimento VAIO
"{5DECEC5B-31FE-72D4-105F-74C9B6B30FB1}" = CCC Help Korean
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{5FA51AAF-23FE-42F4-A724-D79F85F41D4B}" = Remote Play with PlayStation 3
"{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger
"{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker
"{61438020-DDD4-42FA-99A2-50225441980A}" = ArcSoft Magic-i Visual Effects 2
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{63BD9C9C-F37A-4957-6CC4-5F1C604FBAA7}" = PX Profile Update
"{63C43435-F428-42BA-8E7B-5848749D9262}" = SSLx86
"{63CF7D0C-B6E7-4EE9-8253-816B613CC437}" = Windows Live Mail
"{640798A0-A4FB-4C52-AC72-755134767F1E}" = Windows Live Movie Maker
"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{6748E773-5DA0-4D19-8AA5-273B4133A09B}" = SmartSound Quicktracks for Premiere Elements 9.0
"{6756D5CA-3E31-4308-9BF0-79DFD1AF196E}" = Елемент керування Windows Live Mesh ActiveX для віддалених підключень
"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6986737B-F286-40D1-87AF-938339DCF6AB}" = Windows Live Messenger
"{69CAC24D-B1DC-4B97-A1BE-FE21843108FE}" = Windows Live Writer Resources
"{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}" = Windows Live UX Platform Language Pack
"{6A563426-3474-41C6-B847-42B39F1485B2}" = Windows Live Messenger
"{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh
"{6AC57EEF-2733-4DE6-81BB-E78ACB964C22}" = Windows Live Photo Common
"{6C29152D-3FF9-43B2-84E4-9B35FC0BF5C2}" = Vodafone Mobile Broadband Lite
"{6D30E864-46AE-435B-8230-8B5D42B4AE37}" = Windows Live Messenger
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}" = Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz
"{6EE9F44A-B8C7-4CDB-B2A9-441AF2AE315A}" = Windows Live Messenger
"{6EF2BE2C-3121-48B7-B7A6-C56046B3A588}" = Windows Live Movie Maker
"{6F209625-81BF-3DF2-343B-031F65E0729D}" = CCC Help Chinese Traditional
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{70991E0A-1108-437E-BA7D-085702C670C0}" =
"{70EED410-697B-4193-A2CB-2F790F82B420}" = VAIO Data Restore Tool
"{71A81378-79D5-40CC-9BDC-380642D1A87F}" = Windows Live Writer
"{71C95134-F6A9-45E7-B7B3-07CA6012BF2A}" = Windows Live Mesh
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár
"{734104DE-C2BF-412F-BB97-FCCE1EC94229}" = Windows Live Writer Resources
"{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}" = Windows Live Movie Maker
"{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}" = VAIO - Tastiera remota
"{73D8886A-D416-4687-B609-0D3836BA410C}" = VAIO Event Service
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{74466027-0C28-7F3D-F2BB-01C753AD9D48}" = CCC Help German
"{7465A996-0FCA-4D2D-A52C-F833B0829B5B}" = Windows Live Movie Maker
"{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh
"{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}" = Windows Live UX Platform Language Pack
"{77F69CA1-E53D-4D77-8BA3-FA07606CC851}" = Фотоальбом Windows Live
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{7ADFA72D-2A9F-4DEC-80A5-2FAA27E23F0F}" = Windows Live Photo Common
"{7AF8E500-B349-4A77-8265-9854E9A47925}" = Windows Live Movie Maker
"{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}" = VAIO Easy Connect
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{7D0DE76C-874E-4BDE-A204-F4240160693E}" = Windows Live Photo Common
"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
"{7F6021AE-E688-4D03-843A-C2260482BA0D}" = Windows Live Messenger
"{7FF11E53-C002-4F40-8D68-6BE751E5DD62}" = Windows Live Writer Resources
"{803E4FA5-A940-4420-B89D-A8BC2E160247}" =
"{80651674-74AA-4155-AF2D-1339E628D187}" = Windows Live Movie Maker
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{81F6AAA3-E05C-43E5-A77F-5D8CEB3003B4}" = CCC Help Finnish
"{827D3E4A-0186-48B7-9801-7D1E9DD40C07}" = Windows Live Essentials
"{82803FF3-563F-414F-A403-8D4C167D4120}" = Windows Live Mail
"{82F09B1C-F602-4552-9C40-5BD5F8EAF750}" =
"{8356CB97-A48F-44CB-837A-A12838DC4669}" = PMB VAIO Edition Plug-in
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common
"{85373DA7-834E-4850-8AF5-1D99F7526857}" = Windows Live Photo Common
"{855DDD3C-131E-42A8-BCBD-F9581F80CACB}" =
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{885F1BCD-C344-4758-85BD-09640CF449A5}" = Windows Live Photo Gallery
"{8909CFA8-97BF-4077-AC0F-6925243FFE08}" = Windows Liven asennustyökalu
"{89EDD3BD-61CE-56D6-AF97-C0F06B03C6E6}" = CCC Help Polish
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8CF5D47D-27B7-49D6-A14F-10550B92749D}" = Windows Live UX Platform Language Pack
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{91989CE7-EE83-4A53-8E06-D97887928119}" = VAIO Care
"{91BD94FE-ADCA-49CC-BE96-97D4BBC36FAF}" = Windows Live Mesh
"{92280FD3-A119-41E6-A740-A62DBA4DFB53}" = Windows Live UX Platform Language Pack
"{924B4D82-1B97-48EB-8F1E-55C4353C22DB}" = Windows Live Mail
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources
"{945BB576-897C-82B4-5A67-FA89BE86F5DB}" = Catalyst Control Center Localization All
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B088046-8A01-4355-99DD-8530C022F682}" = VCCx86
"{9BC1E722-AE07-46A3-B7A6-556DBE18E22A}" = SmarThru Office
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7C30414-2382-4086-B0D6-01A88ABA21C3}" = VAIO Gate
"{A7F04563-D754-21D6-840B-B5E5B5D9982D}" = CCC Help Dutch
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA8101DD-1532-4C25-2E16-9E121B81A9B9}" = CCC Help Hungarian
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.8) MUI
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh
"{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail
"{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common
"{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}" = Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych
"{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}" = Windows Live Essentials
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}" = ActiveX контрола на Windows Live Mesh за отдалечени връзки
"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}" = Почта Windows Live
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{B73A5540-CC29-489E-B513-B58EEDEB3A69}" = OpenOffice 4.0.0
"{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default
"{B8991D99-88FD-41F2-8C32-DB70278D5C30}" = VWSTx86
"{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}" = Элемент управления Windows Live Mesh ActiveX для удаленных подключений
"{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}" = Diagnostica ventole CPU VAIO
"{BD2657B8-2006-794C-1F7B-678676CB8CCC}" = CCC Help Russian
"{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}" = Windows Live Photo Common
"{BD695C2F-3EA0-4DA4-92D5-154072468721}" = Windows Live Fotoğraf Galerisi
"{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker
"{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh
"{BF6CF460-40C3-49BA-800A-4B934B6498B1}" = Scan Assistant
"{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live
"{C0357E79-BAED-48F4-8AFE-A5E71AFC2658}" =
"{C08D5964-C42F-48EE-A893-2396F9562A7C}" = Windows Live Mesh
"{C115A674-A398-49E5-9C6E-C0A541D3EA10}" = Фотоколекція Windows Live
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C1C9D199-B4DD-4895-92DD-9A726A2FE341}" = Windows Live Writer
"{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C2D4CD4A-AE20-40B3-8726-8ED1C03E8C15}" = Google Drive
"{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}" = Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia
"{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}" = Windows Live Mesh ActiveX Control for Remote Connections
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}" = Manuale VAIO
"{C72E35E5-C5C6-4328-AD9A-BBCCC816A2E6}" = VAIO Hardware Diagnostics
"{C793AD32-2BB8-4CC4-ABD3-A1469C21593C}" = ArcSoft WebCam Companion 4
"{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{C8A9A732-5C28-83BE-1198-ECAFC7FF9EB4}" = CCC Help Norwegian
"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live
"{CB66242D-12B1-4494-82D2-6F53A7E024A3}" = Galerie foto Windows Live
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CD442136-9115-4236-9C14-278F6A9DCB3F}" = Windows Live Movie Maker
"{CD7CB1E6-267A-408F-877D-B532AD2C882E}" = Windows Live Photo Common
"{CDC39BF2-9697-4959-B893-A2EE05EF6ACB}" = Windows Live Writer
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF671BFE-6BA3-44E7-98C1-500D9C51D947}" = Windows Live Photo Gallery
"{D07B1FDA-876B-4914-9E9A-309732B6D44F}" = Windows Live Mail
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D17C2A58-E0EA-4DD7-A2D6-C448FD25B6F6}" = VIx86
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D306B9F2-05C1-1831-3A6B-2735C8249090}" = CCC Help Czech
"{D31169F2-CD71-4337-B783-3E53F29F4CAD}" = Windows Live Mail
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D57A002F-2B34-4E7B-A58B-0A4FBDA2E93F}" = Windows Live Messenger
"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DA29F644-2420-4448-8128-1331BE588999}" = Windows Live Writer
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}" = Windows Live Movie Maker
"{DCAB6BA7-6533-44BF-9235-E5BF33B7431C}" = Windows Live Writer
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer
"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2AE009D-37E5-4724-A6B8-0ED6A6BA4F68}" = Elements STI Installer
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligações Remotas
"{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer
"{E5D03B2E-B2D4-477F-A60D-8E1969D821FA}" = Adobe Flash Player 10 ActiveX
"{E5DD4723-FE0B-436E-A815-DC23CF902A0B}" = Windows Live UX Platform Language Pack
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{E6725026-A650-449C-897B-D6B7A5EEA058}" = Adobe Flash Player 10 Plugin
"{E7688C7D-DE09-4D43-9785-534EDE9BC18E}" = Windows Live Messenger
"{E83DC314-C926-4214-AD58-147691D6FE9F}" = Основные компоненты Windows Live
"{E8524B28-3BBB-4763-AC83-0E83FE31C350}" = Windows Live Writer
"{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}" = Windows Live Writer Resources
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EB9955F8-467C-47FC-90F8-12CD5DF684C3}" = Adobe Premiere Elements 9
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Display Audio Driver
"{F0F9505B-3ACF-4158-9311-D0285136AA00}" = Windows Live Essentials
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F28C98E9-BAC1-41FF-81F2-8885925CCB48}" = Windows Live Writer
"{F302F4F0-588D-6501-1ACF-BE3FDCC9135D}" = Adobe Community Help
"{F463371D-5458-A536-929D-93C0640C5BB0}" = CCC Help Portuguese
"{F4BEA6C1-AAC3-4810-AAEA-588E26E0F237}" = Windows Live UX Platform Language Pack
"{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}" = Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις
"{F694D1F7-1F12-4550-9B7A-C871273ABAD5}" = Windows Live Messenger
"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker
"{F84906ED-BB54-4889-B131-FED9C9056FC8}" = Intel® Wireless Display
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail
"{FA870BF1-44A1-4B7D-93E1-C101369AF0C1}" = VAIO - Media Gallery
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" =
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"Adobe AIR" = Adobe AIR
"Adobe Photoshop Elements 9" = Adobe Photoshop Elements 9
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Google Chrome" = Google Chrome
"InstallShield_{270380EB-8812-42E1-8289-53700DB840D2}" = VAIO - PMB VAIO Edition Plug-in
"InstallShield_{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}" = VAIO - PMB VAIO Edition Guide
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{6748E773-5DA0-4D19-8AA5-273B4133A09B}" = SmartSound Quicktracks for Premiere Elements 9.0
"Mozilla Thunderbird 24.0 (x86 it)" = Mozilla Thunderbird 24.0 (x86 it)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"PremElem90" = Adobe Premiere Elements 9
"Samsung CLX-6200 Series" = Samsung CLX-6200 Series
"SmarThru Office PC Fax" = SmarThru Office PC Fax
"splashtop" = VAIO Quick Web Access
"VAIO Help and Support" =
"VAIO S Series - Summer 2011 Screensaver" = VAIO S Series - Summer 2011 Screensaver
"WinLiveSuite" = Windows Live Essentials
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-3170728469-4140063368-75880603-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 30/09/2013 15:05:08 | Computer Name = SaraCortelazzi | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Servizi di crittografia: impossibile elaborare la chiamata OnIdentity()
 nell'oggetto writer del sistema.  Details: AddWin32ServiceFiles: Unable to back up
 image of service Panda Function Service since QueryServiceConfig API failed  System
 Error: Impossibile trovare il file specificato.  .
 
Error - 30/09/2013 15:05:08 | Computer Name = SaraCortelazzi | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Servizi di crittografia: impossibile elaborare la chiamata OnIdentity()
 nell'oggetto writer del sistema.  Details: AddWin32ServiceFiles: Unable to back up
 image of service Panda On-Access Anti-Malware Service since QueryServiceConfig
API failed  System Error: Impossibile trovare il file specificato.  .
 
Error - 30/09/2013 15:05:08 | Computer Name = SaraCortelazzi | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Servizi di crittografia: impossibile elaborare la chiamata OnIdentity()
 nell'oggetto writer del sistema.  Details: AddWin32ServiceFiles: Unable to back up
 image of service Panda IManager Service since QueryServiceConfig API failed  System
 Error: Impossibile trovare il file specificato.  .
 
Error - 30/09/2013 15:05:08 | Computer Name = SaraCortelazzi | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Servizi di crittografia: impossibile elaborare la chiamata OnIdentity()
 nell'oggetto writer del sistema.  Details: AddWin32ServiceFiles: Unable to back up
 image of service Panda PSK service since QueryServiceConfig API failed  System Error:
Impossibile
 trovare il file specificato.  .
 
Error - 30/09/2013 15:09:29 | Computer Name = SaraCortelazzi | Source = WinMgmt | ID = 10
Description =
 
Error - 30/09/2013 15:09:33 | Computer Name = SaraCortelazzi | Source = VmbService | ID = 0
Description = conflictManagerTypeValue
 
Error - 01/10/2013 06:53:47 | Computer Name = SaraCortelazzi | Source = WinMgmt | ID = 10
Description =
 
Error - 01/10/2013 06:53:53 | Computer Name = SaraCortelazzi | Source = VmbService | ID = 0
Description = conflictManagerTypeValue
 
Error - 01/10/2013 08:56:05 | Computer Name = SaraCortelazzi | Source = WinMgmt | ID = 10
Description =
 
Error - 01/10/2013 08:56:23 | Computer Name = SaraCortelazzi | Source = VmbService | ID = 0
Description = conflictManagerTypeValue
 
[ System Events ]
Error - 30/09/2013 08:14:07 | Computer Name = SaraCortelazzi | Source = Service Control Manager | ID = 7000
Description = Il servizio DgiVecp non è stato avviato per il seguente errore:   %%2
 
Error - 30/09/2013 08:28:59 | Computer Name = SaraCortelazzi | Source = Service Control Manager | ID = 7000
Description = Il servizio DgiVecp non è stato avviato per il seguente errore:   %%20
 
Error - 30/09/2013 08:38:06 | Computer Name = SaraCortelazzi | Source = DCOM | ID = 10010
Description =
 
Error - 30/09/2013 08:40:10 | Computer Name = SaraCortelazzi | Source = Service Control Manager | ID = 7000
Description = Il servizio DgiVecp non è stato avviato per il seguente errore:   %%20
 
 
< End of report >
 



#4 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:51 AM

Posted 01 October 2013 - 08:32 AM

Scan with Gmer rootkit scanner

Please download Gmer from here by clicking on the "Download EXE" Button.

  • Double click on the randomly named GMER.exe. If asked to allow gmer.sys driver to load, please consent.
  • If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.
  • In the right panel, you will see several boxes that have been checked. Uncheck the following ...
    • Sections
    • IAT/EAT
    • Show All ( should be unchecked by default )
  • Leave everything else as it is.
  • Close all other running programs as well as your Browser.
  • Click the Scan button & wait for it to finish.
  • Once done click on the Save.. button, and in the File name area, type in "ark.txt" or it will save as a .log file which cannot be uploaded to your post.
  • Save it where you can easily find it, such as your desktop.
  • Please post the content of the ark.txt here.

**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#5 sara.cortelazzi

sara.cortelazzi
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:51 AM

Posted 01 October 2013 - 08:45 AM

The ARK file is empty.

Immediately after have done Scan with Gmer rootkit scanner

i've had this message attached and i've shutted down my pc :(

 

Attached Files



#6 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:51 AM

Posted 01 October 2013 - 08:51 AM

Yes, that may occur.

 

Skip gmer.

 

 

Scan with aswMBR

Please download aswMBR ( 4.5MB ) to your desktop.

  • Double click the aswMBR.exe icon, and click Run.
  • There will be a short delay before the next dialog box comes up. Please just wait a minute or two.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Typically this is about a 100MB download so depending on your connection speed it can take a short while to download and become ready.
  • Click the Scan button to start the scan once the update has finished downloading
  • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.

Note: There will also be a file on your desktop named MBR.dat do not delete this for now. It is an actual backup of the MBR (master boot record).

 

 

 

Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.exe and save it to your desktop

  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Cure. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt


Please post the contents of that log in your next reply.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#7 sara.cortelazzi

sara.cortelazzi
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:51 AM

Posted 01 October 2013 - 09:32 AM

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-10-01 15:54:39
-----------------------------
15:54:39.468    OS Version: Windows x64 6.1.7601 Service Pack 1
15:54:39.468    Number of processors: 4 586 0x2A07
15:54:39.468    ComputerName: SARACORTELAZZI  UserName:
15:54:42.417    Initialize success
15:56:11.920    AVAST engine defs: 13100100
15:56:20.094    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
15:56:20.094    Disk 0 Vendor: TOSHIBA_ GB00 Size: 476940MB BusType: 3
15:56:20.250    Disk 0 MBR read successfully
15:56:20.266    Disk 0 MBR scan
15:56:20.266    Disk 0 Windows 7 default MBR code
15:56:20.281    Disk 0 Partition 1 00     27 Hidden NTFS WinRE NTFS        16643 MB offset 2048
15:56:20.359    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 34086912
15:56:20.390    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       460195 MB offset 34291712
15:56:20.687    Disk 0 scanning C:\Windows\system32\drivers
15:56:44.446    Service scanning
15:58:58.419    Modules scanning
15:58:58.434    Disk 0 trace - called modules:
15:58:58.465    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys
15:58:58.481    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800842b060]
15:58:58.497    3 CLASSPNP.SYS[fffff8800185143f] -> nt!IofCallDriver -> [0xfffffa8006587b20]
15:58:58.512    5 ACPI.sys[fffff88000d5d7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800663e050]
15:59:00.837    AVAST engine scan C:\Windows
15:59:05.002    AVAST engine scan C:\Windows\system32
16:04:02.992    AVAST engine scan C:\Windows\system32\drivers
16:04:32.804    AVAST engine scan C:\Users\Sara Cortelazzi
16:25:19.784    AVAST engine scan C:\ProgramData
16:27:57.656    Scan finished successfully
16:28:17.047    Disk 0 MBR has been saved successfully to "C:\Users\Sara Cortelazzi\Desktop\MBR.dat"
16:28:17.047    The log file has been saved successfully to "C:\Users\Sara Cortelazzi\Desktop\aswMBR.txt"

 

 

 

 

 

16:29:20.0679 6060  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
16:29:20.0929 6060  ============================================================
16:29:20.0929 6060  Current date / time: 2013/10/01 16:29:20.0929
16:29:20.0929 6060  SystemInfo:
16:29:20.0929 6060 
16:29:20.0929 6060  OS Version: 6.1.7601 ServicePack: 1.0
16:29:20.0929 6060  Product type: Workstation
16:29:20.0929 6060  ComputerName: SARACORTELAZZI
16:29:20.0929 6060  UserName: Sara Cortelazzi
16:29:20.0929 6060  Windows directory: C:\Windows
16:29:20.0929 6060  System windows directory: C:\Windows
16:29:20.0929 6060  Running under WOW64
16:29:20.0929 6060  Processor architecture: Intel x64
16:29:20.0929 6060  Number of processors: 4
16:29:20.0929 6060  Page size: 0x1000
16:29:20.0929 6060  Boot type: Normal boot
16:29:20.0929 6060  ============================================================
16:29:21.0381 6060  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:29:21.0381 6060  ============================================================
16:29:21.0381 6060  \Device\Harddisk0\DR0:
16:29:21.0381 6060  MBR partitions:
16:29:21.0381 6060  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2082000, BlocksNum 0x32000
16:29:21.0381 6060  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x20B4000, BlocksNum 0x382D1800
16:29:21.0381 6060  ============================================================
16:29:21.0428 6060  C: <-> \Device\Harddisk0\DR0\Partition2
16:29:21.0428 6060  ============================================================
16:29:21.0428 6060  Initialize success
16:29:21.0428 6060  ============================================================
16:29:32.0473 5664  ============================================================
16:29:32.0473 5664  Scan started
16:29:32.0473 5664  Mode: Manual;
16:29:32.0473 5664  ============================================================
16:29:33.0970 5664  ================ Scan system memory ========================
16:29:33.0970 5664  System memory - ok
16:29:33.0986 5664  ================ Scan services =============================
16:29:34.0547 5664  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
16:29:34.0547 5664  1394ohci - ok
16:29:34.0657 5664  [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon        C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
16:29:34.0657 5664  ACDaemon - ok
16:29:34.0703 5664  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
16:29:34.0703 5664  ACPI - ok
16:29:34.0735 5664  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
16:29:34.0735 5664  AcpiPmi - ok
16:29:35.0156 5664  [ 1474F121C3DF1232D3E7239C03691EE6 ] AdobeActiveFileMonitor9.0 c:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
16:29:35.0156 5664  AdobeActiveFileMonitor9.0 - ok
16:29:35.0265 5664  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:29:35.0265 5664  AdobeARMservice - ok
16:29:35.0296 5664  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
16:29:35.0312 5664  adp94xx - ok
16:29:35.0359 5664  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
16:29:35.0359 5664  adpahci - ok
16:29:35.0374 5664  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
16:29:35.0374 5664  adpu320 - ok
16:29:35.0405 5664  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
16:29:35.0405 5664  AeLookupSvc - ok
16:29:35.0437 5664  [ D31DC7A16DEA4A9BAF179F3D6FBDB38C ] AFD             C:\Windows\system32\drivers\afd.sys
16:29:35.0452 5664  AFD - ok
16:29:35.0452 5664  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
16:29:35.0468 5664  agp440 - ok
16:29:35.0483 5664  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
16:29:35.0483 5664  ALG - ok
16:29:35.0499 5664  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
16:29:35.0515 5664  aliide - ok
16:29:35.0561 5664  [ 14BD9450992551A5A58580B4BA85DAA1 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
16:29:35.0561 5664  AMD External Events Utility - ok
16:29:35.0577 5664  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
16:29:35.0577 5664  amdide - ok
16:29:35.0608 5664  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
16:29:35.0608 5664  AmdK8 - ok
16:29:35.0842 5664  [ 62B34EE19B5ECDA129FADD10B7D2EA9C ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
16:29:36.0029 5664  amdkmdag - ok
16:29:36.0700 5664  [ 7033CAA5B9550E470C985815382744FF ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
16:29:36.0716 5664  amdkmdap - ok
16:29:36.0731 5664  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
16:29:36.0731 5664  AmdPPM - ok
16:29:36.0778 5664  [ 6EC6D772EAE38DC17C14AED9B178D24B ] amdsata         C:\Windows\system32\drivers\amdsata.sys
16:29:36.0778 5664  amdsata - ok
16:29:36.0809 5664  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
16:29:36.0809 5664  amdsbs - ok
16:29:36.0809 5664  [ 1142A21DB581A84EA5597B03A26EBAA0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
16:29:36.0809 5664  amdxata - ok
16:29:36.0872 5664  [ 9DC1A45BA81C923DB68A162B0F0D0149 ] ApfiltrService  C:\Windows\system32\DRIVERS\Apfiltr.sys
16:29:36.0872 5664  ApfiltrService - ok
16:29:36.0887 5664  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
16:29:36.0887 5664  AppID - ok
16:29:36.0919 5664  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
16:29:36.0919 5664  AppIDSvc - ok
16:29:36.0919 5664  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
16:29:36.0919 5664  Appinfo - ok
16:29:36.0965 5664  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
16:29:36.0965 5664  arc - ok
16:29:36.0965 5664  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
16:29:36.0965 5664  arcsas - ok
16:29:37.0043 5664  [ C130BC4A51B1382B2BE8E44579EC4C0A ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
16:29:37.0043 5664  ArcSoftKsUFilter - ok
16:29:37.0246 5664  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:29:37.0246 5664  aspnet_state - ok
16:29:37.0371 5664  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
16:29:37.0371 5664  AsyncMac - ok
16:29:37.0371 5664  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
16:29:37.0371 5664  atapi - ok
16:29:37.0433 5664  [ E857EEE6B92AAA473EBB3465ADD8F7E7 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
16:29:37.0449 5664  athr - ok
16:29:37.0527 5664  [ 26970F26EBAB7D5D1B795A3F9013CD80 ] ATSwpWDF        C:\Windows\system32\DRIVERS\ATSwpWDF.sys
16:29:37.0527 5664  ATSwpWDF - ok
16:29:37.0589 5664  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:29:37.0605 5664  AudioEndpointBuilder - ok
16:29:37.0605 5664  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
16:29:37.0605 5664  AudioSrv - ok
16:29:37.0667 5664  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
16:29:37.0667 5664  AxInstSV - ok
16:29:37.0699 5664  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
16:29:37.0699 5664  b06bdrv - ok
16:29:37.0761 5664  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
16:29:37.0761 5664  b57nd60a - ok
16:29:37.0792 5664  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
16:29:37.0808 5664  BDESVC - ok
16:29:37.0808 5664  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
16:29:37.0808 5664  Beep - ok
16:29:37.0855 5664  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
16:29:37.0870 5664  BFE - ok
16:29:37.0917 5664  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
16:29:37.0917 5664  BITS - ok
16:29:37.0948 5664  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
16:29:37.0948 5664  blbdrive - ok
16:29:37.0948 5664  [ 91CE0D3DC57DD377E690A2D324022B08 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
16:29:37.0948 5664  bowser - ok
16:29:37.0979 5664  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
16:29:37.0979 5664  BrFiltLo - ok
16:29:37.0979 5664  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
16:29:37.0979 5664  BrFiltUp - ok
16:29:37.0995 5664  [ 8EF0D5C41EC907751B8429162B1239ED ] Browser         C:\Windows\System32\browser.dll
16:29:37.0995 5664  Browser - ok
16:29:38.0042 5664  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
16:29:38.0042 5664  Brserid - ok
16:29:38.0042 5664  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
16:29:38.0042 5664  BrSerWdm - ok
16:29:38.0042 5664  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
16:29:38.0057 5664  BrUsbMdm - ok
16:29:38.0057 5664  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
16:29:38.0057 5664  BrUsbSer - ok
16:29:38.0104 5664  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
16:29:38.0104 5664  BthEnum - ok
16:29:38.0120 5664  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
16:29:38.0120 5664  BTHMODEM - ok
16:29:38.0135 5664  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
16:29:38.0135 5664  BthPan - ok
16:29:38.0198 5664  [ 0D25B6D300BA26A5F2C3B2A8E96B158B ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
16:29:38.0198 5664  BTHPORT - ok
16:29:38.0260 5664  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
16:29:38.0260 5664  bthserv - ok
16:29:38.0276 5664  [ 1F9912F8EC5BFA53432E71E150636A8A ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
16:29:38.0276 5664  BTHUSB - ok
16:29:38.0291 5664  [ 7A2CE8C1BF4DAA1F2766E21E9CA11078 ] btwampfl        C:\Windows\system32\drivers\btwampfl.sys
16:29:38.0307 5664  btwampfl - ok
16:29:38.0354 5664  [ A75BF6802A967F5AACECC3C67FEBDF55 ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
16:29:38.0354 5664  btwaudio - ok
16:29:38.0385 5664  [ D895DC213EDBDA5FCC53AAD1F1E0E63B ] btwavdt         C:\Windows\system32\DRIVERS\btwavdt.sys
16:29:38.0385 5664  btwavdt - ok
16:29:38.0619 5664  [ 692F8648D7686D91E34A65AC698019D8 ] btwdins         C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
16:29:38.0619 5664  btwdins - ok
16:29:38.0666 5664  [ 07096D2BC22CCB6CEA5A532DF0BE8A75 ] btwl2cap        C:\Windows\system32\DRIVERS\btwl2cap.sys
16:29:38.0681 5664  btwl2cap - ok
16:29:38.0713 5664  [ 6D7AA2BDE0135599C5F230D69DB3B420 ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
16:29:38.0713 5664  btwrchid - ok
16:29:38.0728 5664  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
16:29:38.0728 5664  cdfs - ok
16:29:38.0775 5664  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
16:29:38.0775 5664  cdrom - ok
16:29:38.0822 5664  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
16:29:38.0822 5664  CertPropSvc - ok
16:29:38.0853 5664  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
16:29:38.0853 5664  circlass - ok
16:29:38.0884 5664  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
16:29:38.0884 5664  CLFS - ok
16:29:39.0040 5664  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:29:39.0040 5664  clr_optimization_v2.0.50727_32 - ok
16:29:39.0134 5664  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:29:39.0134 5664  clr_optimization_v2.0.50727_64 - ok
16:29:39.0321 5664  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:29:39.0321 5664  clr_optimization_v4.0.30319_32 - ok
16:29:39.0368 5664  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:29:39.0368 5664  clr_optimization_v4.0.30319_64 - ok
16:29:39.0415 5664  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
16:29:39.0415 5664  CmBatt - ok
16:29:39.0430 5664  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
16:29:39.0430 5664  cmdide - ok
16:29:39.0461 5664  [ D5FEA92400F12412B3922087C09DA6A5 ] CNG             C:\Windows\system32\Drivers\cng.sys
16:29:39.0461 5664  CNG - ok
16:29:39.0493 5664  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
16:29:39.0493 5664  Compbatt - ok
16:29:39.0493 5664  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
16:29:39.0493 5664  CompositeBus - ok
16:29:39.0524 5664  COMSysApp - ok
16:29:39.0524 5664  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
16:29:39.0524 5664  crcdisk - ok
16:29:39.0555 5664  [ 15597883FBE9B056F276ADA3AD87D9AF ] CryptSvc        C:\Windows\system32\cryptsvc.dll
16:29:39.0555 5664  CryptSvc - ok
16:29:39.0617 5664  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
16:29:39.0617 5664  DcomLaunch - ok
16:29:39.0649 5664  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
16:29:39.0664 5664  defragsvc - ok
16:29:39.0711 5664  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
16:29:39.0711 5664  DfsC - ok
16:29:39.0758 5664  [ CFBB4907C7542180B5E0282301240006 ] DgiVecp         C:\Windows\system32\Drivers\DgiVecp.sys
16:29:39.0758 5664  DgiVecp - ok
16:29:39.0789 5664  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
16:29:39.0789 5664  Dhcp - ok
16:29:39.0805 5664  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
16:29:39.0805 5664  discache - ok
16:29:39.0836 5664  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
16:29:39.0836 5664  Disk - ok
16:29:39.0867 5664  [ CD55F5355D8F55D44C9F4ED875705BD6 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
16:29:39.0867 5664  Dnscache - ok
16:29:39.0883 5664  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
16:29:39.0883 5664  dot3svc - ok
16:29:39.0914 5664  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
16:29:39.0914 5664  DPS - ok
16:29:39.0945 5664  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
16:29:39.0945 5664  drmkaud - ok
16:29:39.0992 5664  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
16:29:40.0007 5664  DXGKrnl - ok
16:29:40.0054 5664  [ 50AD8FC1DC800FF36087994C8F7FDFF2 ] e1yexpress      C:\Windows\system32\DRIVERS\e1y60x64.sys
16:29:40.0054 5664  e1yexpress - ok
16:29:40.0101 5664  [ 398904F1FBF13CEF0FCB822E9CA5F2D5 ] eamonm          C:\Windows\system32\DRIVERS\eamonm.sys
16:29:40.0101 5664  eamonm - ok
16:29:40.0148 5664  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
16:29:40.0148 5664  EapHost - ok
16:29:40.0585 5664  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
16:29:40.0631 5664  ebdrv - ok
16:29:40.0663 5664  [ 0793F40B9B8A1BDD266296409DBD91EA ] EFS             C:\Windows\System32\lsass.exe
16:29:40.0663 5664  EFS - ok
16:29:40.0756 5664  [ 9E39134330C18CBAC0F24C1283701D7E ] ehdrv           C:\Windows\system32\DRIVERS\ehdrv.sys
16:29:40.0756 5664  ehdrv - ok
16:29:40.0834 5664  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
16:29:40.0850 5664  ehRecvr - ok
16:29:40.0865 5664  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
16:29:40.0865 5664  ehSched - ok
16:29:41.0037 5664  [ 7FE34FD5652C54BDA8D2DF8AC92E833A ] ekrn            C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
16:29:41.0053 5664  ekrn - ok
16:29:41.0115 5664  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
16:29:41.0115 5664  elxstor - ok
16:29:41.0162 5664  [ B4E8DC817963B256537B1EC09AF0647E ] epfwwfpr        C:\Windows\system32\DRIVERS\epfwwfpr.sys
16:29:41.0162 5664  epfwwfpr - ok
16:29:41.0162 5664  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
16:29:41.0162 5664  ErrDev - ok
16:29:41.0255 5664  esgiguard - ok
16:29:41.0302 5664  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
16:29:41.0302 5664  EventSystem - ok
16:29:41.0411 5664  [ 7EE9F35BC1DD0CE1A4976032F9AC5162 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
16:29:41.0427 5664  EvtEng - ok
16:29:41.0505 5664  [ CE526B76F30A4795EBF8421C6C0B48C3 ] ewusbnet        C:\Windows\system32\DRIVERS\ewusbnet.sys
16:29:41.0505 5664  ewusbnet - ok
16:29:41.0567 5664  [ 86F7951BBCEE4A86E79A97306BD14318 ] ew_hwusbdev     C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
16:29:41.0567 5664  ew_hwusbdev - ok
16:29:41.0630 5664  [ 55E0EDA185869F7EA67EA97FD0655B39 ] ew_usbenumfilter C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys
16:29:41.0630 5664  ew_usbenumfilter - ok
16:29:41.0661 5664  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
16:29:41.0661 5664  exfat - ok
16:29:41.0677 5664  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
16:29:41.0677 5664  fastfat - ok
16:29:41.0723 5664  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
16:29:41.0739 5664  Fax - ok
16:29:41.0755 5664  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
16:29:41.0755 5664  fdc - ok
16:29:41.0817 5664  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
16:29:41.0817 5664  fdPHost - ok
16:29:41.0833 5664  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
16:29:41.0833 5664  FDResPub - ok
16:29:41.0864 5664  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
16:29:41.0864 5664  FileInfo - ok
16:29:41.0864 5664  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
16:29:41.0864 5664  Filetrace - ok
16:29:41.0879 5664  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
16:29:41.0879 5664  flpydisk - ok
16:29:41.0911 5664  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
16:29:41.0911 5664  FltMgr - ok
16:29:41.0957 5664  [ B4447F606BB19FD8AD0BAFB59B90F5D9 ] FontCache       C:\Windows\system32\FntCache.dll
16:29:41.0957 5664  FontCache - ok
16:29:42.0004 5664  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:29:42.0004 5664  FontCache3.0.0.0 - ok
16:29:42.0113 5664  [ EC8D14B3D2D3A3FD88AA2EE05670B497 ] FPLService      C:\Program Files\TrueSuite\TrueSuite.Service.exe
16:29:42.0113 5664  FPLService - ok
16:29:42.0129 5664  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
16:29:42.0160 5664  FsDepends - ok
16:29:42.0191 5664  [ E95EF8547DE20CF0603557C0CF7A9462 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
16:29:42.0191 5664  Fs_Rec - ok
16:29:42.0207 5664  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
16:29:42.0207 5664  fvevol - ok
16:29:42.0238 5664  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
16:29:42.0238 5664  gagp30kx - ok
16:29:42.0269 5664  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
16:29:42.0285 5664  gpsvc - ok
16:29:42.0347 5664  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:29:42.0347 5664  gupdate - ok
16:29:42.0379 5664  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:29:42.0379 5664  gupdatem - ok
16:29:42.0410 5664  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
16:29:42.0410 5664  hcw85cir - ok
16:29:42.0425 5664  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:29:42.0425 5664  HdAudAddService - ok
16:29:42.0457 5664  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
16:29:42.0457 5664  HDAudBus - ok
16:29:42.0457 5664  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
16:29:42.0457 5664  HidBatt - ok
16:29:42.0472 5664  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
16:29:42.0472 5664  HidBth - ok
16:29:42.0472 5664  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
16:29:42.0472 5664  HidIr - ok
16:29:42.0503 5664  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
16:29:42.0503 5664  hidserv - ok
16:29:42.0535 5664  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
16:29:42.0535 5664  HidUsb - ok
16:29:42.0566 5664  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
16:29:42.0566 5664  hkmsvc - ok
16:29:42.0581 5664  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:29:42.0581 5664  HomeGroupListener - ok
16:29:42.0628 5664  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:29:42.0628 5664  HomeGroupProvider - ok
16:29:42.0644 5664  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
16:29:42.0659 5664  HpSAMD - ok
16:29:42.0675 5664  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
16:29:42.0675 5664  HTTP - ok
16:29:42.0753 5664  [ BAFE6B0B92BE69144D59907550A07678 ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys
16:29:42.0753 5664  huawei_enumerator - ok
16:29:42.0831 5664  [ F47F112DC883F7A9E4618A006CC6DE1B ] hwdatacard      C:\Windows\system32\DRIVERS\ewusbmdm.sys
16:29:42.0831 5664  hwdatacard - ok
16:29:42.0862 5664  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
16:29:42.0862 5664  hwpolicy - ok
16:29:42.0893 5664  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
16:29:42.0893 5664  i8042prt - ok
16:29:42.0925 5664  [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor          C:\Windows\system32\drivers\iaStor.sys
16:29:42.0940 5664  iaStor - ok
16:29:43.0018 5664  [ 8FFF9083252C16FE3960173722605E9E ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
16:29:43.0018 5664  IAStorDataMgrSvc - ok
16:29:43.0049 5664  [ 3DF4395A7CF8B7A72A5F4606366B8C2D ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
16:29:43.0065 5664  iaStorV - ok
16:29:43.0143 5664  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:29:43.0159 5664  idsvc - ok
16:29:43.0159 5664  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
16:29:43.0159 5664  iirsp - ok
16:29:43.0221 5664  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
16:29:43.0237 5664  IKEEXT - ok
16:29:43.0393 5664  [ CDB772F707AC24B43A20C821852CA61F ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:29:43.0408 5664  IntcAzAudAddService - ok
16:29:43.0471 5664  [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
16:29:43.0471 5664  IntcDAud - ok
16:29:43.0502 5664  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
16:29:43.0502 5664  intelide - ok
16:29:43.0829 5664  [ EFE5A0AF39A8E179624117C521F1E012 ] intelkmd        C:\Windows\system32\DRIVERS\igdpmd64.sys
16:29:44.0063 5664  intelkmd - ok
16:29:44.0095 5664  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
16:29:44.0095 5664  intelppm - ok
16:29:44.0126 5664  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
16:29:44.0126 5664  IPBusEnum - ok
16:29:44.0141 5664  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:29:44.0141 5664  IpFilterDriver - ok
16:29:44.0173 5664  [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
16:29:44.0173 5664  iphlpsvc - ok
16:29:44.0188 5664  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
16:29:44.0188 5664  IPMIDRV - ok
16:29:44.0204 5664  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
16:29:44.0204 5664  IPNAT - ok
16:29:44.0235 5664  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
16:29:44.0235 5664  IRENUM - ok
16:29:44.0235 5664  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
16:29:44.0235 5664  isapnp - ok
16:29:44.0266 5664  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
16:29:44.0266 5664  iScsiPrt - ok
16:29:44.0282 5664  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
16:29:44.0282 5664  kbdclass - ok
16:29:44.0297 5664  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
16:29:44.0297 5664  kbdhid - ok
16:29:44.0329 5664  [ 0793F40B9B8A1BDD266296409DBD91EA ] KeyIso          C:\Windows\system32\lsass.exe
16:29:44.0329 5664  KeyIso - ok
16:29:44.0547 5664  [ CCD53B5BD33CE0C889E830D839C8B66E ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
16:29:44.0687 5664  KSecDD - ok
16:29:44.0703 5664  [ 9FF918A261752C12639E8AD4208D2C2F ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
16:29:44.0703 5664  KSecPkg - ok
16:29:44.0703 5664  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
16:29:44.0703 5664  ksthunk - ok
16:29:45.0499 5664  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
16:29:45.0514 5664  KtmRm - ok
16:29:45.0577 5664  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
16:29:45.0592 5664  LanmanServer - ok
16:29:45.0655 5664  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:29:45.0655 5664  LanmanWorkstation - ok
16:29:45.0701 5664  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
16:29:45.0701 5664  lltdio - ok
16:29:45.0717 5664  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
16:29:45.0717 5664  lltdsvc - ok
16:29:45.0733 5664  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
16:29:45.0733 5664  lmhosts - ok
16:29:45.0795 5664  [ 50C7CE53EF461870410355F1F2E7D515 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
16:29:45.0795 5664  LMS - ok
16:29:45.0795 5664  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
16:29:45.0795 5664  LSI_FC - ok
16:29:45.0842 5664  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
16:29:45.0842 5664  LSI_SAS - ok
16:29:45.0842 5664  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
16:29:45.0842 5664  LSI_SAS2 - ok
16:29:45.0842 5664  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
16:29:45.0857 5664  LSI_SCSI - ok
16:29:45.0873 5664  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
16:29:45.0873 5664  luafv - ok
16:29:45.0920 5664  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
16:29:45.0920 5664  Mcx2Svc - ok
16:29:45.0951 5664  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
16:29:45.0951 5664  megasas - ok
16:29:45.0998 5664  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
16:29:45.0998 5664  MegaSR - ok
16:29:46.0045 5664  [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
16:29:46.0045 5664  MEIx64 - ok
16:29:46.0076 5664  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
16:29:46.0076 5664  MMCSS - ok
16:29:46.0091 5664  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
16:29:46.0091 5664  Modem - ok
16:29:46.0107 5664  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
16:29:46.0107 5664  monitor - ok
16:29:46.0123 5664  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
16:29:46.0123 5664  mouclass - ok
16:29:46.0123 5664  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
16:29:46.0123 5664  mouhid - ok
16:29:46.0154 5664  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
16:29:46.0154 5664  mountmgr - ok
16:29:46.0201 5664  [ F17FD0051108B5AE5ED37FF24CEF2183 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:29:46.0201 5664  MozillaMaintenance - ok
16:29:46.0201 5664  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
16:29:46.0216 5664  mpio - ok
16:29:46.0232 5664  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
16:29:46.0232 5664  mpsdrv - ok
16:29:46.0279 5664  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
16:29:46.0294 5664  MpsSvc - ok
16:29:46.0294 5664  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
16:29:46.0294 5664  MRxDAV - ok
16:29:46.0325 5664  [ FAF015B07E3A2874A790A39B7D2C579F ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
16:29:46.0341 5664  mrxsmb - ok
16:29:46.0341 5664  [ 08E2345DF129082BCDFFDC1440F9C00D ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:29:46.0341 5664  mrxsmb10 - ok
16:29:46.0341 5664  [ 108D87409C5812EF47D81E22843E8C9D ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:29:46.0357 5664  mrxsmb20 - ok
16:29:46.0357 5664  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
16:29:46.0357 5664  msahci - ok
16:29:46.0372 5664  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
16:29:46.0372 5664  msdsm - ok
16:29:46.0403 5664  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
16:29:46.0419 5664  MSDTC - ok
16:29:46.0435 5664  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
16:29:46.0435 5664  Msfs - ok
16:29:46.0435 5664  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
16:29:46.0435 5664  mshidkmdf - ok
16:29:46.0435 5664  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
16:29:46.0435 5664  msisadrv - ok
16:29:46.0481 5664  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
16:29:46.0481 5664  MSiSCSI - ok
16:29:46.0481 5664  msiserver - ok
16:29:46.0513 5664  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
16:29:46.0513 5664  MSKSSRV - ok
16:29:46.0513 5664  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
16:29:46.0513 5664  MSPCLOCK - ok
16:29:46.0513 5664  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
16:29:46.0513 5664  MSPQM - ok
16:29:46.0544 5664  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
16:29:46.0544 5664  MsRPC - ok
16:29:46.0559 5664  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
16:29:46.0559 5664  mssmbios - ok
16:29:46.0575 5664  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
16:29:46.0575 5664  MSTEE - ok
16:29:46.0575 5664  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
16:29:46.0575 5664  MTConfig - ok
16:29:46.0606 5664  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
16:29:46.0606 5664  Mup - ok
16:29:46.0637 5664  [ 0CF5580F27918FFD2E165ECAFA734103 ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
16:29:46.0637 5664  MyWiFiDHCPDNS - ok
16:29:46.0684 5664  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
16:29:46.0684 5664  napagent - ok
16:29:46.0731 5664  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
16:29:46.0747 5664  NativeWifiP - ok
16:29:46.0918 5664  [ C38B8AE57F78915905064A9A24DC1586 ] NDIS            C:\Windows\system32\drivers\ndis.sys
16:29:46.0934 5664  NDIS - ok
16:29:46.0965 5664  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
16:29:46.0965 5664  NdisCap - ok
16:29:46.0965 5664  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
16:29:46.0965 5664  NdisTapi - ok
16:29:46.0981 5664  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
16:29:46.0981 5664  Ndisuio - ok
16:29:47.0027 5664  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
16:29:47.0027 5664  NdisWan - ok
16:29:47.0027 5664  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
16:29:47.0027 5664  NDProxy - ok
16:29:47.0043 5664  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
16:29:47.0043 5664  NetBIOS - ok
16:29:47.0074 5664  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
16:29:47.0090 5664  NetBT - ok
16:29:47.0121 5664  [ 0793F40B9B8A1BDD266296409DBD91EA ] Netlogon        C:\Windows\system32\lsass.exe
16:29:47.0121 5664  Netlogon - ok
16:29:47.0168 5664  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
16:29:47.0168 5664  Netman - ok
16:29:47.0199 5664  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:29:47.0199 5664  NetMsmqActivator - ok
16:29:47.0199 5664  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:29:47.0199 5664  NetPipeActivator - ok
16:29:47.0230 5664  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
16:29:47.0230 5664  netprofm - ok
16:29:47.0246 5664  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:29:47.0246 5664  NetTcpActivator - ok
16:29:47.0246 5664  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:29:47.0246 5664  NetTcpPortSharing - ok
16:29:47.0839 5664  [ B9C587BDAA61A689883439D5AE6FE7F3 ] NETwNs64        C:\Windows\system32\DRIVERS\NETwNs64.sys
16:29:48.0088 5664  NETwNs64 - ok
16:29:48.0135 5664  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
16:29:48.0135 5664  nfrd960 - ok
16:29:48.0182 5664  [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc          C:\Windows\System32\nlasvc.dll
16:29:48.0182 5664  NlaSvc - ok
16:29:48.0197 5664  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
16:29:48.0197 5664  Npfs - ok
16:29:48.0213 5664  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
16:29:48.0213 5664  nsi - ok
16:29:48.0229 5664  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
16:29:48.0229 5664  nsiproxy - ok
16:29:48.0416 5664  [ 05D78AA5CB5F3F5C31160BDB955D0B7C ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
16:29:48.0447 5664  Ntfs - ok
16:29:48.0463 5664  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
16:29:48.0463 5664  Null - ok
16:29:48.0509 5664  [ 0EBC9D13CD96C15B1B18D8678A609E4B ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
16:29:48.0509 5664  nusb3hub - ok
16:29:48.0525 5664  [ 7BDEC000D56D485021D9C1E63C2F81CA ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
16:29:48.0525 5664  nusb3xhc - ok
16:29:48.0962 5664  [ DD81FBC57AB9134CDDC5CE90880BFD80 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:29:49.0352 5664  nvlddmkm - ok
16:29:49.0399 5664  [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
16:29:49.0414 5664  nvraid - ok
16:29:49.0445 5664  [ F7CD50FE7139F07E77DA8AC8033D1832 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
16:29:49.0445 5664  nvstor - ok
16:29:49.0477 5664  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
16:29:49.0477 5664  nv_agp - ok
16:29:49.0523 5664  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
16:29:49.0523 5664  ohci1394 - ok
16:29:49.0570 5664  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
16:29:49.0586 5664  p2pimsvc - ok
16:29:49.0617 5664  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
16:29:49.0633 5664  p2psvc - ok
16:29:49.0664 5664  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
16:29:49.0664 5664  Parport - ok
16:29:49.0695 5664  [ 871EADAC56B0A4C6512BBE32753CCF79 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
16:29:49.0695 5664  partmgr - ok
16:29:49.0726 5664  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
16:29:49.0726 5664  PcaSvc - ok
16:29:49.0742 5664  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
16:29:49.0757 5664  pci - ok
16:29:49.0757 5664  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
16:29:49.0757 5664  pciide - ok
16:29:49.0789 5664  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
16:29:49.0789 5664  pcmcia - ok
16:29:49.0804 5664  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
16:29:49.0804 5664  pcw - ok
16:29:49.0835 5664  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
16:29:49.0851 5664  PEAUTH - ok
16:29:50.0069 5664  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
16:29:50.0085 5664  PerfHost - ok
16:29:50.0210 5664  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
16:29:50.0257 5664  pla - ok
16:29:50.0303 5664  [ B806E50427511BCF4AD8E8239C3E25FA ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
16:29:50.0319 5664  PlugPlay - ok
16:29:50.0537 5664  [ 63694C307273062A2167AE4CE80730EF ] PMBDeviceInfoProvider c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
16:29:50.0537 5664  PMBDeviceInfoProvider - ok
16:29:50.0584 5664  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
16:29:50.0584 5664  PNRPAutoReg - ok
16:29:50.0615 5664  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
16:29:50.0615 5664  PNRPsvc - ok
16:29:50.0678 5664  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
16:29:50.0678 5664  PolicyAgent - ok
16:29:50.0740 5664  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
16:29:50.0740 5664  Power - ok
16:29:50.0787 5664  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
16:29:50.0787 5664  PptpMiniport - ok
16:29:50.0818 5664  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
16:29:50.0818 5664  Processor - ok
16:29:50.0865 5664  [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc         C:\Windows\system32\profsvc.dll
16:29:50.0865 5664  ProfSvc - ok
16:29:50.0881 5664  Prot6Flt - ok
16:29:50.0912 5664  [ 0793F40B9B8A1BDD266296409DBD91EA ] ProtectedStorage C:\Windows\system32\lsass.exe
16:29:50.0912 5664  ProtectedStorage - ok
16:29:50.0927 5664  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
16:29:50.0927 5664  Psched - ok
16:29:50.0959 5664  [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
16:29:50.0959 5664  PxHlpa64 - ok
16:29:51.0005 5664  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
16:29:51.0021 5664  ql2300 - ok
16:29:51.0037 5664  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
16:29:51.0037 5664  ql40xx - ok
16:29:51.0052 5664  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
16:29:51.0068 5664  QWAVE - ok
16:29:51.0068 5664  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
16:29:51.0068 5664  QWAVEdrv - ok
16:29:51.0083 5664  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
16:29:51.0083 5664  RasAcd - ok
16:29:51.0115 5664  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
16:29:51.0115 5664  RasAgileVpn - ok
16:29:51.0146 5664  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
16:29:51.0146 5664  RasAuto - ok
16:29:51.0193 5664  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
16:29:51.0193 5664  Rasl2tp - ok
16:29:51.0224 5664  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
16:29:51.0224 5664  RasMan - ok
16:29:51.0255 5664  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
16:29:51.0271 5664  RasPppoe - ok
16:29:51.0271 5664  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
16:29:51.0271 5664  RasSstp - ok
16:29:51.0302 5664  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
16:29:51.0302 5664  rdbss - ok
16:29:51.0317 5664  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
16:29:51.0317 5664  rdpbus - ok
16:29:51.0333 5664  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
16:29:51.0333 5664  RDPCDD - ok
16:29:51.0349 5664  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
16:29:51.0349 5664  RDPENCDD - ok
16:29:51.0349 5664  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
16:29:51.0349 5664  RDPREFMP - ok
16:29:51.0395 5664  [ 6D76E6433574B058ADCB0C50DF834492 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
16:29:51.0395 5664  RDPWD - ok
16:29:51.0395 5664  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
16:29:51.0395 5664  rdyboost - ok
16:29:51.0473 5664  [ AA9FD849C028CCB441A78061B57DB734 ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
16:29:51.0473 5664  RegSrvc - ok
16:29:51.0505 5664  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
16:29:51.0520 5664  RemoteAccess - ok
16:29:51.0551 5664  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
16:29:51.0551 5664  RemoteRegistry - ok
16:29:51.0583 5664  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
16:29:51.0583 5664  RFCOMM - ok
16:29:51.0598 5664  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
16:29:51.0598 5664  RpcEptMapper - ok
16:29:51.0629 5664  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
16:29:51.0629 5664  RpcLocator - ok
16:29:51.0692 5664  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
16:29:51.0707 5664  RpcSs - ok
16:29:51.0785 5664  [ CA327A84085F68200452E6761F943298 ] RSPCIESTOR      C:\Windows\system32\DRIVERS\RtsPStor.sys
16:29:51.0785 5664  RSPCIESTOR - ok
16:29:51.0832 5664  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
16:29:51.0832 5664  rspndr - ok
16:29:51.0895 5664  [ EA5532868BA76923D75BCB2A1448D810 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
16:29:51.0895 5664  RTL8167 - ok
16:29:51.0926 5664  [ 0793F40B9B8A1BDD266296409DBD91EA ] SamSs           C:\Windows\system32\lsass.exe
16:29:51.0926 5664  SamSs - ok
16:29:51.0941 5664  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
16:29:51.0941 5664  sbp2port - ok
16:29:51.0973 5664  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
16:29:51.0988 5664  SCardSvr - ok
16:29:52.0004 5664  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
16:29:52.0004 5664  scfilter - ok
16:29:52.0051 5664  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
16:29:52.0066 5664  Schedule - ok
16:29:52.0097 5664  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
16:29:52.0097 5664  SCPolicySvc - ok
16:29:52.0113 5664  [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
16:29:52.0113 5664  sdbus - ok
16:29:52.0160 5664  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
16:29:52.0160 5664  SDRSVC - ok
16:29:52.0175 5664  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
16:29:52.0175 5664  secdrv - ok
16:29:52.0207 5664  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
16:29:52.0207 5664  seclogon - ok
16:29:52.0222 5664  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
16:29:52.0222 5664  SENS - ok
16:29:52.0285 5664  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
16:29:52.0285 5664  SensrSvc - ok
16:29:52.0316 5664  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\drivers\serenum.sys
16:29:52.0316 5664  Serenum - ok
16:29:52.0331 5664  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
16:29:52.0331 5664  Serial - ok
16:29:52.0347 5664  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
16:29:52.0347 5664  sermouse - ok
16:29:52.0394 5664  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
16:29:52.0394 5664  SessionEnv - ok
16:29:52.0425 5664  [ 286D3889E6AB5589646FF8A63CB928AE ] SFEP            C:\Windows\system32\DRIVERS\SFEP.sys
16:29:52.0425 5664  SFEP - ok
16:29:52.0425 5664  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
16:29:52.0425 5664  sffdisk - ok
16:29:52.0441 5664  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
16:29:52.0441 5664  sffp_mmc - ok
16:29:52.0441 5664  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
16:29:52.0441 5664  sffp_sd - ok
16:29:52.0441 5664  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
16:29:52.0441 5664  sfloppy - ok
16:29:52.0472 5664  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
16:29:52.0472 5664  SharedAccess - ok
16:29:52.0487 5664  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:29:52.0503 5664  ShellHWDetection - ok
16:29:52.0519 5664  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
16:29:52.0519 5664  SiSRaid2 - ok
16:29:52.0550 5664  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
16:29:52.0550 5664  SiSRaid4 - ok
16:29:52.0565 5664  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
16:29:52.0565 5664  Smb - ok
16:29:52.0612 5664  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
16:29:52.0612 5664  SNMPTRAP - ok
16:29:52.0721 5664  [ DDF2EC98AF6FC70608A4F9CE4DB52758 ] SOHCImp         C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
16:29:52.0721 5664  SOHCImp - ok
16:29:52.0753 5664  [ 5FA03F5EA6EFEF6D17B4A1A48C40A23C ] SOHDs           C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
16:29:52.0753 5664  SOHDs - ok
16:29:53.0423 5664  [ 65E5659E9C2A0762D05657C0E22A7CA2 ] SpfService      C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
16:29:53.0439 5664  SpfService - ok
16:29:53.0455 5664  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
16:29:53.0470 5664  spldr - ok
16:29:53.0486 5664  [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler         C:\Windows\System32\spoolsv.exe
16:29:53.0501 5664  Spooler - ok
16:29:53.0579 5664  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
16:29:53.0611 5664  sppsvc - ok
16:29:53.0611 5664  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
16:29:53.0626 5664  sppuinotify - ok
16:29:53.0642 5664  [ 2098B8556D1CEC2ACA9A29CD479E3692 ] srv             C:\Windows\system32\DRIVERS\srv.sys
16:29:53.0657 5664  srv - ok
16:29:53.0673 5664  [ D0F73A42040F21F92FD314B42AC5C9E7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
16:29:53.0673 5664  srv2 - ok
16:29:53.0689 5664  [ 2BA8F3250828CCDB4204ECF2C6F40B6A ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
16:29:53.0689 5664  srvnet - ok
16:29:53.0720 5664  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
16:29:53.0720 5664  SSDPSRV - ok
16:29:53.0751 5664  [ 0211AB46B73A2623B86C1CFCB30579AB ] SSPORT          C:\Windows\system32\Drivers\SSPORT.sys
16:29:53.0751 5664  SSPORT - ok
16:29:53.0782 5664  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
16:29:53.0782 5664  SstpSvc - ok
16:29:53.0798 5664  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
16:29:53.0798 5664  stexstor - ok
16:29:53.0845 5664  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
16:29:53.0845 5664  stisvc - ok
16:29:53.0845 5664  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
16:29:53.0845 5664  swenum - ok
16:29:53.0891 5664  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
16:29:53.0891 5664  swprv - ok
16:29:53.0938 5664  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
16:29:53.0954 5664  SysMain - ok
16:29:53.0969 5664  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:29:53.0985 5664  TabletInputService - ok
16:29:53.0985 5664  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
16:29:54.0001 5664  TapiSrv - ok
16:29:54.0032 5664  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
16:29:54.0047 5664  TBS - ok
16:29:54.0094 5664  [ 509383E505C973ED7534A06B3D19688D ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
16:29:54.0110 5664  Tcpip - ok
16:29:54.0172 5664  [ 509383E505C973ED7534A06B3D19688D ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
16:29:54.0172 5664  TCPIP6 - ok
16:29:54.0188 5664  [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
16:29:54.0188 5664  tcpipreg - ok
16:29:54.0188 5664  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
16:29:54.0188 5664  TDPIPE - ok
16:29:54.0235 5664  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
16:29:54.0235 5664  TDTCP - ok
16:29:54.0250 5664  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
16:29:54.0266 5664  tdx - ok
16:29:54.0281 5664  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
16:29:54.0281 5664  TermDD - ok
16:29:54.0344 5664  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
16:29:54.0344 5664  TermService - ok
16:29:54.0375 5664  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
16:29:54.0375 5664  Themes - ok
16:29:54.0406 5664  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
16:29:54.0406 5664  THREADORDER - ok
16:29:54.0422 5664  [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM             C:\Windows\system32\drivers\tpm.sys
16:29:54.0422 5664  TPM - ok
16:29:54.0437 5664  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
16:29:54.0437 5664  TrkWks - ok
16:29:54.0515 5664  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:29:54.0515 5664  TrustedInstaller - ok
16:29:54.0531 5664  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
16:29:54.0531 5664  tssecsrv - ok
16:29:54.0562 5664  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
16:29:54.0562 5664  TsUsbFlt - ok
16:29:54.0562 5664  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
16:29:54.0562 5664  TsUsbGD - ok
16:29:54.0593 5664  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
16:29:54.0593 5664  tunnel - ok
16:29:54.0593 5664  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
16:29:54.0593 5664  uagp35 - ok
16:29:54.0687 5664  [ 1FE69F3C1CA1CF4B7EC7E2E9090FFFDC ] uCamMonitor     C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
16:29:54.0687 5664  uCamMonitor - ok
16:29:54.0718 5664  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
16:29:54.0734 5664  udfs - ok
16:29:54.0781 5664  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
16:29:54.0781 5664  UI0Detect - ok
16:29:54.0812 5664  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
16:29:54.0812 5664  uliagpkx - ok
16:29:54.0812 5664  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
16:29:54.0812 5664  umbus - ok
16:29:54.0827 5664  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
16:29:54.0827 5664  UmPass - ok
16:29:54.0999 5664  [ 374EBDA379A8F38E0CFC2211611E7167 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
16:29:55.0015 5664  UNS - ok
16:29:55.0046 5664  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
16:29:55.0061 5664  upnphost - ok
16:29:55.0077 5664  [ 481DFF26B4DCA8F4CBAC1F7DCE1D6829 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
16:29:55.0077 5664  usbccgp - ok
16:29:55.0093 5664  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
16:29:55.0093 5664  usbcir - ok
16:29:55.0093 5664  [ 74EE782B1D9C241EFE425565854C661C ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
16:29:55.0093 5664  usbehci - ok
16:29:55.0139 5664  [ DC96BD9CCB8403251BCF25047573558E ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
16:29:55.0139 5664  usbhub - ok
16:29:55.0155 5664  [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
16:29:55.0155 5664  usbohci - ok
16:29:55.0171 5664  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\drivers\usbprint.sys
16:29:55.0171 5664  usbprint - ok
16:29:55.0171 5664  [ D76510CFA0FC09023077F22C2F979D86 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:29:55.0186 5664  USBSTOR - ok
16:29:55.0186 5664  [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
16:29:55.0186 5664  usbuhci - ok
16:29:55.0202 5664  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
16:29:55.0202 5664  usbvideo - ok
16:29:55.0249 5664  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
16:29:55.0249 5664  UxSms - ok
16:29:55.0342 5664  [ DCB1F83AD167D16D263CE57C94E9EEDF ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
16:29:55.0342 5664  VAIO Event Service - ok
16:29:55.0420 5664  [ EF7CF87F940F9104A3079F839BDC60C5 ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe
16:29:55.0436 5664  VAIO Power Management - ok
16:29:55.0467 5664  [ 0793F40B9B8A1BDD266296409DBD91EA ] VaultSvc        C:\Windows\system32\lsass.exe
16:29:55.0467 5664  VaultSvc - ok
16:29:55.0561 5664  [ D00058C1FFF3F3DE990444A5734E9639 ] VCFw            C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
16:29:55.0576 5664  VCFw - ok
16:29:55.0639 5664  [ 4B7ED2D6F738219068361BB14D19CBDE ] VcmIAlzMgr      C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
16:29:55.0654 5664  VcmIAlzMgr - ok
16:29:55.0685 5664  [ 2F06D134554BA84FE253DBC481DCFE6D ] VcmINSMgr       C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
16:29:55.0685 5664  VcmINSMgr - ok
16:29:55.0717 5664  [ 32A3735F6874B7783C6209ED5CA36D9D ] VcmXmlIfHelper  C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
16:29:55.0717 5664  VcmXmlIfHelper - ok
16:29:55.0795 5664  [ D347D3ABE070AA09C22FC37121555D52 ] VCService       C:\Program Files\Sony\VAIO Care\VCService.exe
16:29:55.0795 5664  VCService - ok
16:29:55.0826 5664  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
16:29:55.0826 5664  vdrvroot - ok
16:29:55.0873 5664  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
16:29:55.0873 5664  vds - ok
16:29:55.0888 5664  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
16:29:55.0888 5664  vga - ok
16:29:55.0888 5664  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
16:29:55.0904 5664  VgaSave - ok
16:29:55.0919 5664  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
16:29:55.0935 5664  vhdmp - ok
16:29:55.0935 5664  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
16:29:55.0935 5664  viaide - ok
16:29:56.0153 5664  [ 8C267B305216E38376D7FC32203C7EA0 ] VmbService      C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
16:29:56.0153 5664  VmbService - ok
16:29:56.0185 5664  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
16:29:56.0185 5664  volmgr - ok
16:29:56.0216 5664  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
16:29:56.0231 5664  volmgrx - ok
16:29:56.0247 5664  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
16:29:56.0263 5664  volsnap - ok
16:29:56.0278 5664  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
16:29:56.0278 5664  vsmraid - ok
16:29:56.0356 5664  [ 0ED394BFBA3EB4740F063E0BA5EC7104 ] VSNService      C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
16:29:56.0356 5664  VSNService - ok
16:29:56.0403 5664  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
16:29:56.0419 5664  VSS - ok
16:29:56.0653 5664  [ 9C665557B314EAD129555599D94233DB ] VUAgent         C:\Program Files\Sony\VAIO Update 5\VUAgent.exe
16:29:56.0668 5664  VUAgent - ok
16:29:56.0684 5664  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
16:29:56.0684 5664  vwifibus - ok
16:29:56.0699 5664  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
16:29:56.0699 5664  vwififlt - ok
16:29:56.0699 5664  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
16:29:56.0699 5664  vwifimp - ok
16:29:56.0746 5664  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
16:29:56.0746 5664  W32Time - ok
16:29:56.0871 5664  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
16:29:56.0871 5664  WacomPen - ok
16:29:56.0902 5664  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
16:29:56.0902 5664  WANARP - ok
16:29:56.0902 5664  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
16:29:56.0902 5664  Wanarpv6 - ok
16:29:56.0965 5664  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
16:29:56.0980 5664  wbengine - ok
16:29:56.0996 5664  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
16:29:56.0996 5664  WbioSrvc - ok
16:29:57.0027 5664  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
16:29:57.0043 5664  wcncsvc - ok
16:29:57.0058 5664  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:29:57.0058 5664  WcsPlugInService - ok
16:29:57.0089 5664  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
16:29:57.0089 5664  Wd - ok
16:29:57.0105 5664  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
16:29:57.0105 5664  Wdf01000 - ok
16:29:57.0121 5664  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
16:29:57.0121 5664  WdiServiceHost - ok
16:29:57.0136 5664  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
16:29:57.0136 5664  WdiSystemHost - ok
16:29:57.0167 5664  [ 94DC2BF6CBAAA95E369C3756D3115A76 ] wdkmd           C:\Windows\system32\DRIVERS\WDKMD.sys
16:29:57.0167 5664  wdkmd - ok
16:29:57.0199 5664  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
16:29:57.0199 5664  WebClient - ok
16:29:57.0214 5664  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
16:29:57.0214 5664  Wecsvc - ok
16:29:57.0230 5664  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
16:29:57.0230 5664  wercplsupport - ok
16:29:57.0245 5664  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
16:29:57.0245 5664  WerSvc - ok
16:29:57.0277 5664  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
16:29:57.0277 5664  WfpLwf - ok
16:29:57.0277 5664  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
16:29:57.0277 5664  WIMMount - ok
16:29:57.0292 5664  WinDefend - ok
16:29:57.0292 5664  WinHttpAutoProxySvc - ok
16:29:57.0401 5664  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
16:29:57.0417 5664  Winmgmt - ok
16:29:57.0526 5664  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
16:29:57.0557 5664  WinRM - ok
16:29:57.0604 5664  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
16:29:57.0604 5664  WinUsb - ok
16:29:57.0682 5664  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
16:29:57.0682 5664  Wlansvc - ok
16:29:57.0745 5664  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
16:29:57.0745 5664  wlcrasvc - ok
16:29:57.0807 5664  [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:29:57.0838 5664  wlidsvc - ok
16:29:57.0869 5664  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
16:29:57.0869 5664  WmiAcpi - ok
16:29:57.0901 5664  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
16:29:57.0901 5664  wmiApSrv - ok
16:29:57.0932 5664  WMPNetworkSvc - ok
16:29:57.0947 5664  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
16:29:57.0963 5664  WPCSvc - ok
16:29:57.0963 5664  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
16:29:57.0963 5664  WPDBusEnum - ok
16:29:58.0010 5664  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
16:29:58.0010 5664  ws2ifsl - ok
16:29:58.0025 5664  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
16:29:58.0025 5664  wscsvc - ok
16:29:58.0025 5664  WSearch - ok
16:29:58.0119 5664  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
16:29:58.0150 5664  wuauserv - ok
16:29:58.0181 5664  [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
16:29:58.0181 5664  WudfPf - ok
16:29:58.0228 5664  [ CF8D590BE3373029D57AF80914190682 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
16:29:58.0228 5664  WUDFRd - ok
16:29:58.0259 5664  [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
16:29:58.0259 5664  wudfsvc - ok
16:29:58.0291 5664  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
16:29:58.0291 5664  WwanSvc - ok
16:29:58.0353 5664  ================ Scan global ===============================
16:29:58.0369 5664  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
16:29:58.0431 5664  [ E0406AEF04B088D1C49FC78D0546F689 ] C:\Windows\system32\winsrv.dll
16:29:58.0431 5664  [ E0406AEF04B088D1C49FC78D0546F689 ] C:\Windows\system32\winsrv.dll
16:29:58.0462 5664  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
16:29:58.0493 5664  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
16:29:58.0493 5664  [Global] - ok
16:29:58.0493 5664  ================ Scan MBR ==================================
16:29:58.0525 5664  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:29:58.0665 5664  \Device\Harddisk0\DR0 - ok
16:29:58.0665 5664  ================ Scan VBR ==================================
16:29:58.0665 5664  [ 887E6EE5BBC9B53E0DCB0C3FB13BFCF5 ] \Device\Harddisk0\DR0\Partition1
16:29:58.0665 5664  \Device\Harddisk0\DR0\Partition1 - ok
16:29:58.0681 5664  [ FDC62F33B187787BEEDA572C866D82DC ] \Device\Harddisk0\DR0\Partition2
16:29:58.0681 5664  \Device\Harddisk0\DR0\Partition2 - ok
16:29:58.0681 5664  ============================================================
16:29:58.0681 5664  Scan finished
16:29:58.0681 5664  ============================================================
16:29:58.0696 4512  Detected object count: 0
16:29:58.0696 4512  Actual detected object count: 0

 



#8 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:51 AM

Posted 01 October 2013 - 12:48 PM

Full System Scan with Malwarebytes Antimalware

  • If not existing, please download Malwarebytes' Anti-Malware to your desktop.
  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.


If the program is already installed:
  • Run Malwarebytes Antimalware
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform fullscan, place a checkmark on all hard drives, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad. Please save it to a convenient location.
  • The log can also be found here:
    C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Post that log back here.

 

 

 

Scan with ESET Online Scan

Please go to here to run the online scannner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click Scan
  • Wait for the scan to finish
  • If any threats were found, click the 'List of found threats' , then click Export to text file....
  • Save it to your desktop, then please copy and paste that log as a reply to this topic.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#9 sara.cortelazzi

sara.cortelazzi
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:51 AM

Posted 02 October 2013 - 02:10 AM

Malwarebytes Anti-Malware (Prova) 1.75.0.1300
www.malwarebytes.org

Versione database: v2013.10.01.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Sara Cortelazzi :: SARACORTELAZZI [amministratore]

Protezione: Attivata

01/10/2013 21:55:01
mbam-log-2013-10-01 (21-55-01).txt

Tipo di scansione: Scansione completa (C:\|D:\|)
Opzioni di scansione attive: Memoria | Esecuzione automatica | Registro | File di sistema | Euristica/Extra | Euristica/Shuriken | PUP | PUM
Opzioni di scansione disattivate: P2P
Elementi esaminati: 377375
Tempo impiegato: 1 ore, 35 minuti, 43 secondi

Processi rilevati in memoria: 0
(non sono stati rilevati elementi nocivi)

Moduli di memoria rilevati: 0
(non sono stati rilevati elementi nocivi)

Chiavi di registro rilevate: 0
(non sono stati rilevati elementi nocivi)

Valori di registro rilevati: 0
(non sono stati rilevati elementi nocivi)

Voci rilevate nei dati di registro: 0
(non sono stati rilevati elementi nocivi)

Cartelle rilevate: 0
(non sono stati rilevati elementi nocivi)

File rilevati: 0
(non sono stati rilevati elementi nocivi)

(fine)











2013/10/01 21:53:38 +0200    SARACORTELAZZI    Sara Cortelazzi    MESSAGE    Starting protection
2013/10/01 21:53:38 +0200    SARACORTELAZZI    Sara Cortelazzi    MESSAGE    Protection started successfully
2013/10/01 21:53:38 +0200    SARACORTELAZZI    Sara Cortelazzi    MESSAGE    Starting IP protection
2013/10/01 21:53:53 +0200    SARACORTELAZZI    Sara Cortelazzi    MESSAGE    IP Protection started successfully
2013/10/01 21:54:06 +0200    SARACORTELAZZI    Sara Cortelazzi    MESSAGE    Starting database refresh
2013/10/01 21:54:06 +0200    SARACORTELAZZI    Sara Cortelazzi    MESSAGE    Stopping IP protection
2013/10/01 21:54:08 +0200    SARACORTELAZZI    Sara Cortelazzi    MESSAGE    IP Protection stopped successfully
2013/10/01 21:54:10 +0200    SARACORTELAZZI    Sara Cortelazzi    MESSAGE    Database refreshed successfully
2013/10/01 21:54:10 +0200    SARACORTELAZZI    Sara Cortelazzi    MESSAGE    Starting IP protection
2013/10/01 21:54:12 +0200    SARACORTELAZZI    Sara Cortelazzi    MESSAGE    IP Protection started successfully
2013/10/01 23:34:38 +0200    SARACORTELAZZI    Sara Cortelazzi    MESSAGE    Executing scheduled update:  Daily
2013/10/01 23:34:45 +0200    SARACORTELAZZI    Sara Cortelazzi    MESSAGE    Scheduled update executed successfully:  database updated from version v2013.10.01.08 to version v2013.10.01.09
2013/10/01 23:34:45 +0200    SARACORTELAZZI    Sara Cortelazzi    MESSAGE    Starting database refresh
2013/10/01 23:34:45 +0200    SARACORTELAZZI    Sara Cortelazzi    MESSAGE    Stopping IP protection
2013/10/01 23:34:45 +0200    SARACORTELAZZI    Sara Cortelazzi    MESSAGE    IP Protection stopped successfully
2013/10/01 23:35:03 +0200    SARACORTELAZZI    Sara Cortelazzi    MESSAGE    Database refreshed successfully
2013/10/01 23:35:03 +0200    SARACORTELAZZI    Sara Cortelazzi    MESSAGE    Starting IP protection
2013/10/01 23:35:05 +0200    SARACORTELAZZI    Sara Cortelazzi    MESSAGE    IP Protection started successfully






2013/10/02 07:47:07 +0200    SARACORTELAZZI    (null)    MESSAGE    Starting protection
2013/10/02 07:47:10 +0200    SARACORTELAZZI    (null)    MESSAGE    Protection started successfully
2013/10/02 07:47:10 +0200    SARACORTELAZZI    (null)    MESSAGE    Starting IP protection
2013/10/02 07:47:17 +0200    SARACORTELAZZI    (null)    MESSAGE    IP Protection started successfully

 

 

 

Eset has not found anything



#10 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:51 AM

Posted 02 October 2013 - 03:16 AM

Then we can do the cleanup - if you are facing any issues, report that immediately.

Delete junk with adwCleaner


Please download AdwCleaner to your desktop.


  • Run adwcleaner.exe
  • Hit Scan and wait for the scan to finish.
  • Confirm the message but don´t uncheck anything.
  • Hit Clean
  • When the run is finished, it will open up a text file
  • Please post its contents within your next reply
  • You´ll find the log file at C:\AdwCleaner[S1].txt also


SecurityCheck

Please download SecurityCheck: LINK1 LINK2

  • Save it to your desktop, start it and follow the instructions in the window.
  • After the scan finished the (checkup.txt) will open. Copy its content to your thread.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#11 sara.cortelazzi

sara.cortelazzi
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:51 AM

Posted 02 October 2013 - 03:48 AM

# AdwCleaner v3.006 - Report created 02/10/2013 at 10:29:30
# Updated 01/10/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Sara Cortelazzi - SARACORTELAZZI
# Running from : C:\Users\Sara Cortelazzi\Downloads\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\Software\DeviceVM
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Key Deleted : [x64] HKLM\SOFTWARE\DeviceVM

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16686

-\\ Google Chrome v29.0.1547.76

[ File : C:\Users\Sara Cortelazzi\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [1161 octets] - [02/10/2013 10:28:38]
AdwCleaner[S0].txt - [1084 octets] - [02/10/2013 10:29:30]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1144 octets] ##########

 

 

 

 

 Results of screen317's Security Check version 0.99.74 
 Windows 7 Service Pack 1 x64 (UAC is enabled) 
 Internet Explorer 10 
``````````````Antivirus/Firewall Check:``````````````
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Java™ 6 Update 22 
 Java version out of Date!
 Adobe Flash Player 10 Flash Player out of Date!
 Adobe Reader 10.1.8 Adobe Reader out of Date! 
 Mozilla Thunderbird (24.0.)
 Google Chrome 29.0.1547.76 
````````Process Check: objlist.exe by Laurent```````` 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 34% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````
 



#12 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:51 AM

Posted 02 October 2013 - 05:31 AM

Are you still facing the chrome issue?


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#13 sara.cortelazzi

sara.cortelazzi
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:51 AM

Posted 02 October 2013 - 05:38 AM

I've removed the start page in the chrome option, so it doesn't open the page websearch.just.info

but i feel my pc slower than it could be :((



#14 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:51 AM

Posted 02 October 2013 - 05:49 AM

Your system is free of malware! :)

 

 

Java runtime Environment out of date

Your Java runtime environment is outdated. We will fix this.

  • Get the actual JRE from here
  • Save jxpiinstall.exe to your desktop
  • Close all running programs, especially your browser(s)
  • Run jxpiinstall.exe. This will download the newest JRE installer and install the software
  • when finished, go to
    Start-->control panel-->add/remove programs and remove all older Java versions. (if existing)
  • When finished, reboot your computer.

After the reboot
  • Open control panel again and click the java symbol.
  • Click Settings under Temporary Internet Files.
    The Temporary Files Settings dialog box appears.
  • Click Delete Files.
    The Delete Temporary Files dialog box appears
  • Click OK on Delete Temporary Files window.
  • Click OK again.

 

 

 

 

Adobe Flash Player out of date

Your Adobe flash player is outdated. We will fix this.

  • Get the actual player from here. Important: Uncheck any optional software (for example Google Chrome, etc.) offered.
  • Click upon Start-->control panel-->add/remove programs.
  • Search for and remove any older reader versions.

 

 

 

 

Adobe Reader out of date

Your Adobe Reader is outdated. We will fix this.


  • Get the actual software from here. Important: Uncheck any optional software (for example Google Chrome, etc.) offered.
  • Run setup and follow the instructions.
  • Click upon Start-->control panel-->add/remove programs.
  • Search for and remove any older reader versions.

 

 

 

`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 34%

 

Your system drive is heavily fragmented - this may decrease the computer´s performance. If it is NOT an SSD device, defrag the drive, f.e. with DiskDefrag (freeware): http://www.filehippo.com/de/download_auslogics_disk_defrag/7646/

 

 

To remove unwanted files that may slow your computer down, use Ccleaner:

http://www.piriform.com/ccleaner

Note: Don´t use the registry cleaning option as it may (as all registry cleaning tools) cause massive system malfunctions.

 

 

 

Uninstall our tools using delfix

Please follow these steps in order:

  • In the case we used Defogger to turn off your CD emulation software. You can start it again and use the Enable button.
  • In the case we used Combofix. Deactivate your antivirus software once more, then rename the combofix.exe to uninstall.exe and run it one last time. You shall be noted that Combofix has been removed.
  • In any case please download delfix to your desktop.
    • Close all other programms and start delfix.
    • Please check all the boxes and run the tool.
    • delfix will now delete all found traces of our removal process
  • If there is still something left please delete it manualy.

 

 

 

 

How to protect yourself

  • System Updates
    Beeing up to date is very important. Please be sure to activate automatic updates in your control panel.
    Windows XP | Windows Vista |
    Windows 7 | windows 8
  • Protection
    What you need is one (not more) good virus scanner with backgroud protection. Additionally I recommend a special malwarescanner that you run from time to time.
    Personally I am using the avast! Antivirus Free Edition and Malwarebytes Anti-Malware. They offer you good protection for free use. But please remember: You get only the full protection if you use the payed versions of your security software.
  • Up to date Software
    Stay up to date with all the programs you use. Some of those really have to have an eye on are: your browser(s) including add-ons and plug-ins, Java, Flash Player, your virus scanner, and basically every software you use often. These link may help you to check:
  • Backups
    There are chances for an emergency every day. So be prepared. Back up your data on a regular basis. If you burn it to DVDs from time to time, use a cloud-drive or a professional network backup system is your choice.
  • Brains
    It's no joke! You really need one of those things. :) It is very important not just to click anywhere it is colored or flashing while you surfing on the web. Do not click an OK button on any popping window without reading what it says. While installing software always choose the custom mode, read what those windows says and uncheck adware that will be installed along the software you want.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#15 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:51 AM

Posted 08 October 2013 - 03:06 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users