Parere su log di Combofix

E-Byron · 17-11-2013, 20:50

Salve ragazzi, volevo un vostro parere su questo log di combofix (ho windows vista), grazie:

ComboFix 13-11-16.01 - Bernardo 17/11/2013 11.33.15.5.1 - x86 NETWORK
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.39.1040.18.2039.1590 [GMT 1:00]
Eseguito da: c:\users\Bernardo\Desktop\terrier.exe
Opzioni usate :: /killall
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\spsys.log
.
.
((((((((((((((((((((((((( Files Creati Da 2013-10-17 al 2013-11-17 )))))))))))))))))))))))))))))))))))
.
.
2013-11-17 10:44 . 2013-11-17 11:28 -------- d-----w- c:\users\Bernardo\AppData\Local\temp
2013-11-17 10:44 . 2013-11-17 10:44 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-11-17 08:33 . 2013-11-17 09:54 -------- dc----w- C:\boxer
2013-11-16 23:58 . 2013-11-16 23:58 -------- d-----w- c:\program files\SWMole Clone Remover 3.9
2013-11-16 23:35 . 2013-11-16 23:35 -------- d-----w- c:\users\Bernardo\AppData\Local\SimilarImages
2013-11-16 23:35 . 2013-11-16 23:35 -------- d-----w- c:\program files\Common Files\MaierSoft
2013-11-16 23:35 . 2013-11-16 23:35 -------- d-----w- c:\program files\SimilarImages
2013-11-16 13:19 . 2013-11-16 13:21 -------- dc----w- C:\Thomas
2013-11-16 12:54 . 2013-11-16 12:54 -------- d-----w- c:\program files\PC Cleaners
2013-11-16 12:10 . 2013-11-16 12:10 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{811BFA6F-0520-4511-820A-0FCE101CA7A0}\offreg.dll
2013-11-16 10:14 . 2013-11-16 12:52 -------- d-----w- c:\program files\iPhone Backup Extractor
2013-11-16 09:58 . 2013-11-16 09:58 -------- d-----w- c:\program files\Softonic
2013-11-16 02:08 . 2013-10-13 09:38 387584 ----a-w- c:\program files\Internet Explorer\jsdbgui.dll
2013-11-16 02:08 . 2013-10-13 09:38 104448 ----a-w- c:\program files\Internet Explorer\jsdebuggeride.dll
2013-11-16 02:08 . 2013-10-13 09:39 678912 ----a-w- c:\program files\Internet Explorer\iedvtool.dll
2013-11-16 02:08 . 2013-10-13 09:35 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2013-11-15 23:48 . 2013-10-03 12:45 297984 ----a-w- c:\windows\system32\gdi32.dll
2013-11-15 23:48 . 2013-10-03 12:45 993792 ----a-w- c:\windows\system32\crypt32.dll
2013-11-15 23:47 . 2013-10-11 02:08 444928 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-11-15 23:47 . 2013-10-11 02:07 596480 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2013-11-15 19:56 . 2013-11-16 02:29 -------- d-----w- c:\program files\Microsoft ISATAP Adapter
2013-11-15 19:56 . 2013-11-15 19:56 -------- d-----w- c:\program files\Common Files\Microsoft ISATAP Adapter
2013-11-15 18:28 . 2013-10-14 06:39 7796464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{811BFA6F-0520-4511-820A-0FCE101CA7A0}\mpengine.dll
2013-11-15 18:08 . 2012-01-26 10:08 128272 ----a-w- c:\windows\system32\IMAGEHLP.DLL
2013-11-12 21:50 . 2013-11-12 21:50 -------- d-----w- c:\users\Bernardo\AppData\Roaming\SearchProtect
2013-11-12 21:50 . 2013-11-12 21:50 -------- d-----w- c:\program files\Conduit
2013-11-12 21:50 . 2013-11-12 21:50 -------- d-----w- c:\programdata\Conduit
2013-11-12 21:50 . 2013-11-16 12:48 -------- d-----w- c:\users\Bernardo\AppData\Local\Conduit
2013-11-12 21:49 . 2013-11-12 21:49 -------- d-----w- c:\program files\lucky leap
2013-11-12 21:48 . 2013-11-15 18:20 -------- d-----w- c:\program files\MyPC Backup
2013-11-12 21:48 . 2013-11-12 21:48 -------- d-----w- c:\program files\Wise
2013-11-12 19:26 . 2013-11-12 19:28 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-11-12 19:26 . 2013-11-12 19:28 -------- d-----w- c:\program files\iTunes
2013-11-03 11:18 . 2013-11-03 11:18 -------- d-----w- C:\found.000
2013-11-02 22:55 . 2013-11-02 22:56 -------- d-----w- C:\Tommy
2013-11-02 10:45 . 2013-11-02 10:46 -------- d-----w- C:\def
2013-10-28 21:37 . 2002-08-21 15:26 102469 ----a-w- c:\windows\system32\vbprndlg.dll
2013-10-28 21:37 . 2002-03-04 11:04 299008 ----a-w- c:\windows\system32\igtabs40.ocx
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-17 10:46 . 2009-05-19 14:51 17408 ----a-w- c:\windows\system32\rpcnetp.dll
2013-11-17 10:46 . 2009-10-02 16:45 58288 ----a-w- c:\windows\system32\rpcnet.dll
2013-11-17 10:45 . 2009-10-02 16:41 17408 ----a-w- c:\windows\system32\rpcnetp.exe
2013-10-19 14:18 . 2011-06-19 13:20 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-09-10 09:22 . 2013-07-06 11:36 136672 ----a-w- c:\windows\system32\drivers\avipbb.sys
2013-09-10 09:22 . 2013-07-06 11:36 88840 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2013-09-03 12:35 . 2009-10-02 16:44 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-08-29 07:36 . 2013-10-10 22:35 2050048 ----a-w- c:\windows\system32\win32k.sys
2013-08-27 02:47 . 2013-10-10 22:35 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-08-27 02:47 . 2013-10-10 22:35 189952 ----a-w- c:\windows\system32\d3d10core.dll
2013-08-27 02:47 . 2013-10-10 22:35 1029120 ----a-w- c:\windows\system32\d3d10.dll
2013-08-27 02:47 . 2013-10-10 22:35 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2013-08-27 01:52 . 2013-10-10 22:35 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2013-08-27 01:50 . 2013-10-10 22:35 486400 ----a-w- c:\windows\system32\d3d10level9.dll
2013-08-27 01:32 . 2013-10-10 22:35 683008 ----a-w- c:\windows\system32\d2d1.dll
2013-08-27 01:28 . 2013-10-10 22:35 1069056 ----a-w- c:\windows\system32\DWrite.dll
2013-08-27 01:28 . 2013-10-10 22:35 798208 ----a-w- c:\windows\system32\FntCache.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-01-21 . 53B202ABEE6455406254444303E87BE1 . 17408 . . [6.0.6001.18000] . . c:\windows\ERDNT\cache\asyncmac.sys
[-] 2008-01-21 . 53B202ABEE6455406254444303E87BE1 . 17408 . . [6.0.6001.18000] . . c:\windows\System32\drivers\asyncmac.sys
[-] 2008-01-21 . 53B202ABEE6455406254444303E87BE1 . 17408 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-rasbase-asyncmac_31bf3856ad364e35_6.0.6001.18000_none_2457cee334d93e6f\asyncmac.sys
.
[-] 2008-01-21 . 67E506B75BD5326A3EC7B70BD014DFB6 . 6144 . . [6.0.6001.18000] . . c:\windows\ERDNT\cache\beep.sys
[-] 2008-01-21 . 67E506B75BD5326A3EC7B70BD014DFB6 . 6144 . . [6.0.6001.18000] . . c:\windows\System32\drivers\beep.sys
[-] 2008-01-21 . 67E506B75BD5326A3EC7B70BD014DFB6 . 6144 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.0.6001.18000_none_c420a153079d485b\beep.sys
.
[-] 2008-01-21 . C5DBBCDA07D780BDA9B685DF333BB41E . 4608 . . [6.0.6001.18000] . . c:\windows\ERDNT\cache\null.sys
[-] 2008-01-21 . C5DBBCDA07D780BDA9B685DF333BB41E . 4608 . . [6.0.6001.18000] . . c:\windows\System32\drivers\null.sys
[-] 2008-01-21 . C5DBBCDA07D780BDA9B685DF333BB41E . 4608 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-null_31bf3856ad364e35_6.0.6001.18000_none_a965ed7d1afd0ac7\null.sys
.
[-] 2008-01-21 . A3629A0C4226F9E9C72FAAEEBC3AD33C . 81920 . . [6.0.6001.18000] . . c:\windows\ERDNT\cache\browser.dll
[-] 2008-01-21 . A3629A0C4226F9E9C72FAAEEBC3AD33C . 81920 . . [6.0.6000.16386] . . c:\windows\System32\browser.dll
[-] 2008-01-21 . A3629A0C4226F9E9C72FAAEEBC3AD33C . 81920 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-browserservice_31bf3856ad364e35_6.0.6001.18000_none_78e926b99dfe756d\browser.dll
.
[-] 2012-06-01 . 613DEB66A91820F0A41915B40BB8833F . 9728 . . [6.0.6002.22869] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22869_none_a882cf8373379c5f\lsass.exe
[-] 2011-11-16 . A3E186B4B935905B829219502557314E . 9728 . . [6.0.6002.18541] . . c:\windows\ERDNT\cache\lsass.exe
[-] 2011-11-16 . A3E186B4B935905B829219502557314E . 9728 . . [6.0.6000.16386] . . c:\windows\System32\lsass.exe
[-] 2011-11-16 . A3E186B4B935905B829219502557314E . 9728 . . [6.0.6002.18541] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18541_none_a806cc745a10ffad\lsass.exe
[-] 2011-11-16 . A3E186B4B935905B829219502557314E . 9728 . . [6.0.6002.18541] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18643_none_a808ceee5a0f2f82\lsass.exe
[-] 2011-11-16 . EBFAEB786C46B407930811F94F08877D . 9728 . . [6.0.6002.22742] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22742_none_a8916b6f732db5f5\lsass.exe
[-] 2009-09-10 . D09A5DA84B7C9CA9B02EBCD7FAE41C8D . 7680 . . [6.0.6000.21125] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\lsass.exe
[-] 2009-09-10 . 2D3AC5E7AC01E905F3ABD2D745FE3A9B . 9728 . . [6.0.6002.22223] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\lsass.exe
[-] 2009-09-09 . CB7E838C140B4087B2DA323F2D4523C5 . 9728 . . [6.0.6001.22518] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\lsass.exe
[-] 2009-06-15 . C731B1FE449D4E9CEA358C9D55B69BE9 . 7680 . . [6.0.6000.16870] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe
[-] 2009-06-15 . 6F1F23D3599EAE17734451936B7F17C6 . 9728 . . [6.0.6001.22450] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\lsass.exe
[-] 2009-06-15 . BA9A67672E025078C77967731BCFC560 . 7680 . . [6.0.6000.21067] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\lsass.exe
[-] 2009-06-15 . A911ECAC81F94ADEAFBE8E3F7873EDB0 . 9728 . . [6.0.6001.18272] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe
[-] 2009-06-15 . 203D86EBD6D8E4C8501B222421E81506 . 9728 . . [6.0.6002.22152] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\lsass.exe
[-] 2009-06-15 . 3978F3540329E16C0AC3BCF677E5669F . 9728 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe
[-] 2009-02-13 . F4C62B07E5BF96F1FDCA9DB393ECED22 . 9728 . . [6.0.6001.22376] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\lsass.exe
[-] 2009-02-13 . 59DE082968FDD257FFF0D209B9A5B460 . 7680 . . [6.0.6000.16820] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\lsass.exe
[-] 2009-02-13 . AFF8A58280863629CA4FFA9E0B259F1E . 7680 . . [6.0.6000.21010] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\lsass.exe
[-] 2008-01-21 . DCF733788C7D088D814E5F80EB4B3E0F . 9728 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsass.exe
[-] 2008-01-21 . DCF733788C7D088D814E5F80EB4B3E0F . 9728 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_a83603ce59ed0382\lsass.exe
.
[-] 2008-01-21 . C8052711DAECC48B982434C5116CA401 . 274432 . . [6.0.6001.18000] . . c:\windows\ERDNT\cache\netman.dll
[-] 2008-01-21 . C8052711DAECC48B982434C5116CA401 . 274432 . . [6.0.6000.16386] . . c:\windows\System32\netman.dll
[-] 2008-01-21 . C8052711DAECC48B982434C5116CA401 . 274432 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-netman_31bf3856ad364e35_6.0.6001.18000_none_0fbd1b9651cfd333\netman.dll
.
[-] 2008-01-21 . 4211249955AF9133E2E357CC92B54DFD . 1291264 . . [2001.12.6931.18000] . . c:\windows\ERDNT\cache\comres.dll
[-] 2008-01-21 . 4211249955AF9133E2E357CC92B54DFD . 1291264 . . [2001.12.6930.16386] . . c:\windows\System32\comres.dll
[-] 2008-01-21 . 4211249955AF9133E2E357CC92B54DFD . 1291264 . . [2001.12.6931.18000] . . c:\windows\winsxs\x86_microsoft-windows-com-complus.res_31bf3856ad364e35_6.0.6001.18000_none_2cb0dad7e631d923\comres.dll
.
[-] 2009-04-11 . 93952506C6D67330367F7E7934B6A02F . 758784 . . [7.0.6002.18005] . . c:\windows\ERDNT\cache\qmgr.dll
[-] 2009-04-11 . 93952506C6D67330367F7E7934B6A02F . 758784 . . [7.0.6001.18000] . . c:\windows\System32\qmgr.dll
[-] 2009-04-11 . 93952506C6D67330367F7E7934B6A02F . 758784 . . [7.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6002.18005_none_257c3df8f693d6d8\qmgr.dll
.
[-] 2009-04-11 . 3B5B4D53FEC14F7476CA29A20CC31AC9 . 550400 . . [6.0.6002.18005] . . c:\windows\ERDNT\cache\rpcss.dll
[-] 2009-04-11 . 3B5B4D53FEC14F7476CA29A20CC31AC9 . 550400 . . [6.0.6000.16386] . . c:\windows\System32\rpcss.dll
[-] 2009-04-11 . 3B5B4D53FEC14F7476CA29A20CC31AC9 . 550400 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6002.18005_none_6bb655083b01c988\rpcss.dll
[-] 2009-03-03 . 301AE00E12408650BADDC04DBC832830 . 551424 . . [6.0.6001.18226] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.18226_none_69bb41ac3deac876\rpcss.dll
[-] 2009-03-03 . 4DFCBDEF3CCAA98F99038DED78945253 . 551424 . . [6.0.6001.22389] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.22389_none_6a06ffcd57365beb\rpcss.dll
[-] 2009-03-03 . 7B981222A257D076885BFFB66F19B7CE . 549888 . . [6.0.6000.16830] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6000.16830_none_67c4315e40d1bb6c\rpcss.dll
[-] 2009-03-03 . B1BB45E24717A7F790B4411C4446EF5E . 550400 . . [6.0.6000.21023] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6000.21023_none_685b771559e4be8c\rpcss.dll
.
[-] 2009-04-11 . D4E6D91C1349B7BFB3599A6ADA56851B . 279552 . . [6.0.6002.18005] . . c:\windows\ERDNT\cache\services.exe
[-] 2009-04-11 . D4E6D91C1349B7BFB3599A6ADA56851B . 279552 . . [6.0.6000.16386] . . c:\windows\System32\services.exe
[-] 2009-04-11 . D4E6D91C1349B7BFB3599A6ADA56851B . 279552 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe
.
[-] 2010-08-17 . AAE98B295E88D439A6E0F6E8929424FB . 128000 . . [6.0.6002.22468] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.22468_none_d882e000d7f61b4c\spoolsv.exe
[-] 2010-08-17 . 8554097E5136C3BF9F69FE578A1B35F4 . 128000 . . [6.0.6002.18294] . . c:\windows\ERDNT\cache\spoolsv.exe
[-] 2010-08-17 . 8554097E5136C3BF9F69FE578A1B35F4 . 128000 . . [6.0.6000.16386] . . c:\windows\System32\spoolsv.exe
[-] 2010-08-17 . 8554097E5136C3BF9F69FE578A1B35F4 . 128000 . . [6.0.6002.18294] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18294_none_d7d4d063bef46cd2\spoolsv.exe
[-] 2010-08-17 . 3665F79026A3F91FBCA63F2C65A09B19 . 126464 . . [6.0.6001.18511] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18511_none_d641dcfdc18fec21\spoolsv.exe
[-] 2010-08-17 . E807FC542C295BA256CE3567829E02A6 . 128000 . . [6.0.6001.22743] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.22743_none_d6ad0c7edac40f93\spoolsv.exe
[-] 2009-04-11 . 524BFBEA40E6E404737CCBC754647A2E . 127488 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18005_none_d8371c2dbeaa9062\spoolsv.exe
.
[-] 2009-04-11 . 898E7C06A350D4A1A64A9EA264D55452 . 314368 . . [6.0.6002.18005] . . c:\windows\ERDNT\cache\winlogon.exe
[-] 2009-04-11 . 898E7C06A350D4A1A64A9EA264D55452 . 314368 . . [6.0.6001.18000] . . c:\windows\System32\winlogon.exe
[-] 2009-04-11 . 898E7C06A350D4A1A64A9EA264D55452 . 314368 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
.
[-] 2009-04-11 . 76B06EB8A01FC8624D699E7045303E54 . 72192 . . [6.0.6002.18005] . . c:\windows\ERDNT\cache\tdx.sys
[-] 2009-04-11 . 76B06EB8A01FC8624D699E7045303E54 . 72192 . . [6.0.6002.18005] . . c:\windows\System32\drivers\tdx.sys
[-] 2009-04-11 . 76B06EB8A01FC8624D699E7045303E54 . 72192 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6002.18005_none_ec294157d9377403\tdx.sys
.
[-] 2013-07-04 . 58035212AB7869A5FC3AF186ACBA8F09 . 532480 . . [5.82] . . c:\windows\ERDNT\cache\comctl32.dll
[-] 2013-07-04 . 58035212AB7869A5FC3AF186ACBA8F09 . 532480 . . [5.82] . . c:\windows\System32\comctl32.dll
[-] 2013-07-04 . 58035212AB7869A5FC3AF186ACBA8F09 . 532480 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.18879_none_3b3ff8f0d54e60f1\comctl32.dll
[-] 2013-07-04 . 9474AD3584430D24DA87517F9DB0CBB2 . 532480 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18879_none_88f80d1769beeaec\comctl32.dll
[-] 2013-07-04 . 059F04344FD96993C4F207BB4E281DF3 . 532480 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.23151_none_3bd70d4bee632e8a\comctl32.dll
[-] 2013-07-04 . C0A115C660134FD0A97735DE368702A5 . 532480 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.23151_none_8ad7a1bf66eb6815\comctl32.dll
[-] 2010-09-02 . 542A806C74798410ADA0623B9E745C38 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.22480_none_3bb5b9b7ee7c46da\comctl32.dll
[-] 2010-09-02 . 2429BBFFCE9EDB193232DE902F88C688 . 1686016 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.22480_none_45f1fca2222ab96c\comctl32.dll
[-] 2010-09-02 . 63A65EA959BD32B01F02E847CB16C63D . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.22480_none_8ada5c8366e90385\comctl32.dll
[-] 2010-09-01 . FFBE05ED8338B17940DEA55FA6BC6F03 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.22755_none_39f4b905f1391c96\comctl32.dll
[-] 2010-09-01 . 168B034C75B85AFD667AC8D0C9003312 . 1685504 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.22755_none_4612924c21dcda90\comctl32.dll
[-] 2010-09-01 . 640C4514157B3C6FE1E05B135FCB95B4 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.22755_none_8a5499024dc7b801\comctl32.dll
[-] 2010-08-31 . DC8891A9203810FC994E7FCCF76E94C8 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.18305_none_3b879dbed519463b\comctl32.dll
[-] 2010-08-31 . BE3C082837866C4C291ADAF163C10EA6 . 1686016 . . [6.10] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
[-] 2010-08-31 . 35ACD5EA63D75E97DD0E9A1629E582B2 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\comctl32.dll
[-] 2010-08-31 . 457366B876CEAB9E92DDF976B8520CB6 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.18523_none_39898984d804f924\comctl32.dll
[-] 2010-08-31 . D702B4E30B31BFCAB7BD4E5965C1A5DC . 1684480 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll
[-] 2010-08-31 . E402A6E79D1E4DBFEBA8B364C67A3158 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18523_none_886c608850a2f36f\comctl32.dll
[-] 2009-04-11 . 0C2236FB7195A1CF2A632D530349E673 . 1686016 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
[-] 2008-01-21 . 50CDFD99E606D172875E73B87C64053D . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.18000_none_399c1f00d7f7837a\comctl32.dll
[-] 2008-01-21 . 58D3C1519096F3D9E07EEC5F5FC64885 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18000_none_886786f450a74a05\comctl32.dll
[-] 2008-01-21 . A5BB4537004C8DCC096A952EF1E20FE9 . 1684480 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll
[-] 2006-11-02 . B28A9B2300A250B703D44C1759AF2605 . 1648128 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll
[-] 2006-11-02 . 4A05089F43041903A3C523A3C16E3350 . 537088 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\comctl32.dll
.
[-] 2009-04-11 . 67058C46504BC12D821F38CF99B7B28F . 268800 . . [2001.12.6932.18005] . . c:\windows\ERDNT\cache\es.dll
[-] 2009-04-11 . 67058C46504BC12D821F38CF99B7B28F . 268800 . . [2001.12.6932.18005] . . c:\windows\System32\es.dll
[-] 2009-04-11 . 67058C46504BC12D821F38CF99B7B28F . 268800 . . [2001.12.6932.18005] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6002.18005_none_0ed918294edf6b75\es.dll
[-] 2008-04-19 . 131B7E46A7ACD49CB56BB03917A76DE3 . 268800 . . [2001.12.6930.20818] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6000.20818_none_0b8e318c6db592d2\es.dll
[-] 2008-04-19 . 7B4971C3D43525175A4EA0D143E0412E . 268800 . . [2001.12.6930.16677] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6000.16677_none_0ac2b30954c98430\es.dll
[-] 2008-04-18 . 3CB3343D720168B575133A0A20DC2465 . 269312 . . [2001.12.6931.18057] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.18057_none_0cbe918751dfdd3f\es.dll
[-] 2008-04-18 . 776D75AF432C598068CC933C7421171B . 269312 . . [2001.12.6931.22162] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.22162_none_0d385cf46b0a1a47\es.dll
.
[-] 2009-04-11 . C8BDCECEE082B54F0BAC838BF0A34597 . 114688 . . [6.0.6002.18005] . . c:\windows\ERDNT\cache\imm32.dll
[-] 2009-04-11 . C8BDCECEE082B54F0BAC838BF0A34597 . 114688 . . [6.0.6002.18005] . . c:\windows\System32\imm32.dll
[-] 2009-04-11 . C8BDCECEE082B54F0BAC838BF0A34597 . 114688 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-imm32_31bf3856ad364e35_6.0.6002.18005_none_5e419722778cc84e\imm32.dll
.
[-] 2012-09-28 . DC3105CC925A0D47F61B54E66AB730FC . 892928 . . [6.0.6002.18704] . . c:\windows\ERDNT\cache\kernel32.dll
[-] 2012-09-28 . DC3105CC925A0D47F61B54E66AB730FC . 892928 . . [6.0.6001.18000] . . c:\windows\System32\kernel32.dll
[-] 2012-09-28 . DC3105CC925A0D47F61B54E66AB730FC . 892928 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18704_none_95a86b4d536e26b4\kernel32.dll
[-] 2012-09-28 . A9204E65A74AF0E801EA46F5A92C87A2 . 893440 . . [6.0.6002.22942] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.22942_none_9604c9ba6cae00bb\kernel32.dll
[-] 2011-04-12 . 574B473FACAA0E91702B86578440B525 . 892416 . . [6.0.6002.18449] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18449_none_9582275d538a1db6\kernel32.dll
[-] 2011-04-12 . 7062DEB220FA1CCB1B65FC40D6E7D807 . 893440 . . [6.0.6002.22625] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.22625_none_961d64be6c9b1d69\kernel32.dll
[-] 2011-04-12 . 306835D4E74E49A5D10F0FCA0B422EB1 . 890368 . . [6.0.6001.18631] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18631_none_939e812b5662e4c2\kernel32.dll
[-] 2011-04-12 . 497A2DA8181560B3E2F8FFE0092FD1E6 . 892928 . . [6.0.6001.22898] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.22898_none_93ee425a6faadaba\kernel32.dll
[-] 2009-04-11 . BB8509089E7DF514310814E1B2593FFC . 891392 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18005_none_95a95e4d536d53fa\kernel32.dll
[-] 2009-02-13 . DB6E3731E6F5C8AE2843F80B5787F7C6 . 888832 . . [6.0.6001.18215] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18215_none_93b81a93564f1da0\kernel32.dll
[-] 2009-02-13 . 1987D817D08F5EAF0B7F334026FDDB79 . 890880 . . [6.0.6001.22376] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.22376_none_9401d8206f9c7e67\kernel32.dll
[-] 2009-02-13 . B82C7AC1D559F0FD088792171D64C7F3 . 875520 . . [6.0.6000.16820] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.16820_none_91c20a8f593529ed\kernel32.dll
[-] 2009-02-13 . BB792054BD990EC05D9E260D50FEAD39 . 875520 . . [6.0.6000.21010] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.21010_none_92564f68724ae108\kernel32.dll
.
[-] 2006-11-02 . 24F90AEFEBE601D427CB4511E74CDCB6 . 22016 . . [6.0.6000.16386] . . c:\windows\ERDNT\cache\linkinfo.dll
[-] 2006-11-02 . 24F90AEFEBE601D427CB4511E74CDCB6 . 22016 . . [6.0.6000.16386] . . c:\windows\System32\linkinfo.dll
[-] 2006-11-02 . 24F90AEFEBE601D427CB4511E74CDCB6 . 22016 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-linkinfo_31bf3856ad364e35_6.0.6000.16386_none_362e7020a86900de\linkinfo.dll
.
[-] 2013-06-04 . 14940757518AA48B73992F19820D1799 . 23552 . . [6.0.6002.23132] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.23132_none_ac24a6e570e0e9d1\lpk.dll
[-] 2012-12-16 . 883A634FF496FE2D22BA3D441EED0ED0 . 23552 . . [6.0.6002.23004] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.23004_none_ac47155770c6cb85\lpk.dll
[-] 2011-02-16 . 08F5BC2DC64C4D97931A28058F238D80 . 23552 . . [6.0.6002.22589] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22589_none_abf5b7af710301e2\lpk.dll
[-] 2011-02-16 . 0F1AF051D2B58411341B70360852AA36 . 23552 . . [6.0.6001.22854] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22854_none_aa2ab41973c8da38\lpk.dll
[-] 2011-01-08 . 9259B5AD10104BB0847013A70A0A6F32 . 23552 . . [6.0.6002.22566] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22566_none_ac0856a970f57dfb\lpk.dll
[-] 2011-01-08 . 53B04A1B4BB0C84B063AA7219083FC16 . 23552 . . [6.0.6001.22830] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22830_none_aa3c52c973bc3cfa\lpk.dll
[-] 2010-10-28 . 52212E87A6E94FB997728259D836D605 . 23552 . . [6.0.6002.22514] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22514_none_ac3c65b170cebf98\lpk.dll
[-] 2010-10-28 . 61112C628C7883DD7F63D2DF6C6FF108 . 23552 . . [6.0.6001.22787] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22787_none_aa0d434d73de7ce9\lpk.dll
[-] 2010-05-26 . A58A8CF30FBDB8969C24B0820B0F2976 . 23552 . . [6.0.6002.22412] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22412_none_ac3a633770d08fc3\lpk.dll
[-] 2010-05-26 . 021F8740EFF00B65889FD1AD4C634498 . 23552 . . [6.0.6001.22700] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22700_none_aa5cc0a773a3ec00\lpk.dll
[-] 2009-10-19 . 7BE32E67440BB5B2205C5402A2FBDE25 . 24064 . . [6.0.6000.16939] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16939_none_a7d5725a5d6ffbb2\lpk.dll
[-] 2009-10-19 . 1C8BB8BB211F8ADB8E51FC2FF5C411D6 . 24064 . . [6.0.6000.21142] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.21142_none_a84d1555769c394e\lpk.dll
[-] 2009-10-19 . 6223ACDEE46548B706EE8E8C51A985B0 . 23552 . . [6.0.6001.22544] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22544_none_aa357e5373c0c6d2\lpk.dll
[-] 2009-10-19 . 7ABEC59B0338BAA1261190B89B2B90E6 . 23552 . . [6.0.6002.22247] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22247_none_ac1ef11970e467fb\lpk.dll
[-] 2009-06-15 . D78588659CD9CD55F9D242AAC3466F96 . 24064 . . [6.0.6000.16870] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16870_none_a7a12e2a5d988a40\lpk.dll
[-] 2009-06-15 . F1A7B85B64B75F49B728CF8D41BD2AB0 . 23552 . . [6.0.6001.22450] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22450_none_aa26ab5973cc8040\lpk.dll
[-] 2009-06-15 . 829B85E6DC808A386C9BDF81A0273581 . 24064 . . [6.0.6000.21067] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.21067_none_a83c750976a7f2bc\lpk.dll
[-] 2009-06-15 . 6B0D35336B0AFED33BA4A42B5ABD3A3A . 23552 . . [6.0.6002.22152] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22152_none_ac0f1dd570f10812\lpk.dll
[-] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\ERDNT\cache\lpk.dll
[-] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\System32\lpk.dll
[-] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18051_none_ab8480c057d44ef1\lpk.dll
[-] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18124_none_aba7f34857b9444a\lpk.dll
[-] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18262_none_ab7ab4ea57db7e87\lpk.dll
[-] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18336_none_ab9f27bc57bf8d37\lpk.dll
[-] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18371_none_ab6ee69a57e47e48\lpk.dll
[-] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18405_none_abbe991c57a81d34\lpk.dll
[-] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18725_none_aba8fef657b84c8b\lpk.dll
[-] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18755_none_ab888f3257d0a05e\lpk.dll
[-] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18861_none_ab79c00457dc541a\lpk.dll
[-] 2008-01-21 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18272_none_a9896d645abd4ddf\lpk.dll
[-] 2008-01-21 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18344_none_a9abdfa25aa329e1\lpk.dll
[-] 2008-01-21 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18482_none_a97ea1445ac5641e\lpk.dll
[-] 2008-01-21 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18547_none_a9aee44c5aa07034\lpk.dll
[-] 2008-01-21 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18579_none_a990751c5ab6f6b5\lpk.dll
[-] 2008-01-21 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18599_none_a97ad5445ac72e97\lpk.dll
[-] 2008-01-21 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18005_none_abbe918457a82898\lpk.dll
.
[-] 2011-12-14 . 17AF64D727545F2804F6E6D998327E3F . 680448 . . [7.0.6002.18551] . . c:\windows\ERDNT\cache\msvcrt.dll
[-] 2011-12-14 . 17AF64D727545F2804F6E6D998327E3F . 680448 . . [7.0.6002.18551] . . c:\windows\System32\msvcrt.dll
[-] 2011-12-14 . 17AF64D727545F2804F6E6D998327E3F . 680448 . . [7.0.6002.18551] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.18551_none_d306a7e69c340115\msvcrt.dll
[-] 2011-12-14 . A807F65718C263442F0C3613F9BFD267 . 680448 . . [7.0.6002.22755] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.22755_none_d39447bfb54e0362\msvcrt.dll
[-] 2009-04-11 . F5E991236960137B1F5449C5E5DF4656 . 679936 . . [7.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.18005_none_d340af2c9c07e8f9\msvcrt.dll
.
[-] 2009-04-11 . 8617350C9B590B63E620881092751BCB . 223232 . . [6.0.6002.18005] . . c:\windows\ERDNT\cache\mswsock.dll
[-] 2009-04-11 . 8617350C9B590B63E620881092751BCB . 223232 . . [6.0.6000.16386] . . c:\windows\System32\mswsock.dll
[-] 2009-04-11 . 8617350C9B590B63E620881092751BCB . 223232 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6002.18005_none_ba3ed0122a6d89da\mswsock.dll
.
[-] 2009-04-11 . 95DAECF0FB120A7B5DA679CC54E37DDE . 592896 . . [6.0.6002.18005] . . c:\windows\ERDNT\cache\netlogon.dll
[-] 2009-04-11 . 95DAECF0FB120A7B5DA679CC54E37DDE . 592896 . . [6.0.6001.18000] . . c:\windows\System32\netlogon.dll
[-] 2009-04-11 . 95DAECF0FB120A7B5DA679CC54E37DDE . 592896 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
.
[-] 2009-04-11 . 9A7F4B2EDACD11444D048AA19CBB26AF . 98816 . . [6.0.6002.18005] . . c:\windows\ERDNT\cache\powrprof.dll
[-] 2009-04-11 . 9A7F4B2EDACD11444D048AA19CBB26AF . 98816 . . [6.0.6001.18000] . . c:\windows\System32\powrprof.dll
[-] 2009-04-11 . 9A7F4B2EDACD11444D048AA19CBB26AF . 98816 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.0.6002.18005_none_a505176cf9fa2abd\powrprof.dll
.
[-] 2009-04-11 . 8FC182167381E9915651267044105EE1 . 177152 . . [6.0.6002.18005] . . c:\windows\ERDNT\cache\scecli.dll
[-] 2009-04-11 . 8FC182167381E9915651267044105EE1 . 177152 . . [6.0.6000.16386] . . c:\windows\System32\scecli.dll
[-] 2009-04-11 . 8FC182167381E9915651267044105EE1 . 177152 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
.
[-] 2006-11-02 . F4E1AA5D59C849A4AB47E895DC76B9C8 . 4608 . . [6.0.6000.16386] . . c:\windows\ERDNT\cache\sfc.dll
[-] 2006-11-02 . F4E1AA5D59C849A4AB47E895DC76B9C8 . 4608 . . [6.0.6000.16386] . . c:\windows\System32\sfc.dll
[-] 2006-11-02 . F4E1AA5D59C849A4AB47E895DC76B9C8 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-sfc_31bf3856ad364e35_6.0.6001.18000_none_a735c34c5c31a578\sfc.dll
.
[-] 2008-01-21 . 3794B461C45882E06856F282EEF025AF . 21504 . . [6.0.6001.18000] . . c:\windows\ERDNT\cache\svchost.exe
[-] 2008-01-21 . 3794B461C45882E06856F282EEF025AF . 21504 . . [6.0.6000.16386] . . c:\windows\System32\svchost.exe
[-] 2008-01-21 . 3794B461C45882E06856F282EEF025AF . 21504 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
.
[-] 2009-04-11 . D7673E4B38CE21EE54C59EEEB65E2483 . 242688 . . [6.0.6002.18005] . . c:\windows\ERDNT\cache\tapisrv.dll
[-] 2009-04-11 . D7673E4B38CE21EE54C59EEEB65E2483 . 242688 . . [6.0.6000.16386] . . c:\windows\System32\tapisrv.dll
[-] 2009-04-11 . D7673E4B38CE21EE54C59EEEB65E2483 . 242688 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-tapiservice_31bf3856ad364e35_6.0.6002.18005_none_e52851e7e21463cb\tapisrv.dll
.
[-] 2009-04-11 . 75510147B94598407666F4802797C75A . 627712 . . [6.0.6002.18005] . . c:\windows\ERDNT\cache\user32.dll
[-] 2009-04-11 . 75510147B94598407666F4802797C75A . 627712 . . [6.0.6001.18000] . . c:\windows\System32\user32.dll
[-] 2009-04-11 . 75510147B94598407666F4802797C75A . 627712 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
.
[-] 2008-01-21 . 0E135526E9785D085BCD9AEDE6FBCBF9 . 25088 . . [6.0.6001.18000] . . c:\windows\ERDNT\cache\userinit.exe
[-] 2008-01-21 . 0E135526E9785D085BCD9AEDE6FBCBF9 . 25088 . . [6.0.6000.16386] . . c:\windows\System32\userinit.exe
[-] 2008-01-21 . 0E135526E9785D085BCD9AEDE6FBCBF9 . 25088 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
.
[-] 2008-01-21 . B304D47D5744BA20FCB99FB8B2C07B0B . 179200 . . [6.0.6001.18000] . . c:\windows\ERDNT\cache\ws2_32.dll
[-] 2008-01-21 . B304D47D5744BA20FCB99FB8B2C07B0B . 179200 . . [6.0.6000.16386] . . c:\windows\System32\ws2_32.dll
[-] 2008-01-21 . B304D47D5744BA20FCB99FB8B2C07B0B . 179200 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll
.
[-] 2006-11-02 . 17C0671BF57057108A6D949510EE42C8 . 4608 . . [6.0.6000.16386] . . c:\windows\ERDNT\cache\ws2help.dll
[-] 2006-11-02 . 17C0671BF57057108A6D949510EE42C8 . 4608 . . [6.0.6000.16386] . . c:\windows\System32\ws2help.dll
[-] 2006-11-02 . 17C0671BF57057108A6D949510EE42C8 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.0.6000.16386_none_024e4071fa6fea95\ws2help.dll
.
[-] 2009-04-11 . D07D4C3038F3578FFCE1C0237F2A1253 . 2926592 . . [6.0.6000.16386] . . c:\windows\explorer.exe
[-] 2009-04-11 . D07D4C3038F3578FFCE1C0237F2A1253 . 2926592 . . [6.0.6002.18005] . . c:\windows\ERDNT\cache\explorer.exe
[-] 2009-04-11 . D07D4C3038F3578FFCE1C0237F2A1253 . 2926592 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[-] 2008-10-30 . 50BA5850147410CDE89C523AD3BC606E . 2927616 . . [6.0.6001.22298] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[-] 2008-10-29 . 4F554999D7D5F05DAAEBBA7B5BA1089D . 2927104 . . [6.0.6001.18164] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[-] 2008-10-29 . 37440D09DEAE0B672A04DCCF7ABF06BE . 2923520 . . [6.0.6000.16771] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[-] 2008-10-28 . E7156B0B74762D9DE0E66BDCDE06E5FB . 2923520 . . [6.0.6000.20947] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
.
[-] 2008-01-21 . 467A3B03E924B7B7EDD16D34740574B0 . 134656 . . [6.0.6000.16386] . . c:\windows\regedit.exe
[-] 2008-01-21 . 467A3B03E924B7B7EDD16D34740574B0 . 134656 . . [6.0.6001.18000] . . c:\windows\ERDNT\cache\regedit.exe
[-] 2008-01-21 . 467A3B03E924B7B7EDD16D34740574B0 . 134656 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6001.18000_none_f42eb564dbd8a697\regedit.exe
.
[-] 2010-06-28 . 7C6F74A11FCF5745B36CB8085B7DE3FB . 1316864 . . [6.0.6002.22433] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.22433_none_ae70528d08aae434\ole32.dll
[-] 2010-06-28 . 9586E7CB2255A8B097A7E4538202585E . 1316864 . . [6.0.6002.18277] . . c:\windows\ERDNT\cache\ole32.dll
[-] 2010-06-28 . 9586E7CB2255A8B097A7E4538202585E . 1316864 . . [6.0.6000.16386] . . c:\windows\System32\ole32.dll
[-] 2010-06-28 . 9586E7CB2255A8B097A7E4538202585E . 1316864 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.18277_none_adbf7553efaa1c63\ole32.dll
[-] 2010-06-28 . 64A319477AF21806B8A17E8A3A3FF8BC . 1315840 . . [6.0.6001.22720] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.22720_none_ac91afb30b7f271a\ole32.dll
[-] 2010-06-28 . AA406846DD60E3A4536DBAAB4037B685 . 1315840 . . [6.0.6001.18498] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.18498_none_abc461f7f2931b51\ole32.dll
[-] 2009-04-11 . C50A0AB19094BC362FBA69E105EBCCFD . 1316864 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.18005_none_ae092067ef732bd0\ole32.dll
.
[-] 2010-04-16 . E609A492AD596187CEA24E8418FF082F . 502784 . . [1.0626.6002.22384] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.22384_none_af1813076efd8bc3\usp10.dll
[-] 2010-04-16 . 80FFF14F1757B9AF8BE9D314FC1AE88B . 502272 . . [1.0626.6002.18244] . . c:\windows\ERDNT\cache\usp10.dll
[-] 2010-04-16 . 80FFF14F1757B9AF8BE9D314FC1AE88B . 502272 . . [1.0626.6002.18244] . . c:\windows\System32\usp10.dll
[-] 2010-04-16 . 80FFF14F1757B9AF8BE9D314FC1AE88B . 502272 . . [1.0626.6002.18244] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.18244_none_aeb9b5ec55bf7c35\usp10.dll
[-] 2010-04-16 . 8CB1162DD3586683D71BCB303C1FF54F . 502272 . . [1.0626.6001.22672] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.22672_none_ad3a707771d0e800\usp10.dll
[-] 2010-04-16 . A23E4692716C25E5AEA300ED74E73A1C . 501760 . . [1.0626.6001.18461] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.18461_none_acbaa16858ac15c7\usp10.dll
[-] 2009-04-11 . 5A8E28037289FCCBF7AD3FC57DF7048F . 502272 . . [1.0626.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.18005_none_aee5f21a559e2b7a\usp10.dll
.
[-] 2006-11-02 . 919CC2A0476D5A6A4C935D4B88E29912 . 4608 . . [6.0.6000.16386] . . c:\windows\ERDNT\cache\ksuser.dll
[-] 2006-11-02 . 919CC2A0476D5A6A4C935D4B88E29912 . 4608 . . [6.0.6000.16386] . . c:\windows\System32\ksuser.dll
[-] 2006-11-02 . 919CC2A0476D5A6A4C935D4B88E29912 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-d..tshow-kernelsupport_31bf3856ad364e35_6.0.6001.18000_none_e8019c5c974c4491\ksuser.dll
.
[-] 2006-11-02 . 22BFD03DF51065A9ED8D17F8FB72296B . 8704 . . [6.0.6000.16386] . . c:\windows\ERDNT\cache\ctfmon.exe
[-] 2006-11-02 . 22BFD03DF51065A9ED8D17F8FB72296B . 8704 . . [6.0.6000.16386] . . c:\windows\System32\ctfmon.exe
[-] 2006-11-02 . 22BFD03DF51065A9ED8D17F8FB72296B . 8704 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.0.6000.16386_none_9af9cad793a67953\ctfmon.exe
.
[-] 2009-07-10 . 1E3FDB80E40A3CE645F229DFBDFB7694 . 247808 . . [6.0.6001.18287] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.18287_none_cce0e39c1d282219\shsvcs.dll
[-] 2009-07-10 . 94285A002D2826D2FD1C0806455136E9 . 245760 . . [6.0.6000.16883] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.16883_none_caf6a3ce20052bcc\shsvcs.dll
[-] 2009-07-10 . 6898575E052CE7CB1CB87622EF187CDA . 245760 . . [6.0.6000.21081] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.21081_none_cb7e18273924cc2a\shsvcs.dll
[-] 2009-07-10 . 6669714ACE90E9BB4E8C1D550C67B160 . 247808 . . [6.0.6001.22467] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.22467_none_cd80222536358728\shsvcs.dll
[-] 2009-07-10 . F0942394F642F5CE3D9A86474FA293FA . 247808 . . [6.0.6002.22169] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.22169_none_cf6894a1335a0efa\shsvcs.dll
[-] 2009-07-10 . C7230FBEE14437716701C15BE02C27B8 . 247808 . . [6.0.6002.18063] . . c:\windows\ERDNT\cache\shsvcs.dll
[-] 2009-07-10 . C7230FBEE14437716701C15BE02C27B8 . 247808 . . [6.0.6000.16386] . . c:\windows\System32\shsvcs.dll
[-] 2009-07-10 . C7230FBEE14437716701C15BE02C27B8 . 247808 . . [6.0.6002.18063] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.18063_none_ced8f61a1a41d726\shsvcs.dll
[-] 2009-04-11 . C818C44C201898399BF999BB6B35D4E3 . 247296 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.18005_none_cf1bd6361a0f622e\shsvcs.dll
.
[-] 2006-11-02 . 2EC53B5A351C4D443896DBAD117F7E82 . 4608 . . [6.0.6000.16386] . . c:\windows\ERDNT\cache\msimg32.dll
[-] 2006-11-02 . 2EC53B5A351C4D443896DBAD117F7E82 . 4608 . . [6.0.6000.16386] . . c:\windows\System32\msimg32.dll
[-] 2006-11-02 . 2EC53B5A351C4D443896DBAD117F7E82 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-gdi-painting_31bf3856ad364e35_6.0.6000.16386_none_7535161f1f2100ed\msimg32.dll
.
[-] 2006-11-02 . 7F15B4953378C8B5161D65C26D5FED4D . 11776 . . [6.0.6000.16386] . . c:\windows\ERDNT\cache\cngaudit.dll
[-] 2006-11-02 . 7F15B4953378C8B5161D65C26D5FED4D . 11776 . . [6.0.6000.16386] . . c:\windows\System32\cngaudit.dll
[-] 2006-11-02 . 7F15B4953378C8B5161D65C26D5FED4D . 11776 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
.
[-] 2008-01-21 . 101BA3EA053480BB5D957EF37C06B5ED . 96768 . . [6.0.6001.18000] . . c:\windows\ERDNT\cache\wininit.exe
[-] 2008-01-21 . 101BA3EA053480BB5D957EF37C06B5ED . 96768 . . [6.0.6000.16386] . . c:\windows\System32\wininit.exe
[-] 2008-01-21 . 101BA3EA053480BB5D957EF37C06B5ED . 96768 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
.
[-] 2009-04-11 . 9E6894EA18DAFF37B63E1005F83AE4AB . 107008 . . [6.0.6002.18005] . . c:\windows\ERDNT\cache\regsvc.dll
[-] 2009-04-11 . 9E6894EA18DAFF37B63E1005F83AE4AB . 107008 . . [6.0.6000.16386] . . c:\windows\System32\regsvc.dll
[-] 2009-04-11 . 9E6894EA18DAFF37B63E1005F83AE4AB . 107008 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-remoteregistry-service_31bf3856ad364e35_6.0.6002.18005_none_8b517ec580991c4d\regsvc.dll
.
[-] 2010-11-06 . 7B587B8A6D4A99F79D2902D0385F29BD . 603648 . . [6.0.6001.18551] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6001.18551_none_2ecc18bd972a0f87\schedsvc.dll
[-] 2010-11-05 . 4B71C228530440F853F9C30E308F00E9 . 604672 . . [6.0.6001.22791] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6001.22791_none_2f2a77beb0681c3c\schedsvc.dll
[-] 2010-11-05 . 38AE0400578FD396628F21A571473A3B . 602112 . . [6.0.6002.22519] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6002.22519_none_316f6d3cad4659b7\schedsvc.dll
[-] 2010-11-04 . 1A58069DB21D05EB2AB58EE5753EBE8D . 601600 . . [6.0.6002.18342] . . c:\windows\ERDNT\cache\schedsvc.dll
[-] 2010-11-04 . 1A58069DB21D05EB2AB58EE5753EBE8D . 601600 . . [6.0.6001.18000] . . c:\windows\System32\schedsvc.dll
[-] 2010-11-04 . 1A58069DB21D05EB2AB58EE5753EBE8D . 601600 . . [6.0.6002.18342] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6002.18342_none_30be5cc194475f38\schedsvc.dll
[-] 2009-04-11 . 323AE0BDFD2EB15B668DDA50CC597329 . 595456 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6002.18005_none_30ec979d94244404\schedsvc.dll
[-] 2008-01-21 . 886CEC884B5BE29AB9828B8AB46B11F7 . 595456 . . [6.0.6000.16609] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6000.16609_none_2d23e28599d3cbd6\schedsvc.dll
[-] 2008-01-21 . BF17DA9F25A4F84C2577AC13EE126CB7 . 595968 . . [6.0.6000.20734] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6000.20734_none_2d880e1ab30e40c0\schedsvc.dll
.
[-] 2008-01-21 . 03D50B37234967433A5EA5BA72BC0B62 . 155648 . . [6.0.6001.18000] . . c:\windows\ERDNT\cache\ssdpsrv.dll
[-] 2008-01-21 . 03D50B37234967433A5EA5BA72BC0B62 . 155648 . . [6.0.6000.16386] . . c:\windows\System32\ssdpsrv.dll
[-] 2008-01-21 . 03D50B37234967433A5EA5BA72BC0B62 . 155648 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-upnpssdp_31bf3856ad364e35_6.0.6001.18000_none_7fc972ebd13849b5\ssdpsrv.dll
.
[-] 2009-04-11 . BB95DA09BEF6E7A131BFF3BA5032090D . 449024 . . [6.0.6002.18005] . . c:\windows\ERDNT\cache\termsrv.dll
[-] 2009-04-11 . BB95DA09BEF6E7A131BFF3BA5032090D . 449024 . . [6.0.6001.18000] . . c:\windows\System32\termsrv.dll
[-] 2009-04-11 . BB95DA09BEF6E7A131BFF3BA5032090D . 449024 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6002.18005_none_908abad45165e2ae\termsrv.dll
.
[-] 2008-01-21 . A952D0DED445F26AEFCF593A935AB300 . 289792 . . [6.0.6001.18000] . . c:\windows\ERDNT\cache\hnetcfg.dll
[-] 2008-01-21 . A952D0DED445F26AEFCF593A935AB300 . 289792 . . [6.0.6000.16386] . . c:\windows\System32\hnetcfg.dll
[-] 2008-01-21 . A952D0DED445F26AEFCF593A935AB300 . 289792 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-i..ectionsharingconfig_31bf3856ad364e35_6.0.6001.18000_none_b03645b494998691\hnetcfg.dll
.
[-] 2008-01-21 . 7A5F8218325F00396DAEA2F985FA0ECB . 18944 . . [6.0.6001.18000] . . c:\windows\ERDNT\cache\ias.dll
[-] 2008-01-21 . 7A5F8218325F00396DAEA2F985FA0ECB . 18944 . . [6.0.6001.18000] . . c:\windows\System32\ias.dll
[-] 2008-01-21 . 7A5F8218325F00396DAEA2F985FA0ECB . 18944 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-n..ion_service_runtime_31bf3856ad364e35_6.0.6002.18005_none_faec53b03fa80e64\ias.dll
.
[-] 2010-08-31 16:49 . 5E9F187AC6BADB58C21C4E3A18DD1F62 . 954288 . . [4.1.6151] . . c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6002.22478_none_f53f7ef86c05abb0\mfc40u.dll
[-] 2010-08-31 15:46 . 2A64FE405579BB073FBABD68AF1468E7 . 954288 . . [4.1.6151] . . c:\windows\ERDNT\cache\mfc40u.dll
[-] 2010-08-31 15:46 . 2A64FE405579BB073FBABD68AF1468E7 . 954288 . . [4.1.6140] . . c:\windows\System32\mfc40u.dll
[-] 2010-08-31 15:46 . 2A64FE405579BB073FBABD68AF1468E7 . 954288 . . [4.1.6151] . . c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6002.18305_none_f4fe90c352b1fc4a\mfc40u.dll
[-] 2010-08-31 15:41 . 13D0F7769927B74782CB59D8CCEF9E10 . 954288 . . [4.1.6151] . . c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6001.18523_none_f3007c89559daf33\mfc40u.dll
[-] 2010-08-31 15:17 . 1C1486BB262DF6DFD298110BC495906E . 954288 . . [4.1.6151] . . c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6001.22754_none_f36aabc06ed2b94e\mfc40u.dll
[-] 2006-11-02 09:46 . BA8639F9EB0F74F2946DE6DE1AF4691F . 924944 . . [4.1.6140] . . c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6000.16386_none_f0dc500958a528b5\mfc40u.dll
.
[-] 2008-01-21 . 68308183F4AE0BE7BF8ECD07CB297999 . 259072 . . [6.0.6001.18000] . . c:\windows\ERDNT\cache\upnphost.dll
[-] 2008-01-21 . 68308183F4AE0BE7BF8ECD07CB297999 . 259072 . . [6.0.6000.16386] . . c:\windows\System32\upnphost.dll
[-] 2008-01-21 . 68308183F4AE0BE7BF8ECD07CB297999 . 259072 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-upnpdevicehost_31bf3856ad364e35_6.0.6001.18000_none_c1e834753483fdcf\upnphost.dll
.
[-] 2009-04-11 . 84B8827562B005C118CADBA0F25DB2C6 . 444416 . . [6.0.6002.18005] . . c:\windows\ERDNT\cache\dsound.dll
[-] 2009-04-11 . 84B8827562B005C118CADBA0F25DB2C6 . 444416 . . [6.0.6000.16386] . . c:\windows\System32\dsound.dll
[-] 2009-04-11 . 84B8827562B005C118CADBA0F25DB2C6 . 444416 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-audio-dsound_31bf3856ad364e35_6.0.6002.18005_none_5a8737643f04aa4c\dsound.dll
.
[-] 2009-04-11 . 8AAEEE8E59A70F37579993D118A34EE0 . 1788416 . . [6.0.6002.18005] . . c:\windows\ERDNT\cache\d3d9.dll
[-] 2009-04-11 . 8AAEEE8E59A70F37579993D118A34EE0 . 1788416 . . [6.0.6002.18005] . . c:\windows\System32\d3d9.dll
[-] 2009-04-11 . 8AAEEE8E59A70F37579993D118A34EE0 . 1788416 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.0.6002.18005_none_c438e5b15de80145\d3d9.dll
.
[-] 2008-01-21 . FA2A3AFADC4FB47DBC234A4E57F92CDB . 522752 . . [6.0.6001.18000] . . c:\windows\ERDNT\cache\ddraw.dll
[-] 2008-01-21 . FA2A3AFADC4FB47DBC234A4E57F92CDB . 522752 . . [6.0.6000.16386] . . c:\windows\System32\ddraw.dll
[-] 2008-01-21 . FA2A3AFADC4FB47DBC234A4E57F92CDB . 522752 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-directx-directdraw_31bf3856ad364e35_6.0.6001.18000_none_0505a2ecc0013ebd\ddraw.dll
.
[-] 2009-04-11 06:28 . A944A73CEC5921B871542FE5CC5E03E4 . 88576 . . [6.0.6002.18005] . . c:\windows\ERDNT\cache\olepro32.dll
[-] 2009-04-11 06:28 . A944A73CEC5921B871542FE5CC5E03E4 . 88576 . . [6.0.6002.18005] . . c:\windows\System32\olepro32.dll
[-] 2009-04-11 06:28 . A944A73CEC5921B871542FE5CC5E03E4 . 88576 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-ole-automation-legacy_31bf3856ad364e35_6.0.6002.18005_none_3bff339efed611ca\olepro32.dll
.
[-] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] . . c:\windows\ERDNT\cache\perfctrs.dll
[-] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] . . c:\windows\System32\perfctrs.dll
[-] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.0.6002.18005_none_335eb6cf5a3b9de4\perfctrs.dll
.
[-] 2009-04-11 . 69827805A221C21450BA22F4326A2EE3 . 20480 . . [6.0.6002.18005] . . c:\windows\ERDNT\cache\version.dll
[-] 2009-04-11 . 69827805A221C21450BA22F4326A2EE3 . 20480 . . [6.0.6002.18005] . . c:\windows\System32\version.dll
[-] 2009-04-11 . 69827805A221C21450BA22F4326A2EE3 . 20480 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-version_31bf3856ad364e35_6.0.6002.18005_none_16e9c83b4e078740\version.dll
.
[-] 2009-04-11 . 96EA68B9EB310A69C25EBB0282B2B9DE . 282624 . . [6.0.6002.18005] . . c:\windows\ERDNT\cache\w32time.dll
[-] 2009-04-11 . 96EA68B9EB310A69C25EBB0282B2B9DE . 282624 . . [6.0.6001.18000] . . c:\windows\System32\w32time.dll
[-] 2009-04-11 . 96EA68B9EB310A69C25EBB0282B2B9DE . 282624 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-time-service_31bf3856ad364e35_6.0.6002.18005_none_8a92dcbb6a6c707b\w32time.dll
.
[-] 2009-04-11 . 5DE7D67E49B88F5F07F3E53C4B92A352 . 453120 . . [6.0.6002.18005] . . c:\windows\ERDNT\cache\wiaservc.dll
[-] 2009-04-11 . 5DE7D67E49B88F5F07F3E53C4B92A352 . 453120 . . [6.0.6000.16386] . . c:\windows\System32\wiaservc.dll
[-] 2009-04-11 . 5DE7D67E49B88F5F07F3E53C4B92A352 . 453120 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-w..sition-coreservices_31bf3856ad364e35_6.0.6002.18005_none_347fb41db0752753\wiaservc.dll
.
[-] 2009-04-11 . 83199EF88D691E730B80666E29F90D58 . 17408 . . [6.0.6002.18005] . . c:\windows\ERDNT\cache\midimap.dll
[-] 2009-04-11 . 83199EF88D691E730B80666E29F90D58 . 17408 . . [6.0.6000.16386] . . c:\windows\System32\midimap.dll
[-] 2009-04-11 . 83199EF88D691E730B80666E29F90D58 . 17408 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-audio-mmecore-other_31bf3856ad364e35_6.0.6002.18005_none_8ee941100db1acf2\midimap.dll
.
[-] 2006-11-02 . A7D525E5C0D91C8C1D84C6BCD25AD77D . 10240 . . [6.0.6000.16386] . . c:\windows\ERDNT\cache\rasadhlp.dll
[-] 2006-11-02 . A7D525E5C0D91C8C1D84C6BCD25AD77D . 10240 . . [6.0.6000.16386] . . c:\windows\System32\rasadhlp.dll
[-] 2006-11-02 . A7D525E5C0D91C8C1D84C6BCD25AD77D . 10240 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-rasautodial_31bf3856ad364e35_6.0.6001.18000_none_0fd9feb665531f63\rasadhlp.dll
.
[-] 2008-01-21 . 22CFAEB9172F5F198048401485CD0571 . 9216 . . [6.0.6001.18000] . . c:\windows\ERDNT\cache\WSHTCPIP.DLL
[-] 2008-01-21 . 22CFAEB9172F5F198048401485CD0571 . 9216 . . [6.0.6000.16386] . . c:\windows\System32\WSHTCPIP.DLL
[-] 2008-01-21 . 22CFAEB9172F5F198048401485CD0571 . 9216 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-winsock-helper-tcpip_31bf3856ad364e35_6.0.6001.18000_none_cbb305c23187855a\WSHTCPIP.DLL
.
((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}]
2013-10-23 19:52 12240 ----a-w- c:\program files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{41564952-412D-5637-00A7-7A786E7484D7}"= "c:\program files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" [2013-10-23 12240]
.
[HKEY_CLASSES_ROOT\clsid\{41564952-412d-5637-00a7-7a786e7484d7}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"Hobbyist Software VLC Streamer"="c:\program files\Hobbyist Software\VLC Streamer\VLC Streamer Configuration.exe" [2011-10-06 1313848]
"BitTorrent"="c:\program files\BitTorrent\BitTorrent.exe" [2012-06-09 6380440]
"PrinterProDesktop"="c:\program files\Printer Pro Desktop\PrinterProDesktop.exe" [2012-02-02 2132992]
"OpAgent"="c:\program files\ScanSoft\OmniPage15.0\OpAgent.exe" [2005-09-26 155648]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-27 1045800]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-05-22 133656]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-05-22 141848]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-05-22 166424]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2013-05-01 421888]
"Opware15"="c:\program files\ScanSoft\OmniPage15.0\Opware15.exe" [2005-09-26 69632]
"PDF3 Registry Controller"="c:\program files\ScanSoft\OmniPage15.0\PDFConverter3\\RegistryController.exe" [2005-08-25 106496]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2013-09-10 347192]
"ApnTBMon"="c:\program files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" [2013-10-23 1673680]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-11-01 152392]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-09-29 155648]
.
c:\users\Bernardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Serviio.lnk - c:\program files\Serviio1\bin\ServiioConsole.exe [2013-3-22 606720]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /r \??\C:\0autocheck autochk *
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk
backup=c:\windows\pss\Adobe Reader Synchronizer.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Avvio veloce di Adobe Acrobat.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Avvio veloce di Adobe Acrobat.lnk
backup=c:\windows\pss\Avvio veloce di Adobe Acrobat.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^DVD Check.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\DVD Check.lnk
backup=c:\windows\pss\DVD Check.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Serviio.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Serviio.lnk
backup=c:\windows\pss\Serviio.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Bernardo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Ritaglio schermata e avvio di OneNote 2007.lnk]
path=c:\users\Bernardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Ritaglio schermata e avvio di OneNote 2007.lnk
backup=c:\windows\pss\Ritaglio schermata e avvio di OneNote 2007.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Bernardo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Serviio.lnk]
path=c:\users\Bernardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Serviio.lnk
backup=c:\windows\pss\Serviio.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
2006-10-22 22:24 620152 ----a-w- c:\program files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2011-06-06 10:55 937920 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2011-10-05 23:52 59240 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2013-04-21 19:43 59720 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent]
2012-06-09 21:32 6380440 ----a-w- c:\program files\BitTorrent\BitTorrent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2010-04-01 09:16 357696 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2009-02-26 16:36 30040 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Hobbyist Software VLC Streamer]
2011-10-06 21:31 1313848 ----a-w- c:\program files\Hobbyist Software\VLC Streamer\VLC Streamer Configuration.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Health Check Scheduler]
2008-04-15 20:42 70912 ----a-w- c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2010-06-09 19:55 49208 ----a-w- c:\program files\HP\HP Software Update\hpwuschd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
2008-04-18 13:53 178712 ----a-w- c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2005-02-16 15:15 81920 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
2008-03-18 00:59 2289664 ----a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]
2001-07-09 09:50 155648 ------w- c:\windows\System32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2013-05-01 01:59 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Samsung PanelMgr]
2008-04-14 05:19 536576 ----a-w- c:\windows\Samsung\PanelMgr\SSMMgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-01-17 09:07 252296 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-21 02:33 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe
.
R2 0305941234687276mcinstcleanup;McAfee Application Installer Cleanup (0305941234687276);c:\users\Bernardo\AppData\Local\Temp\030594~1.EXE [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-03-18 00:56 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contenuto della cartella 'Scheduled Tasks'
.
2013-10-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-25 14:18]
.
2013-10-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cec4c470a3a510.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-10 12:19]
.
2013-09-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-10 12:19]
.
2013-01-27 c:\windows\Tasks\ROC_REG_JAN_DELETE.job
- c:\programdata\AVG January 2013 Campaign\ROC.exe [2013-01-22 21:16]
.
.
------- Scansione supplementare -------
.
uStart Page = hxxp://www.google.it/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=it_it&c=83&bd=all&pf=cmnb
uInternet Settings,ProxyOverride = *.local
uInternet Settings,ProxyServer = 127.0.0.1:3849
IE: Aggiungi a PDF esistente - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Apri PDF in Word (PDF Converter 3.0) - c:\program files\ScanSoft\OmniPage15.0\PDFConverter3\IEShellExt.dll /400
IE: Converti destinazione link in Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Converti destinazione link in file PDF esistente - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Converti i link selezionati in Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Converti i link selezionati in file PDF esistente - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Converti in Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Converti selezione in Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Converti selezione in file PDF esistente - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll
TCP: Interfaces\{160FBFA6-C472-447F-BC1A-AA55146F0447}: NameServer = 94.198.96.34,46.4.70.20
.
- - - - CHIAVI ORFANE RIMOSSE - - - -
.
HKCU-Run-iCloudServices - c:\program files\Common Files\Apple\Internet Services\iCloudServices.exe
HKCU-Run-ApplePhotoStreams - c:\program files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
HKCU-Run-com.apple.dav.bookmarks.daemon - c:\program files\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
SafeBoot-WudfPf
SafeBoot-WudfRd
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-11-17 12:28
Windows 6.0.6002 Service Pack 2 NTFS
.
scansione processi nascosti ...
.
scansione entrate autostart nascoste ...
.
Scansione files nascosti ...
.
Scansione completata con successo
Files nascosti:
.
**************************************************************************
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_USERS\S-1-5-21-1829768621-2103045172-3052511590-1004\Software\SecuROM\License information*]
"datasecu"=hex:dd,f4,32,2f,95,99,af,a0,5f,9c,ed,04,84,04,27,27,a1,37,81,f8,ff,
63,05,08,cc,dc,ef,e4,e1,9e,22,bd,48,a5,04,a9,a1,a9,a8,00,f9,be,bb,4b,ee,f3,\
"rkeysecu"=hex:b4,af,90,e2,b7,cc,02,6a,c8,df,34,dc,9f,13,ae,6d
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Dlls caricate dai processi in esecuzione ---------------------
.
- - - - - - - > 'Explorer.exe'(1344)
c:\program files\WinSCP\DragExt.dll
.
------------------------ Altri processi in esecuzione ------------------------
.
c:\windows\system32\AUDIODG.EXE
c:\windows\system32\WLANExt.exe
c:\program files\Avira\AntiVir Desktop\sched.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\AskPartnerNetwork\Toolbar\apnmcp.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\MySQL\MySQL Server 5.1\bin\mysqld.exe
c:\windows\system32\rpcnet.exe
c:\program files\Serviio1\bin\ServiioService.exe
c:\program files\Serviio1\bin\ServiioService.exe
c:\windows\system32\vmnat.exe
c:\program files\VMware\VMware Player\vmware-authd.exe
c:\windows\system32\vmnetdhcp.exe
c:\program files\Common Files\VMware\USB\vmware-usbarbitrator.exe
c:\program files\Team MediaPortal\MediaPortal TV Server\TVService.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\program files\Avira\AntiVir Desktop\AVWEBGRD.EXE
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Ora fine scansione: 2013-11-17 12:38:45 - Il pc è stato riavviato
ComboFix-quarantined-files.txt 2013-11-17 11:38
.
Pre-Run: 2.550.829.056 byte disponibili
Post-Run: 2.342.535.168 byte disponibili
.
- - End Of File - - 18A4B9A390F8A44239CD34680C28AEF3
5C616939100B85E558DA92B899A0FC36

Khronos · 17-11-2013, 21:21

sei pieno di toolbar inutili e programmi opinabili.ma dipende dall'uso che fai del tuo pc.

E-Byron · 17-11-2013, 21:28

Il fatto e' che si tratta di un pc abbastanza vecchiotto...bisognerebbe formattarlo e'? ... dal punto di vista di virus pero' che mi dite?

Khronos · 17-11-2013, 22:12

se ci fossero virus Avira non se ne starebbe zitto.

li non hai virus, hai programmi spazzatura. e il fatto che sia vecchio non vuol dire che andrebbe formattato.
basta usarlo in maniera decente, senza installare cazzate (vedo pulitori, vedo roba da Softonic, vedo Itunes, Ask, quicktime, nero... una marea, di bellezze),
e ibernando al posto di spegnere.
saluti

Eress · 18-11-2013, 06:36

La prima schifezza da togliere lì è proprio avira!

E-Byron · 18-11-2013, 07:48

infatti, proprio ieri sera l'ho disinstallato...

E-Byron · 18-11-2013, 08:23

Ho appena scaricato un programmino (adwcleaner) che mi ha eliminato le seguenti cose:

# AdwCleaner v3.012 - Report created 18/11/2013 at 09:13:42
# Updated 11/11/2013 by Xplode
# Operating System : Windows Vista (TM) Home Basic Service Pack 2 (32 bits)
# Username : Bernardo - CAMERETTA
# Running from : C:\Users\Bernardo\.config\qupzilla\tmp\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\Conduit
Folder Deleted : C:\ProgramData\IBUpdaterService
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\DAEMON Tools Toolbar
Folder Deleted : C:\Program Files\Delta
Folder Deleted : C:\Program Files\file scout
Folder Deleted : C:\Program Files\lucky leap
Folder Deleted : C:\Program Files\MyPC Backup
Folder Deleted : C:\Program Files\NCH Software
Folder Deleted : C:\Program Files\Softonic
Folder Deleted : C:\Program Files\Common Files\DVDVideoSoft\TB
Folder Deleted : C:\Users\Bernardo\AppData\Local\Conduit
Folder Deleted : C:\Users\Bernardo\AppData\Local\Temp\apn
Folder Deleted : C:\Users\Bernardo\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Bernardo\AppData\LocalLow\Softonic
Folder Deleted : C:\Users\Bernardo\AppData\Roaming\BabSolution
Folder Deleted : C:\Users\Bernardo\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Bernardo\AppData\Roaming\file scout
Folder Deleted : C:\Users\Bernardo\AppData\Roaming\NCH Software
Folder Deleted : C:\Users\Bernardo\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Bernardo\AppData\Roaming\PerformerSoft
Folder Deleted : C:\Users\Bernardo\AppData\Roaming\Searchprotect
Folder Deleted : C:\Users\Bernardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender
Folder Deleted : C:\Users\Bernardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\Babylon.xml
File Deleted : C:\windows\System32\Tasks\EPUpdater

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\elchiiiejkobdbblfejjkbphbddgmljf
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7D1BEA0A-05EC-45FA-B73A-902ACCF216A8}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7D1BEA0A-05EC-45FA-B73A-902ACCF216A8}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore.1
Key Deleted : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj
Key Deleted : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\SoftonicApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\SoftonicApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\srv.SoftonicSrvc
Key Deleted : HKLM\SOFTWARE\Classes\srv.SoftonicSrvc.1
Key Deleted : HKCU\Software\5c4ddd1b26db942
Key Deleted : HKLM\SOFTWARE\5c4ddd1b26db942
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2117678
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2530241
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3306061
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B15F118E-AF21-45E8-A809-29FDD7362565}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{44B50C01-4993-48E2-ADEE-D812BAE2E9A2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A3E2F089-DDBB-4CBF-B06C-5D44DA316ED3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A5679AB0-C59E-49E7-83C4-5289F844A6E0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA0167C2-6295-41B8-9BDA-704B2F5E4CD9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11D9E165-B8C1-4734-A56C-BC4FCACA966B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3E288F79-03E4-4983-A48E-0D879B51FF19}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B15F118E-AF21-45E8-A809-29FDD7362565}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{41564952-412D-5637-00A7-7A786E7484D7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{41564952-412D-5637-00A7-7A786E7484D7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{929801A8-4AEF-4D12-BE31-D85BF666452B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9CF034EA-7B46-48D3-8895-8A14B32AE445}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Key Deleted : HKCU\Software\Conduit
[#] Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\Delta
Key Deleted : HKCU\Software\filescout
Key Deleted : HKCU\Software\Iminent
Key Deleted : HKCU\Software\lucky leap
Key Deleted : HKCU\Software\NCH Software
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\smartbar
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Delta
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\Software\lucky leap
Key Deleted : HKLM\Software\NCH Software
Key Deleted : HKLM\Software\Softonic
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\daemon tools toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\lucky leap
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Softonic
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\daemon tools toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Delta Chrome Toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Delta
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\lucky leap
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyPC Backup
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Softonic
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16520

Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]

*************************

AdwCleaner[R0].txt - [13115 octets] - [18/11/2013 09:11:45]
AdwCleaner[S0].txt - [13276 octets] - [18/11/2013 09:13:42]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [13337 octets] ##########

Che dite?

aled1974 · 18-11-2013, 08:33

che se usi un po' di questi strumenti http://www.hwupgrade.it/forum/showthread.php?t=1599737 non fai di certo male

poi sali di radice e vedi se ci sono altri programmini da usare per debellare le schifezze in avanzo

in quanto all'antivirus, de gustibus, a differenza di Eress che ne pare allergico io con avira mi trovo benissimo da anni

Ma se vuoi cambiare fai pure, di AV free ce ne sono diversi tra cui scegliere

ciao ciao

Eress · 18-11-2013, 08:39

Quote:

Originariamente inviato da aled1974

a differenza di Eress che ne pare allergico

Non sono io allergico a questo genere di schifezze, ma i pc

aled1974 · 18-11-2013, 08:56

dai su, è almeno un anno che continui a promuovere mse ovunque al posto di qualsiasi altro AV free

mettiamo un link di un sito che seguo con interesse http://chart.av-comparatives.org/chart1.php, purtroppo manca mse per confronto ed eventuale scelta alternativa ad avira

ciao ciao

tallines · 18-11-2013, 10:57

Ciao, hai fatto una bella pulizia

Hai disattivato i punti di ripristino ?

Altrimenti è come non fare gli scan .

Come al solito

su 10 utenti 500 hanno : softonic (guarda la firma che ho

), tollbar a uffa........tra cui OpenCandy, Babylon toolbar & c e ovviamente anche file temporanei .

I programmi si devono downloadare dal sito della casa madre, non andare per comodità sul primo sito che appare dopo una ricerca .

Quello che avevi l'avresti avuto ugualmente, magari in misura minore, qualsiasi antivirus avessi installato, forse, dico forse anche se avevi Kaspersky .

Questo tipo di malware non viene indivduato da antivirus tipo Avira, Mse, Avast etc etc.

Bisogna fare scansioni particolari, con tool specifici, tra cui anche TdsKiller e Otl .

Dopo tutti questi scan in un pc ho lanciato anche VirIt e mi ha trovato due infezioni in System32, che tutti gli altri scan non hanno trovato

PS : pulire sempre i file temporanei di internet o con la pulizia di windows o con tool tipo Atf Cleaner .

Meglio se gli scan specifici (Combofix.....) vengono fatti in modalità provvisoria a punti di ripristino azzerati .

I report meglio se caricati in formato zip

o tramite wikisend, dropbox........

Eress · 18-11-2013, 12:20

Quote:

Originariamente inviato da aled1974

dai su, è almeno un anno che continui a promuovere mse ovunque al posto di qualsiasi altro AV free

Mi hai frainteso. Io non promuovo nulla, se non l'evitare di usare qualsiasi AV, che risulta dannoso al sistema e alle macchine. MSE lo consiglio solo ai virusfobici che non riescono a vivere senza AV. Spero di essere stato chiaro questa volta.

E-Byron · 18-11-2013, 13:38

concordo con Eres...secondo me e' la stessa cosa averlo o non averlo!

aled1974 · 18-11-2013, 13:45

pensa che c'è pure chi disattiva totalmente quel rompiscatole dell'UAC

scherzi a parte, come ti dicevo, di AV free ce ne sono diversi tra cui scegliere, poi se uno vuole rimanere senza liberissimo di farlo

però detto da chi ha appena scoperto di essere infestato da una pletora di malware, porta pazienza, ma non lo definirei il parere più autorevole possibile

ciao ciao

E-Byron · 18-11-2013, 14:15

no ma infatti il mio rimane un semplice pensiero da inesperto...percio mi sono rivolto a te

aled1974 · 18-11-2013, 17:12

vai tranquillo fratello e vivi felice come meglio preferisci

ciao ciao

Eress · 18-11-2013, 18:52

Quote:

Originariamente inviato da aled1974

pensa che c'è pure chi disattiva totalmente quel rompiscatole dell'UAC

Non ci siamo aled. Credevo di essere stato chiaro, ma evidentemente non ci sono riuscito neanche sta volta

Poi UAC e AV sono due cose totalmente diverse. UAC è solo un modulo di protezione integrato nel sistema, gli AV sono programmi esterni molto invasivi sul sistema e stressanti per l'HW. Oltre ciò, fondamentalmente inutili.

aled1974 · 18-11-2013, 19:56

scusa Eress perchè ti senti tirato in causa? Non ti ho quotato/citato quindi non era riferito / non era un dialogo nei tuoi confronti... booh

ma dato che ci siamo sarebbe meglio dire che E' TUA OPINIONE che gli AV siano quel che scrivi, non un dato di fatto oggettivo. Anche perchè per estensione si potrebbe dire la stessa cosa per gli antimalware (programmi esterni anche loro), e sicuramente c'è al mondo chi lo pensa e lo esterna. Salvo poi rileggere questo stesso thread per capire dove sta il mondo reale

ciao ciao

Eress · 18-11-2013, 20:15

Quote:

Originariamente inviato da aled1974

ma dato che ci siamo sarebbe meglio dire che E' TUA OPINIONE che gli AV siano quel che scrivi, non un dato di fatto oggettivo.

STRAOGGETTIVO. Testato personalmente e confermato. Idem per antimalware residenti. Non c'è alcuna differenza, mai detto.
Comunque non mi sono affatto sentito tirato in causa, è solo che di questo si parla e ho detto la mia, non ci vedo nulla di strano o diverso dal normale funzionamento di un forum.

**!fazz** · 18-11-2013, 20:29

Abbiamo un'intera sezione dedicata alla sicurezza dei sistemi informatici

17-11-2013, 20:50	#1
E-Byron Member Iscritto dal: Sep 2007 Messaggi: 36	Parere su log di Combofix Salve ragazzi, volevo un vostro parere su questo log di combofix (ho windows vista), grazie: ComboFix 13-11-16.01 - Bernardo 17/11/2013 11.33.15.5.1 - x86 NETWORK Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.39.1040.18.2039.1590 [GMT 1:00] Eseguito da: c:\users\Bernardo\Desktop\terrier.exe Opzioni usate :: /killall SP: Windows Defender Disabled/Updated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((( Altre eliminazioni ))))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\system32\spsys.log . . ((((((((((((((((((((((((( Files Creati Da 2013-10-17 al 2013-11-17 ))))))))))))))))))))))))))))))))))) . . 2013-11-17 10:44 . 2013-11-17 11:28 -------- d-----w- c:\users\Bernardo\AppData\Local\temp 2013-11-17 10:44 . 2013-11-17 10:44 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-11-17 08:33 . 2013-11-17 09:54 -------- dc----w- C:\boxer 2013-11-16 23:58 . 2013-11-16 23:58 -------- d-----w- c:\program files\SWMole Clone Remover 3.9 2013-11-16 23:35 . 2013-11-16 23:35 -------- d-----w- c:\users\Bernardo\AppData\Local\SimilarImages 2013-11-16 23:35 . 2013-11-16 23:35 -------- d-----w- c:\program files\Common Files\MaierSoft 2013-11-16 23:35 . 2013-11-16 23:35 -------- d-----w- c:\program files\SimilarImages 2013-11-16 13:19 . 2013-11-16 13:21 -------- dc----w- C:\Thomas 2013-11-16 12:54 . 2013-11-16 12:54 -------- d-----w- c:\program files\PC Cleaners 2013-11-16 12:10 . 2013-11-16 12:10 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{811BFA6F-0520-4511-820A-0FCE101CA7A0}\offreg.dll 2013-11-16 10:14 . 2013-11-16 12:52 -------- d-----w- c:\program files\iPhone Backup Extractor 2013-11-16 09:58 . 2013-11-16 09:58 -------- d-----w- c:\program files\Softonic 2013-11-16 02:08 . 2013-10-13 09:38 387584 ----a-w- c:\program files\Internet Explorer\jsdbgui.dll 2013-11-16 02:08 . 2013-10-13 09:38 104448 ----a-w- c:\program files\Internet Explorer\jsdebuggeride.dll 2013-11-16 02:08 . 2013-10-13 09:39 678912 ----a-w- c:\program files\Internet Explorer\iedvtool.dll 2013-11-16 02:08 . 2013-10-13 09:35 1427968 ----a-w- c:\windows\system32\inetcpl.cpl 2013-11-15 23:48 . 2013-10-03 12:45 297984 ----a-w- c:\windows\system32\gdi32.dll 2013-11-15 23:48 . 2013-10-03 12:45 993792 ----a-w- c:\windows\system32\crypt32.dll 2013-11-15 23:47 . 2013-10-11 02:08 444928 ----a-w- c:\windows\system32\IKEEXT.DLL 2013-11-15 23:47 . 2013-10-11 02:07 596480 ----a-w- c:\windows\system32\FWPUCLNT.DLL 2013-11-15 19:56 . 2013-11-16 02:29 -------- d-----w- c:\program files\Microsoft ISATAP Adapter 2013-11-15 19:56 . 2013-11-15 19:56 -------- d-----w- c:\program files\Common Files\Microsoft ISATAP Adapter 2013-11-15 18:28 . 2013-10-14 06:39 7796464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{811BFA6F-0520-4511-820A-0FCE101CA7A0}\mpengine.dll 2013-11-15 18:08 . 2012-01-26 10:08 128272 ----a-w- c:\windows\system32\IMAGEHLP.DLL 2013-11-12 21:50 . 2013-11-12 21:50 -------- d-----w- c:\users\Bernardo\AppData\Roaming\SearchProtect 2013-11-12 21:50 . 2013-11-12 21:50 -------- d-----w- c:\program files\Conduit 2013-11-12 21:50 . 2013-11-12 21:50 -------- d-----w- c:\programdata\Conduit 2013-11-12 21:50 . 2013-11-16 12:48 -------- d-----w- c:\users\Bernardo\AppData\Local\Conduit 2013-11-12 21:49 . 2013-11-12 21:49 -------- d-----w- c:\program files\lucky leap 2013-11-12 21:48 . 2013-11-15 18:20 -------- d-----w- c:\program files\MyPC Backup 2013-11-12 21:48 . 2013-11-12 21:48 -------- d-----w- c:\program files\Wise 2013-11-12 19:26 . 2013-11-12 19:28 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1 2013-11-12 19:26 . 2013-11-12 19:28 -------- d-----w- c:\program files\iTunes 2013-11-03 11:18 . 2013-11-03 11:18 -------- d-----w- C:\found.000 2013-11-02 22:55 . 2013-11-02 22:56 -------- d-----w- C:\Tommy 2013-11-02 10:45 . 2013-11-02 10:46 -------- d-----w- C:\def 2013-10-28 21:37 . 2002-08-21 15:26 102469 ----a-w- c:\windows\system32\vbprndlg.dll 2013-10-28 21:37 . 2002-03-04 11:04 299008 ----a-w- c:\windows\system32\igtabs40.ocx . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-11-17 10:46 . 2009-05-19 14:51 17408 ----a-w- c:\windows\system32\rpcnetp.dll 2013-11-17 10:46 . 2009-10-02 16:45 58288 ----a-w- c:\windows\system32\rpcnet.dll 2013-11-17 10:45 . 2009-10-02 16:41 17408 ----a-w- c:\windows\system32\rpcnetp.exe 2013-10-19 14:18 . 2011-06-19 13:20 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-09-10 09:22 . 2013-07-06 11:36 136672 ----a-w- c:\windows\system32\drivers\avipbb.sys 2013-09-10 09:22 . 2013-07-06 11:36 88840 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2013-09-03 12:35 . 2009-10-02 16:44 238872 ------w- c:\windows\system32\MpSigStub.exe 2013-08-29 07:36 . 2013-10-10 22:35 2050048 ----a-w- c:\windows\system32\win32k.sys 2013-08-27 02:47 . 2013-10-10 22:35 219648 ----a-w- c:\windows\system32\d3d10_1core.dll 2013-08-27 02:47 . 2013-10-10 22:35 189952 ----a-w- c:\windows\system32\d3d10core.dll 2013-08-27 02:47 . 2013-10-10 22:35 1029120 ----a-w- c:\windows\system32\d3d10.dll 2013-08-27 02:47 . 2013-10-10 22:35 160768 ----a-w- c:\windows\system32\d3d10_1.dll 2013-08-27 01:52 . 2013-10-10 22:35 1172480 ----a-w- c:\windows\system32\d3d10warp.dll 2013-08-27 01:50 . 2013-10-10 22:35 486400 ----a-w- c:\windows\system32\d3d10level9.dll 2013-08-27 01:32 . 2013-10-10 22:35 683008 ----a-w- c:\windows\system32\d2d1.dll 2013-08-27 01:28 . 2013-10-10 22:35 1069056 ----a-w- c:\windows\system32\DWrite.dll 2013-08-27 01:28 . 2013-10-10 22:35 798208 ----a-w- c:\windows\system32\FntCache.dll . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [-] 2008-01-21 . 53B202ABEE6455406254444303E87BE1 . 17408 . . [6.0.6001.18000] . . c:\windows\ERDNT\cache\asyncmac.sys [-] 2008-01-21 . 53B202ABEE6455406254444303E87BE1 . 17408 . . [6.0.6001.18000] . . c:\windows\System32\drivers\asyncmac.sys [-] 2008-01-21 . 53B202ABEE6455406254444303E87BE1 . 17408 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-rasbase-asyncmac_31bf3856ad364e35_6.0.6001.18000_none_2457cee334d93e6f\asyncmac.sys . [-] 2008-01-21 . 67E506B75BD5326A3EC7B70BD014DFB6 . 6144 . . [6.0.6001.18000] . . c:\windows\ERDNT\cache\beep.sys [-] 2008-01-21 . 67E506B75BD5326A3EC7B70BD014DFB6 . 6144 . . [6.0.6001.18000] . . c:\windows\System32\drivers\beep.sys [-] 2008-01-21 . 67E506B75BD5326A3EC7B70BD014DFB6 . 6144 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-beepsys_31bf3856ad364e35_6.0.6001.18000_none_c420a153079d485b\beep.sys . [-] 2008-01-21 . C5DBBCDA07D780BDA9B685DF333BB41E . 4608 . . [6.0.6001.18000] . . c:\windows\ERDNT\cache\null.sys [-] 2008-01-21 . C5DBBCDA07D780BDA9B685DF333BB41E . 4608 . . [6.0.6001.18000] . . c:\windows\System32\drivers\null.sys [-] 2008-01-21 . C5DBBCDA07D780BDA9B685DF333BB41E . 4608 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-null_31bf3856ad364e35_6.0.6001.18000_none_a965ed7d1afd0ac7\null.sys . [-] 2008-01-21 . A3629A0C4226F9E9C72FAAEEBC3AD33C . 81920 . . [6.0.6001.18000] . . c:\windows\ERDNT\cache\browser.dll [-] 2008-01-21 . A3629A0C4226F9E9C72FAAEEBC3AD33C . 81920 . . [6.0.6000.16386] . . c:\windows\System32\browser.dll [-] 2008-01-21 . A3629A0C4226F9E9C72FAAEEBC3AD33C . 81920 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-browserservice_31bf3856ad364e35_6.0.6001.18000_none_78e926b99dfe756d\browser.dll . [-] 2012-06-01 . 613DEB66A91820F0A41915B40BB8833F . 9728 . . [6.0.6002.22869] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22869_none_a882cf8373379c5f\lsass.exe [-] 2011-11-16 . A3E186B4B935905B829219502557314E . 9728 . . [6.0.6002.18541] . . c:\windows\ERDNT\cache\lsass.exe [-] 2011-11-16 . A3E186B4B935905B829219502557314E . 9728 . . [6.0.6000.16386] . . c:\windows\System32\lsass.exe [-] 2011-11-16 . A3E186B4B935905B829219502557314E . 9728 . . [6.0.6002.18541] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18541_none_a806cc745a10ffad\lsass.exe [-] 2011-11-16 . A3E186B4B935905B829219502557314E . 9728 . . [6.0.6002.18541] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18643_none_a808ceee5a0f2f82\lsass.exe [-] 2011-11-16 . EBFAEB786C46B407930811F94F08877D . 9728 . . [6.0.6002.22742] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22742_none_a8916b6f732db5f5\lsass.exe [-] 2009-09-10 . D09A5DA84B7C9CA9B02EBCD7FAE41C8D . 7680 . . [6.0.6000.21125] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\lsass.exe [-] 2009-09-10 . 2D3AC5E7AC01E905F3ABD2D745FE3A9B . 9728 . . [6.0.6002.22223] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\lsass.exe [-] 2009-09-09 . CB7E838C140B4087B2DA323F2D4523C5 . 9728 . . [6.0.6001.22518] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\lsass.exe [-] 2009-06-15 . C731B1FE449D4E9CEA358C9D55B69BE9 . 7680 . . [6.0.6000.16870] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe [-] 2009-06-15 . 6F1F23D3599EAE17734451936B7F17C6 . 9728 . . [6.0.6001.22450] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\lsass.exe [-] 2009-06-15 . BA9A67672E025078C77967731BCFC560 . 7680 . . [6.0.6000.21067] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\lsass.exe [-] 2009-06-15 . A911ECAC81F94ADEAFBE8E3F7873EDB0 . 9728 . . [6.0.6001.18272] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe [-] 2009-06-15 . 203D86EBD6D8E4C8501B222421E81506 . 9728 . . [6.0.6002.22152] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\lsass.exe [-] 2009-06-15 . 3978F3540329E16C0AC3BCF677E5669F . 9728 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe [-] 2009-02-13 . F4C62B07E5BF96F1FDCA9DB393ECED22 . 9728 . . [6.0.6001.22376] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\lsass.exe [-] 2009-02-13 . 59DE082968FDD257FFF0D209B9A5B460 . 7680 . . [6.0.6000.16820] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\lsass.exe [-] 2009-02-13 . AFF8A58280863629CA4FFA9E0B259F1E . 7680 . . [6.0.6000.21010] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\lsass.exe [-] 2008-01-21 . DCF733788C7D088D814E5F80EB4B3E0F . 9728 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsass.exe [-] 2008-01-21 . DCF733788C7D088D814E5F80EB4B3E0F . 9728 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_a83603ce59ed0382\lsass.exe . [-] 2008-01-21 . C8052711DAECC48B982434C5116CA401 . 274432 . . [6.0.6001.18000] . . c:\windows\ERDNT\cache\netman.dll [-] 2008-01-21 . C8052711DAECC48B982434C5116CA401 . 274432 . . [6.0.6000.16386] . . c:\windows\System32\netman.dll [-] 2008-01-21 . C8052711DAECC48B982434C5116CA401 . 274432 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-netman_31bf3856ad364e35_6.0.6001.18000_none_0fbd1b9651cfd333\netman.dll . [-] 2008-01-21 . 4211249955AF9133E2E357CC92B54DFD . 1291264 . . [2001.12.6931.18000] . . c:\windows\ERDNT\cache\comres.dll [-] 2008-01-21 . 4211249955AF9133E2E357CC92B54DFD . 1291264 . . [2001.12.6930.16386] . . c:\windows\System32\comres.dll [-] 2008-01-21 . 4211249955AF9133E2E357CC92B54DFD . 1291264 . . [2001.12.6931.18000] . . c:\windows\winsxs\x86_microsoft-windows-com-complus.res_31bf3856ad364e35_6.0.6001.18000_none_2cb0dad7e631d923\comres.dll . [-] 2009-04-11 . 93952506C6D67330367F7E7934B6A02F . 758784 . . [7.0.6002.18005] . . c:\windows\ERDNT\cache\qmgr.dll [-] 2009-04-11 . 93952506C6D67330367F7E7934B6A02F . 758784 . . [7.0.6001.18000] . . c:\windows\System32\qmgr.dll [-] 2009-04-11 . 93952506C6D67330367F7E7934B6A02F . 758784 . . [7.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6002.18005_none_257c3df8f693d6d8\qmgr.dll . [-] 2009-04-11 . 3B5B4D53FEC14F7476CA29A20CC31AC9 . 550400 . . [6.0.6002.18005] . . c:\windows\ERDNT\cache\rpcss.dll [-] 2009-04-11 . 3B5B4D53FEC14F7476CA29A20CC31AC9 . 550400 . . [6.0.6000.16386] . . c:\windows\System32\rpcss.dll [-] 2009-04-11 . 3B5B4D53FEC14F7476CA29A20CC31AC9 . 550400 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6002.18005_none_6bb655083b01c988\rpcss.dll [-] 2009-03-03 . 301AE00E12408650BADDC04DBC832830 . 551424 . . [6.0.6001.18226] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.18226_none_69bb41ac3deac876\rpcss.dll [-] 2009-03-03 . 4DFCBDEF3CCAA98F99038DED78945253 . 551424 . . [6.0.6001.22389] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.22389_none_6a06ffcd57365beb\rpcss.dll [-] 2009-03-03 . 7B981222A257D076885BFFB66F19B7CE . 549888 . . [6.0.6000.16830] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6000.16830_none_67c4315e40d1bb6c\rpcss.dll [-] 2009-03-03 . B1BB45E24717A7F790B4411C4446EF5E . 550400 . . [6.0.6000.21023] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6000.21023_none_685b771559e4be8c\rpcss.dll . [-] 2009-04-11 . D4E6D91C1349B7BFB3599A6ADA56851B . 279552 . . [6.0.6002.18005] . . c:\windows\ERDNT\cache\services.exe [-] 2009-04-11 . D4E6D91C1349B7BFB3599A6ADA56851B . 279552 . . [6.0.6000.16386] . . c:\windows\System32\services.exe [-] 2009-04-11 . D4E6D91C1349B7BFB3599A6ADA56851B . 279552 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe . [-] 2010-08-17 . AAE98B295E88D439A6E0F6E8929424FB . 128000 . . [6.0.6002.22468] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.22468_none_d882e000d7f61b4c\spoolsv.exe [-] 2010-08-17 . 8554097E5136C3BF9F69FE578A1B35F4 . 128000 . . [6.0.6002.18294] . . c:\windows\ERDNT\cache\spoolsv.exe [-] 2010-08-17 . 8554097E5136C3BF9F69FE578A1B35F4 . 128000 . . [6.0.6000.16386] . . c:\windows\System32\spoolsv.exe [-] 2010-08-17 . 8554097E5136C3BF9F69FE578A1B35F4 . 128000 . . [6.0.6002.18294] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18294_none_d7d4d063bef46cd2\spoolsv.exe [-] 2010-08-17 . 3665F79026A3F91FBCA63F2C65A09B19 . 126464 . . [6.0.6001.18511] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18511_none_d641dcfdc18fec21\spoolsv.exe [-] 2010-08-17 . E807FC542C295BA256CE3567829E02A6 . 128000 . . [6.0.6001.22743] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.22743_none_d6ad0c7edac40f93\spoolsv.exe [-] 2009-04-11 . 524BFBEA40E6E404737CCBC754647A2E . 127488 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18005_none_d8371c2dbeaa9062\spoolsv.exe . [-] 2009-04-11 . 898E7C06A350D4A1A64A9EA264D55452 . 314368 . . [6.0.6002.18005] . . c:\windows\ERDNT\cache\winlogon.exe [-] 2009-04-11 . 898E7C06A350D4A1A64A9EA264D55452 . 314368 . . [6.0.6001.18000] . . c:\windows\System32\winlogon.exe [-] 2009-04-11 . 898E7C06A350D4A1A64A9EA264D55452 . 314368 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe . [-] 2009-04-11 . 76B06EB8A01FC8624D699E7045303E54 . 72192 . . [6.0.6002.18005] . . c:\windows\ERDNT\cache\tdx.sys [-] 2009-04-11 . 76B06EB8A01FC8624D699E7045303E54 . 72192 . . [6.0.6002.18005] . . c:\windows\System32\drivers\tdx.sys [-] 2009-04-11 . 76B06EB8A01FC8624D699E7045303E54 . 72192 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6002.18005_none_ec294157d9377403\tdx.sys . [-] 2013-07-04 . 58035212AB7869A5FC3AF186ACBA8F09 . 532480 . . [5.82] . . c:\windows\ERDNT\cache\comctl32.dll [-] 2013-07-04 . 58035212AB7869A5FC3AF186ACBA8F09 . 532480 . . [5.82] . . c:\windows\System32\comctl32.dll [-] 2013-07-04 . 58035212AB7869A5FC3AF186ACBA8F09 . 532480 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.18879_none_3b3ff8f0d54e60f1\comctl32.dll [-] 2013-07-04 . 9474AD3584430D24DA87517F9DB0CBB2 . 532480 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18879_none_88f80d1769beeaec\comctl32.dll [-] 2013-07-04 . 059F04344FD96993C4F207BB4E281DF3 . 532480 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.23151_none_3bd70d4bee632e8a\comctl32.dll [-] 2013-07-04 . C0A115C660134FD0A97735DE368702A5 . 532480 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.23151_none_8ad7a1bf66eb6815\comctl32.dll [-] 2010-09-02 . 542A806C74798410ADA0623B9E745C38 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.22480_none_3bb5b9b7ee7c46da\comctl32.dll [-] 2010-09-02 . 2429BBFFCE9EDB193232DE902F88C688 . 1686016 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.22480_none_45f1fca2222ab96c\comctl32.dll [-] 2010-09-02 . 63A65EA959BD32B01F02E847CB16C63D . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.22480_none_8ada5c8366e90385\comctl32.dll [-] 2010-09-01 . FFBE05ED8338B17940DEA55FA6BC6F03 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.22755_none_39f4b905f1391c96\comctl32.dll [-] 2010-09-01 . 168B034C75B85AFD667AC8D0C9003312 . 1685504 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.22755_none_4612924c21dcda90\comctl32.dll [-] 2010-09-01 . 640C4514157B3C6FE1E05B135FCB95B4 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.22755_none_8a5499024dc7b801\comctl32.dll [-] 2010-08-31 . DC8891A9203810FC994E7FCCF76E94C8 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.18305_none_3b879dbed519463b\comctl32.dll [-] 2010-08-31 . BE3C082837866C4C291ADAF163C10EA6 . 1686016 . . [6.10] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll [-] 2010-08-31 . 35ACD5EA63D75E97DD0E9A1629E582B2 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\comctl32.dll [-] 2010-08-31 . 457366B876CEAB9E92DDF976B8520CB6 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.18523_none_39898984d804f924\comctl32.dll [-] 2010-08-31 . D702B4E30B31BFCAB7BD4E5965C1A5DC . 1684480 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll [-] 2010-08-31 . E402A6E79D1E4DBFEBA8B364C67A3158 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18523_none_886c608850a2f36f\comctl32.dll [-] 2009-04-11 . 0C2236FB7195A1CF2A632D530349E673 . 1686016 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll [-] 2008-01-21 . 50CDFD99E606D172875E73B87C64053D . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.18000_none_399c1f00d7f7837a\comctl32.dll [-] 2008-01-21 . 58D3C1519096F3D9E07EEC5F5FC64885 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18000_none_886786f450a74a05\comctl32.dll [-] 2008-01-21 . A5BB4537004C8DCC096A952EF1E20FE9 . 1684480 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll [-] 2006-11-02 . B28A9B2300A250B703D44C1759AF2605 . 1648128 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll [-] 2006-11-02 . 4A05089F43041903A3C523A3C16E3350 . 537088 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\comctl32.dll . [-] 2009-04-11 . 67058C46504BC12D821F38CF99B7B28F . 268800 . . [2001.12.6932.18005] . . c:\windows\ERDNT\cache\es.dll [-] 2009-04-11 . 67058C46504BC12D821F38CF99B7B28F . 268800 . . [2001.12.6932.18005] . . c:\windows\System32\es.dll [-] 2009-04-11 . 67058C46504BC12D821F38CF99B7B28F . 268800 . . [2001.12.6932.18005] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6002.18005_none_0ed918294edf6b75\es.dll [-] 2008-04-19 . 131B7E46A7ACD49CB56BB03917A76DE3 . 268800 . . [2001.12.6930.20818] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6000.20818_none_0b8e318c6db592d2\es.dll [-] 2008-04-19 . 7B4971C3D43525175A4EA0D143E0412E . 268800 . . [2001.12.6930.16677] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6000.16677_none_0ac2b30954c98430\es.dll [-] 2008-04-18 . 3CB3343D720168B575133A0A20DC2465 . 269312 . . [2001.12.6931.18057] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.18057_none_0cbe918751dfdd3f\es.dll [-] 2008-04-18 . 776D75AF432C598068CC933C7421171B . 269312 . . [2001.12.6931.22162] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.22162_none_0d385cf46b0a1a47\es.dll . [-] 2009-04-11 . C8BDCECEE082B54F0BAC838BF0A34597 . 114688 . . [6.0.6002.18005] . . c:\windows\ERDNT\cache\imm32.dll [-] 2009-04-11 . C8BDCECEE082B54F0BAC838BF0A34597 . 114688 . . [6.0.6002.18005] . . c:\windows\System32\imm32.dll [-] 2009-04-11 . C8BDCECEE082B54F0BAC838BF0A34597 . 114688 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-imm32_31bf3856ad364e35_6.0.6002.18005_none_5e419722778cc84e\imm32.dll . [-] 2012-09-28 . DC3105CC925A0D47F61B54E66AB730FC . 892928 . . [6.0.6002.18704] . . c:\windows\ERDNT\cache\kernel32.dll [-] 2012-09-28 . DC3105CC925A0D47F61B54E66AB730FC . 892928 . . [6.0.6001.18000] . . c:\windows\System32\kernel32.dll [-] 2012-09-28 . DC3105CC925A0D47F61B54E66AB730FC . 892928 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18704_none_95a86b4d536e26b4\kernel32.dll [-] 2012-09-28 . A9204E65A74AF0E801EA46F5A92C87A2 . 893440 . . [6.0.6002.22942] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.22942_none_9604c9ba6cae00bb\kernel32.dll [-] 2011-04-12 . 574B473FACAA0E91702B86578440B525 . 892416 . . [6.0.6002.18449] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18449_none_9582275d538a1db6\kernel32.dll [-] 2011-04-12 . 7062DEB220FA1CCB1B65FC40D6E7D807 . 893440 . . [6.0.6002.22625] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.22625_none_961d64be6c9b1d69\kernel32.dll [-] 2011-04-12 . 306835D4E74E49A5D10F0FCA0B422EB1 . 890368 . . [6.0.6001.18631] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18631_none_939e812b5662e4c2\kernel32.dll [-] 2011-04-12 . 497A2DA8181560B3E2F8FFE0092FD1E6 . 892928 . . [6.0.6001.22898] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.22898_none_93ee425a6faadaba\kernel32.dll [-] 2009-04-11 . BB8509089E7DF514310814E1B2593FFC . 891392 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18005_none_95a95e4d536d53fa\kernel32.dll [-] 2009-02-13 . DB6E3731E6F5C8AE2843F80B5787F7C6 . 888832 . . [6.0.6001.18215] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18215_none_93b81a93564f1da0\kernel32.dll [-] 2009-02-13 . 1987D817D08F5EAF0B7F334026FDDB79 . 890880 . . [6.0.6001.22376] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.22376_none_9401d8206f9c7e67\kernel32.dll [-] 2009-02-13 . B82C7AC1D559F0FD088792171D64C7F3 . 875520 . . [6.0.6000.16820] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.16820_none_91c20a8f593529ed\kernel32.dll [-] 2009-02-13 . BB792054BD990EC05D9E260D50FEAD39 . 875520 . . [6.0.6000.21010] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.21010_none_92564f68724ae108\kernel32.dll . [-] 2006-11-02 . 24F90AEFEBE601D427CB4511E74CDCB6 . 22016 . . [6.0.6000.16386] . . c:\windows\ERDNT\cache\linkinfo.dll [-] 2006-11-02 . 24F90AEFEBE601D427CB4511E74CDCB6 . 22016 . . [6.0.6000.16386] . . c:\windows\System32\linkinfo.dll [-] 2006-11-02 . 24F90AEFEBE601D427CB4511E74CDCB6 . 22016 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-linkinfo_31bf3856ad364e35_6.0.6000.16386_none_362e7020a86900de\linkinfo.dll . [-] 2013-06-04 . 14940757518AA48B73992F19820D1799 . 23552 . . [6.0.6002.23132] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.23132_none_ac24a6e570e0e9d1\lpk.dll [-] 2012-12-16 . 883A634FF496FE2D22BA3D441EED0ED0 . 23552 . . [6.0.6002.23004] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.23004_none_ac47155770c6cb85\lpk.dll [-] 2011-02-16 . 08F5BC2DC64C4D97931A28058F238D80 . 23552 . . [6.0.6002.22589] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22589_none_abf5b7af710301e2\lpk.dll [-] 2011-02-16 . 0F1AF051D2B58411341B70360852AA36 . 23552 . . [6.0.6001.22854] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22854_none_aa2ab41973c8da38\lpk.dll [-] 2011-01-08 . 9259B5AD10104BB0847013A70A0A6F32 . 23552 . . [6.0.6002.22566] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22566_none_ac0856a970f57dfb\lpk.dll [-] 2011-01-08 . 53B04A1B4BB0C84B063AA7219083FC16 . 23552 . . [6.0.6001.22830] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22830_none_aa3c52c973bc3cfa\lpk.dll [-] 2010-10-28 . 52212E87A6E94FB997728259D836D605 . 23552 . . [6.0.6002.22514] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22514_none_ac3c65b170cebf98\lpk.dll [-] 2010-10-28 . 61112C628C7883DD7F63D2DF6C6FF108 . 23552 . . [6.0.6001.22787] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22787_none_aa0d434d73de7ce9\lpk.dll [-] 2010-05-26 . A58A8CF30FBDB8969C24B0820B0F2976 . 23552 . . [6.0.6002.22412] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22412_none_ac3a633770d08fc3\lpk.dll [-] 2010-05-26 . 021F8740EFF00B65889FD1AD4C634498 . 23552 . . [6.0.6001.22700] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22700_none_aa5cc0a773a3ec00\lpk.dll [-] 2009-10-19 . 7BE32E67440BB5B2205C5402A2FBDE25 . 24064 . . [6.0.6000.16939] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16939_none_a7d5725a5d6ffbb2\lpk.dll [-] 2009-10-19 . 1C8BB8BB211F8ADB8E51FC2FF5C411D6 . 24064 . . [6.0.6000.21142] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.21142_none_a84d1555769c394e\lpk.dll [-] 2009-10-19 . 6223ACDEE46548B706EE8E8C51A985B0 . 23552 . . [6.0.6001.22544] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22544_none_aa357e5373c0c6d2\lpk.dll [-] 2009-10-19 . 7ABEC59B0338BAA1261190B89B2B90E6 . 23552 . . [6.0.6002.22247] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22247_none_ac1ef11970e467fb\lpk.dll [-] 2009-06-15 . D78588659CD9CD55F9D242AAC3466F96 . 24064 . . [6.0.6000.16870] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16870_none_a7a12e2a5d988a40\lpk.dll [-] 2009-06-15 . F1A7B85B64B75F49B728CF8D41BD2AB0 . 23552 . . [6.0.6001.22450] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22450_none_aa26ab5973cc8040\lpk.dll [-] 2009-06-15 . 829B85E6DC808A386C9BDF81A0273581 . 24064 . . [6.0.6000.21067] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.21067_none_a83c750976a7f2bc\lpk.dll [-] 2009-06-15 . 6B0D35336B0AFED33BA4A42B5ABD3A3A . 23552 . . [6.0.6002.22152] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22152_none_ac0f1dd570f10812\lpk.dll [-] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\ERDNT\cache\lpk.dll [-] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\System32\lpk.dll [-] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18051_none_ab8480c057d44ef1\lpk.dll [-] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18124_none_aba7f34857b9444a\lpk.dll [-] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18262_none_ab7ab4ea57db7e87\lpk.dll [-] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18336_none_ab9f27bc57bf8d37\lpk.dll [-] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18371_none_ab6ee69a57e47e48\lpk.dll [-] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18405_none_abbe991c57a81d34\lpk.dll [-] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18725_none_aba8fef657b84c8b\lpk.dll [-] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18755_none_ab888f3257d0a05e\lpk.dll [-] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18861_none_ab79c00457dc541a\lpk.dll [-] 2008-01-21 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18272_none_a9896d645abd4ddf\lpk.dll [-] 2008-01-21 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18344_none_a9abdfa25aa329e1\lpk.dll [-] 2008-01-21 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18482_none_a97ea1445ac5641e\lpk.dll [-] 2008-01-21 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18547_none_a9aee44c5aa07034\lpk.dll [-] 2008-01-21 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18579_none_a990751c5ab6f6b5\lpk.dll [-] 2008-01-21 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18599_none_a97ad5445ac72e97\lpk.dll [-] 2008-01-21 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18005_none_abbe918457a82898\lpk.dll . [-] 2011-12-14 . 17AF64D727545F2804F6E6D998327E3F . 680448 . . [7.0.6002.18551] . . c:\windows\ERDNT\cache\msvcrt.dll [-] 2011-12-14 . 17AF64D727545F2804F6E6D998327E3F . 680448 . . [7.0.6002.18551] . . c:\windows\System32\msvcrt.dll [-] 2011-12-14 . 17AF64D727545F2804F6E6D998327E3F . 680448 . . [7.0.6002.18551] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.18551_none_d306a7e69c340115\msvcrt.dll [-] 2011-12-14 . A807F65718C263442F0C3613F9BFD267 . 680448 . . [7.0.6002.22755] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.22755_none_d39447bfb54e0362\msvcrt.dll [-] 2009-04-11 . F5E991236960137B1F5449C5E5DF4656 . 679936 . . [7.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.18005_none_d340af2c9c07e8f9\msvcrt.dll . [-] 2009-04-11 . 8617350C9B590B63E620881092751BCB . 223232 . . [6.0.6002.18005] . . c:\windows\ERDNT\cache\mswsock.dll [-] 2009-04-11 . 8617350C9B590B63E620881092751BCB . 223232 . . [6.0.6000.16386] . . c:\windows\System32\mswsock.dll [-] 2009-04-11 . 8617350C9B590B63E620881092751BCB . 223232 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6002.18005_none_ba3ed0122a6d89da\mswsock.dll . [-] 2009-04-11 . 95DAECF0FB120A7B5DA679CC54E37DDE . 592896 . . [6.0.6002.18005] . . c:\windows\ERDNT\cache\netlogon.dll [-] 2009-04-11 . 95DAECF0FB120A7B5DA679CC54E37DDE . 592896 . . [6.0.6001.18000] . . c:\windows\System32\netlogon.dll [-] 2009-04-11 . 95DAECF0FB120A7B5DA679CC54E37DDE . 592896 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll . [-] 2009-04-11 . 9A7F4B2EDACD11444D048AA19CBB26AF . 98816 . . [6.0.6002.18005] . . c:\windows\ERDNT\cache\powrprof.dll [-] 2009-04-11 . 9A7F4B2EDACD11444D048AA19CBB26AF . 98816 . . [6.0.6001.18000] . . c:\windows\System32\powrprof.dll [-] 2009-04-11 . 9A7F4B2EDACD11444D048AA19CBB26AF . 98816 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.0.6002.18005_none_a505176cf9fa2abd\powrprof.dll . [-] 2009-04-11 . 8FC182167381E9915651267044105EE1 . 177152 . . [6.0.6002.18005] . . c:\windows\ERDNT\cache\scecli.dll [-] 2009-04-11 . 8FC182167381E9915651267044105EE1 . 177152 . . [6.0.6000.16386] . . c:\windows\System32\scecli.dll [-] 2009-04-11 . 8FC182167381E9915651267044105EE1 . 177152 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll . [-] 2006-11-02 . F4E1AA5D59C849A4AB47E895DC76B9C8 . 4608 . . [6.0.6000.16386] . . c:\windows\ERDNT\cache\sfc.dll [-] 2006-11-02 . F4E1AA5D59C849A4AB47E895DC76B9C8 . 4608 . . [6.0.6000.16386] . . c:\windows\System32\sfc.dll [-] 2006-11-02 . F4E1AA5D59C849A4AB47E895DC76B9C8 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-sfc_31bf3856ad364e35_6.0.6001.18000_none_a735c34c5c31a578\sfc.dll . [-] 2008-01-21 . 3794B461C45882E06856F282EEF025AF . 21504 . . [6.0.6001.18000] . . c:\windows\ERDNT\cache\svchost.exe [-] 2008-01-21 . 3794B461C45882E06856F282EEF025AF . 21504 . . [6.0.6000.16386] . . c:\windows\System32\svchost.exe [-] 2008-01-21 . 3794B461C45882E06856F282EEF025AF . 21504 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe . [-] 2009-04-11 . D7673E4B38CE21EE54C59EEEB65E2483 . 242688 . . [6.0.6002.18005] . . c:\windows\ERDNT\cache\tapisrv.dll [-] 2009-04-11 . D7673E4B38CE21EE54C59EEEB65E2483 . 242688 . . [6.0.6000.16386] . . c:\windows\System32\tapisrv.dll [-] 2009-04-11 . D7673E4B38CE21EE54C59EEEB65E2483 . 242688 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-tapiservice_31bf3856ad364e35_6.0.6002.18005_none_e52851e7e21463cb\tapisrv.dll . [-] 2009-04-11 . 75510147B94598407666F4802797C75A . 627712 . . [6.0.6002.18005] . . c:\windows\ERDNT\cache\user32.dll [-] 2009-04-11 . 75510147B94598407666F4802797C75A . 627712 . . [6.0.6001.18000] . . c:\windows\System32\user32.dll [-] 2009-04-11 . 75510147B94598407666F4802797C75A . 627712 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll . [-] 2008-01-21 . 0E135526E9785D085BCD9AEDE6FBCBF9 . 25088 . . [6.0.6001.18000] . . c:\windows\ERDNT\cache\userinit.exe [-] 2008-01-21 . 0E135526E9785D085BCD9AEDE6FBCBF9 . 25088 . . [6.0.6000.16386] . . c:\windows\System32\userinit.exe [-] 2008-01-21 . 0E135526E9785D085BCD9AEDE6FBCBF9 . 25088 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe . [-] 2008-01-21 . B304D47D5744BA20FCB99FB8B2C07B0B . 179200 . . [6.0.6001.18000] . . c:\windows\ERDNT\cache\ws2_32.dll [-] 2008-01-21 . B304D47D5744BA20FCB99FB8B2C07B0B . 179200 . . [6.0.6000.16386] . . c:\windows\System32\ws2_32.dll [-] 2008-01-21 . B304D47D5744BA20FCB99FB8B2C07B0B . 179200 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.0.6001.18000_none_f2b7b0c2ce5605c4\ws2_32.dll . [-] 2006-11-02 . 17C0671BF57057108A6D949510EE42C8 . 4608 . . [6.0.6000.16386] . . c:\windows\ERDNT\cache\ws2help.dll [-] 2006-11-02 . 17C0671BF57057108A6D949510EE42C8 . 4608 . . [6.0.6000.16386] . . c:\windows\System32\ws2help.dll [-] 2006-11-02 . 17C0671BF57057108A6D949510EE42C8 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.0.6000.16386_none_024e4071fa6fea95\ws2help.dll . [-] 2009-04-11 . D07D4C3038F3578FFCE1C0237F2A1253 . 2926592 . . [6.0.6000.16386] . . c:\windows\explorer.exe [-] 2009-04-11 . D07D4C3038F3578FFCE1C0237F2A1253 . 2926592 . . [6.0.6002.18005] . . c:\windows\ERDNT\cache\explorer.exe [-] 2009-04-11 . D07D4C3038F3578FFCE1C0237F2A1253 . 2926592 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe [-] 2008-10-30 . 50BA5850147410CDE89C523AD3BC606E . 2927616 . . [6.0.6001.22298] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe [-] 2008-10-29 . 4F554999D7D5F05DAAEBBA7B5BA1089D . 2927104 . . [6.0.6001.18164] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe [-] 2008-10-29 . 37440D09DEAE0B672A04DCCF7ABF06BE . 2923520 . . [6.0.6000.16771] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe [-] 2008-10-28 . E7156B0B74762D9DE0E66BDCDE06E5FB . 2923520 . . [6.0.6000.20947] . . c:\windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe . [-] 2008-01-21 . 467A3B03E924B7B7EDD16D34740574B0 . 134656 . . [6.0.6000.16386] . . c:\windows\regedit.exe [-] 2008-01-21 . 467A3B03E924B7B7EDD16D34740574B0 . 134656 . . [6.0.6001.18000] . . c:\windows\ERDNT\cache\regedit.exe [-] 2008-01-21 . 467A3B03E924B7B7EDD16D34740574B0 . 134656 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6001.18000_none_f42eb564dbd8a697\regedit.exe . [-] 2010-06-28 . 7C6F74A11FCF5745B36CB8085B7DE3FB . 1316864 . . [6.0.6002.22433] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.22433_none_ae70528d08aae434\ole32.dll [-] 2010-06-28 . 9586E7CB2255A8B097A7E4538202585E . 1316864 . . [6.0.6002.18277] . . c:\windows\ERDNT\cache\ole32.dll [-] 2010-06-28 . 9586E7CB2255A8B097A7E4538202585E . 1316864 . . [6.0.6000.16386] . . c:\windows\System32\ole32.dll [-] 2010-06-28 . 9586E7CB2255A8B097A7E4538202585E . 1316864 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.18277_none_adbf7553efaa1c63\ole32.dll [-] 2010-06-28 . 64A319477AF21806B8A17E8A3A3FF8BC . 1315840 . . [6.0.6001.22720] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.22720_none_ac91afb30b7f271a\ole32.dll [-] 2010-06-28 . AA406846DD60E3A4536DBAAB4037B685 . 1315840 . . [6.0.6001.18498] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6001.18498_none_abc461f7f2931b51\ole32.dll [-] 2009-04-11 . C50A0AB19094BC362FBA69E105EBCCFD . 1316864 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.0.6002.18005_none_ae092067ef732bd0\ole32.dll . [-] 2010-04-16 . E609A492AD596187CEA24E8418FF082F . 502784 . . [1.0626.6002.22384] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.22384_none_af1813076efd8bc3\usp10.dll [-] 2010-04-16 . 80FFF14F1757B9AF8BE9D314FC1AE88B . 502272 . . [1.0626.6002.18244] . . c:\windows\ERDNT\cache\usp10.dll [-] 2010-04-16 . 80FFF14F1757B9AF8BE9D314FC1AE88B . 502272 . . [1.0626.6002.18244] . . c:\windows\System32\usp10.dll [-] 2010-04-16 . 80FFF14F1757B9AF8BE9D314FC1AE88B . 502272 . . [1.0626.6002.18244] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.18244_none_aeb9b5ec55bf7c35\usp10.dll [-] 2010-04-16 . 8CB1162DD3586683D71BCB303C1FF54F . 502272 . . [1.0626.6001.22672] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.22672_none_ad3a707771d0e800\usp10.dll [-] 2010-04-16 . A23E4692716C25E5AEA300ED74E73A1C . 501760 . . [1.0626.6001.18461] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6001.18461_none_acbaa16858ac15c7\usp10.dll [-] 2009-04-11 . 5A8E28037289FCCBF7AD3FC57DF7048F . 502272 . . [1.0626.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.0.6002.18005_none_aee5f21a559e2b7a\usp10.dll . [-] 2006-11-02 . 919CC2A0476D5A6A4C935D4B88E29912 . 4608 . . [6.0.6000.16386] . . c:\windows\ERDNT\cache\ksuser.dll [-] 2006-11-02 . 919CC2A0476D5A6A4C935D4B88E29912 . 4608 . . [6.0.6000.16386] . . c:\windows\System32\ksuser.dll [-] 2006-11-02 . 919CC2A0476D5A6A4C935D4B88E29912 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-d..tshow-kernelsupport_31bf3856ad364e35_6.0.6001.18000_none_e8019c5c974c4491\ksuser.dll . [-] 2006-11-02 . 22BFD03DF51065A9ED8D17F8FB72296B . 8704 . . [6.0.6000.16386] . . c:\windows\ERDNT\cache\ctfmon.exe [-] 2006-11-02 . 22BFD03DF51065A9ED8D17F8FB72296B . 8704 . . [6.0.6000.16386] . . c:\windows\System32\ctfmon.exe [-] 2006-11-02 . 22BFD03DF51065A9ED8D17F8FB72296B . 8704 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.0.6000.16386_none_9af9cad793a67953\ctfmon.exe . [-] 2009-07-10 . 1E3FDB80E40A3CE645F229DFBDFB7694 . 247808 . . [6.0.6001.18287] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.18287_none_cce0e39c1d282219\shsvcs.dll [-] 2009-07-10 . 94285A002D2826D2FD1C0806455136E9 . 245760 . . [6.0.6000.16883] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.16883_none_caf6a3ce20052bcc\shsvcs.dll [-] 2009-07-10 . 6898575E052CE7CB1CB87622EF187CDA . 245760 . . [6.0.6000.21081] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6000.21081_none_cb7e18273924cc2a\shsvcs.dll [-] 2009-07-10 . 6669714ACE90E9BB4E8C1D550C67B160 . 247808 . . [6.0.6001.22467] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6001.22467_none_cd80222536358728\shsvcs.dll [-] 2009-07-10 . F0942394F642F5CE3D9A86474FA293FA . 247808 . . [6.0.6002.22169] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.22169_none_cf6894a1335a0efa\shsvcs.dll [-] 2009-07-10 . C7230FBEE14437716701C15BE02C27B8 . 247808 . . [6.0.6002.18063] . . c:\windows\ERDNT\cache\shsvcs.dll [-] 2009-07-10 . C7230FBEE14437716701C15BE02C27B8 . 247808 . . [6.0.6000.16386] . . c:\windows\System32\shsvcs.dll [-] 2009-07-10 . C7230FBEE14437716701C15BE02C27B8 . 247808 . . [6.0.6002.18063] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.18063_none_ced8f61a1a41d726\shsvcs.dll [-] 2009-04-11 . C818C44C201898399BF999BB6B35D4E3 . 247296 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-shsvcs_31bf3856ad364e35_6.0.6002.18005_none_cf1bd6361a0f622e\shsvcs.dll . [-] 2006-11-02 . 2EC53B5A351C4D443896DBAD117F7E82 . 4608 . . [6.0.6000.16386] . . c:\windows\ERDNT\cache\msimg32.dll [-] 2006-11-02 . 2EC53B5A351C4D443896DBAD117F7E82 . 4608 . . [6.0.6000.16386] . . c:\windows\System32\msimg32.dll [-] 2006-11-02 . 2EC53B5A351C4D443896DBAD117F7E82 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-gdi-painting_31bf3856ad364e35_6.0.6000.16386_none_7535161f1f2100ed\msimg32.dll . [-] 2006-11-02 . 7F15B4953378C8B5161D65C26D5FED4D . 11776 . . [6.0.6000.16386] . . c:\windows\ERDNT\cache\cngaudit.dll [-] 2006-11-02 . 7F15B4953378C8B5161D65C26D5FED4D . 11776 . . [6.0.6000.16386] . . c:\windows\System32\cngaudit.dll [-] 2006-11-02 . 7F15B4953378C8B5161D65C26D5FED4D . 11776 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll . [-] 2008-01-21 . 101BA3EA053480BB5D957EF37C06B5ED . 96768 . . [6.0.6001.18000] . . c:\windows\ERDNT\cache\wininit.exe [-] 2008-01-21 . 101BA3EA053480BB5D957EF37C06B5ED . 96768 . . [6.0.6000.16386] . . c:\windows\System32\wininit.exe [-] 2008-01-21 . 101BA3EA053480BB5D957EF37C06B5ED . 96768 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe . [-] 2009-04-11 . 9E6894EA18DAFF37B63E1005F83AE4AB . 107008 . . [6.0.6002.18005] . . c:\windows\ERDNT\cache\regsvc.dll [-] 2009-04-11 . 9E6894EA18DAFF37B63E1005F83AE4AB . 107008 . . [6.0.6000.16386] . . c:\windows\System32\regsvc.dll [-] 2009-04-11 . 9E6894EA18DAFF37B63E1005F83AE4AB . 107008 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-remoteregistry-service_31bf3856ad364e35_6.0.6002.18005_none_8b517ec580991c4d\regsvc.dll . [-] 2010-11-06 . 7B587B8A6D4A99F79D2902D0385F29BD . 603648 . . [6.0.6001.18551] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6001.18551_none_2ecc18bd972a0f87\schedsvc.dll [-] 2010-11-05 . 4B71C228530440F853F9C30E308F00E9 . 604672 . . [6.0.6001.22791] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6001.22791_none_2f2a77beb0681c3c\schedsvc.dll [-] 2010-11-05 . 38AE0400578FD396628F21A571473A3B . 602112 . . [6.0.6002.22519] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6002.22519_none_316f6d3cad4659b7\schedsvc.dll [-] 2010-11-04 . 1A58069DB21D05EB2AB58EE5753EBE8D . 601600 . . [6.0.6002.18342] . . c:\windows\ERDNT\cache\schedsvc.dll [-] 2010-11-04 . 1A58069DB21D05EB2AB58EE5753EBE8D . 601600 . . [6.0.6001.18000] . . c:\windows\System32\schedsvc.dll [-] 2010-11-04 . 1A58069DB21D05EB2AB58EE5753EBE8D . 601600 . . [6.0.6002.18342] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6002.18342_none_30be5cc194475f38\schedsvc.dll [-] 2009-04-11 . 323AE0BDFD2EB15B668DDA50CC597329 . 595456 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6002.18005_none_30ec979d94244404\schedsvc.dll [-] 2008-01-21 . 886CEC884B5BE29AB9828B8AB46B11F7 . 595456 . . [6.0.6000.16609] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6000.16609_none_2d23e28599d3cbd6\schedsvc.dll [-] 2008-01-21 . BF17DA9F25A4F84C2577AC13EE126CB7 . 595968 . . [6.0.6000.20734] . . c:\windows\winsxs\x86_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.0.6000.20734_none_2d880e1ab30e40c0\schedsvc.dll . [-] 2008-01-21 . 03D50B37234967433A5EA5BA72BC0B62 . 155648 . . [6.0.6001.18000] . . c:\windows\ERDNT\cache\ssdpsrv.dll [-] 2008-01-21 . 03D50B37234967433A5EA5BA72BC0B62 . 155648 . . [6.0.6000.16386] . . c:\windows\System32\ssdpsrv.dll [-] 2008-01-21 . 03D50B37234967433A5EA5BA72BC0B62 . 155648 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-upnpssdp_31bf3856ad364e35_6.0.6001.18000_none_7fc972ebd13849b5\ssdpsrv.dll . [-] 2009-04-11 . BB95DA09BEF6E7A131BFF3BA5032090D . 449024 . . [6.0.6002.18005] . . c:\windows\ERDNT\cache\termsrv.dll [-] 2009-04-11 . BB95DA09BEF6E7A131BFF3BA5032090D . 449024 . . [6.0.6001.18000] . . c:\windows\System32\termsrv.dll [-] 2009-04-11 . BB95DA09BEF6E7A131BFF3BA5032090D . 449024 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.0.6002.18005_none_908abad45165e2ae\termsrv.dll . [-] 2008-01-21 . A952D0DED445F26AEFCF593A935AB300 . 289792 . . [6.0.6001.18000] . . c:\windows\ERDNT\cache\hnetcfg.dll [-] 2008-01-21 . A952D0DED445F26AEFCF593A935AB300 . 289792 . . [6.0.6000.16386] . . c:\windows\System32\hnetcfg.dll [-] 2008-01-21 . A952D0DED445F26AEFCF593A935AB300 . 289792 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-i..ectionsharingconfig_31bf3856ad364e35_6.0.6001.18000_none_b03645b494998691\hnetcfg.dll . [-] 2008-01-21 . 7A5F8218325F00396DAEA2F985FA0ECB . 18944 . . [6.0.6001.18000] . . c:\windows\ERDNT\cache\ias.dll [-] 2008-01-21 . 7A5F8218325F00396DAEA2F985FA0ECB . 18944 . . [6.0.6001.18000] . . c:\windows\System32\ias.dll [-] 2008-01-21 . 7A5F8218325F00396DAEA2F985FA0ECB . 18944 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-n..ion_service_runtime_31bf3856ad364e35_6.0.6002.18005_none_faec53b03fa80e64\ias.dll . [-] 2010-08-31 16:49 . 5E9F187AC6BADB58C21C4E3A18DD1F62 . 954288 . . [4.1.6151] . . c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6002.22478_none_f53f7ef86c05abb0\mfc40u.dll [-] 2010-08-31 15:46 . 2A64FE405579BB073FBABD68AF1468E7 . 954288 . . [4.1.6151] . . c:\windows\ERDNT\cache\mfc40u.dll [-] 2010-08-31 15:46 . 2A64FE405579BB073FBABD68AF1468E7 . 954288 . . [4.1.6140] . . c:\windows\System32\mfc40u.dll [-] 2010-08-31 15:46 . 2A64FE405579BB073FBABD68AF1468E7 . 954288 . . [4.1.6151] . . c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6002.18305_none_f4fe90c352b1fc4a\mfc40u.dll [-] 2010-08-31 15:41 . 13D0F7769927B74782CB59D8CCEF9E10 . 954288 . . [4.1.6151] . . c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6001.18523_none_f3007c89559daf33\mfc40u.dll [-] 2010-08-31 15:17 . 1C1486BB262DF6DFD298110BC495906E . 954288 . . [4.1.6151] . . c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6001.22754_none_f36aabc06ed2b94e\mfc40u.dll [-] 2006-11-02 09:46 . BA8639F9EB0F74F2946DE6DE1AF4691F . 924944 . . [4.1.6140] . . c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.0.6000.16386_none_f0dc500958a528b5\mfc40u.dll . [-] 2008-01-21 . 68308183F4AE0BE7BF8ECD07CB297999 . 259072 . . [6.0.6001.18000] . . c:\windows\ERDNT\cache\upnphost.dll [-] 2008-01-21 . 68308183F4AE0BE7BF8ECD07CB297999 . 259072 . . [6.0.6000.16386] . . c:\windows\System32\upnphost.dll [-] 2008-01-21 . 68308183F4AE0BE7BF8ECD07CB297999 . 259072 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-upnpdevicehost_31bf3856ad364e35_6.0.6001.18000_none_c1e834753483fdcf\upnphost.dll . [-] 2009-04-11 . 84B8827562B005C118CADBA0F25DB2C6 . 444416 . . [6.0.6002.18005] . . c:\windows\ERDNT\cache\dsound.dll [-] 2009-04-11 . 84B8827562B005C118CADBA0F25DB2C6 . 444416 . . [6.0.6000.16386] . . c:\windows\System32\dsound.dll [-] 2009-04-11 . 84B8827562B005C118CADBA0F25DB2C6 . 444416 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-audio-dsound_31bf3856ad364e35_6.0.6002.18005_none_5a8737643f04aa4c\dsound.dll . [-] 2009-04-11 . 8AAEEE8E59A70F37579993D118A34EE0 . 1788416 . . [6.0.6002.18005] . . c:\windows\ERDNT\cache\d3d9.dll [-] 2009-04-11 . 8AAEEE8E59A70F37579993D118A34EE0 . 1788416 . . [6.0.6002.18005] . . c:\windows\System32\d3d9.dll [-] 2009-04-11 . 8AAEEE8E59A70F37579993D118A34EE0 . 1788416 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.0.6002.18005_none_c438e5b15de80145\d3d9.dll . [-] 2008-01-21 . FA2A3AFADC4FB47DBC234A4E57F92CDB . 522752 . . [6.0.6001.18000] . . c:\windows\ERDNT\cache\ddraw.dll [-] 2008-01-21 . FA2A3AFADC4FB47DBC234A4E57F92CDB . 522752 . . [6.0.6000.16386] . . c:\windows\System32\ddraw.dll [-] 2008-01-21 . FA2A3AFADC4FB47DBC234A4E57F92CDB . 522752 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-directx-directdraw_31bf3856ad364e35_6.0.6001.18000_none_0505a2ecc0013ebd\ddraw.dll . [-] 2009-04-11 06:28 . A944A73CEC5921B871542FE5CC5E03E4 . 88576 . . [6.0.6002.18005] . . c:\windows\ERDNT\cache\olepro32.dll [-] 2009-04-11 06:28 . A944A73CEC5921B871542FE5CC5E03E4 . 88576 . . [6.0.6002.18005] . . c:\windows\System32\olepro32.dll [-] 2009-04-11 06:28 . A944A73CEC5921B871542FE5CC5E03E4 . 88576 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-ole-automation-legacy_31bf3856ad364e35_6.0.6002.18005_none_3bff339efed611ca\olepro32.dll . [-] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] . . c:\windows\ERDNT\cache\perfctrs.dll [-] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] . . c:\windows\System32\perfctrs.dll [-] 2006-11-02 . BA7C3E9DD6B1A632124C8659E8014028 . 39424 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.0.6002.18005_none_335eb6cf5a3b9de4\perfctrs.dll . [-] 2009-04-11 . 69827805A221C21450BA22F4326A2EE3 . 20480 . . [6.0.6002.18005] . . c:\windows\ERDNT\cache\version.dll [-] 2009-04-11 . 69827805A221C21450BA22F4326A2EE3 . 20480 . . [6.0.6002.18005] . . c:\windows\System32\version.dll [-] 2009-04-11 . 69827805A221C21450BA22F4326A2EE3 . 20480 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-version_31bf3856ad364e35_6.0.6002.18005_none_16e9c83b4e078740\version.dll . [-] 2009-04-11 . 96EA68B9EB310A69C25EBB0282B2B9DE . 282624 . . [6.0.6002.18005] . . c:\windows\ERDNT\cache\w32time.dll [-] 2009-04-11 . 96EA68B9EB310A69C25EBB0282B2B9DE . 282624 . . [6.0.6001.18000] . . c:\windows\System32\w32time.dll [-] 2009-04-11 . 96EA68B9EB310A69C25EBB0282B2B9DE . 282624 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-time-service_31bf3856ad364e35_6.0.6002.18005_none_8a92dcbb6a6c707b\w32time.dll . [-] 2009-04-11 . 5DE7D67E49B88F5F07F3E53C4B92A352 . 453120 . . [6.0.6002.18005] . . c:\windows\ERDNT\cache\wiaservc.dll [-] 2009-04-11 . 5DE7D67E49B88F5F07F3E53C4B92A352 . 453120 . . [6.0.6000.16386] . . c:\windows\System32\wiaservc.dll [-] 2009-04-11 . 5DE7D67E49B88F5F07F3E53C4B92A352 . 453120 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-w..sition-coreservices_31bf3856ad364e35_6.0.6002.18005_none_347fb41db0752753\wiaservc.dll . [-] 2009-04-11 . 83199EF88D691E730B80666E29F90D58 . 17408 . . [6.0.6002.18005] . . c:\windows\ERDNT\cache\midimap.dll [-] 2009-04-11 . 83199EF88D691E730B80666E29F90D58 . 17408 . . [6.0.6000.16386] . . c:\windows\System32\midimap.dll [-] 2009-04-11 . 83199EF88D691E730B80666E29F90D58 . 17408 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-audio-mmecore-other_31bf3856ad364e35_6.0.6002.18005_none_8ee941100db1acf2\midimap.dll . [-] 2006-11-02 . A7D525E5C0D91C8C1D84C6BCD25AD77D . 10240 . . [6.0.6000.16386] . . c:\windows\ERDNT\cache\rasadhlp.dll [-] 2006-11-02 . A7D525E5C0D91C8C1D84C6BCD25AD77D . 10240 . . [6.0.6000.16386] . . c:\windows\System32\rasadhlp.dll [-] 2006-11-02 . A7D525E5C0D91C8C1D84C6BCD25AD77D . 10240 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-rasautodial_31bf3856ad364e35_6.0.6001.18000_none_0fd9feb665531f63\rasadhlp.dll . [-] 2008-01-21 . 22CFAEB9172F5F198048401485CD0571 . 9216 . . [6.0.6001.18000] . . c:\windows\ERDNT\cache\WSHTCPIP.DLL [-] 2008-01-21 . 22CFAEB9172F5F198048401485CD0571 . 9216 . . [6.0.6000.16386] . . c:\windows\System32\WSHTCPIP.DLL [-] 2008-01-21 . 22CFAEB9172F5F198048401485CD0571 . 9216 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-winsock-helper-tcpip_31bf3856ad364e35_6.0.6001.18000_none_cbb305c23187855a\WSHTCPIP.DLL . ((((((((((((((((((((((((((((((((((((( Punti Reg Caricati )))))))))))))))))))))))))))))))))))))))))))))))))) . . Nota i valori vuoti & legittimi/default non sono visualizzati. REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}] 2013-10-23 19:52 12240 ----a-w- c:\program files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{41564952-412D-5637-00A7-7A786E7484D7}"= "c:\program files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" [2013-10-23 12240] . [HKEY_CLASSES_ROOT\clsid\{41564952-412d-5637-00a7-7a786e7484d7}] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920] "Hobbyist Software VLC Streamer"="c:\program files\Hobbyist Software\VLC Streamer\VLC Streamer Configuration.exe" [2011-10-06 1313848] "BitTorrent"="c:\program files\BitTorrent\BitTorrent.exe" [2012-06-09 6380440] "PrinterProDesktop"="c:\program files\Printer Pro Desktop\PrinterProDesktop.exe" [2012-02-02 2132992] "OpAgent"="c:\program files\ScanSoft\OmniPage15.0\OpAgent.exe" [2005-09-26 155648] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-27 1045800] "Persistence"="c:\windows\system32\igfxpers.exe" [2008-05-22 133656] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-05-22 141848] "hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-05-22 166424] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2013-05-01 421888] "Opware15"="c:\program files\ScanSoft\OmniPage15.0\Opware15.exe" [2005-09-26 69632] "PDF3 Registry Controller"="c:\program files\ScanSoft\OmniPage15.0\PDFConverter3\\RegistryController.exe" [2005-08-25 106496] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2013-09-10 347192] "ApnTBMon"="c:\program files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" [2013-10-23 1673680] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-11-01 152392] "SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-09-29 155648] . c:\users\Bernardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Serviio.lnk - c:\program files\Serviio1\bin\ServiioConsole.exe [2013-3-22 606720] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk /r \??\C:\0autocheck autochk * . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] @="Service" . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk backup=c:\windows\pss\Adobe Reader Synchronizer.lnk.CommonStartup backupExtension=.CommonStartup . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Avvio veloce di Adobe Acrobat.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Avvio veloce di Adobe Acrobat.lnk backup=c:\windows\pss\Avvio veloce di Adobe Acrobat.lnk.CommonStartup backupExtension=.CommonStartup . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^DVD Check.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\DVD Check.lnk backup=c:\windows\pss\DVD Check.lnk.CommonStartup backupExtension=.CommonStartup . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Serviio.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Serviio.lnk backup=c:\windows\pss\Serviio.lnk.CommonStartup backupExtension=.CommonStartup . [HKLM\~\startupfolder\C:^Users^Bernardo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Ritaglio schermata e avvio di OneNote 2007.lnk] path=c:\users\Bernardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Ritaglio schermata e avvio di OneNote 2007.lnk backup=c:\windows\pss\Ritaglio schermata e avvio di OneNote 2007.lnk.Startup backupExtension=.Startup . [HKLM\~\startupfolder\C:^Users^Bernardo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Serviio.lnk] path=c:\users\Bernardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Serviio.lnk backup=c:\windows\pss\Serviio.lnk.Startup backupExtension=.Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0] 2006-10-22 22:24 620152 ----a-w- c:\program files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2011-06-06 10:55 937920 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier] 2011-10-05 23:52 59240 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon] 2013-04-21 19:43 59720 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent] 2012-06-09 21:32 6380440 ----a-w- c:\program files\BitTorrent\BitTorrent.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] 2010-04-01 09:16 357696 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] 2009-02-26 16:36 30040 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Hobbyist Software VLC Streamer] 2011-10-06 21:31 1313848 ----a-w- c:\program files\Hobbyist Software\VLC Streamer\VLC Streamer Configuration.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Health Check Scheduler] 2008-04-15 20:42 70912 ----a-w- c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] 2010-06-09 19:55 49208 ----a-w- c:\program files\HP\HP Software Update\hpwuschd2.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif] 2008-04-18 13:53 178712 ----a-w- c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler] 2005-02-16 15:15 81920 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel] 2008-03-18 00:59 2289664 ----a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck] 2001-07-09 09:50 155648 ------w- c:\windows\System32\NeroCheck.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2013-05-01 01:59 421888 ----a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Samsung PanelMgr] 2008-04-14 05:19 536576 ----a-w- c:\windows\Samsung\PanelMgr\SSMMgr.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2012-01-17 09:07 252296 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender] 2008-01-21 02:33 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe . R2 0305941234687276mcinstcleanup;McAfee Application Installer Cleanup (0305941234687276);c:\users\Bernardo\AppData\Local\Temp\030594~1.EXE [x] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2008-03-18 00:56 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe . Contenuto della cartella 'Scheduled Tasks' . 2013-10-19 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-25 14:18] . 2013-10-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cec4c470a3a510.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-05-10 12:19] . 2013-09-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-05-10 12:19] . 2013-01-27 c:\windows\Tasks\ROC_REG_JAN_DELETE.job - c:\programdata\AVG January 2013 Campaign\ROC.exe [2013-01-22 21:16] . . ------- Scansione supplementare ------- . uStart Page = hxxp://www.google.it/ mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=it_it&c=83&bd=all&pf=cmnb uInternet Settings,ProxyOverride = .local uInternet Settings,ProxyServer = 127.0.0.1:3849 IE: Aggiungi a PDF esistente - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Apri PDF in Word (PDF Converter 3.0) - c:\program files\ScanSoft\OmniPage15.0\PDFConverter3\IEShellExt.dll /400 IE: Converti destinazione link in Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Converti destinazione link in file PDF esistente - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Converti i link selezionati in Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Converti i link selezionati in file PDF esistente - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Converti in Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Converti selezione in Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Converti selezione in file PDF esistente - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll TCP: Interfaces\{160FBFA6-C472-447F-BC1A-AA55146F0447}: NameServer = 94.198.96.34,46.4.70.20 . - - - - CHIAVI ORFANE RIMOSSE - - - - . HKCU-Run-iCloudServices - c:\program files\Common Files\Apple\Internet Services\iCloudServices.exe HKCU-Run-ApplePhotoStreams - c:\program files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe HKCU-Run-com.apple.dav.bookmarks.daemon - c:\program files\Common Files\Apple\Internet Services\BookmarkDAV_client.exe SafeBoot-WudfPf SafeBoot-WudfRd . . . *********************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2013-11-17 12:28 Windows 6.0.6002 Service Pack 2 NTFS . scansione processi nascosti ... . scansione entrate autostart nascoste ... . Scansione files nascosti ... . Scansione completata con successo Files nascosti: . ************************************************************************ . --------------------- CHIAVI DI REGISTRO BLOCCATE --------------------- . [HKEY_USERS\S-1-5-21-1829768621-2103045172-3052511590-1004\Software\SecuROM\License information] "datasecu"=hex:dd,f4,32,2f,95,99,af,a0,5f,9c,ed,04,84,04,27,27,a1,37,81,f8,ff, 63,05,08,cc,dc,ef,e4,e1,9e,22,bd,48,a5,04,a9,a1,a9,a8,00,f9,be,bb,4b,ee,f3,\ "rkeysecu"=hex:b4,af,90,e2,b7,cc,02,6a,c8,df,34,dc,9f,13,ae,6d . [HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . --------------------- Dlls caricate dai processi in esecuzione --------------------- . - - - - - - - > 'Explorer.exe'(1344) c:\program files\WinSCP\DragExt.dll . ------------------------ Altri processi in esecuzione ------------------------ . c:\windows\system32\AUDIODG.EXE c:\windows\system32\WLANExt.exe c:\program files\Avira\AntiVir Desktop\sched.exe c:\program files\Avira\AntiVir Desktop\avguard.exe c:\program files\AskPartnerNetwork\Toolbar\apnmcp.exe c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files\MySQL\MySQL Server 5.1\bin\mysqld.exe c:\windows\system32\rpcnet.exe c:\program files\Serviio1\bin\ServiioService.exe c:\program files\Serviio1\bin\ServiioService.exe c:\windows\system32\vmnat.exe c:\program files\VMware\VMware Player\vmware-authd.exe c:\windows\system32\vmnetdhcp.exe c:\program files\Common Files\VMware\USB\vmware-usbarbitrator.exe c:\program files\Team MediaPortal\MediaPortal TV Server\TVService.exe c:\program files\Avira\AntiVir Desktop\avshadow.exe c:\program files\Avira\AntiVir Desktop\AVWEBGRD.EXE c:\program files\Windows Media Player\wmpnetwk.exe . ************************************************************************* . Ora fine scansione: 2013-11-17 12:38:45 - Il pc è stato riavviato ComboFix-quarantined-files.txt 2013-11-17 11:38 . Pre-Run: 2.550.829.056 byte disponibili Post-Run: 2.342.535.168 byte disponibili . - - End Of File - - 18A4B9A390F8A44239CD34680C28AEF3 5C616939100B85E558DA92B899A0FC36

17-11-2013, 21:21	#2
Khronos Senior Member Iscritto dal: Jan 2007 Città: quel ramo del lago di como, che volge a mezzogiorno... ^^ Messaggi: 19625	sei pieno di toolbar inutili e programmi opinabili.ma dipende dall'uso che fai del tuo pc. __________________ Modding Grafico di Win XP e prec. \| 4 giga di ram e 32bit. Khro, on deviantart; Test Ram by Tut;Lista Live cd.

17-11-2013, 22:12	#4
Khronos Senior Member Iscritto dal: Jan 2007 Città: quel ramo del lago di como, che volge a mezzogiorno... ^^ Messaggi: 19625	se ci fossero virus Avira non se ne starebbe zitto. li non hai virus, hai programmi spazzatura. e il fatto che sia vecchio non vuol dire che andrebbe formattato. basta usarlo in maniera decente, senza installare cazzate (vedo pulitori, vedo roba da Softonic, vedo Itunes, Ask, quicktime, nero... una marea, di bellezze), e ibernando al posto di spegnere. saluti __________________ Modding Grafico di Win XP e prec. \| 4 giga di ram e 32bit. Khro, on deviantart; Test Ram by Tut;Lista Live cd. Ultima modifica di Khronos : 17-11-2013 alle 22:21.

18-11-2013, 06:36	#5
Eress Senior Member Iscritto dal: Jan 2010 Messaggi: 37084	La prima schifezza da togliere lì è proprio avira! __________________ Analemma - Slowdive - Facebook Motto Microsoft: "If it's broken, and I'm the one who broke it, don't fix it!"

18-11-2013, 08:33	#8
aled1974 Senior Member Iscritto dal: Oct 2009 Messaggi: 24453	che se usi un po' di questi strumenti http://www.hwupgrade.it/forum/showthread.php?t=1599737 non fai di certo male poi sali di radice e vedi se ci sono altri programmini da usare per debellare le schifezze in avanzo in quanto all'antivirus, de gustibus, a differenza di Eress che ne pare allergico io con avira mi trovo benissimo da anni Ma se vuoi cambiare fai pure, di AV free ce ne sono diversi tra cui scegliere ciao ciao __________________ Pc - [LianLi Pc70]-[Corsair Ax860]-[Asrock z-170 extreme 6]-[Intel i7 6700k]-[16gb ddr4 Kingston HyperX Fury]-[Ssd 870evo 4Tb + 860evo 1Tb + 14Tb Toshiba MG + 16Tb Seagate Exos + 18Tb Seagate Exos]-[Lg 34gn850b]-[Razer D-Back Plasma Red]-[Windows 11 Pro 64bit 23H2 ]

17-11-2013, 21:28	#3
E-Byron Member Iscritto dal: Sep 2007 Messaggi: 36	Il fatto e' che si tratta di un pc abbastanza vecchiotto...bisognerebbe formattarlo e'? ... dal punto di vista di virus pero' che mi dite?

18-11-2013, 07:48	#6
E-Byron Member Iscritto dal: Sep 2007 Messaggi: 36	infatti, proprio ieri sera l'ho disinstallato...

18-11-2013, 08:23	#7
E-Byron Member Iscritto dal: Sep 2007 Messaggi: 36	Ho appena scaricato un programmino (adwcleaner) che mi ha eliminato le seguenti cose: # AdwCleaner v3.012 - Report created 18/11/2013 at 09:13:42 # Updated 11/11/2013 by Xplode # Operating System : Windows Vista (TM) Home Basic Service Pack 2 (32 bits) # Username : Bernardo - CAMERETTA # Running from : C:\Users\Bernardo\.config\qupzilla\tmp\adwcleaner.exe # Option : Clean *** [ Services ] * * [ Files / Folders ] * Folder Deleted : C:\ProgramData\Babylon Folder Deleted : C:\ProgramData\Conduit Folder Deleted : C:\ProgramData\IBUpdaterService Folder Deleted : C:\Program Files\Conduit Folder Deleted : C:\Program Files\DAEMON Tools Toolbar Folder Deleted : C:\Program Files\Delta Folder Deleted : C:\Program Files\file scout Folder Deleted : C:\Program Files\lucky leap Folder Deleted : C:\Program Files\MyPC Backup Folder Deleted : C:\Program Files\NCH Software Folder Deleted : C:\Program Files\Softonic Folder Deleted : C:\Program Files\Common Files\DVDVideoSoft\TB Folder Deleted : C:\Users\Bernardo\AppData\Local\Conduit Folder Deleted : C:\Users\Bernardo\AppData\Local\Temp\apn Folder Deleted : C:\Users\Bernardo\AppData\LocalLow\Conduit Folder Deleted : C:\Users\Bernardo\AppData\LocalLow\Softonic Folder Deleted : C:\Users\Bernardo\AppData\Roaming\BabSolution Folder Deleted : C:\Users\Bernardo\AppData\Roaming\Babylon Folder Deleted : C:\Users\Bernardo\AppData\Roaming\file scout Folder Deleted : C:\Users\Bernardo\AppData\Roaming\NCH Software Folder Deleted : C:\Users\Bernardo\AppData\Roaming\OpenCandy Folder Deleted : C:\Users\Bernardo\AppData\Roaming\PerformerSoft Folder Deleted : C:\Users\Bernardo\AppData\Roaming\Searchprotect Folder Deleted : C:\Users\Bernardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender Folder Deleted : C:\Users\Bernardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\Babylon.xml File Deleted : C:\windows\System32\Tasks\EPUpdater * [ Shortcuts ] * * [ Registry ] * Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\elchiiiejkobdbblfejjkbphbddgmljf Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde [#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7D1BEA0A-05EC-45FA-B73A-902ACCF216A8} [#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7D1BEA0A-05EC-45FA-B73A-902ACCF216A8} Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1 Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore.1 Key Deleted : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj Key Deleted : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj.1 Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1 Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap Key Deleted : HKLM\SOFTWARE\Classes\SoftonicApp.appCore Key Deleted : HKLM\SOFTWARE\Classes\SoftonicApp.appCore.1 Key Deleted : HKLM\SOFTWARE\Classes\srv.SoftonicSrvc Key Deleted : HKLM\SOFTWARE\Classes\srv.SoftonicSrvc.1 Key Deleted : HKCU\Software\5c4ddd1b26db942 Key Deleted : HKLM\SOFTWARE\5c4ddd1b26db942 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2117678 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2530241 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3306061 Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B15F118E-AF21-45E8-A809-29FDD7362565} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{44B50C01-4993-48E2-ADEE-D812BAE2E9A2} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A3E2F089-DDBB-4CBF-B06C-5D44DA316ED3} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A5679AB0-C59E-49E7-83C4-5289F844A6E0} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA0167C2-6295-41B8-9BDA-704B2F5E4CD9} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11D9E165-B8C1-4734-A56C-BC4FCACA966B} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3E288F79-03E4-4983-A48E-0D879B51FF19} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B15F118E-AF21-45E8-A809-29FDD7362565} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{41564952-412D-5637-00A7-7A786E7484D7} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{41564952-412D-5637-00A7-7A786E7484D7} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{929801A8-4AEF-4D12-BE31-D85BF666452B} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9CF034EA-7B46-48D3-8895-8A14B32AE445} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}] Key Deleted : HKCU\Software\Conduit [#] Key Deleted : HKCU\Software\DataMngr_Toolbar Key Deleted : HKCU\Software\Delta Key Deleted : HKCU\Software\filescout Key Deleted : HKCU\Software\Iminent Key Deleted : HKCU\Software\lucky leap Key Deleted : HKCU\Software\NCH Software Key Deleted : HKCU\Software\Softonic Key Deleted : HKCU\Software\YahooPartnerToolbar Key Deleted : HKCU\Software\AppDataLow\Software\Conduit Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Key Deleted : HKCU\Software\AppDataLow\Software\smartbar Key Deleted : HKLM\Software\AVG Secure Search Key Deleted : HKLM\Software\Conduit Key Deleted : HKLM\Software\Delta Key Deleted : HKLM\Software\Iminent Key Deleted : HKLM\Software\lucky leap Key Deleted : HKLM\Software\NCH Software Key Deleted : HKLM\Software\Softonic Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\daemon tools toolbar Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\lucky leap Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Softonic Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\daemon tools toolbar Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Delta Chrome Toolbar Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Delta Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\lucky leap Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyPC Backup Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Softonic Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375 * [ Browsers ] * -\\ Internet Explorer v9.0.8112.16520 Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs] *********************** AdwCleaner[R0].txt - [13115 octets] - [18/11/2013 09:11:45] AdwCleaner[S0].txt - [13276 octets] - [18/11/2013 09:13:42] ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [13337 octets] ########## Che dite?

18-11-2013, 08:56	#10
aled1974 Senior Member Iscritto dal: Oct 2009 Messaggi: 24453	dai su, è almeno un anno che continui a promuovere mse ovunque al posto di qualsiasi altro AV free mettiamo un link di un sito che seguo con interesse http://chart.av-comparatives.org/chart1.php, purtroppo manca mse per confronto ed eventuale scelta alternativa ad avira ciao ciao __________________ Pc - [LianLi Pc70]-[Corsair Ax860]-[Asrock z-170 extreme 6]-[Intel i7 6700k]-[16gb ddr4 Kingston HyperX Fury]-[Ssd 870evo 4Tb + 860evo 1Tb + 14Tb Toshiba MG + 16Tb Seagate Exos + 18Tb Seagate Exos]-[Lg 34gn850b]-[Razer D-Back Plasma Red]-[Windows 11 Pro 64bit 23H2 ]

18-11-2013, 10:57	#11
tallines Senior Member Iscritto dal: Feb 2009 Messaggi: 50674	Ciao, hai fatto una bella pulizia Hai disattivato i punti di ripristino ? Altrimenti è come non fare gli scan . Come al solito su 10 utenti 500 hanno : softonic (guarda la firma che ho ), tollbar a uffa........tra cui OpenCandy, Babylon toolbar & c e ovviamente anche file temporanei . I programmi si devono downloadare dal sito della casa madre, non andare per comodità sul primo sito che appare dopo una ricerca . Quello che avevi l'avresti avuto ugualmente, magari in misura minore, qualsiasi antivirus avessi installato, forse, dico forse anche se avevi Kaspersky . Questo tipo di malware non viene indivduato da antivirus tipo Avira, Mse, Avast etc etc. Bisogna fare scansioni particolari, con tool specifici, tra cui anche TdsKiller e Otl . Dopo tutti questi scan in un pc ho lanciato anche VirIt e mi ha trovato due infezioni in System32, che tutti gli altri scan non hanno trovato PS : pulire sempre i file temporanei di internet o con la pulizia di windows o con tool tipo Atf Cleaner . Meglio se gli scan specifici (Combofix.....) vengono fatti in modalità provvisoria a punti di ripristino azzerati . I report meglio se caricati in formato zip o tramite wikisend, dropbox........ __________________ Aomei in Prog. & Utility - Lic OEM - Q di Merc Ott '22 - W10 Spot Images Seasons from '20 to Summer 2022 - DailyPic dalle Eccezioni alle Unique Images + Rec > DailyPic Unique Images Novembre 2022 Ultima modifica di tallines : 18-11-2013 alle 11:07.

18-11-2013, 13:38	#13
E-Byron Member Iscritto dal: Sep 2007 Messaggi: 36	concordo con Eres...secondo me e' la stessa cosa averlo o non averlo!

18-11-2013, 13:45	#14
aled1974 Senior Member Iscritto dal: Oct 2009 Messaggi: 24453	pensa che c'è pure chi disattiva totalmente quel rompiscatole dell'UAC scherzi a parte, come ti dicevo, di AV free ce ne sono diversi tra cui scegliere, poi se uno vuole rimanere senza liberissimo di farlo però detto da chi ha appena scoperto di essere infestato da una pletora di malware, porta pazienza, ma non lo definirei il parere più autorevole possibile ciao ciao __________________ Pc - [LianLi Pc70]-[Corsair Ax860]-[Asrock z-170 extreme 6]-[Intel i7 6700k]-[16gb ddr4 Kingston HyperX Fury]-[Ssd 870evo 4Tb + 860evo 1Tb + 14Tb Toshiba MG + 16Tb Seagate Exos + 18Tb Seagate Exos]-[Lg 34gn850b]-[Razer D-Back Plasma Red]-[Windows 11 Pro 64bit 23H2 ]

18-11-2013, 14:15	#15
E-Byron Member Iscritto dal: Sep 2007 Messaggi: 36	no ma infatti il mio rimane un semplice pensiero da inesperto...percio mi sono rivolto a te

18-11-2013, 17:12	#16
aled1974 Senior Member Iscritto dal: Oct 2009 Messaggi: 24453	vai tranquillo fratello e vivi felice come meglio preferisci ciao ciao __________________ Pc - [LianLi Pc70]-[Corsair Ax860]-[Asrock z-170 extreme 6]-[Intel i7 6700k]-[16gb ddr4 Kingston HyperX Fury]-[Ssd 870evo 4Tb + 860evo 1Tb + 14Tb Toshiba MG + 16Tb Seagate Exos + 18Tb Seagate Exos]-[Lg 34gn850b]-[Razer D-Back Plasma Red]-[Windows 11 Pro 64bit 23H2 ]

18-11-2013, 19:56	#18
aled1974 Senior Member Iscritto dal: Oct 2009 Messaggi: 24453	scusa Eress perchè ti senti tirato in causa? Non ti ho quotato/citato quindi non era riferito / non era un dialogo nei tuoi confronti... booh ma dato che ci siamo sarebbe meglio dire che E' TUA OPINIONE che gli AV siano quel che scrivi, non un dato di fatto oggettivo. Anche perchè per estensione si potrebbe dire la stessa cosa per gli antimalware (programmi esterni anche loro), e sicuramente c'è al mondo chi lo pensa e lo esterna. Salvo poi rileggere questo stesso thread per capire dove sta il mondo reale ciao ciao __________________ Pc - [LianLi Pc70]-[Corsair Ax860]-[Asrock z-170 extreme 6]-[Intel i7 6700k]-[16gb ddr4 Kingston HyperX Fury]-[Ssd 870evo 4Tb + 860evo 1Tb + 14Tb Toshiba MG + 16Tb Seagate Exos + 18Tb Seagate Exos]-[Lg 34gn850b]-[Razer D-Back Plasma Red]-[Windows 11 Pro 64bit 23H2 ]

18-11-2013, 20:29	#20
!fazz Moderatore Iscritto dal: Nov 2006 Messaggi: 21687	Abbiamo un'intera sezione dedicata alla sicurezza dei sistemi informatici __________________ "WS" (p280,cx750m,4790k+212evo,z97pro,4x8GB ddr3 1600c11,GTX760-DC2OC,MZ-7TE500, WD20EFRX) Desktop (three hundred,650gq,3800x+nh-u14s ,x570 arous elite,2x16GB ddr4 3200c16, rx5600xt pulse P5 1TB)+NB: Lenovo p53 i7-9750H,64GB DDR4,2x1TB SSD, T1000

Strumenti
Mostra una versione stampabile Invia questa pagina per email