-
Judgement1991
| .
|
Aiutante
- Group
- Member
- Posts
- 518
- Status
- Offline
|
|
Ecco il log
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 29-06-2013 01 Ran by SYSTEM on 02-07-2013 14:09:58 Running from G:\ WIN_7 (X86) OS Language: Italian Standard Boot Mode: Recovery
The current controlset is ControlSet001 ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and Addition.txt log.
==================== Registry (Whitelisted) ==================
HKU\seven\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe [26624 2010-11-20] (Microsoft Corporation) Startup: C:\Users\seven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) BootExecute: autocheck autochk * bootroboscan.exe
========================== Services (Whitelisted) =================
S2 Adobe Version Cue CS2; c:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe [163840 2005-04-04] (Adobe Systems Incorporated) S4 BstHdAndroidSvc; C:\Program Files\BlueStacks\HD-Service.exe [397176 2012-08-21] (BlueStack Systems, Inc.) S4 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [384888 2012-08-21] (BlueStack Systems, Inc.) S2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [20456 2013-01-27] (Microsoft Corporation) S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [295232 2013-01-27] (Microsoft Corporation) S2 NitroReaderDriverReadSpool3; C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe [196624 2012-10-30] (Nitro PDF Software) S2 Roboscan_RTSrv; C:\Program Files\Roboscan\Roboscan\RSRTSrv.rse [355688 2012-03-29] (Roboscan Inc) S2 Roboscan_UpdSrv; C:\Program Files\Roboscan\Roboscan\RSUpdSrv.rse [606056 2012-03-29] (Roboscan Inc) S4 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [85776 2012-08-25] (SANDBOXIE L.T.D) S3 WefiEngSvc; C:\Program Files\WeFi\WefiEngSvc.exe [120152 2010-11-03] (WeFi) S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [x]
==================== Drivers (Whitelisted) ====================
S2 BstHdDrv; C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [66424 2012-08-21] (BlueStack Systems) S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [195296 2013-01-20] (Microsoft Corporation) S3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [7680 2007-07-31] (ATK0100) S2 NPF; C:\Windows\System32\drivers\npf.sys [35088 2010-06-25] (CACE Technologies, Inc.) S3 RoboFww; c:\program files\roboscan\roboscan\plugin\realtime\RoboFww.sys [32064 2012-03-29] (Roboscan Inc) S3 RoboRtwIFDrv; c:\program files\roboscan\roboscan\plugin\realtime\RoboRtw.sys [100160 2012-03-29] (Roboscan Inc) S3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [157776 2012-08-25] (SANDBOXIE L.T.D) S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-06-30 22:27 - 2013-06-30 22:27 - 00000000 ____D C:\FRST 2013-06-27 16:33 - 2013-06-27 16:33 - 00000000 __SHD C:\found.000 2013-06-27 15:42 - 2013-06-27 15:42 - 147062908 ____A C:\Windows\MEMORY.DMP 2013-06-26 22:28 - 2013-06-26 22:28 - 00000000 ____A C:\asdsetup.exe 2013-06-26 22:18 - 2013-06-26 22:19 - 00000000 ___AD C:\.Trash-0 2013-06-26 20:54 - 2013-06-26 22:01 - 00000000 ____D C:\Windows\pss 2013-06-26 20:05 - 2013-06-26 20:05 - 43253760 ____A C:\Windows\System32\config\software.bhv 2013-06-26 20:05 - 2013-06-26 20:05 - 24379392 ____A C:\Windows\System32\config\system.bhv 2013-06-26 20:05 - 2013-06-26 20:05 - 00524288 ____A C:\Windows\System32\config\default.bhv 2013-06-26 20:05 - 2013-06-26 20:05 - 00262144 ____A C:\Windows\System32\config\security.bhv 2013-06-26 20:05 - 2013-06-26 20:05 - 00262144 ____A C:\Windows\System32\config\sam.bhv 2013-06-26 20:05 - 2013-06-26 20:05 - 00000000 ___AD C:\$Anvi Rescue Disk$ 2013-06-26 17:37 - 2013-06-26 17:41 - 38001894 ____A C:\Users\seven\Downloads\Come navigare nel Deep Web.mp4 2013-06-26 16:55 - 2013-06-26 22:02 - 00000000 ____D C:\Users\seven\AppData\Roaming\GetRight 2013-06-26 16:55 - 2013-06-26 22:02 - 00000000 ____D C:\Program Files\GetRight 2013-06-23 21:11 - 2013-06-26 21:51 - 00000891 ____A C:\Windows\setupact.log 2013-06-23 21:11 - 2013-06-23 21:11 - 00000000 ____A C:\Windows\setuperr.log 2013-06-21 02:09 - 2013-06-21 02:09 - 00000000 ____D C:\Users\seven\Downloads\Miei salvataggi 2013-06-19 22:16 - 2013-06-19 22:46 - 192163640 ____A C:\Users\seven\Downloads\Documentario su Parigi.mp4 2013-06-19 01:04 - 2013-06-19 01:04 - 00000000 ____D C:\Users\seven\Documents\The Prince of Codes 2013-06-18 16:25 - 2013-06-20 23:59 - 00000000 __SHD C:\Windows\System32\AI_RecycleBin 2013-06-18 16:19 - 2013-06-19 01:17 - 00000000 ____D C:\Program Files\PutLockerDownloader.com 2013-06-18 12:44 - 2013-06-18 12:44 - 00000000 ____D C:\Users\seven\Downloads\Vari Testi 2013-06-18 12:38 - 2013-06-19 00:05 - 00000000 ____D C:\Users\seven\Downloads\Video 2013-06-16 12:57 - 2013-06-16 13:29 - 00000000 ____D C:\Users\Public\Documents\STALKER-STCS 2013-06-16 12:49 - 2013-06-16 12:49 - 00000000 ____D C:\Program Files\Deep Silver 2013-06-14 23:42 - 2013-06-14 23:42 - 00000000 ____D C:\Users\seven\AppData\Roaming\AbaEnglishRt.19ECF44F1B9DAF7C7A64FDC21A008AB0C5135E2F.1 2013-06-14 23:37 - 2013-06-14 23:37 - 00000513 ____A C:\Users\seven\Desktop\ABA English Course.lnk 2013-06-14 23:35 - 2013-06-14 23:42 - 00000000 ____D C:\EnglishCourse 2013-06-14 23:35 - 2013-06-14 23:35 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia 2013-06-14 23:35 - 2013-06-14 23:35 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia 2013-06-14 23:35 - 2013-06-14 23:35 - 00000000 ____D C:\Program Files\Common Files\Adobe AIR 2013-06-14 22:57 - 2013-05-17 00:08 - 12329984 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2013-06-14 22:57 - 2013-05-16 23:49 - 09738752 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2013-06-14 22:57 - 2013-05-16 23:39 - 01800704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2013-06-14 22:57 - 2013-05-16 23:28 - 01129472 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll 2013-06-14 22:57 - 2013-05-16 23:28 - 01104384 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2013-06-14 22:57 - 2013-05-16 23:27 - 01427968 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2013-06-14 22:57 - 2013-05-16 23:26 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll 2013-06-14 22:57 - 2013-05-16 23:23 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2013-06-14 22:57 - 2013-05-16 23:21 - 00717824 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll 2013-06-14 22:57 - 2013-05-16 23:21 - 00142848 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2013-06-14 22:57 - 2013-05-16 23:20 - 00420864 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll 2013-06-14 22:57 - 2013-05-16 23:19 - 00607744 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2013-06-14 22:57 - 2013-05-16 23:17 - 01796096 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2013-06-14 22:57 - 2013-05-16 23:17 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2013-06-14 22:57 - 2013-05-16 23:16 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2013-06-14 22:57 - 2013-05-16 23:12 - 00176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll 2013-06-14 22:11 - 2013-06-14 22:12 - 00161944 ____A C:\Users\seven\Downloads\corso-di-inglese-abaenglish-windows-downloader.exe 2013-06-14 19:43 - 2013-05-13 05:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll 2013-06-14 19:43 - 2013-05-13 05:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll 2013-06-14 19:43 - 2013-05-13 05:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll 2013-06-14 19:43 - 2013-05-13 04:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe 2013-06-14 19:43 - 2013-05-13 04:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll 2013-06-14 19:43 - 2013-05-10 04:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll 2013-06-14 19:43 - 2013-05-08 06:38 - 01293672 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys 2013-06-14 19:43 - 2013-05-06 06:06 - 03968872 ____A (Microsoft Corporation) C:\Windows\System32\ntkrnlpa.exe 2013-06-14 19:43 - 2013-05-06 06:06 - 03913576 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe 2013-06-14 19:43 - 2013-04-26 05:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll 2013-06-12 23:54 - 2013-06-26 22:10 - 00000000 ____D C:\Users\seven\Downloads\Da copiare nella chiavetta 2013-06-11 19:05 - 2013-06-23 21:13 - 00000000 ____D C:\Program Files\Steam 2013-06-11 19:05 - 2013-06-14 23:16 - 00000000 ____D C:\Program Files\Common Files\Steam 2013-06-11 18:56 - 2013-06-11 18:58 - 01669632 ____A C:\Users\seven\Downloads\SteamInstall.msi 2013-06-07 18:06 - 2012-11-09 23:21 - 00246760 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe 2013-06-07 18:05 - 2012-11-09 23:21 - 00174056 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe 2013-06-07 18:05 - 2012-11-09 23:21 - 00174056 ____A (Oracle Corporation) C:\Windows\System32\java.exe 2013-06-07 18:04 - 2013-06-07 18:04 - 00000000 ____D C:\Users\seven\Documents\VSO Downloader 2013-06-07 18:03 - 2013-06-07 18:03 - 00000000 ____D C:\Users\seven\AppData\Roaming\KastorFreeVideoCatcher 2013-06-07 18:03 - 2013-06-07 18:03 - 00000000 ____D C:\ProgramData\VSO 2013-06-07 18:03 - 2013-06-07 18:03 - 00000000 ____D C:\Program Files\VSO 2013-06-07 18:03 - 2013-06-07 18:03 - 00000000 ____D C:\Program Files\Kastor Free Video Catcher 2013-06-07 18:03 - 2008-09-24 19:33 - 00484352 ____A C:\Windows\System32\lame_enc.dll 2013-06-07 18:02 - 2013-06-26 22:10 - 00000000 ____D C:\Users\seven\AppData\Roaming\KastorAllVideoDownloader 2013-06-07 18:02 - 2013-06-07 18:02 - 00000000 ____D C:\Program Files\Kastor All Video Downloader 2013-06-07 18:01 - 2013-06-07 18:07 - 00000000 ____D C:\Program Files\TubeMaster++ 2013-06-05 14:36 - 2013-06-05 19:02 - 00000000 ____D C:\Users\seven\Documents\SpellForce 2013-06-05 14:32 - 2013-06-05 14:32 - 00000926 ____A C:\Users\seven\Desktop\GameSpy Arcade.lnk 2013-06-05 14:32 - 2013-06-05 14:32 - 00000000 ____D C:\Program Files\GameSpy Arcade 2013-06-05 14:32 - 2013-06-05 14:32 - 00000000 ____D C:\Program Files\AWS 2013-06-05 14:31 - 2013-06-05 14:31 - 00001124 ____A C:\Users\seven\Desktop\SpellForce - The Order of Dawn.lnk 2013-06-05 14:25 - 2013-06-05 14:25 - 00000000 ____D C:\Program Files\JoWooD 2013-06-04 18:43 - 2013-06-04 18:43 - 00001104 ____A C:\Users\Public\Desktop\aTube Catcher.lnk 2013-06-04 18:31 - 2013-06-11 23:59 - 00000000 ____D C:\Users\seven\Downloads\Cfake
==================== One Month Modified Files and Folders ========
2013-06-30 22:27 - 2013-06-30 22:27 - 00000000 ____D C:\FRST 2013-06-27 16:33 - 2013-06-27 16:33 - 00000000 __SHD C:\found.000 2013-06-27 15:42 - 2013-06-27 15:42 - 147062908 ____A C:\Windows\MEMORY.DMP 2013-06-27 01:54 - 2013-01-25 15:33 - 00000318 ____A C:\Windows\System32\ayboot.ini 2013-06-26 22:28 - 2013-06-26 22:28 - 00000000 ____A C:\asdsetup.exe 2013-06-26 22:19 - 2013-06-26 22:18 - 00000000 ___AD C:\.Trash-0 2013-06-26 22:10 - 2013-06-12 23:54 - 00000000 ____D C:\Users\seven\Downloads\Da copiare nella chiavetta 2013-06-26 22:10 - 2013-06-07 18:02 - 00000000 ____D C:\Users\seven\AppData\Roaming\KastorAllVideoDownloader 2013-06-26 22:10 - 2012-12-17 21:36 - 00000000 ____D C:\Users\seven\AppData\Roaming\vlc 2013-06-26 22:10 - 2012-12-04 19:52 - 00000000 ____D C:\ProgramData\Ant.com 2013-06-26 22:10 - 2012-11-08 10:16 - 00000000 ____D C:\Windows\AutoKMS 2013-06-26 22:10 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\System32\wfp 2013-06-26 22:10 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\System32\NDF 2013-06-26 22:10 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\System32\DriverStore 2013-06-26 22:10 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\registration 2013-06-26 22:02 - 2013-06-26 16:55 - 00000000 ____D C:\Users\seven\AppData\Roaming\GetRight 2013-06-26 22:02 - 2013-06-26 16:55 - 00000000 ____D C:\Program Files\GetRight 2013-06-26 22:01 - 2013-06-26 20:54 - 00000000 ____D C:\Windows\pss 2013-06-26 21:52 - 2012-11-09 17:36 - 00000978 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-06-26 21:51 - 2013-06-23 21:11 - 00000891 ____A C:\Windows\setupact.log 2013-06-26 21:50 - 2012-11-14 23:31 - 00001132 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-06-26 21:50 - 2012-11-08 10:16 - 00000266 ____A C:\Windows\Tasks\AutoKMS.job 2013-06-26 21:50 - 2009-07-14 05:53 - 00000006 ___AH C:\Windows\Tasks\SA.DAT 2013-06-26 20:05 - 2013-06-26 20:05 - 43253760 ____A C:\Windows\System32\config\software.bhv 2013-06-26 20:05 - 2013-06-26 20:05 - 24379392 ____A C:\Windows\System32\config\system.bhv 2013-06-26 20:05 - 2013-06-26 20:05 - 00524288 ____A C:\Windows\System32\config\default.bhv 2013-06-26 20:05 - 2013-06-26 20:05 - 00262144 ____A C:\Windows\System32\config\security.bhv 2013-06-26 20:05 - 2013-06-26 20:05 - 00262144 ____A C:\Windows\System32\config\sam.bhv 2013-06-26 20:05 - 2013-06-26 20:05 - 00000000 ___AD C:\$Anvi Rescue Disk$ 2013-06-26 18:47 - 2012-12-21 20:29 - 00000000 ____D C:\Users\seven\AppData\Roaming\NetSpeedMonitor 2013-06-26 17:41 - 2013-06-26 17:37 - 38001894 ____A C:\Users\seven\Downloads\Come navigare nel Deep Web.mp4 2013-06-26 17:28 - 2012-11-08 10:47 - 00000000 ____D C:\Users\seven\AppData\Roaming\Nitro PDF 2013-06-23 21:22 - 2012-12-14 23:53 - 01716519 ____A C:\Windows\WindowsUpdate.log 2013-06-23 21:22 - 2012-11-14 23:31 - 00001136 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-06-23 21:18 - 2009-07-14 05:34 - 00025616 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-06-23 21:18 - 2009-07-14 05:34 - 00025616 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-06-23 21:13 - 2013-06-11 19:05 - 00000000 ____D C:\Program Files\Steam 2013-06-23 21:11 - 2013-06-23 21:11 - 00000000 ____A C:\Windows\setuperr.log 2013-06-23 01:50 - 2012-11-07 11:35 - 01653742 ____A C:\Windows\System32\PerfStringBackup.INI 2013-06-23 01:50 - 2009-07-14 09:21 - 00739254 ____A C:\Windows\System32\perfh010.dat 2013-06-23 01:50 - 2009-07-14 09:21 - 00146294 ____A C:\Windows\System32\perfc010.dat 2013-06-21 02:09 - 2013-06-21 02:09 - 00000000 ____D C:\Users\seven\Downloads\Miei salvataggi 2013-06-20 23:59 - 2013-06-18 16:25 - 00000000 __SHD C:\Windows\System32\AI_RecycleBin 2013-06-20 23:59 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system 2013-06-20 01:01 - 2012-11-09 20:39 - 00000925 ____A C:\Users\Public\Desktop\CCleaner.lnk 2013-06-20 01:01 - 2012-11-09 20:39 - 00000000 ____D C:\Program Files\CCleaner 2013-06-20 00:42 - 2013-01-25 15:17 - 00000000 ____D C:\WinWebExplorer 2013-06-19 22:46 - 2013-06-19 22:16 - 192163640 ____A C:\Users\seven\Downloads\Documentario su Parigi.mp4 2013-06-19 01:17 - 2013-06-18 16:19 - 00000000 ____D C:\Program Files\PutLockerDownloader.com 2013-06-19 01:04 - 2013-06-19 01:04 - 00000000 ____D C:\Users\seven\Documents\The Prince of Codes 2013-06-19 00:05 - 2013-06-18 12:38 - 00000000 ____D C:\Users\seven\Downloads\Video 2013-06-18 12:44 - 2013-06-18 12:44 - 00000000 ____D C:\Users\seven\Downloads\Vari Testi 2013-06-16 23:41 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Microsoft.NET 2013-06-16 13:29 - 2013-06-16 12:57 - 00000000 ____D C:\Users\Public\Documents\STALKER-STCS 2013-06-16 12:49 - 2013-06-16 12:49 - 00000000 ____D C:\Program Files\Deep Silver 2013-06-14 23:42 - 2013-06-14 23:42 - 00000000 ____D C:\Users\seven\AppData\Roaming\AbaEnglishRt.19ECF44F1B9DAF7C7A64FDC21A008AB0C5135E2F.1 2013-06-14 23:42 - 2013-06-14 23:35 - 00000000 ____D C:\EnglishCourse 2013-06-14 23:37 - 2013-06-14 23:37 - 00000513 ____A C:\Users\seven\Desktop\ABA English Course.lnk 2013-06-14 23:37 - 2012-11-08 15:33 - 00000000 ____D C:\Users\seven\AppData\Roaming\Adobe 2013-06-14 23:37 - 2012-11-08 15:28 - 00000000 ____D C:\ProgramData\Adobe 2013-06-14 23:35 - 2013-06-14 23:35 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia 2013-06-14 23:35 - 2013-06-14 23:35 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia 2013-06-14 23:35 - 2013-06-14 23:35 - 00000000 ____D C:\Program Files\Common Files\Adobe AIR 2013-06-14 23:35 - 2013-05-14 16:53 - 00000000 ____D C:\Users\seven\AppData\Local\Adobe 2013-06-14 23:35 - 2013-02-26 21:02 - 00000000 ____D C:\Program Files\Adobe 2013-06-14 23:16 - 2013-06-11 19:05 - 00000000 ____D C:\Program Files\Common Files\Steam 2013-06-14 23:10 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\System32\it-IT 2013-06-14 22:58 - 2012-11-07 12:14 - 73381792 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe 2013-06-14 22:12 - 2013-06-14 22:11 - 00161944 ____A C:\Users\seven\Downloads\corso-di-inglese-abaenglish-windows-downloader.exe 2013-06-12 22:52 - 2012-11-09 17:36 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe 2013-06-12 22:52 - 2012-11-09 17:36 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl 2013-06-11 23:59 - 2013-06-04 18:31 - 00000000 ____D C:\Users\seven\Downloads\Cfake 2013-06-11 18:58 - 2013-06-11 18:56 - 01669632 ____A C:\Users\seven\Downloads\SteamInstall.msi 2013-06-08 22:40 - 2012-12-15 22:03 - 00000000 ____D C:\Users\seven\Documents\Conersazioni What's App 2013-06-08 22:32 - 2013-01-29 15:14 - 00000000 ____D C:\Users\seven\.VirtualBox 2013-06-07 18:07 - 2013-06-07 18:01 - 00000000 ____D C:\Program Files\TubeMaster++ 2013-06-07 18:06 - 2013-01-29 15:09 - 00000000 ____D C:\Program Files\Oracle 2013-06-07 18:05 - 2012-11-09 23:21 - 00000000 ____D C:\Program Files\Java 2013-06-07 18:04 - 2013-06-07 18:04 - 00000000 ____D C:\Users\seven\Documents\VSO Downloader 2013-06-07 18:03 - 2013-06-07 18:03 - 00000000 ____D C:\Users\seven\AppData\Roaming\KastorFreeVideoCatcher 2013-06-07 18:03 - 2013-06-07 18:03 - 00000000 ____D C:\ProgramData\VSO 2013-06-07 18:03 - 2013-06-07 18:03 - 00000000 ____D C:\Program Files\VSO 2013-06-07 18:03 - 2013-06-07 18:03 - 00000000 ____D C:\Program Files\Kastor Free Video Catcher 2013-06-07 18:02 - 2013-06-07 18:02 - 00000000 ____D C:\Program Files\Kastor All Video Downloader 2013-06-07 18:02 - 2012-12-10 21:26 - 00000000 ____D C:\Program Files\WinPcap 2013-06-05 19:02 - 2013-06-05 14:36 - 00000000 ____D C:\Users\seven\Documents\SpellForce 2013-06-05 14:32 - 2013-06-05 14:32 - 00000926 ____A C:\Users\seven\Desktop\GameSpy Arcade.lnk 2013-06-05 14:32 - 2013-06-05 14:32 - 00000000 ____D C:\Program Files\GameSpy Arcade 2013-06-05 14:32 - 2013-06-05 14:32 - 00000000 ____D C:\Program Files\AWS 2013-06-05 14:31 - 2013-06-05 14:31 - 00001124 ____A C:\Users\seven\Desktop\SpellForce - The Order of Dawn.lnk 2013-06-05 14:25 - 2013-06-05 14:25 - 00000000 ____D C:\Program Files\JoWooD 2013-06-05 00:23 - 2012-11-09 20:37 - 00000000 ____D C:\Users\seven\Downloads\eMule 2013-06-04 18:43 - 2013-06-04 18:43 - 00001104 ____A C:\Users\Public\Desktop\aTube Catcher.lnk 2013-06-04 18:42 - 2013-01-22 16:41 - 00000000 ____D C:\Program Files\DsNET Corp 2013-06-04 00:22 - 2013-02-18 18:04 - 00000000 ____D C:\Users\seven\Downloads\archpr22 2013-06-04 00:07 - 2012-11-08 23:11 - 00000000 ____D C:\Users\seven\AppData\Roaming\DVDVideoSoft 2013-06-03 23:39 - 2013-01-14 19:45 - 00000000 ____D C:\Users\seven\AppData\Roaming\uTorrent 2013-06-03 22:47 - 2012-12-15 22:52 - 00000000 ____D C:\Users\seven\AppData\Local\Paint.NET
==================== Known DLLs (Whitelisted) ============
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== EXE ASSOCIATION =====================
HKLM\...\.exe: exefile => OK HKLM\...\exefile\DefaultIcon: %1 => OK HKLM\...\exefile\open\command: <===== ATTENTION!
==================== Restore Points =========================
Restore point made on: 2013-06-14 18:46:55 Restore point made on: 2013-06-14 22:55:42 Restore point made on: 2013-06-16 13:01:25 Restore point made on: 2013-06-18 16:20:39 Restore point made on: 2013-06-18 16:24:33 Restore point made on: 2013-06-19 01:04:22 Restore point made on: 2013-06-19 21:21:27 Restore point made on: 2013-06-20 23:59:37 Restore point made on: 2013-06-23 21:23:08
==================== Memory info ===========================
Percentage of memory in use: 13% Total physical RAM: 3071.27 MB Available physical RAM: 2657.49 MB Total Pagefile: 3069.55 MB Available Pagefile: 2662.82 MB Total Virtual: 2047.88 MB Available Virtual: 1934.03 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:297.99 GB) (Free:114.07 GB) NTFS Drive g: () (Removable) (Total:7.47 GB) (Free:7.47 GB) FAT32 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS Drive y: (Riservato per il sistema) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 000997F0) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=298 GB) - (Type=07 NTFS)
======================================================== Disk: 1 (Size: 7 GB) (Disk ID: 70707573) Partition 1: (Not Active) - (Size=923 GB) - (Type=0D) Partition 2: (Not Active) - (Size=259 GB) - (Type=0A) Partition 3: (Not Active) - (Size=844 GB) - (Type=6F) Partition 4: (Not Active) - (Size=26 MB) - (Type=0A)
LastRegBack: 2013-05-14 15:37
==================== End Of Log ============================
Edited by vicky67 - 21/8/2013, 17:30
|
|
| .
|
698 replies since 5/6/2013, 08:44 22516 views
.