Aiuto PC


Virus Polizia Penitenziaria,Polizia di Stato,Carabinieri (RISOLTO)

« Older   Newer »
 
  Share  
.
  1. Judgement1991
    Posted on 2/7/2013, 15:52 by: Judgement1991
     
    .

    Aiutante

    Group
    Member
    Posts
    518

    Status
    Offline
    Ecco il log

    SPOILER (clicca per visualizzare)
    Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 29-06-2013 01
    Ran by SYSTEM on 02-07-2013 14:09:58
    Running from G:\
    WIN_7 (X86) OS Language: Italian Standard
    Boot Mode: Recovery

    The current controlset is ControlSet001
    ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and Addition.txt log.

    ==================== Registry (Whitelisted) ==================

    HKU\seven\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe [26624 2010-11-20] (Microsoft Corporation)
    Startup: C:\Users\seven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
    ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
    BootExecute: autocheck autochk * bootroboscan.exe

    ========================== Services (Whitelisted) =================

    S2 Adobe Version Cue CS2; c:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe [163840 2005-04-04] (Adobe Systems Incorporated)
    S4 BstHdAndroidSvc; C:\Program Files\BlueStacks\HD-Service.exe [397176 2012-08-21] (BlueStack Systems, Inc.)
    S4 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [384888 2012-08-21] (BlueStack Systems, Inc.)
    S2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [20456 2013-01-27] (Microsoft Corporation)
    S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [295232 2013-01-27] (Microsoft Corporation)
    S2 NitroReaderDriverReadSpool3; C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe [196624 2012-10-30] (Nitro PDF Software)
    S2 Roboscan_RTSrv; C:\Program Files\Roboscan\Roboscan\RSRTSrv.rse [355688 2012-03-29] (Roboscan Inc)
    S2 Roboscan_UpdSrv; C:\Program Files\Roboscan\Roboscan\RSUpdSrv.rse [606056 2012-03-29] (Roboscan Inc)
    S4 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [85776 2012-08-25] (SANDBOXIE L.T.D)
    S3 WefiEngSvc; C:\Program Files\WeFi\WefiEngSvc.exe [120152 2010-11-03] (WeFi)
    S3 rpcapd; "%­ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%­ProgramFiles%\WinPcap\rpcapd.ini" [x]

    ==================== Drivers (Whitelisted) ====================

    S2 BstHdDrv; C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [66424 2012-08-21] (BlueStack Systems)
    S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [195296 2013-01-20] (Microsoft Corporation)
    S3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [7680 2007-07-31] (ATK0100)
    S2 NPF; C:\Windows\System32\drivers\npf.sys [35088 2010-06-25] (CACE Technologies, Inc.)
    S3 RoboFww; c:\program files\roboscan\roboscan\plugin\realtime\RoboFww.sys [32064 2012-03-29] (Roboscan Inc)
    S3 RoboRtwIFDrv; c:\program files\roboscan\roboscan\plugin\realtime\RoboRtw.sys [100160 2012-03-29] (Roboscan Inc)
    S3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [157776 2012-08-25] (SANDBOXIE L.T.D)
    S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [x]

    ==================== NetSvcs (Whitelisted) ===================


    ==================== One Month Created Files and Folders ========

    2013-06-30 22:27 - 2013-06-30 22:27 - 00000000 ____D C:\FRST
    2013-06-27 16:33 - 2013-06-27 16:33 - 00000000 __SHD C:\found.000
    2013-06-27 15:42 - 2013-06-27 15:42 - 147062908 ____A C:\Windows\MEMORY.DMP
    2013-06-26 22:28 - 2013-06-26 22:28 - 00000000 ____A C:\asdsetup.exe
    2013-06-26 22:18 - 2013-06-26 22:19 - 00000000 ___AD C:\.Trash-0
    2013-06-26 20:54 - 2013-06-26 22:01 - 00000000 ____D C:\Windows\pss
    2013-06-26 20:05 - 2013-06-26 20:05 - 43253760 ____A C:\Windows\System32\config\software.bhv
    2013-06-26 20:05 - 2013-06-26 20:05 - 24379392 ____A C:\Windows\System32\config\system.bhv
    2013-06-26 20:05 - 2013-06-26 20:05 - 00524288 ____A C:\Windows\System32\config\default.bhv
    2013-06-26 20:05 - 2013-06-26 20:05 - 00262144 ____A C:\Windows\System32\config\security.bhv
    2013-06-26 20:05 - 2013-06-26 20:05 - 00262144 ____A C:\Windows\System32\config\sam.bhv
    2013-06-26 20:05 - 2013-06-26 20:05 - 00000000 ___AD C:\$Anvi Rescue Disk$
    2013-06-26 17:37 - 2013-06-26 17:41 - 38001894 ____A C:\Users\seven\Downloads\Come navigare nel Deep Web.mp4
    2013-06-26 16:55 - 2013-06-26 22:02 - 00000000 ____D C:\Users\seven\AppData\Roaming\GetRight
    2013-06-26 16:55 - 2013-06-26 22:02 - 00000000 ____D C:\Program Files\GetRight
    2013-06-23 21:11 - 2013-06-26 21:51 - 00000891 ____A C:\Windows\setupact.log
    2013-06-23 21:11 - 2013-06-23 21:11 - 00000000 ____A C:\Windows\setuperr.log
    2013-06-21 02:09 - 2013-06-21 02:09 - 00000000 ____D C:\Users\seven\Downloads\Miei salvataggi
    2013-06-19 22:16 - 2013-06-19 22:46 - 192163640 ____A C:\Users\seven\Downloads\Documentario su Parigi.mp4
    2013-06-19 01:04 - 2013-06-19 01:04 - 00000000 ____D C:\Users\seven\Documents\The Prince of Codes
    2013-06-18 16:25 - 2013-06-20 23:59 - 00000000 __SHD C:\Windows\System32\AI_RecycleBin
    2013-06-18 16:19 - 2013-06-19 01:17 - 00000000 ____D C:\Program Files\PutLockerDownloader.com
    2013-06-18 12:44 - 2013-06-18 12:44 - 00000000 ____D C:\Users\seven\Downloads\Vari Testi
    2013-06-18 12:38 - 2013-06-19 00:05 - 00000000 ____D C:\Users\seven\Downloads\Video
    2013-06-16 12:57 - 2013-06-16 13:29 - 00000000 ____D C:\Users\Public\Documents\STALKER-STCS
    2013-06-16 12:49 - 2013-06-16 12:49 - 00000000 ____D C:\Program Files\Deep Silver
    2013-06-14 23:42 - 2013-06-14 23:42 - 00000000 ____D C:\Users\seven\AppData\Roaming\AbaEnglishRt.19ECF44F1B9DAF7C7A64FDC21A008AB0C5135E2F.1
    2013-06-14 23:37 - 2013-06-14 23:37 - 00000513 ____A C:\Users\seven\Desktop\ABA English Course.lnk
    2013-06-14 23:35 - 2013-06-14 23:42 - 00000000 ____D C:\EnglishCourse
    2013-06-14 23:35 - 2013-06-14 23:35 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
    2013-06-14 23:35 - 2013-06-14 23:35 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
    2013-06-14 23:35 - 2013-06-14 23:35 - 00000000 ____D C:\Program Files\Common Files\Adobe AIR
    2013-06-14 22:57 - 2013-05-17 00:08 - 12329984 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
    2013-06-14 22:57 - 2013-05-16 23:49 - 09738752 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
    2013-06-14 22:57 - 2013-05-16 23:39 - 01800704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
    2013-06-14 22:57 - 2013-05-16 23:28 - 01129472 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
    2013-06-14 22:57 - 2013-05-16 23:28 - 01104384 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
    2013-06-14 22:57 - 2013-05-16 23:27 - 01427968 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
    2013-06-14 22:57 - 2013-05-16 23:26 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
    2013-06-14 22:57 - 2013-05-16 23:23 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
    2013-06-14 22:57 - 2013-05-16 23:21 - 00717824 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
    2013-06-14 22:57 - 2013-05-16 23:21 - 00142848 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
    2013-06-14 22:57 - 2013-05-16 23:20 - 00420864 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
    2013-06-14 22:57 - 2013-05-16 23:19 - 00607744 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
    2013-06-14 22:57 - 2013-05-16 23:17 - 01796096 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
    2013-06-14 22:57 - 2013-05-16 23:17 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
    2013-06-14 22:57 - 2013-05-16 23:16 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
    2013-06-14 22:57 - 2013-05-16 23:12 - 00176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
    2013-06-14 22:11 - 2013-06-14 22:12 - 00161944 ____A C:\Users\seven\Downloads\corso-di-inglese-abaenglish-windows-downloader.exe
    2013-06-14 19:43 - 2013-05-13 05:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
    2013-06-14 19:43 - 2013-05-13 05:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
    2013-06-14 19:43 - 2013-05-13 05:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
    2013-06-14 19:43 - 2013-05-13 04:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
    2013-06-14 19:43 - 2013-05-13 04:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
    2013-06-14 19:43 - 2013-05-10 04:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
    2013-06-14 19:43 - 2013-05-08 06:38 - 01293672 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
    2013-06-14 19:43 - 2013-05-06 06:06 - 03968872 ____A (Microsoft Corporation) C:\Windows\System32\ntkrnlpa.exe
    2013-06-14 19:43 - 2013-05-06 06:06 - 03913576 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
    2013-06-14 19:43 - 2013-04-26 05:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
    2013-06-12 23:54 - 2013-06-26 22:10 - 00000000 ____D C:\Users\seven\Downloads\Da copiare nella chiavetta
    2013-06-11 19:05 - 2013-06-23 21:13 - 00000000 ____D C:\Program Files\Steam
    2013-06-11 19:05 - 2013-06-14 23:16 - 00000000 ____D C:\Program Files\Common Files\Steam
    2013-06-11 18:56 - 2013-06-11 18:58 - 01669632 ____A C:\Users\seven\Downloads\SteamInstall.msi
    2013-06-07 18:06 - 2012-11-09 23:21 - 00246760 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
    2013-06-07 18:05 - 2012-11-09 23:21 - 00174056 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
    2013-06-07 18:05 - 2012-11-09 23:21 - 00174056 ____A (Oracle Corporation) C:\Windows\System32\java.exe
    2013-06-07 18:04 - 2013-06-07 18:04 - 00000000 ____D C:\Users\seven\Documents\VSO Downloader
    2013-06-07 18:03 - 2013-06-07 18:03 - 00000000 ____D C:\Users\seven\AppData\Roaming\KastorFreeVideoCatcher
    2013-06-07 18:03 - 2013-06-07 18:03 - 00000000 ____D C:\ProgramData\VSO
    2013-06-07 18:03 - 2013-06-07 18:03 - 00000000 ____D C:\Program Files\VSO
    2013-06-07 18:03 - 2013-06-07 18:03 - 00000000 ____D C:\Program Files\Kastor Free Video Catcher
    2013-06-07 18:03 - 2008-09-24 19:33 - 00484352 ____A C:\Windows\System32\lame_enc.dll
    2013-06-07 18:02 - 2013-06-26 22:10 - 00000000 ____D C:\Users\seven\AppData\Roaming\KastorAllVideoDownloader
    2013-06-07 18:02 - 2013-06-07 18:02 - 00000000 ____D C:\Program Files\Kastor All Video Downloader
    2013-06-07 18:01 - 2013-06-07 18:07 - 00000000 ____D C:\Program Files\TubeMaster++
    2013-06-05 14:36 - 2013-06-05 19:02 - 00000000 ____D C:\Users\seven\Documents\SpellForce
    2013-06-05 14:32 - 2013-06-05 14:32 - 00000926 ____A C:\Users\seven\Desktop\GameSpy Arcade.lnk
    2013-06-05 14:32 - 2013-06-05 14:32 - 00000000 ____D C:\Program Files\GameSpy Arcade
    2013-06-05 14:32 - 2013-06-05 14:32 - 00000000 ____D C:\Program Files\AWS
    2013-06-05 14:31 - 2013-06-05 14:31 - 00001124 ____A C:\Users\seven\Desktop\SpellForce - The Order of Dawn.lnk
    2013-06-05 14:25 - 2013-06-05 14:25 - 00000000 ____D C:\Program Files\JoWooD
    2013-06-04 18:43 - 2013-06-04 18:43 - 00001104 ____A C:\Users\Public\Desktop\aTube Catcher.lnk
    2013-06-04 18:31 - 2013-06-11 23:59 - 00000000 ____D C:\Users\seven\Downloads\Cfake

    ==================== One Month Modified Files and Folders ========

    2013-06-30 22:27 - 2013-06-30 22:27 - 00000000 ____D C:\FRST
    2013-06-27 16:33 - 2013-06-27 16:33 - 00000000 __SHD C:\found.000
    2013-06-27 15:42 - 2013-06-27 15:42 - 147062908 ____A C:\Windows\MEMORY.DMP
    2013-06-27 01:54 - 2013-01-25 15:33 - 00000318 ____A C:\Windows\System32\ayboot.ini
    2013-06-26 22:28 - 2013-06-26 22:28 - 00000000 ____A C:\asdsetup.exe
    2013-06-26 22:19 - 2013-06-26 22:18 - 00000000 ___AD C:\.Trash-0
    2013-06-26 22:10 - 2013-06-12 23:54 - 00000000 ____D C:\Users\seven\Downloads\Da copiare nella chiavetta
    2013-06-26 22:10 - 2013-06-07 18:02 - 00000000 ____D C:\Users\seven\AppData\Roaming\KastorAllVideoDownloader
    2013-06-26 22:10 - 2012-12-17 21:36 - 00000000 ____D C:\Users\seven\AppData\Roaming\vlc
    2013-06-26 22:10 - 2012-12-04 19:52 - 00000000 ____D C:\ProgramData\Ant.com
    2013-06-26 22:10 - 2012-11-08 10:16 - 00000000 ____D C:\Windows\AutoKMS
    2013-06-26 22:10 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\System32\wfp
    2013-06-26 22:10 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\System32\NDF
    2013-06-26 22:10 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\System32\DriverStore
    2013-06-26 22:10 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\registration
    2013-06-26 22:02 - 2013-06-26 16:55 - 00000000 ____D C:\Users\seven\AppData\Roaming\GetRight
    2013-06-26 22:02 - 2013-06-26 16:55 - 00000000 ____D C:\Program Files\GetRight
    2013-06-26 22:01 - 2013-06-26 20:54 - 00000000 ____D C:\Windows\pss
    2013-06-26 21:52 - 2012-11-09 17:36 - 00000978 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
    2013-06-26 21:51 - 2013-06-23 21:11 - 00000891 ____A C:\Windows\setupact.log
    2013-06-26 21:50 - 2012-11-14 23:31 - 00001132 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2013-06-26 21:50 - 2012-11-08 10:16 - 00000266 ____A C:\Windows\Tasks\AutoKMS.job
    2013-06-26 21:50 - 2009-07-14 05:53 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
    2013-06-26 20:05 - 2013-06-26 20:05 - 43253760 ____A C:\Windows\System32\config\software.bhv
    2013-06-26 20:05 - 2013-06-26 20:05 - 24379392 ____A C:\Windows\System32\config\system.bhv
    2013-06-26 20:05 - 2013-06-26 20:05 - 00524288 ____A C:\Windows\System32\config\default.bhv
    2013-06-26 20:05 - 2013-06-26 20:05 - 00262144 ____A C:\Windows\System32\config\security.bhv
    2013-06-26 20:05 - 2013-06-26 20:05 - 00262144 ____A C:\Windows\System32\config\sam.bhv
    2013-06-26 20:05 - 2013-06-26 20:05 - 00000000 ___AD C:\$Anvi Rescue Disk$
    2013-06-26 18:47 - 2012-12-21 20:29 - 00000000 ____D C:\Users\seven\AppData\Roaming\NetSpeedMonitor
    2013-06-26 17:41 - 2013-06-26 17:37 - 38001894 ____A C:\Users\seven\Downloads\Come navigare nel Deep Web.mp4
    2013-06-26 17:28 - 2012-11-08 10:47 - 00000000 ____D C:\Users\seven\AppData\Roaming\Nitro PDF
    2013-06-23 21:22 - 2012-12-14 23:53 - 01716519 ____A C:\Windows\WindowsUpdate.log
    2013-06-23 21:22 - 2012-11-14 23:31 - 00001136 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2013-06-23 21:18 - 2009-07-14 05:34 - 00025616 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2013-06-23 21:18 - 2009-07-14 05:34 - 00025616 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2013-06-23 21:13 - 2013-06-11 19:05 - 00000000 ____D C:\Program Files\Steam
    2013-06-23 21:11 - 2013-06-23 21:11 - 00000000 ____A C:\Windows\setuperr.log
    2013-06-23 01:50 - 2012-11-07 11:35 - 01653742 ____A C:\Windows\System32\PerfStringBackup.INI
    2013-06-23 01:50 - 2009-07-14 09:21 - 00739254 ____A C:\Windows\System32\perfh010.dat
    2013-06-23 01:50 - 2009-07-14 09:21 - 00146294 ____A C:\Windows\System32\perfc010.dat
    2013-06-21 02:09 - 2013-06-21 02:09 - 00000000 ____D C:\Users\seven\Downloads\Miei salvataggi
    2013-06-20 23:59 - 2013-06-18 16:25 - 00000000 __SHD C:\Windows\System32\AI_RecycleBin
    2013-06-20 23:59 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system
    2013-06-20 01:01 - 2012-11-09 20:39 - 00000925 ____A C:\Users\Public\Desktop\CCleaner.lnk
    2013-06-20 01:01 - 2012-11-09 20:39 - 00000000 ____D C:\Program Files\CCleaner
    2013-06-20 00:42 - 2013-01-25 15:17 - 00000000 ____D C:\WinWebExplorer
    2013-06-19 22:46 - 2013-06-19 22:16 - 192163640 ____A C:\Users\seven\Downloads\Documentario su Parigi.mp4
    2013-06-19 01:17 - 2013-06-18 16:19 - 00000000 ____D C:\Program Files\PutLockerDownloader.com
    2013-06-19 01:04 - 2013-06-19 01:04 - 00000000 ____D C:\Users\seven\Documents\The Prince of Codes
    2013-06-19 00:05 - 2013-06-18 12:38 - 00000000 ____D C:\Users\seven\Downloads\Video
    2013-06-18 12:44 - 2013-06-18 12:44 - 00000000 ____D C:\Users\seven\Downloads\Vari Testi
    2013-06-16 23:41 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Microsoft.NET
    2013-06-16 13:29 - 2013-06-16 12:57 - 00000000 ____D C:\Users\Public\Documents\STALKER-STCS
    2013-06-16 12:49 - 2013-06-16 12:49 - 00000000 ____D C:\Program Files\Deep Silver
    2013-06-14 23:42 - 2013-06-14 23:42 - 00000000 ____D C:\Users\seven\AppData\Roaming\AbaEnglishRt.19ECF44F1B9DAF7C7A64FDC21A008AB0C5135E2F.1
    2013-06-14 23:42 - 2013-06-14 23:35 - 00000000 ____D C:\EnglishCourse
    2013-06-14 23:37 - 2013-06-14 23:37 - 00000513 ____A C:\Users\seven\Desktop\ABA English Course.lnk
    2013-06-14 23:37 - 2012-11-08 15:33 - 00000000 ____D C:\Users\seven\AppData\Roaming\Adobe
    2013-06-14 23:37 - 2012-11-08 15:28 - 00000000 ____D C:\ProgramData\Adobe
    2013-06-14 23:35 - 2013-06-14 23:35 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
    2013-06-14 23:35 - 2013-06-14 23:35 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
    2013-06-14 23:35 - 2013-06-14 23:35 - 00000000 ____D C:\Program Files\Common Files\Adobe AIR
    2013-06-14 23:35 - 2013-05-14 16:53 - 00000000 ____D C:\Users\seven\AppData\Local\Adobe
    2013-06-14 23:35 - 2013-02-26 21:02 - 00000000 ____D C:\Program Files\Adobe
    2013-06-14 23:16 - 2013-06-11 19:05 - 00000000 ____D C:\Program Files\Common Files\Steam
    2013-06-14 23:10 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\System32\it-IT
    2013-06-14 22:58 - 2012-11-07 12:14 - 73381792 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
    2013-06-14 22:12 - 2013-06-14 22:11 - 00161944 ____A C:\Users\seven\Downloads\corso-di-inglese-abaenglish-windows-downloader.exe
    2013-06-12 22:52 - 2012-11-09 17:36 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
    2013-06-12 22:52 - 2012-11-09 17:36 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
    2013-06-11 23:59 - 2013-06-04 18:31 - 00000000 ____D C:\Users\seven\Downloads\Cfake
    2013-06-11 18:58 - 2013-06-11 18:56 - 01669632 ____A C:\Users\seven\Downloads\SteamInstall.msi
    2013-06-08 22:40 - 2012-12-15 22:03 - 00000000 ____D C:\Users\seven\Documents\Conersazioni What's App
    2013-06-08 22:32 - 2013-01-29 15:14 - 00000000 ____D C:\Users\seven\.VirtualBox
    2013-06-07 18:07 - 2013-06-07 18:01 - 00000000 ____D C:\Program Files\TubeMaster++
    2013-06-07 18:06 - 2013-01-29 15:09 - 00000000 ____D C:\Program Files\Oracle
    2013-06-07 18:05 - 2012-11-09 23:21 - 00000000 ____D C:\Program Files\Java
    2013-06-07 18:04 - 2013-06-07 18:04 - 00000000 ____D C:\Users\seven\Documents\VSO Downloader
    2013-06-07 18:03 - 2013-06-07 18:03 - 00000000 ____D C:\Users\seven\AppData\Roaming\KastorFreeVideoCatcher
    2013-06-07 18:03 - 2013-06-07 18:03 - 00000000 ____D C:\ProgramData\VSO
    2013-06-07 18:03 - 2013-06-07 18:03 - 00000000 ____D C:\Program Files\VSO
    2013-06-07 18:03 - 2013-06-07 18:03 - 00000000 ____D C:\Program Files\Kastor Free Video Catcher
    2013-06-07 18:02 - 2013-06-07 18:02 - 00000000 ____D C:\Program Files\Kastor All Video Downloader
    2013-06-07 18:02 - 2012-12-10 21:26 - 00000000 ____D C:\Program Files\WinPcap
    2013-06-05 19:02 - 2013-06-05 14:36 - 00000000 ____D C:\Users\seven\Documents\SpellForce
    2013-06-05 14:32 - 2013-06-05 14:32 - 00000926 ____A C:\Users\seven\Desktop\GameSpy Arcade.lnk
    2013-06-05 14:32 - 2013-06-05 14:32 - 00000000 ____D C:\Program Files\GameSpy Arcade
    2013-06-05 14:32 - 2013-06-05 14:32 - 00000000 ____D C:\Program Files\AWS
    2013-06-05 14:31 - 2013-06-05 14:31 - 00001124 ____A C:\Users\seven\Desktop\SpellForce - The Order of Dawn.lnk
    2013-06-05 14:25 - 2013-06-05 14:25 - 00000000 ____D C:\Program Files\JoWooD
    2013-06-05 00:23 - 2012-11-09 20:37 - 00000000 ____D C:\Users\seven\Downloads\eMule
    2013-06-04 18:43 - 2013-06-04 18:43 - 00001104 ____A C:\Users\Public\Desktop\aTube Catcher.lnk
    2013-06-04 18:42 - 2013-01-22 16:41 - 00000000 ____D C:\Program Files\DsNET Corp
    2013-06-04 00:22 - 2013-02-18 18:04 - 00000000 ____D C:\Users\seven\Downloads\archpr22
    2013-06-04 00:07 - 2012-11-08 23:11 - 00000000 ____D C:\Users\seven\AppData\Roaming\DVDVideoSoft
    2013-06-03 23:39 - 2013-01-14 19:45 - 00000000 ____D C:\Users\seven\AppData\Roaming\uTorrent
    2013-06-03 22:47 - 2012-12-15 22:52 - 00000000 ____D C:\Users\seven\AppData\Local\Paint.NET

    ==================== Known DLLs (Whitelisted) ============


    ==================== Bamital & volsnap Check =================

    C:\Windows\explorer.exe => MD5 is legit
    C:\Windows\System32\winlogon.exe => MD5 is legit
    C:\Windows\System32\wininit.exe => MD5 is legit
    C:\Windows\System32\svchost.exe => MD5 is legit
    C:\Windows\System32\services.exe => MD5 is legit
    C:\Windows\System32\User32.dll => MD5 is legit
    C:\Windows\System32\userinit.exe => MD5 is legit
    C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

    ==================== EXE ASSOCIATION =====================

    HKLM\...\.exe: exefile => OK
    HKLM\...\exefile\DefaultIcon: %1 => OK
    HKLM\...\exefile\open\command: <===== ATTENTION!

    ==================== Restore Points =========================

    Restore point made on: 2013-06-14 18:46:55
    Restore point made on: 2013-06-14 22:55:42
    Restore point made on: 2013-06-16 13:01:25
    Restore point made on: 2013-06-18 16:20:39
    Restore point made on: 2013-06-18 16:24:33
    Restore point made on: 2013-06-19 01:04:22
    Restore point made on: 2013-06-19 21:21:27
    Restore point made on: 2013-06-20 23:59:37
    Restore point made on: 2013-06-23 21:23:08

    ==================== Memory info ===========================

    Percentage of memory in use: 13%
    Total physical RAM: 3071.27 MB
    Available physical RAM: 2657.49 MB
    Total Pagefile: 3069.55 MB
    Available Pagefile: 2662.82 MB
    Total Virtual: 2047.88 MB
    Available Virtual: 1934.03 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:297.99 GB) (Free:114.07 GB) NTFS
    Drive g: () (Removable) (Total:7.47 GB) (Free:7.47 GB) FAT32
    Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
    Drive y: (Riservato per il sistema) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 000997F0)
    Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=298 GB) - (Type=07 NTFS)

    ========================================================
    Disk: 1 (Size: 7 GB) (Disk ID: 70707573)
    Partition 1: (Not Active) - (Size=923 GB) - (Type=0D)
    Partition 2: (Not Active) - (Size=259 GB) - (Type=0A)
    Partition 3: (Not Active) - (Size=844 GB) - (Type=6F)
    Partition 4: (Not Active) - (Size=26 MB) - (Type=0A)


    LastRegBack: 2013-05-14 15:37

    ==================== End Of Log ============================


    Edited by vicky67 - 21/8/2013, 17:30
     
    .
698 replies since 5/6/2013, 08:44   22513 views
  Share  
.

Rimozione malware
Create your forum and your blog! · Top Forum · Categories · Help · Status · Contacts · Powered by ForumFree