Ciao Sono Sara Mi Sono Appena Shfeliata

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:05-03-2016 01
Ran by Rob (administrator) on COMPUTERNABBO (18-03-2016 12:04:35)

Running from C:\Users\Rob\Downloads
Loaded Profiles: Rob (Available Profiles: Rob)
Platform: Microsoft Windows 10 Home Version 1511 (X86) Language: Italiano (Itali
a)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335
081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file wi
ll not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Nota Inc.) C:\Program Files\Gyazo\GyStation.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2t
xyewy\RemindersServer.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Telegram Messenger LLP) C:\Users\Rob\AppData\Roaming\Telegram Desktop\Telegram.
exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Valve Corporation) C:\Program Files\Steam\Steam.exe
(Valve Corporation) C:\Program Files\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files\Common Files\Steam\SteamService.exe
() C:\Users\Rob\Desktop\Applicazioni\Giochi\Rockstar games\Gta San Andreas a\sam
p.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8b
bwe\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\backgroundTaskHost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to d
efault or removed. The file will not be moved.)
HKLM\...\Run: [MRT] => C:\WINDOWS\system32\MRT.exe [141270216 2016-03-18] (Micro
soft Corporation)
HKU\S-1-5-21-4065476890-3613898036-4242967038-1000\...\Run: [Gyazo] => C:\Progra
m Files\Gyazo\GyStation.exe [3586848 2016-02-17] (Nota Inc.)
HKU\S-1-5-21-4065476890-3613898036-4242967038-1000\...\Run: [Skype] => C:\Progra
m Files\Skype\Phone\Skype.exe [50605696 2016-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-4065476890-3613898036-4242967038-1000\...\RunOnce: [Uninstall C:\Us
ers\Rob\AppData\Local\Microsoft\OneDrive\17.3.5892.0626] => C:\WINDOWS\system32\
cmd.exe /q /c rmdir /s /q "C:\Users\Rob\AppData\Local\Microsoft\OneDrive\17.3.58
92.0626"
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be remo
ved or restored to default.)
ProxyServer: [S-1-5-21-4065476890-3613898036-4242967038-1000] => 88.149.221.35:8
0
AutoConfigURL: [S-1-5-21-4065476890-3613898036-4242967038-1000] => 88.149.221.35
:80
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{90d2c7a2-ced5-4c48-bd5e-171057577e1f}: [DhcpNameServer] 192
.168.0.1
Tcpip\..\Interfaces\{F79825C2-F5DA-4BA0-B32C-1CE09871F886}: [DhcpNameServer] 172
.18.15.1
Internet Explorer:
==================
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:
\Program Files\Java\jre1.8.0_72\bin\ssv.dll [2016-02-21] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} ->
C:\Program Files\Java\jre1.8.0_72\bin\jp2ssv.dll [2016-02-21] (Oracle Corporatio
n)
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.72.2 -> C:\Program Files\Java\jre1.8.0_
72\bin\dtplugin\npDeployJava1.dll [2016-02-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.72.2 -> C:\Program Files\Java\jre1.8.
0_72\bin\plugin2\npjp2.dll [2016-02-21] (Oracle Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\
Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\
Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\n
ppdf32.dll [2015-11-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4065476890-3613898036-4242967038-1000: @unity3d.com/Unity
Player,version=1.0 -> C:\Users\Rob\AppData\LocalLow\Unity\WebPlayer\loader\npUni
ty3D32.dll [2015-12-17] (Unity Technologies ApS)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmk
t=it-it
CHR StartupUrls: Default -> "hxxps://www.google.it/"
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=
__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR Profile: C:\Users\Rob\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Presentazioni Google) - C:\Users\Rob\AppData\Local\Google\Chrome
\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-12]
CHR Extension: (Documenti Google) - C:\Users\Rob\AppData\Local\Google\Chrome\Use

r Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-12]
CHR Extension: (Google Drive) - C:\Users\Rob\AppData\Local\Google\Chrome\User Da
ta\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Rob\AppData\Local\Google\Chrome\User Data\De
fault\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\Rob\AppData\Local\Google\Chrome\User D
ata\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Fogli Google) - C:\Users\Rob\AppData\Local\Google\Chrome\User Da
ta\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-12]
CHR Extension: (Google Documenti offline) - C:\Users\Rob\AppData\Local\Google\Ch
rome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Users\Rob\AppData\Local\Google\Chrome\User Data\De
fault\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-03-18]
CHR Extension: (WhatFont) - C:\Users\Rob\AppData\Local\Google\Chrome\User Data\D
efault\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm [2015-10-18]
CHR Extension: (Facebook Flat New Design & AdBlock) - C:\Users\Rob\AppData\Local
\Google\Chrome\User Data\Default\Extensions\kadbillinepbjlgenaliokdhejdmmlgp [20
16-02-14]
CHR Extension: (Pagamenti Chrome Web Store) - C:\Users\Rob\AppData\Local\Google\
Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-12
]
CHR Extension: (TunnelBear VPN) - C:\Users\Rob\AppData\Local\Google\Chrome\User
Data\Default\Extensions\omdakjcmkglenbhjadbccaookpfjihpa [2016-02-12]
CHR Extension: (Proxy SwitchyOmega) - C:\Users\Rob\AppData\Local\Google\Chrome\U
ser Data\Default\Extensions\padekgcemlokbadohgkifijomclgjgif [2016-03-18]
CHR Extension: (Gmail) - C:\Users\Rob\AppData\Local\Google\Chrome\User Data\Defa
ult\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-12]
CHR HKU\S-1-5-21-4065476890-3613898036-4242967038-1000\SOFTWARE\Google\Chrome\Ex
tensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clie
nts2.google.com/service/update2/crx
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. T
he file will not be moved unless listed separately.)
S2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [65128 2016-01-11]
(CyberGhost S.R.L)
S4 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [
1513784 2015-10-05] (Malwarebytes)
S4 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135
416 2015-10-05] (Malwarebytes)
S4 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5702416 201509-11] (TeamViewer GmbH)
S4 UpdateCenterService; C:\Program Files\NVIDIA Corporation\System Update\Update
CenterService.exe [121376 2009-01-07] (NVIDIA)
R2 VIAKaraokeService; C:\WINDOWS\system32\viakaraokesrv.exe [36504 2015-06-22] (
VIA Technologies, Inc.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [280376 2015-10-30] (M
icrosoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23256 2015-10-30] (
Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
S1 axplhvru; C:\WINDOWS\system32\drivers\axplhvru.sys [48896 2016-03-17] (Micros
oft Corporation)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2015-12-25] (REALiX
(tm))
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwa
rebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-10-05]
(Malwarebytes Corporation)
R3 MTsensor; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [13216 2015-12-25] ()
R3 netr28u; C:\WINDOWS\System32\drivers\netr28u.sys [1800704 2015-10-30] (MediaT
ek Inc.)
R2 NVR0FLASHDev; C:\Windows\nvflash.sys [36896 2009-01-07] (NVIDIA Corp.)
R3 SCREAMINGBDRIVER; C:\WINDOWS\system32\drivers\ScreamingBAudio.sys [34896 2012
-07-31] (Screaming Bee LLC)
R3 tap-tb-0901; C:\WINDOWS\System32\drivers\tap-tb-0901.sys [33280 2015-08-10] (
The OpenVPN Project)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [35288 2013-08-22] (The Open
VPN Project)
R3 VIAHdAudAddService; C:\WINDOWS\system32\drivers\viahduaa.sys [575184 2015-0622] (VIA Technologies, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [37400 2015-10-30] (Microsoft
Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [246104 2015-10-30] (Micro
soft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [98648 2015-10-30] (Micros
oft Corporation)
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-03-18 12:04 - 2016-03-18 12:04
.txt
2016-03-18 12:04 - 2016-03-18 12:04
2016-03-18 12:03 - 2016-03-18 12:04
oads\FRST.exe
2016-03-18 12:02 - 2016-03-18 12:02
ElevatedDiagnostics
2016-03-18 11:19 - 2016-03-18 11:20
wnloads\ComboFix.exe
2016-03-18 10:13 - 2016-03-18 10:18
ctx_Jun2010_redist.exe
2016-03-18 10:11 - 2016-03-18 10:11
\WINDOWS\system32\MRT.exe
2016-03-18 10:11 - 2016-03-18 10:11
2016-03-18 10:07 - 2016-03-18 10:08
Users\Rob\Downloads\dxwebsetup.exe
2016-03-18 09:55 - 2016-03-18 10:09
2016-03-18 09:51 - 2016-03-18 09:51
dll por alexisflow99.rar
2016-03-18 09:51 - 2016-03-18 09:51
dll por alexisflow99.rar
2016-03-18 09:49 - 2016-03-18 09:49
- 00011262 _____ C:\Users\Rob\Downloads\FRST

- 00000000 ____D C:\FRST
- 01725440 _____ (Farbar) C:\Users\Rob\Downl
- 00000000 ____D C:\Users\Rob\AppData\Local\
- 05658396 _____ (Swearware) C:\Users\Rob\Do
- 62971063 _____ C:\Users\Rob\Downloads\dire
- 141270216 _____ (Microsoft Corporation) C:
- 00000000 ____D C:\WINDOWS\system32\MRT
- 00292184 _____ (Microsoft Corporation) C:\
- 00000000 ____D C:\WINDOWS\system32\directx
- 00065663 _____ C:\Users\Rob\Downloads\eax.
- 00014771 _____ C:\Users\Rob\Downloads\ogg.
- 00060774 _____ C:\Users\Rob\Downloads\sile
nts_asi_loader_13 (4).zip
2016-03-18 09:11 - 2015-10-29 19:42 - 05739520 _____
WINDOWS\system32\prm0009.dll
2016-03-18 09:11 - 2015-10-29 19:41 - 02629632 _____
WINDOWS\system32\NlsLexicons0009.dll
2016-03-18 09:11 - 2015-10-29 19:24 - 04847616 _____
WINDOWS\system32\NlsData0009.dll
2016-03-18 09:07 - 2016-03-18 09:07 - 00001051 _____
g\Microsoft\Windows\Start Menu\Programs\Funzionalit
2016-03-18 09:05 - 2016-03-18 09:05 - 00002095 _____
am.lnk
2016-03-18 08:56 - 2016-03-18 11:11 - 00000000 ____D
MicrosoftEdge
2016-03-18 08:55 - 2016-03-18 08:55 - 00000000 ____D
NetworkTiles
2016-03-18 08:53 - 2016-03-18 08:54 - 00000000 ____D
Comms
2016-03-18 00:03 - 2016-03-18 08:52 - 00002450 _____
g\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-03-18 00:03 - 2016-03-18 08:52 - 00000000 ___RD
2016-03-17 23:58 - 2016-03-17 23:58 - 00000000 ____D
ActiveSync
2016-03-17 23:56 - 2016-03-17 23:56 - 00000000 ____D
Publishers
2016-03-17 23:55 - 2016-03-17 23:55 - 00048896 _____
WINDOWS\system32\Drivers\axplhvru.sys
2016-03-17 23:54 - 2016-03-18 11:08 - 00000000 ____D
Packages
2016-03-17 23:54 - 2016-03-17 23:54 - 00000020 ___SH
2016-03-17 23:54 - 2016-03-17 23:54 - 00000000 ____D
TileDataLayer
2016-03-17 23:51 - 2016-03-17 23:51 - 00000000 _SHDL
stampa
2016-03-17 23:51 - 2016-03-17 23:51 - 00000000 _SHDL
rete
2016-03-17 23:51 - 2016-03-17 23:51 - 00000000 _SHDL
2016-03-17 23:51 - 2016-03-17 23:51 - 00000000 _SHDL
2016-03-17 23:51 - 2016-03-17 23:51 - 00000000 _SHDL
2016-03-17 23:51 - 2016-03-17 23:51 - 00000000 _SHDL
ni locali
2016-03-17 23:51 - 2016-03-17 23:51 - 00000000 _SHDL
Video
2016-03-17 23:51 - 2016-03-17 23:51 - 00000000 _SHDL
Musica
2016-03-17 23:51 - 2016-03-17 23:51 - 00000000 _SHDL
Immagini
2016-03-17 23:51 - 2016-03-17 23:51 - 00000000 _SHDL
2016-03-17 23:51 - 2016-03-17 23:51 - 00000000 _SHDL
cazioni
2016-03-17 23:51 - 2016-03-17 23:51 - 00000000 _SHDL
aming\Microsoft\Windows\Start Menu\Programmi
2016-03-17 23:51 - 2016-03-17 23:51 - 00000000 _SHDL
cal\Dati applicazioni
2016-03-17 23:51 - 2016-03-17 23:51 - 00000000 _SHDL
cal\Cronologia
2016-03-17 23:51 - 2016-03-17 23:51 - 00000000 _SHDL
ents\Video
2016-03-17 23:51 - 2016-03-17 23:51 - 00000000 _SHDL
ents\Musica
2016-03-17 23:51 - 2016-03-17 23:51 - 00000000 _SHDL
(Microsoft Corporation) C:\

C:\Users\Rob\AppData\Roamin
facoltative.lnk
C:\Users\Rob\Desktop\Telegr
C:\Users\Rob\AppData\Local\
C:\Users\Rob\OneDrive
C:\Users\Rob\ntuser.ini
C:\Users\Default\Risorse di
C:\Users\Default\Risorse di
C:\Users\Default\Recenti
C:\Users\Default\Modelli
C:\Users\Default\Menu Avvio
C:\Users\Default\Impostazio
C:\Users\Default\Documents\
C:\Users\Default\Documenti
C:\Users\Default\Dati appli
C:\Users\Default\AppData\Ro
C:\Users\Default\AppData\Lo
C:\Users\Default\AppData\Lo
C:\Users\Default User\Docum
ents\Immagini
2016-03-17 23:51 - 2016-03-17 23:51 - 00000000 _SHDL
ta\Roaming\Microsoft\Windows\Start Menu\Programmi
2016-03-17 23:51 - 2016-03-17 23:51 - 00000000 _SHDL
ta\Local\Dati applicazioni
2016-03-17 23:51 - 2016-03-17 23:51 - 00000000 _SHDL
ta\Local\Cronologia
2016-03-17 23:49 - 2016-03-17 23:49 - 00021500 _____
gdb.dat
2016-03-17 23:39 - 2016-03-17 23:39 - 00001544 _____
ndows\Start Menu\Programs\Windows Media Player.lnk
2016-03-17 23:39 - 2016-03-17 23:39 - 00000000 ____D
aming\Media Center Programs
2016-03-17 23:39 - 2016-03-17 23:39 - 00000000 ____D
ta\Roaming\Media Center Programs
2016-03-17 23:37 - 2016-03-17 23:37 - 00000000 ____D
es\SpeechEngines
2016-03-17 23:33 - 2016-03-18 09:13 - 00000000 ____D
2016-03-17 23:33 - 2016-03-17 23:33 - 00000000 _SHDL
mpa
2016-03-17 23:33 - 2016-03-17 23:33 - 00000000 _SHDL
e
2016-03-17 23:33 - 2016-03-17 23:33 - 00000000 _SHDL
2016-03-17 23:33 - 2016-03-17 23:33 - 00000000 _SHDL
2016-03-17 23:33 - 2016-03-17 23:33 - 00000000 _SHDL
2016-03-17 23:33 - 2016-03-17 23:33 - 00000000 _SHDL
ocali
2016-03-17 23:33 - 2016-03-17 23:33 - 00000000 _SHDL
o
2016-03-17 23:33 - 2016-03-17 23:33 - 00000000 _SHDL
ca
2016-03-17 23:33 - 2016-03-17 23:33 - 00000000 _SHDL
gini
2016-03-17 23:33 - 2016-03-17 23:33 - 00000000 _SHDL
2016-03-17 23:33 - 2016-03-17 23:33 - 00000000 _SHDL
oni
2016-03-17 23:33 - 2016-03-17 23:33 - 00000000 _SHDL
g\Microsoft\Windows\Start Menu\Programmi
2016-03-17 23:33 - 2016-03-17 23:33 - 00000000 _SHDL
Dati applicazioni
2016-03-17 23:33 - 2016-03-17 23:33 - 00000000 _SHDL
Cronologia
2016-03-17 23:31 - 2016-03-18 08:53 - 02067418 _____
ingBackup.INI
2016-03-17 23:28 - 2016-03-17 23:37 - 00000000 ____D
2016-03-17 23:27 - 2016-03-17 23:37 - 00000000 ____D
ration
2016-03-17 23:27 - 2016-03-17 23:27 - 00000000 ____D
2016-03-17 23:27 - 2016-03-17 23:27 - 00000000 ____D
2016-03-17 23:27 - 2015-10-13 17:47 - 04388016 _____
DOWS\system32\nvcpl.dll
2016-03-17 23:27 - 2015-10-13 17:47 - 03060912 _____
DOWS\system32\nvsvc.dll
2016-03-17 23:27 - 2015-10-13 17:47 - 02553520 _____
DOWS\system32\nvsvcr.dll
2016-03-17 23:27 - 2015-10-13 17:47 - 00670512 _____
DOWS\system32\nvvsvc.exe
2016-03-17 23:27 - 2015-10-13 17:47 - 00374904 _____
DOWS\system32\nvmctray.dll
2016-03-17 23:27 - 2015-10-13 17:47 - 00061560 _____
C:\Users\Default User\AppDa
C:\WINDOWS\system32\emptyre
C:\ProgramData\Microsoft\Wi
C:\Users\Default\AppData\Ro
C:\Program Files\Common Fil
C:\Users\Rob
C:\Users\Rob\Risorse di sta
C:\Users\Rob\Risorse di ret
C:\Users\Rob\Recenti
C:\Users\Rob\Modelli
C:\Users\Rob\Menu Avvio
C:\Users\Rob\Impostazioni l
C:\Users\Rob\Documents\Vide
C:\Users\Rob\Documents\Musi
C:\Users\Rob\Documents\Imma
C:\Users\Rob\Documenti
C:\Users\Rob\Dati applicazi
C:\WINDOWS\system32\PerfStr
C:\ProgramData\NVIDIA
C:\ProgramData\NVIDIA Corpo
C:\WINDOWS\system32\SRSLabs
C:\Program Files\VIA
(NVIDIA Corporation) C:\WIN
DOWS\system32\nvshext.dll
2016-03-17 23:27 - 2015-10-13 15:55 - 05972783 _____ C:\WINDOWS\system32\nvcopro
c.bin
2016-03-17 23:26 - 2016-03-17 23:37 - 00000000 ____D C:\Program Files\NVIDIA Cor
poration
2016-03-17 23:26 - 2016-03-17 23:26 - 00000000 ____H C:\WINDOWS\system32\Drivers
\Msft_User_WpdFs_01_11_00.Wdf
2016-03-17 23:24 - 2016-03-17 23:54 - 00000000 ___DC C:\WINDOWS\Panther
2016-03-17 23:18 - 2016-03-17 23:18 - 00000000 ____D C:\Windows.old
2016-03-17 23:17 - 2016-03-17 23:17 - 00008192 _____ C:\WINDOWS\system32\config\
userdiff
2016-03-17 23:15 - 2016-03-17 23:15 - 00000000 ____D C:\WINDOWS\system32\XPSView
er
2016-03-17 23:15 - 2016-03-17 23:15 - 00000000 ____D C:\WINDOWS\system32\msmq
2016-03-17 23:15 - 2016-03-17 23:15 - 00000000 ____D C:\WINDOWS\system32\BestPra
ctices
2016-03-17 23:15 - 2016-03-17 23:15 - 00000000 ____D C:\Program Files\Reference
Assemblies
2016-03-17 23:15 - 2016-03-17 23:15 - 00000000 ____D C:\Program Files\MSBuild
2016-03-17 23:15 - 2016-03-17 23:15 - 00000000 ____D C:\inetpub
2016-03-17 23:14 - 2016-03-17 23:14 - 00942592 _____ (Microsoft Corporation) C:\
WINDOWS\system32\reseteng.dll
WINDOWS\system32\systemreset.exe
WINDOWS\system32\Drivers\sdbus.sys
WINDOWS\system32\Drivers\dumpsd.sys
WINDOWS\system32\PresentationNative_v0300.dll
WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
WINDOWS\system32\TsWpfWrp.exe
2016-03-17 22:34 - 2015-10-30 06:45 - 00000001 ___SH C:\BOOTNXT
2016-03-17 22:29 - 2016-03-17 23:50 - 00010449 _____ C:\WINDOWS\diagerr.xml
2016-03-17 22:29 - 2016-03-17 23:50 - 00009528 _____ C:\WINDOWS\diagwrn.xml
2016-03-16 17:27 - 2016-03-16 17:27 - 00000000 ____D C:\Users\Rob\AppData\Local\
My Games
2016-03-15 18:47 - 2016-03-15 18:47 - 00000214 _____ C:\Users\Rob\Desktop\Sid Me
ier's Civilization V.url
2016-03-15 18:32 - 2016-03-15 18:32 - 00000000 ____D C:\Users\Rob\AppData\LocalL
ow\WARTEAM
2016-03-13 18:44 - 2016-03-13 18:44 - 00000000 ____D C:\Users\Rob\Downloads\back
up_1457545003_9055e521a188ddce.sql
2016-03-13 18:44 - 2016-03-09 18:37 - 25602120 _____ C:\Users\Rob\Desktop\backup
_1457545003_9055e521a188ddce.sql
2016-03-13 15:10 - 2016-03-13 15:10 - 00267174 _____ C:\Users\Rob\Desktop\Nuova
immagine bitmap.bmp
2016-03-11 22:45 - 2016-03-11 22:45 - 00001269 _____ C:\Users\Rob\Desktop\messag
gio moes.txt
2016-03-10 15:53 - 2016-03-10 15:53 - 00003288 ____N C:\bootsqm.dat
2016-03-09 18:36 - 2016-03-09 18:37 - 05389167 _____ C:\Users\Rob\Downloads\back
up_1457545003_9055e521a188ddce.sql.gz
2016-03-08 21:05 - 2016-03-08 21:05 - 00000000 ____D C:\Users\Rob\Desktop\bideo
2016-03-08 16:08 - 2016-03-08 16:08 - 01925049 _____ C:\Users\Rob\Desktop\icone.
rar
2016-03-08 15:57 - 2016-03-18 09:43 - 00000000 ____D C:\Users\Rob\Desktop\new
2016-03-08 15:56 - 2016-03-08 15:57 - 01162568 _____ C:\Users\Rob\Downloads\new.
rar
2016-03-07 19:10 - 2016-03-07 19:21 - 00000000 ____D C:\Users\Rob\Desktop\aa

2016-03-07 16:30 - 2016-03-07 16:30 - 00095619 _____ C:\Users\Rob\Desktop\0000ab
9e_medium.jpeg
2016-03-07 15:04 - 2016-03-07 15:04 - 00890836 _____ C:\Users\Rob\Desktop\img 6
2016-03-07 14:56 - 2016-03-07 19:22 - 00000000 ____D C:\Users\Rob\Desktop\editat
e
2016-03-04 19:01 - 2016-03-04 20:21 - 00000232 _____ C:\Users\Rob\Desktop\propos
te aggiunte.txt
2016-03-04 18:04 - 2016-03-04 18:04 - 00000000 ____D C:\Users\Rob\Desktop\proFor
mell
2016-03-04 18:03 - 2016-03-04 18:04 - 00181100 _____ C:\Users\Rob\Downloads\proF
ormell_2.0.3.zip
2016-03-03 19:06 - 2016-03-18 10:04 - 00000000 ____D C:\Users\Rob\Downloads\Tele
gram Desktop
2016-03-02 22:39 - 2016-03-17 23:59 - 00000000 ____D C:\Users\Rob\Desktop\se_squ
are_left
2016-03-02 22:38 - 2016-03-02 22:38 - 06342352 _____ (Tim Kosse) C:\Users\Rob\Do
wnloads\FileZilla_3.16.0_win32-setup.exe
2016-03-02 22:38 - 2016-03-02 22:38 - 00141453 _____ C:\Users\Rob\Downloads\sesq
uareleft.zip
2016-03-02 16:32 - 2016-03-02 16:32 - 00017645 _____ C:\Users\Rob\Downloads\anti
adm freeze F10.cs
2016-03-02 16:02 - 2016-03-02 16:02 - 00018609 _____ C:\Users\Rob\Downloads\Unfr
eeze.rar.rar
2016-03-02 14:10 - 2016-03-18 09:54 - 00000000 ____D C:\Users\Rob\AppData\Roamin
g\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
2016-03-01 20:02 - 2016-03-01 20:02 - 00069120 _____ C:\Users\Rob\Downloads\exdi
sp.asi
2016-03-01 12:30 - 2016-03-01 12:46 - 04311552 _____ C:\Users\Rob\Desktop\Plague
Inc Evolved V0.8.6.3 Trainer +3 MrAntiFun.EXE
2016-03-01 12:14 - 2016-03-01 12:15 - 04156148 _____ C:\Users\Rob\Downloads\Plag
ue Inc Evolved V0.8.6.3 Trainer +3 MrAntiFun.zip
2016-03-01 12:03 - 2016-03-01 12:04 - 03539017 _____ C:\Users\Rob\Downloads\Plag
ue_Inc_Evolved__Early_Access_Trainer_plus1.zip
Ndemic Creations
2016-02-29 16:29 - 2016-03-17 23:37 - 00000000 ____D C:\ProgramData\Microsoft\Wi
ndows\Start Menu\Programs\by Decepticon
Inc Evolved.lnk
Inc Evolved-Scenario Creator.lnk
2016-02-29 16:28 - 2016-02-29 16:31 - 00000000 ____D C:\Program Files\Plague Inc
Evolved
2016-02-29 16:26 - 2015-08-03 11:10 - 00000000 ____D C:\Users\Rob\Desktop\Plague
Inc Evolved.(0.8.4.2).(2013) [Decepticon] RePack
2016-02-29 16:24 - 2016-02-29 16:24 - 189887846 _____ C:\Users\Rob\Downloads\Pla
gue Inc Evolved.(0.8.4.2)NexT&G.rar
CrashDumps
g\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2016-02-26 16:30 - 2016-03-05 20:42 - 00002159 _____ C:\Users\Rob\Desktop\Discor
d.lnk
g\discord
SquirrelTemp
Discord
2016-02-26 16:23 - 2016-02-26 16:27 - 48166072 _____ (Hammer & Chisel, Inc.) C:\
Users\Rob\Downloads\DiscordSetup.exe
2016-02-25 12:14 - 2016-02-25 13:19 - 407651602 _____ C:\Users\Rob\Downloads\xon
otic-0.8.1.zip
ndows\Start Menu\Programs\Notepad++
g\Notepad++
2016-02-24 20:08 - 2016-02-24 20:08 - 00000000 ____D C:\Program Files\Notepad++
2016-02-24 20:07 - 2016-02-24 20:07 - 04204144 _____ C:\Users\Rob\Downloads\npp.
6.9.Installer.exe
g\SQLyog
2016-02-24 20:04 - 2016-02-24 20:04 - 00000000 ____D C:\Program Files\SQLyog Tri
al
2016-02-24 20:02 - 2016-02-24 20:03 - 05860032 _____ (Webyog Inc.) C:\Users\Rob\
Downloads\SQLyog-12.2.0-0.x86Trial.exe
2016-02-23 20:59 - 2016-02-19 16:47 - 02671822 _____ C:\Users\Rob\Desktop\LdAcco
unt.sql
2016-02-23 17:17 - 2016-02-23 17:17 - 03020240 _____ C:\Users\Rob\Desktop\ts3_re
cording_16_02_23_17_17_26.wav
2016-02-22 14:22 - 2016-03-17 23:59 - 00000000 ____D C:\Users\Rob\Desktop\basic_
orange
2016-02-22 14:21 - 2016-02-22 14:22 - 01409096 _____ C:\Users\Rob\Downloads\basi
c_orange.zip
2016-02-21 21:41 - 2016-02-21 21:45 - 00001931 _____ C:\Users\Rob\Desktop\styles
heet.css
2016-02-21 21:17 - 2016-02-21 21:17 - 00018760 _____ C:\Users\Rob\Downloads\pros
ilver_se_3.1.4 (1).zip
2016-02-21 21:16 - 2016-02-21 21:16 - 00000000 ____D C:\Users\Rob\Desktop\prosil
ver_se
2016-02-21 21:15 - 2016-02-21 21:15 - 00018760 _____ C:\Users\Rob\Downloads\pros
ilver_se_3.1.4.zip
2016-02-21 20:44 - 2016-02-21 20:44 - 00708302 _____ C:\Users\Rob\Downloads\301.
zip
2016-02-21 20:18 - 2016-01-09 09:57 - 00000000 ____D C:\Users\Rob\Desktop\phpBB3
2016-02-21 20:16 - 2016-02-21 20:17 - 03950815 _____ C:\Users\Rob\Downloads\phpB
B-3.1.7-pl1.zip
g\FileZilla
ndows\Start Menu\Programs\FileZilla FTP Client
2016-02-21 19:56 - 2016-02-21 19:56 - 00002043 _____ C:\Users\Public\Desktop\Fil
eZilla Client.lnk
2016-02-21 19:56 - 2016-02-21 19:56 - 00000000 ____D C:\Program Files\FileZilla
FTP Client
2016-02-21 19:53 - 2016-02-21 19:55 - 06342024 _____ (Tim Kosse) C:\Users\Rob\Do
wnloads\FileZilla_3.15.0.2_win32-setup.exe
2016-02-21 17:22 - 2016-02-21 17:22 - 00000000 ____D C:\Program Files\Common Fil
es\Java
2016-02-21 17:15 - 2016-02-21 17:20 - 00000000 ____D C:\Users\Rob\Desktop\Icone
TeamSpeak
2016-02-20 16:27 - 2016-02-20 16:28 - 00327943 _____ C:\Users\Rob\Downloads\LdAc
count.sql.zip
2016-02-20 15:49 - 2016-02-20 15:50 - 05354948 _____ C:\Users\Rob\Downloads\ocea
n.pwn
2016-02-20 13:44 - 2016-02-20 13:56 - 96723839 _____ C:\Users\Rob\Downloads\LSFD
Official.zip
2016-02-17 15:14 - 2016-02-17 15:15 - 00973730 _____ C:\Users\Rob\Downloads\CLEO
4.4_custom and SAMPFUNCS 5.2.2.rar
2016-02-17 15:10 - 2016-02-17 15:10 - 00006337

2016-02-17 15:10 - 2016-02-17 15:09 - 01197151
2016-02-17 15:09 - 2016-02-17 15:09 - 00892903
Users\Rob\Downloads\CLEO4_setup.exe
2016-02-17 14:36 - 2016-02-17 14:36 - 00046962
taghack_0.3.7.zip
2016-02-17 14:30 - 2016-02-13 16:43 - 00018775
imbot.cs
2016-02-17 14:29 - 2016-02-17 14:29 - 00531878
_3_1_bin.zip
2016-02-17 13:50 - 2016-02-17 13:50 - 00688833
sD.RAR
2016-02-17 13:48 - 2016-02-17 13:48 - 01779540
UD_icons.zip
2016-02-17 13:43 - 2016-02-17 13:43 - 00476626
S.2012_3.rar
2016-02-17 13:28 - 2016-02-17 13:30 - 12327960
PACK Original Hood Piru by CaliDee Modding.rar
2016-02-17 12:23 - 2016-02-17 12:23 - 01049875
oader.zip
2016-02-17 12:19 - 2016-02-17 12:20 - 00060774
nts_asi_loader_13 (3).zip
_____ C:\WINDOWS\unins000.dat
_____ C:\WINDOWS\unins000.exe
_____ (Seemann, Deji, Alien ) C:\
_____ C:\Users\Rob\Downloads\name
_____ C:\Users\Rob\Desktop\Skin-A
_____ C:\Users\Rob\Downloads\sf_5
_____ C:\Users\Rob\Downloads\Icon
_____ C:\Users\Rob\Downloads\SA_H
_____ C:\Users\Rob\Downloads\TXDW
_____ C:\Users\Rob\Downloads\SKIN
_____ C:\Users\Rob\Downloads\modl
_____ C:\Users\Rob\Downloads\sile
==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)
2016-03-18 12:04 - 2015-12-25
h Player Updater.job
2016-03-18 12:03 - 2015-10-30
s
2016-03-18 12:03 - 2015-10-30
2016-03-18 12:00 - 2015-09-12
g\Skype
2016-03-18 11:41 - 2015-09-12
teTaskMachineUA.job
2016-03-18 10:59 - 2015-11-24
2016-03-18 10:31 - 2015-10-30
2016-03-18 10:22 - 2015-10-30
WINDOWS\system32\dpnet.dll
2016-03-18 10:22 - 2015-10-30
WINDOWS\system32\dpnathlp.dll
2016-03-18 10:22 - 2015-10-30
WINDOWS\system32\dpnsvr.exe
2016-03-18 10:22 - 2015-10-30
WINDOWS\system32\dpnhupnp.dll
2016-03-18 10:22 - 2015-10-30
WINDOWS\system32\dpnhpast.dll
2016-03-18 10:22 - 2015-10-30
WINDOWS\system32\dpnlobby.dll
2016-03-18 10:22 - 2015-10-30
WINDOWS\system32\dpnaddr.dll
2016-03-18 10:21 - 2015-10-30
WINDOWS\system32\dplayx.dll
2016-03-18 10:21 - 2015-10-30
WINDOWS\system32\dpwsockx.dll
2016-03-18 10:21 - 2015-10-30
WINDOWS\system32\dpmodemx.dll
2016-03-18 10:21 - 2015-10-30
WINDOWS\system32\dplaysvr.exe
11:48 - 00000978 _____ C:\WINDOWS\Tasks\Adobe Flas

06:48 - 00000000 ___HD C:\Program Files\WindowsApp
06:48 - 00000000 ____D C:\WINDOWS\AppReadiness
12:50 - 00000000 ____D C:\Users\Rob\AppData\Roamin
12:18 - 00001138 _____ C:\WINDOWS\Tasks\GoogleUpda
14:31 - 00000000 ____D C:\Program Files\Steam
06:39 - 00000000 ____D C:\WINDOWS\CbsTemp
06:44 - 00395264 _____ (Microsoft Corporation) C:\
2016-03-18 10:09 - 2015-10-01 19:50 - 00000000 ___HD C:\WINDOWS\msdownld.tmp

2016-03-18 09:55 - 2016-01-24 18:13 - 00736866 _____ C:\Users\Rob\Downloads\mod_
sa_installer.exe
2016-03-18 09:54 - 2015-09-13 12:28 - 16270006 _____ C:\Users\Rob\Downloads\sa-m
p-0.3.7-install.exe
2016-03-18 09:12 - 2016-02-13 12:56 - 00000000 ____D C:\WINDOWS\OCR
g\Telegram Desktop
2016-03-18 08:55 - 2015-10-30 06:47 - 00000000 ____D C:\WINDOWS\INF
2016-03-18 08:53 - 2016-02-13 12:54 - 00901356 _____ C:\WINDOWS\system32\perfh01
0.dat
2016-03-18 08:53 - 2016-02-13 12:54 - 00186064 _____ C:\WINDOWS\system32\perfc01
0.dat
2016-03-18 08:52 - 2015-09-12 12:18 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpda
teTaskMachineCore.job
2016-03-18 00:06 - 2015-09-12 13:17 - 00000000 ____D C:\Users\Rob\Desktop\Applic
azioni
2016-03-17 23:55 - 2016-02-13 13:11 - 00000000 __RHD C:\Users\Public\AccountPict
ures
2016-03-17 23:54 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\rescache
2016-03-17 23:52 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\system32\WinBioD
atabase
2016-03-17 23:51 - 2015-10-30 06:48 - 00000000 ____D C:\Program Files\Windows NT
2016-03-17 23:50 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\Registration
2016-03-17 23:49 - 2016-02-13 13:08 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-03-17 23:49 - 2015-10-30 06:48 - 00000000 __RSD C:\WINDOWS\Media
2016-03-17 23:49 - 2015-10-30 06:48 - 00000000 __RHD C:\Users\Public\Libraries
2016-03-17 23:48 - 2015-09-12 12:23 - 00002216 _____ C:\ProgramData\Microsoft\Wi
ndows\Start Menu\Programs\Google Chrome.lnk
2016-03-17 23:45 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\system32\spool
2016-03-17 23:41 - 2016-02-13 04:06 - 00201632 _____ C:\WINDOWS\system32\FNTCACH
E.DAT
ndows\Start Menu\Programs\Cheat Engine 6.5
ndows\Start Menu\Programs\Photobucket Backup
ndows\Start Menu\Programs\NVIDIA Corporation
ndows\Start Menu\Programs\AutoHotkey
ndows\Start Menu\Programs\Malwarebytes Anti-Malware
ndows\Start Menu\Programs\Driver Booster 3
g\Microsoft\Windows\Start Menu\Programs\No-IP DUC
ndows\Start Menu\Programs\Gyazo
ndows\Start Menu\Programs\Steam
g\Microsoft\Windows\Start Menu\Programs\MKing
2016-03-17 23:40 - 2015-10-30 06:13 - 00262144 ___SH C:\WINDOWS\system32\config\
BBI
2016-03-17 23:40 - 2015-10-30 06:13 - 00032768 ___SH C:\WINDOWS\system32\config\
ELAM
ndows\Start Menu\Programs\TCPEye
g\Microsoft\Windows\Start Menu\Programs\Telegram Desktop
2016-03-17 23:40 - 2015-10-10 20:39 - 00000000 ____D

ndows\Start Menu\Programs\TSNotifier
2016-03-17 23:40 - 2015-10-01 15:55 - 00000000 ____D
ndows\Start Menu\Programs\CyberGhost 5
2016-03-17 23:40 - 2015-09-17 18:30 - 00000000 ____D
g\Microsoft\Windows\Start Menu\Programs\Games
2016-03-17 23:40 - 2015-09-14 20:45 - 00000000 ____D
ndows\Start Menu\Programs\Java
2016-03-17 23:40 - 2015-09-13 12:31 - 00000000 ____D
ndows\Start Menu\Programs\San Andreas Multiplayer
2016-03-17 23:40 - 2015-09-12 13:21 - 00000000 ____D
ndows\Start Menu\Programs\TeamSpeak 3 Client
2016-03-17 23:40 - 2015-09-12 12:30 - 00000000 ____D
g\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-03-17 23:40 - 2015-09-12 12:30 - 00000000 ____D
ndows\Start Menu\Programs\WinRAR
2016-03-17 23:39 - 2009-07-14 03:37 - 00000000 ____D
2016-03-17 23:38 - 2016-02-14 19:01 - 00000000 ____D
Shield
2016-03-17 23:38 - 2015-11-30 22:53 - 00000000 ____D
2016-03-17 23:38 - 2015-10-30 06:48 - 00000000 ____D
lugIns
2016-03-17 23:38 - 2015-10-30 06:48 - 00000000 ____D
2016-03-17 23:38 - 2015-10-30 06:48 - 00000000 ____D
2016-03-17 23:37 - 2016-02-13 13:02 - 00000000 ____D
2016-03-17 23:37 - 2016-02-13 12:54 - 00000000 ____D
2016-03-17 23:37 - 2016-01-07 14:59 - 00000000 ____D
ndows\Start Menu\Programs\Skype
2016-03-17 23:37 - 2015-10-30 06:48 - 00000000 __SHD
debar
2016-03-17 23:37 - 2015-10-30 06:48 - 00000000 ____D
2016-03-17 23:37 - 2015-10-30 06:48 - 00000000 ____D
es\microsoft shared
2016-03-17 23:37 - 2015-10-03 21:03 - 00000000 ____D
ndows\Start Menu\Programs\www.GameModding.net
2016-03-17 23:37 - 2015-10-02 14:44 - 00000000 ____D
ndows\Start Menu\Programs\Screaming Bee
2016-03-17 23:37 - 2009-07-14 05:52 - 00000000 ____D
Games
2016-03-17 23:37 - 2009-07-14 05:52 - 00000000 ____D
2016-03-17 23:35 - 2016-02-12 15:02 - 00000000 ____D
g\Microsoft\Windows\Start Menu\Programs\AnalogX
2016-03-17 23:31 - 2015-10-30 06:13 - 00000000 ____D
2016-03-17 23:27 - 2015-10-30 06:48 - 00000000 ____D
2016-03-17 23:24 - 2015-10-30 06:48 - 00028672 _____
BCD-Template
2016-03-17 23:15 - 2015-10-30 06:48 - 00000000 ____D
2016-03-17 23:15 - 2015-10-30 06:48 - 00000000 ____D
2016-03-17 23:15 - 2015-10-30 06:45 - 01014272 _____
WINDOWS\system32\mqqm.dll
2016-03-17 23:15 - 2015-10-30 06:45 - 00635904 _____
WINDOWS\system32\mqsnap.dll
2016-03-17 23:15 - 2015-10-30 06:45 - 00562176 _____
WINDOWS\system32\mqutil.dll
2016-03-17 23:15 - 2015-10-30 06:45 - 00266240 _____
WINDOWS\system32\mqoa.dll
2016-03-17 23:15 - 2015-10-30 06:45 - 00168960 _____
WINDOWS\system32\iisRtl.dll
2016-03-17 23:15 - 2015-10-30 06:45 - 00161792 _____
WINDOWS\system32\mqrt.dll
C:\Users\Default.migrated
C:\WINDOWS\system32\Hotspot
C:\WINDOWS\system32\xlive
C:\WINDOWS\system32\WinBioP
C:\WINDOWS\system32\NDF
C:\WINDOWS\system32\IME
C:\WINDOWS\ShellNew
C:\WINDOWS\DigitalLocker
C:\Program Files\Windows Si
C:\WINDOWS\schemas
C:\Program Files\Common Fil
C:\Program Files\Microsoft
C:\Program Files\DVD Maker
C:\WINDOWS\system32\Sysprep
C:\WINDOWS\Help
C:\WINDOWS\system32\config\
C:\WINDOWS\system32\MUI
C:\WINDOWS\system32\inetsrv

WINDOWS\system32\Drivers\mqac.sys
WINDOWS\system32\mqlogmgr.dll
WINDOWS\system32\mqoa.tlb
WINDOWS\system32\mqoa30.tlb
WINDOWS\system32\admwprox.dll
WINDOWS\system32\mqbkup.exe
WINDOWS\system32\ahadmin.dll
WINDOWS\system32\mqsvc.exe
WINDOWS\system32\iisreset.exe
WINDOWS\system32\mqcertui.dll
WINDOWS\system32\wamregps.dll
WINDOWS\system32\iisrstap.dll
2016-03-17 23:15 - 2015-10-30 06:45 - 00009096 _____ C:\WINDOWS\system32\msmqtrc
.mof
2016-03-17 23:01 - 2011-04-12 05:27 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-03-17 22:36 - 2009-07-14 05:34 - 00028128 ____H C:\WINDOWS\system32\7B296FB
0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-17 22:36 - 2009-07-14 05:34 - 00028128 ____H C:\WINDOWS\system32\7B296FB
0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-17 22:34 - 2015-09-12 13:00 - 00008192 __RSH C:\BOOTSECT.BAK
2016-03-17 22:29 - 2016-02-13 13:50 - 00000000 ___HD C:\$WINDOWS.~BT
2016-03-16 17:27 - 2015-11-28 23:18 - 00000000 ____D C:\Users\Rob\Documents\My G
ames
2016-03-16 16:40 - 2015-11-24 14:31 - 00000000 ____D C:\Program Files\Common Fil
es\Steam
g\TS3Client
2016-03-08 08:12 - 2015-10-30 06:49 - 00829944 _____ (Adobe Systems Incorporated
) C:\WINDOWS\system32\FlashPlayerApp.exe
2016-03-08 08:12 - 2015-10-30 06:49 - 00176632 _____ (Adobe Systems Incorporated
) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2016-03-07 19:22 - 2015-09-12 16:28 - 00000132 _____ C:\Users\Rob\AppData\Roamin
g\Adobe PNG Format CS5 Prefs
2016-03-02 14:10 - 2015-12-14 16:00 - 00000000 ____D C:\Program Files\Gyazo
2016-02-25 10:52 - 2015-09-12 12:50 - 00000000 ____D C:\ProgramData\Skype
2016-02-21 17:22 - 2015-09-14 20:46 - 00000000 ____D C:\Users\Rob\.oracle_jre_us
age
2016-02-21 17:21 - 2015-09-14 20:45 - 00095840 _____ (Oracle Corporation) C:\WIN
DOWS\system32\WindowsAccessBridge.dll
2016-02-21 17:20 - 2015-09-14 20:45 - 00000000 ____D C:\Program Files\Java
2016-02-21 17:17 - 2015-12-25 10:50 - 00000000 ____D C:\ProgramData\ProductData
2016-02-20 15:35 - 2015-09-24 15:18 - 00000000 ____D C:\Users\Rob\Desktop\screen
s
g\SA-MP Audio Plugin

==================== Files in the root of some directories =======
2015-09-12 16:28 - 2016-03-07 19:22
ing\Adobe PNG Format CS5 Prefs
2015-12-15 14:57 - 2015-12-15 14:58
ing\sample.wav
2016-01-01 14:02 - 2016-01-01 14:02
l\Resmon.ResmonCfg
2016-02-09 21:16 - 2016-02-09 21:16
SqlServer.Compact.400.32.bc
- 0000132 _____ () C:\Users\Rob\AppData\Roam

- 0104428 _____ () C:\Users\Rob\AppData\Roam
- 0007605 _____ () C:\Users\Rob\AppData\Loca
- 0000098 _____ () C:\ProgramData\Microsoft.
==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-03-17 23:25
==================== End of FRST.txt ============================

Ciao Sono Sara Mi Sono Appena Shfeliata

Transféré par

Informations du document

Titre original

Copyright

Formats disponibles

Partager ce document

Partager ou intégrer le document

Options de partage

Avez-vous trouvé ce document utile ?

Ce contenu est-il inapproprié ?

Droits d'auteur :

Formats disponibles

Ciao Sono Sara Mi Sono Appena Shfeliata

Transféré par

Droits d'auteur :

Formats disponibles

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:05-03-2016 01

Ran by Rob (administrator) on COMPUTERNABBO (18-03-2016 12:04:35)

CHR Extension: (Documenti Google) - C:\Users\Rob\AppData\Local\Google\Chrome\Use

- 00011262 _____ C:\Users\Rob\Downloads\FRST

(Microsoft Corporation) C:\

2016-03-07 19:10 - 2016-03-07 19:21 - 00000000 ____D C:\Users\Rob\Desktop\aa

2016-02-17 15:10 - 2016-02-17 15:10 - 00006337

==================== One Month Modified files and folders ========

11:48 - 00000978 _____ C:\WINDOWS\Tasks\Adobe Flas

2016-03-18 10:09 - 2015-10-01 19:50 - 00000000 ___HD C:\WINDOWS\msdownld.tmp

2016-03-17 23:40 - 2015-10-10 20:39 - 00000000 ____D

2016-03-17 23:15 - 2015-10-30 06:45 - 00130560 _____ (Microsoft Corporation) C:\

g\SA-MP Audio Plugin

- 0000132 _____ () C:\Users\Rob\AppData\Roam

==================== Bamital & volsnap =================

Vous aimerez peut-être aussi