Virus o problema hardware?

[stefklas]

Ho eseguito le istruzioni per firefox ma la finestrella di cui parla lì non mi si apre...

Intanto ho rifatto lo scan frst. Di seguito i due log.

[stefklas]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-06-2017 01
Ran by Claudio (administrator) on KLAS (16-06-2017 15:18:03)
Running from C:\Users\Claudio\Desktop
Loaded Profiles: Claudio (Available Profiles: Claudio)
Platform: Windows 10 Pro Version 1607 (X64) Language: Italiano (Italia)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe
(Copyright (c) 2017 Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
() C:\Windows\SysWOW64\SecUPDUtilSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Microsoft Corporation) C:\Windows\System32\Speech_OneCore\Common\SpeechRuntime.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(VIA Technologies, Inc.) C:\Program Files\VIA XHCI UASP Utility\usb3Monitor.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
() C:\Program Files\OpenVPN\bin\openvpn-gui.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Panasonic Corporation) C:\Program Files (x86)\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe
(Samsung Electronics Co. Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OFFICE15\CSISYNCCLIENT.EXE
(Copyright (c) 2017 Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_ep64.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_ep64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17042.14111.0_x64__8wekyb3d8bbwe\Music.UI.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [4689072 2013-12-26] (VIA)
HKLM\...\Run: [VIAxHCUtl] => C:\Program Files\VIA XHCI UASP Utility\usb3Monitor
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] ()
HKLM\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239592 2017-05-31] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [263232 2017-05-18] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58584 2017-05-30] (Raptr, Inc)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239592 2017-05-31] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [51416 2017-06-14] (Copyright (c) 2017 Plays.tv, LLC)
HKU\S-1-5-21-3511887087-4107616233-696709613-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-27] (Disc Soft Ltd)
HKU\S-1-5-21-3511887087-4107616233-696709613-1001\...\Run: [STUISpeedLauncher] => C:\Program Files\Samsung\Stylish UI Pack\TouchBasedUI.exe [411136 2015-02-09] ()
HKU\S-1-5-21-3511887087-4107616233-696709613-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23819304 2017-03-21] (Google)
HKU\S-1-5-21-3511887087-4107616233-696709613-1001\...\Run: [OPENVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [615040 2017-03-22] ()
HKU\S-1-5-21-3511887087-4107616233-696709613-1001\...\Run: [eMuleAutoStart] => C:\Program Files (x86)\eMule\emule.exe [5758976 2010-04-07] (hxxp://www.emule-project.net)
HKU\S-1-5-21-3511887087-4107616233-696709613-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9803992 2017-06-13] (Piriform Ltd)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PHOTOfunSTUDIO 9.0 AE.lnk [2015-08-20]
ShortcutTarget: PHOTOfunSTUDIO 9.0 AE.lnk -> C:\Program Files (x86)\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe (Panasonic Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0878bcbf-b797-47ae-ba10-5b80729643ba}: [DhcpNameServer] 192.168.32.22 192.168.32.21
Tcpip\..\Interfaces\{e04e7c81-4a9f-4ab3-9f3c-fe2ecd89b8c7}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2017-04-11] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-25] (Google Inc.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2017-04-11] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-25] (Google Inc.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-25] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-25] (Google Inc.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: c05u035j.default
FF ProfilePath: C:\Users\Claudio\AppData\Roaming\Mozilla\Firefox\Profiles\c05u035j.default [2017-06-16]
FF Homepage: Mozilla\Firefox\Profiles\c05u035j.default -> hxxp://www.fantacalcio.it/
FF Extension: (YesScript) - C:\Users\Claudio\AppData\Roaming\Mozilla\Firefox\Profiles\c05u035j.default\Extensions\yesscript@userstyles.org.xpi [2016-08-03]
FF Extension: (RightToClick) - C:\Users\Claudio\AppData\Roaming\Mozilla\Firefox\Profiles\c05u035j.default\Extensions\{cd617375-6743-4ee8-bac4-fbf10f35729e}.xpi [2016-11-16]
FF Extension: (Adblock Plus) - C:\Users\Claudio\AppData\Roaming\Mozilla\Firefox\Profiles\c05u035j.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-08]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_131.dll [2017-06-16] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_131.dll [2017-06-16] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-07-19] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFFICE.DLL [2007-03-22] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Claudio\AppData\Local\Google\Chrome\User Data\Default [2017-06-16]
CHR Extension: (Google Drive) - C:\Users\Claudio\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-16]
CHR Extension: (YouTube) - C:\Users\Claudio\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-20]
CHR Extension: (Google Search) - C:\Users\Claudio\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-19]
CHR Extension: (Adobe Acrobat) - C:\Users\Claudio\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-07]
CHR Extension: (Google Documenti offline) - C:\Users\Claudio\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-16]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Claudio\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-11-16]
CHR Extension: (Gmail) - C:\Users\Claudio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-13]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-04] (Advanced Micro Devices, Inc.) [File not signed]
S3 AppleChargerSrv; C:\WINDOWS\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [264432 2017-05-18] (AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [7396872 2017-05-18] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1428656 2017-05-31] (AVG Technologies CZ, s.r.o.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-27] (Disc Soft Ltd)
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv2.exe [15872 2016-11-25] ( ) [File not signed]
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [72320 2017-03-22] (The OpenVPN Project)
S3 OpenVPNServiceLegacy; C:\Program Files\OpenVPN\bin\openvpnserv.exe [72320 2017-03-22] (The OpenVPN Project)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [55000 2017-06-14] (Copyright (c) 2017 Plays.tv, LLC)
R2 SamsungUPDUtilSvc; C:\Windows\SysWOW64\SecUPDUtilSvc.exe [143664 2016-05-19] ()
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7757040 2017-04-06] (TeamViewer GmbH)
R2 VIAKaraokeService; C:\WINDOWS\system32\viakaraokesrv.exe [36504 2015-06-22] (VIA Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [23240 2016-03-21] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmdag.sys [36558208 2017-05-16] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmpag.sys [528760 2017-05-16] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R1 AppleCharger; C:\WINDOWS\System32\DRIVERS\AppleCharger.sys [22240 2013-10-28] ()
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110096 2016-04-26] (Advanced Micro Devices)
R1 avgbdisk; C:\WINDOWS\system32\drivers\avgbdiska.sys [166624 2017-05-18] (AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\system32\drivers\avgbidsdrivera.sys [314128 2017-05-18] (AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\system32\drivers\avgbidsha.sys [192584 2017-05-18] (AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\WINDOWS\system32\drivers\avgbloga.sys [336896 2017-05-18] (AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\system32\drivers\avgbuniva.sys [51336 2017-05-18] (AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\WINDOWS\system32\drivers\avgHwid.sys [39424 2017-05-18] (AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\WINDOWS\system32\drivers\avgMonFlt.sys [129776 2017-05-18] (AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\system32\drivers\avgRdr2.sys [102280 2017-05-18] (AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\system32\drivers\avgRvrt.sys [76832 2017-05-18] (AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\system32\drivers\avgSnx.sys [1008288 2017-05-18] (AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\system32\drivers\avgSP.sys [570320 2017-05-18] (AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\system32\drivers\avgStm.sys [160008 2017-05-18] (AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\system32\drivers\avgVmm.sys [340824 2017-05-18] (AVG Technologies CZ, s.r.o.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30352 2015-03-06] (Disc Soft Ltd)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2015-03-20] ()
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [252832 2017-06-16] (Malwarebytes)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S1 UsbCharger; C:\WINDOWS\System32\DRIVERS\UsbCharger.sys [22240 2013-10-24] ()
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-06-16 15:18 - 2017-06-16 15:18 - 00019546 _____ C:\Users\Claudio\Desktop\FRST.txt
2017-06-16 14:10 - 2017-06-16 14:10 - 00252832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\14A656B1.sys
2017-06-16 14:07 - 2017-06-16 14:07 - 00167332 _____ C:\Users\Claudio\Documents\cc_20170616_140703.reg
2017-06-16 14:00 - 2017-06-16 14:00 - 00002852 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-06-16 14:00 - 2017-06-16 14:00 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-06-16 14:00 - 2017-06-16 14:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-06-16 14:00 - 2017-06-16 14:00 - 00000000 ____D C:\Program Files\CCleaner
2017-06-16 13:58 - 2017-06-16 13:59 - 09598376 _____ (Piriform Ltd) C:\Users\Claudio\Downloads\ccsetup531.exe
2017-06-16 13:22 - 2017-06-16 13:22 - 00000000 ___HD C:\OneDriveTemp
2017-06-15 22:05 - 2017-06-15 22:05 - 01717944 _____ ( ) C:\Users\Claudio\Downloads\cpu-z_1.79-en.exe
2017-06-15 22:05 - 2017-06-15 22:05 - 00000914 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2017-06-15 22:05 - 2017-06-15 22:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2017-06-15 22:05 - 2017-06-15 22:05 - 00000000 ____D C:\Program Files\CPUID
2017-06-15 21:22 - 2017-06-15 21:23 - 00070195 _____ C:\Users\Claudio\Downloads\Addition.txt
2017-06-15 21:22 - 2017-06-15 21:23 - 00043756 _____ C:\Users\Claudio\Downloads\FRST.txt
2017-06-15 21:21 - 2017-06-16 15:18 - 00000000 ____D C:\FRST
2017-06-15 21:21 - 2017-06-15 21:21 - 02438656 _____ (Farbar) C:\Users\Claudio\Desktop\FRST64.exe
2017-06-15 16:40 - 2017-06-15 16:40 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2017-06-15 16:39 - 2017-06-15 21:18 - 00000000 ____D C:\ProgramData\RogueKiller
2017-06-15 16:37 - 2017-06-15 16:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2017-06-15 16:37 - 2017-06-15 16:37 - 00000000 ____D C:\Program Files\RogueKiller
2017-06-15 16:09 - 2017-06-15 16:33 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-06-15 16:07 - 2017-06-15 16:33 - 00000000 ____D C:\Program Files\mbar
2017-06-15 16:05 - 2017-06-15 16:08 - 35421992 _____ (Adlice Software ) C:\Users\Claudio\Downloads\RogueKiller_setup_ref3.exe
2017-06-15 16:05 - 2017-06-15 16:06 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Claudio\Downloads\mbar-1.09.3.1001.exe
2017-06-14 20:09 - 2017-06-14 20:09 - 00007603 _____ C:\Users\Claudio\AppData\Local\Resmon.ResmonCfg
2017-06-14 17:24 - 2017-06-14 17:24 - 00000989 _____ C:\Users\Claudio\Desktop\Core Temp.lnk
2017-06-14 17:24 - 2017-06-14 17:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp
2017-06-14 17:24 - 2017-06-14 17:24 - 00000000 ____D C:\Program Files\Core Temp
2017-06-14 17:23 - 2017-06-14 17:23 - 01211896 _____ (ALCPU ) C:\Users\Claudio\Downloads\Core-Temp-setup.exe
2017-06-14 17:00 - 2017-06-14 17:00 - 00000000 ____D C:\Users\Claudio\AppData\Local\UNP
2017-06-14 14:42 - 2017-06-14 14:43 - 00000000 ____D C:\Program Files\UNP
2017-06-14 14:42 - 2017-06-14 14:42 - 00000000 ____D C:\WINDOWS\system32\UNP
2017-06-07 13:41 - 2017-06-07 13:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
2017-05-29 16:54 - 2017-05-29 16:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2017-05-24 16:36 - 2017-05-24 16:37 - 00000000 _____ C:\WINDOWS\SysWOW64\last.dump
2017-05-24 16:08 - 2017-06-16 14:12 - 00252832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-05-24 16:08 - 2017-06-15 16:07 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-05-24 16:08 - 2017-06-08 01:41 - 00077376 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-05-24 16:08 - 2017-06-07 16:34 - 00113592 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-05-24 16:08 - 2017-06-07 16:34 - 00093600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-05-24 16:08 - 2017-06-07 16:34 - 00044960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-05-24 16:08 - 2017-05-24 16:08 - 00001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-05-24 16:08 - 2017-05-24 16:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-05-24 16:08 - 2017-05-24 16:08 - 00000000 ____D C:\Program Files\Malwarebytes
2017-05-24 15:58 - 2017-05-24 16:02 - 63364552 _____ (Malwarebytes ) C:\Users\Claudio\Downloads\mb3-setup-consumer-3.1.2.1733-1.0.122-1.0.1976.exe
2017-05-20 03:30 - 2017-05-20 03:30 - 00002904 _____ C:\WINDOWS\System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance
2017-05-18 04:57 - 2017-04-19 20:36 - 00532136 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-05-18 04:41 - 2017-05-18 04:41 - 01008288 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2017-05-18 04:41 - 2017-05-18 04:41 - 00570320 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2017-05-18 04:41 - 2017-05-18 04:41 - 00401584 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2017-05-18 04:41 - 2017-05-18 04:41 - 00340824 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2017-05-18 04:41 - 2017-05-18 04:41 - 00336896 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbloga.sys
2017-05-18 04:41 - 2017-05-18 04:41 - 00314128 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdrivera.sys
2017-05-18 04:41 - 2017-05-18 04:41 - 00192584 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsha.sys
2017-05-18 04:41 - 2017-05-18 04:41 - 00166624 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbdiska.sys
2017-05-18 04:41 - 2017-05-18 04:41 - 00160008 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgstm.sys
2017-05-18 04:41 - 2017-05-18 04:41 - 00129776 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2017-05-18 04:41 - 2017-05-18 04:41 - 00102280 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2017-05-18 04:41 - 2017-05-18 04:41 - 00076832 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2017-05-18 04:41 - 2017-05-18 04:41 - 00051336 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniva.sys
2017-05-18 04:41 - 2017-05-18 04:41 - 00039424 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgHwid.sys
2017-05-18 04:41 - 2017-05-18 04:41 - 00004008 _____ C:\WINDOWS\System32\Tasks\Antivirus Emergency Update
2017-05-18 04:34 - 2017-05-29 16:54 - 00000894 _____ C:\Users\Public\Desktop\AVG.lnk
2017-05-17 14:56 - 2017-06-16 14:30 - 00000000 ____D C:\Users\Claudio\AppData\Roaming\WhatsApp
2017-05-17 14:56 - 2017-05-17 14:56 - 00002282 _____ C:\Users\Claudio\Desktop\WhatsApp.lnk
2017-05-17 14:56 - 2017-05-17 14:56 - 00000000 ____D C:\Users\Claudio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2017-05-17 14:56 - 2017-05-17 14:56 - 00000000 ____D C:\Users\Claudio\AppData\Local\WhatsApp
2017-05-17 14:56 - 2017-05-17 14:56 - 00000000 ____D C:\Users\Claudio\AppData\Local\SquirrelTemp
2017-05-17 14:46 - 2017-05-17 14:53 - 91179280 _____ (WhatsApp) C:\Users\Claudio\Downloads\WhatsAppSetup.exe
2017-05-17 13:20 - 2017-05-17 13:20 - 00003160 _____ C:\WINDOWS\System32\Tasks\StartCN
2017-05-17 13:20 - 2017-05-17 13:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-06-16 14:28 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-06-16 14:18 - 2016-07-17 00:35 - 04347338 _____ C:\WINDOWS\system32\perfh010.dat
2017-06-16 14:18 - 2016-07-17 00:35 - 01291070 _____ C:\WINDOWS\system32\perfc010.dat
2017-06-16 14:18 - 2016-07-16 08:28 - 08849352 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-06-16 14:14 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-06-16 14:14 - 2015-03-09 22:44 - 00000000 ____D C:\Users\Claudio\Documents\File di Outlook
2017-06-16 14:13 - 2016-11-18 15:28 - 00000000 ____D C:\Users\Claudio\AppData\LocalLow\Mozilla
2017-06-16 14:12 - 2016-11-14 19:19 - 00000000 ___RD C:\Users\Claudio\Google Drive
2017-06-16 14:12 - 2016-10-02 19:33 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-06-16 14:12 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2017-06-16 14:12 - 2016-03-10 16:33 - 00000000 ____D C:\Users\Claudio\AppData\Roaming\PlaysTV
2017-06-16 14:12 - 2015-03-05 19:48 - 00000000 ____D C:\Users\Claudio\AppData\Roaming\Raptr
2017-06-16 14:12 - 2015-03-03 18:30 - 00000000 __RDO C:\Users\Claudio\OneDrive
2017-06-16 14:11 - 2016-11-18 06:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-06-16 14:11 - 2016-10-02 19:24 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-06-16 14:11 - 2016-07-16 08:04 - 02097152 _____ C:\WINDOWS\system32\config\BBI
2017-06-16 14:05 - 2015-03-01 21:37 - 00000000 ____D C:\Users\Claudio\AppData\Roaming\TeamViewer
2017-06-16 14:05 - 2015-03-01 21:37 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2017-06-16 14:05 - 2015-02-28 20:34 - 00000000 ____D C:\Users\Claudio\AppData\Roaming\uTorrent
2017-06-16 14:03 - 2016-10-02 20:23 - 00000000 ___DC C:\WINDOWS\Panther
2017-06-16 13:56 - 2015-10-25 13:59 - 00000000 ____D C:\Users\Claudio\AppData\Local\AvgSetupLog
2017-06-16 13:46 - 2015-03-01 20:47 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2017-06-16 13:44 - 2016-10-02 19:24 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-06-16 13:40 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-06-16 13:35 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-06-16 13:35 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-06-16 13:22 - 2016-10-02 19:33 - 00003668 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task
2017-06-16 02:41 - 2016-10-02 19:26 - 00000000 ____D C:\Users\Claudio
2017-06-15 17:18 - 2013-08-22 17:36 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-06-15 16:09 - 2015-12-30 19:54 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-06-15 14:44 - 2015-12-17 18:44 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-06-15 14:44 - 2015-02-28 22:02 - 00000000 ____D C:\ProgramData\Skype
2017-06-15 04:57 - 2015-03-01 00:20 - 00000000 ____D C:\Users\Claudio\AppData\Roaming\vlc
2017-06-14 17:19 - 2015-02-28 22:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-06-14 17:16 - 2015-04-07 16:35 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-06-14 17:16 - 2015-04-07 16:35 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-06-14 17:13 - 2015-04-07 16:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-06-14 17:12 - 2015-03-02 02:05 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-06-14 17:07 - 2015-03-02 02:04 - 133627792 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-06-14 14:43 - 2013-08-22 15:25 - 00000167 _____ C:\WINDOWS\win.ini
2017-06-12 18:02 - 2015-02-28 22:02 - 00000000 ____D C:\Users\Claudio\AppData\Roaming\Skype
2017-06-09 13:24 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-06-07 18:59 - 2015-03-01 00:20 - 00001139 _____ C:\Users\Public\Desktop\VLC media player.lnk
2017-06-07 13:41 - 2016-10-02 19:33 - 00003334 _____ C:\WINDOWS\System32\Tasks\SamsungMagician
2017-06-07 13:41 - 2015-03-09 15:54 - 00001293 _____ C:\Users\Public\Desktop\Samsung Magician.lnk
2017-06-07 13:41 - 2015-03-07 20:27 - 00000000 ____D C:\ProgramData\Samsung
2017-06-07 13:41 - 2015-03-07 20:25 - 00000000 ____D C:\Program Files (x86)\Samsung
2017-06-03 19:46 - 2015-02-26 05:11 - 00000000 ____D C:\Users\Claudio\AppData\Local\Packages
2017-06-03 08:36 - 2016-07-16 13:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-06-03 08:36 - 2016-07-16 13:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-05-19 17:10 - 2016-10-02 19:33 - 00002750 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3511887087-4107616233-696709613-1001
2017-05-19 17:09 - 2015-10-25 14:08 - 00000000 ____D C:\ProgramData\Avg
2017-05-19 17:09 - 2015-05-21 12:33 - 00000000 ____D C:\Users\Claudio\AppData\Local\Avg
2017-05-19 17:09 - 2015-03-06 20:41 - 00000000 ____D C:\Program Files (x86)\AVG
2017-05-18 05:07 - 2016-07-16 13:47 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2017-05-18 05:07 - 2015-10-25 14:16 - 00000000 ____D C:\Users\Claudio\AppData\Roaming\AVG
2017-05-18 05:07 - 2015-06-18 12:56 - 00000000 ____D C:\Program Files\Common Files\AV
2017-05-17 13:20 - 2016-10-02 19:24 - 00000000 ____D C:\Program Files\AMD
2017-05-17 13:20 - 2016-07-16 08:19 - 00000000 ____D C:\Program Files (x86)\AMD
2017-05-17 13:20 - 2015-02-26 07:12 - 00000000 ____D C:\ProgramData\AMD
2017-05-17 13:19 - 2015-02-28 22:50 - 00000000 ____D C:\AMD

==================== Files in the root of some directories =======

2015-03-10 00:44 - 2015-03-10 01:07 - 0028298 _____ () C:\Users\Claudio\AppData\Roaming\Valori separati da virgola.ADR
2015-03-10 00:57 - 2015-04-23 16:45 - 0012424 _____ () C:\Users\Claudio\AppData\Roaming\Valori separati da virgola.EML
2017-06-14 20:09 - 2017-06-14 20:09 - 0007603 _____ () C:\Users\Claudio\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-06-06 20:39

==================== End of FRST.txt ============================

[stefklas]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-06-2017 01
Ran by Claudio (16-06-2017 15:18:38)
Running from C:\Users\Claudio\Desktop
Windows 10 Pro Version 1607 (X64) (2016-10-02 17:35:09)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3511887087-4107616233-696709613-500 - Administrator - Disabled)
Claudio (S-1-5-21-3511887087-4107616233-696709613-1001 - Administrator - Enabled) => C:\Users\Claudio
DefaultAccount (S-1-5-21-3511887087-4107616233-696709613-503 - Limited - Disabled)
Guest (S-1-5-21-3511887087-4107616233-696709613-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3511887087-4107616233-696709613-1003 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Antivirus (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.33 - GIGABYTE)
µTorrent (HKU\S-1-5-21-3511887087-4107616233-696709613-1001\...\uTorrent) (Version: 3.4.9.43295 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Italiano (HKLM-x32\...\{AC76BA86-7AD7-1040-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.131 - Adobe Systems Incorporated)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.)
AVG (Version: 1.191.1 - AVG Technologies) Hidden
AVG Protection (HKLM-x32\...\AVG Antivirus) (Version: 17.4.3014 - AVG Technologies)
Avidemux 2.6 - 64 bits (HKLM-x32\...\Avidemux 2.6 - 64 bits (64-bit)) (Version: 2.6.12.160304 - )
calibre 64bit (HKLM\...\{03D76A6B-4B00-4CEA-835B-909D7462F32E}) (Version: 2.58.0 - Kovid Goyal)
Catalyst Control Center Next Localization BR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.31 - Piriform)
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
Core Temp 1.8.1 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.8.1 - ALCPU)
CPUID CPU-Z 1.79.1 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 5.0.1.0406 - Disc Soft Ltd)
Diagnostica della stampante Samsung (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.2.5 - Samsung Electronics Co., Ltd.)
DriverUpdate (HKLM-x32\...\{E2A3A216-9DFE-4EC1-AA69-162588FEF014}) (Version: 2.2.36929 - SlimWare Utilities, Inc.)
Easy Tune 6 B13.1111.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B13.1111.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
eMule (HKLM-x32\...\eMule) (Version: - )
FMW 1 (Version: 1.203.1 - AVG Technologies) Hidden
GNU Backgammon (Version 1_05_000, 20150725) (HKLM-x32\...\GNU Backgammon_is1) (Version: - Free Software Foundation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Drive (HKLM-x32\...\{A1238426-ECDF-4639-BE2F-8D12A97AE23C}) (Version: 2.34.5075.1619 - Google, Inc.)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.21.115 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
HandBrake 0.10.5 (HKLM-x32\...\HandBrake) (Version: 0.10.5 - )
Malwarebytes versione 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3511887087-4107616233-696709613-1001\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools per Office Runtime (x64) - Language Pack - ITA (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ITA) (Version: 10.0.50903 - Microsoft Corporation)
MKVToolNix 6.7.0 [20140102-565] (HKLM-x32\...\MKVToolNix) (Version: 6.7.0 - Moritz Bunkus)
Moo0 Audio Converter 1.32 (HKLM-x32\...\Moo0 AudioTypeConverter) (Version: - )
Mozilla Firefox 54.0 (x86 it) (HKLM-x32\...\Mozilla Firefox 54.0 (x86 it)) (Version: 54.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 54.0.0.6368 - Mozilla)
Mozilla Thunderbird 31.5.0 (x86 it) (HKLM-x32\...\Mozilla Thunderbird 31.5.0 (x86 it)) (Version: 31.5.0 - Mozilla)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 18.0.1 - OBS Project)
ON_OFF Charge 2 B13.1028.1 (HKLM-x32\...\InstallShield_{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE)
ON_OFF Charge 2 B13.1028.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
OpenVPN 2.4.1-I601 (HKLM\...\OpenVPN) (Version: 2.4.1-I601 - OpenVPN Technologies, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Pacchetto Eco Driver (HKLM-x32\...\Samsung Eco Driver Pack) (Version: 2.01.10.00 (28/05/2015) - Samsung Electronics Co., Ltd.)
Pacchetto Stylish Driver (HKLM-x32\...\Samsung Stylish UI Pack) (Version: 1.01.74.00 (09/02/2015) - Samsung Electronics Co., Ltd.)
PHOTOfunSTUDIO 9.0 AE (HKLM-x32\...\{94C19375-D509-4D21-A627-DD9160DF4710}) (Version: 9.00.517 - Panasonic Corporation)
Platform (x32 Version: 1.42 - VIA Technologies, Inc.) Hidden
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.24.2-r123476-release - Plays.tv, LLC)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.10-r123135-release - Raptr, Inc)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.18.621.2013 - Realtek)
RogueKiller version 12.11.1.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.11.1.0 - Adlice Software)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 2.0.0.78 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15024.8 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.15024.8 - Samsung Electronics Co., Ltd.) Hidden
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.1.0.1120 - Samsung Electronics)
Samsung Printer Center (HKLM-x32\...\Samsung Printer Center) (Version: 1.0.0.12 - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (x32 Version: 1.03.05.26 - Samsung Electronics Co., Ltd.) Hidden
Samsung Universal Print Driver 2 (HKLM-x32\...\Samsung Universal Print Driver 2) (Version: 2.50.06.00 - Samsung Electronics Co., Ltd.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
Skype™ 7.36 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.36.101 - Skype Technologies S.A.)
SolveigMM AVI Trimmer+ versione 5.0.1603.23 (HKLM-x32\...\SolveigMM AVI Trimmer_is1) (Version: 5.0.1603.23 - Solveig Multimedia)
SolveigMM Video Splitter Home Edition (HKLM-x32\...\SolveigMM Video Splitter Home Edition 5.0.1509.11) (Version: 5.0.1509.11 - Solveig Multimedia)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.76421 - TeamViewer)
Uninstall Samsung Printer Software (HKLM-x32\...\TotalUninstaller) (Version: 4.0.0.12 - Samsung Electronics CO., LTD.)
Unlocker 1.9.1-x64 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
vanBasco's Karaoke Player (HKLM-x32\...\VMidi) (Version: - )
VIA Manager Piattaforma (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Visualizza Guida dell’utente (HKLM-x32\...\View User Guide) (Version: 4.0.0.6 - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0) (Version: 1.0.17.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1-2) (Version: 1.0.3.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.3.1 (Version: 1.0.3.1 - LunarG, Inc.) Hidden
WhatsApp (HKU\S-1-5-21-3511887087-4107616233-696709613-1001\...\WhatsApp) (Version: 0.2.4240 - WhatsApp)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinZip 12.0 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240B7}) (Version: 12.0.8252 - WinZip Computing, S.L. )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {37FD69EC-FAC8-4A77-B06E-6640723EB1CA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-06-13] (Piriform Ltd)
Task: {39BAB04C-8521-4397-B539-C0B4C946DEED} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {49B0EEA3-822D-42AB-80D6-310E56192F8E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {53B79389-325E-484C-A880-4D95E300451C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {599C466A-D6AA-4069-8EDF-8BCEDC3B8E09} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-04-24] (Advanced Micro Devices, Inc.)
Task: {6A8DEED4-26C6-4ACD-9BA0-0F1BA9539032} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [2017-05-18] (AVG Technologies CZ, s.r.o.)
Task: {6F16341C-FF77-4A2E-8252-0ABE53694AB1} - System32\Tasks\EPM Preload => C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2DotNetHandler.exe [2015-04-24] ()
Task: {70915773-242A-474A-ADF4-F9E4FAE3A266} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {7CA0D17F-309B-46E1-885E-ACC287EDF342} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {81513D21-688F-460D-B2F8-4E3AEEFAECFA} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2017-06-14] (Microsoft Corporation)
Task: {9AB0D919-322F-499A-BDAB-83A11E248102} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {B164D83E-1136-4828-9DFC-CCE65283113A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {B680E122-9A97-4E30-9986-08B1915B4ECA} - System32\Tasks\RunAsStdUser Task => C:\Program Files (x86)\Moo0\AudioConverter 1.32\AudioConverter.exe [2013-08-11] (Moo0)
Task: {B6D71C30-5A70-4F9B-A37B-008B996F3509} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-06-16] (Adobe Systems Incorporated)
Task: {BA10277A-1151-4ABB-9936-505AA472E51F} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-03-21] (Advanced Micro Devices, Inc.)
Task: {BE201AD4-A3E3-445F-8030-AC0BD1159EC3} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {C933E1D1-22AD-4A10-BAA1-2C414823BF79} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [2017-05-19] (Samsung Electronics Co. Ltd.)
Task: {E4512788-4B07-4ECF-AA88-7BB02045E663} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Claudio\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-05-10 23:10 - 2017-04-28 02:49 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-05-19 16:35 - 2014-11-25 13:16 - 00022528 _____ () C:\WINDOWS\System32\us005lm.dll
2015-03-24 22:00 - 2014-04-16 10:22 - 00029184 _____ () C:\WINDOWS\System32\usp02l.dll
2015-08-04 00:25 - 2015-08-04 00:25 - 00214528 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 00817152 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Device.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 03650560 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Platform.dll
2015-03-24 22:02 - 2016-05-19 16:35 - 00143664 _____ () C:\Windows\SysWOW64\SecUPDUtilSvc.exe
2016-05-19 16:35 - 2015-07-27 11:57 - 01687856 _____ () C:\WINDOWS\system32\spool\DRIVERS\x64\3\us005du.dll
2016-10-03 16:41 - 2016-09-07 06:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-17 14:18 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-17 14:17 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-17 14:17 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-17 14:17 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-05-10 23:10 - 2017-04-28 01:36 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-05-10 23:10 - 2017-04-28 01:36 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-05-10 23:10 - 2017-04-28 01:37 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00191488 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2015-02-26 07:07 - 2012-11-14 09:22 - 00078456 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2015-02-26 07:07 - 2012-11-14 09:22 - 00386168 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2017-03-22 18:49 - 2017-03-22 18:49 - 00615040 _____ () C:\Program Files\OpenVPN\bin\openvpn-gui.exe
2014-09-08 13:39 - 2014-09-08 13:39 - 00464608 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2017-06-14 02:32 - 2017-06-14 02:32 - 00020184 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
2017-06-01 16:52 - 2017-06-01 16:57 - 30965760 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17042.14111.0_x64__8wekyb3d8bbwe\Music.UI.exe
2017-06-01 16:52 - 2017-06-01 16:57 - 09016320 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17042.14111.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-05-26 13:06 - 2017-05-26 13:10 - 03140520 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17042.14111.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-06-16 13:28 - 2017-06-16 13:38 - 00020480 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-06-16 13:28 - 2017-06-16 13:38 - 27430400 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-06-03 12:36 - 2017-06-03 12:45 - 00460288 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.Photos.AGM.Native.Windows.dll
2017-06-03 12:36 - 2017-06-03 12:45 - 02275328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2017-06-03 12:36 - 2017-06-03 12:45 - 03139496 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-06-03 12:36 - 2017-06-03 12:45 - 00046080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2016-07-16 16:48 - 2016-07-16 16:48 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2017-06-03 12:36 - 2017-06-03 12:45 - 00900096 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-05-05 13:01 - 2017-05-05 13:13 - 01062400 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2016-07-16 16:48 - 2016-07-16 16:48 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2017-06-14 02:32 - 2017-06-14 02:32 - 00033280 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\cx_Logging.cp35-win32.pyd
2017-06-14 02:32 - 2017-06-14 02:32 - 00103424 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32api.pyd
2017-06-14 02:32 - 2017-06-14 02:32 - 00111616 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pywintypes35.dll
2017-06-14 02:32 - 2017-06-14 02:32 - 00041984 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32process.pyd
2017-06-14 02:32 - 2017-06-14 02:32 - 00405504 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pythoncom35.dll
2017-06-14 02:32 - 2017-06-14 02:32 - 00173568 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32gui.pyd
2017-06-14 02:32 - 2017-06-14 02:32 - 01934336 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtGui.pyd
2017-06-14 02:32 - 2017-06-14 02:32 - 00077824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\sip.pyd
2017-06-14 02:32 - 2017-06-14 02:32 - 01780736 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtCore.pyd
2017-06-14 02:32 - 2017-06-14 02:32 - 00505856 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtNetwork.pyd
2017-06-14 02:32 - 2017-06-14 02:32 - 03812864 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWidgets.pyd
2016-11-28 16:44 - 2016-11-28 16:44 - 48920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
2017-05-18 04:41 - 2017-05-18 04:41 - 00171344 _____ () C:\Program Files (x86)\AVG\Antivirus\JsonRpcServer.dll
2017-05-18 04:41 - 2017-05-18 04:41 - 00999024 _____ () C:\Program Files (x86)\AVG\Antivirus\AvChrome.dll
2017-05-18 04:41 - 2017-05-18 04:41 - 67717632 _____ () C:\Program Files (x86)\AVG\Antivirus\libcef.dll
2017-05-18 04:41 - 2017-05-18 04:41 - 00178120 _____ () C:\Program Files (x86)\AVG\Antivirus\event_routing_rpc.dll
2017-05-18 04:41 - 2017-05-18 04:41 - 00224352 _____ () C:\Program Files (x86)\AVG\Antivirus\tasks_core.dll
2017-05-18 04:41 - 2017-05-18 04:41 - 00685784 _____ () C:\Program Files (x86)\AVG\Antivirus\ffl2.dll
2017-06-16 14:12 - 2017-06-16 14:12 - 00098816 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI19242\win32api.pyd
2017-06-16 14:12 - 2017-06-16 14:12 - 00110080 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI19242\pywintypes27.dll
2017-06-16 14:12 - 2017-06-16 14:12 - 00364544 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI19242\pythoncom27.dll
2017-06-16 14:12 - 2017-06-16 14:12 - 00320512 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI19242\win32com.shell.shell.pyd
2017-06-16 14:12 - 2017-06-16 14:12 - 00914432 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI19242\_hashlib.pyd
2017-06-16 14:12 - 2017-06-16 14:12 - 01176576 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI19242\wx._core_.pyd
2017-06-16 14:12 - 2017-06-16 14:12 - 00806400 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI19242\wx._gdi_.pyd
2017-06-16 14:12 - 2017-06-16 14:12 - 00816128 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI19242\wx._windows_.pyd
2017-06-16 14:12 - 2017-06-16 14:12 - 01067008 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI19242\wx._controls_.pyd
2017-06-16 14:12 - 2017-06-16 14:12 - 00733184 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI19242\wx._misc_.pyd
2017-06-16 14:12 - 2017-06-16 14:12 - 00682496 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI19242\pysqlite2._sqlite.pyd
2017-06-16 14:12 - 2017-06-16 14:12 - 00088064 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI19242\_ctypes.pyd
2017-06-16 14:12 - 2017-06-16 14:12 - 00686080 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI19242\unicodedata.pyd
2017-06-16 14:12 - 2017-06-16 14:12 - 00119808 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI19242\win32file.pyd
2017-06-16 14:12 - 2017-06-16 14:12 - 00108544 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI19242\win32security.pyd
2017-06-16 14:12 - 2017-06-16 14:12 - 00007168 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI19242\hashobjs_ext.pyd
2017-06-16 14:12 - 2017-06-16 14:12 - 00017920 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI19242\thumbnails_ext.pyd
2017-06-16 14:12 - 2017-06-16 14:12 - 00088064 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI19242\usb_ext.pyd
2017-06-16 14:12 - 2017-06-16 14:12 - 00012800 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI19242\common.time34.pyd
2017-06-16 14:12 - 2017-06-16 14:12 - 00018432 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI19242\win32event.pyd
2017-06-16 14:12 - 2017-06-16 14:12 - 00167936 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI19242\win32gui.pyd
2017-06-16 14:12 - 2017-06-16 14:12 - 00046080 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI19242\_socket.pyd
2017-06-16 14:12 - 2017-06-16 14:12 - 01303552 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI19242\_ssl.pyd
2017-06-16 14:12 - 2017-06-16 14:12 - 00128512 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI19242\_elementtree.pyd
2017-06-16 14:12 - 2017-06-16 14:12 - 00127488 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI19242\pyexpat.pyd
2017-06-16 14:12 - 2017-06-16 14:12 - 00038912 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI19242\win32inet.pyd
2017-06-16 14:12 - 2017-06-16 14:12 - 00036864 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI19242\_psutil_windows.pyd
2017-06-16 14:12 - 2017-06-16 14:12 - 00524248 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI19242\windows._lib_cacheinvalidation.pyd
2017-06-16 14:12 - 2017-06-16 14:12 - 00011264 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI19242\win32crypt.pyd
2017-06-16 14:12 - 2017-06-16 14:12 - 00123392 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI19242\wx._wizard.pyd
2017-06-16 14:12 - 2017-06-16 14:12 - 00077312 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI19242\wx._html2.pyd
2017-06-16 14:12 - 2017-06-16 14:12 - 00027648 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI19242\_multiprocessing.pyd
2017-06-16 14:12 - 2017-06-16 14:12 - 00020480 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI19242\_yappi.pyd
2017-06-16 14:12 - 2017-06-16 14:12 - 00035840 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI19242\win32process.pyd
2017-06-16 14:12 - 2017-06-16 14:12 - 00078848 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI19242\wx._animate.pyd
2017-06-16 14:12 - 2017-06-16 14:12 - 00024064 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI19242\win32pipe.pyd
2017-06-16 14:12 - 2017-06-16 14:12 - 00010240 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI19242\select.pyd
2017-06-16 14:12 - 2017-06-16 14:12 - 00025600 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI19242\win32pdh.pyd
2017-06-16 14:12 - 2017-06-16 14:12 - 00017408 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI19242\win32profile.pyd
2017-06-16 14:12 - 2017-06-16 14:12 - 00022528 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI19242\win32ts.pyd
2015-05-08 03:37 - 2015-05-08 03:37 - 00087040 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_ctypes.pyd
2015-05-08 03:37 - 2015-05-08 03:37 - 00043008 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_socket.pyd
2015-05-08 03:37 - 2015-05-08 03:37 - 00805376 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_ssl.pyd
2015-05-08 03:39 - 2015-05-08 03:39 - 05812736 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtGui.pyd
2017-05-04 21:01 - 2017-05-04 21:01 - 00067584 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\sip.pyd
2015-05-08 03:39 - 2015-05-08 03:39 - 01662464 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtCore.pyd
2015-05-08 03:39 - 2015-05-08 03:39 - 00494592 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtNetwork.pyd
2015-05-08 03:39 - 2015-05-08 03:39 - 00096256 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32api.pyd
2015-05-08 03:38 - 2015-05-08 03:38 - 00110592 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\pywintypes26.dll
2015-05-08 03:37 - 2015-05-08 03:37 - 00010240 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\select.pyd
2015-05-08 03:37 - 2015-05-08 03:37 - 00356864 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_hashlib.pyd
2015-05-08 03:39 - 2015-05-08 03:39 - 00036352 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32process.pyd
2015-05-08 03:39 - 2015-05-08 03:39 - 00111104 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32file.pyd
2015-05-08 03:37 - 2015-05-08 03:37 - 00044544 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_sqlite3.pyd
2015-05-08 03:49 - 2015-05-08 03:49 - 00417501 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\sqlite3.dll
2015-05-08 03:39 - 2015-05-08 03:39 - 00167936 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32gui.pyd
2015-05-08 03:39 - 2015-05-08 03:39 - 00313856 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtWebKit.pyd
2015-05-08 03:37 - 2015-05-08 03:37 - 00127488 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\pyexpat.pyd
2015-05-08 03:37 - 2015-05-08 03:37 - 00009216 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\winsound.pyd
2015-11-13 23:59 - 2015-11-13 23:59 - 00113171 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libvlc.dll
2015-11-13 23:59 - 2015-11-13 23:59 - 02396691 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libvlccore.dll
2015-05-08 03:37 - 2015-05-08 03:37 - 00583680 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\unicodedata.pyd
2017-06-14 02:32 - 2017-06-14 02:32 - 00021504 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32event.pyd
2017-06-14 02:32 - 2017-06-14 02:32 - 00113171 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\libvlc.dll
2017-06-14 02:32 - 2017-06-14 02:32 - 02396691 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\libvlccore.dll
2017-06-14 02:32 - 2017-06-14 02:32 - 00124416 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32file.pyd
2017-06-14 02:32 - 2017-06-14 02:32 - 00084992 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtSvg.pyd
2017-06-14 02:32 - 2017-06-14 02:32 - 00152064 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWebEngineWidgets.pyd
2017-06-14 02:32 - 2017-06-14 02:32 - 00033792 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWebEngineCore.pyd
2017-06-14 02:32 - 2017-06-14 02:32 - 00032256 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWebChannel.pyd
2017-06-14 02:32 - 2017-06-14 02:32 - 00035328 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\simplejson._speedups.pyd
2017-06-14 02:32 - 2017-06-14 02:32 - 00372736 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32com.shell.shell.pyd
2017-06-14 02:32 - 2017-06-14 02:32 - 00013824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\libEGL.dll
2017-06-14 02:32 - 2017-06-14 02:32 - 01983488 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\libGLESv2.dll
2017-06-14 02:32 - 2017-06-14 02:32 - 02653392 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\ltc_host_ex.DLL
2017-06-14 02:32 - 2017-06-14 02:32 - 00027667 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\plugins\audio_output\libdirectsound_plugin.dll
2017-06-14 02:32 - 2017-06-14 02:32 - 00031251 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\plugins\audio_output\libwaveout_plugin.dll
2017-06-14 02:32 - 2017-06-14 02:32 - 00066579 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\plugins\video_output\libdirectdraw_plugin.dll
2015-05-08 03:39 - 2015-05-08 03:39 - 00141312 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\gobject._gobject.pyd
2017-05-04 19:33 - 2017-05-04 19:33 - 02717595 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\heliotrope._purple.pyd
2015-05-08 03:49 - 2015-05-08 03:49 - 01213633 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libxml2-2.dll
2015-05-08 03:55 - 2015-05-08 03:55 - 00055808 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\zlib1.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 00495680 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libaim.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 01183699 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\liboscar.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 00483306 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libicq.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 00655356 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libirc.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 01306387 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libmsn.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 00565461 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libxmpp.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 01640221 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libjabber.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 00506276 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libyahoo.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 01053730 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libymsg.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 00497782 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libyahoojp.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 00603326 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\ssl-nss.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 00474199 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\ssl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2017-06-16 14:11 - 00000027 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3511887087-4107616233-696709613-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Claudio\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{babd5440-34b5-48b4-adae-54a39568fa61}.JPG
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKU\S-1-5-21-3511887087-4107616233-696709613-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{AFB411C0-239E-49F0-87CD-47D8A772D638}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{14EA612D-5B89-4A8B-8756-A37750739440}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{28D8AA8E-264F-4C6C-8F62-965378F9F770}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{5F85C090-73DB-4D2F-924F-91410FFD2299}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{6FB59A35-4ABD-4C3C-9D57-6CEB00B8FDDC}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{029457B3-765B-4BEF-871B-6304D3AFFC23}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{D460CC75-4DAC-404E-9340-67A4F039D53D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{32A38BEA-1D07-44A7-8233-A581003F6022}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{A6C67D62-4FC6-460B-A6B5-E82EB08D9972}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Print Driver 2\PrinterSelector\SUPDApp.exe
FirewallRules: [TCP Query User{AB40D956-5751-42C1-A74E-16145D0C2030}C:\users\claudio\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\claudio\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{ABFC7E79-C6F2-42DE-A25F-92B41B770BD5}C:\users\claudio\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\claudio\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{4343EE75-1E04-456F-8A2A-4A460466A93E}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{30917B3A-8EA8-4A15-B787-22478774616A}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{E2BCEA09-430C-4634-AFA7-444DFB1FE910}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe
FirewallRules: [UDP Query User{CC1F69AF-3790-4FC8-80E9-1AC2D905A8FD}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe
FirewallRules: [{3EF0E89F-3A7F-41CD-BBCA-527B21DBEC2F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BAE299C9-396A-4258-8F89-4774F4EDE351}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0ADE9274-FE3C-45C6-BBE0-D47D132FBA14}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Center\SamsungPrinterCenter.exe
FirewallRules: [{372447CC-58CF-4A17-8BB1-63FEF2D7AB57}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EasyPrinterManagerV2.exe
FirewallRules: [{7CF2CE99-FD06-439E-921A-BF7CC5E17AB3}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{2990456E-B4C1-46EF-99D8-BA6A5DDD26C0}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2AlertList.exe
FirewallRules: [{91364B55-F016-44BD-9D4D-5FAA8834102B}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2Migrator.exe
FirewallRules: [{542345FD-E0CA-4393-910D-2B3D8D3CA4F3}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{7CCA5D7C-8CBC-47C3-8C31-B09C35D3A709}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{8EEF06DE-3FE8-4019-98EF-3BD10DB39996}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{64549595-77CA-48B7-879F-83A1B0FA85AC}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [TCP Query User{383ACCBF-A1EA-44B2-9F9C-E46021D472EB}C:\users\claudio\appdata\roaming\utorrent\updates\3.4.9_42606.exe] => (Allow) C:\users\claudio\appdata\roaming\utorrent\updates\3.4.9_42606.exe
FirewallRules: [UDP Query User{90D33360-6F0D-4D2F-B4B8-A33B8154E5B9}C:\users\claudio\appdata\roaming\utorrent\updates\3.4.9_42606.exe] => (Allow) C:\users\claudio\appdata\roaming\utorrent\updates\3.4.9_42606.exe
FirewallRules: [{0015BC59-7D68-4C9F-B292-2C2DB62415F1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{9C31C005-4E23-4FD0-973C-66D1FA9C4BB0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{79358719-CC40-4018-ACFD-88C0781202A8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{269EADCE-CA03-4313-9011-668B76ABE478}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{304AF0FF-3640-43C4-996D-1BA92B518E36}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{1DA36D99-5E24-4AB1-8137-C168BE85005A}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{E504D859-D337-4E43-8F02-632C5A305858}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{A91BF7CF-1A24-487E-A766-9E446F22A8BE}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{AD35B0F7-478F-4DE0-92FD-15FE53E92A6C}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{2863D593-E314-4B6D-AB3A-3235643A6067}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{4DBC2EA3-3781-4F56-8099-0471C4406870}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe

==================== Restore Points =========================

30-05-2017 19:55:45 Punto di controllo pianificato
08-06-2017 20:03:56 Punto di controllo pianificato
14-06-2017 14:42:04 Windows Update
14-06-2017 14:42:23 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/16/2017 02:49:02 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KLAS)
Description: Attivazione dell'app Microsoft.BingWeather_8wekyb3d8bbwe!App non riuscita con errore: -2144927148 Per ulteriori informazioni, consulta il registro Microsoft-Windows-TWinUI/Operativo.

Error: (06/16/2017 02:27:15 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KLAS)
Description: Attivazione dell'app Microsoft.BingWeather_8wekyb3d8bbwe!App non riuscita con errore: -2144927148 Per ulteriori informazioni, consulta il registro Microsoft-Windows-TWinUI/Operativo.

Error: (06/16/2017 02:14:20 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KLAS)
Description: Attivazione dell'app Microsoft.BingWeather_8wekyb3d8bbwe!App non riuscita con errore: -2144927148 Per ulteriori informazioni, consulta il registro Microsoft-Windows-TWinUI/Operativo.

Error: (06/16/2017 02:12:17 PM) (Source: openvpnserv) (EventID: 0) (User: )
Description: Event-ID 0

Error: (06/16/2017 02:11:05 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Errore del servizio Copia Shadow del volume: errore inatteso durante il richiamo della routine QueryFullProcessImageNameW. hr = 0x8007001f, Un dispositivo collegato al sistema non è in funzione.
.


Operazione:
Esecuzione operazione asincrona

Contesto:
Stato corrente: DoSnapshotSet

Error: (06/16/2017 02:10:40 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Servizi di crittografia: impossibile elaborare la chiamata OnIdentity() nell'oggetto writer del sistema.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Accesso negato.
.

Error: (06/16/2017 02:10:38 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Errore del servizio Copia Shadow del volume: errore imprevisto durante la ricerca dell'interfaccia IVssWriterCallback. hr = 0x80070005, Accesso negato.
.
L'errore è spesso causato da impostazioni di sicurezza non corrette nel processo di scrittura o richiedente.


Operazione:
Raccolta dei dati del processo di scrittura

Contesto:
ID della classe del processo di scrittura: {e8132975-6f93-4464-a53e-1050253ae220}
Nome del processo di scrittura: System Writer
ID dell'istanza del processo di scrittura: {79633a77-dfec-418a-9926-2f98fc6e6046}

Error: (06/16/2017 01:51:22 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KLAS)
Description: Attivazione dell'app Microsoft.BingWeather_8wekyb3d8bbwe!App non riuscita con errore: -2144927148 Per ulteriori informazioni, consulta il registro Microsoft-Windows-TWinUI/Operativo.

Error: (06/16/2017 01:23:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KLAS)
Description: Attivazione dell'app Microsoft.BingWeather_8wekyb3d8bbwe!App non riuscita con errore: -2144927148 Per ulteriori informazioni, consulta il registro Microsoft-Windows-TWinUI/Operativo.

Error: (06/16/2017 01:21:52 PM) (Source: openvpnserv) (EventID: 0) (User: )
Description: Event-ID 0


System errors:
=============
Error: (06/16/2017 02:15:03 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Le impostazioni delle autorizzazioni impostazioni specifiche dell'applicazione non concedono l'autorizzazione di Attivazione in Locale per l'applicazione server COM con CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
e APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
all'utente NT AUTHORITY\SID SYSTEM (S-1-5-18) dall'indirizzo LocalHost (tramite LRPC) in esecuzione nel SID del contenitore di applicazioni Non disponibile (Non disponibile). Per modificare tale autorizzazione di sicurezza, è possibile utilizzare lo strumento amministrativo Servizi componenti.

Error: (06/16/2017 02:11:45 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Le impostazioni delle autorizzazioni impostazioni specifiche dell'applicazione non concedono l'autorizzazione di Attivazione in Locale per l'applicazione server COM con CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
all'utente NT AUTHORITY\SID SYSTEM (S-1-5-18) dall'indirizzo LocalHost (tramite LRPC) in esecuzione nel SID del contenitore di applicazioni Non disponibile (Non disponibile). Per modificare tale autorizzazione di sicurezza, è possibile utilizzare lo strumento amministrativo Servizi componenti.

Error: (06/16/2017 02:11:21 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Tentativo di eseguire un'azione di correzione (Riavvia il servizio) dopo l'arresto imprevista del servizio Windows Search. Tentativo non riuscito per l'errore:
Un'istanza del servizio è già in esecuzione.

Error: (06/16/2017 02:10:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Il servizio Windows Search è stato arrestato in modo imprevisto. Questo problema si è verificato 1 volta/e. Le seguenti azioni di correzione saranno eseguite tra 30000 millisecondi: Riavvia il servizio.

Error: (06/16/2017 02:10:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Il servizio TeamViewer 11 è stato arrestato in modo imprevisto. Questo problema si è verificato 1 volta/e. Le seguenti azioni di correzione saranno eseguite tra 2000 millisecondi: Riavvia il servizio.

Error: (06/16/2017 02:10:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Il servizio Malwarebytes Service è stato arrestato in modo imprevisto. Questo problema si è verificato 1 volta/e. Le seguenti azioni di correzione saranno eseguite tra 5000 millisecondi: Riavvia il servizio.

Error: (06/16/2017 02:10:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Arresto imprevista del servizio Plays.tv Update Service (PlaysService). Questo evento si è già verificato 1 volta(e).

Error: (06/16/2017 02:10:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Arresto imprevista del servizio VIA Karaoke digital mixer Service. Questo evento si è già verificato 1 volta(e).

Error: (06/16/2017 02:10:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Arresto imprevista del servizio Samsung UPD Utility Service. Questo evento si è già verificato 1 volta(e).

Error: (06/16/2017 02:10:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Arresto imprevista del servizio AMD FUEL Service. Questo evento si è già verificato 1 volta(e).


CodeIntegrity:
===================================
Date: 2017-05-28 04:47:13.233
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-119906.dll that did not meet the Store signing level requirements.

Date: 2017-05-28 04:47:13.213
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\PlaysTV\ltc_help64-122689.dll that did not meet the Store signing level requirements.

Date: 2017-05-25 15:28:50.245
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-119906.dll that did not meet the Store signing level requirements.

Date: 2017-05-25 15:28:50.241
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\PlaysTV\ltc_help64-122689.dll that did not meet the Store signing level requirements.

Date: 2017-05-25 15:28:50.199
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-119906.dll that did not meet the Store signing level requirements.

Date: 2017-05-25 15:28:50.195
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\PlaysTV\ltc_help64-122689.dll that did not meet the Store signing level requirements.

Date: 2017-05-25 15:24:04.252
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-119906.dll that did not meet the Store signing level requirements.

Date: 2017-05-25 15:24:04.232
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\PlaysTV\ltc_help64-122689.dll that did not meet the Store signing level requirements.

Date: 2017-05-24 16:53:11.931
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-05-21 03:58:50.512
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-119906.dll that did not meet the Store signing level requirements.


==================== Memory info ===========================

Processor: AMD FX(tm)-8320 Eight-Core Processor
Percentage of memory in use: 38%
Total physical RAM: 8156.62 MB
Available physical RAM: 4981.03 MB
Total Virtual: 8356.62 MB
Available Virtual: 4170.15 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:237.69 GB) (Free:137.22 GB) NTFS
Drive d: (Volume) (Fixed) (Total:931.51 GB) (Free:279.47 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 0B24D8A3)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=237.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=449 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 0B24D8BE)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

[Dan1979]

ok ,finisci con i browser e poi vai in C
e cancella la cartella c:/frst
e anche quella di adwcleaner
Poi apri ccleaner
vai su strumenti--> impostazioni-->ripristino sistema
cancella tutti i punti tranne quello in grigio per motivi di sicurezza

Il pc sembra pulito,abbiamo finito

Verifica come va il pc e fammi sapere ciao

[stefklas]

Fatto tutto, per ora va bene.

Nel caso ti faccio sapere.

Grazie di tutto. Ciao.