Torna indietro   Hardware Upgrade Forum > Networking e sicurezza > Antivirus e Sicurezza > Aiuto sono infetto! Cosa faccio?
Ricarica la Pagina Virus o problema hardware?

Appian: non solo low code. La missione è l’ottimizzazione dei processi con l'IA
Appian: non solo low code. La missione è l’ottimizzazione dei processi con l'IA
Abbiamo partecipato ad Appian World 2024, evento dedicato a partner e clienti che si è svolto recentemente nei pressi di Washington DC, vicino alla sede storica dell’azienda. Nel festeggiare il 25mo anniversario, Appian ha annunciato diverse novità in ambito intelligenza artificiale
Lenovo ThinkVision 3D 27, la steroscopia senza occhialini
Lenovo ThinkVision 3D 27, la steroscopia senza occhialini
Primo contatto con il monitor Lenovo ThinkVision 3D 27 che grazie a particolari accorgimenti tecnici riesce a ricreare l'illusione della spazialità tridimensionale senza che sia necessario utilizzare occhialini
La Formula E può correre su un tracciato vero? Reportage da Misano con Jaguar TCS Racing
La Formula E può correre su un tracciato vero? Reportage da Misano con Jaguar TCS Racing
Abbiamo visto ancora una volta la Formula E da vicino, ospiti di Jaguar TCS Racing. In questa occasione però curve e rettilinei erano quelli di un circuito permanente, molto diverso dagli stretti passaggi delle strade di Roma
Il 5 maggio torna la Maratona Fotografica di Bergamo, arrivata alla nona edizione
Teatro dei Vitellini - Regia di Gian Paolo Barbieri, la nuova mostra alla Leica Galerie Milano
Phi-3 Mini, il modello IA di Microsoft che può funzionare sugli smartphone
D-Wave annuncia la disponibilità della ricottura quantistica veloce, per calcoli ancora più rapidi
AWS aggiorna Amazon Bedrock con nuove funzionalità
Sonos: in arrivo un restyling completo per l'app
La Russia ha condannato il direttore delle comunicazioni di Meta a 6 anni di reclusione per 'terrorismo'
Dead Island 2 arriva finalmente su Steam: approfittate dello sconto lancio del 50%
Era già il tablet più conveniente su Amazon, e ora si abbassa ancora di prezzo: 10,4'' 2000x1200 pixel, 8GB/128GB, LTE, batteria 7200mAh a soli 119€
Razer Viper V3 Pro: il mouse da gaming wireless per il massimo delle prestazioni
Noctua NH-L12Sx77: il dissipatore per build SFF da gioco potenti e silenziose
Tutti gli articoli Tutte le news

Vai al Forum
Pagina 1 di 2 1 2 >
Rispondi
 
Strumenti
Old 15-06-2017, 14:09   #1
stefklas
Member
 
Iscritto dal: May 2010
Messaggi: 57
Virus o problema hardware?
Ciao a tutti, ho un problema che non saprei bene come definire al mio PC fisso: potrebbe essere un virus o un componente hardware (probabilmente la CPU) in procinto di lasciarmi.

In pratica, da un mesetto in qua, ogni tanto il PC si blocca all'improvviso. Il cursore del mouse non si muove più, la tastiera non funziona più e sullo schermo è come se venisse "stampata" l'immagine al momento del blocco. Se, ad esempio, stavo caricando una pagina web, la rotellina resta ferma immobile, così come tutto il resto. Come in una foto, insomma. E non c'è verso di sbloccarlo se non forzando il riavvio.

Per un po' ho cercato di capire se ciò fosse correlato all'apertura di specifici programmi o pagine web, ma niente. Ho fatto una scansione con Malwarebytes ma non ho risolto. Ho notato che quando la circostanza si verificava le ventole andavano a tutta, il che poteva significare uno sforzo eccessivo per la CPU, ma in realtà non è che stessi facendo chissà che.

Finché ieri, addirittura, ho acceso il PC, non ho fatto assolutamente nulla, sono uscito un paio d'ore e al mio ritorno l'ho trovato bloccato con le ventole al massimo. E al riavvio si ribloccava quasi subito. Ho scaricato Core Temp e mi dava 80° come massima temperatura della CPU.

Allora l'ho aperto e ho provato a pulirlo un po'. Effettivamente la polvere non mancava e la temperatura esterna in questi giorni non aiuta. Purtroppo, da inesperto quale sono, non sono riuscito a liberare le ventiole della CPU e della scheda video per pulirle, in ogni caso l'ho riavviato lasciando il case aperto. Le temperature su Core Temp si erano abbassate drasticamente (anche 30° o meno) e per un po' non ho riscontrato problemi. Solo che all'improvviso, senza un motivo apparente, la temperatura è tornata a salire vertiginosamente fino a sfiorare ancora gli 80°. Stavolta però non si è bloccato e la temperaura poi è nuovamente scesa.

Oggi, stesso problema. Appena mi sono assentato 10 minuti, le ventole hanno cominciato a girare all'impazzata e al ritorno l'ho trovato bloccato un'altra volta. Solo che adesso il case è aperto, il che mi induce a pensare che non sia tanto un problema di sporcizia. Anche se non ho ripulito la ventola della CPU, perché dovrebbe surriscaldarsi così tanto quando è a riposo e paradossalmente meno quando invece lo uso? Sospetto che ci sia un processo che parte in automatico creando il problema (magari un virus, appunto, o un processo di sistema che va in conflitto con qualcosa), ma sinceramente non riesco proprio a farmi un'idea precisa.

Vi lascio i componenti del PC, nella speranza che qualcuno possa darmi una mano. Grazie in anticipo a chiunque vorrà aiutarmi.


Case: Cooler Master N300
Alimentatore: XFX ProSeries 450W
Scheda madre: Gigabyte GA-970A-UD3P
Processore: AMD FX-8320 Box 3,5 GHz
Solid State Drive: Samsung 850 PRO 256GB
Hard disk: Western Digital Caviar Blue 1TB
Scheda video: Radeon R7 250 1GB
RAM: Kingston HyperX FURY 8GB
Masterizzatore: Samsung SH-224DB/BEBE
Sistema operativo: Windows 10 (aggiornamento da 8.1)
stefklas è offline   Rispondi citando il messaggio o parte di esso
Old 15-06-2017, 15:02   #2
Dan1979
Member
 
Iscritto dal: Jun 2017
Messaggi: 175
Prova a fare una scansione con malwarebyte antirootkit
scaricalo da qui https://www.bleepingcomputer.com/dow...-anti-rootkit/
•Esegui il file e segui le istruzioni sullo schermo per estrarlo dove preferisci (per default sul desktop)
•Malwarebytes Anti-Rootkit si apre; segui le istruzioni nel wizard per aggiornare il programma e consentirgli di effettuare la scansione del tuo computer contro le minacce
•Fai clic sul pulsante "Pulisci" per rimuovere tutte le minacce; riavvia il sistema se ti viene chiesto di farlo
•Attendi che il sistema si arresti e che venga eseguito il processo di pulizia
•Effettua un'altra scansione con Malwarebytes Anti-Rootkit per verificare che tutte le minacce siano state rimosse; in presenza di minacce residue, fai di nuovo clic su "Pulisci" e ripeti il processo
•posta il log

scarica roguekiller da qui
https://www.bleepingcomputer.com/download/roguekiller/
■ Scaricare e salvare sul desktop RogueKiller
■ Chiudere tutti i programmi che sono avviati.
■ Si prega di scollegare qualsiasi unità esterne USB dal computer prima di eseguire la scansione!
■ Per Vista o versioni piu su, fare clic destro sul file di programma e selezionare "Esegui come amministratore"
■ Accettare gli accordi di utente.
■ Eseguire la scansione e attendere fino al termine.
■ Se Windows apre per spiegare che cosa [PUM di] sono, leggere su di esso.
■ Fare clic sull'icona sul taksbar RoguKiller per tornare al report.
■ Fare clic apre il report
■ Fare clic sul pulsante Esporta TXT
■ Salvare il file del ReportRogue.txt
■ Fare clic sul pulsante Rimuovi per eliminare gli elementi in rosso
■ Fare clic su Fine e chiudere il programma.
■ Individuare il file ReportRogue.txt sul desktop e postarlo


ciao
Ultima modifica di Dan1979 : 15-06-2017 alle 15:15.
Dan1979 è offline   Rispondi citando il messaggio o parte di esso
Old 15-06-2017, 15:33   #3
stefklas
Member
 
Iscritto dal: May 2010
Messaggi: 57
Innanzitutto grazie mille.

Ho eseguito la scansione con anti-rootkit ed è uscito questo messaggio:

Congratulations, no cleanup is required!

Scan Finished: No malware found!


Ma è normale che durante la scansione la temperatura della CPU sia salita fino a 74°?


Ora procedo con roguekiller (sperando che non si surriscaldi al punto da bloccarsi durante lo scan...)
stefklas è offline   Rispondi citando il messaggio o parte di esso
Old 15-06-2017, 15:57   #4
Dan1979
Member
 
Iscritto dal: Jun 2017
Messaggi: 175
Dopo le scansioni apri il task menager
– premere Ctrl+alt+canc e scegliere Avvia Gestione Attività
Verificare a che percentuale lavora la cpu
sotto la scheda processi verificare che processo assorbe piu percentuale
termina i processi non essenziali uno per uno e verifica se scende la percentuale
Se non riesci scarica process explorer
prova a disabilitare anche windows update
Dan1979 è offline   Rispondi citando il messaggio o parte di esso
Old 15-06-2017, 16:24   #5
stefklas
Member
 
Iscritto dal: May 2010
Messaggi: 57
Finita la scansione con Roguekiller. Mi si è aperta una pagina web che spiega la questione dei PUM, per cui non so cosa eliminare e cosa no. Accetto suggerimenti.

Questo intanto è il report:


¤¤¤ Registro : 13 ¤¤¤
[PUP.Gen1] (X64) HKEY_LOCAL_MACHINE\Software\Reimage -> Trovato
[PUM.HomePage] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.symantec.com/redirects/se...pvid=21.6.0.32 -> Trovato
[PUM.HomePage] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.symantec.com/redirects/se...pvid=21.6.0.32 -> Trovato
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-3511887087-4107616233-696709613-1001\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.symantec.com/redirects/se...pvid=21.6.0.32 -> Trovato
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-3511887087-4107616233-696709613-1001\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.symantec.com/redirects/se...pvid=21.6.0.32 -> Trovato
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.symantec.com/redirects/se...pvid=21.6.0.32 -> Trovato
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.symantec.com/redirects/se...pvid=21.6.0.32 -> Trovato
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-3511887087-4107616233-696709613-1001\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://www.sicomputer.com/apps/start -> Trovato
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-3511887087-4107616233-696709613-1001\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://www.sicomputer.com/apps/start -> Trovato
[PUP.HackTool] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {F05FB9AC-6425-4F5A-B7E3-BB2756DFB0DC} : v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files\KMSpico\KMSELDI.exe|Name=KMS Emulator: KMSELDI.exe| [x] -> Trovato
[PUP.HackTool] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {3E02B047-CCBB-4343-B3A0-7CFDFB42342D} : v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files\KMSpico\KMSELDI.exe|Name=KMS Emulator: KMSELDI.exe| [x] -> Trovato
[PUP.HackTool] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {5BF59883-6C68-464E-A071-F339DC2B25CC} : v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files\KMSpico\AutoPico.exe|Name=KMS Emulator: AutoPico.exe| [x] -> Trovato
[PUP.HackTool] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {AD155401-D57D-4179-A12A-99AD74B73980} : v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files\KMSpico\AutoPico.exe|Name=KMS Emulator: AutoPico.exe| [x] -> Trovato

¤¤¤ Attività : 0 ¤¤¤

¤¤¤ Archivi : 14 ¤¤¤
[PUP.Gen0][Archivio] C:\Windows\SECOH-QAD.exe -> Trovato
[Tr.Gen0][Archivio] C:\Users\Claudio\AppData\Roaming\uTorrent\updates\3.4.5_41202\utorrentie.exe -> Trovato
[Tr.Gen0][Archivio] C:\Users\Claudio\AppData\Roaming\uTorrent\updates\3.4.5_41372\utorrentie.exe -> Trovato
[Tr.Gen0][Archivio] C:\Users\Claudio\AppData\Roaming\uTorrent\updates\3.4.5_41712\utorrentie.exe -> Trovato
[Tr.Gen0][Archivio] C:\Users\Claudio\AppData\Roaming\uTorrent\updates\3.4.5_41865\utorrentie.exe -> Trovato
[Tr.Gen0][Archivio] C:\Users\Claudio\AppData\Roaming\uTorrent\updates\3.4.6_42094\utorrentie.exe -> Trovato
[Tr.Gen0][Archivio] C:\Users\Claudio\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe -> Trovato
[Tr.Gen0][Archivio] C:\Users\Claudio\AppData\Roaming\uTorrent\updates\3.4.8_42576\utorrentie.exe -> Trovato
[Tr.Gen0][Archivio] C:\Users\Claudio\AppData\Roaming\uTorrent\updates\3.4.9_43085\utorrentie.exe -> Trovato
[Tr.Gen0][Archivio] C:\Users\Claudio\AppData\Roaming\uTorrent\updates\3.4.9_43295\utorrentie.exe -> Trovato
[PUP.HackTool][Archivio] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\Log KMSpico.lnk [LNK@] C:\PROGRA~1\KMSpico\scripts\Log.cmd -> Trovato
[PUP.HackTool][Archivio] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico\Uninstall KMSpico.lnk [LNK@] C:\PROGRA~1\KMSpico\UninsHs.exe /u0=KMSpico -> Trovato
[PUP.HackTool][Cartella] C:\Program Files\KMSpico -> Trovato
[PUP.Gen1][Cartella] C:\Program Files\Reimage -> Trovato

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Archivio Hosts : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Caricato) ¤¤¤

¤¤¤ Web Browser : 1 ¤¤¤
[PUM.HomePage][Firefox:Config] c05u035j.default : user_pref("browser.startup.homepage", "http://www.fantacalcio.it/"); -> Trovato

¤¤¤ Controllo MBR : ¤¤¤
+++++ PhysicalDrive0: Samsung SSD 850 PRO 256GB +++++
--- User ---
[MBR] dfcdb87f22337a1eac2ddc92b0cb8907
[BSP] 4b95327c6a6b34a418666446adc08ee0 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 350 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 718848 | Size: 243396 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 499195904 | Size: 449 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: WDC WD10EZEX-00BN5A0 +++++
--- User ---
[MBR] 5361cdcc8934a7cb3d3d28906647733a
[BSP] 38ef26ef65c192927016f230af201314 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 953867 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK
stefklas è offline   Rispondi citando il messaggio o parte di esso
Old 15-06-2017, 16:31   #6
Dan1979
Member
 
Iscritto dal: Jun 2017
Messaggi: 175
Hai per caso win10 craccato??
Dan1979 è offline   Rispondi citando il messaggio o parte di esso
Old 15-06-2017, 16:33   #7
stefklas
Member
 
Iscritto dal: May 2010
Messaggi: 57
Quote:
Originariamente inviato da Dan1979 Guarda i messaggi
Dopo le scansioni apri il task menager
– premere Ctrl+alt+canc e scegliere Avvia Gestione Attività
Verificare a che percentuale lavora la cpu
sotto la scheda processi verificare che processo assorbe piu percentuale
termina i processi non essenziali uno per uno e verifica se scende la percentuale
Se non riesci scarica process explorer
prova a disabilitare anche windows update
In questo momento lavora attorno all'1-2%. I processi che la utilizzano cambiano di continuo ma con percentuali irrisorie. Non a caso la temperatura ora è sui 30°, ma durante la scansione con Roguekiller, per dire, è arrivata a 76°.

Se può servire, ho notato (e non da ora) che il processo che fa girare le ventole più vorticosamente di solito è firefox. Ma non credo sia quello a creare il problema visto che, come detto, ormai il PC si blocca anche quando non faccio nulla ed è tutto chiuso.
stefklas è offline   Rispondi citando il messaggio o parte di esso
Old 15-06-2017, 16:34   #8
stefklas
Member
 
Iscritto dal: May 2010
Messaggi: 57
Quote:
Originariamente inviato da Dan1979 Guarda i messaggi
Hai per caso win10 craccato??
No, è originale. Avevo Win 8.1, poi ho fatto l'aggiornamento automatico a Win 10.
stefklas è offline   Rispondi citando il messaggio o parte di esso
Old 15-06-2017, 17:37   #9
stefklas
Member
 
Iscritto dal: May 2010
Messaggi: 57
Ehm... ho ancora aperto Roguekiller, cosa mi consigliate di rimuovere?
stefklas è offline   Rispondi citando il messaggio o parte di esso
Old 15-06-2017, 19:53   #10
Dan1979
Member
 
Iscritto dal: Jun 2017
Messaggi: 175
Elimina tutto di roguekiller....e di come va il pc
Si forefox consuma parecchie risorse potrebbe essere normale che partono le ventole
Ultima modifica di Dan1979 : 15-06-2017 alle 19:56.
Dan1979 è offline   Rispondi citando il messaggio o parte di esso
Old 15-06-2017, 20:06   #11
Dan1979
Member
 
Iscritto dal: Jun 2017
Messaggi: 175
Poi scarica farbar recovery scan tool dal sito della bleepingcomputer
Mettilo sul desktop avvialo e premi su scan
Quando ha finito allegami i log frst.txt e addition.txt
Li trovi sul desktop ciao
Dan1979 è offline   Rispondi citando il messaggio o parte di esso
Old 15-06-2017, 20:08   #12
stefklas
Member
 
Iscritto dal: May 2010
Messaggi: 57
Ti saprò dire. Oggi si è piantato una sola volta pochi minuti dopo l'accensione e poi basta, per cui si tratta di aspettare che il problema torni eventualmente a manifestarsi. Quella che andrebbe assolutamente fatta è una pulizia generale, soprattutto delle ventole, ma non riesco ad aprirle e ho paura di rompere qualcosa.
stefklas è offline   Rispondi citando il messaggio o parte di esso
Old 15-06-2017, 20:24   #13
stefklas
Member
 
Iscritto dal: May 2010
Messaggi: 57
Quote:
Originariamente inviato da Dan1979 Guarda i messaggi
Poi scarica farbar recovery scan tool dal sito della bleepingcomputer
Mettilo sul desktop avvialo e premi su scan
Quando ha finito allegami i log frst.txt e addition.txt
Li trovi sul desktop ciao
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-06-2017 01
Ran by Claudio (administrator) on KLAS (15-06-2017 21:22:06)
Running from C:\Users\Claudio\Downloads
Loaded Profiles: Claudio (Available Profiles: Claudio)
Platform: Windows 10 Pro Version 1607 (X64) Language: Italiano (Italia)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe
() C:\Windows\SysWOW64\SecUPDUtilSvc.exe
(Copyright (c) 2017 Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Microsoft Corporation) C:\Windows\System32\Speech_OneCore\Common\SpeechRuntime.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(VIA Technologies, Inc.) C:\Program Files\VIA XHCI UASP Utility\usb3Monitor.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
() C:\Program Files\OpenVPN\bin\openvpn-gui.exe
(Samsung Electronics Co. Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe
(Panasonic Corporation) C:\Program Files (x86)\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OFFICE15\CSISYNCCLIENT.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
(Copyright (c) 2017 Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_ep64.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_ep64.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17042.14111.0_x64__8wekyb3d8bbwe\Music.UI.exe
(hxxp://www.emule-project.net) C:\Program Files (x86)\eMule\emule.exe
(The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpn.exe
(ALCPU) C:\Program Files\Core Temp\Core Temp.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft® Windows® Operating System) C:\Windows\System32\Taskmgr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\OUTLOOK.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.524.10020.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\EXCEL.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\WINWORD.EXE

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [4689072 2013-12-26] (VIA)
HKLM\...\Run: [VIAxHCUtl] => C:\Program Files\VIA XHCI UASP Utility\usb3Monitor
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] ()
HKLM\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239592 2017-05-31] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [263232 2017-05-18] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58584 2017-05-30] (Raptr, Inc)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239592 2017-05-31] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [51416 2017-06-14] (Copyright (c) 2017 Plays.tv, LLC)
HKU\S-1-5-21-3511887087-4107616233-696709613-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-27] (Disc Soft Ltd)
HKU\S-1-5-21-3511887087-4107616233-696709613-1001\...\Run: [STUISpeedLauncher] => C:\Program Files\Samsung\Stylish UI Pack\TouchBasedUI.exe [411136 2015-02-09] ()
HKU\S-1-5-21-3511887087-4107616233-696709613-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23819304 2017-03-21] (Google)
HKU\S-1-5-21-3511887087-4107616233-696709613-1001\...\Run: [OPENVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [615040 2017-03-22] ()
HKU\S-1-5-21-3511887087-4107616233-696709613-1001\...\Run: [WhatsApp] => C:\Users\Claudio\AppData\Local\WhatsApp\app-0.2.4240\WhatsApp.exe [88291088 2017-04-26] (WhatsApp)
HKU\S-1-5-21-3511887087-4107616233-696709613-1001\...\Run: [eMuleAutoStart] => C:\Program Files (x86)\eMule\emule.exe [5758976 2010-04-07] (hxxp://www.emule-project.net)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => -> No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PHOTOfunSTUDIO 9.0 AE.lnk [2015-08-20]
ShortcutTarget: PHOTOfunSTUDIO 9.0 AE.lnk -> C:\Program Files (x86)\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe (Panasonic Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0878bcbf-b797-47ae-ba10-5b80729643ba}: [DhcpNameServer] 192.168.32.22 192.168.32.21
Tcpip\..\Interfaces\{e04e7c81-4a9f-4ab3-9f3c-fe2ecd89b8c7}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=it&pid=NIS&pvid=21.6.0.32
HKU\S-1-5-21-3511887087-4107616233-696709613-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=it&pid=NIS&pvid=21.6.0.32
HKU\S-1-5-21-3511887087-4107616233-696709613-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sicomputer.com/apps/start
SearchScopes: HKLM-x32 -> DefaultScope value is missing
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2017-04-11] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-25] (Google Inc.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation)
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2017-04-11] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-25] (Google Inc.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-25] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-25] (Google Inc.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: c05u035j.default
FF ProfilePath: C:\Users\Claudio\AppData\Roaming\Mozilla\Firefox\Profiles\c05u035j.default [2017-06-15]
FF Homepage: Mozilla\Firefox\Profiles\c05u035j.default -> hxxp://www.fantacalcio.it/
FF Extension: (YesScript) - C:\Users\Claudio\AppData\Roaming\Mozilla\Firefox\Profiles\c05u035j.default\Extensions\yesscript@userstyles.org.xpi [2016-08-03]
FF Extension: (RightToClick) - C:\Users\Claudio\AppData\Roaming\Mozilla\Firefox\Profiles\c05u035j.default\Extensions\{cd617375-6743-4ee8-bac4-fbf10f35729e}.xpi [2016-11-16]
FF Extension: (Adblock Plus) - C:\Users\Claudio\AppData\Roaming\Mozilla\Firefox\Profiles\c05u035j.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-08]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_126.dll [2017-06-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_126.dll [2017-06-14] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-07-19] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFFICE.DLL [2007-03-22] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\DACAABB511A61794FE7228C6D07836E9DACA [2015-12-30] <==== ATTENTION

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Claudio\AppData\Local\Google\Chrome\User Data\Default [2017-06-02]
CHR Extension: (Google Drive) - C:\Users\Claudio\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-16]
CHR Extension: (YouTube) - C:\Users\Claudio\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-20]
CHR Extension: (Google Search) - C:\Users\Claudio\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-19]
CHR Extension: (Adobe Acrobat) - C:\Users\Claudio\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-07]
CHR Extension: (Google Documenti offline) - C:\Users\Claudio\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-16]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Claudio\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-11-16]
CHR Extension: (Pagamenti Chrome Web Store) - C:\Users\Claudio\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-11]
CHR Extension: (Gmail) - C:\Users\Claudio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-13]
CHR Extension: (Chrome Media Router) - C:\Users\Claudio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-23]
CHR HKU\S-1-5-21-3511887087-4107616233-696709613-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Claudio\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2016-11-14]
CHR HKU\S-1-5-21-3511887087-4107616233-696709613-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-04] (Advanced Micro Devices, Inc.) [File not signed]
S3 AppleChargerSrv; C:\WINDOWS\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [264432 2017-05-18] (AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [7396872 2017-05-18] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1428656 2017-05-31] (AVG Technologies CZ, s.r.o.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-27] (Disc Soft Ltd)
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv2.exe [15872 2016-11-25] ( ) [File not signed]
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [72320 2017-03-22] (The OpenVPN Project)
S3 OpenVPNServiceLegacy; C:\Program Files\OpenVPN\bin\openvpnserv.exe [72320 2017-03-22] (The OpenVPN Project)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [55000 2017-06-14] (Copyright (c) 2017 Plays.tv, LLC)
R2 SamsungUPDUtilSvc; C:\Windows\SysWOW64\SecUPDUtilSvc.exe [143664 2016-05-19] ()
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7757040 2017-04-06] (TeamViewer GmbH)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [5906704 2017-02-21] (AVG Technologies CZ, s.r.o.)
R2 VIAKaraokeService; C:\WINDOWS\system32\viakaraokesrv.exe [36504 2015-06-22] (VIA Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ALSysIO; C:\Users\Claudio\AppData\Local\Temp\ALSysIO64.sys [35320 2017-06-15] (Arthur Liberman) <==== ATTENTION
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [23240 2016-03-21] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmdag.sys [36558208 2017-05-16] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmpag.sys [528760 2017-05-16] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R1 AppleCharger; C:\WINDOWS\System32\DRIVERS\AppleCharger.sys [22240 2013-10-28] ()
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110096 2016-04-26] (Advanced Micro Devices)
R1 avgbdisk; C:\WINDOWS\system32\drivers\avgbdiska.sys [166624 2017-05-18] (AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\system32\drivers\avgbidsdrivera.sys [314128 2017-05-18] (AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\system32\drivers\avgbidsha.sys [192584 2017-05-18] (AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\WINDOWS\system32\drivers\avgbloga.sys [336896 2017-05-18] (AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\system32\drivers\avgbuniva.sys [51336 2017-05-18] (AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\WINDOWS\system32\drivers\avgHwid.sys [39424 2017-05-18] (AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\WINDOWS\system32\drivers\avgMonFlt.sys [129776 2017-05-18] (AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\system32\drivers\avgRdr2.sys [102280 2017-05-18] (AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\system32\drivers\avgRvrt.sys [76832 2017-05-18] (AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\system32\drivers\avgSnx.sys [1008288 2017-05-18] (AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\system32\drivers\avgSP.sys [570320 2017-05-18] (AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\system32\drivers\avgStm.sys [160008 2017-05-18] (AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\system32\drivers\avgVmm.sys [340824 2017-05-18] (AVG Technologies CZ, s.r.o.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30352 2015-03-06] (Disc Soft Ltd)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2015-03-20] ()
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [252832 2017-06-15] (Malwarebytes)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2017-02-21] (AVG Netherlands B.V.)
S1 UsbCharger; C:\WINDOWS\System32\DRIVERS\UsbCharger.sys [22240 2013-10-24] ()
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-06-15 21:22 - 2017-06-15 21:22 - 00022540 _____ C:\Users\Claudio\Downloads\FRST.txt
2017-06-15 21:21 - 2017-06-15 21:22 - 00000000 ____D C:\FRST
2017-06-15 21:21 - 2017-06-15 21:21 - 02438656 _____ (Farbar) C:\Users\Claudio\Downloads\FRST64.exe
2017-06-15 19:13 - 2017-06-15 19:13 - 00013286 _____ C:\Users\Claudio\Desktop\rep.txt
2017-06-15 17:22 - 2017-06-15 17:22 - 00012930 _____ C:\Users\Claudio\Desktop\report.txt
2017-06-15 16:40 - 2017-06-15 16:40 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2017-06-15 16:39 - 2017-06-15 21:18 - 00000000 ____D C:\ProgramData\RogueKiller
2017-06-15 16:37 - 2017-06-15 16:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2017-06-15 16:37 - 2017-06-15 16:37 - 00000000 ____D C:\Program Files\RogueKiller
2017-06-15 16:09 - 2017-06-15 16:33 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-06-15 16:07 - 2017-06-15 16:33 - 00000000 ____D C:\Program Files\mbar
2017-06-15 16:05 - 2017-06-15 16:08 - 35421992 _____ (Adlice Software ) C:\Users\Claudio\Downloads\RogueKiller_setup_ref3.exe
2017-06-15 16:05 - 2017-06-15 16:06 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Claudio\Downloads\mbar-1.09.3.1001.exe
2017-06-15 13:13 - 2017-06-15 13:13 - 00000000 ___HD C:\OneDriveTemp
2017-06-14 20:09 - 2017-06-14 20:09 - 00007603 _____ C:\Users\Claudio\AppData\Local\Resmon.ResmonCfg
2017-06-14 17:24 - 2017-06-14 17:24 - 00000989 _____ C:\Users\Claudio\Desktop\Core Temp.lnk
2017-06-14 17:24 - 2017-06-14 17:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp
2017-06-14 17:24 - 2017-06-14 17:24 - 00000000 ____D C:\Program Files\Core Temp
2017-06-14 17:23 - 2017-06-14 17:23 - 01211896 _____ (ALCPU ) C:\Users\Claudio\Downloads\Core-Temp-setup.exe
2017-06-14 17:00 - 2017-06-14 17:00 - 00000000 ____D C:\Users\Claudio\AppData\Local\UNP
2017-06-14 14:42 - 2017-06-14 14:43 - 00000000 ____D C:\Program Files\UNP
2017-06-14 14:42 - 2017-06-14 14:42 - 00000000 ____D C:\WINDOWS\system32\UNP
2017-06-07 13:41 - 2017-06-07 13:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
2017-05-29 16:54 - 2017-05-29 16:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2017-05-24 16:36 - 2017-05-24 16:37 - 00000000 _____ C:\WINDOWS\SysWOW64\last.dump
2017-05-24 16:08 - 2017-06-15 16:07 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-05-24 16:08 - 2017-06-15 13:45 - 00252832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-05-24 16:08 - 2017-06-08 01:41 - 00077376 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-05-24 16:08 - 2017-06-07 16:34 - 00113592 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-05-24 16:08 - 2017-06-07 16:34 - 00093600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-05-24 16:08 - 2017-06-07 16:34 - 00044960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-05-24 16:08 - 2017-05-24 16:08 - 00001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-05-24 16:08 - 2017-05-24 16:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-05-24 16:08 - 2017-05-24 16:08 - 00000000 ____D C:\Program Files\Malwarebytes
2017-05-24 15:58 - 2017-05-24 16:02 - 63364552 _____ (Malwarebytes ) C:\Users\Claudio\Downloads\mb3-setup-consumer-3.1.2.1733-1.0.122-1.0.1976.exe
2017-05-24 15:20 - 2017-05-24 16:16 - 00000000 ____D C:\Program Files\Reimage
2017-05-24 15:19 - 2017-05-24 16:15 - 00000000 ____D C:\rei
2017-05-20 03:30 - 2017-05-20 03:30 - 00002904 _____ C:\WINDOWS\System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance
2017-05-19 17:09 - 2017-05-19 17:09 - 00002578 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp.lnk
2017-05-19 17:09 - 2017-02-21 09:29 - 00053008 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\TURegOpt.exe
2017-05-18 04:57 - 2017-04-19 20:36 - 00532136 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-05-18 04:41 - 2017-05-18 04:41 - 01008288 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2017-05-18 04:41 - 2017-05-18 04:41 - 00570320 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2017-05-18 04:41 - 2017-05-18 04:41 - 00401584 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2017-05-18 04:41 - 2017-05-18 04:41 - 00340824 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2017-05-18 04:41 - 2017-05-18 04:41 - 00336896 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbloga.sys
2017-05-18 04:41 - 2017-05-18 04:41 - 00314128 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdrivera.sys
2017-05-18 04:41 - 2017-05-18 04:41 - 00192584 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsha.sys
2017-05-18 04:41 - 2017-05-18 04:41 - 00166624 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbdiska.sys
2017-05-18 04:41 - 2017-05-18 04:41 - 00160008 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgstm.sys
2017-05-18 04:41 - 2017-05-18 04:41 - 00129776 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2017-05-18 04:41 - 2017-05-18 04:41 - 00102280 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2017-05-18 04:41 - 2017-05-18 04:41 - 00076832 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2017-05-18 04:41 - 2017-05-18 04:41 - 00051336 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniva.sys
2017-05-18 04:41 - 2017-05-18 04:41 - 00039424 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgHwid.sys
2017-05-18 04:41 - 2017-05-18 04:41 - 00004008 _____ C:\WINDOWS\System32\Tasks\Antivirus Emergency Update
2017-05-18 04:34 - 2017-05-29 16:54 - 00000894 _____ C:\Users\Public\Desktop\AVG.lnk
2017-05-17 14:56 - 2017-06-15 19:42 - 00000000 ____D C:\Users\Claudio\AppData\Roaming\WhatsApp
2017-05-17 14:56 - 2017-05-17 14:56 - 00002282 _____ C:\Users\Claudio\Desktop\WhatsApp.lnk
2017-05-17 14:56 - 2017-05-17 14:56 - 00000000 ____D C:\Users\Claudio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2017-05-17 14:56 - 2017-05-17 14:56 - 00000000 ____D C:\Users\Claudio\AppData\Local\WhatsApp
2017-05-17 14:56 - 2017-05-17 14:56 - 00000000 ____D C:\Users\Claudio\AppData\Local\SquirrelTemp
2017-05-17 14:46 - 2017-05-17 14:53 - 91179280 _____ (WhatsApp) C:\Users\Claudio\Downloads\WhatsAppSetup.exe
2017-05-17 13:20 - 2017-05-17 13:20 - 00003160 _____ C:\WINDOWS\System32\Tasks\StartCN
2017-05-17 13:20 - 2017-05-17 13:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings
2017-05-16 18:06 - 2017-05-16 18:06 - 01040768 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00924544 _____ (AMD) C:\WINDOWS\system32\coinst_17.10.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00546688 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00478080 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00121208 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00112512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00112000 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00099192 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00044920 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00042368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00029056 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00029048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-06-15 20:52 - 2015-03-09 22:44 - 00000000 ____D C:\Users\Claudio\Documents\File di Outlook
2017-06-15 19:46 - 2016-03-10 16:33 - 00000000 ____D C:\Users\Claudio\AppData\Roaming\PlaysTV
2017-06-15 19:21 - 2016-10-02 19:24 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-06-15 17:19 - 2016-11-18 15:28 - 00000000 ____D C:\Users\Claudio\AppData\LocalLow\Mozilla
2017-06-15 17:18 - 2013-08-22 17:36 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-06-15 16:09 - 2015-12-30 19:54 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-06-15 14:44 - 2015-12-17 18:44 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-06-15 14:44 - 2015-02-28 22:02 - 00000000 ____D C:\ProgramData\Skype
2017-06-15 13:50 - 2016-07-17 00:35 - 04317822 _____ C:\WINDOWS\system32\perfh010.dat
2017-06-15 13:50 - 2016-07-17 00:35 - 01281754 _____ C:\WINDOWS\system32\perfc010.dat
2017-06-15 13:50 - 2016-07-16 08:28 - 08792552 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-06-15 13:46 - 2016-11-14 19:19 - 00000000 ___RD C:\Users\Claudio\Google Drive
2017-06-15 13:46 - 2016-10-02 19:33 - 00003668 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task
2017-06-15 13:46 - 2015-03-05 19:48 - 00000000 ____D C:\Users\Claudio\AppData\Roaming\Raptr
2017-06-15 13:46 - 2015-03-03 18:30 - 00000000 __RDO C:\Users\Claudio\OneDrive
2017-06-15 13:45 - 2016-10-02 19:33 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-06-15 13:45 - 2016-10-02 19:26 - 00000000 ____D C:\Users\Claudio
2017-06-15 13:45 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-06-15 13:39 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-06-15 13:37 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-06-15 05:08 - 2016-10-02 19:24 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-06-15 05:08 - 2016-07-16 08:04 - 02097152 _____ C:\WINDOWS\system32\config\BBI
2017-06-15 04:57 - 2015-03-01 00:20 - 00000000 ____D C:\Users\Claudio\AppData\Roaming\vlc
2017-06-14 20:01 - 2015-03-01 20:47 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2017-06-14 17:19 - 2016-11-18 06:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-06-14 17:19 - 2015-02-28 22:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-06-14 17:16 - 2015-04-07 16:35 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-06-14 17:16 - 2015-04-07 16:35 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-06-14 17:13 - 2015-04-07 16:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-06-14 17:12 - 2015-03-02 02:05 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-06-14 17:07 - 2015-03-02 02:04 - 133627792 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-06-14 14:43 - 2013-08-22 15:25 - 00000167 _____ C:\WINDOWS\win.ini
2017-06-14 05:43 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-06-14 05:43 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-06-14 04:01 - 2015-03-01 21:37 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2017-06-12 18:02 - 2015-02-28 22:02 - 00000000 ____D C:\Users\Claudio\AppData\Roaming\Skype
2017-06-09 13:24 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-06-07 18:59 - 2015-03-01 00:20 - 00001139 _____ C:\Users\Public\Desktop\VLC media player.lnk
2017-06-07 13:41 - 2016-10-02 19:33 - 00003334 _____ C:\WINDOWS\System32\Tasks\SamsungMagician
2017-06-07 13:41 - 2015-03-09 15:54 - 00001293 _____ C:\Users\Public\Desktop\Samsung Magician.lnk
2017-06-07 13:41 - 2015-03-07 20:27 - 00000000 ____D C:\ProgramData\Samsung
2017-06-07 13:41 - 2015-03-07 20:25 - 00000000 ____D C:\Program Files (x86)\Samsung
2017-06-03 19:46 - 2015-02-26 05:11 - 00000000 ____D C:\Users\Claudio\AppData\Local\Packages
2017-06-03 08:36 - 2016-07-16 13:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-06-03 08:36 - 2016-07-16 13:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-05-26 05:00 - 2015-02-28 20:34 - 00000000 ____D C:\Users\Claudio\AppData\Roaming\uTorrent
2017-05-19 17:10 - 2016-10-02 19:33 - 00002750 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3511887087-4107616233-696709613-1001
2017-05-19 17:09 - 2015-10-25 14:08 - 00000000 ____D C:\ProgramData\Avg
2017-05-19 17:09 - 2015-10-25 13:59 - 00000000 ____D C:\Users\Claudio\AppData\Local\AvgSetupLog
2017-05-19 17:09 - 2015-05-21 12:33 - 00000000 ____D C:\Users\Claudio\AppData\Local\Avg
2017-05-19 17:09 - 2015-03-06 20:41 - 00000000 ____D C:\Program Files (x86)\AVG
2017-05-18 05:07 - 2016-07-16 13:47 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2017-05-18 05:07 - 2015-10-25 14:16 - 00000000 ____D C:\Users\Claudio\AppData\Roaming\AVG
2017-05-18 05:07 - 2015-06-18 12:56 - 00000000 ____D C:\Program Files\Common Files\AV
2017-05-17 13:20 - 2016-10-02 19:24 - 00000000 ____D C:\Program Files\AMD
2017-05-17 13:20 - 2016-07-16 08:19 - 00000000 ____D C:\Program Files (x86)\AMD
2017-05-17 13:20 - 2015-02-26 07:12 - 00000000 ____D C:\ProgramData\AMD
2017-05-17 13:19 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2017-05-17 13:19 - 2015-02-28 22:50 - 00000000 ____D C:\AMD
2017-05-16 18:06 - 2016-10-26 01:04 - 10320248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll
2017-05-16 18:06 - 2016-10-26 01:04 - 02536320 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2017-05-16 18:06 - 2016-10-26 01:04 - 01516416 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2017-05-16 18:06 - 2016-10-26 01:04 - 00864120 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2017-05-16 18:06 - 2016-10-26 01:04 - 00514424 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2017-05-16 18:06 - 2016-10-26 01:04 - 00411008 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2017-05-16 18:06 - 2016-10-26 01:04 - 00091520 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2017-05-16 18:06 - 2016-10-26 01:04 - 00068992 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2017-05-16 18:06 - 2016-07-25 22:55 - 00156704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2017-05-16 18:06 - 2016-07-25 22:55 - 00148440 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2017-05-16 18:06 - 2016-07-25 22:55 - 00115072 _____ C:\WINDOWS\system32\atidxx64.dll
2017-05-16 18:06 - 2016-07-25 22:55 - 00101760 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2017-05-16 18:06 - 2016-07-25 22:53 - 00531328 _____ C:\WINDOWS\system32\GameManager64.dll
2017-05-16 18:06 - 2016-07-25 22:53 - 00365440 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2017-05-16 18:06 - 2016-07-25 22:53 - 00278400 _____ C:\WINDOWS\system32\clinfo.exe
2017-05-16 18:06 - 2016-07-25 22:53 - 00276352 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2017-05-16 18:06 - 2016-07-25 22:53 - 00242048 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2017-05-16 18:06 - 2016-07-25 22:53 - 00191360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2017-05-16 18:06 - 2016-07-25 22:53 - 00169856 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2017-05-16 18:06 - 2016-07-25 22:53 - 00167808 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2017-05-16 18:06 - 2016-07-25 22:53 - 00150912 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2017-05-16 18:06 - 2016-07-25 22:53 - 00133504 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2017-05-16 18:06 - 2016-07-25 22:52 - 00777088 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2017-05-16 18:06 - 2016-07-25 22:52 - 00551808 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2017-05-16 18:06 - 2016-07-25 22:52 - 00483712 _____ C:\WINDOWS\system32\atieah64.exe
2017-05-16 18:06 - 2016-07-25 22:52 - 00467328 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2017-05-16 18:06 - 2016-07-25 22:52 - 00334208 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2017-05-16 18:06 - 2016-07-25 22:52 - 00245112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2017-05-16 18:06 - 2016-07-25 22:52 - 00203648 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2017-05-16 18:06 - 2016-07-25 22:52 - 00122744 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2017-05-16 18:06 - 2016-07-25 22:51 - 08479104 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll
2017-05-16 18:06 - 2016-07-25 22:51 - 02198400 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2017-05-16 18:06 - 2016-07-25 22:51 - 01040768 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2017-05-16 18:06 - 2016-07-25 22:49 - 00696192 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2017-05-16 18:06 - 2016-07-25 22:49 - 00360312 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2017-05-16 18:06 - 2016-07-25 22:49 - 00075136 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2017-05-16 18:06 - 2016-07-25 22:45 - 00551808 _____ C:\WINDOWS\system32\dgtrayicon.exe
2017-05-16 18:06 - 2016-07-25 22:45 - 00135040 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2017-05-16 18:05 - 2016-10-26 01:05 - 00573800 _____ C:\WINDOWS\system32\amdmiracast.dll
2017-05-16 18:05 - 2016-10-26 01:05 - 00196176 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2017-05-16 18:05 - 2016-10-26 01:05 - 00139080 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2017-05-16 18:05 - 2016-10-26 01:05 - 00131280 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2017-05-16 18:05 - 2016-07-25 22:55 - 00164400 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2017-05-16 18:05 - 2016-07-25 22:55 - 00131280 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2017-05-16 18:05 - 2016-07-25 22:55 - 00102520 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2017-05-16 18:05 - 2016-07-25 22:55 - 00102512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2017-05-16 18:05 - 2016-07-25 22:54 - 00116072 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll

==================== Files in the root of some directories =======

2015-03-10 00:44 - 2015-03-10 01:07 - 0028298 _____ () C:\Users\Claudio\AppData\Roaming\Valori separati da virgola.ADR
2015-03-10 00:57 - 2015-04-23 16:45 - 0012424 _____ () C:\Users\Claudio\AppData\Roaming\Valori separati da virgola.EML
2017-06-14 20:09 - 2017-06-14 20:09 - 0007603 _____ () C:\Users\Claudio\AppData\Local\Resmon.ResmonCfg

Some files in TEMP:
====================
2017-06-15 16:40 - 2016-11-11 12:13 - 1886344 _____ (Microsoft Corporation) C:\Users\Claudio\AppData\Local\Temp\dllnt_dump.dll
2017-05-19 15:42 - 2017-05-19 15:42 - 14608752 _____ (Samsung Electronics ) C:\Users\Claudio\AppData\Local\Temp\Samsung_Magician_Installer.exe
2016-10-05 14:54 - 2017-06-12 12:01 - 0854016 _____ () C:\Users\Claudio\AppData\Local\Temp\SkypeSetup.exe
2017-04-12 16:24 - 2017-04-12 16:24 - 14456872 _____ (Microsoft Corporation) C:\Users\Claudio\AppData\Local\Temp\vc_redist.x86.exe
2017-06-02 02:32 - 2017-06-07 18:58 - 30950664 _____ () C:\Users\Claudio\AppData\Local\Temp\vlc-2.2.6-win32.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-06-06 20:39

==================== End of FRST.txt ============================
stefklas è offline   Rispondi citando il messaggio o parte di esso
Old 15-06-2017, 20:24   #14
stefklas
Member
 
Iscritto dal: May 2010
Messaggi: 57
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-06-2017 01
Ran by Claudio (15-06-2017 21:22:45)
Running from C:\Users\Claudio\Downloads
Windows 10 Pro Version 1607 (X64) (2016-10-02 17:35:09)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3511887087-4107616233-696709613-500 - Administrator - Disabled)
Claudio (S-1-5-21-3511887087-4107616233-696709613-1001 - Administrator - Enabled) => C:\Users\Claudio
DefaultAccount (S-1-5-21-3511887087-4107616233-696709613-503 - Limited - Disabled)
Guest (S-1-5-21-3511887087-4107616233-696709613-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3511887087-4107616233-696709613-1003 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Antivirus (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.33 - GIGABYTE)
µTorrent (HKU\S-1-5-21-3511887087-4107616233-696709613-1001\...\uTorrent) (Version: 3.4.9.43295 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Italiano (HKLM-x32\...\{AC76BA86-7AD7-1040-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.126 - Adobe Systems Incorporated)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.)
AVG (Version: 1.191.1 - AVG Technologies) Hidden
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.74.2.60831 - AVG Technologies)
AVG PC TuneUp (x32 Version: 16.74.1 - AVG Technologies) Hidden
AVG Protection (HKLM-x32\...\AVG Antivirus) (Version: 17.4.3014 - AVG Technologies)
Avidemux 2.6 - 64 bits (HKLM-x32\...\Avidemux 2.6 - 64 bits (64-bit)) (Version: 2.6.12.160304 - )
calibre 64bit (HKLM\...\{03D76A6B-4B00-4CEA-835B-909D7462F32E}) (Version: 2.58.0 - Kovid Goyal)
Catalyst Control Center Next Localization BR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
Core Temp 1.8.1 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.8.1 - ALCPU)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 5.0.1.0406 - Disc Soft Ltd)
Diagnostica della stampante Samsung (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.2.5 - Samsung Electronics Co., Ltd.)
DriverUpdate (HKLM-x32\...\{E2A3A216-9DFE-4EC1-AA69-162588FEF014}) (Version: 2.2.36929 - SlimWare Utilities, Inc.)
Easy Tune 6 B13.1111.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B13.1111.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
eMule (HKLM-x32\...\eMule) (Version: - )
FMW 1 (Version: 1.203.1 - AVG Technologies) Hidden
GNU Backgammon (Version 1_05_000, 20150725) (HKLM-x32\...\GNU Backgammon_is1) (Version: - Free Software Foundation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Drive (HKLM-x32\...\{A1238426-ECDF-4639-BE2F-8D12A97AE23C}) (Version: 2.34.5075.1619 - Google, Inc.)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.21.115 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
HandBrake 0.10.5 (HKLM-x32\...\HandBrake) (Version: 0.10.5 - )
Malwarebytes versione 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3511887087-4107616233-696709613-1001\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools per Office Runtime (x64) - Language Pack - ITA (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ITA) (Version: 10.0.50903 - Microsoft Corporation)
MKVToolNix 6.7.0 [20140102-565] (HKLM-x32\...\MKVToolNix) (Version: 6.7.0 - Moritz Bunkus)
Moo0 Audio Converter 1.32 (HKLM-x32\...\Moo0 AudioTypeConverter) (Version: - )
Mozilla Firefox 54.0 (x86 it) (HKLM-x32\...\Mozilla Firefox 54.0 (x86 it)) (Version: 54.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 54.0.0.6368 - Mozilla)
Mozilla Thunderbird 31.5.0 (x86 it) (HKLM-x32\...\Mozilla Thunderbird 31.5.0 (x86 it)) (Version: 31.5.0 - Mozilla)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 18.0.1 - OBS Project)
ON_OFF Charge 2 B13.1028.1 (HKLM-x32\...\InstallShield_{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE)
ON_OFF Charge 2 B13.1028.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
OpenVPN 2.4.1-I601 (HKLM\...\OpenVPN) (Version: 2.4.1-I601 - OpenVPN Technologies, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Pacchetto Eco Driver (HKLM-x32\...\Samsung Eco Driver Pack) (Version: 2.01.10.00 (28/05/2015) - Samsung Electronics Co., Ltd.)
Pacchetto Stylish Driver (HKLM-x32\...\Samsung Stylish UI Pack) (Version: 1.01.74.00 (09/02/2015) - Samsung Electronics Co., Ltd.)
PHOTOfunSTUDIO 9.0 AE (HKLM-x32\...\{94C19375-D509-4D21-A627-DD9160DF4710}) (Version: 9.00.517 - Panasonic Corporation)
Platform (x32 Version: 1.42 - VIA Technologies, Inc.) Hidden
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.24.2-r123476-release - Plays.tv, LLC)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.10-r123135-release - Raptr, Inc)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.18.621.2013 - Realtek)
RogueKiller version 12.11.1.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.11.1.0 - Adlice Software)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 2.0.0.78 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15024.8 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.15024.8 - Samsung Electronics Co., Ltd.) Hidden
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.1.0.1120 - Samsung Electronics)
Samsung Printer Center (HKLM-x32\...\Samsung Printer Center) (Version: 1.0.0.12 - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (x32 Version: 1.03.05.26 - Samsung Electronics Co., Ltd.) Hidden
Samsung Universal Print Driver 2 (HKLM-x32\...\Samsung Universal Print Driver 2) (Version: 2.50.06.00 - Samsung Electronics Co., Ltd.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
Skype™ 7.36 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.36.101 - Skype Technologies S.A.)
SolveigMM AVI Trimmer+ versione 5.0.1603.23 (HKLM-x32\...\SolveigMM AVI Trimmer_is1) (Version: 5.0.1603.23 - Solveig Multimedia)
SolveigMM Video Splitter Home Edition (HKLM-x32\...\SolveigMM Video Splitter Home Edition 5.0.1509.11) (Version: 5.0.1509.11 - Solveig Multimedia)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.76421 - TeamViewer)
Uninstall Samsung Printer Software (HKLM-x32\...\TotalUninstaller) (Version: 4.0.0.12 - Samsung Electronics CO., LTD.)
Unlocker 1.9.1-x64 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
Update for Skype for Business 2015 (KB3191873) 64-Bit Edition (HKLM\...\{90150000-012B-0410-1000-0000000FF1CE}_Office15.PROPLUS_{85A9A851-E7DE-47F5-9F0D-58808E986FE1}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3191876) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{63B92B9B-BAA1-4708-BB4B-216BB5FD6322}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3191876) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{63B92B9B-BAA1-4708-BB4B-216BB5FD6322}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3191876) 64-Bit Edition (HKLM\...\{90150000-012B-0410-1000-0000000FF1CE}_Office15.PROPLUS_{63B92B9B-BAA1-4708-BB4B-216BB5FD6322}) (Version: - Microsoft)
vanBasco's Karaoke Player (HKLM-x32\...\VMidi) (Version: - )
VIA Manager Piattaforma (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Visualizza Guida dell’utente (HKLM-x32\...\View User Guide) (Version: 4.0.0.6 - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0) (Version: 1.0.17.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1-2) (Version: 1.0.3.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.3.1 (Version: 1.0.3.1 - LunarG, Inc.) Hidden
WhatsApp (HKU\S-1-5-21-3511887087-4107616233-696709613-1001\...\WhatsApp) (Version: 0.2.4240 - WhatsApp)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinZip 12.0 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240B7}) (Version: 12.0.8252 - WinZip Computing, S.L. )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0CF53677-BC7E-4D68-BC7B-AE60A84001ED} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {154D4630-EBCA-434C-B484-E88C46A7CE2D} - \WPD\SqmUpload_S-1-5-21-3511887087-4107616233-696709613-1001 -> No File <==== ATTENTION
Task: {1FE86BB0-CEF7-4B9D-B8D1-3EF34360FA52} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {209022DE-32F0-449B-A1BD-59BEE83E67B6} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {24CBAAD4-1132-49EA-8534-5FACFA34D692} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {35DC58C7-89B0-48C9-8E9D-76C0E0E9BB78} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {3733B79C-C3C2-4DCD-B84C-CE43AA66E705} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {39BAB04C-8521-4397-B539-C0B4C946DEED} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe [2017-02-21] (AVG Technologies CZ, s.r.o.)
Task: {3D0315BB-FFA1-4C76-B8AB-EB78FB687060} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {3DCDB99E-7F3C-46CE-837B-5A111929BDF6} - System32\Tasks\MotoGP => Firefox.exe hxxp://www.motogp.com/
Task: {482D36AD-CA7D-42E0-882B-0ACBFB372CB8} - System32\Tasks\{150078D6-86FF-4591-A911-219B29645782} => pcalua.exe -a C:\Windows\system32\javaws.exe -c -uninstall -prompt "hxxp://jws.agenziaentrate.it/jws/dichiarazioni/2016/UNI16.jnlp"
Task: {49B0EEA3-822D-42AB-80D6-310E56192F8E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {4DE0DE2E-BF45-4754-9022-0AD457BF66BF} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {4E75E1FF-3E7B-4793-8685-6CDC54CB12EE} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {53B79389-325E-484C-A880-4D95E300451C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {599C466A-D6AA-4069-8EDF-8BCEDC3B8E09} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-04-24] (Advanced Micro Devices, Inc.)
Task: {6A8DEED4-26C6-4ACD-9BA0-0F1BA9539032} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [2017-05-18] (AVG Technologies CZ, s.r.o.)
Task: {6F16341C-FF77-4A2E-8252-0ABE53694AB1} - System32\Tasks\EPM Preload => C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2DotNetHandler.exe [2015-04-24] ()
Task: {70915773-242A-474A-ADF4-F9E4FAE3A266} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {7CA0D17F-309B-46E1-885E-ACC287EDF342} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {7ECDF658-7A02-4EA6-8D30-5593D1F760AE} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {81513D21-688F-460D-B2F8-4E3AEEFAECFA} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2017-06-14] (Microsoft Corporation)
Task: {913BA7EB-F711-4767-9F05-BDF402A15ABB} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {9AB0D919-322F-499A-BDAB-83A11E248102} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {9BECD48C-8E37-4F95-9514-5B849B522017} - System32\Tasks\Formula 1 => Firefox.exe hxxps://www.formula1.com/en.html
Task: {B164D83E-1136-4828-9DFC-CCE65283113A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {B680E122-9A97-4E30-9986-08B1915B4ECA} - System32\Tasks\RunAsStdUser Task => C:\Program Files (x86)\Moo0\AudioConverter 1.32\AudioConverter.exe [2013-08-11] (Moo0)
Task: {B6D71C30-5A70-4F9B-A37B-008B996F3509} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-06-14] (Adobe Systems Incorporated)
Task: {B9A1E249-EC74-4C4A-93F5-77DED62D5311} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {BA10277A-1151-4ABB-9936-505AA472E51F} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-03-21] (Advanced Micro Devices, Inc.)
Task: {BC05D346-893B-4F75-915D-2EF6516ECFE4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {BE201AD4-A3E3-445F-8030-AC0BD1159EC3} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {BF276FB0-3B01-4DDA-B4DA-9F2A8D60F2A9} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {C933E1D1-22AD-4A10-BAA1-2C414823BF79} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [2017-05-19] (Samsung Electronics Co. Ltd.)
Task: {DCE76D9D-095C-480C-B365-C1770CF97402} - System32\Tasks\Injury List Nba => Firefox.exe hxxp://stats.hoopshype.com/basketball/nba-injuries.aspx?page=/data/nba/injury/injuries.html
Task: {E4512788-4B07-4ECF-AA88-7BB02045E663} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Claudio\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {FD9DB53C-7C0B-4FF1-B926-D11D5E8B1886} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{6E70A734-C15F-43DF-B571-8F1685D2F9D2}.job => C:\WINDOWS\system32\msfeedssync.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-05-10 23:10 - 2017-04-28 02:49 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-05-19 16:35 - 2014-11-25 13:16 - 00022528 _____ () C:\WINDOWS\System32\us005lm.dll
2015-03-24 22:00 - 2014-04-16 10:22 - 00029184 _____ () C:\WINDOWS\System32\usp02l.dll
2015-08-04 00:25 - 2015-08-04 00:25 - 00214528 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 03650560 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Platform.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 00817152 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Device.dll
2015-03-24 22:02 - 2016-05-19 16:35 - 00143664 _____ () C:\Windows\SysWOW64\SecUPDUtilSvc.exe
2016-05-19 16:35 - 2015-07-27 11:57 - 01687856 _____ () C:\WINDOWS\system32\spool\DRIVERS\x64\3\us005du.dll
2016-10-03 16:41 - 2016-09-07 06:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-17 14:18 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-17 14:17 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-17 14:17 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-17 14:17 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-05-10 23:10 - 2017-04-28 01:36 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-05-10 23:10 - 2017-04-28 01:36 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-05-10 23:10 - 2017-04-28 01:37 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00191488 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2015-02-26 07:07 - 2012-11-14 09:22 - 00078456 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2015-02-26 07:07 - 2012-11-14 09:22 - 00386168 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2017-03-22 18:49 - 2017-03-22 18:49 - 00615040 _____ () C:\Program Files\OpenVPN\bin\openvpn-gui.exe
2014-09-08 13:39 - 2014-09-08 13:39 - 00464608 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2014-09-08 13:38 - 2014-09-08 13:38 - 00051200 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2017-06-14 02:32 - 2017-06-14 02:32 - 00020184 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
2017-06-01 16:52 - 2017-06-01 16:57 - 30965760 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17042.14111.0_x64__8wekyb3d8bbwe\Music.UI.exe
2017-06-01 16:52 - 2017-06-01 16:57 - 09016320 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17042.14111.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-05-26 13:06 - 2017-05-26 13:10 - 03140520 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17042.14111.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-03-22 18:49 - 2017-03-22 18:49 - 00225696 _____ () C:\Program Files\OpenVPN\bin\liblzo2-2.dll
2017-03-22 18:49 - 2017-03-22 18:49 - 00124872 _____ () C:\Program Files\OpenVPN\bin\libpkcs11-helper-1.dll
2015-02-10 14:12 - 2015-02-10 14:12 - 02210480 _____ () C:\Program Files\Microsoft Office\Office15\tmpod.dll
2015-10-13 16:10 - 2015-10-13 16:10 - 01428648 _____ () C:\Program Files\Microsoft Office\Office15\ADDINS\UmOutlookAddin.dll
2017-06-03 12:36 - 2017-06-03 12:45 - 00020480 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.524.10020.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-06-03 12:36 - 2017-06-03 12:45 - 27430400 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.524.10020.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-06-03 12:36 - 2017-06-03 12:45 - 00460288 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.524.10020.0_x64__8wekyb3d8bbwe\Microsoft.Photos.AGM.Native.Windows.dll
2017-06-03 12:36 - 2017-06-03 12:45 - 02275328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.524.10020.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2017-06-03 12:36 - 2017-06-03 12:45 - 03139496 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.524.10020.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-06-03 12:36 - 2017-06-03 12:45 - 00046080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.524.10020.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2016-07-16 16:48 - 2016-07-16 16:48 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.524.10020.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2017-06-03 12:36 - 2017-06-03 12:45 - 00900096 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.524.10020.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-05-05 13:01 - 2017-05-05 13:13 - 01062400 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.524.10020.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2016-07-16 16:48 - 2016-07-16 16:48 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.524.10020.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2017-06-14 02:32 - 2017-06-14 02:32 - 00033280 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\cx_Logging.cp35-win32.pyd
2017-06-14 02:32 - 2017-06-14 02:32 - 00103424 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32api.pyd
2017-06-14 02:32 - 2017-06-14 02:32 - 00111616 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pywintypes35.dll
2017-06-14 02:32 - 2017-06-14 02:32 - 00041984 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32process.pyd
2017-06-14 02:32 - 2017-06-14 02:32 - 00405504 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pythoncom35.dll
2017-06-14 02:32 - 2017-06-14 02:32 - 00173568 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32gui.pyd
2017-06-14 02:32 - 2017-06-14 02:32 - 01934336 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtGui.pyd
2017-06-14 02:32 - 2017-06-14 02:32 - 00077824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\sip.pyd
2017-06-14 02:32 - 2017-06-14 02:32 - 01780736 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtCore.pyd
2017-06-14 02:32 - 2017-06-14 02:32 - 00505856 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtNetwork.pyd
2017-06-14 02:32 - 2017-06-14 02:32 - 03812864 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWidgets.pyd
2016-11-28 16:44 - 2016-11-28 16:44 - 48920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
2017-05-18 04:41 - 2017-05-18 04:41 - 00171344 _____ () C:\Program Files (x86)\AVG\Antivirus\JsonRpcServer.dll
2017-05-18 04:41 - 2017-05-18 04:41 - 00999024 _____ () C:\Program Files (x86)\AVG\Antivirus\AvChrome.dll
2017-05-18 04:41 - 2017-05-18 04:41 - 67717632 _____ () C:\Program Files (x86)\AVG\Antivirus\libcef.dll
2017-05-18 04:41 - 2017-05-18 04:41 - 00178120 _____ () C:\Program Files (x86)\AVG\Antivirus\event_routing_rpc.dll
2017-05-18 04:41 - 2017-05-18 04:41 - 00224352 _____ () C:\Program Files (x86)\AVG\Antivirus\tasks_core.dll
2017-05-18 04:41 - 2017-05-18 04:41 - 00685784 _____ () C:\Program Files (x86)\AVG\Antivirus\ffl2.dll
2017-06-15 13:46 - 2017-06-15 13:46 - 00098816 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI75402\win32api.pyd
2017-06-15 13:46 - 2017-06-15 13:46 - 00110080 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI75402\pywintypes27.dll
2017-06-15 13:46 - 2017-06-15 13:46 - 00364544 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI75402\pythoncom27.dll
2017-06-15 13:46 - 2017-06-15 13:46 - 00320512 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI75402\win32com.shell.shell.pyd
2017-06-15 13:46 - 2017-06-15 13:46 - 00914432 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI75402\_hashlib.pyd
2017-06-15 13:46 - 2017-06-15 13:46 - 01176576 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI75402\wx._core_.pyd
2017-06-15 13:46 - 2017-06-15 13:46 - 00806400 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI75402\wx._gdi_.pyd
2017-06-15 13:46 - 2017-06-15 13:46 - 00816128 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI75402\wx._windows_.pyd
2017-06-15 13:46 - 2017-06-15 13:46 - 01067008 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI75402\wx._controls_.pyd
2017-06-15 13:46 - 2017-06-15 13:46 - 00733184 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI75402\wx._misc_.pyd
2017-06-15 13:46 - 2017-06-15 13:46 - 00682496 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI75402\pysqlite2._sqlite.pyd
2017-06-15 13:46 - 2017-06-15 13:46 - 00088064 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI75402\_ctypes.pyd
2017-06-15 13:46 - 2017-06-15 13:46 - 00686080 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI75402\unicodedata.pyd
2017-06-15 13:46 - 2017-06-15 13:46 - 00119808 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI75402\win32file.pyd
2017-06-15 13:46 - 2017-06-15 13:46 - 00108544 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI75402\win32security.pyd
2017-06-15 13:46 - 2017-06-15 13:46 - 00007168 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI75402\hashobjs_ext.pyd
2017-06-15 13:46 - 2017-06-15 13:46 - 00017920 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI75402\thumbnails_ext.pyd
2017-06-15 13:46 - 2017-06-15 13:46 - 00088064 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI75402\usb_ext.pyd
2017-06-15 13:46 - 2017-06-15 13:46 - 00012800 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI75402\common.time34.pyd
2017-06-15 13:46 - 2017-06-15 13:46 - 00018432 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI75402\win32event.pyd
2017-06-15 13:46 - 2017-06-15 13:46 - 00167936 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI75402\win32gui.pyd
2017-06-15 13:46 - 2017-06-15 13:46 - 00046080 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI75402\_socket.pyd
2017-06-15 13:46 - 2017-06-15 13:46 - 01303552 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI75402\_ssl.pyd
2017-06-15 13:46 - 2017-06-15 13:46 - 00128512 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI75402\_elementtree.pyd
2017-06-15 13:46 - 2017-06-15 13:46 - 00127488 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI75402\pyexpat.pyd
2017-06-15 13:46 - 2017-06-15 13:46 - 00038912 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI75402\win32inet.pyd
2017-06-15 13:46 - 2017-06-15 13:46 - 00036864 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI75402\_psutil_windows.pyd
2017-06-15 13:46 - 2017-06-15 13:46 - 00524248 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI75402\windows._lib_cacheinvalidation.pyd
2017-06-15 13:46 - 2017-06-15 13:46 - 00011264 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI75402\win32crypt.pyd
2017-06-15 13:46 - 2017-06-15 13:46 - 00123392 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI75402\wx._wizard.pyd
2017-06-15 13:46 - 2017-06-15 13:46 - 00077312 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI75402\wx._html2.pyd
2017-06-15 13:46 - 2017-06-15 13:46 - 00027648 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI75402\_multiprocessing.pyd
2017-06-15 13:46 - 2017-06-15 13:46 - 00020480 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI75402\_yappi.pyd
2017-06-15 13:46 - 2017-06-15 13:46 - 00035840 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI75402\win32process.pyd
2017-06-15 13:46 - 2017-06-15 13:46 - 00078848 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI75402\wx._animate.pyd
2017-06-15 13:46 - 2017-06-15 13:46 - 00024064 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI75402\win32pipe.pyd
2017-06-15 13:46 - 2017-06-15 13:46 - 00010240 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI75402\select.pyd
2017-06-15 13:46 - 2017-06-15 13:46 - 00025600 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI75402\win32pdh.pyd
2017-06-15 13:46 - 2017-06-15 13:46 - 00017408 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI75402\win32profile.pyd
2017-06-15 13:46 - 2017-06-15 13:46 - 00022528 ____R () C:\Users\Claudio\AppData\Local\Temp\_MEI75402\win32ts.pyd
2015-05-08 03:37 - 2015-05-08 03:37 - 00087040 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_ctypes.pyd
2015-05-08 03:37 - 2015-05-08 03:37 - 00043008 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_socket.pyd
2015-05-08 03:37 - 2015-05-08 03:37 - 00805376 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_ssl.pyd
2015-05-08 03:39 - 2015-05-08 03:39 - 05812736 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtGui.pyd
2017-05-04 21:01 - 2017-05-04 21:01 - 00067584 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\sip.pyd
2015-05-08 03:39 - 2015-05-08 03:39 - 01662464 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtCore.pyd
2015-05-08 03:39 - 2015-05-08 03:39 - 00494592 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtNetwork.pyd
2015-05-08 03:39 - 2015-05-08 03:39 - 00096256 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32api.pyd
2015-05-08 03:38 - 2015-05-08 03:38 - 00110592 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\pywintypes26.dll
2015-05-08 03:37 - 2015-05-08 03:37 - 00010240 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\select.pyd
2015-05-08 03:37 - 2015-05-08 03:37 - 00356864 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_hashlib.pyd
2015-05-08 03:39 - 2015-05-08 03:39 - 00036352 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32process.pyd
2015-05-08 03:39 - 2015-05-08 03:39 - 00111104 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32file.pyd
2015-05-08 03:37 - 2015-05-08 03:37 - 00044544 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_sqlite3.pyd
2015-05-08 03:49 - 2015-05-08 03:49 - 00417501 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\sqlite3.dll
2015-05-08 03:39 - 2015-05-08 03:39 - 00167936 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32gui.pyd
2015-05-08 03:39 - 2015-05-08 03:39 - 00313856 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtWebKit.pyd
2015-05-08 03:37 - 2015-05-08 03:37 - 00127488 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\pyexpat.pyd
2015-05-08 03:37 - 2015-05-08 03:37 - 00009216 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\winsound.pyd
2015-11-13 23:59 - 2015-11-13 23:59 - 00113171 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libvlc.dll
2015-11-13 23:59 - 2015-11-13 23:59 - 02396691 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libvlccore.dll
2015-05-08 03:37 - 2015-05-08 03:37 - 00583680 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\unicodedata.pyd
2017-06-14 02:32 - 2017-06-14 02:32 - 00021504 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32event.pyd
2017-06-14 02:32 - 2017-06-14 02:32 - 00113171 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\libvlc.dll
2017-06-14 02:32 - 2017-06-14 02:32 - 02396691 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\libvlccore.dll
2017-06-14 02:32 - 2017-06-14 02:32 - 00124416 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32file.pyd
2017-06-14 02:32 - 2017-06-14 02:32 - 00084992 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtSvg.pyd
2017-06-14 02:32 - 2017-06-14 02:32 - 00152064 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWebEngineWidgets.pyd
2017-06-14 02:32 - 2017-06-14 02:32 - 00033792 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWebEngineCore.pyd
2017-06-14 02:32 - 2017-06-14 02:32 - 00032256 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWebChannel.pyd
2017-06-14 02:32 - 2017-06-14 02:32 - 00035328 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\simplejson._speedups.pyd
2017-06-14 02:32 - 2017-06-14 02:32 - 00372736 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32com.shell.shell.pyd
2017-06-14 02:32 - 2017-06-14 02:32 - 00013824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\libEGL.dll
2017-06-14 02:32 - 2017-06-14 02:32 - 01983488 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\libGLESv2.dll
2017-06-14 02:32 - 2017-06-14 02:32 - 02653392 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\ltc_host_ex.DLL
2017-06-14 02:32 - 2017-06-14 02:32 - 00027667 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\plugins\audio_output\libdirectsound_plugin.dll
2017-06-14 02:32 - 2017-06-14 02:32 - 00031251 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\plugins\audio_output\libwaveout_plugin.dll
2017-06-14 02:32 - 2017-06-14 02:32 - 00066579 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\plugins\video_output\libdirectdraw_plugin.dll
2015-05-08 03:39 - 2015-05-08 03:39 - 00141312 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\gobject._gobject.pyd
2017-05-04 19:33 - 2017-05-04 19:33 - 02717595 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\heliotrope._purple.pyd
2015-05-08 03:49 - 2015-05-08 03:49 - 01213633 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libxml2-2.dll
2015-05-08 03:55 - 2015-05-08 03:55 - 00055808 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\zlib1.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 00495680 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libaim.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 01183699 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\liboscar.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 00483306 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libicq.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 00655356 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libirc.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 01306387 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libmsn.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 00565461 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libxmpp.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 01640221 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libjabber.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 00506276 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libyahoo.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 01053730 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libymsg.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 00497782 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libyahoojp.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 00603326 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\ssl-nss.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 00474199 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\ssl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2015-12-30 18:14 - 00000967 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3511887087-4107616233-696709613-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Claudio\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{babd5440-34b5-48b4-adae-54a39568fa61}.JPG
DNS Servers: 192.168.1.1 - 192.168.32.22
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKU\S-1-5-21-3511887087-4107616233-696709613-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{AFB411C0-239E-49F0-87CD-47D8A772D638}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{14EA612D-5B89-4A8B-8756-A37750739440}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{28D8AA8E-264F-4C6C-8F62-965378F9F770}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{5F85C090-73DB-4D2F-924F-91410FFD2299}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{6FB59A35-4ABD-4C3C-9D57-6CEB00B8FDDC}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{029457B3-765B-4BEF-871B-6304D3AFFC23}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{D460CC75-4DAC-404E-9340-67A4F039D53D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{32A38BEA-1D07-44A7-8233-A581003F6022}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{A6C67D62-4FC6-460B-A6B5-E82EB08D9972}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Print Driver 2\PrinterSelector\SUPDApp.exe
FirewallRules: [TCP Query User{AB40D956-5751-42C1-A74E-16145D0C2030}C:\users\claudio\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\claudio\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{ABFC7E79-C6F2-42DE-A25F-92B41B770BD5}C:\users\claudio\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\claudio\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{4343EE75-1E04-456F-8A2A-4A460466A93E}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{30917B3A-8EA8-4A15-B787-22478774616A}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{E2BCEA09-430C-4634-AFA7-444DFB1FE910}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe
FirewallRules: [UDP Query User{CC1F69AF-3790-4FC8-80E9-1AC2D905A8FD}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe
FirewallRules: [{3EF0E89F-3A7F-41CD-BBCA-527B21DBEC2F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BAE299C9-396A-4258-8F89-4774F4EDE351}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F05FB9AC-6425-4F5A-B7E3-BB2756DFB0DC}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{3E02B047-CCBB-4343-B3A0-7CFDFB42342D}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{5BF59883-6C68-464E-A071-F339DC2B25CC}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{AD155401-D57D-4179-A12A-99AD74B73980}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{0ADE9274-FE3C-45C6-BBE0-D47D132FBA14}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Center\SamsungPrinterCenter.exe
FirewallRules: [{372447CC-58CF-4A17-8BB1-63FEF2D7AB57}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EasyPrinterManagerV2.exe
FirewallRules: [{7CF2CE99-FD06-439E-921A-BF7CC5E17AB3}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{2990456E-B4C1-46EF-99D8-BA6A5DDD26C0}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2AlertList.exe
FirewallRules: [{91364B55-F016-44BD-9D4D-5FAA8834102B}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2Migrator.exe
FirewallRules: [{542345FD-E0CA-4393-910D-2B3D8D3CA4F3}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{7CCA5D7C-8CBC-47C3-8C31-B09C35D3A709}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{8EEF06DE-3FE8-4019-98EF-3BD10DB39996}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{64549595-77CA-48B7-879F-83A1B0FA85AC}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [TCP Query User{383ACCBF-A1EA-44B2-9F9C-E46021D472EB}C:\users\claudio\appdata\roaming\utorrent\updates\3.4.9_42606.exe] => (Allow) C:\users\claudio\appdata\roaming\utorrent\updates\3.4.9_42606.exe
FirewallRules: [UDP Query User{90D33360-6F0D-4D2F-B4B8-A33B8154E5B9}C:\users\claudio\appdata\roaming\utorrent\updates\3.4.9_42606.exe] => (Allow) C:\users\claudio\appdata\roaming\utorrent\updates\3.4.9_42606.exe
FirewallRules: [{0015BC59-7D68-4C9F-B292-2C2DB62415F1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{9C31C005-4E23-4FD0-973C-66D1FA9C4BB0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{79358719-CC40-4018-ACFD-88C0781202A8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{269EADCE-CA03-4313-9011-668B76ABE478}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{7547D2CF-C34E-473F-B21F-5893BDCA03B2}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{FAC6B126-10A2-4521-9F4F-D1B9C3896DB7}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{304AF0FF-3640-43C4-996D-1BA92B518E36}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{1DA36D99-5E24-4AB1-8137-C168BE85005A}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{E504D859-D337-4E43-8F02-632C5A305858}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{A91BF7CF-1A24-487E-A766-9E446F22A8BE}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{AD35B0F7-478F-4DE0-92FD-15FE53E92A6C}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{2863D593-E314-4B6D-AB3A-3235643A6067}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{4DBC2EA3-3781-4F56-8099-0471C4406870}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe

==================== Restore Points =========================

30-05-2017 19:55:45 Punto di controllo pianificato
08-06-2017 20:03:56 Punto di controllo pianificato
14-06-2017 14:42:04 Windows Update
14-06-2017 14:42:23 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/15/2017 09:15:47 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KLAS)
Description: Attivazione dell'app Microsoft.BingWeather_8wekyb3d8bbwe!App non riuscita con errore: -2144927148 Per ulteriori informazioni, consulta il registro Microsoft-Windows-TWinUI/Operativo.

Error: (06/15/2017 08:45:47 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KLAS)
Description: Attivazione dell'app Microsoft.BingWeather_8wekyb3d8bbwe!App non riuscita con errore: -2144927148 Per ulteriori informazioni, consulta il registro Microsoft-Windows-TWinUI/Operativo.

Error: (06/15/2017 08:15:47 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KLAS)
Description: Attivazione dell'app Microsoft.BingWeather_8wekyb3d8bbwe!App non riuscita con errore: -2144927148 Per ulteriori informazioni, consulta il registro Microsoft-Windows-TWinUI/Operativo.

Error: (06/15/2017 07:45:47 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KLAS)
Description: Attivazione dell'app Microsoft.BingWeather_8wekyb3d8bbwe!App non riuscita con errore: -2144927148 Per ulteriori informazioni, consulta il registro Microsoft-Windows-TWinUI/Operativo.

Error: (06/15/2017 07:15:47 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KLAS)
Description: Attivazione dell'app Microsoft.BingWeather_8wekyb3d8bbwe!App non riuscita con errore: -2144927148 Per ulteriori informazioni, consulta il registro Microsoft-Windows-TWinUI/Operativo.

Error: (06/15/2017 06:45:47 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KLAS)
Description: Attivazione dell'app Microsoft.BingWeather_8wekyb3d8bbwe!App non riuscita con errore: -2144927148 Per ulteriori informazioni, consulta il registro Microsoft-Windows-TWinUI/Operativo.

Error: (06/15/2017 06:15:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KLAS)
Description: Attivazione dell'app Microsoft.BingWeather_8wekyb3d8bbwe!App non riuscita con errore: -2144927148 Per ulteriori informazioni, consulta il registro Microsoft-Windows-TWinUI/Operativo.

Error: (06/15/2017 05:45:47 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KLAS)
Description: Attivazione dell'app Microsoft.BingWeather_8wekyb3d8bbwe!App non riuscita con errore: -2144927148 Per ulteriori informazioni, consulta il registro Microsoft-Windows-TWinUI/Operativo.

Error: (06/15/2017 05:19:09 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: Event-ID 5000

Error: (06/15/2017 05:19:09 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: Event-ID 5000


System errors:
=============
Error: (06/15/2017 05:26:26 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Le impostazioni delle autorizzazioni impostazioni specifiche dell'applicazione non concedono l'autorizzazione di Attivazione in Locale per l'applicazione server COM con CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
all'utente NT AUTHORITY\SID SYSTEM (S-1-5-18) dall'indirizzo LocalHost (tramite LRPC) in esecuzione nel SID del contenitore di applicazioni Non disponibile (Non disponibile). Per modificare tale autorizzazione di sicurezza, è possibile utilizzare lo strumento amministrativo Servizi componenti.

Error: (06/15/2017 04:09:52 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: KLAS)
Description: 0x8000002a115\??\C:\ProgramData\Malwarebytes' Anti-Malware (portable)\S-1-5-21-3511887087-4107616233-696709613-1001-0-ntuser.dat

Error: (06/15/2017 04:09:45 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: KLAS)
Description: 0x8000002a115\??\C:\ProgramData\Malwarebytes' Anti-Malware (portable)\S-1-5-21-3511887087-4107616233-696709613-1001-0-ntuser.dat

Error: (06/15/2017 01:48:34 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Le impostazioni delle autorizzazioni impostazioni specifiche dell'applicazione non concedono l'autorizzazione di Attivazione in Locale per l'applicazione server COM con CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
e APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
all'utente NT AUTHORITY\SID SYSTEM (S-1-5-18) dall'indirizzo LocalHost (tramite LRPC) in esecuzione nel SID del contenitore di applicazioni Non disponibile (Non disponibile). Per modificare tale autorizzazione di sicurezza, è possibile utilizzare lo strumento amministrativo Servizi componenti.

Error: (06/15/2017 01:45:47 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Precedente arresto del sistema inatteso a 13:42:34 su ‎15/‎06/‎2017.

Error: (06/15/2017 01:17:14 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Le impostazioni delle autorizzazioni impostazioni specifiche dell'applicazione non concedono l'autorizzazione di Attivazione in Locale per l'applicazione server COM con CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
e APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
all'utente NT AUTHORITY\SID SYSTEM (S-1-5-18) dall'indirizzo LocalHost (tramite LRPC) in esecuzione nel SID del contenitore di applicazioni Non disponibile (Non disponibile). Per modificare tale autorizzazione di sicurezza, è possibile utilizzare lo strumento amministrativo Servizi componenti.

Error: (06/15/2017 05:07:46 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Le impostazioni delle autorizzazioni impostazioni specifiche dell'applicazione non concedono l'autorizzazione di Attivazione in Locale per l'applicazione server COM con CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
all'utente NT AUTHORITY\SID SYSTEM (S-1-5-18) dall'indirizzo LocalHost (tramite LRPC) in esecuzione nel SID del contenitore di applicazioni Non disponibile (Non disponibile). Per modificare tale autorizzazione di sicurezza, è possibile utilizzare lo strumento amministrativo Servizi componenti.

Error: (06/14/2017 06:50:32 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Le impostazioni delle autorizzazioni impostazioni specifiche dell'applicazione non concedono l'autorizzazione di Attivazione in Locale per l'applicazione server COM con CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
e APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
all'utente NT AUTHORITY\SID SYSTEM (S-1-5-18) dall'indirizzo LocalHost (tramite LRPC) in esecuzione nel SID del contenitore di applicazioni Non disponibile (Non disponibile). Per modificare tale autorizzazione di sicurezza, è possibile utilizzare lo strumento amministrativo Servizi componenti.

Error: (06/14/2017 05:31:58 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Errore di installazione. Non è stato possibile installare il seguente aggiornamento, errore 0x8024001e: Aggiornamento della sicurezza per Skype for Business 2015 (KB3191939) Edizione a 64 bit.

Error: (06/14/2017 05:27:39 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Le impostazioni delle autorizzazioni impostazioni specifiche dell'applicazione non concedono l'autorizzazione di Attivazione in Locale per l'applicazione server COM con CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
all'utente NT AUTHORITY\SID SYSTEM (S-1-5-18) dall'indirizzo LocalHost (tramite LRPC) in esecuzione nel SID del contenitore di applicazioni Non disponibile (Non disponibile). Per modificare tale autorizzazione di sicurezza, è possibile utilizzare lo strumento amministrativo Servizi componenti.


CodeIntegrity:
===================================
Date: 2017-05-28 04:47:13.233
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-119906.dll that did not meet the Store signing level requirements.

Date: 2017-05-28 04:47:13.213
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\PlaysTV\ltc_help64-122689.dll that did not meet the Store signing level requirements.

Date: 2017-05-25 15:28:50.245
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-119906.dll that did not meet the Store signing level requirements.

Date: 2017-05-25 15:28:50.241
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\PlaysTV\ltc_help64-122689.dll that did not meet the Store signing level requirements.

Date: 2017-05-25 15:28:50.199
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-119906.dll that did not meet the Store signing level requirements.

Date: 2017-05-25 15:28:50.195
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\PlaysTV\ltc_help64-122689.dll that did not meet the Store signing level requirements.

Date: 2017-05-25 15:24:04.252
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-119906.dll that did not meet the Store signing level requirements.

Date: 2017-05-25 15:24:04.232
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\PlaysTV\ltc_help64-122689.dll that did not meet the Store signing level requirements.

Date: 2017-05-24 16:53:11.931
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-05-21 03:58:50.512
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-119906.dll that did not meet the Store signing level requirements.


==================== Memory info ===========================

Processor: AMD FX(tm)-8320 Eight-Core Processor
Percentage of memory in use: 62%
Total physical RAM: 8156.62 MB
Available physical RAM: 3027.29 MB
Total Virtual: 8834.53 MB
Available Virtual: 2994.33 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:237.69 GB) (Free:131.03 GB) NTFS
Drive d: (Volume) (Fixed) (Total:931.51 GB) (Free:265.3 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 0B24D8A3)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=237.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=449 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 0B24D8BE)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
stefklas è offline   Rispondi citando il messaggio o parte di esso
Old 16-06-2017, 08:33   #15
Dan1979
Member
 
Iscritto dal: Jun 2017
Messaggi: 175
Ciao,

Un mio consiglio, disinstalla avg tuneup , utorrent ed emule (gli ultimi due sono portatori di virus se usati)

Se decidi di farlo disinstallali da pannello di controllo poi fai una passata con ccleaner compreso il registro!!!

Metti farbar recovery scan tool (frst) e il file allegato fixlist.txt sul desktop (mi raccomando sul desktop)
poi posizionati sopra frst tasto dx esegui come amministratore
una volta aperto clicca su fix
aspetta che finisca e che si riavvi il pc se non si riavvia fallo tu
al riavvio posta il log generato fixlog.txt lo trovi sul desktop

Fammi saper come va il pc!!!
Allegati
File Type: txt fixlist.txt (5.4 KB, 2 visite)
Ultima modifica di Dan1979 : 16-06-2017 alle 08:35.
Dan1979 è offline   Rispondi citando il messaggio o parte di esso
Old 16-06-2017, 13:15   #16
stefklas
Member
 
Iscritto dal: May 2010
Messaggi: 57
Fix result of Farbar Recovery Scan Tool (x64) Version: 15-06-2017 01
Ran by Claudio (16-06-2017 14:10:38) Run:1
Running from C:\Users\Claudio\Desktop
Loaded Profiles: Claudio (Available Profiles: Claudio)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => -> No File
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=it&pid=NIS&pvid=21.6.0.32
HKU\S-1-5-21-3511887087-4107616233-696709613-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=it&pid=NIS&pvid=21.6.0.32
HKU\S-1-5-21-3511887087-4107616233-696709613-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sicomputer.com/apps/start
SearchScopes: HKLM-x32 -> DefaultScope value is missing
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\DACAABB511A61794FE7228C6D07836E9DACA [2015-12-30] <==== ATTENTION
CHR Extension: (Pagamenti Chrome Web Store) - C:\Users\Claudio\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-11]
CHR Extension: (Chrome Media Router) - C:\Users\Claudio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-23]
CHR HKU\S-1-5-21-3511887087-4107616233-696709613-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Claudio\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2016-11-14]
CHR HKU\S-1-5-21-3511887087-4107616233-696709613-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
R3 ALSysIO; C:\Users\Claudio\AppData\Local\Temp\ALSysIO64.sys [35320 2017-06-15] (Arthur Liberman) <==== ATTENTION
Task: {0CF53677-BC7E-4D68-BC7B-AE60A84001ED} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {154D4630-EBCA-434C-B484-E88C46A7CE2D} - \WPD\SqmUpload_S-1-5-21-3511887087-4107616233-696709613-1001 -> No File <==== ATTENTION
Task: {1FE86BB0-CEF7-4B9D-B8D1-3EF34360FA52} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {209022DE-32F0-449B-A1BD-59BEE83E67B6} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {24CBAAD4-1132-49EA-8534-5FACFA34D692} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {35DC58C7-89B0-48C9-8E9D-76C0E0E9BB78} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {3733B79C-C3C2-4DCD-B84C-CE43AA66E705} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {3D0315BB-FFA1-4C76-B8AB-EB78FB687060} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {4DE0DE2E-BF45-4754-9022-0AD457BF66BF} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {4E75E1FF-3E7B-4793-8685-6CDC54CB12EE} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {7ECDF658-7A02-4EA6-8D30-5593D1F760AE} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {913BA7EB-F711-4767-9F05-BDF402A15ABB} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {3DCDB99E-7F3C-46CE-837B-5A111929BDF6} - System32\Tasks\MotoGP => Firefox.exe hxxp://www.motogp.com/
Task: {482D36AD-CA7D-42E0-882B-0ACBFB372CB8} - System32\Tasks\{150078D6-86FF-4591-A911-219B29645782} => pcalua.exe -a C:\Windows\system32\javaws.exe -c -uninstall -prompt "hxxp://jws.agenziaentrate.it/jws/dichiarazioni/2016/UNI16.jnlp"
Task: {9BECD48C-8E37-4F95-9514-5B849B522017} - System32\Tasks\Formula 1 => Firefox.exe hxxps://www.formula1.com/en.html
Task: {B9A1E249-EC74-4C4A-93F5-77DED62D5311} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {BC05D346-893B-4F75-915D-2EF6516ECFE4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {BF276FB0-3B01-4DDA-B4DA-9F2A8D60F2A9} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {DCE76D9D-095C-480C-B365-C1770CF97402} - System32\Tasks\Injury List Nba => Firefox.exe hxxp://stats.hoopshype.com/basketball/nba-injuries.aspx?page=/data/nba/injury/injuries.html
Task: {FD9DB53C-7C0B-4FF1-B926-D11D5E8B1886} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{6E70A734-C15F-43DF-B571-8F1685D2F9D2}.job => C:\WINDOWS\system32\msfeedssync.exe
FirewallRules: [{F05FB9AC-6425-4F5A-B7E3-BB2756DFB0DC}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{3E02B047-CCBB-4343-B3A0-7CFDFB42342D}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{5BF59883-6C68-464E-A071-F339DC2B25CC}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{AD155401-D57D-4179-A12A-99AD74B73980}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
C:\Users\Claudio\AppData\Local\Temp\ALSysIO64.sys
C:\Program Files\Reimage
C:\rei
C:\Windows\SECOH-QAD.exe
C:\Program Files\KMSpico\KMSELDI.exe
C:\Program Files\KMSpico\AutoPico.exe

cmd: ipconfig /flushdns
hosts:
reboot:
End

*****************

Restore point was successfully created.
Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => key removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\GDriveSharedOverlay => key removed successfully
HKLM\Software\Classes\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => key not found.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page => value removed successfully
HKU\S-1-5-21-3511887087-4107616233-696709613-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-3511887087-4107616233-696709613-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => key removed successfully
HKLM\Software\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => key not found.
C:\Program Files (x86)\mozilla firefox\DACAABB511A61794FE7228C6D07836E9DACA => moved successfully
C:\Users\Claudio\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda => moved successfully
C:\Users\Claudio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm => moved successfully
HKU\S-1-5-21-3511887087-4107616233-696709613-1001\SOFTWARE\Google\Chrome\Extensions\apdfllckaahabafndbhieahigkjlhalf => key removed successfully
C:\Users\Claudio\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx => moved successfully
HKU\S-1-5-21-3511887087-4107616233-696709613-1001\SOFTWARE\Google\Chrome\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj => key removed successfully
ALSysIO => Unable to stop service.
HKLM\System\CurrentControlSet\Services\ALSysIO => key removed successfully
ALSysIO => service removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0CF53677-BC7E-4D68-BC7B-AE60A84001ED} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0CF53677-BC7E-4D68-BC7B-AE60A84001ED} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{154D4630-EBCA-434C-B484-E88C46A7CE2D} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{154D4630-EBCA-434C-B484-E88C46A7CE2D} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-3511887087-4107616233-696709613-1001 => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1FE86BB0-CEF7-4B9D-B8D1-3EF34360FA52} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1FE86BB0-CEF7-4B9D-B8D1-3EF34360FA52} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{209022DE-32F0-449B-A1BD-59BEE83E67B6} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{209022DE-32F0-449B-A1BD-59BEE83E67B6} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{24CBAAD4-1132-49EA-8534-5FACFA34D692} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{24CBAAD4-1132-49EA-8534-5FACFA34D692} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{35DC58C7-89B0-48C9-8E9D-76C0E0E9BB78} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{35DC58C7-89B0-48C9-8E9D-76C0E0E9BB78} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3733B79C-C3C2-4DCD-B84C-CE43AA66E705} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3733B79C-C3C2-4DCD-B84C-CE43AA66E705} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-Weekend => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3D0315BB-FFA1-4C76-B8AB-EB78FB687060} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3D0315BB-FFA1-4C76-B8AB-EB78FB687060} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4DE0DE2E-BF45-4754-9022-0AD457BF66BF} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4DE0DE2E-BF45-4754-9022-0AD457BF66BF} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4E75E1FF-3E7B-4793-8685-6CDC54CB12EE} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4E75E1FF-3E7B-4793-8685-6CDC54CB12EE} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7ECDF658-7A02-4EA6-8D30-5593D1F760AE} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7ECDF658-7A02-4EA6-8D30-5593D1F760AE} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{913BA7EB-F711-4767-9F05-BDF402A15ABB} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{913BA7EB-F711-4767-9F05-BDF402A15ABB} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3DCDB99E-7F3C-46CE-837B-5A111929BDF6} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3DCDB99E-7F3C-46CE-837B-5A111929BDF6} => key removed successfully
C:\WINDOWS\System32\Tasks\MotoGP => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MotoGP => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{482D36AD-CA7D-42E0-882B-0ACBFB372CB8} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{482D36AD-CA7D-42E0-882B-0ACBFB372CB8} => key removed successfully
C:\WINDOWS\System32\Tasks\{150078D6-86FF-4591-A911-219B29645782} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{150078D6-86FF-4591-A911-219B29645782} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9BECD48C-8E37-4F95-9514-5B849B522017} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9BECD48C-8E37-4F95-9514-5B849B522017} => key removed successfully
C:\WINDOWS\System32\Tasks\Formula 1 => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Formula 1 => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B9A1E249-EC74-4C4A-93F5-77DED62D5311} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B9A1E249-EC74-4C4A-93F5-77DED62D5311} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BC05D346-893B-4F75-915D-2EF6516ECFE4} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BC05D346-893B-4F75-915D-2EF6516ECFE4} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BF276FB0-3B01-4DDA-B4DA-9F2A8D60F2A9} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BF276FB0-3B01-4DDA-B4DA-9F2A8D60F2A9} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DCE76D9D-095C-480C-B365-C1770CF97402} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DCE76D9D-095C-480C-B365-C1770CF97402} => key removed successfully
C:\WINDOWS\System32\Tasks\Injury List Nba => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Injury List Nba => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FD9DB53C-7C0B-4FF1-B926-D11D5E8B1886} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FD9DB53C-7C0B-4FF1-B926-D11D5E8B1886} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => key removed successfully
C:\WINDOWS\Tasks\User_Feed_Synchronization-{6E70A734-C15F-43DF-B571-8F1685D2F9D2}.job => moved successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F05FB9AC-6425-4F5A-B7E3-BB2756DFB0DC} => value not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3E02B047-CCBB-4343-B3A0-7CFDFB42342D} => value not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5BF59883-6C68-464E-A071-F339DC2B25CC} => value not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AD155401-D57D-4179-A12A-99AD74B73980} => value not found.
C:\Users\Claudio\AppData\Local\Temp\ALSysIO64.sys => moved successfully
C:\Program Files\Reimage => moved successfully
C:\rei => moved successfully
C:\Windows\SECOH-QAD.exe => moved successfully
"C:\Program Files\KMSpico\KMSELDI.exe" => not found.
"C:\Program Files\KMSpico\AutoPico.exe" => not found.

========= ipconfig /flushdns =========


Configurazione IP di Windows

Cache del resolver DNS svuotata.

========= End of CMD: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 308208 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 8983627 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 58210686 B
Edge => 891 B
Chrome => 151552 B
Firefox => 12298269 B
Opera => 2296832 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
Claudio => 58791935 B

RecycleBin => 0 B
EmptyTemp: => 134.5 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 14:11:25 ====
stefklas è offline   Rispondi citando il messaggio o parte di esso
Old 16-06-2017, 13:34   #17
Dan1979
Member
 
Iscritto dal: Jun 2017
Messaggi: 175
Reinposta i browser vedi qui http://it.ccm.net/faq/1767-come-ripristinare-il-browser
Fai pulizia con ccleaner scaricalo da qui https://www.piriform.com/ccleaner/download

cancella i log di farbar fixlog.txt e frst.txt e addition.txt(per non confonderci nel postare i log)
metti farbar recovery scan tool nel desktop
aprilo e sunta addition e dai scan
posta i log generati frst.txt e additions.txt

Comunque secondo me la polvere incide molto prova ad aspirarla con un aspirapolvere non soffiarla che si infiltra dappertutto..

come va il pc???
Ultima modifica di Dan1979 : 16-06-2017 alle 13:43.
Dan1979 è offline   Rispondi citando il messaggio o parte di esso
Old 16-06-2017, 13:44   #18
stefklas
Member
 
Iscritto dal: May 2010
Messaggi: 57
Il PC va bene, ma andava bene anche prima, il problema non sono mai state le prestazioni. Al momento non si sta più bloccando e speriamo che continui. Oggi, pochi minuti dopo l'accensione, core temp mi ha segnalato una temperatura massima di 81°, ma stavolta il PC non si è bloccato, ed è già un passo avanti.

Temo proprio che l'unico modo per abbassare le temperature sia riuscire ad estrarre la ventola della CPU per rimuovere la patina di polvere che vi si è depositata in due anni di utilizzo. Il problema è che non ho la pasta termica e se anche me la procurassi sarei davvero a rischio danni irreparabili.

Ti volevo chiedere due cose:

1) La ventola stock di questa CPU è particolarmente rumorosa. Lo sapevo già quando l'ho presa, mi ripromettevo di sostituirla con una migliore after market ma poi, per un motivo o per l'altro, non l'ho mai fatto. Forse, già che ci sono, potrebbe essere l'occasione giusta per prendere due piccioni con una fava. Mi consiglieresti un dissipatore dal buon rapporto qualità/prezzo per la configurazione del mio PC (riportata in fondo al primo post)?

2) Anni fa avevo avuto un problema simile a questo col mio PC precedente, che avevo risolto proprio ripulendo le ventole dalla polvere (sì, con quello c'ero riuscito). Solo che in quel caso il PC si spegneva di colpo, non si bloccava rimanendo acceso con le ventole a manetta come questo. Ora, siccome io tengo spesso il PC acceso quando esco (per poterlo richiamare via smartphone con teamviewer nel caso mi servisse un file per lavoro), preferirei che si spegnesse automaticamente quando si surriscalda, per evitare di fondere la CPU se resta bloccato per ore (sempre che davvero il motivo del blocco sia il surriscaldamento, che ancora non lo so mica con certezza). E' un settaggio che va modificato da bios? Ed eventualmente come si fa?
stefklas è offline   Rispondi citando il messaggio o parte di esso
Old 16-06-2017, 13:44   #19
stefklas
Member
 
Iscritto dal: May 2010
Messaggi: 57
Fix result of Farbar Recovery Scan Tool (x64) Version: 15-06-2017 01
Ran by Claudio (16-06-2017 14:10:38) Run:1
Running from C:\Users\Claudio\Desktop
Loaded Profiles: Claudio (Available Profiles: Claudio)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => -> No File
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=it&pid=NIS&pvid=21.6.0.32
HKU\S-1-5-21-3511887087-4107616233-696709613-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=it&pid=NIS&pvid=21.6.0.32
HKU\S-1-5-21-3511887087-4107616233-696709613-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sicomputer.com/apps/start
SearchScopes: HKLM-x32 -> DefaultScope value is missing
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\DACAABB511A61794FE7228C6D07836E9DACA [2015-12-30] <==== ATTENTION
CHR Extension: (Pagamenti Chrome Web Store) - C:\Users\Claudio\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-11]
CHR Extension: (Chrome Media Router) - C:\Users\Claudio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-23]
CHR HKU\S-1-5-21-3511887087-4107616233-696709613-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Claudio\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2016-11-14]
CHR HKU\S-1-5-21-3511887087-4107616233-696709613-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
R3 ALSysIO; C:\Users\Claudio\AppData\Local\Temp\ALSysIO64.sys [35320 2017-06-15] (Arthur Liberman) <==== ATTENTION
Task: {0CF53677-BC7E-4D68-BC7B-AE60A84001ED} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {154D4630-EBCA-434C-B484-E88C46A7CE2D} - \WPD\SqmUpload_S-1-5-21-3511887087-4107616233-696709613-1001 -> No File <==== ATTENTION
Task: {1FE86BB0-CEF7-4B9D-B8D1-3EF34360FA52} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {209022DE-32F0-449B-A1BD-59BEE83E67B6} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {24CBAAD4-1132-49EA-8534-5FACFA34D692} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {35DC58C7-89B0-48C9-8E9D-76C0E0E9BB78} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {3733B79C-C3C2-4DCD-B84C-CE43AA66E705} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {3D0315BB-FFA1-4C76-B8AB-EB78FB687060} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {4DE0DE2E-BF45-4754-9022-0AD457BF66BF} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {4E75E1FF-3E7B-4793-8685-6CDC54CB12EE} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {7ECDF658-7A02-4EA6-8D30-5593D1F760AE} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {913BA7EB-F711-4767-9F05-BDF402A15ABB} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {3DCDB99E-7F3C-46CE-837B-5A111929BDF6} - System32\Tasks\MotoGP => Firefox.exe hxxp://www.motogp.com/
Task: {482D36AD-CA7D-42E0-882B-0ACBFB372CB8} - System32\Tasks\{150078D6-86FF-4591-A911-219B29645782} => pcalua.exe -a C:\Windows\system32\javaws.exe -c -uninstall -prompt "hxxp://jws.agenziaentrate.it/jws/dichiarazioni/2016/UNI16.jnlp"
Task: {9BECD48C-8E37-4F95-9514-5B849B522017} - System32\Tasks\Formula 1 => Firefox.exe hxxps://www.formula1.com/en.html
Task: {B9A1E249-EC74-4C4A-93F5-77DED62D5311} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {BC05D346-893B-4F75-915D-2EF6516ECFE4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {BF276FB0-3B01-4DDA-B4DA-9F2A8D60F2A9} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {DCE76D9D-095C-480C-B365-C1770CF97402} - System32\Tasks\Injury List Nba => Firefox.exe hxxp://stats.hoopshype.com/basketball/nba-injuries.aspx?page=/data/nba/injury/injuries.html
Task: {FD9DB53C-7C0B-4FF1-B926-D11D5E8B1886} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{6E70A734-C15F-43DF-B571-8F1685D2F9D2}.job => C:\WINDOWS\system32\msfeedssync.exe
FirewallRules: [{F05FB9AC-6425-4F5A-B7E3-BB2756DFB0DC}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{3E02B047-CCBB-4343-B3A0-7CFDFB42342D}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{5BF59883-6C68-464E-A071-F339DC2B25CC}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{AD155401-D57D-4179-A12A-99AD74B73980}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
C:\Users\Claudio\AppData\Local\Temp\ALSysIO64.sys
C:\Program Files\Reimage
C:\rei
C:\Windows\SECOH-QAD.exe
C:\Program Files\KMSpico\KMSELDI.exe
C:\Program Files\KMSpico\AutoPico.exe

cmd: ipconfig /flushdns
hosts:
reboot:
End

*****************

Restore point was successfully created.
Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => key removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\GDriveSharedOverlay => key removed successfully
HKLM\Software\Classes\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => key not found.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page => value removed successfully
HKU\S-1-5-21-3511887087-4107616233-696709613-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-3511887087-4107616233-696709613-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => key removed successfully
HKLM\Software\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => key not found.
C:\Program Files (x86)\mozilla firefox\DACAABB511A61794FE7228C6D07836E9DACA => moved successfully
C:\Users\Claudio\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda => moved successfully
C:\Users\Claudio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm => moved successfully
HKU\S-1-5-21-3511887087-4107616233-696709613-1001\SOFTWARE\Google\Chrome\Extensions\apdfllckaahabafndbhieahigkjlhalf => key removed successfully
C:\Users\Claudio\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx => moved successfully
HKU\S-1-5-21-3511887087-4107616233-696709613-1001\SOFTWARE\Google\Chrome\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj => key removed successfully
ALSysIO => Unable to stop service.
HKLM\System\CurrentControlSet\Services\ALSysIO => key removed successfully
ALSysIO => service removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0CF53677-BC7E-4D68-BC7B-AE60A84001ED} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0CF53677-BC7E-4D68-BC7B-AE60A84001ED} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{154D4630-EBCA-434C-B484-E88C46A7CE2D} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{154D4630-EBCA-434C-B484-E88C46A7CE2D} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-3511887087-4107616233-696709613-1001 => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1FE86BB0-CEF7-4B9D-B8D1-3EF34360FA52} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1FE86BB0-CEF7-4B9D-B8D1-3EF34360FA52} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{209022DE-32F0-449B-A1BD-59BEE83E67B6} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{209022DE-32F0-449B-A1BD-59BEE83E67B6} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{24CBAAD4-1132-49EA-8534-5FACFA34D692} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{24CBAAD4-1132-49EA-8534-5FACFA34D692} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{35DC58C7-89B0-48C9-8E9D-76C0E0E9BB78} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{35DC58C7-89B0-48C9-8E9D-76C0E0E9BB78} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3733B79C-C3C2-4DCD-B84C-CE43AA66E705} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3733B79C-C3C2-4DCD-B84C-CE43AA66E705} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-Weekend => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3D0315BB-FFA1-4C76-B8AB-EB78FB687060} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3D0315BB-FFA1-4C76-B8AB-EB78FB687060} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4DE0DE2E-BF45-4754-9022-0AD457BF66BF} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4DE0DE2E-BF45-4754-9022-0AD457BF66BF} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4E75E1FF-3E7B-4793-8685-6CDC54CB12EE} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4E75E1FF-3E7B-4793-8685-6CDC54CB12EE} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7ECDF658-7A02-4EA6-8D30-5593D1F760AE} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7ECDF658-7A02-4EA6-8D30-5593D1F760AE} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{913BA7EB-F711-4767-9F05-BDF402A15ABB} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{913BA7EB-F711-4767-9F05-BDF402A15ABB} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3DCDB99E-7F3C-46CE-837B-5A111929BDF6} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3DCDB99E-7F3C-46CE-837B-5A111929BDF6} => key removed successfully
C:\WINDOWS\System32\Tasks\MotoGP => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MotoGP => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{482D36AD-CA7D-42E0-882B-0ACBFB372CB8} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{482D36AD-CA7D-42E0-882B-0ACBFB372CB8} => key removed successfully
C:\WINDOWS\System32\Tasks\{150078D6-86FF-4591-A911-219B29645782} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{150078D6-86FF-4591-A911-219B29645782} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9BECD48C-8E37-4F95-9514-5B849B522017} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9BECD48C-8E37-4F95-9514-5B849B522017} => key removed successfully
C:\WINDOWS\System32\Tasks\Formula 1 => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Formula 1 => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B9A1E249-EC74-4C4A-93F5-77DED62D5311} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B9A1E249-EC74-4C4A-93F5-77DED62D5311} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BC05D346-893B-4F75-915D-2EF6516ECFE4} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BC05D346-893B-4F75-915D-2EF6516ECFE4} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BF276FB0-3B01-4DDA-B4DA-9F2A8D60F2A9} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BF276FB0-3B01-4DDA-B4DA-9F2A8D60F2A9} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DCE76D9D-095C-480C-B365-C1770CF97402} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DCE76D9D-095C-480C-B365-C1770CF97402} => key removed successfully
C:\WINDOWS\System32\Tasks\Injury List Nba => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Injury List Nba => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FD9DB53C-7C0B-4FF1-B926-D11D5E8B1886} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FD9DB53C-7C0B-4FF1-B926-D11D5E8B1886} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => key removed successfully
C:\WINDOWS\Tasks\User_Feed_Synchronization-{6E70A734-C15F-43DF-B571-8F1685D2F9D2}.job => moved successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F05FB9AC-6425-4F5A-B7E3-BB2756DFB0DC} => value not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3E02B047-CCBB-4343-B3A0-7CFDFB42342D} => value not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5BF59883-6C68-464E-A071-F339DC2B25CC} => value not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AD155401-D57D-4179-A12A-99AD74B73980} => value not found.
C:\Users\Claudio\AppData\Local\Temp\ALSysIO64.sys => moved successfully
C:\Program Files\Reimage => moved successfully
C:\rei => moved successfully
C:\Windows\SECOH-QAD.exe => moved successfully
"C:\Program Files\KMSpico\KMSELDI.exe" => not found.
"C:\Program Files\KMSpico\AutoPico.exe" => not found.

========= ipconfig /flushdns =========


Configurazione IP di Windows

Cache del resolver DNS svuotata.

========= End of CMD: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 308208 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 8983627 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 58210686 B
Edge => 891 B
Chrome => 151552 B
Firefox => 12298269 B
Opera => 2296832 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
Claudio => 58791935 B

RecycleBin => 0 B
EmptyTemp: => 134.5 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 14:11:25 ====
stefklas è offline   Rispondi citando il messaggio o parte di esso
Old 16-06-2017, 14:11   #20
stefklas
Member
 
Iscritto dal: May 2010
Messaggi: 57
Quote:
Originariamente inviato da Dan1979 Guarda i messaggi
Reinposta i browser vedi qui http://it.ccm.net/faq/1767-come-ripristinare-il-browser
Fai pulizia con ccleaner scaricalo da qui https://www.piriform.com/ccleaner/download

cancella i log di farbar fixlog.txt e frst.txt e addition.txt(per non confonderci nel postare i log)
metti farbar recovery scan tool nel desktop
aprilo e sunta addition e dai scan
posta i log generati frst.txt e additions.txt

Comunque secondo me la polvere incide molto prova ad aspirarla con un aspirapolvere non soffiarla che si infiltra dappertutto..

come va il pc???
Scusa, ignora il post precedente, ho fatto casino io ripostando lo stesso fixlog già postato prima. Ho letto solo ora questo tuo post. Ccleaner l'ho già scaricato per fare la pulizia che mi avevi suggerito prima. Ora vedo per i browser e il resto.
stefklas è offline   Rispondi citando il messaggio o parte di esso
Pagina 1 di 2 1 2 >
 Rispondi

« Discussione precedente | Discussione successiva »

Appian: non solo low code. La missione è l’ottimizzazione dei processi con l'IA Appian: non solo low code. La missione è ...
Lenovo ThinkVision 3D 27, la steroscopia senza occhialini Lenovo ThinkVision 3D 27, la steroscopia senza o...
La Formula E può correre su un tracciato vero? Reportage da Misano con Jaguar TCS Racing La Formula E può correre su un tracciato ...
Lenovo LEGION e LOQ: due notebook diversi, stessa anima gaming Lenovo LEGION e LOQ: due notebook diversi, stess...
Nothing Ear e Ear (a): gli auricolari per tutti i gusti! La ''doppia'' recensione Nothing Ear e Ear (a): gli auricolari per tutti ...
Il 5 maggio torna la Maratona Fotografic...
Teatro dei Vitellini - Regia di Gian Pao...
Phi-3 Mini, il modello IA di Microsoft c...
D-Wave annuncia la disponibilità ...
AWS aggiorna Amazon Bedrock con nuove fu...
Sonos: in arrivo un restyling completo p...
La Russia ha condannato il direttore del...
Dead Island 2 arriva finalmente su Steam...
Era già il tablet più conv...
Razer Viper V3 Pro: il mouse da gaming w...
Noctua NH-L12Sx77: il dissipatore per bu...
AVM FRITZ!Repeater 1200 AX: il più vendu...
Apple presenterà i nuovi iPad il ...
SAP introduce l'IA nelle sue soluzioni p...
OnePlus lancia in Europa il nuovo Watch ...
Chromium
GPU-Z
OCCT
LibreOffice Portable
Opera One Portable
Opera One 106
CCleaner Portable
CCleaner Standard
Cpu-Z
Driver NVIDIA GeForce 546.65 WHQL
SmartFTP
Trillian
Google Chrome Portable
Google Chrome 120
VirtualBox
Tutti gli articoli Tutte le news Tutti i download

Strumenti

Regole
Non Puoi aprire nuove discussioni
Non Puoi rispondere ai messaggi
Non Puoi allegare file
Non Puoi modificare i tuoi messaggi
Il codice vB è On
Le Faccine sono On
Il codice [IMG] è On
Il codice HTML è Off
Vai al Forum


Tutti gli orari sono GMT +1. Ora sono le: 23:40.

Contattaci - Hardware Upgrade - Archivio - Note sulla Privacy - Su

Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Served by www3v