Torna indietro   Hardware Upgrade Forum > Networking e sicurezza > Antivirus e Sicurezza > Aiuto sono infetto! Cosa faccio?
Ricarica la Pagina Aiuto per probabile PC infetto da mail

Recensione Samsung Galaxy Z Fold7: un grande salto generazionale
Recensione Samsung Galaxy Z Fold7: un grande salto generazionale
Abbiamo provato per molti giorni il nuovo Z Fold7 di Samsung, un prodotto davvero interessante e costruito nei minimi dettagli. Rispetto al predecessore, cambiano parecchie cose, facendo un salto generazionale importante. Sarà lui il pieghevole di riferimento? Ecco la nostra recensione completa.
The Edge of Fate è Destiny 2.5. E questo è un problema
The Edge of Fate è Destiny 2.5. E questo è un problema
Bungie riesce a costruire una delle campagne più coinvolgenti della serie e introduce cambiamenti profondi al sistema di gioco, tra nuove stat e tier dell’equipaggiamento. Ma con risorse limitate e scelte discutibili, il vero salto evolutivo resta solo un’occasione mancata
Ryzen Threadripper 9980X e 9970X alla prova: AMD Zen 5 al massimo livello
Ryzen Threadripper 9980X e 9970X alla prova: AMD Zen 5 al massimo livello
AMD ha aggiornato l'offerta di CPU HEDT con i Ryzen Threadripper 9000 basati su architettura Zen 5. In questo articolo vediamo come si comportano i modelli con 64 e 32 core 9980X e 9970X. Venduti allo stesso prezzo dei predecessori e compatibili con il medesimo socket, le nuove proposte si candidano a essere ottimi compagni per chi è in cerca di potenza dei calcolo e tante linee PCI Express per workstation grafiche e destinate all'AI.
Apple Watch e Galaxy Watch ai minimi storici: i modelli Series 10 e Watch8 in sconto su Amazon. Con prezzi a partire da meno di 200€
Il rover NASA Perseverance ha ''raccolto'' involontariamente alcune rocce in una ruota
NASA e ISRO hanno lanciato il satellite NISAR per il monitoraggio della Terra
Switch 2 ha venduto 5,82 milioni di console in un mese, oltre il doppio rispetto alla prima Switch
Assassin's Creed Black Flag Remake: le minacce di Ubisoft di azioni legali sembrano una conferma
Cosa ci fa una Xiaomi SU7 Ultra alle porte dello stabilimento Ferrari? La risposta potrebbe sorprendervi
Promo AliExpress Choice Day: prezzi stracciati su CPU AMD, cuffie Sony, smartwatch, GoPro e molto altro
Nostalgico, ma moderno: il nuovo THEC64 Black Edition è un (attuale) inno alla storia
AVM avvia la distribuzione di FRITZ! OS 8.20: la rete di casa diventa ancora più efficiente
Super offerte Bose: le QuietComfort a meno di 150€, le Ultra Open Ear calano di 100€. Quali fanno per te?
Epic vince (ancora) contro Google: Android dovrà aprire agli store concorrenti
Tutti gli articoli Tutte le news

Vai al Forum
Pagina 2 di 3 < 1 2 3 >
Rispondi
 
Strumenti
Old 27-09-2017, 05:09   #21
FCIM1908
Member
 
Iscritto dal: Dec 2008
Messaggi: 61
ROGUE KILLER
Allegati
File Type: txt 5_roguekiller.txt (3.6 KB, 3 visite)
FCIM1908 è offline   Rispondi citando il messaggio o parte di esso
Old 27-09-2017, 05:10   #22
FCIM1908
Member
 
Iscritto dal: Dec 2008
Messaggi: 61
FRST PRIMO REPORT

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-09-2017
Ran by numer (administrator) on DESKTOP-J6B9VBM (27-09-2017 05:38:35)
Running from C:\Users\numer\Desktop
Loaded Profiles: numer (Available Profiles: numer)
Platform: Windows 10 Home Version 1703 (X64) Language: Italiano (Italia)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki122581.inf_amd64_39d9112bbe77f060\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki122581.inf_amd64_39d9112bbe77f060\IntelCpHDCPSvc.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\KillerService.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\modulecore\ModuleCoreService.exe
(Intel Security, Inc.) C:\Program Files\Common Files\intel security\pef\CORE\PEFService.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\SystemCore\mfemms.exe
(Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki122581.inf_amd64_39d9112bbe77f060\IntelCpHeciSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\mcafee\MfeAV\MfeAVSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\VSCore_15_7\mcapexe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\mcsvchost\McSvHost.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\csp\2.5.312.0\McCSPServiceHost.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki122581.inf_amd64_39d9112bbe77f060\igfxEM.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\modulecore\ModuleCoreService.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
(Dell) C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe
(Dell) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Dell) C:\Program Files\Dell\Dell Product Registration\PRSvc.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\nvapiw.exe
(Dell) C:\Program Files\Dell\Dell Foundation Services\DFS.Common.Agent.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(McAfee LLC.) C:\Program Files\Common Files\mcafee\amcore\mcshield.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9240048 2017-09-20] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1502696 2017-09-20] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320584 2017-03-25] (Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [1189744 2017-06-27] (Waves Audio Ltd.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
HKU\S-1-5-21-1420259285-3256734564-2012207256-1001\...\Run: [AdobeBridge] => [X]

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{62627152-b5ac-463b-b8b4-7432c4e63803}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-1420259285-3256734564-2012207256-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1420259285-3256734564-2012207256-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-09-23] (Microsoft Corporation)
BHO: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-09-06] (McAfee, Inc.)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-09-23] (Microsoft Corporation)
BHO-x32: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-09-06] (McAfee, Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-23] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-23] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-23] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-23] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-09-06] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-09-06] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2017-08-08] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2017-08-08] (McAfee, Inc.)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2017-07-20]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2017-09-15] [not signed]
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2017-08-08] ()
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2017-08-08] ()
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-09-23] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-05] (Google Inc.)

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [338312 2016-09-07] (Windows (R) Win 7 DDK provider)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4424392 2017-09-08] (Microsoft Corporation)
S3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1511728 2017-08-10] (McAfee, Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [208760 2017-07-27] (Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3294584 2017-07-27] (Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [217464 2017-07-27] (Dell Inc.)
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [130936 2017-05-02] (Dell Inc.)
R2 Dell Foundation Services; C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe [97616 2017-01-11] (Dell)
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [120872 2017-05-04] (Dell)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [230248 2017-05-02] (Dell Inc.)
R2 esifsvc; C:\Windows\system32\Intel\DPTF\esif_uf.exe [2208888 2016-09-02] (Intel Corporation)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17992 2017-03-25] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [630048 2016-10-14] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [196200 2016-12-19] (Intel Corporation)
R2 Killer Service V2; C:\Program Files\Killer Networking\Network Manager\KillerService.exe [457104 2017-04-18] (Rivet Networks)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [590880 2017-09-06] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_7\McApExe.exe [993256 2017-08-07] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\mcafee\actwiz\McAWFwk.exe [454560 2017-01-17] (McAfee, Inc.)
R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.5.312.0\\McCSPServiceHost.exe [2139832 2017-05-31] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [242640 2017-06-21] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [394704 2017-06-21] (McAfee, Inc.)
R3 mfevtp; C:\Windows\system32\mfevtps.exe [350160 2017-06-21] (McAfee, Inc.)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1546904 2017-08-17] (McAfee, Inc.)
S3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
S3 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495040 2017-05-04] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495040 2017-05-04] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-01] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-05-04] (NVIDIA Corporation)
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1043864 2017-07-31] (Intel Security, Inc.)
R2 Product Registration; C:\Program Files\Dell\Dell Product Registration\PRSvc.exe [46632 2017-04-18] (Dell)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [333296 2017-09-20] (Realtek Semiconductor)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [53208 2017-08-04] (Dell Inc.)
S3 ThunderboltService; c:\Program Files (x86)\Intel\Thunderbolt Software\tbtsvc.exe [2018024 2016-11-17] (Intel Corporation)
R2 WavesSysSvc; C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [828792 2017-06-27] (Waves Audio Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW10x64.sys [148200 2017-04-04] (Rivet Networks, LLC.)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [77800 2017-06-26] (McAfee, Inc.)
R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [32960 2017-04-11] (Dell Inc.)
R3 DellProf; C:\Windows\system32\drivers\DellProf.sys [32568 2017-04-11] (Dell Computer Corporation)
R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [71232 2016-08-13] (Intel Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [66624 2016-08-13] (Intel Corporation)
R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [350272 2016-08-13] (Intel Corporation)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77440 2017-08-24] ()
R3 HidEventFilter; C:\Windows\System32\drivers\HidEventFilter.sys [54816 2016-10-29] (Intel Corporation)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [209608 2017-08-07] (McAfee, Inc.)
S3 iaLPSS2_GPIO2; C:\Windows\System32\drivers\iaLPSS2_GPIO2.sys [89912 2016-08-30] (Intel Corporation)
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [192960 2017-09-27] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\system32\DRIVERS\farflt.sys [101824 2017-09-27] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [45472 2017-09-27] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [253888 2017-09-27] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [94144 2017-09-27] (Malwarebytes)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [487408 2017-06-26] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [355312 2017-06-26] (McAfee, Inc.)
U3 mfeavfk01; no ImagePath
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [84544 2017-06-26] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [506352 2017-06-26] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [933360 2017-06-26] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [504792 2017-06-27] (McAfee LLC.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [108504 2017-06-27] (McAfee LLC.)
R3 mfeplk; C:\Windows\System32\drivers\mfeplk.sys [116208 2017-06-26] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [111608 2017-02-14] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [253424 2017-06-26] (McAfee, Inc.)
S3 mosuport; C:\Windows\System32\drivers\mosuport.sys [367744 2016-12-23] (ASIX Electronics Corporation)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvdm.inf_amd64_dc26d32481ff4137\nvlddmkm.sys [14456912 2017-05-11] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-05-04] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [48064 2017-05-04] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [57792 2017-05-04] (NVIDIA Corporation)
S3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [779232 2016-08-05] (Realsil Semiconductor Corporation)
S3 rtux64w10; C:\Windows\System32\drivers\rtux64w10.sys [375296 2017-01-18] (Realtek )
S3 SDFRd; C:\Windows\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-09-27 05:38 - 2017-09-27 05:38 - 000021818 _____ C:\Users\numer\Desktop\FRST.txt
2017-09-27 05:38 - 2017-09-27 05:38 - 000000000 ____D C:\FRST
2017-09-27 05:37 - 2017-09-27 05:37 - 002399744 _____ (Farbar) C:\Users\numer\Desktop\FRST64.exe
2017-09-27 05:23 - 2017-09-27 05:23 - 000004222 _____ C:\Windows\System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse
2017-09-27 05:19 - 2017-09-27 05:19 - 000028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2017-09-27 05:17 - 2017-09-27 05:35 - 000000000 ____D C:\ProgramData\RogueKiller
2017-09-27 05:17 - 2017-09-27 05:17 - 026704968 _____ C:\Users\numer\Desktop\RogueKiller_portable64.exe
2017-09-27 04:55 - 2017-09-27 05:00 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-09-27 04:54 - 2017-09-27 05:00 - 000000000 ____D C:\Users\numer\Desktop\mbar
2017-09-27 04:53 - 2017-09-27 04:53 - 016563352 _____ (Malwarebytes Corp.) C:\Users\numer\Downloads\mbar-1.09.3.1001.exe
2017-09-27 04:50 - 2017-09-27 04:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2017-09-27 04:49 - 2017-09-27 05:00 - 000295708 _____ C:\TDSSKiller.3.1.0.15_27.09.2017_04.49.56_log.txt
2017-09-27 04:49 - 2017-09-27 04:49 - 004922400 _____ (AO Kaspersky Lab) C:\Users\numer\Downloads\tdsskiller.exe
2017-09-27 04:44 - 2017-09-27 04:46 - 000000000 ____D C:\AdwCleaner
2017-09-27 04:43 - 2017-09-27 04:43 - 008182736 _____ (Malwarebytes) C:\Users\numer\Downloads\AdwCleaner.exe
2017-09-27 04:42 - 2017-09-27 05:35 - 000000000 ____D C:\Users\numer\Desktop\VIRUS
2017-09-27 04:40 - 2017-09-27 04:55 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-09-27 04:40 - 2017-09-27 04:47 - 000253888 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-09-27 04:40 - 2017-09-27 04:47 - 000101824 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-09-27 04:40 - 2017-09-27 04:47 - 000094144 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-09-27 04:40 - 2017-09-27 04:47 - 000045472 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-09-27 04:40 - 2017-09-27 04:40 - 000192960 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-09-27 04:40 - 2017-09-27 04:40 - 000001914 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-09-27 04:40 - 2017-09-27 04:40 - 000001115 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves MaxxAudioPro.lnk
2017-09-27 04:40 - 2017-09-27 04:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-09-27 04:40 - 2017-09-27 04:40 - 000000000 ____D C:\Program Files\Waves
2017-09-27 04:40 - 2017-09-27 04:40 - 000000000 ____D C:\Program Files\Malwarebytes
2017-09-27 04:40 - 2017-08-24 11:27 - 000077440 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-09-27 04:39 - 2017-09-27 04:39 - 068408664 _____ (Malwarebytes ) C:\Users\numer\Downloads\mb3-setup-35891.35891-3.2.2.2029.exe
2017-09-27 04:35 - 2017-09-27 04:35 - 000000000 ___HD C:\OneDriveTemp
2017-09-23 16:15 - 2017-09-23 16:15 - 000000000 ____D C:\Users\numer\AppData\Local\Tempzxpsign49656b7ddfbac53d
2017-09-23 16:15 - 2017-09-23 16:15 - 000000000 ____D C:\Users\numer\AppData\Local\Tempzxpsign47242e8cfe98e629
2017-09-23 16:15 - 2017-09-23 16:15 - 000000000 ____D C:\Users\numer\AppData\Local\Tempzxpsign11ac591ad79f05a0
2017-09-23 10:55 - 2017-09-23 10:55 - 000544424 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2017-09-23 10:11 - 2017-09-27 05:33 - 000004034 _____ C:\Windows\System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse
2017-09-20 20:19 - 2017-09-20 20:19 - 003685864 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2017-09-20 20:19 - 2017-09-20 20:19 - 003213832 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2017-09-20 20:19 - 2017-09-20 20:19 - 000248840 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTHDASIO64.dll
2017-09-20 20:18 - 2017-09-20 20:18 - 024252360 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRenderAVX64.dll
2017-09-20 20:18 - 2017-09-20 20:18 - 003548616 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2017-09-20 20:18 - 2017-09-20 20:18 - 002219504 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2017-09-20 20:18 - 2017-09-20 20:18 - 001367728 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2017-09-20 20:18 - 2017-09-20 20:18 - 000749544 _____ (Intel(R) Corporation) C:\Windows\system32\Drivers\IntcOED.sys
2017-09-20 20:18 - 2017-09-20 20:18 - 000705608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2017-09-20 20:18 - 2017-09-20 20:18 - 000353848 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2017-09-20 20:18 - 2017-09-20 20:18 - 000237288 _____ (Intel(R) Corporation) C:\Windows\system32\Drivers\IntcAudioBus.sys
2017-09-20 20:18 - 2017-09-20 20:18 - 000209416 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RTHDASIO.dll
2017-09-20 19:58 - 2017-09-20 19:58 - 012951320 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2017-09-20 19:58 - 2017-09-20 19:58 - 000243016 _____ C:\Windows\system32\Drivers\dsp_fw_release.bin
2017-09-20 19:58 - 2017-09-20 19:58 - 000012288 _____ C:\Windows\system32\Drivers\dsp_fw_release_7CAD0808-AB10-CD23-EF45-12AB34CD56EF.bin
2017-09-15 16:14 - 2017-09-15 16:14 - 000004308 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-09-15 16:14 - 2017-09-15 16:14 - 000004000 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-09-15 16:14 - 2017-09-15 16:14 - 000003994 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-09-15 16:14 - 2017-09-15 16:14 - 000003894 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-09-15 16:14 - 2017-09-15 16:14 - 000003866 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-09-15 16:14 - 2017-09-15 16:14 - 000003858 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-09-15 16:14 - 2017-09-15 16:14 - 000003696 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-09-15 16:14 - 2017-09-15 16:14 - 000003654 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-09-15 16:14 - 2017-09-15 16:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-09-15 16:14 - 2017-05-04 06:19 - 001893312 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2017-09-15 16:14 - 2017-05-04 06:19 - 001755072 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2017-09-15 16:14 - 2017-05-04 06:19 - 001477056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2017-09-15 16:14 - 2017-05-04 06:19 - 001317312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2017-09-15 16:14 - 2017-05-04 06:19 - 000121280 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2017-09-15 16:14 - 2017-05-04 05:28 - 000001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2017-09-15 16:14 - 2017-05-04 01:41 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2017-09-15 16:14 - 2017-05-02 08:38 - 000018040 _____ (NVIDIA Corporation) C:\Windows\system32\NVMUPEventMsg.dll
2017-09-15 16:13 - 2017-05-04 06:19 - 000175552 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2017-09-15 16:13 - 2017-05-04 06:19 - 000143296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2017-09-15 16:13 - 2017-05-04 06:19 - 000057792 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2017-09-15 16:13 - 2017-05-04 06:19 - 000048064 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2017-09-15 16:13 - 2017-05-02 08:38 - 040201848 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2017-09-15 16:13 - 2017-05-02 08:38 - 035388864 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2017-09-15 16:13 - 2017-05-02 08:38 - 035281528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2017-09-15 16:13 - 2017-05-02 08:38 - 028623480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2017-09-15 16:13 - 2017-05-02 08:38 - 011056456 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2017-09-15 16:13 - 2017-05-02 08:38 - 011024384 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2017-09-15 16:13 - 2017-05-02 08:38 - 010547440 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2017-09-15 16:13 - 2017-05-02 08:38 - 009245744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2017-09-15 16:13 - 2017-05-02 08:38 - 009014792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2017-09-15 16:13 - 2017-05-02 08:38 - 008805232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2017-09-15 16:13 - 2017-05-02 08:38 - 003792320 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2017-09-15 16:13 - 2017-05-02 08:38 - 003607464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2017-09-15 16:13 - 2017-05-02 08:38 - 003247736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2017-09-15 16:13 - 2017-05-02 08:38 - 001988032 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6438205.dll
2017-09-15 16:13 - 2017-05-02 08:38 - 001589696 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6438205.dll
2017-09-15 16:13 - 2017-05-02 08:38 - 001278528 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFTH264.dll
2017-09-15 16:13 - 2017-05-02 08:38 - 001276128 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFThevc.dll
2017-09-15 16:13 - 2017-05-02 08:38 - 001054144 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2017-09-15 16:13 - 2017-05-02 08:38 - 000995736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFTH264.dll
2017-09-15 16:13 - 2017-05-02 08:38 - 000993872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFThevc.dll
2017-09-15 16:13 - 2017-05-02 08:38 - 000991168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2017-09-15 16:13 - 2017-05-02 08:38 - 000960960 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2017-09-15 16:13 - 2017-05-02 08:38 - 000911992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2017-09-15 16:13 - 2017-05-02 08:38 - 000776048 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2017-09-15 16:13 - 2017-05-02 08:38 - 000688968 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2017-09-15 16:13 - 2017-05-02 08:38 - 000612088 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2017-09-15 16:13 - 2017-05-02 08:38 - 000609912 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2017-09-15 16:13 - 2017-05-02 08:38 - 000577728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2017-09-15 16:13 - 2017-05-02 08:38 - 000499320 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2017-09-15 16:12 - 2017-09-15 16:12 - 000000000 ____D C:\Windows\nvmup
2017-09-15 15:37 - 2017-09-05 07:30 - 000287648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2017-09-15 15:37 - 2017-09-05 07:21 - 000189344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2017-09-15 15:37 - 2017-09-05 07:18 - 000820128 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2017-09-15 15:37 - 2017-09-05 07:16 - 000546208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2017-09-15 15:37 - 2017-09-05 07:12 - 001409048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2017-09-15 15:37 - 2017-09-05 07:12 - 001292880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2017-09-15 15:37 - 2017-09-05 07:12 - 000627080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2017-09-15 15:37 - 2017-09-05 07:12 - 000081176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32u.dll
2017-09-15 15:37 - 2017-09-05 07:11 - 002675104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2017-09-15 15:37 - 2017-09-05 06:53 - 001839872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-09-15 15:37 - 2017-09-05 06:52 - 002259760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreUIComponents.dll
2017-09-15 15:37 - 2017-09-05 06:50 - 004330920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupapi.dll
2017-09-15 15:37 - 2017-09-05 06:46 - 004471888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2017-09-15 15:37 - 2017-09-05 06:45 - 005821496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2017-09-15 15:37 - 2017-09-05 06:45 - 002476712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2017-09-15 15:37 - 2017-09-05 06:45 - 002166808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-09-15 15:37 - 2017-09-05 06:45 - 000750496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2017-09-15 15:37 - 2017-09-05 06:45 - 000085784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredentialUIBroker.exe
2017-09-15 15:37 - 2017-09-05 06:44 - 000569264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2017-09-15 15:37 - 2017-09-05 06:43 - 000611096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2017-09-15 15:37 - 2017-09-05 06:43 - 000359560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2017-09-15 15:37 - 2017-09-05 06:43 - 000280480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2017-09-15 15:37 - 2017-09-05 06:43 - 000169376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2017-09-15 15:37 - 2017-09-05 06:43 - 000042456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbs.dll
2017-09-15 15:37 - 2017-09-05 06:42 - 002330520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2017-09-15 15:37 - 2017-09-05 06:42 - 000703056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2017-09-15 15:37 - 2017-09-05 06:42 - 000519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2017-09-15 15:37 - 2017-09-05 06:42 - 000291904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wevtapi.dll
2017-09-15 15:37 - 2017-09-05 06:42 - 000182688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2017-09-15 15:37 - 2017-09-05 06:41 - 020373408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-09-15 15:37 - 2017-09-05 06:41 - 006761560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-09-15 15:37 - 2017-09-05 06:41 - 004671832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2017-09-15 15:37 - 2017-09-05 06:41 - 001106904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2017-09-15 15:37 - 2017-09-05 06:41 - 001013912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll
2017-09-15 15:37 - 2017-09-05 06:40 - 000052768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-09-15 15:37 - 2017-09-05 06:37 - 000583160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2017-09-15 15:37 - 2017-09-05 06:28 - 000071680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbser.sys
2017-09-15 15:37 - 2017-09-05 06:28 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\buttonconverter.sys
2017-09-15 15:37 - 2017-09-05 06:27 - 000128000 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-09-15 15:37 - 2017-09-05 06:26 - 002953216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2017-09-15 15:37 - 2017-09-05 06:26 - 000404480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
2017-09-15 15:37 - 2017-09-05 06:26 - 000130560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthpan.sys
2017-09-15 15:37 - 2017-09-05 06:26 - 000107008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys
2017-09-15 15:37 - 2017-09-05 06:25 - 013844480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2017-09-15 15:37 - 2017-09-05 06:25 - 001448960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2017-09-15 15:37 - 2017-09-05 06:25 - 000293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32k.sys
2017-09-15 15:37 - 2017-09-05 06:25 - 000154624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWWIN.EXE
2017-09-15 15:37 - 2017-09-05 06:24 - 002199552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-09-15 15:37 - 2017-09-05 06:23 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcconf.dll
2017-09-15 15:37 - 2017-09-05 06:22 - 000742912 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2017-09-15 15:37 - 2017-09-05 06:22 - 000165888 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2017-09-15 15:37 - 2017-09-05 06:22 - 000079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2017-09-15 15:37 - 2017-09-05 06:21 - 006728704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2017-09-15 15:37 - 2017-09-05 06:21 - 001178624 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Vpn.dll
2017-09-15 15:37 - 2017-09-05 06:21 - 000123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srpapi.dll
2017-09-15 15:37 - 2017-09-05 06:21 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe
2017-09-15 15:37 - 2017-09-05 06:20 - 000370176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2017-09-15 15:37 - 2017-09-05 06:19 - 000364032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msIso.dll
2017-09-15 15:37 - 2017-09-05 06:19 - 000311296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2017-09-15 15:37 - 2017-09-05 06:19 - 000181760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authz.dll
2017-09-15 15:37 - 2017-09-05 06:19 - 000134656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dinput.dll
2017-09-15 15:37 - 2017-09-05 06:18 - 000524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ngccredprov.dll
2017-09-15 15:37 - 2017-09-05 06:18 - 000471040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TpmCoreProvisioning.dll
2017-09-15 15:37 - 2017-09-05 06:18 - 000452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasplap.dll
2017-09-15 15:37 - 2017-09-05 06:18 - 000175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dinput8.dll
2017-09-15 15:37 - 2017-09-05 06:18 - 000100352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasman.dll
2017-09-15 15:37 - 2017-09-05 06:17 - 008213504 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2017-09-15 15:37 - 2017-09-05 06:17 - 000918528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Vpn.dll
2017-09-15 15:37 - 2017-09-05 06:17 - 000852480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasgcw.dll
2017-09-15 15:37 - 2017-09-05 06:17 - 000586240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2017-09-15 15:37 - 2017-09-05 06:17 - 000307712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptngc.dll
2017-09-15 15:37 - 2017-09-05 06:16 - 005961728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2017-09-15 15:37 - 2017-09-05 06:16 - 000844288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdlg.dll
2017-09-15 15:37 - 2017-09-05 06:16 - 000563200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2017-09-15 15:37 - 2017-09-05 06:16 - 000357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActivationManager.dll
2017-09-15 15:37 - 2017-09-05 06:16 - 000257024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Phoneutil.dll
2017-09-15 15:37 - 2017-09-05 06:15 - 001248768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzureSettingSyncProvider.dll
2017-09-15 15:37 - 2017-09-05 06:15 - 000657408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2017-09-15 15:37 - 2017-09-05 06:15 - 000636416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
2017-09-15 15:37 - 2017-09-05 06:15 - 000430592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2017-09-15 15:37 - 2017-09-05 06:15 - 000223744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2017-09-15 15:37 - 2017-09-05 06:14 - 000754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-09-15 15:37 - 2017-09-05 06:14 - 000590336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PCPKsp.dll
2017-09-15 15:37 - 2017-09-05 06:14 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsreg.dll
2017-09-15 15:37 - 2017-09-05 06:13 - 007598080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2017-09-15 15:37 - 2017-09-05 06:13 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cldapi.dll
2017-09-15 15:37 - 2017-09-05 06:12 - 005225984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2017-09-15 15:37 - 2017-09-05 06:12 - 002859520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-09-15 15:37 - 2017-09-05 06:12 - 000899584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2017-09-15 15:37 - 2017-09-05 06:11 - 003667456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2017-09-15 15:37 - 2017-09-05 06:11 - 001355264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OpcServices.dll
2017-09-15 15:37 - 2017-09-05 06:11 - 001060352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2017-09-15 15:37 - 2017-09-05 06:11 - 001019904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
2017-09-15 15:37 - 2017-09-05 06:11 - 000787456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2017-09-15 15:37 - 2017-09-05 06:10 - 004559360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2017-09-15 15:37 - 2017-09-05 06:10 - 001627136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-09-15 15:37 - 2017-09-05 06:10 - 000761344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll
2017-09-15 15:37 - 2017-09-05 06:10 - 000431616 _____ (Microsoft Corporation) C:\Windows\system32\BthHFSrv.dll
2017-09-15 15:37 - 2017-09-05 06:06 - 000221696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wisp.dll
2017-09-15 15:37 - 2017-09-05 06:06 - 000089088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2017-09-15 15:37 - 2017-09-05 06:04 - 000175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RstrtMgr.dll
2017-09-15 15:37 - 2017-09-05 06:04 - 000057856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offreg.dll
2017-09-15 15:37 - 2017-08-01 04:38 - 000406544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\policymanager.dll
2017-09-15 15:37 - 2017-08-01 04:36 - 000119712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2017-09-15 15:37 - 2017-08-01 04:35 - 000133904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2017-09-15 15:37 - 2017-08-01 04:34 - 000349600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-09-15 15:37 - 2017-08-01 04:31 - 000176024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\basecsp.dll
2017-09-15 15:37 - 2017-08-01 04:17 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tokenbinding.dll
2017-09-15 15:37 - 2017-08-01 04:14 - 000035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2017-09-15 15:37 - 2017-08-01 04:13 - 000127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdeploy.dll
2017-09-15 15:37 - 2017-08-01 04:12 - 000229888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scksp.dll
2017-09-15 15:37 - 2017-08-01 04:09 - 000394240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2017-09-15 15:37 - 2017-08-01 04:08 - 000267264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptprov.dll
2017-09-15 15:37 - 2017-08-01 04:07 - 002671616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-09-15 15:37 - 2017-08-01 04:06 - 000798208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2017-09-15 15:37 - 2017-08-01 03:30 - 003377664 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-09-15 15:37 - 2017-08-01 00:45 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2017-09-15 15:37 - 2017-08-01 00:45 - 000866816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswdat10.dll
2017-09-15 15:37 - 2017-08-01 00:45 - 000641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswstr10.dll
2017-09-15 15:37 - 2017-08-01 00:45 - 000616448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrepl40.dll
2017-09-15 15:37 - 2017-08-01 00:45 - 000518144 _____ C:\Windows\SysWOW64\msjetoledb40.dll
2017-09-15 15:37 - 2017-08-01 00:45 - 000475648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxbde40.dll
2017-09-15 15:37 - 2017-08-01 00:45 - 000375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspbde40.dll
2017-09-15 15:37 - 2017-08-01 00:45 - 000343552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2017-09-15 15:37 - 2017-08-01 00:45 - 000339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2017-09-15 15:37 - 2017-08-01 00:45 - 000310272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll
2017-09-15 15:37 - 2017-08-01 00:45 - 000290816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjtes40.dll
2017-09-15 15:37 - 2017-08-01 00:45 - 000272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstext40.dll
2017-09-15 15:37 - 2017-08-01 00:45 - 000240640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll
2017-09-15 15:37 - 2017-08-01 00:45 - 000144896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjint40.dll
2017-09-15 15:37 - 2017-08-01 00:45 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjter40.dll
2017-09-15 15:37 - 2017-07-28 07:23 - 000723360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2017-09-15 15:37 - 2017-07-28 07:20 - 000279968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2017-09-15 15:37 - 2017-07-28 07:15 - 000554400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2017-09-15 15:37 - 2017-07-28 07:07 - 000805816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll
2017-09-15 15:37 - 2017-07-28 06:48 - 000096648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmcmnutils.dll
2017-09-15 15:37 - 2017-07-28 06:40 - 000551200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2017-09-15 15:37 - 2017-07-28 06:38 - 004213656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepository.dll
2017-09-15 15:37 - 2017-07-28 06:36 - 005808640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2017-09-15 15:37 - 2017-07-28 06:36 - 002424024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2017-09-15 15:37 - 2017-07-28 06:36 - 001195760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2017-09-15 15:37 - 2017-07-28 06:36 - 000866808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DolbyDecMFT.dll
2017-09-15 15:37 - 2017-07-28 06:36 - 000864248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2017-09-15 15:37 - 2017-07-28 06:36 - 000173104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsensorgroup.dll
2017-09-15 15:37 - 2017-07-28 06:36 - 000090464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msacm32.dll
2017-09-15 15:37 - 2017-07-28 06:35 - 000988168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-09-15 15:37 - 2017-07-28 06:35 - 000277432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shlwapi.dll
2017-09-15 15:37 - 2017-07-28 06:33 - 000967584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2017-09-15 15:37 - 2017-07-28 06:33 - 000414296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TextInputFramework.dll
2017-09-15 15:37 - 2017-07-28 06:26 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\cmintegrator.dll
2017-09-15 15:37 - 2017-07-28 06:21 - 000029184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cmintegrator.dll
2017-09-15 15:37 - 2017-07-28 06:20 - 000018432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IpNatHlpClient.dll
2017-09-15 15:37 - 2017-07-28 06:19 - 000417792 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgentUserBroker.exe
2017-09-15 15:37 - 2017-07-28 06:19 - 000147456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VCardParser.dll
2017-09-15 15:37 - 2017-07-28 06:19 - 000117760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryUpgrade.dll
2017-09-15 15:37 - 2017-07-28 06:18 - 000139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BluetoothApis.dll
2017-09-15 15:37 - 2017-07-28 06:16 - 001291776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVPXENC.dll
2017-09-15 15:37 - 2017-07-28 06:16 - 000383488 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgent.exe
2017-09-15 15:37 - 2017-07-28 06:16 - 000135680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
2017-09-15 15:37 - 2017-07-28 06:15 - 005721600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2017-09-15 15:37 - 2017-07-28 06:15 - 000586752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-09-15 15:37 - 2017-07-28 06:14 - 000368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgentUserBroker.exe
2017-09-15 15:37 - 2017-07-28 06:14 - 000331264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastlsext.dll
2017-09-15 15:37 - 2017-07-28 06:13 - 000932352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GamePanel.exe
2017-09-15 15:37 - 2017-07-28 06:12 - 000952832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2017-09-15 15:37 - 2017-07-28 06:12 - 000446464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2017-09-15 15:37 - 2017-07-28 06:12 - 000337920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgent.exe
2017-09-15 15:37 - 2017-07-28 06:10 - 000564224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shsvcs.dll
2017-09-15 15:37 - 2017-07-28 06:08 - 004417024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2017-09-15 15:37 - 2017-07-28 06:08 - 004056064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2017-09-15 15:37 - 2017-07-28 06:08 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthhfenum.sys
2017-09-15 15:37 - 2017-07-28 06:07 - 002211840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InputService.dll
2017-09-15 15:37 - 2017-07-28 06:05 - 001536512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2017-09-15 15:37 - 2017-07-28 06:05 - 000892928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe
2017-09-15 15:37 - 2017-07-28 06:05 - 000538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2017-09-15 15:37 - 2017-07-28 06:02 - 000877056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autoconv.exe
2017-09-15 15:37 - 2017-07-28 06:02 - 000853504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autofmt.exe
2017-09-15 15:37 - 2017-07-28 06:02 - 000077312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spbcd.dll
2017-09-15 15:36 - 2017-09-05 07:31 - 001596592 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2017-09-15 15:36 - 2017-09-05 07:31 - 001346112 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2017-09-15 15:36 - 2017-09-05 07:31 - 001147296 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2017-09-15 15:36 - 2017-09-05 07:31 - 001024928 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2017-09-15 15:36 - 2017-09-05 07:31 - 000821664 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.exe
2017-09-15 15:36 - 2017-09-05 07:31 - 000750560 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2017-09-15 15:36 - 2017-09-05 07:31 - 000115792 _____ (Microsoft Corporation) C:\Windows\system32\win32u.dll
2017-09-15 15:36 - 2017-09-05 07:27 - 002399728 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-09-15 15:36 - 2017-09-05 07:27 - 000136096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-09-15 15:36 - 2017-09-05 07:26 - 008319904 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-09-15 15:36 - 2017-09-05 07:26 - 001930840 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-09-15 15:36 - 2017-09-05 07:25 - 002969880 _____ (Microsoft Corporation) C:\Windows\system32\CoreUIComponents.dll
2017-09-15 15:36 - 2017-09-05 07:25 - 000159648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2017-09-15 15:36 - 2017-09-05 07:24 - 000923040 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2017-09-15 15:36 - 2017-09-05 07:24 - 000519584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2017-09-15 15:36 - 2017-09-05 07:23 - 004462120 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll
2017-09-15 15:36 - 2017-09-05 07:23 - 001242528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2017-09-15 15:36 - 2017-09-05 07:20 - 001057824 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2017-09-15 15:36 - 2017-09-05 07:19 - 004848960 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2017-09-15 15:36 - 2017-09-05 07:19 - 002443168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-09-15 15:36 - 2017-09-05 07:18 - 007326128 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2017-09-15 15:36 - 2017-09-05 07:18 - 005477096 _____ (Microsoft Corporation) C:\Windows\system32\OneCoreUAPCommonProxyStub.dll
2017-09-15 15:36 - 2017-09-05 07:18 - 002972552 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2017-09-15 15:36 - 2017-09-05 07:18 - 002647224 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-09-15 15:36 - 2017-09-05 07:18 - 001668344 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2017-09-15 15:36 - 2017-09-05 07:18 - 000685512 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2017-09-15 15:36 - 2017-09-05 07:18 - 000212384 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2017-09-15 15:36 - 2017-09-05 07:17 - 000316320 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2017-09-15 15:36 - 2017-09-05 07:16 - 001320344 _____ (Microsoft Corporation) C:\Windows\system32\wpx.dll
2017-09-15 15:36 - 2017-09-05 07:16 - 000872472 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll
2017-09-15 15:36 - 2017-09-05 07:16 - 000724200 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2017-09-15 15:36 - 2017-09-05 07:16 - 000715168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2017-09-15 15:36 - 2017-09-05 07:16 - 000410168 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2017-09-15 15:36 - 2017-09-05 07:16 - 000228256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-09-15 15:36 - 2017-09-05 07:16 - 000182688 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2017-09-15 15:36 - 2017-09-05 07:16 - 000049720 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll
2017-09-15 15:36 - 2017-09-05 07:15 - 003116184 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2017-09-15 15:36 - 2017-09-05 07:15 - 000871448 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2017-09-15 15:36 - 2017-09-05 07:15 - 000654976 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2017-09-15 15:36 - 2017-09-05 07:15 - 000381824 _____ (Microsoft Corporation) C:\Windows\system32\wevtapi.dll
2017-09-15 15:36 - 2017-09-05 07:15 - 000257440 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2017-09-15 15:36 - 2017-09-05 07:14 - 021352656 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-09-15 15:36 - 2017-09-05 07:14 - 007907344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2017-09-15 15:36 - 2017-09-05 07:14 - 004708504 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2017-09-15 15:36 - 2017-09-05 07:14 - 001146176 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2017-09-15 15:36 - 2017-09-05 07:14 - 000958664 _____ (Microsoft Corporation) C:\Windows\system32\msvproc.dll
2017-09-15 15:36 - 2017-09-05 07:14 - 000254176 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2017-09-15 15:36 - 2017-09-05 07:14 - 000094624 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2017-09-15 15:36 - 2017-09-05 07:13 - 001619816 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2017-09-15 15:36 - 2017-09-05 07:13 - 000064680 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-09-15 15:36 - 2017-09-05 07:11 - 000610720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2017-09-15 15:36 - 2017-09-05 07:11 - 000387936 _____ (Microsoft Corporation) C:\Windows\system32\wmpps.dll
2017-09-15 15:36 - 2017-09-05 06:53 - 001620880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-09-15 15:36 - 2017-09-05 06:45 - 023679488 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2017-09-15 15:36 - 2017-09-05 06:31 - 003668992 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2017-09-15 15:36 - 2017-09-05 06:30 - 001639936 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2017-09-15 15:36 - 2017-09-05 06:30 - 001275904 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2017-09-15 15:36 - 2017-09-05 06:30 - 000584192 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
2017-09-15 15:36 - 2017-09-05 06:30 - 000463360 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
2017-09-15 15:36 - 2017-09-05 06:30 - 000447488 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-09-15 15:36 - 2017-09-05 06:30 - 000184320 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE
2017-09-15 15:36 - 2017-09-05 06:30 - 000093184 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll
2017-09-15 15:36 - 2017-09-05 06:30 - 000089088 _____ (Microsoft Corporation) C:\Windows\system32\winsrvext.dll
2017-09-15 15:36 - 2017-09-05 06:30 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe
2017-09-15 15:36 - 2017-09-05 06:29 - 000037376 _____ (Microsoft Corporation) C:\Windows\system32\SEMgrPS.dll
2017-09-15 15:36 - 2017-09-05 06:28 - 017371136 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2017-09-15 15:36 - 2017-09-05 06:28 - 002199552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Resources.dll
2017-09-15 15:36 - 2017-09-05 06:27 - 007931392 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2017-09-15 15:36 - 2017-09-05 06:27 - 000133632 _____ (Microsoft Corporation) C:\Windows\system32\CfgSPCellular.dll
2017-09-15 15:36 - 2017-09-05 06:27 - 000131584 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseAPNCsp.dll
2017-09-15 15:36 - 2017-09-05 06:27 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UcmCx.sys
2017-09-15 15:36 - 2017-09-05 06:27 - 000095232 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2017-09-15 15:36 - 2017-09-05 06:27 - 000090112 _____ (Microsoft Corporation) C:\Windows\system32\datamarketsvc.dll
2017-09-15 15:36 - 2017-09-05 06:27 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2017-09-15 15:36 - 2017-09-05 06:27 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll
2017-09-15 15:36 - 2017-09-05 06:26 - 000499712 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
2017-09-15 15:36 - 2017-09-05 06:26 - 000156160 _____ (Microsoft Corporation) C:\Windows\system32\csplte.dll
2017-09-15 15:36 - 2017-09-05 06:26 - 000142848 _____ (Microsoft Corporation) C:\Windows\system32\srpapi.dll
2017-09-15 15:36 - 2017-09-05 06:26 - 000124928 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2017-09-15 15:36 - 2017-09-05 06:26 - 000113152 _____ (Microsoft Corporation) C:\Windows\system32\wuuhosdeployment.dll
2017-09-15 15:36 - 2017-09-05 06:26 - 000084992 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-09-15 15:36 - 2017-09-05 06:26 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2017-09-15 15:36 - 2017-09-05 06:26 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2017-09-15 15:36 - 2017-09-05 06:25 - 000584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll
2017-09-15 15:36 - 2017-09-05 06:25 - 000527872 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
2017-09-15 15:36 - 2017-09-05 06:25 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-09-15 15:36 - 2017-09-05 06:25 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\TpmTasks.dll
2017-09-15 15:36 - 2017-09-05 06:25 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys
2017-09-15 15:36 - 2017-09-05 06:24 - 000457728 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2017-09-15 15:36 - 2017-09-05 06:24 - 000385536 _____ (Microsoft Corporation) C:\Windows\system32\tpmvsc.dll
2017-09-15 15:36 - 2017-09-05 06:24 - 000353280 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2017-09-15 15:36 - 2017-09-05 06:24 - 000334336 _____ (Microsoft Corporation) C:\Windows\system32\wc_storage.dll
2017-09-15 15:36 - 2017-09-05 06:24 - 000274432 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll
2017-09-15 15:36 - 2017-09-05 06:24 - 000182272 _____ (Microsoft Corporation) C:\Windows\system32\ngcrecovery.dll
2017-09-15 15:36 - 2017-09-05 06:24 - 000160768 _____ (Microsoft Corporation) C:\Windows\system32\dinput.dll
2017-09-15 15:36 - 2017-09-05 06:24 - 000109056 _____ (Microsoft Corporation) C:\Windows\system32\dab.dll
2017-09-15 15:36 - 2017-09-05 06:24 - 000096256 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-09-15 15:36 - 2017-09-05 06:23 - 020509184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2017-09-15 15:36 - 2017-09-05 06:23 - 000739840 _____ (Microsoft Corporation) C:\Windows\system32\PhoneProviders.dll
2017-09-15 15:36 - 2017-09-05 06:23 - 000450048 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2017-09-15 15:36 - 2017-09-05 06:23 - 000433664 _____ (Microsoft Corporation) C:\Windows\system32\msIso.dll
2017-09-15 15:36 - 2017-09-05 06:23 - 000305152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2017-09-15 15:36 - 2017-09-05 06:23 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2017-09-15 15:36 - 2017-09-05 06:23 - 000138752 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2017-09-15 15:36 - 2017-09-05 06:23 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\rasman.dll
2017-09-15 15:36 - 2017-09-05 06:23 - 000107008 _____ (Microsoft Corporation) C:\Windows\system32\ngcpopkeysrv.dll
2017-09-15 15:36 - 2017-09-05 06:22 - 023684608 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-09-15 15:36 - 2017-09-05 06:22 - 000640512 _____ (Microsoft Corporation) C:\Windows\system32\ngccredprov.dll
2017-09-15 15:36 - 2017-09-05 06:22 - 000556032 _____ (Microsoft Corporation) C:\Windows\system32\TpmCoreProvisioning.dll
2017-09-15 15:36 - 2017-09-05 06:22 - 000527360 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll
2017-09-15 15:36 - 2017-09-05 06:22 - 000477696 _____ (Microsoft Corporation) C:\Windows\system32\rasplap.dll
2017-09-15 15:36 - 2017-09-05 06:22 - 000458752 _____ (Microsoft Corporation) C:\Windows\system32\NgcCtnr.dll
2017-09-15 15:36 - 2017-09-05 06:22 - 000413184 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2017-09-15 15:36 - 2017-09-05 06:22 - 000388096 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-09-15 15:36 - 2017-09-05 06:22 - 000329728 _____ (Microsoft Corporation) C:\Windows\system32\RasMediaManager.dll
2017-09-15 15:36 - 2017-09-05 06:22 - 000327168 _____ (Microsoft Corporation) C:\Windows\system32\WinBioDataModel.dll
2017-09-15 15:36 - 2017-09-05 06:22 - 000274944 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-09-15 15:36 - 2017-09-05 06:22 - 000225792 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-09-15 15:36 - 2017-09-05 06:22 - 000213504 _____ (Microsoft Corporation) C:\Windows\system32\dinput8.dll
2017-09-15 15:36 - 2017-09-05 06:22 - 000173568 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2017-09-15 15:36 - 2017-09-05 06:21 - 001051136 _____ (Microsoft Corporation) C:\Windows\system32\nettrace.dll
2017-09-15 15:36 - 2017-09-05 06:21 - 000946688 _____ (Microsoft Corporation) C:\Windows\system32\rasgcw.dll
2017-09-15 15:36 - 2017-09-05 06:21 - 000773120 _____ (Microsoft Corporation) C:\Windows\system32\PhoneService.dll
2017-09-15 15:36 - 2017-09-05 06:21 - 000691712 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2017-09-15 15:36 - 2017-09-05 06:21 - 000422400 _____ (Microsoft Corporation) C:\Windows\system32\WpAXHolder.dll
2017-09-15 15:36 - 2017-09-05 06:21 - 000408576 _____ (Microsoft Corporation) C:\Windows\system32\cryptngc.dll
2017-09-15 15:36 - 2017-09-05 06:21 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\Phoneutil.dll
2017-09-15 15:36 - 2017-09-05 06:21 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-09-15 15:36 - 2017-09-05 06:20 - 007337472 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2017-09-15 15:36 - 2017-09-05 06:20 - 001878016 _____ (Microsoft Corporation) C:\Windows\system32\AzureSettingSyncProvider.dll
2017-09-15 15:36 - 2017-09-05 06:20 - 000925696 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebFilter.dll
2017-09-15 15:36 - 2017-09-05 06:20 - 000805888 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2017-09-15 15:36 - 2017-09-05 06:20 - 000546816 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2017-09-15 15:36 - 2017-09-05 06:20 - 000412160 _____ (Microsoft Corporation) C:\Windows\system32\ActivationManager.dll
2017-09-15 15:36 - 2017-09-05 06:20 - 000282112 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2017-09-15 15:36 - 2017-09-05 06:20 - 000229888 _____ (Microsoft Corporation) C:\Windows\system32\SIHClient.exe
2017-09-15 15:36 - 2017-09-05 06:19 - 019336192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-09-15 15:36 - 2017-09-05 06:19 - 001260544 _____ (Microsoft Corporation) C:\Windows\system32\GamePanel.exe
2017-09-15 15:36 - 2017-09-05 06:19 - 001085440 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2017-09-15 15:36 - 2017-09-05 06:19 - 001028608 _____ (Microsoft Corporation) C:\Windows\system32\modernexecserver.dll
2017-09-15 15:36 - 2017-09-05 06:19 - 000996864 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2017-09-15 15:36 - 2017-09-05 06:19 - 000772096 _____ (Microsoft Corporation) C:\Windows\system32\PCPKsp.dll
2017-09-15 15:36 - 2017-09-05 06:19 - 000772096 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2017-09-15 15:36 - 2017-09-05 06:19 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2017-09-15 15:36 - 2017-09-05 06:19 - 000124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2017-09-15 15:36 - 2017-09-05 06:19 - 000080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-09-15 15:36 - 2017-09-05 06:18 - 012801536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-09-15 15:36 - 2017-09-05 06:18 - 004175872 _____ (Microsoft Corporation) C:\Windows\system32\StartTileData.dll
2017-09-15 15:36 - 2017-09-05 06:18 - 002078720 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-09-15 15:36 - 2017-09-05 06:18 - 000922112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-09-15 15:36 - 2017-09-05 06:18 - 000921600 _____ (Microsoft Corporation) C:\Windows\system32\rasdlg.dll
2017-09-15 15:36 - 2017-09-05 06:18 - 000874496 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2017-09-15 15:36 - 2017-09-05 06:18 - 000864256 _____ (Microsoft Corporation) C:\Windows\system32\NotificationController.dll
2017-09-15 15:36 - 2017-09-05 06:18 - 000832000 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelinesvc.exe
2017-09-15 15:36 - 2017-09-05 06:18 - 000803328 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2017-09-15 15:36 - 2017-09-05 06:18 - 000752640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-09-15 15:36 - 2017-09-05 06:18 - 000564736 _____ (Microsoft Corporation) C:\Windows\system32\dsreg.dll
2017-09-15 15:36 - 2017-09-05 06:18 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\NgcCtnrSvc.dll
2017-09-15 15:36 - 2017-09-05 06:18 - 000339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-09-15 15:36 - 2017-09-05 06:18 - 000266240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-09-15 15:36 - 2017-09-05 06:18 - 000257024 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-09-15 15:36 - 2017-09-05 06:18 - 000176640 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll
2017-09-15 15:36 - 2017-09-05 06:18 - 000056832 _____ (Microsoft Corporation) C:\Windows\system32\cldapi.dll
2017-09-15 15:36 - 2017-09-05 06:17 - 008207872 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2017-09-15 15:36 - 2017-09-05 06:17 - 002765824 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-09-15 15:36 - 2017-09-05 06:17 - 001886208 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2017-09-15 15:36 - 2017-09-05 06:17 - 001397760 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2017-09-15 15:36 - 2017-09-05 06:17 - 000757760 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2017-09-15 15:36 - 2017-09-05 06:16 - 002805248 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2017-09-15 15:36 - 2017-09-05 06:16 - 002680320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.CloudStore.dll
2017-09-15 15:36 - 2017-09-05 06:16 - 000440320 _____ (Microsoft Corporation) C:\Windows\system32\windows.immersiveshell.serviceprovider.dll
2017-09-15 15:36 - 2017-09-05 06:16 - 000397312 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
2017-09-15 15:36 - 2017-09-05 06:16 - 000358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2017-09-15 15:36 - 2017-09-05 06:15 - 004730368 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-09-15 15:36 - 2017-09-05 06:15 - 004396032 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2017-09-15 15:36 - 2017-09-05 06:15 - 003307008 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-09-15 15:36 - 2017-09-05 06:15 - 003059200 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2017-09-15 15:36 - 2017-09-05 06:15 - 002503680 _____ (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll
2017-09-15 15:36 - 2017-09-05 06:15 - 002055680 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2017-09-15 15:36 - 2017-09-05 06:15 - 001736704 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2017-09-15 15:36 - 2017-09-05 06:15 - 001460224 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-09-15 15:36 - 2017-09-05 06:15 - 001293824 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2017-09-15 15:36 - 2017-09-05 06:15 - 001143296 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-09-15 15:36 - 2017-09-05 06:15 - 001077248 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2017-09-15 15:36 - 2017-09-05 06:15 - 000706560 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2017-09-15 15:36 - 2017-09-05 06:15 - 000664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-09-15 15:36 - 2017-09-05 06:15 - 000232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-09-15 15:36 - 2017-09-05 06:14 - 011887104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-09-15 15:36 - 2017-09-05 06:14 - 005557760 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2017-09-15 15:36 - 2017-09-05 06:14 - 002516480 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2017-09-15 15:36 - 2017-09-05 06:14 - 002445824 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-09-15 15:36 - 2017-09-05 06:14 - 002177024 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll
2017-09-15 15:36 - 2017-09-05 06:14 - 002006528 _____ (Microsoft Corporation) C:\Windows\system32\LocationFramework.dll
2017-09-15 15:36 - 2017-09-05 06:14 - 001657344 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2017-09-15 15:36 - 2017-09-05 06:14 - 001583616 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-09-15 15:36 - 2017-09-05 06:14 - 001046016 _____ (Microsoft Corporation) C:\Windows\system32\ngcsvc.dll
2017-09-15 15:36 - 2017-09-05 06:14 - 000986624 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-09-15 15:36 - 2017-09-05 06:14 - 000827904 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-09-15 15:36 - 2017-09-05 06:14 - 000810496 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2017-09-15 15:36 - 2017-09-05 06:13 - 002009600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-09-15 15:36 - 2017-09-05 06:13 - 001802752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-09-15 15:36 - 2017-09-05 06:13 - 000407040 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2017-09-15 15:36 - 2017-09-05 06:12 - 006265856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2017-09-15 15:36 - 2017-09-05 06:12 - 002153984 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2017-09-15 15:36 - 2017-09-05 06:11 - 003654656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-09-15 15:36 - 2017-09-05 06:11 - 001463296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-09-15 15:36 - 2017-09-05 06:11 - 000254976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2017-09-15 15:36 - 2017-09-05 06:09 - 000268288 _____ (Microsoft Corporation) C:\Windows\system32\wisp.dll
2017-09-15 15:36 - 2017-09-05 06:07 - 000201728 _____ (Microsoft Corporation) C:\Windows\system32\RstrtMgr.dll
2017-09-15 15:36 - 2017-09-05 06:07 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\vss_ps.dll
2017-09-15 15:36 - 2017-09-05 06:06 - 000078848 _____ (Microsoft Corporation) C:\Windows\system32\offreg.dll
2017-09-15 15:36 - 2017-09-01 07:55 - 000031932 _____ C:\Windows\system32\edgehtmlpluginpolicy.bin
2017-09-15 15:36 - 2017-08-01 04:38 - 000382368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2017-09-15 15:36 - 2017-08-01 04:33 - 000473240 _____ (Microsoft Corporation) C:\Windows\system32\policymanager.dll
2017-09-15 15:36 - 2017-08-01 04:32 - 000712600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2017-09-15 15:36 - 2017-08-01 04:30 - 000411040 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-09-15 15:36 - 2017-08-01 04:30 - 000143736 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2017-09-15 15:36 - 2017-08-01 04:30 - 000082336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbkmcl.sys
2017-09-15 15:36 - 2017-08-01 04:26 - 000204192 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll
2017-09-15 15:36 - 2017-08-01 04:16 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2017-09-15 15:36 - 2017-08-01 03:44 - 000083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbkmclr.sys
2017-09-15 15:36 - 2017-08-01 03:41 - 000180736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rfcomm.sys
2017-09-15 15:36 - 2017-08-01 03:41 - 000130560 _____ (Microsoft Corporation) C:\Windows\system32\policymanagerprecheck.dll
2017-09-15 15:36 - 2017-08-01 03:41 - 000110592 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2017-09-15 15:36 - 2017-08-01 03:41 - 000042496 _____ (Microsoft Corporation) C:\Windows\system32\tokenbinding.dll
2017-09-15 15:36 - 2017-08-01 03:40 - 000290816 _____ (Microsoft Corporation) C:\Windows\system32\dmenterprisediagnostics.dll
2017-09-15 15:36 - 2017-08-01 03:39 - 000046592 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2017-09-15 15:36 - 2017-08-01 03:38 - 000153088 _____ (Microsoft Corporation) C:\Windows\system32\fdeploy.dll
2017-09-15 15:36 - 2017-08-01 03:38 - 000143872 _____ (Microsoft Corporation) C:\Windows\system32\profsvcext.dll
2017-09-15 15:36 - 2017-08-01 03:37 - 000582656 _____ (Microsoft Corporation) C:\Windows\system32\SmsRouterSvc.dll
2017-09-15 15:36 - 2017-08-01 03:37 - 000255488 _____ (Microsoft Corporation) C:\Windows\system32\scksp.dll
2017-09-15 15:36 - 2017-08-01 03:35 - 000692736 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-09-15 15:36 - 2017-08-01 03:33 - 001269760 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2017-09-15 15:36 - 2017-08-01 03:33 - 000315904 _____ (Microsoft Corporation) C:\Windows\system32\ncryptprov.dll
2017-09-15 15:36 - 2017-08-01 03:31 - 004445696 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2017-09-15 15:36 - 2017-08-01 03:30 - 001052160 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2017-09-15 15:36 - 2017-08-01 03:30 - 000303104 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2017-09-15 15:36 - 2017-08-01 03:27 - 000574464 _____ (Microsoft Corporation) C:\Windows\system32\configmanager2.dll
2017-09-15 15:36 - 2017-08-01 03:27 - 000482816 _____ (Microsoft Corporation) C:\Windows\system32\dmenrollengine.dll
2017-09-15 15:36 - 2017-08-01 03:26 - 000323584 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEnroller.exe
2017-09-15 15:36 - 2017-08-01 03:25 - 000249344 _____ (Microsoft Corporation) C:\Windows\system32\coredpus.dll
2017-09-15 15:36 - 2017-08-01 03:25 - 000194048 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2017-09-15 15:36 - 2017-08-01 03:25 - 000140800 _____ (Microsoft Corporation) C:\Windows\system32\dmcsps.dll
2017-09-15 15:36 - 2017-07-28 07:30 - 001068720 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll
2017-09-15 15:36 - 2017-07-28 07:24 - 002327456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-09-15 15:36 - 2017-07-28 07:24 - 000455584 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2017-09-15 15:36 - 2017-07-28 07:24 - 000119904 _____ (Microsoft Corporation) C:\Windows\system32\dmcmnutils.dll
2017-09-15 15:36 - 2017-07-28 07:24 - 000116280 _____ (Microsoft Corporation) C:\Windows\system32\bcd.dll
2017-09-15 15:36 - 2017-07-28 07:17 - 000660680 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2017-09-15 15:36 - 2017-07-28 07:16 - 000961952 _____ (Microsoft Corporation) C:\Windows\system32\efscore.dll
2017-09-15 15:36 - 2017-07-28 07:15 - 005302968 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepository.dll
2017-09-15 15:36 - 2017-07-28 07:14 - 000318232 _____ (Microsoft Corporation) C:\Windows\system32\wininit.exe
2017-09-15 15:36 - 2017-07-28 07:13 - 006557520 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2017-09-15 15:36 - 2017-07-28 07:13 - 002604248 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2017-09-15 15:36 - 2017-07-28 07:13 - 001054280 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2017-09-15 15:36 - 2017-07-28 07:13 - 001033544 _____ (Microsoft Corporation) C:\Windows\system32\DolbyDecMFT.dll
2017-09-15 15:36 - 2017-07-28 07:13 - 000192264 _____ (Microsoft Corporation) C:\Windows\system32\mfsensorgroup.dll
2017-09-15 15:36 - 2017-07-28 07:13 - 000104432 _____ (Microsoft Corporation) C:\Windows\system32\msacm32.dll
2017-09-15 15:36 - 2017-07-28 07:12 - 001337856 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2017-09-15 15:36 - 2017-07-28 07:12 - 001325968 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-09-15 15:36 - 2017-07-28 07:12 - 000323936 _____ (Microsoft Corporation) C:\Windows\system32\shlwapi.dll
2017-09-15 15:36 - 2017-07-28 07:10 - 001114528 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2017-09-15 15:36 - 2017-07-28 07:09 - 000529992 _____ (Microsoft Corporation) C:\Windows\system32\TextInputFramework.dll
2017-09-15 15:36 - 2017-07-28 07:09 - 000527976 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2017-09-15 15:36 - 2017-07-28 06:48 - 000100232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcd.dll
2017-09-15 15:36 - 2017-07-28 06:31 - 003995136 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbon.dll
2017-09-15 15:36 - 2017-07-28 06:30 - 001722880 _____ (Microsoft Corporation) C:\Windows\system32\dui70.dll
2017-09-15 15:36 - 2017-07-28 06:29 - 000142848 _____ (Microsoft Corporation) C:\Windows\system32\dwmredir.dll
2017-09-15 15:36 - 2017-07-28 06:27 - 000051712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UcmUcsi.sys
2017-09-15 15:36 - 2017-07-28 06:26 - 000102912 _____ (Microsoft Corporation) C:\Windows\system32\officecsp.dll
2017-09-15 15:36 - 2017-07-28 06:26 - 000090112 _____ (Microsoft Corporation) C:\Windows\system32\ofdeploy.exe
2017-09-15 15:36 - 2017-07-28 06:26 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\IpNatHlpClient.dll
2017-09-15 15:36 - 2017-07-28 06:25 - 003464704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbon.dll
2017-09-15 15:36 - 2017-07-28 06:25 - 000231936 _____ (Microsoft Corporation) C:\Windows\system32\DolbyMATEnc.dll
2017-09-15 15:36 - 2017-07-28 06:25 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2017-09-15 15:36 - 2017-07-28 06:25 - 000105472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthenum.sys
2017-09-15 15:36 - 2017-07-28 06:25 - 000097280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
2017-09-15 15:36 - 2017-07-28 06:24 - 000184832 _____ (Microsoft Corporation) C:\Windows\system32\VCardParser.dll
2017-09-15 15:36 - 2017-07-28 06:24 - 000136192 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryUpgrade.dll
2017-09-15 15:36 - 2017-07-28 06:23 - 000778240 _____ (Microsoft Corporation) C:\Windows\system32\DolbyHrtfEnc.dll
2017-09-15 15:36 - 2017-07-28 06:23 - 000189440 _____ (Microsoft Corporation) C:\Windows\system32\BluetoothApis.dll
2017-09-15 15:36 - 2017-07-28 06:22 - 000778240 _____ C:\Windows\system32\MBR2GPT.EXE
2017-09-15 15:36 - 2017-07-28 06:22 - 000500224 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Shell.BlueLightReduction.dll
2017-09-15 15:36 - 2017-07-28 06:22 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Display.dll
2017-09-15 15:36 - 2017-07-28 06:22 - 000259072 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Flights.dll
2017-09-15 15:36 - 2017-07-28 06:22 - 000209408 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2017-09-15 15:36 - 2017-07-28 06:22 - 000197120 _____ (Microsoft Corporation) C:\Windows\system32\bcdboot.exe
2017-09-15 15:36 - 2017-07-28 06:21 - 008333312 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2017-09-15 15:36 - 2017-07-28 06:21 - 000699904 _____ (Microsoft Corporation) C:\Windows\system32\FlightSettings.dll
2017-09-15 15:36 - 2017-07-28 06:21 - 000365056 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Notifications.dll
2017-09-15 15:36 - 2017-07-28 06:21 - 000150528 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2017-09-15 15:36 - 2017-07-28 06:20 - 001015296 _____ (Microsoft Corporation) C:\Windows\system32\XblAuthManager.dll
2017-09-15 15:36 - 2017-07-28 06:20 - 000982016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2017-09-15 15:36 - 2017-07-28 06:20 - 000524800 _____ (Microsoft Corporation) C:\Windows\system32\TileDataRepository.dll
2017-09-15 15:36 - 2017-07-28 06:19 - 000942592 _____ (Microsoft Corporation) C:\Windows\system32\wbiosrvc.dll
2017-09-15 15:36 - 2017-07-28 06:19 - 000847360 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2017-09-15 15:36 - 2017-07-28 06:19 - 000817664 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2017-09-15 15:36 - 2017-07-28 06:19 - 000687616 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll
2017-09-15 15:36 - 2017-07-28 06:19 - 000566784 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-09-15 15:36 - 2017-07-28 06:19 - 000370688 _____ (Microsoft Corporation) C:\Windows\system32\rastlsext.dll
2017-09-15 15:36 - 2017-07-28 06:18 - 001468416 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2017-09-15 15:36 - 2017-07-28 06:18 - 001298432 _____ (Microsoft Corporation) C:\Windows\system32\lpasvc.dll
2017-09-15 15:36 - 2017-07-28 06:18 - 000586240 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll
2017-09-15 15:36 - 2017-07-28 06:18 - 000536064 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2017-09-15 15:36 - 2017-07-28 06:17 - 000497152 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2017-09-15 15:36 - 2017-07-28 06:17 - 000420864 _____ (Microsoft Corporation) C:\Windows\system32\facecredentialprovider.dll
2017-09-15 15:36 - 2017-07-28 06:16 - 001046016 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2017-09-15 15:36 - 2017-07-28 06:15 - 003204608 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-09-15 15:36 - 2017-07-28 06:15 - 000612864 _____ (Microsoft Corporation) C:\Windows\system32\shsvcs.dll
2017-09-15 15:36 - 2017-07-28 06:14 - 001305088 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll
2017-09-15 15:36 - 2017-07-28 06:13 - 004535296 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2017-09-15 15:36 - 2017-07-28 06:13 - 000972288 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2017-09-15 15:36 - 2017-07-28 06:12 - 004707840 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2017-09-15 15:36 - 2017-07-28 06:12 - 002939392 _____ (Microsoft Corporation) C:\Windows\system32\InputService.dll
2017-09-15 15:36 - 2017-07-28 06:11 - 001357312 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2017-09-15 15:36 - 2017-07-28 06:10 - 001706496 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2017-09-15 15:36 - 2017-07-28 06:10 - 000625152 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2017-09-15 15:36 - 2017-07-28 06:09 - 000971264 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe
2017-09-15 15:36 - 2017-07-28 06:09 - 000579072 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2017-09-15 15:36 - 2017-07-28 06:08 - 000600576 _____ (Microsoft Corporation) C:\Windows\system32\FrameServer.dll
2017-09-15 15:36 - 2017-07-28 06:07 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\MDMAppInstaller.exe
2017-09-15 15:36 - 2017-07-28 06:07 - 000105472 _____ (Microsoft Corporation) C:\Windows\system32\RjvMDMConfig.dll
2017-09-15 15:36 - 2017-07-28 06:07 - 000074240 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseDesktopAppMgmtCSP.dll
2017-09-15 15:36 - 2017-07-28 06:07 - 000059392 _____ (Microsoft Corporation) C:\Windows\system32\DmApiSetExtImplDesktop.dll
2017-09-15 15:36 - 2017-07-28 06:06 - 001833984 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2017-09-15 15:36 - 2017-07-28 06:06 - 000593408 _____ (Microsoft Corporation) C:\Windows\system32\BootMenuUX.dll
2017-09-15 15:36 - 2017-07-28 06:06 - 000093696 _____ (Microsoft Corporation) C:\Windows\system32\spbcd.dll
2017-09-15 15:36 - 2017-07-28 06:05 - 001525760 _____ (Microsoft Corporation) C:\Windows\system32\RecoveryDrive.exe
2017-09-15 15:36 - 2017-07-28 06:05 - 001087488 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2017-09-15 15:36 - 2017-07-28 06:05 - 000954368 _____ (Microsoft Corporation) C:\Windows\system32\autoconv.exe
2017-09-15 15:36 - 2017-07-28 06:05 - 000926208 _____ (Microsoft Corporation) C:\Windows\system32\autofmt.exe
2017-09-15 15:36 - 2017-07-28 06:05 - 000078848 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-09-15 15:28 - 2017-09-15 15:28 - 000002119 _____ C:\Users\Public\Desktop\SupportAssist.lnk
2017-09-15 15:28 - 2017-09-15 15:28 - 000000000 ____D C:\ProgramData\PC-Doctor for Windows
2017-09-15 15:28 - 2017-09-15 15:28 - 000000000 ____D C:\Program Files\Dell Support Center
2017-09-15 15:23 - 2017-09-15 15:23 - 000003934 _____ C:\Windows\System32\Tasks\Dell SupportAssistAgent AnonymousRegistration
2017-09-15 15:23 - 2017-09-15 15:23 - 000000000 ____D C:\ProgramData\PC-Doctor, Inc
2017-09-15 15:22 - 2017-09-15 15:23 - 000000000 ____D C:\Users\numer\AppData\Roaming\PCDr

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-09-27 05:33 - 2017-03-18 23:03 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2017-09-27 05:12 - 2017-03-18 22:51 - 000000000 ____D C:\Windows\CbsTemp
2017-09-27 04:56 - 2017-06-22 10:41 - 002521726 _____ C:\Windows\system32\PerfStringBackup.INI
2017-09-27 04:56 - 2017-04-04 22:00 - 001130176 _____ C:\Windows\system32\perfh010.dat
2017-09-27 04:56 - 2017-04-04 22:00 - 000247304 _____ C:\Windows\system32\perfc010.dat
2017-09-27 04:48 - 2017-07-25 19:49 - 000000000 ____D C:\Users\numer\AppData\Local\CrashDumps
2017-09-27 04:48 - 2017-07-05 21:20 - 000000000 ___RD C:\Users\numer\OneDrive
2017-09-27 04:47 - 2017-07-05 21:18 - 000000000 __SHD C:\Users\numer\IntelGraphicsProfiles
2017-09-27 04:47 - 2017-06-22 10:45 - 000000000 ____D C:\ProgramData\NVIDIA
2017-09-27 04:47 - 2017-06-22 10:36 - 000383776 _____ C:\Windows\system32\FNTCACHE.DAT
2017-09-27 04:47 - 2017-06-22 10:36 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-09-27 04:47 - 2017-03-18 13:40 - 000786432 _____ C:\Windows\system32\config\BBI
2017-09-27 04:41 - 2017-03-18 23:01 - 000000000 ____D C:\Windows\INF
2017-09-27 04:40 - 2017-06-22 10:41 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2017-09-27 04:40 - 2017-06-22 10:41 - 000000000 ____D C:\Windows\system32\RTCOM
2017-09-27 04:39 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-09-27 04:39 - 2017-03-18 23:03 - 000000000 ____D C:\Windows\AppReadiness
2017-09-27 04:38 - 2017-07-05 21:30 - 000000000 ____D C:\Users\numer\AppData\Local\Adobe
2017-09-23 10:53 - 2017-06-22 10:48 - 000000000 ____D C:\Program Files (x86)\McAfee
2017-09-23 10:39 - 2017-06-22 10:36 - 000000000 ____D C:\Windows\system32\SleepStudy
2017-09-23 10:03 - 2017-03-18 23:03 - 000000000 ____D C:\Windows\rescache
2017-09-23 09:53 - 2017-06-22 10:55 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2017-09-23 08:58 - 2017-06-22 10:49 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-09-20 22:16 - 2017-04-04 22:00 - 000000000 ____D C:\Windows\system32\it
2017-09-20 22:16 - 2017-03-18 23:03 - 000000000 ___SD C:\Windows\SysWOW64\F12
2017-09-20 22:16 - 2017-03-18 23:03 - 000000000 ___SD C:\Windows\system32\F12
2017-09-20 22:16 - 2017-03-18 23:03 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2017-09-20 22:16 - 2017-03-18 23:03 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2017-09-20 22:16 - 2017-03-18 23:03 - 000000000 ____D C:\Windows\SysWOW64\setup
2017-09-20 22:16 - 2017-03-18 23:03 - 000000000 ____D C:\Windows\system32\WinMetadata
2017-09-20 22:16 - 2017-03-18 23:03 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2017-09-20 22:16 - 2017-03-18 23:03 - 000000000 ____D C:\Windows\system32\setup
2017-09-20 22:16 - 2017-03-18 23:03 - 000000000 ____D C:\Windows\system32\oobe
2017-09-20 22:16 - 2017-03-18 23:03 - 000000000 ____D C:\Windows\ShellExperiences
2017-09-20 22:16 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-09-20 22:16 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-09-20 20:19 - 2017-06-22 10:41 - 005881208 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2017-09-20 20:19 - 2017-06-22 10:41 - 000032408 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2017-09-20 20:18 - 2017-06-22 10:41 - 025135008 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioCapture64.dll
2017-09-20 20:18 - 2017-06-22 10:41 - 024153416 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRender64.dll
2017-09-20 20:18 - 2017-06-22 10:41 - 003556512 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2017-09-20 20:18 - 2017-06-22 10:41 - 000582080 _____ (Intel Corporation) C:\Windows\system32\tbb_waves.dll
2017-09-20 20:18 - 2017-06-22 10:41 - 000203448 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2017-09-20 19:30 - 2017-03-18 23:03 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-09-20 19:27 - 2017-07-05 21:19 - 000000000 ____D C:\Users\numer\AppData\Local\NVIDIA Corporation
2017-09-20 19:25 - 2017-07-20 21:29 - 000003378 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1420259285-3256734564-2012207256-1001
2017-09-20 19:25 - 2017-07-05 21:20 - 000002415 _____ C:\Users\numer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-09-15 17:51 - 2017-07-07 13:06 - 138202976 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-09-15 17:51 - 2017-07-07 13:06 - 000000000 ____D C:\Windows\system32\MRT
2017-09-15 17:39 - 2017-06-22 10:48 - 000019378 _____ C:\Windows\system32\results.xml
2017-09-15 17:39 - 2017-06-22 10:48 - 000000000 ____D C:\ProgramData\McAfee
2017-09-15 17:39 - 2017-06-22 10:40 - 000000000 ____D C:\ProgramData\PCDr
2017-09-15 16:31 - 2017-07-07 12:59 - 000003446 _____ C:\Windows\System32\Tasks\McAfee Remediation (Prepare)
2017-09-15 16:15 - 2017-06-22 10:43 - 000000000 _____ C:\Windows\system32\GfxValDisplayLog.bin
2017-09-15 16:14 - 2017-06-22 10:45 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2017-09-15 16:14 - 2017-06-22 10:45 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-09-15 16:14 - 2017-06-22 10:44 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2017-09-15 16:14 - 2017-06-22 10:43 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2017-09-15 15:41 - 2017-07-05 21:15 - 000000000 ____D C:\Users\numer
2017-09-15 15:34 - 2017-06-22 10:48 - 000003126 _____ C:\Windows\System32\Tasks\McAfeeLogon
2017-09-15 15:34 - 2017-06-22 10:48 - 000000000 ____D C:\Program Files\Common Files\mcafee
2017-09-15 15:33 - 2017-06-22 10:48 - 000000000 ____D C:\Windows\System32\Tasks\McAfee
2017-09-15 15:33 - 2017-03-18 23:03 - 000000000 ___HD C:\Windows\ELAMBKUP
2017-09-15 15:31 - 2017-07-05 21:18 - 000000000 ____D C:\Users\numer\AppData\Local\Packages
2017-09-15 15:28 - 2017-06-22 10:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2017-09-15 15:22 - 2017-07-11 22:46 - 000000000 ____D C:\ProgramData\SupportAssist
2017-09-02 17:15 - 2017-03-18 23:06 - 000835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-09-02 17:15 - 2017-03-18 23:06 - 000177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2017-07-09 16:00 - 2017-08-11 16:19 - 000001456 _____ () C:\Users\numer\AppData\Local\Adobe Salva per Web e dispositivi 13.0 Prefs

Some files in TEMP:
====================
2017-09-27 05:17 - 2017-09-05 07:26 - 001930840 _____ (Microsoft Corporation) C:\Users\numer\AppData\Local\Temp\dllnt_dump.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-09-23 09:59

==================== End of FRST.txt ============================
FCIM1908 è offline   Rispondi citando il messaggio o parte di esso
Old 27-09-2017, 05:11   #23
FCIM1908
Member
 
Iscritto dal: Dec 2008
Messaggi: 61
FRST SECONDO REPORT

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-09-2017
Ran by numer (27-09-2017 05:39:02)
Running from C:\Users\numer\Desktop
Windows 10 Home Version 1703 (X64) (2017-07-05 21:09:29)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1420259285-3256734564-2012207256-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1420259285-3256734564-2012207256-503 - Limited - Disabled)
Guest (S-1-5-21-1420259285-3256734564-2012207256-501 - Limited - Disabled)
numer (S-1-5-21-1420259285-3256734564-2012207256-1001 - Administrator - Enabled) => C:\Users\numer

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: McAfee VirusScan (Enabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Enabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
FW: McAfee Firewall (Enabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Bridge CC 2017 (HKLM-x32\...\KBRG_7_0) (Version: 7.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.2.0.211 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.12 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_1_1) (Version: 18.1.1 - Adobe Systems Incorporated)
Aggiornamenti NVIDIA 25.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 25.0.0.0 - NVIDIA Corporation) Hidden
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 382.05 - NVIDIA Corporation) Hidden
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.41.3 - Asmedia Technology)
Dell Customer Connect (HKLM-x32\...\{4D0D1313-C0BF-4092-944A-129C8469F794}) (Version: 1.4.17.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{7294961D-6EC1-4418-9017-0180A0C78A91}) (Version: 3.2.1006.0 - Dell Products, LP)
Dell Foundation Services (HKLM\...\{BDB50421-E961-42F3-B803-6DAC6F173834}) (Version: 3.4.16100.0 - Dell Inc.)
Dell Product Registration (HKLM-x32\...\InstallShield_{0CB75726-FC62-4609-B5DA-0031E64F771B}) (Version: 3.0.128.0 - Dell Inc.)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 2.0.6875.402 - Dell)
Dell SupportAssist Remediation (HKLM\...\{00A1B449-74C9-4FF4-A854-BFECFDAD97A3}) (Version: 2.0.2.1841 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{073ace1c-7a67-4292-a718-f13deb6a1035}) (Version: 2.0.2.1841 - Dell Inc.)
Dell SupportAssistAgent (HKLM\...\{E1AA62F7-B32A-4090-814E-83BC7C3DF1FB}) (Version: 2.0.2.21 - Dell)
Dell Update - SupportAssist Update Plugin (HKLM\...\{2228BC43-73DA-4F9A-BEE6-8E9C15328513}) (Version: 3.1.1.3832 - Dell Inc.)
Dell Update (HKLM-x32\...\{F91263FA-BE4D-439D-9C0A-2E7204E0E9E3}) (Version: 1.9.20.0 - Dell Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.3 - Google Inc.) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.11000.2996 - Intel Corporation)
Intel(R) HID Event Filter (HKLM-x32\...\3FB06EEC-013D-4366-9918-71B97DFB84EB) (Version: 1.1.1.318 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1047 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4664 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.15.1058 - Intel Corporation)
Killer Bandwidth Control Filter Driver (HKLM\...\{DC2CA969-16A9-4C5C-8A39-702C037BE907}) (Version: 1.1.70.1349 - Rivet Networks) Hidden
Killer Network Manager (HKLM\...\{E9AE1148-5976-4398-A3A6-54969D08BFA9}) (Version: 1.1.70.1349 - Rivet Networks) Hidden
Killer Wireless Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.70.1349 - Rivet Networks)
Killer Wireless-AC Drivers (HKLM\...\{ECBF2450-EDB2-4543-8A4A-1DF1961D5290}) (Version: 1.1.70.1349 - Rivet Networks) Hidden
Malwarebytes versione 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.9233.1 - Waves Audio Ltd.) Hidden
McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 16.0.3 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.161 - McAfee, Inc.)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.8326.2107 - Microsoft Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.8326.2107 - Microsoft Corporation)
Microsoft Office 365 - fr-fr (HKLM\...\O365HomePremRetail - fr-fr) (Version: 16.0.8326.2107 - Microsoft Corporation)
Microsoft Office 365 - it-it (HKLM\...\O365HomePremRetail - it-it) (Version: 16.0.8326.2107 - Microsoft Corporation)
Microsoft Office 365 - nl-nl (HKLM\...\O365HomePremRetail - nl-nl) (Version: 16.0.8326.2107 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1420259285-3256734564-2012207256-1001\...\OneDriveSetup.exe) (Version: 17.3.6998.0830 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Neat Image v7.6.0 Pro plug-in for Photoshop (64-bit) (HKLM\...\Neat Image plug-in for Photoshop_is1) (Version: - Neat Image team, ABSoft)
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
NVIDIA Driver grafico 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.05 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.4.10.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-040C-0000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0410-0000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0413-0000-0000000FF1CE}) (Version: 16.0.8326.2107 - Microsoft Corporation) Hidden
Pannello di controllo NVIDIA 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 382.05 - NVIDIA Corporation) Hidden
Product Registration (HKLM\...\{0CB75726-FC62-4609-B5DA-0031E64F771B}) (Version: 3.0.128.0 - Dell Inc.) Hidden
Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.279 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.21292 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8216 - Realtek Semiconductor Corp.)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0370 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.10.0079 - ST Microelectronics)
Thunderbolt(TM) Software (HKLM-x32\...\{10877131-EC3F-4F2F-97CD-2B8341D461D7}) (Version: 16.2.55.275 - Intel Corporation)
Topaz DeNoise 5 (HKLM-x32\...\Topaz DeNoise 5) (Version: 5.1.0 - Topaz Labs, LLC)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-2) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-3) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1420259285-3256734564-2012207256-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-08AD05FAD746}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\mcafee\msc\McCtxMenuFrmWrk.dll [2017-08-08] (McAfee, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\System32\DriverStore\FileRepository\ki122581.inf_amd64_39d9112bbe77f060\igfxDTCM.dll [2017-06-02] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-05-01] (NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\mcafee\msc\McCtxMenuFrmWrk.dll [2017-08-08] (McAfee, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0169E330-AE93-4DF8-929B-CD50F6EF5D35} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {1803579B-D055-4356-B710-77BFB470B367} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => ConditionalAppStarter.exe
Task: {18E41227-83BB-4FDB-ACB3-1FAF8C291CA4} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-04] (NVIDIA Corporation)
Task: {379EC537-B9FF-4A92-AA61-4F3BED21ECFB} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-10-14] (Intel(R) Corporation)
Task: {3B479536-3D42-40C1-A1E6-5EE52B384058} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-23] ()
Task: {40C603E9-F226-4EFC-BC0B-B67182454E41} - System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.50.1291.1\mcdatrep.exe [2016-10-20] (McAfee, Inc.)
Task: {483E0A2B-23F5-49B4-A407-E0A92D5E81FD} - System32\Tasks\Dell SupportAssistAgent AnonymousRegistration => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe [2017-08-04] (Dell Inc.)
Task: {4AFA6A61-EE27-4300-B8D4-F72B3CEC7279} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {4F385F40-76DD-4FFB-8913-434233B202CF} - System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.50.1291.1\mcdatrep.exe [2016-10-20] (McAfee, Inc.)
Task: {5260A396-F75D-4C4C-BF6D-10434CC30F67} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\mcafee\platform\McUICnt.exe [2017-05-31] (McAfee, Inc.)
Task: {63430842-DEC5-4103-8B3F-E05D45865148} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {66C684F9-BFB3-49BE-8FE6-536C026C5B94} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-23] ()
Task: {6737C339-447D-4359-9015-0AA6DBC9D227} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-05-04] (NVIDIA Corporation)
Task: {782205E7-BA68-47AB-87E8-CF41219EB0F3} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => ConditionalAppStarter.exe
Task: {80CD8BAB-295D-45C6-8517-6E0F9B5B873A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-07-05] (Google Inc.)
Task: {8222C1FD-EBBC-42C1-A8BB-908907CBB6AC} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-09-08] (Microsoft Corporation)
Task: {88887C45-43E7-453C-9340-ABD556991A9D} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-04] (NVIDIA Corporation)
Task: {906D3035-70D7-4100-BBDF-E1B4E8761CA6} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-04] (NVIDIA Corporation)
Task: {9490D823-2CB2-433D-BB72-4A0063755169} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe [2017-08-04] (Dell Inc.)
Task: {95BA3DD5-9AB0-465A-B42C-799D0833D300} - System32\Tasks\PCDDataUploadTask => uaclauncher.exe
Task: {976722CD-C9D9-494E-8F0F-853BACB6F08F} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2017-05-29] (PC-Doctor, Inc.)
Task: {9975A54E-B9F1-4238-9D34-CE764C3FACBE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-07-05] (Google Inc.)
Task: {9A136F90-323B-47C2-9CD4-A0203B4B27A4} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2017-05-29] (PC-Doctor, Inc.)
Task: {AAD7F43E-5BF7-4BA6-8823-74A5F4480342} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-numerosette@alice.it => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {C060F8F0-06C2-4D06-B9EE-AC320A21C25B} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-05-04] (NVIDIA Corporation)
Task: {C0C86D74-3E56-4C76-9918-B12C7EE07EFD} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-05-04] (NVIDIA Corporation)
Task: {C688FDE3-6BFE-4B70-AA44-A55CF41CBD15} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-09-08] (Microsoft Corporation)
Task: {EA50C535-0CF4-456E-A422-5D4F40B10E14} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => sc.exe start ThunderboltService
Task: {EAFA47C2-05C2-46D4-9611-B65F6D8923FC} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [2017-08-03] (McAfee, Inc.)
Task: {EFE2D76F-1638-4EC3-9D27-A2C2711EA311} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-04] (NVIDIA Corporation)
Task: {F05C8DA1-A153-4A35-A4F6-17B84CE3B23C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-04] (NVIDIA Corporation)
Task: {FABF6635-CA6D-4D3B-BFF6-1C8777FDBC62} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => tbtsvc.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-09-15 15:34 - 2017-08-08 13:30 - 001436912 _____ () C:\Program Files\McAfee\MSC\WscInteractionHandler.dll
2017-09-27 04:40 - 2017-08-24 11:27 - 002264528 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-07-11 22:56 - 2017-08-11 14:08 - 000595608 _____ () C:\Program Files\McAfee\MfeAV\RealProtectAMScanIf.dll
2017-07-11 22:56 - 2017-08-11 14:08 - 000586728 _____ () C:\Program Files\McAfee\MfeAV\RepairModule.dll
2017-03-18 22:58 - 2017-03-18 22:58 - 000138000 _____ () C:\Windows\SYSTEM32\inputhost.dll
2017-03-18 22:59 - 2017-03-19 04:32 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-09-15 15:40 - 2017-09-15 15:40 - 000074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-09-15 15:40 - 2017-09-15 15:40 - 000203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-09-15 15:40 - 2017-09-15 15:40 - 036162048 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-09-15 15:40 - 2017-09-15 15:40 - 002237952 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\skypert.dll
2017-06-22 10:55 - 2017-09-23 09:47 - 000164544 _____ () C:\Program Files (x86)\Microsoft Office\root\Office16\JitV.dll
2017-05-02 16:39 - 2017-05-02 16:39 - 000134008 _____ () C:\Program Files (x86)\Dell Customer Connect\ServiceTagPlusPlus.dll
2017-04-28 16:05 - 2017-04-28 16:05 - 000134008 _____ () c:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
2017-05-02 00:27 - 2017-05-02 00:27 - 000133992 _____ () C:\Program Files (x86)\Dell Update\ServiceTagPlusPlus.dll
2016-12-19 18:38 - 2016-12-19 18:38 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 23:03 - 2017-03-18 23:01 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1420259285-3256734564-2012207256-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\numer\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\win ltblue 1920x1200.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{963AA1DD-EAF5-4B02-B1A1-969F2C5FBD8B}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{B2CF7BAE-7CBA-40E5-A40C-92607C38E886}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{15F61D0F-00FE-4727-ADB9-1594B6D36C64}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{58396ED8-3A85-438E-B7FC-135DE0CB4490}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{3EE264C4-91A8-476E-A3AF-F7D483C11F95}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{D26AC0C8-3521-4DD4-BC99-3AAB86A09688}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{CA132BA6-5A2A-4311-B0F5-E9181DB4B13E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

==================== Restore Points =========================

15-09-2017 16:03:29 Punto di controllo pianificato
20-09-2017 19:27:39 Windows Update
27-09-2017 04:39:38 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/27/2017 05:33:39 AM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: Event-ID 5000

Error: (09/27/2017 05:33:39 AM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: Event-ID 5000

Error: (09/27/2017 05:33:30 AM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: Event-ID 5000

Error: (09/27/2017 05:33:30 AM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: Event-ID 5000

Error: (09/27/2017 05:19:36 AM) (Source: DellSupportAssistRemedationService.exe) (EventID: 0) (User: )
Description: [5] ERROR- Exception on processing Diags log: Path: C:\ProgramData\Dell\SARemediation\esp\EFI\Dell\logs\diags_current.xml #StackInfo#

Error: (09/27/2017 05:19:36 AM) (Source: DellSupportAssistRemedationService.exe) (EventID: 0) (User: )
Description: [5] ERROR- FindPartObjects() Lable not matched! Target:WINRETOOLS, CurrentELLSUPPORT, Partition:PartitionPos {disk:0, part:6}, curGptTypeStr:{de94bba4-06d1-4d40-a16a-bfd50179d6ac} #StackInfo#

Error: (09/27/2017 05:19:36 AM) (Source: DellSupportAssistRemedationService.exe) (EventID: 0) (User: )
Description: [5] ERROR- FindPartObjects() Lable not matched! Target:WINRETOOLS, Current:Image, Partition:PartitionPos {disk:0, part:5}, curGptTypeStr:{de94bba4-06d1-4d40-a16a-bfd50179d6ac} #StackInfo#

Error: (09/27/2017 04:49:35 AM) (Source: DellSupportAssistRemedationService.exe) (EventID: 0) (User: )
Description: [4] ERROR- ReadEpsaVersion() Exception: Path: C:\ProgramData\Dell\SARemediation\esp\EFI\Dell\logs\diags_current.xml #StackInfo#

Error: (09/27/2017 04:48:48 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-J6B9VBM)
Description: Attivazione dell'app Microsoft.MicrosoftEdge_8wekyb3d8bbwe!ContentProcess non riuscita con errore: -2144927142 Per ulteriori informazioni, consulta il registro Microsoft-Windows-TWinUI/Operativo.

Error: (09/27/2017 04:48:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome dell'applicazione che ha generato l'errore: MicrosoftEdgeCP.exe, versione: 11.0.15063.608, timestamp: 0x59ae240c
Nome del modulo che ha generato l'errore: unknown, versione: 0.0.0.0, timestamp: 0x00000000
Codice eccezione: 0xc0000604
Offset errore 0x0000000000000000
ID processo che ha generato l'errore: 0x8a4
Ora di avvio dell'applicazione che ha generato l'errore: 0x01d3373b1b8cf6e4
Percorso dell'applicazione che ha generato l'errore: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Percorso del modulo che ha generato l'errore: unknown
ID segnalazione: 19b9ab96-495c-4b33-8e66-ad2c664aff02
Nome completo pacchetto che ha generato l'errore: Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe
ID applicazione relativo al pacchetto che ha generato l'errore: ContentProcess


System errors:
=============
Error: (09/27/2017 04:47:52 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-J6B9VBM)
Description: Le impostazioni delle autorizzazioni impostazioni predefinite del computer non concedono l'autorizzazione di Attivazione in Locale per l'applicazione server COM con CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
e APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
all'utente DESKTOP-J6B9VBM\SID numer (S-1-5-21-1420259285-3256734564-2012207256-1001) dall'indirizzo LocalHost (tramite LRPC) in esecuzione nel SID del contenitore di applicazioni C27EB4BA.DropboxOEM_1.1.27.0_x64__xbfy0k16fey96 (S-1-15-2-957046722-3704396400-4010937963-411832198-1131521071-1207666172-2334532315). Per modificare tale autorizzazione di sicurezza, è possibile utilizzare lo strumento amministrativo Servizi componenti.

Error: (09/27/2017 04:47:43 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Le impostazioni delle autorizzazioni impostazioni specifiche dell'applicazione non concedono l'autorizzazione di Attivazione in Locale per l'applicazione server COM con CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
e APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
all'utente NT AUTHORITY\SID SERVIZIO LOCALE (S-1-5-19) dall'indirizzo LocalHost (tramite LRPC) in esecuzione nel SID del contenitore di applicazioni Non disponibile (Non disponibile). Per modificare tale autorizzazione di sicurezza, è possibile utilizzare lo strumento amministrativo Servizi componenti.

Error: (09/27/2017 04:47:43 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Le impostazioni delle autorizzazioni impostazioni specifiche dell'applicazione non concedono l'autorizzazione di Attivazione in Locale per l'applicazione server COM con CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
e APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
all'utente NT AUTHORITY\SID SERVIZIO LOCALE (S-1-5-19) dall'indirizzo LocalHost (tramite LRPC) in esecuzione nel SID del contenitore di applicazioni Non disponibile (Non disponibile). Per modificare tale autorizzazione di sicurezza, è possibile utilizzare lo strumento amministrativo Servizi componenti.

Error: (09/27/2017 04:47:29 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Il servizio CldFlt non è stato avviato per il seguente errore:
Richiesta non supportata.

Error: (09/27/2017 04:46:45 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Il servizio Cache tipi di carattere Windows Presentation Foundation 3.0.0.0 è stato arrestato in modo imprevisto. Questo problema si è verificato 1 volta/e. Le seguenti azioni di correzione saranno eseguite tra 0 millisecondi: Riavvia il servizio.

Error: (09/27/2017 04:46:45 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Arresto imprevista del servizio Dell Data Vault Processor. Questo evento si è già verificato 1 volta(e).

Error: (09/27/2017 04:46:45 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Arresto imprevista del servizio Waves Audio Services. Questo evento si è già verificato 1 volta(e).

Error: (09/27/2017 04:46:45 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Arresto imprevista del servizio Dell Data Vault Service API. Questo evento si è già verificato 1 volta(e).

Error: (09/27/2017 04:46:45 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Arresto imprevista del servizio Dell Data Vault Collector. Questo evento si è già verificato 1 volta(e).

Error: (09/27/2017 04:46:45 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Arresto imprevista del servizio Dell Update Service. Questo evento si è già verificato 1 volta(e).


CodeIntegrity:
===================================
Date: 2017-09-27 05:33:42.535
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2017-09-27 05:27:29.718
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2017-09-27 05:22:25.811
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2017-09-27 05:18:30.868
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2017-09-27 05:18:23.883
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2017-09-27 05:17:58.908
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2017-09-27 05:17:12.128
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2017-09-27 05:15:00.972
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2017-09-27 05:12:32.659
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2017-09-27 05:09:20.231
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-7700HQ CPU @ 2.80GHz
Percentage of memory in use: 40%
Total physical RAM: 16235.95 MB
Available physical RAM: 9619.22 MB
Total Virtual: 18667.95 MB
Available Virtual: 13320.01 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:460.73 GB) (Free:393.51 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 34F321CA)

Partition: GPT.

==================== End of Addition.txt ============================
FCIM1908 è offline   Rispondi citando il messaggio o parte di esso
Old 27-09-2017, 05:16   #24
FCIM1908
Member
 
Iscritto dal: Dec 2008
Messaggi: 61
Sul PC portatile ho potuto eseguire tutti i programmi indicati, non ho avuto il blocco di frst come su quello fisso (sul fisso ho bitdefender e sul portatile MacAfee...forse è questa la differenza).

Tra i due sono preoccupato più per il portatile, perché ha avuto due aggiornamenti del BIOS...che sospetto siano stati legati al virus ma magari no.

Dan, dammi il responso... grazie ancora.
FCIM1908 è offline   Rispondi citando il messaggio o parte di esso
Old 27-09-2017, 07:49   #25
Dan1979
Member
 
Iscritto dal: Jun 2017
Messaggi: 175
Ciao
facciamo chiarezza..
tutte le scansioni che hai effettuato compresa frst sono state fatte tutte nello stesso pc???

Il pc dove hai eseguito frst sembra pulito...
Comunque prendi il pc dove hai eseguito frst...
poi posiziona frst sul desktop assieme al file fixlist.txt allegato
tasto dx sopra frst--->esegui come amministratore
quando si apre clicca sul pulsante FIX
lascia finire e che il pc si riavvii (se non lo fa riavvia te)
posta il file fixlog


resetta i browser vedi qui http://it.ccm.net/faq/1767-come-ripristinare-il-browser
quando hai finito dovrai reinpostare la pagina iniziale dei browser

fai pulizia con ccleaner sia sistema che registro

Fa saper come va il pc...

Ciao
Allegati
File Type: txt fixlist.txt (1.4 KB, 1 visite)
Dan1979 è offline   Rispondi citando il messaggio o parte di esso
Old 27-09-2017, 20:28   #26
FCIM1908
Member
 
Iscritto dal: Dec 2008
Messaggi: 61
ciao.
Come dicevo ho due PC, uno fisso ed uno portatile. I primi report che ho postato sono tutti del fisso, poi ho postato quelli del portatile.

Sul fisso, non sono riuscito a eseguire FRST perché lo blocca e appare un messaggio di application error che dice:

"Exception EAccessViolation in module ERUNT.exe at 00003A68. Access violation at address 00403A68 in module 'ERUNT'.exe'. Write of address 0069005C."

Sul PC fisso ho avuto le segnalazioni da:
1) Adv Cleaner - due folders PUP.Optional.legacy - eliminati
2) Rogue kille - due file PUMP - li devo eliminare o sono falsi positivi?


Sul portatile ho avuto segnalazioni da:
1) Rogue Killer - due file PUMP - li devo eliminare o sono falsi positivi?


Nei report si dovrebbe vedere tutto.
Perché dici che il Pc portatile sembra pulito? Non possiamo dire che è pulito?
Certo che sono preoccupato comunque perché ha avuto, prima che mi rendessi conto della stupidaggine che avevo fatto, due aggiornamenti del BIOS. E' normale?
Ora eseguo quanto mi suggerisci ancora per il PC portatile (che è quello dove sono riuscito a far girare tutto), anche se mi intimorisce la tua frase: "poi fai sapere come va il PC...."

E per quanto riguarda il PC fisso?

Grazie
FCIM1908 è offline   Rispondi citando il messaggio o parte di esso
Old 27-09-2017, 20:54   #27
FCIM1908
Member
 
Iscritto dal: Dec 2008
Messaggi: 61
Sul PC portatile ho posizionato frst sul desktop assieme al file fixlist.txt che mi hai allegato
ho eseguito frst come amministratore ed una volta aperto ho cliccato su FIX
Allego il file del log.

Il PC si è riavviato da solo.

Poi volevo resettare il browser (Edge) ma non so come si fa, non riesco a capire e il link che mi hai dato non tratta il ripristino di Edge. Comunque sembra funzionare normalmente ed anche la pagina iniziale è rimasta quella...è un brutto segno?

Poi ho fatto pulizia con ccleaner sia sistema che registro e per il momento sembra tutto funzionare normalmente.

Fammi sapere.

Grazie

Ciao
Allegati
File Type: txt Fixlog.txt (7.4 KB, 1 visite)
FCIM1908 è offline   Rispondi citando il messaggio o parte di esso
Old 27-09-2017, 21:45   #28
Dan1979
Member
 
Iscritto dal: Jun 2017
Messaggi: 175
Azitutto il.pc portatile è pulito , devi dirmi te se va bene o riscontri dei problemi....
Per edge lascia stare se il portatile va bene...
Per gli altri browser se hai seguito le istruzioni del link è ok...la pag iniziale se gia era inpostata va bene uguale..

Cominciamo con il pc fisso...
Fammi un favore ripostami i report se gia li hai o rifai le scansioni....cosi non creiamo confusione...
Disabilita l antivirus e fai pulizia con ccleaner ,prima di eseguire frst..prova se va...
Devi eseguire frst dal desktop e come amministratore ...
Mi raccomando scarica la versione giusta per il tuo pc o a 32 o 64 bit...
Poi dimmi tutti i sintomi che riscontri sul pc fisso...
Ultima modifica di Dan1979 : 27-09-2017 alle 21:58.
Dan1979 è offline   Rispondi citando il messaggio o parte di esso
Old 28-09-2017, 18:08   #29
FCIM1908
Member
 
Iscritto dal: Dec 2008
Messaggi: 61
Grazie DAN.
Volevo chiudere con il PC portatile: quindi è tutto OK? Bene. I due file PUMP che mi ha segnalato Rogue Killer li lascio o li tolgo?


Passiamo al FISSO: ho eliminato alcuni blocchi ed ho fatto girare FRST anche sul FISSO.
Purtroppo anche in questo caso gli allegati sono troppo grandi e devo copiare e incollare. Procedo.
FCIM1908 è offline   Rispondi citando il messaggio o parte di esso
Old 28-09-2017, 18:09   #30
FCIM1908
Member
 
Iscritto dal: Dec 2008
Messaggi: 61
can result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-09-2017 01
Ran by Massimo (administrator) on PC-MASSIMO (28-09-2017 19:02:20)
Running from C:\Users\Massimo\Desktop
Loaded Profiles: Massimo (Available Profiles: Massimo)
Platform: Windows 10 Home Version 1703 (X64) Language: Italiano (Italia)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\vsserv.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
(Copyright (c) 2017 Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\vsservp.exe
() C:\Program Files (x86)\Photodex\ProShow Producer\scsiaccess.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
(Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
(Dell) C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe
(Dell Inc.) C:\Program Files\Dell\Dell Help & Support\MDLCSvc.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dell) C:\Program Files\Dell\Dell Foundation Services\DFS.Common.Agent.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
() C:\Program Files\EIZO\ColorNavigator 6\ColorNavigator 6.exe
() C:\Program Files\EIZO\ColorNavigator 6\core\cn6_eacore.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
(Copyright (c) 2017 Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_ep64.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_ep64.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssist\uaclauncher.exe
(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssist\uaclauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRSync.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Failed to access process -> MicrosoftEdgeCP.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdwtxag.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8512760 2015-08-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-08-04] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DropboxOEM] => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [462160 2014-09-02] ()
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58584 2017-05-30] (Raptr, Inc)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [51416 2017-08-17] (Copyright (c) 2017 Plays.tv, LLC)
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [588288 2016-01-08] (Nikon Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
HKU\S-1-5-21-925684549-1631372041-3969593942-1001\...\Run: [EPSON Stylus Photo R2400] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATI9SE.EXE [211456 2007-01-10] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-925684549-1631372041-3969593942-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421224 2017-05-18] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-925684549-1631372041-3969593942-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-18\...\Run: [EPSON Stylus Photo R2400] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATI9SE.EXE [211456 2007-01-10] (SEIKO EPSON CORPORATION)
Startup: C:\Users\Massimo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ColorNavigator 6.lnk [2017-07-07]
ShortcutTarget: ColorNavigator 6.lnk -> C:\Program Files\EIZO\ColorNavigator 6\ColorNavigator 6.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{08ef9d62-3123-408f-89bb-862044fabd0f}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{26431ded-4723-4d8e-8aab-38303ad447e8}: [DhcpNameServer] 10.72.0.68 10.72.0.69

Internet Explorer:
==================
HKU\S-1-5-21-925684549-1631372041-3969593942-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
SearchScopes: HKU\S-1-5-21-925684549-1631372041-3969593942-1001 -> DefaultScope {705F355A-2E54-4618-BAF3-7CE9CE440EBB} URL =
SearchScopes: HKU\S-1-5-21-925684549-1631372041-3969593942-1001 -> {705F355A-2E54-4618-BAF3-7CE9CE440EBB} URL =
BHO: Portafoglio di Bitdefender -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2017-08-11] (Bitdefender)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Portafoglio di Bitdefender -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2017-08-11] (Bitdefender)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKLM - Portafoglio di Bitdefender - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2017-08-11] (Bitdefender)
Toolbar: HKLM-x32 - Portafoglio di Bitdefender - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2017-08-11] (Bitdefender)
DPF: HKLM-x32 {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} hxxps://support.dell.com/systemprofiler/SysProExe.CAB

FireFox:
========
FF HKLM\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff
FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff [2017-08-29]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext [2017-08-29] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-02-19] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-02-19] (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @photodex.com/PhotodexPresenter -> C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll [2015-12-01] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin HKU\S-1-5-21-925684549-1631372041-3969593942-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Massimo\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-11-03] (Citrix Online)

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2090152 2017-08-11] (Bitdefender)
S2 CLKMSVC10_99E320F5; C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe [243464 2013-08-06] (CyberLink)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [208760 2017-07-27] (Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3294584 2017-07-27] (Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [217464 2017-07-27] (Dell Inc.)
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [130936 2016-12-21] (Dell Inc.)
R2 Dell Foundation Services; C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe [97616 2017-01-11] (Dell)
R2 Dell Help & Support; C:\Program Files\Dell\Dell Help & Support\MDLCSvc.exe [77648 2016-12-22] (Dell Inc.)
S3 DellProdRegManager; C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe [278568 2014-10-31] (Aviata, Inc.)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [230248 2017-05-01] (Dell Inc.)
R2 DevMgmtService; C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe [103072 2017-08-17] (Bitdefender)
R2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1093136 2017-05-18] (Garmin Ltd. or its subsidiaries)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-02-19] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-01-17] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-02-19] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [55000 2017-08-17] (Copyright (c) 2017 Plays.tv, LLC)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1269824 2017-06-21] (Bitdefender)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-30] (CyberLink)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [312056 2015-08-04] (Realtek Semiconductor)
R2 ScsiAccess; C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe [186760 2015-12-01] ()
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [2065808 2016-01-04] (SoftThinks SAS)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [53208 2017-09-22] (Dell Inc.)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [218416 2017-08-17] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\vsserv.exe [1421608 2017-08-17] (Bitdefender)
R2 vsservp; C:\Program Files\Bitdefender\Bitdefender Security\vsservp.exe [524872 2016-08-25] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [23240 2016-03-21] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmdag.sys [36558208 2017-05-16] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmpag.sys [528760 2017-05-16] (Advanced Micro Devices, Inc.)
R0 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [950160 2017-06-07] (BitDefender S.R.L. Bucharest, ROMANIA)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [111120 2016-03-01] (Advanced Micro Devices)
R0 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [1612648 2017-04-19] (BitDefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [23672 2016-03-14] (Bitdefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [133088 2017-06-06] (BitDefender LLC)
R0 bdprivmon; C:\WINDOWS\System32\DRIVERS\bdprivmon.sys [47856 2017-05-11] (© Bitdefender SRL)
R1 BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [87912 2015-12-04] (BitDefender)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [32960 2017-04-11] (Dell Inc.)
R3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [32568 2017-04-11] (Dell Computer Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-08-24] ()
R0 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [187688 2017-05-11] (BitDefender LLC)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [230144 2016-11-11] (Intel Corporation)
R0 Ignis; C:\WINDOWS\system32\DRIVERS\ignis.sys [346704 2017-06-08] (Bitdefender)
R3 libusb0; C:\WINDOWS\system32\DRIVERS\libusb0.sys [44480 2011-05-17] (hxxp://libusb-win32.sourceforge.net)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [192960 2017-09-25] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [101824 2017-09-27] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [45472 2017-09-27] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [253888 2017-09-27] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [94144 2017-09-28] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [116736 2014-02-19] (Intel Corporation)
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3776792 2015-06-21] (Intel Corporation)
R3 PCDSRVC{3B54B31B-D06B6431-06020200}_0; c:\program files\dell\supportassist\pcdsrvc_x64.pkms [25584 2017-09-12] (PC-Doctor, Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-05-29] (Realtek )
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 Spyder3; C:\WINDOWS\System32\drivers\Spyder3.sys [15360 2010-03-30] ()
R3 Spyder5; C:\WINDOWS\System32\drivers\dccmtr.sys [15360 2015-04-13] (Datacolor)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [439576 2017-04-11] (BitDefender S.R.L.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-09-28 19:01 - 2017-09-28 19:02 - 000021444 _____ C:\Users\Massimo\Desktop\FRST.txt
2017-09-28 18:57 - 2017-09-28 18:57 - 002399744 _____ (Farbar) C:\Users\Massimo\Desktop\FRST64.exe
2017-09-28 18:48 - 2017-09-28 18:48 - 000000000 ___HD C:\OneDriveTemp
2017-09-27 21:11 - 2017-09-27 21:11 - 000003932 _____ C:\WINDOWS\System32\Tasks\Dell SupportAssistAgent AnonymousRegistration
2017-09-27 05:35 - 2017-09-28 19:02 - 000000000 ____D C:\FRST
2017-09-27 05:30 - 2017-09-19 01:20 - 001065104 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-09-27 05:30 - 2017-09-19 01:20 - 000900376 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-09-27 05:30 - 2017-09-19 01:18 - 000965024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-09-27 05:30 - 2017-09-19 01:17 - 001395664 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-09-27 05:30 - 2017-09-19 01:17 - 001186464 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-09-27 05:30 - 2017-09-19 01:17 - 001147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-09-27 05:30 - 2017-09-19 01:17 - 001024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-09-27 05:30 - 2017-09-19 01:17 - 000821664 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-09-27 05:30 - 2017-09-19 01:11 - 001018272 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2017-09-27 05:30 - 2017-09-19 01:09 - 000554400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-09-27 05:30 - 2017-09-19 00:26 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2017-09-27 05:30 - 2017-09-19 00:25 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\eShims.dll
2017-09-27 05:30 - 2017-09-19 00:23 - 000210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2017-09-27 05:30 - 2017-09-19 00:20 - 000831488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-09-27 05:30 - 2017-09-19 00:20 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tetheringclient.dll
2017-09-27 05:30 - 2017-09-19 00:18 - 001398784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-09-27 05:30 - 2017-09-19 00:15 - 000648704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-09-27 05:23 - 2017-09-27 05:31 - 000000000 ____D C:\Users\Massimo\Desktop\mbar
2017-09-27 05:23 - 2017-09-27 05:30 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-09-27 05:21 - 2017-09-27 05:22 - 016563352 _____ (Malwarebytes Corp.) C:\Users\Massimo\Downloads\mbar-1.09.3.1001.exe
2017-09-25 21:09 - 2017-09-28 18:57 - 000000000 ____D C:\Users\Massimo\AppData\Local\CrashDumps
2017-09-25 19:59 - 2017-09-25 19:59 - 000028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2017-09-25 19:58 - 2017-09-25 21:21 - 000000000 ____D C:\ProgramData\RogueKiller
2017-09-25 19:58 - 2017-09-25 19:58 - 026704968 _____ C:\Users\Massimo\Downloads\RogueKiller_portable64.exe
2017-09-25 19:55 - 2017-09-25 19:55 - 035910920 _____ (Adlice Software ) C:\Users\Massimo\Downloads\setup.exe
2017-09-25 19:45 - 2017-09-25 19:58 - 000291704 _____ C:\TDSSKiller.3.1.0.15_25.09.2017_19.45.34_log.txt
2017-09-25 19:45 - 2017-09-25 19:45 - 004922400 _____ (AO Kaspersky Lab) C:\Users\Massimo\Downloads\tdsskiller.exe
2017-09-25 19:35 - 2017-09-25 19:40 - 000000000 ____D C:\AdwCleaner
2017-09-25 19:35 - 2017-09-25 19:35 - 008182736 _____ (Malwarebytes) C:\Users\Massimo\Downloads\AdwCleaner.exe
2017-09-25 19:33 - 2017-09-25 21:07 - 000000000 ____D C:\Users\Massimo\Documents\Virus
2017-09-25 19:30 - 2017-09-28 18:53 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-09-25 19:30 - 2017-09-27 21:05 - 000101824 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-09-25 19:30 - 2017-09-27 21:05 - 000045472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-09-25 19:30 - 2017-09-25 19:30 - 000192960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-09-25 19:29 - 2017-09-27 21:05 - 000253888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-09-25 19:29 - 2017-09-27 05:23 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-09-25 19:29 - 2017-09-25 19:29 - 000001914 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-09-25 19:29 - 2017-09-25 19:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-09-25 19:29 - 2017-09-25 19:29 - 000000000 ____D C:\Program Files\Malwarebytes
2017-09-25 19:29 - 2017-08-24 11:27 - 000077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-09-25 19:27 - 2017-09-25 19:27 - 068408664 _____ (Malwarebytes ) C:\Users\Massimo\Downloads\mb3-setup-35891.35891-3.2.2.2029.exe
2017-09-23 18:43 - 2017-09-23 18:43 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign2a320bc09aae1a80
2017-09-23 18:39 - 2017-09-23 18:39 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign479c025829a95e42
2017-09-23 18:30 - 2017-09-23 18:30 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignda40dfc5ab25363f
2017-09-23 18:30 - 2017-09-23 18:30 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign2ddaface99846a8a
2017-09-23 13:02 - 2017-09-23 13:02 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign7997380020e32786
2017-09-23 12:47 - 2017-09-23 12:47 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign53c364e1a5886650
2017-09-23 12:47 - 2017-09-23 12:47 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign4da0e6ce8ca3057d
2017-09-23 12:04 - 2017-09-23 12:04 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign06e83898d9f60461
2017-09-23 12:02 - 2017-09-23 12:02 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign8c837a2b26383563
2017-09-23 12:02 - 2017-09-23 12:02 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign4c1bb57f89fc1310
2017-09-23 11:57 - 2017-09-27 06:06 - 000003146 _____ C:\bdlog.txt
2017-09-23 11:56 - 2017-09-23 11:56 - 000000000 ____D C:\Users\Massimo\AppData\Temp
2017-09-23 11:54 - 2017-09-23 11:54 - 000057201 _____ C:\ProgramData\dm.1506160479.bdinstall.bin
2017-09-23 11:54 - 2017-09-23 11:54 - 000000000 ____D C:\ProgramData\Bitdefender Device Management
2017-09-23 11:49 - 2017-09-23 11:49 - 000477336 _____ C:\ProgramData\cl.1506159941.bdinstall.bin
2017-09-23 11:49 - 2017-09-23 11:49 - 000003420 _____ C:\WINDOWS\System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C
2017-09-23 11:47 - 2017-09-23 11:47 - 000002345 _____ C:\Users\Public\Desktop\Bitdefender.lnk
2017-09-23 11:47 - 2017-09-23 11:47 - 000000385 _____ C:\WINDOWS\system32\user_gensett.xml
2017-09-23 11:47 - 2017-09-23 11:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender Security
2017-09-23 11:47 - 2017-09-23 11:47 - 000000000 ____D C:\ProgramData\BDLogging
2017-09-23 11:47 - 2017-09-23 11:47 - 000000000 ____D C:\ProgramData\Atc
2017-09-23 11:46 - 2017-09-23 12:13 - 000000000 ____D C:\ProgramData\Bitdefender
2017-09-23 11:46 - 2017-09-23 11:54 - 000000000 ____D C:\Users\Massimo\AppData\Roaming\Bitdefender
2017-09-23 11:46 - 2017-09-23 11:46 - 000000000 ____D C:\Users\Massimo\AppData\Roaming\QuickScan
2017-09-23 11:46 - 2017-06-08 05:19 - 000346704 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\ignis.sys
2017-09-23 11:46 - 2017-06-07 05:04 - 000950160 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\atc.sys
2017-09-23 11:46 - 2017-05-11 05:37 - 000187688 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys
2017-09-23 11:46 - 2017-05-11 05:16 - 000047856 _____ (© Bitdefender SRL) C:\WINDOWS\system32\Drivers\bdprivmon.sys
2017-09-23 11:46 - 2017-04-19 07:19 - 001612648 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avc3.sys
2017-09-23 11:46 - 2016-03-14 22:04 - 000023672 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bdelam.sys
2017-09-23 11:46 - 2015-12-04 19:27 - 000087912 _____ (BitDefender) C:\WINDOWS\system32\Drivers\bdvedisk.sys
2017-09-23 11:46 - 2007-04-11 11:11 - 000511328 _____ (Microsoft Corporation) C:\WINDOWS\capicom.dll
2017-09-23 11:45 - 2017-09-23 11:54 - 000000000 ____D C:\Program Files\Bitdefender
2017-09-23 11:45 - 2017-04-11 04:19 - 000439576 _____ (BitDefender S.R.L.) C:\WINDOWS\system32\Drivers\trufos.sys
2017-09-23 11:43 - 2017-09-23 11:42 - 000544424 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-09-23 11:39 - 2017-09-23 11:46 - 000000000 ____D C:\Program Files\Common Files\Bitdefender
2017-09-23 11:39 - 2017-09-23 11:39 - 000003802 _____ C:\WINDOWS\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2017-09-23 11:37 - 2017-09-28 18:48 - 000000000 ____D C:\Program Files\Bitdefender Agent
2017-09-23 11:37 - 2017-09-23 11:37 - 009932864 _____ C:\Users\Massimo\Downloads\bitdefender_windows_1bbfc0b3-937d-461b-a1c3-17633c7763c0.exe
2017-09-23 11:37 - 2017-09-23 11:37 - 000048643 _____ C:\ProgramData\agent.1506159450.bdinstall.bin
2017-09-23 11:37 - 2017-09-23 11:37 - 000000000 ____D C:\ProgramData\Bitdefender Agent
2017-09-20 19:27 - 2017-09-20 19:27 - 000001052 _____ C:\Users\Public\Desktop\SupportAssist.lnk
2017-09-20 19:27 - 2017-09-20 19:27 - 000000000 ____D C:\ProgramData\PC-Doctor for Windows
2017-09-20 19:27 - 2017-09-20 19:27 - 000000000 ____D C:\Program Files\Dell Support Center
2017-09-17 17:08 - 2017-09-17 17:08 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign893c25815c3e4e3a
2017-09-17 17:06 - 2017-09-17 17:06 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign7987e0021284a74e
2017-09-17 17:06 - 2017-09-17 17:06 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign10ea50dbf0c340f7
2017-09-16 19:56 - 2017-09-16 19:56 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign62dd29928e5a996b
2017-09-16 19:50 - 2017-09-16 19:50 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignb77f2abb1ed1c4b0
2017-09-16 19:48 - 2017-09-16 19:48 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignd2f2a585e3b848fa
2017-09-16 19:46 - 2017-09-16 19:46 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign0fbdb4686c8ecb22
2017-09-16 19:45 - 2017-09-16 19:45 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign366ab3d56b989fd6
2017-09-16 19:41 - 2017-09-16 19:41 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign7232ff2237a0e253
2017-09-16 19:19 - 2017-09-16 19:19 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign084b333675e35f54
2017-09-16 19:17 - 2017-09-16 19:17 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign526ef1bb8f88d475
2017-09-16 19:07 - 2017-09-16 19:07 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignf20327fecb0193a9
2017-09-16 19:06 - 2017-09-16 19:06 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsigndb98f867a6e6e1e7
2017-09-16 19:06 - 2017-09-16 19:06 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign34981d465a0fd3b8
2017-09-16 19:05 - 2017-09-16 19:05 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign9d29a0b28ce26a7f
2017-09-16 19:05 - 2017-09-16 19:05 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign11ee28dc4eacab8b
2017-09-16 12:00 - 2017-09-16 12:00 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign6454ee7fd0890f18
2017-09-16 11:59 - 2017-09-16 11:59 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign5629d315608a90a9
2017-09-16 11:58 - 2017-09-16 11:58 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignb3103856265dec45
2017-09-16 11:54 - 2017-09-16 11:54 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign1c4274d3e38961df
2017-09-16 11:51 - 2017-09-16 11:51 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignd51fef8312f2101a
2017-09-16 11:30 - 2017-09-16 11:30 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign833d8b9700f933df
2017-09-16 11:18 - 2017-09-16 11:18 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignc8c51583e68e24b3
2017-09-16 11:18 - 2017-09-16 11:18 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign8248ae5e369eed0a
2017-09-16 10:57 - 2017-09-16 10:57 - 000000917 _____ C:\Users\Massimo\Desktop\SNS-HDR Home 2.lnk
2017-09-16 10:57 - 2017-09-16 10:57 - 000000000 ____D C:\Users\Massimo\Documents\SNS-HDR
2017-09-16 10:57 - 2017-09-16 10:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SNS-HDR Home 2
2017-09-16 10:57 - 2017-09-16 10:57 - 000000000 ____D C:\Program Files\SNS-HDR Home 2
2017-09-15 12:36 - 2017-09-15 12:36 - 000000000 ____D C:\WINDOWS\PCHEALTH
2017-09-15 12:35 - 2017-09-05 07:30 - 000287648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-09-15 12:35 - 2017-09-05 07:21 - 000189344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-09-15 12:35 - 2017-09-05 07:18 - 000820128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-09-15 12:35 - 2017-09-05 07:16 - 000546208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-09-15 12:35 - 2017-09-05 07:12 - 001409048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-09-15 12:35 - 2017-09-05 07:12 - 001292880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-09-15 12:35 - 2017-09-05 07:12 - 000627080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-09-15 12:35 - 2017-09-05 07:12 - 000081176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2017-09-15 12:35 - 2017-09-05 07:11 - 002675104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-09-15 12:35 - 2017-09-05 06:53 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-09-15 12:35 - 2017-09-05 06:52 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-09-15 12:35 - 2017-09-05 06:50 - 004330920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2017-09-15 12:35 - 2017-09-05 06:46 - 004471888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-09-15 12:35 - 2017-09-05 06:45 - 005821496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-09-15 12:35 - 2017-09-05 06:45 - 002476712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-09-15 12:35 - 2017-09-05 06:45 - 002166808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-09-15 12:35 - 2017-09-05 06:45 - 000750496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-09-15 12:35 - 2017-09-05 06:45 - 000085784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialUIBroker.exe
2017-09-15 12:35 - 2017-09-05 06:44 - 000569264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2017-09-15 12:35 - 2017-09-05 06:43 - 000611096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-09-15 12:35 - 2017-09-05 06:43 - 000359560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-09-15 12:35 - 2017-09-05 06:43 - 000280480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-09-15 12:35 - 2017-09-05 06:43 - 000169376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-09-15 12:35 - 2017-09-05 06:43 - 000042456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbs.dll
2017-09-15 12:35 - 2017-09-05 06:42 - 002330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-09-15 12:35 - 2017-09-05 06:42 - 000703056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-09-15 12:35 - 2017-09-05 06:42 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-09-15 12:35 - 2017-09-05 06:42 - 000291904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2017-09-15 12:35 - 2017-09-05 06:42 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-09-15 12:35 - 2017-09-05 06:41 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-09-15 12:35 - 2017-09-05 06:41 - 006761560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-09-15 12:35 - 2017-09-05 06:41 - 004671832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-09-15 12:35 - 2017-09-05 06:41 - 001106904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2017-09-15 12:35 - 2017-09-05 06:41 - 001013912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2017-09-15 12:35 - 2017-09-05 06:40 - 000052768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2017-09-15 12:35 - 2017-09-05 06:37 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-09-15 12:35 - 2017-09-05 06:28 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2017-09-15 12:35 - 2017-09-05 06:28 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys
2017-09-15 12:35 - 2017-09-05 06:27 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-09-15 12:35 - 2017-09-05 06:27 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2017-09-15 12:35 - 2017-09-05 06:26 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-09-15 12:35 - 2017-09-05 06:26 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-09-15 12:35 - 2017-09-05 06:26 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2017-09-15 12:35 - 2017-09-05 06:26 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2017-09-15 12:35 - 2017-09-05 06:25 - 013844480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-09-15 12:35 - 2017-09-05 06:25 - 001448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-09-15 12:35 - 2017-09-05 06:25 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2017-09-15 12:35 - 2017-09-05 06:25 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-09-15 12:35 - 2017-09-05 06:24 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-09-15 12:35 - 2017-09-05 06:23 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-09-15 12:35 - 2017-09-05 06:22 - 000742912 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2017-09-15 12:35 - 2017-09-05 06:22 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2017-09-15 12:35 - 2017-09-05 06:22 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-09-15 12:35 - 2017-09-05 06:22 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2017-09-15 12:35 - 2017-09-05 06:22 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-09-15 12:35 - 2017-09-05 06:22 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-09-15 12:35 - 2017-09-05 06:21 - 006728704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-09-15 12:35 - 2017-09-05 06:21 - 001178624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2017-09-15 12:35 - 2017-09-05 06:21 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-09-15 12:35 - 2017-09-05 06:21 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2017-09-15 12:35 - 2017-09-05 06:21 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2017-09-15 12:35 - 2017-09-05 06:21 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.exe
2017-09-15 12:35 - 2017-09-05 06:20 - 000370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-09-15 12:35 - 2017-09-05 06:19 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-09-15 12:35 - 2017-09-05 06:19 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.dll
2017-09-15 12:35 - 2017-09-05 06:19 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2017-09-15 12:35 - 2017-09-05 06:19 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput.dll
2017-09-15 12:35 - 2017-09-05 06:18 - 000524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2017-09-15 12:35 - 2017-09-05 06:18 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-09-15 12:35 - 2017-09-05 06:18 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-09-15 12:35 - 2017-09-05 06:18 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasplap.dll
2017-09-15 12:35 - 2017-09-05 06:18 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput8.dll
2017-09-15 12:35 - 2017-09-05 06:18 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasman.dll
2017-09-15 12:35 - 2017-09-05 06:17 - 008213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-09-15 12:35 - 2017-09-05 06:17 - 000918528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2017-09-15 12:35 - 2017-09-05 06:17 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2017-09-15 12:35 - 2017-09-05 06:17 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2017-09-15 12:35 - 2017-09-05 06:17 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-09-15 12:35 - 2017-09-05 06:16 - 005961728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-09-15 12:35 - 2017-09-05 06:16 - 000844288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2017-09-15 12:35 - 2017-09-05 06:16 - 000563200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2017-09-15 12:35 - 2017-09-05 06:16 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-09-15 12:35 - 2017-09-05 06:16 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2017-09-15 12:35 - 2017-09-05 06:15 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-09-15 12:35 - 2017-09-05 06:15 - 000657408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2017-09-15 12:35 - 2017-09-05 06:15 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-09-15 12:35 - 2017-09-05 06:15 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-09-15 12:35 - 2017-09-05 06:15 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2017-09-15 12:35 - 2017-09-05 06:14 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-09-15 12:35 - 2017-09-05 06:14 - 001046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-09-15 12:35 - 2017-09-05 06:14 - 000754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-09-15 12:35 - 2017-09-05 06:14 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-09-15 12:35 - 2017-09-05 06:14 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2017-09-15 12:35 - 2017-09-05 06:13 - 007598080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-09-15 12:35 - 2017-09-05 06:13 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-09-15 12:35 - 2017-09-05 06:12 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-09-15 12:35 - 2017-09-05 06:12 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-09-15 12:35 - 2017-09-05 06:12 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-09-15 12:35 - 2017-09-05 06:11 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-09-15 12:35 - 2017-09-05 06:11 - 001355264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2017-09-15 12:35 - 2017-09-05 06:11 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-09-15 12:35 - 2017-09-05 06:11 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-09-15 12:35 - 2017-09-05 06:11 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-09-15 12:35 - 2017-09-05 06:10 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-09-15 12:35 - 2017-09-05 06:10 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-09-15 12:35 - 2017-09-05 06:10 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-09-15 12:35 - 2017-09-05 06:10 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthHFSrv.dll
2017-09-15 12:35 - 2017-09-05 06:06 - 000221696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2017-09-15 12:35 - 2017-09-05 06:06 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-09-15 12:35 - 2017-09-05 06:04 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RstrtMgr.dll
2017-09-15 12:35 - 2017-09-05 06:04 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-09-15 12:34 - 2017-09-05 07:31 - 001596592 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-09-15 12:34 - 2017-09-05 07:31 - 001346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-09-15 12:34 - 2017-09-05 07:31 - 000750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-09-15 12:34 - 2017-09-05 07:31 - 000115792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2017-09-15 12:34 - 2017-09-05 07:27 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-09-15 12:34 - 2017-09-05 07:27 - 000136096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-09-15 12:34 - 2017-09-05 07:26 - 008319904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-09-15 12:34 - 2017-09-05 07:26 - 001930840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-09-15 12:34 - 2017-09-05 07:25 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-09-15 12:34 - 2017-09-05 07:25 - 000159648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-09-15 12:34 - 2017-09-05 07:24 - 000923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-09-15 12:34 - 2017-09-05 07:24 - 000519584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2017-09-15 12:34 - 2017-09-05 07:23 - 004462120 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2017-09-15 12:34 - 2017-09-05 07:23 - 001242528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-09-15 12:34 - 2017-09-05 07:20 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2017-09-15 12:34 - 2017-09-05 07:19 - 004848960 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-09-15 12:34 - 2017-09-05 07:19 - 002443168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-09-15 12:34 - 2017-09-05 07:18 - 007326128 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-09-15 12:34 - 2017-09-05 07:18 - 005477096 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-09-15 12:34 - 2017-09-05 07:18 - 002972552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2017-09-15 12:34 - 2017-09-05 07:18 - 002647224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-09-15 12:34 - 2017-09-05 07:18 - 001668344 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2017-09-15 12:34 - 2017-09-05 07:18 - 000685512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2017-09-15 12:34 - 2017-09-05 07:18 - 000212384 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-09-15 12:34 - 2017-09-05 07:17 - 000316320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-09-15 12:34 - 2017-09-05 07:16 - 001320344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-09-15 12:34 - 2017-09-05 07:16 - 000872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-09-15 12:34 - 2017-09-05 07:16 - 000724200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-09-15 12:34 - 2017-09-05 07:16 - 000715168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2017-09-15 12:34 - 2017-09-05 07:16 - 000410168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-09-15 12:34 - 2017-09-05 07:16 - 000228256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-09-15 12:34 - 2017-09-05 07:16 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-09-15 12:34 - 2017-09-05 07:16 - 000049720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbs.dll
2017-09-15 12:34 - 2017-09-05 07:15 - 003116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-09-15 12:34 - 2017-09-05 07:15 - 000871448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-09-15 12:34 - 2017-09-05 07:15 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-09-15 12:34 - 2017-09-05 07:15 - 000381824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2017-09-15 12:34 - 2017-09-05 07:15 - 000257440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-09-15 12:34 - 2017-09-05 07:14 - 021352656 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-09-15 12:34 - 2017-09-05 07:14 - 007907344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-09-15 12:34 - 2017-09-05 07:14 - 004708504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-09-15 12:34 - 2017-09-05 07:14 - 001146176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2017-09-15 12:34 - 2017-09-05 07:14 - 000958664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2017-09-15 12:34 - 2017-09-05 07:14 - 000254176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-09-15 12:34 - 2017-09-05 07:14 - 000094624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-09-15 12:34 - 2017-09-05 07:13 - 001619816 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-09-15 12:34 - 2017-09-05 07:13 - 000064680 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2017-09-15 12:34 - 2017-09-05 07:11 - 000610720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2017-09-15 12:34 - 2017-09-05 07:11 - 000387936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-09-15 12:34 - 2017-09-05 06:53 - 001620880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-09-15 12:34 - 2017-09-05 06:45 - 023679488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-09-15 12:34 - 2017-09-05 06:31 - 003668992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-09-15 12:34 - 2017-09-05 06:30 - 001639936 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-09-15 12:34 - 2017-09-05 06:30 - 001275904 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-09-15 12:34 - 2017-09-05 06:30 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-09-15 12:34 - 2017-09-05 06:30 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-09-15 12:34 - 2017-09-05 06:30 - 000447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-09-15 12:34 - 2017-09-05 06:30 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-09-15 12:34 - 2017-09-05 06:30 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-09-15 12:34 - 2017-09-05 06:30 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll
2017-09-15 12:34 - 2017-09-05 06:30 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-09-15 12:34 - 2017-09-05 06:29 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrPS.dll
2017-09-15 12:34 - 2017-09-05 06:28 - 017371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-09-15 12:34 - 2017-09-05 06:28 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-09-15 12:34 - 2017-09-05 06:27 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-09-15 12:34 - 2017-09-05 06:27 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\CfgSPCellular.dll
2017-09-15 12:34 - 2017-09-05 06:27 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAPNCsp.dll
2017-09-15 12:34 - 2017-09-05 06:27 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-09-15 12:34 - 2017-09-05 06:27 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\datamarketsvc.dll
2017-09-15 12:34 - 2017-09-05 06:27 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-09-15 12:34 - 2017-09-05 06:27 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-09-15 12:34 - 2017-09-05 06:26 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2017-09-15 12:34 - 2017-09-05 06:26 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\csplte.dll
2017-09-15 12:34 - 2017-09-05 06:26 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2017-09-15 12:34 - 2017-09-05 06:26 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2017-09-15 12:34 - 2017-09-05 06:26 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-09-15 12:34 - 2017-09-05 06:26 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-09-15 12:34 - 2017-09-05 06:26 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.exe
2017-09-15 12:34 - 2017-09-05 06:26 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnpinst.exe
2017-09-15 12:34 - 2017-09-05 06:25 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-09-15 12:34 - 2017-09-05 06:25 - 000527872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-09-15 12:34 - 2017-09-05 06:25 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-09-15 12:34 - 2017-09-05 06:25 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-09-15 12:34 - 2017-09-05 06:25 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nsiproxy.sys
2017-09-15 12:34 - 2017-09-05 06:24 - 000457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-09-15 12:34 - 2017-09-05 06:24 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\tpmvsc.dll
2017-09-15 12:34 - 2017-09-05 06:24 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.dll
2017-09-15 12:34 - 2017-09-05 06:24 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-09-15 12:34 - 2017-09-05 06:24 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2017-09-15 12:34 - 2017-09-05 06:24 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcrecovery.dll
2017-09-15 12:34 - 2017-09-05 06:24 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput.dll
2017-09-15 12:34 - 2017-09-05 06:24 - 000109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2017-09-15 12:34 - 2017-09-05 06:24 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-09-15 12:34 - 2017-09-05 06:23 - 020509184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-09-15 12:34 - 2017-09-05 06:23 - 000739840 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2017-09-15 12:34 - 2017-09-05 06:23 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-09-15 12:34 - 2017-09-05 06:23 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-09-15 12:34 - 2017-09-05 06:23 - 000305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2017-09-15 12:34 - 2017-09-05 06:23 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-09-15 12:34 - 2017-09-05 06:23 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2017-09-15 12:34 - 2017-09-05 06:23 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasman.dll
2017-09-15 12:34 - 2017-09-05 06:23 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2017-09-15 12:34 - 2017-09-05 06:22 - 023684608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-09-15 12:34 - 2017-09-05 06:22 - 000556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-09-15 12:34 - 2017-09-05 06:22 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-09-15 12:34 - 2017-09-05 06:22 - 000477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll
2017-09-15 12:34 - 2017-09-05 06:22 - 000413184 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2017-09-15 12:34 - 2017-09-05 06:22 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-09-15 12:34 - 2017-09-05 06:22 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2017-09-15 12:34 - 2017-09-05 06:22 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-09-15 12:34 - 2017-09-05 06:22 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-09-15 12:34 - 2017-09-05 06:22 - 000213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput8.dll
2017-09-15 12:34 - 2017-09-05 06:22 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
2017-09-15 12:34 - 2017-09-05 06:21 - 001051136 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2017-09-15 12:34 - 2017-09-05 06:21 - 000946688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2017-09-15 12:34 - 2017-09-05 06:21 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2017-09-15 12:34 - 2017-09-05 06:21 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2017-09-15 12:34 - 2017-09-05 06:21 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-09-15 12:34 - 2017-09-05 06:21 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2017-09-15 12:34 - 2017-09-05 06:20 - 007337472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-09-15 12:34 - 2017-09-05 06:20 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-09-15 12:34 - 2017-09-05 06:20 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-09-15 12:34 - 2017-09-05 06:20 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-09-15 12:34 - 2017-09-05 06:20 - 000546816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-09-15 12:34 - 2017-09-05 06:20 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-09-15 12:34 - 2017-09-05 06:20 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2017-09-15 12:34 - 2017-09-05 06:20 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-09-15 12:34 - 2017-09-05 06:19 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-09-15 12:34 - 2017-09-05 06:19 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-09-15 12:34 - 2017-09-05 06:19 - 001085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-09-15 12:34 - 2017-09-05 06:19 - 001028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-09-15 12:34 - 2017-09-05 06:19 - 000996864 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2017-09-15 12:34 - 2017-09-05 06:19 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-09-15 12:34 - 2017-09-05 06:19 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-09-15 12:34 - 2017-09-05 06:19 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2017-09-15 12:34 - 2017-09-05 06:19 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-09-15 12:34 - 2017-09-05 06:19 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-09-15 12:34 - 2017-09-05 06:18 - 012801536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-09-15 12:34 - 2017-09-05 06:18 - 004175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-09-15 12:34 - 2017-09-05 06:18 - 002078720 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-09-15 12:34 - 2017-09-05 06:18 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-09-15 12:34 - 2017-09-05 06:18 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2017-09-15 12:34 - 2017-09-05 06:18 - 000874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-09-15 12:34 - 2017-09-05 06:18 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-09-15 12:34 - 2017-09-05 06:18 - 000832000 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2017-09-15 12:34 - 2017-09-05 06:18 - 000803328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-09-15 12:34 - 2017-09-05 06:18 - 000752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-09-15 12:34 - 2017-09-05 06:18 - 000564736 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2017-09-15 12:34 - 2017-09-05 06:18 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-09-15 12:34 - 2017-09-05 06:18 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-09-15 12:34 - 2017-09-05 06:18 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-09-15 12:34 - 2017-09-05 06:18 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-09-15 12:34 - 2017-09-05 06:18 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-09-15 12:34 - 2017-09-05 06:17 - 008207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-09-15 12:34 - 2017-09-05 06:17 - 002765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-09-15 12:34 - 2017-09-05 06:17 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-09-15 12:34 - 2017-09-05 06:17 - 000757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2017-09-15 12:34 - 2017-09-05 06:16 - 002805248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-09-15 12:34 - 2017-09-05 06:16 - 002680320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2017-09-15 12:34 - 2017-09-05 06:16 - 000440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2017-09-15 12:34 - 2017-09-05 06:16 - 000397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-09-15 12:34 - 2017-09-05 06:16 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-09-15 12:34 - 2017-09-05 06:15 - 004730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-09-15 12:34 - 2017-09-05 06:15 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-09-15 12:34 - 2017-09-05 06:15 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-09-15 12:34 - 2017-09-05 06:15 - 003059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-09-15 12:34 - 2017-09-05 06:15 - 002503680 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-09-15 12:34 - 2017-09-05 06:15 - 002055680 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-09-15 12:34 - 2017-09-05 06:15 - 001736704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2017-09-15 12:34 - 2017-09-05 06:15 - 001460224 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-09-15 12:34 - 2017-09-05 06:15 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-09-15 12:34 - 2017-09-05 06:15 - 001143296 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-09-15 12:34 - 2017-09-05 06:15 - 001077248 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-09-15 12:34 - 2017-09-05 06:15 - 000706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-09-15 12:34 - 2017-09-05 06:15 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-09-15 12:34 - 2017-09-05 06:15 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-09-15 12:34 - 2017-09-05 06:14 - 011887104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-09-15 12:34 - 2017-09-05 06:14 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-09-15 12:34 - 2017-09-05 06:14 - 002445824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-09-15 12:34 - 2017-09-05 06:14 - 002177024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2017-09-15 12:34 - 2017-09-05 06:14 - 002006528 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2017-09-15 12:34 - 2017-09-05 06:14 - 001657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-09-15 12:34 - 2017-09-05 06:14 - 001583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-09-15 12:34 - 2017-09-05 06:14 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-09-15 12:34 - 2017-09-05 06:14 - 000827904 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-09-15 12:34 - 2017-09-05 06:14 - 000810496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-09-15 12:34 - 2017-09-05 06:13 - 002009600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-09-15 12:34 - 2017-09-05 06:13 - 001802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-09-15 12:34 - 2017-09-05 06:13 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-09-15 12:34 - 2017-09-05 06:12 - 006265856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-09-15 12:34 - 2017-09-05 06:12 - 002153984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2017-09-15 12:34 - 2017-09-05 06:11 - 003654656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-09-15 12:34 - 2017-09-05 06:11 - 001463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-09-15 12:34 - 2017-09-05 06:11 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2017-09-15 12:34 - 2017-09-05 06:09 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2017-09-15 12:34 - 2017-09-05 06:07 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\RstrtMgr.dll
2017-09-15 12:34 - 2017-09-05 06:07 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-09-15 12:34 - 2017-09-05 06:06 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-09-15 12:34 - 2017-09-01 07:55 - 000031932 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-09-10 11:56 - 2017-09-10 11:56 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignee18b00e325a1e80
2017-09-10 11:53 - 2017-09-10 11:53 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign9c85a5e26f0a7895
2017-09-10 11:51 - 2017-09-10 11:51 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign538caf5474ceeabc
2017-09-10 11:49 - 2017-09-10 11:49 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign6fa9b74abd1fb3a1
2017-09-10 11:45 - 2017-09-10 11:45 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignbb386aaa93fbea85
2017-09-10 11:23 - 2017-09-10 11:23 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign891995a444fba673
2017-09-10 10:18 - 2017-09-10 10:18 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignf98c9c47f93ca431
2017-09-10 10:16 - 2017-09-10 10:16 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign04d653af51384666
2017-09-10 10:08 - 2017-09-10 10:08 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignd5187fbba5a664ed
2017-09-10 10:06 - 2017-09-10 10:06 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign4aa0d5c0956907c2
2017-09-10 10:02 - 2017-09-10 10:02 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign646ab2eec7c9e779
2017-09-10 09:54 - 2017-09-10 09:54 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsigna7cb8441e112d5f7
2017-09-10 09:43 - 2017-09-10 09:43 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign1d61bc997ca07367
2017-09-10 09:39 - 2017-09-10 09:39 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign657ed2562342561d
2017-09-10 09:37 - 2017-09-10 09:37 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign9c2a9532d8cc2517
2017-09-10 09:37 - 2017-09-10 09:37 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign40e3e5af22dfa156
2017-09-10 09:37 - 2017-09-10 09:37 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign39999b75eb0c922e
2017-09-10 09:37 - 2017-09-10 09:37 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign206bfaf458893073
2017-09-09 18:45 - 2017-09-09 18:45 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign043a21c81399d682
2017-09-09 18:42 - 2017-09-09 18:42 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign5e49fc571219bb1a
2017-09-09 18:40 - 2017-09-09 18:40 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignc00ea6420f47aa89
2017-09-09 18:34 - 2017-09-09 18:34 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsigna01fe20e43eef2f3
2017-09-09 18:28 - 2017-09-09 18:28 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsigne975c3133a042e6e
2017-09-09 18:21 - 2017-09-09 18:21 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignb1948ee5a5e73b5f
2017-09-09 18:18 - 2017-09-09 18:18 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignd1d46bcbf974787a
2017-09-09 18:17 - 2017-09-09 18:17 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign4ae3ad1da5dc5a6d
2017-09-09 18:16 - 2017-09-09 18:16 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignb588effe2b5a4d95
2017-09-09 18:08 - 2017-09-09 18:08 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign6ea268cae19881f7
2017-09-09 18:00 - 2017-09-09 18:00 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignef834f4688bde796
2017-09-09 17:58 - 2017-09-09 17:58 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignf8dfc166985e0737
2017-09-09 17:58 - 2017-09-09 17:58 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignd797bb9123a1fe57
2017-09-09 17:58 - 2017-09-09 17:58 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignc170cdf4cae92f1a
2017-09-09 17:58 - 2017-09-09 17:58 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign2d45ef39af036982

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-09-28 18:53 - 2016-10-07 12:32 - 000060003 _____ C:\IFRToolLog.txt
2017-09-28 18:53 - 2015-05-26 20:10 - 000000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2017-09-28 18:52 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-09-28 18:52 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-09-28 18:51 - 2017-07-05 22:02 - 000004180 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{81E0AA04-6B72-44DD-AA52-09C77A6592D4}
2017-09-28 18:51 - 2015-07-07 22:58 - 000000000 ____D C:\Users\Massimo\AppData\Local\Adobe
2017-09-28 18:48 - 2016-04-02 09:09 - 000000000 ____D C:\Users\Massimo\AppData\Roaming\PlaysTV
2017-09-28 18:48 - 2015-12-22 17:13 - 000000000 ____D C:\Users\Massimo\AppData\Roaming\Raptr
2017-09-28 18:48 - 2015-07-07 22:51 - 000000000 __RDO C:\Users\Massimo\OneDrive
2017-09-27 22:17 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-09-27 22:14 - 2017-07-05 21:56 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-09-27 21:33 - 2015-07-07 22:48 - 000000000 ____D C:\Users\Massimo\AppData\Local\Packages
2017-09-27 21:13 - 2016-01-17 17:38 - 000000000 ____D C:\Users\Massimo\Documents\Running
2017-09-27 21:11 - 2017-03-18 23:01 - 000000000 ____D C:\WINDOWS\INF
2017-09-27 21:10 - 2017-03-18 13:40 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2017-09-27 21:09 - 2017-07-05 22:04 - 002192586 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-09-27 21:09 - 2017-03-20 06:10 - 000997506 _____ C:\WINDOWS\system32\perfh010.dat
2017-09-27 21:09 - 2017-03-20 06:10 - 000209364 _____ C:\WINDOWS\system32\perfc010.dat
2017-09-27 21:05 - 2017-07-05 22:02 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-09-27 21:05 - 2015-12-04 10:11 - 000147656 ____N (CyberLink Corp.) C:\WINDOWS\system32\Drivers\rikvm_99E320F5.sys
2017-09-27 06:06 - 2017-07-05 21:57 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-09-27 06:06 - 2017-03-18 13:40 - 001572864 _____ C:\WINDOWS\system32\config\BBI
2017-09-27 06:00 - 2017-03-18 22:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-09-25 20:25 - 2013-08-22 17:36 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-09-24 18:42 - 2015-09-13 17:19 - 000000000 ____D C:\Users\Massimo\Documents\ARCHIVIO FOTO
2017-09-23 12:05 - 2015-07-07 23:02 - 000000000 ____D C:\ProgramData\Adobe
2017-09-23 11:55 - 2017-03-18 23:03 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2017-09-23 11:55 - 2017-03-18 23:03 - 000000000 ___RD C:\WINDOWS\Offline Web Pages
2017-09-23 11:45 - 2015-05-26 20:14 - 000000000 ____D C:\ProgramData\McAfee
2017-09-23 11:45 - 2015-05-26 20:14 - 000000000 ____D C:\Program Files\Common Files\McAfee
2017-09-23 11:43 - 2017-07-05 22:02 - 000000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2017-09-23 11:40 - 2015-10-30 08:28 - 000000000 ____D C:\Users\Default.migrated
2017-09-22 14:05 - 2017-07-27 21:20 - 000003370 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-925684549-1631372041-3969593942-1001
2017-09-22 14:05 - 2015-12-04 12:48 - 000002459 _____ C:\Users\Massimo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-09-20 19:27 - 2015-05-26 20:10 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2017-09-16 11:10 - 2015-11-29 22:25 - 000000000 ____D C:\Users\Massimo\AppData\Roaming\SNS-HDR
2017-09-15 16:50 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\rescache
2017-09-15 16:37 - 2015-07-07 22:56 - 000000000 ____D C:\ProgramData\softthinks
2017-09-15 14:42 - 2017-07-05 21:56 - 000314584 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-09-15 14:42 - 2015-07-07 22:39 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-09-15 13:04 - 2017-07-05 21:57 - 000000000 ____D C:\Users\Massimo
2017-09-15 13:03 - 2017-03-20 06:10 - 000000000 ____D C:\WINDOWS\system32\it
2017-09-15 13:03 - 2017-03-18 23:03 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-09-15 13:03 - 2017-03-18 23:03 - 000000000 ___SD C:\WINDOWS\system32\F12
2017-09-15 13:03 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2017-09-15 13:03 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-09-15 13:03 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\setup
2017-09-15 13:03 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-09-15 13:03 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-09-15 13:03 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-09-15 12:39 - 2015-07-10 19:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-09-15 12:38 - 2015-07-10 19:25 - 138202976 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-09-15 12:24 - 2015-05-26 20:16 - 000000000 ____D C:\Program Files\Dell
2017-09-10 11:10 - 2017-05-07 10:24 - 000001456 _____ C:\Users\Massimo\AppData\Local\Adobe Salva per Web e dispositivi 13.0 Prefs
2017-09-02 17:15 - 2017-03-18 23:06 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-09-02 17:15 - 2017-03-18 23:06 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-08-29 11:43 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\ELAMBKUP

==================== Files in the root of some directories =======

2016-10-24 19:46 - 2016-10-24 19:46 - 000000028 _____ () C:\Users\Massimo\AppData\Roaming\kulerdata.json
2017-05-07 10:24 - 2017-09-10 11:10 - 000001456 _____ () C:\Users\Massimo\AppData\Local\Adobe Salva per Web e dispositivi 13.0 Prefs
2016-10-16 18:48 - 2016-10-16 18:48 - 000000017 _____ () C:\Users\Massimo\AppData\Local\resmon.resmoncfg
2017-09-23 11:37 - 2017-09-23 11:37 - 000048643 _____ () C:\ProgramData\agent.1506159450.bdinstall.bin
2017-09-23 11:49 - 2017-09-23 11:49 - 000477336 _____ () C:\ProgramData\cl.1506159941.bdinstall.bin
2017-09-23 11:54 - 2017-09-23 11:54 - 000057201 _____ () C:\ProgramData\dm.1506160479.bdinstall.bin
2017-07-05 21:57 - 2017-07-05 21:57 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
2015-05-26 20:04 - 2015-05-26 20:05 - 000000121 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2015-05-26 20:03 - 2015-05-26 20:03 - 000000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2015-05-26 20:03 - 2015-05-26 20:04 - 000000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2015-05-26 20:04 - 2015-05-26 20:04 - 000000108 _____ () C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log
2015-05-26 20:03 - 2015-05-26 20:03 - 000000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

Some files in TEMP:
====================
2017-09-25 19:58 - 2017-09-05 07:26 - 001930840 _____ (Microsoft Corporation) C:\Users\Massimo\AppData\Local\Temp\dllnt_dump.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-09-27 05:59

==================== End of FRST.txt ============================
FCIM1908 è offline   Rispondi citando il messaggio o parte di esso
Old 28-09-2017, 18:11   #31
FCIM1908
Member
 
Iscritto dal: Dec 2008
Messaggi: 61
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-09-2017 01
Ran by Massimo (28-09-2017 19:03:02)
Running from C:\Users\Massimo\Desktop
Windows 10 Home Version 1703 (X64) (2017-07-05 20:05:42)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-925684549-1631372041-3969593942-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-925684549-1631372041-3969593942-503 - Limited - Disabled)
Guest (S-1-5-21-925684549-1631372041-3969593942-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-925684549-1631372041-3969593942-1003 - Limited - Enabled)
Massimo (S-1-5-21-925684549-1631372041-3969593942-1001 - Administrator - Enabled) => C:\Users\Massimo

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: Bitdefender Antivirus (Enabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371}
AS: Bitdefender Antispyware (Enabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {078AF241-05A3-0EFF-40E0-3E0D69EA140A}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 26.0.0.127 - Adobe Systems Incorporated)
Adobe Bridge CC 2017 (HKLM-x32\...\KBRG_7_0) (Version: 7.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.2.0.211 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.12 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_1_1) (Version: 18.1.1 - Adobe Systems Incorporated)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.)
ANT Drivers Installer x64 (HKLM\...\{1B6B17C2-176C-433C-93F3-640D12825426}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 21.0.25.59 - Bitdefender)
Bitdefender Device Management (HKLM\...\Bitdefender Device Management) (Version: 22.0.10.141 - Bitdefender)
Bitdefender Total Security (HKLM\...\Bitdefender) (Version: 22.0.10.141 - Bitdefender)
BookWright versione 1.1.109 (HKLM-x32\...\{C17978EB-5A2C-40E3-B351-F03A27245BF9}_is1) (Version: 1.1.109 - Blurb, Inc.)
Capture NX-D (HKLM\...\{794529D3-D489-4CF2-B2ED-CF241809E5EC}) (Version: 1.4.1 - Nikon Corporation)
Catalyst Control Center Next Localization BR (HKLM\...\{118C2119-84B6-E32C-63E2-B56DBCF41CE5}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{3E245378-BF77-6946-C6F6-096DBE5EAB82}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{51F85784-6799-5CA3-97B2-2E5904FC3E58}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{45907537-804A-514F-5280-5F4F12A6DCBC}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{5A083A57-10D6-D4E5-292C-F274870E73A4}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{8E6F5592-ED7E-9C50-74AC-BF417B1FE291}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{962364E4-08BB-347D-32E7-2B789F37BF8A}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{AD28960A-6190-C991-C964-308B86EAA2E2}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{DF0D7C1C-72B6-9FFB-DF66-B3720237BB80}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{238F6F6F-2544-86CF-3AB6-2CDADAB58CF0}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{84C3F2C5-F7B2-2F08-CDF4-79EF7CC55D74}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{A0407E39-2AA4-60B3-885F-3C5347B6909E}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{0989D0EA-AFF3-5F9A-3D25-20EE133E409B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{0E8A3B17-D603-B1B6-C205-1685EBDD23E9}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{EC688BD0-240D-AE40-55F3-234E54919AE6}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{1E7D3072-1D28-E33A-99DF-85D9F7ECD06E}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{A8689A0F-5928-7300-B82B-C5E85131B7BA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{E27224E3-7913-DA1E-5B08-9BEEC8FEE3D1}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{76AAF56B-93D8-161D-809A-EC05F3B913DA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{95A52FC1-C728-841D-1BFC-CC793B77B0A4}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{BA26B70C-3D8C-2D14-4122-211FB3E6F691}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{063CED74-F5F0-870E-DC9C-2D78FDEDA3EE}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{5FEACE78-C338-9AED-FF05-7DE7E273C774}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{A22CDEBA-6DB5-12CD-F6CE-6238C2D78363}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{13BB60AA-88F7-4B1F-2DEC-D81EEDE8B3AA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{A3795528-F572-6314-C4E3-EE9DAF0FBF02}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{C0BFC67D-E447-02C8-6046-C078DFE9EC97}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{37AA6227-FF2C-95AC-87C0-45DCC0BB87DA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{4853A56D-7931-A08B-5BA7-8E2D61043DF9}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{94C72EBE-2908-F0AC-62DA-D61951830F8F}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{5B987681-3652-492B-6A11-E02AC0FE5959}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{B28CF677-E2C8-12CA-52BB-19B6F066D36A}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{EB328356-1DF0-1CCE-3607-6361DD329219}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{43F6D22B-E0E9-EE90-9B62-1C5FC5D15A55}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{86BFE5B4-1FCE-3C02-6373-92B1AE6431E8}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{87E6EC29-AEC5-28CB-F773-93EB6C1B8A2B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{0742432E-42D9-2240-4CA1-8595CCCBAA77}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{CA55697D-BD74-3ED8-6B21-D7EDAD3B7D02}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{D4490E0F-8E7B-1097-B56A-7643C75F1C28}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{CFC860C8-4F51-E08C-A74C-2E444ED06160}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{DAB44116-0266-C65B-B643-AC11217C3041}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{EAEAA839-44F4-22DF-D1CC-88C3B2A3D4B1}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{3AF70346-52C7-0334-606F-118D1C1CB7A2}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{9338D693-38B7-1ED4-9B42-BFA1D5600CCB}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{A3973655-E448-4A1B-477C-988A79D132D9}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{53AE8AC7-5213-67AF-0DC0-CED696B77643}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{6DC92550-D065-4B36-C4D3-D8D7A702A7A7}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{C971C145-258D-6650-7088-13DDB161327A}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{B2A83706-3F14-1532-20CD-B4EE715A8945}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{DC9DFCBF-87DA-892C-6151-99CC9EF46E3E}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{EBA09DAF-14B4-7BE7-676E-6E2FB21EDBDD}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{44ED2CDA-4197-E9E9-B328-26E1FB749116}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{9AA4DD93-94BF-22EA-C9D2-7084F304A31B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{C1EFF2A2-DF4A-F6D1-B99C-1ED194AE9E78}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{3450566C-4561-0EE8-B1AB-D5C79CCE8D2C}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{379D900B-A785-6DB0-012E-434356A365B3}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{46EB68BE-8AAC-8C2B-7284-8DEDE6B5CD2A}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{366C4FB5-CF6E-258B-418D-E6D29549A278}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{7A6E431B-CF43-EC3E-FD7E-0A0AAB1B25FC}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{FCE8438C-3272-D63F-479F-670F082B294B}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{25D1751E-7CA2-5F6D-0125-0A16E47AF9FE}) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{89A1F076-19B8-A2B1-D5A3-E8247EFAF157}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{B10089DE-934F-6E0F-683A-B788F89348DF}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
CEWE.IT Foto World (HKLM-x32\...\CEWE.IT Foto World) (Version: 6.1.5 - CEWE Stiftung u Co. KGaA)
Citrix Online Launcher (HKLM-x32\...\{E5F6D26D-E180-4547-A865-565EAB61000C}) (Version: 1.0.362 - Citrix)
ColorNavigator 6 (HKLM\...\{207AD5A9-A797-4C4B-B8C5-1CB8B54972C8}_is1) (Version: 6.4.19 - EIZO Corporation)
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.9.2.8 - Dell Inc.)
Dell Customer Connect (HKLM-x32\...\{4FA72FF9-DD64-43A8-8704-6380A11F11D5}) (Version: 1.4.15.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{693A23FB-F28B-4F7A-A720-4C1263F97F43}) (Version: 3.1.1002.0 - Dell Products, LP)
Dell Foundation Services (HKLM\...\{BDB50421-E961-42F3-B803-6DAC6F173834}) (Version: 3.4.16100.0 - Dell Inc.)
Dell Help & Support (HKLM\...\{E8669F4E-F2BE-48A9-B5A5-0BC12CA4CB4F}) (Version: 2.4.18.0 - Dell Inc.) Hidden
Dell Help & Support (HKLM-x32\...\InstallShield_{E8669F4E-F2BE-48A9-B5A5-0BC12CA4CB4F}) (Version: 2.4.18.0 - Dell Inc.)
Dell Product Registration (HKLM-x32\...\{24F2AD94-CC1B-4294-B184-D4D31A3186A7}) (Version: 2.42.0012 - Aviata Inc.)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 2.0.6875.668 - Dell)
Dell SupportAssistAgent (HKLM\...\{18EF001B-B005-46CB-917B-112BA69ED85E}) (Version: 2.0.3.10 - Dell)
Dell System Detect (HKU\S-1-5-21-925684549-1631372041-3969593942-1001\...\73f463568823ebbe) (Version: 6.6.0.2 - Dell)
Dell Update - SupportAssist Update Plugin (HKLM\...\{2228BC43-73DA-4F9A-BEE6-8E9C15328513}) (Version: 3.1.1.3832 - Dell Inc.)
Dell Update (HKLM-x32\...\{F91263FA-BE4D-439D-9C0A-2E7204E0E9E3}) (Version: 1.9.20.0 - Dell Inc.)
Dropbox 20 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 0.9.0 - Dropbox, Inc.)
Elevated Installer (HKLM-x32\...\{BA007E03-72AE-4D2D-8A73-FA4B935D4015}) (Version: 5.4.1.0 - Garmin Ltd or its subsidiaries) Hidden
Epson Print Layout (HKLM-x32\...\{BE911FEE-42FB-4462-A94A-5D34CB84BDBD}) (Version: 1.3.2 - Seiko Epson Corporation)
Garmin Express (HKLM-x32\...\{2f694ffe-66ec-4674-a32d-ec690281ca57}) (Version: 5.4.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{BCEE507D-8D49-40FF-B437-70E3B9C2D51C}) (Version: 5.4.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (HKLM-x32\...\{198E262D-8C4F-4131-91C7-1F81FB8688F1}) (Version: 5.4.1.0 - Garmin Ltd or its subsidiaries) Hidden
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.3 - Google Inc.) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{e48a2f61-851a-4155-82f9-af1b04db8c3b}) (Version: 10.0.13 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1168 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{AD6B46F2-FE21-496F-BE90-BE19AABE353C}) (Version: 2.2.12 - Intel Corporation)
Intel(R) Wireless Bluetooth(R)(patch version 17.0.1427.2) (HKLM\...\{302600C1-6BDF-4FD1-1406-148929CC1385}) (Version: 17.1.1406.0472 - Intel Corporation)
Malwarebytes versione 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-925684549-1631372041-3969593942-1001\...\OneDriveSetup.exe) (Version: 17.3.6998.0830 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools per Office Runtime (x64) - Language Pack - ITA (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ITA) (Version: 10.0.50903 - Microsoft Corporation)
Neat Image v7.6.0 Pro plug-in for Photoshop (64-bit) (HKLM\...\Neat Image plug-in for Photoshop_is1) (Version: - Neat Image team, ABSoft)
Neat Image v8.2.0 Pro plug-in for Photoshop (64-bit) (HKLM\...\Neat Image v8 plug-in for Photoshop_is1) (Version: - Neat Image team, ABSoft)
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.3.0 - Nikon Corporation)
Pacchetto driver Windows - Datacolor (Spyder4) USB (06/01/2011 1.0.0.1) (HKLM\...\E5E9268B6D7B0E662E34736CC110C89D595E4222) (Version: 06/01/2011 1.0.0.1 - Datacolor)
Pacchetto driver Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Pacchetto driver Windows - FTDI CDM Driver Package - Bus/D2XX Driver (07/10/2015 2.12.06) (HKLM\...\B85E5F21D69245012A4E4C2DFAF38615FC7CF7AA) (Version: 07/10/2015 2.12.06 - FTDI)
Pacchetto driver Windows - FTDI CDM Driver Package - VCP Driver (07/10/2015 2.12.06) (HKLM\...\71B7FC12B248030B4BBBCA0C57826D74F64DB010) (Version: 07/10/2015 2.12.06 - FTDI)
Pacchetto driver Windows - FTDI CDM Driver Package (07/12/2010 2.08.02) (HKLM\...\498B9978CE49397903524B0761200F43EC650044) (Version: 07/12/2010 2.08.02 - FTDI)
Pacchetto driver Windows - FTDI CDM Driver Package (07/12/2010 2.08.02) (HKLM\...\67170FB0228B69BCCBEF8CE14A76953A5505D8EA) (Version: 07/12/2010 2.08.02 - FTDI)
Pacchetto driver Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Pacchetto driver Windows - X-Rite (colormunki) XRiteDevices (08/21/2006 2.40.0.1315) (HKLM\...\975DA77B1E3D07FC79378569A82F13404D027518) (Version: 08/21/2006 2.40.0.1315 - X-Rite)
Pacchetto driver Windows - X-Rite (EyeOne) XRiteDevices (04/21/2009 2.40.0.1315) (HKLM\...\60DFC39027B2B7734E1FBB0C005E7A477317D42D) (Version: 04/21/2009 2.40.0.1315 - X-Rite)
Photodex Presenter (HKLM-x32\...\Photodex Presenter) (Version: - Photodex Corporation)
Picture Control Utility 2 (HKLM\...\{D4893C47-704F-4B84-8486-9DE4974ACA6F}) (Version: 2.2.0 - Nikon Corporation)
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.26.0-r124601-release - Plays.tv, LLC)
ProShow Producer (HKLM-x32\...\ProShow Producer) (Version: - Photodex Corporation)
Quick Color Match (HKLM-x32\...\{ac680184-5327-4983-9d3a-2f1ba5240b81}_is1) (Version: 2.0.2 - EIZO Corporation)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.10-r123135-release - Raptr, Inc)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.30164 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7544 - Realtek Semiconductor Corp.)
Realtek USB Audio (HKLM-x32\...\{0A46A65D-89AC-464C-8026-3CD44960BD04}) (Version: 6.3.9600.41 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SNS-HDR Home 2.2.2 (HKLM\...\snshdrhome2_is1) (Version: - Sebastian Nibisz)
SNS-HDR Home v1.4.22 (HKLM\...\SNS-HDR Home_is1) (Version: - Sebastian Nibisz)
Software Intel® PROSet/Wireless (HKLM-x32\...\{4544164b-edf0-455c-b150-bed7109d751e}) (Version: 18.11.0 - Intel Corporation)
Software per stampante EPSON (HKLM\...\EPSON Printer and Utilities) (Version: - SEIKO EPSON Corporation)
Software per stampante EPSON (HKLM-x32\...\EPSON Printer and Utilities) (Version: - )
Software Saal Design Italy (HKLM-x32\...\{A7B5A9C4-25AF-13A9-A505-7CAE78A14F3B}) (Version: 4.0 - Saal Digital Fotoservice GmbH) Hidden
Software Saal Design Italy (HKLM-x32\...\SoftwareSaalDesignItaly) (Version: 4.0 - Saal Digital Fotoservice GmbH)
SpyderCheckr (HKLM-x32\...\SpyderCheckr) (Version: - )
TomTom MyDrive Connect 4.1.4.3031 (HKLM-x32\...\MyDriveConnect) (Version: 4.1.4.3031 - TomTom)
Topaz DeNoise 5 (HKLM-x32\...\Topaz DeNoise 5) (Version: 5.1.0 - Topaz Labs, LLC)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-925684549-1631372041-3969593942-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-60C939DA79C8}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
ContextMenuHandlers1: [BDFVCtxMenuExt] -> {9E96C1F5-0EFA-4348-9460-15D6802C70AA} => C:\Program Files\Bitdefender\Bitdefender Security\bdfvsctx.dll [2017-08-11] (Bitdefender)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-08-07] (Cyberlink)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2013-08-07] (Cyberlink)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers4: [BDFVCtxMenuExt] -> {9E96C1F5-0EFA-4348-9460-15D6802C70AA} => C:\Program Files\Bitdefender\Bitdefender Security\bdfvsctx.dll [2017-08-11] (Bitdefender)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-04-24] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [BDFVCtxMenuExt] -> {9E96C1F5-0EFA-4348-9460-15D6802C70AA} => C:\Program Files\Bitdefender\Bitdefender Security\bdfvsctx.dll [2017-08-11] (Bitdefender)
ContextMenuHandlers6: [BDFVCtxMenuExt] -> {9E96C1F5-0EFA-4348-9460-15D6802C70AA} => C:\Program Files\Bitdefender\Bitdefender Security\bdfvsctx.dll [2017-08-11] (Bitdefender)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {006FBF0C-5862-4D40-B585-0722F984D416} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {093D2323-3806-4366-961C-F2C112F1203B} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe [2017-09-22] (Dell Inc.)
Task: {0F17304E-A290-4100-B91D-0A8FD6DE2423} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2017-05-18] ()
Task: {163E4584-E82B-4692-96AB-AABE5A9958B6} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {18324A25-74C7-475B-9737-3ECE9AFD8FD0} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {2AACAEE8-0F48-4ADB-BB31-145E29AE924F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {2ED1D553-E8CA-4D91-8687-CE648A1BF016} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-01-17] ()
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {4260C037-7FBE-4F54-959F-F392CF06301C} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2017-09-14] (PC-Doctor, Inc.)
Task: {4337FA82-1BBE-4ACD-866E-E2BCE605CA16} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-04-24] (Advanced Micro Devices, Inc.)
Task: {679B1539-C8EC-48B4-8E8F-AD2D1A01B990} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-numerosette@alice.it => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {72211F69-29EB-4B22-9882-4F5CEFEA473C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {72BAC8CB-CB94-48E3-9BFD-64C315ECDFF7} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {731B6558-81E3-4373-ABDA-272B38D13DA1} - System32\Tasks\PCDoctorBackgroundMonitorTask-Retry => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2017-09-14] (PC-Doctor, Inc.)
Task: {77B1D71B-A788-46C4-8002-2E05E40A3076} - System32\Tasks\Dell\Dell Product Registration Update => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [2014-10-31] (Aviata Inc)
Task: {7862B8E9-F031-4490-A532-5E37D28096B9} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2017-09-14] (PC-Doctor, Inc.)
Task: {7B6AE7E8-DC78-4B9C-AA2B-EEE36B5E3552} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-09-15] (Microsoft Corporation)
Task: {916E5A63-0014-4D9D-8E41-49A0A6C54E0C} - System32\Tasks\Dell\Dell Product Registration => C:\Program Files (x86)\Dell Product Registration\prodreg.exe [2014-10-31] (Aviata Inc)
Task: {9860BD16-BA1E-457A-9FBE-C88641EFB6C2} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-01-17] ()
Task: {A0DA00E6-9AB8-4A27-8825-F344E243AAB1} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {A54F49BD-201A-45A4-9972-349C47BE3203} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {A776D140-6982-498D-845B-FB6C75D4BB01} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {AC0F57B7-3FAD-4430-BEC9-9A468CEA5DF5} - System32\Tasks\PCDDataUploadTask => uaclauncher.exe
Task: {AEC981D8-E03F-4CE7-8D1F-0AC46FFFE2CA} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {B48003BD-00E0-4F19-97A8-7DE676C7F06D} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {BC29605D-AB8C-4477-A2E9-AB0CB07C9111} - System32\Tasks\GoogleUpdateTaskMachineUA1d0e1ad82743886 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {C7639CDE-F335-49AA-BB80-9DAA3ECB960F} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-03-05] (CyberLink)
Task: {CABE41DE-4AB5-472B-9C56-9318ECE9A74B} - System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C => C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe [2017-08-17] (Bitdefender)
Task: {CF28F0FA-BAC2-40C2-AE92-93273143A03C} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-22] (CyberLink Corp.)
Task: {D017F14A-D5CA-4352-A20C-DCD379B98208} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2017-06-21] (Bitdefender)
Task: {D5AFD4DB-3CF1-4723-867E-7FE694630097} - \WPD\SqmUpload_S-1-5-21-925684549-1631372041-3969593942-1001 -> No File <==== ATTENTION
Task: {D5EA352D-C54B-4879-95C6-1E558DF4781A} - System32\Tasks\Dell SupportAssistAgent AnonymousRegistration => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe [2017-09-22] (Dell Inc.)
Task: {D9353FD3-E581-46C6-8BB3-B315F1F3352A} - System32\Tasks\UninstallDDS-C960901F-CE14-4DE1-9729-1305F719A337 => C:\WINDOWS\TEMP\DeleteFolderTask.exe <==== ATTENTION
Task: {E4832B87-0A85-4479-989E-89CD51D56D84} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {ED4A4EC5-8A5F-48A5-A998-05C94863101D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {EE7EEFC7-8816-4559-B819-23FDD5F20DE0} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {F12B1F3D-C1BD-4548-B84D-D4E3049CD0BF} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-03-21] (Advanced Micro Devices, Inc.)
Task: {FAEF1C22-CE3E-4315-93D1-2ACFDF164910} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-09-23 11:46 - 2013-09-03 14:29 - 000111832 _____ () C:\Program Files\Bitdefender\Bitdefender Security\bdmetrics.dll
2017-09-23 11:46 - 2017-02-07 12:34 - 001008448 _____ () C:\Program Files\Bitdefender\Bitdefender Security\otengines_001_001\ashttpbr.mdl
2017-09-23 11:46 - 2017-02-07 12:34 - 000541952 _____ () C:\Program Files\Bitdefender\Bitdefender Security\otengines_001_001\ashttpdsp.mdl
2017-09-23 11:46 - 2017-02-07 12:34 - 003243920 _____ () C:\Program Files\Bitdefender\Bitdefender Security\otengines_001_001\ashttpph.mdl
2017-09-23 11:46 - 2017-02-07 12:34 - 001544568 _____ () C:\Program Files\Bitdefender\Bitdefender Security\otengines_001_001\ashttprbl.mdl
2015-07-12 18:19 - 2015-12-01 22:05 - 000186760 _____ () C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe
2017-09-25 19:29 - 2017-08-24 11:27 - 002264528 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-03-18 22:58 - 2017-03-18 22:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 22:59 - 2017-03-20 06:11 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 000011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 002013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000191488 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2017-08-23 15:11 - 2017-08-23 15:11 - 000074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-08-23 15:11 - 2017-08-23 15:11 - 000203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-08-23 15:11 - 2017-08-23 15:11 - 036162048 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-08-23 15:11 - 2017-08-23 15:11 - 002237952 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\skypert.dll
2016-11-12 11:55 - 2017-04-21 13:44 - 000148096 _____ () C:\Program Files\EIZO\ColorNavigator 6\ColorNavigator 6.exe
2016-11-12 11:55 - 2017-04-21 13:44 - 000080512 _____ () C:\Program Files\EIZO\ColorNavigator 6\core\cn6_eacore.exe
2017-08-17 02:21 - 2017-08-17 02:21 - 000020184 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
2017-02-14 09:42 - 2017-02-14 09:42 - 000326144 _____ () C:\Program Files (x86)\Garmin\Device Interaction Service\GpsImgWrapper.dll
2017-05-18 10:56 - 2017-05-18 10:56 - 000073216 _____ () C:\Program Files (x86)\Garmin\Device Interaction Service\FixBootSector.dll
2017-08-17 02:21 - 2017-08-17 02:21 - 000033280 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\cx_Logging.cp35-win32.pyd
2017-08-17 02:21 - 2017-08-17 02:21 - 000103424 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32api.pyd
2017-08-17 02:21 - 2017-08-17 02:21 - 000111616 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pywintypes35.dll
2017-08-17 02:21 - 2017-08-17 02:21 - 000041984 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32process.pyd
2017-08-17 02:21 - 2017-08-17 02:21 - 000405504 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pythoncom35.dll
2017-08-17 02:21 - 2017-08-17 02:21 - 000173568 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32gui.pyd
2017-08-17 02:21 - 2017-08-17 02:21 - 001934336 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtGui.pyd
2017-08-17 02:21 - 2017-08-17 02:21 - 000077824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\sip.pyd
2017-08-17 02:21 - 2017-08-17 02:21 - 001780736 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtCore.pyd
2017-08-17 02:21 - 2017-08-17 02:21 - 000505856 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtNetwork.pyd
2017-08-17 02:21 - 2017-08-17 02:21 - 003812864 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWidgets.pyd
2016-12-21 11:24 - 2016-12-21 11:24 - 000134008 _____ () C:\Program Files (x86)\Dell Customer Connect\ServiceTagPlusPlus.dll
2015-03-16 11:28 - 2015-03-16 11:28 - 000155528 _____ () C:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
2017-05-01 15:27 - 2017-05-01 15:27 - 000133992 _____ () C:\Program Files (x86)\Dell Update\ServiceTagPlusPlus.dll
2014-02-19 18:51 - 2014-02-19 18:51 - 001241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-11-12 11:55 - 2017-04-21 13:43 - 000211968 _____ () C:\Program Files\EIZO\ColorNavigator 6\core\libcolour.dll
2016-11-12 11:55 - 2017-04-21 13:43 - 001026048 _____ () C:\Program Files\EIZO\ColorNavigator 6\core\plugins\cn_Procs.dll
2016-11-12 11:55 - 2017-04-21 13:43 - 000136192 _____ () C:\Program Files\EIZO\ColorNavigator 6\core\libimpronta.dll
2015-05-08 03:37 - 2015-05-08 03:37 - 000087040 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_ctypes.pyd
2015-05-08 03:37 - 2015-05-08 03:37 - 000043008 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_socket.pyd
2015-05-08 03:37 - 2015-05-08 03:37 - 000805376 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_ssl.pyd
2015-05-08 03:39 - 2015-05-08 03:39 - 005812736 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtGui.pyd
2017-05-04 21:01 - 2017-05-04 21:01 - 000067584 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\sip.pyd
2015-05-08 03:39 - 2015-05-08 03:39 - 001662464 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtCore.pyd
2015-05-08 03:39 - 2015-05-08 03:39 - 000494592 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtNetwork.pyd
2015-05-08 03:39 - 2015-05-08 03:39 - 000096256 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32api.pyd
2015-05-08 03:38 - 2015-05-08 03:38 - 000110592 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\pywintypes26.dll
2015-05-08 03:37 - 2015-05-08 03:37 - 000010240 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\select.pyd
2015-05-08 03:37 - 2015-05-08 03:37 - 000356864 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_hashlib.pyd
2015-05-08 03:39 - 2015-05-08 03:39 - 000036352 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32process.pyd
2015-05-08 03:39 - 2015-05-08 03:39 - 000111104 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32file.pyd
2015-05-08 03:37 - 2015-05-08 03:37 - 000044544 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_sqlite3.pyd
2015-05-08 03:49 - 2015-05-08 03:49 - 000417501 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\sqlite3.dll
2015-05-08 03:39 - 2015-05-08 03:39 - 000167936 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32gui.pyd
2015-05-08 03:39 - 2015-05-08 03:39 - 000313856 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtWebKit.pyd
2015-05-08 03:37 - 2015-05-08 03:37 - 000127488 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\pyexpat.pyd
2015-05-08 03:37 - 2015-05-08 03:37 - 000009216 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\winsound.pyd
2015-11-13 23:59 - 2015-11-13 23:59 - 000113171 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libvlc.dll
2015-11-13 23:59 - 2015-11-13 23:59 - 002396691 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libvlccore.dll
2015-05-08 03:37 - 2015-05-08 03:37 - 000583680 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\unicodedata.pyd
2015-05-08 03:37 - 2015-05-08 03:37 - 000324608 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PIL._imaging.pyd
2015-11-13 23:58 - 2015-11-13 23:58 - 000271872 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\amd_ags.dll
2015-05-08 03:39 - 2015-05-08 03:39 - 000024064 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32pipe.pyd
2017-08-17 02:21 - 2017-08-17 02:21 - 000021504 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32event.pyd
2017-08-17 02:21 - 2017-08-17 02:21 - 000113171 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\libvlc.dll
2017-08-17 02:21 - 2017-08-17 02:21 - 002396691 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\libvlccore.dll
2017-08-17 02:21 - 2017-08-17 02:21 - 000124416 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32file.pyd
2017-08-17 02:21 - 2017-08-17 02:21 - 000084992 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtSvg.pyd
2017-08-17 02:21 - 2017-08-17 02:21 - 000152064 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWebEngineWidgets.pyd
2017-08-17 02:21 - 2017-08-17 02:21 - 000033792 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWebEngineCore.pyd
2017-08-17 02:21 - 2017-08-17 02:21 - 000032256 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWebChannel.pyd
2017-08-17 02:21 - 2017-08-17 02:21 - 000035328 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\simplejson._speedups.pyd
2017-08-17 02:21 - 2017-08-17 02:21 - 000372736 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32com.shell.shell.pyd
2017-08-17 02:21 - 2017-08-17 02:21 - 000013824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\libEGL.dll
2017-08-17 02:21 - 2017-08-17 02:21 - 001983488 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\libGLESv2.dll
2017-08-17 02:21 - 2017-08-17 02:21 - 000271872 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\amd_ags.dll
2017-08-17 02:21 - 2017-08-17 02:21 - 002658512 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\ltc_host_ex.DLL
2017-08-17 02:21 - 2017-08-17 02:21 - 000027667 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\plugins\audio_output\libdirectsound_plugin.dll
2017-08-17 02:21 - 2017-08-17 02:21 - 000031251 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\plugins\audio_output\libwaveout_plugin.dll
2017-08-17 02:21 - 2017-08-17 02:21 - 000066579 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\plugins\video_output\libdirectdraw_plugin.dll
2015-05-08 03:39 - 2015-05-08 03:39 - 000141312 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\gobject._gobject.pyd
2017-05-04 19:33 - 2017-05-04 19:33 - 002717595 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\heliotrope._purple.pyd
2015-05-08 03:49 - 2015-05-08 03:49 - 001213633 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libxml2-2.dll
2015-05-08 03:55 - 2015-05-08 03:55 - 000055808 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\zlib1.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 000495680 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libaim.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 001183699 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\liboscar.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 000483306 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libicq.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 000655356 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libirc.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 001306387 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libmsn.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 000565461 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libxmpp.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 001640221 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libjabber.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 000506276 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libyahoo.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 001053730 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libymsg.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 000497782 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libyahoojp.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 000603326 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\ssl-nss.dll
2015-05-08 03:49 - 2015-05-08 03:49 - 000474199 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\ssl.dll
2015-05-26 20:03 - 2013-03-05 05:40 - 000626240 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-03-05 11:41 - 2013-03-05 11:41 - 000015424 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2016-01-05 19:17 - 2015-12-19 01:52 - 001607920 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\STRestoreAPI.dll
2015-05-26 20:12 - 2012-11-25 22:19 - 001153384 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\libxml2.dll
2015-05-26 20:10 - 2014-02-18 14:12 - 000117568 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\zlib1.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-925684549-1631372041-3969593942-1001\...\dell.com -> dell.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2017-09-28 18:48 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-925684549-1631372041-3969593942-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Massimo\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\win ltblue 1920x1200.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "StartCN"
HKLM\...\StartupApproved\Run32: => "DropboxOEM"
HKLM\...\StartupApproved\Run32: => "BCSSync"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{50E94BF2-3882-41D1-9DF6-69ECC4FE7945}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{8515D71A-84AC-44E5-A945-8BB664CC4B28}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{26B03F73-7317-4AB1-8B02-CD52C3CC2880}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{5293F9AD-650E-4648-BB8E-68F4B054AFD7}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{3AD8D23B-C249-45B7-BD6B-E173E1B571BF}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe
FirewallRules: [{1354129C-7A9A-4642-982D-AFA1352DDB24}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{E243EA9D-2E1F-4F60-923A-17590FCEA86E}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{CE4EF3EC-3CDA-4C51-82D1-FDF9DFF21CB3}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{5F7131F5-B224-4CA4-9B68-97A00F6B3EA8}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{C7AAEE25-2F98-4C6D-AE0A-623FD4733094}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{A10559A4-C3C7-4703-8948-6CB4BB2DAF2B}] => (Allow) C:\Program Files\EIZO\ColorNavigator 6\core\cn6_eacore.exe
FirewallRules: [{2CA23CC7-77C5-461A-9457-92716A318BF9}] => (Allow) C:\Program Files\EIZO\ColorNavigator 6\core\cn6_eacore.exe
FirewallRules: [{4DB17993-A478-44E4-A8B2-1927992331E4}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{AC08FC18-EEE1-4A1B-9060-A721DE7BD5CE}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/28/2017 06:56:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome dell'applicazione che ha generato l'errore: MicrosoftEdgeCP.exe, versione: 11.0.15063.608, timestamp: 0x59ae240c
Nome del modulo che ha generato l'errore: edgehtml.dll, versione: 11.0.15063.608, timestamp: 0x5ff6c763
Codice eccezione: 0xcfffffff
Offset errore 0x0000000000295194
ID processo che ha generato l'errore: 0x3e80
Ora di avvio dell'applicazione che ha generato l'errore: 0x01d33879a5ca5554
Percorso dell'applicazione che ha generato l'errore: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Percorso del modulo che ha generato l'errore: C:\WINDOWS\SYSTEM32\edgehtml.dll
ID segnalazione: 0aa22460-c82c-4a24-afe0-98f20af736d4
Nome completo pacchetto che ha generato l'errore: Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe
ID applicazione relativo al pacchetto che ha generato l'errore: ContentProcess

Error: (09/28/2017 06:53:30 PM) (Source: iumsvc) (EventID: 255) (User: )
Description: Exception : ('Device Profile Push Failure', ConnectionError(MaxRetryError("HTTPSConnectionPool(host='servicegateway.intel.com', port=443): Max retries exceeded with url: /DeviceProfile/Service.svc/Rest/DeviceProfileManager?deviceId=6c1de4c6-717d-48d9-894f-f3e2f4e64dbe&DomainId=E57B59E7-5862-4250-9CE0-76FB411DC0D2 (Caused by <class 'socket.gaierror'>: [Errno 11001] getaddrinfo failed)",),))

Error: (09/28/2017 06:53:30 PM) (Source: iumsvc) (EventID: 255) (User: )
Description: Exception : ('Device Profile Push Failure', ConnectionError(MaxRetryError("HTTPSConnectionPool(host='servicegateway.intel.com', port=443): Max retries exceeded with url: /DeviceProfile/Service.svc/Rest/DeviceProfileManager?deviceId=6c1de4c6-717d-48d9-894f-f3e2f4e64dbe&DomainId=50964a88-ab5f-4c91-b70e-66a2eadb5423 (Caused by <class 'socket.gaierror'>: [Errno 11001] getaddrinfo failed)",),))

Error: (09/28/2017 06:53:27 PM) (Source: iumsvc) (EventID: 255) (User: )
Description: Exception : ('Device Profile Push Failure', ConnectionError(MaxRetryError("HTTPSConnectionPool(host='servicegateway.intel.com', port=443): Max retries exceeded with url: /DeviceProfile/Service.svc/Rest/DeviceProfileManager?deviceId=6c1de4c6-717d-48d9-894f-f3e2f4e64dbe&DomainId=E57B59E7-5862-4250-9CE0-76FB411DC0D2 (Caused by <class 'socket.gaierror'>: [Errno 11001] getaddrinfo failed)",),))

Error: (09/28/2017 06:53:27 PM) (Source: iumsvc) (EventID: 255) (User: )
Description: Exception : ('Device Profile Push Failure', ConnectionError(MaxRetryError("HTTPSConnectionPool(host='servicegateway.intel.com', port=443): Max retries exceeded with url: /DeviceProfile/Service.svc/Rest/DeviceProfileManager?deviceId=6c1de4c6-717d-48d9-894f-f3e2f4e64dbe&DomainId=4E00205A-2AB1-4423-8F77-CC25B82CDE1D (Caused by <class 'socket.gaierror'>: [Errno 11001] getaddrinfo failed)",),))

Error: (09/28/2017 06:53:25 PM) (Source: iumsvc) (EventID: 255) (User: )
Description: Exception : ('Device Profile Push Failure', ConnectionError(MaxRetryError("HTTPSConnectionPool(host='servicegateway.intel.com', port=443): Max retries exceeded with url: /DeviceProfile/Service.svc/Rest/DeviceProfileManager?deviceId=6c1de4c6-717d-48d9-894f-f3e2f4e64dbe&DomainId=821fe777-bf67-463b-99f0-b2e0e4d9813b (Caused by <class 'socket.gaierror'>: [Errno 11001] getaddrinfo failed)",),))

Error: (09/28/2017 06:53:25 PM) (Source: iumsvc) (EventID: 255) (User: )
Description: Exception : ('Device Profile Push Failure', ConnectionError(MaxRetryError("HTTPSConnectionPool(host='servicegateway.intel.com', port=443): Max retries exceeded with url: /DeviceProfile/Service.svc/Rest/DeviceProfileManager?deviceId=6c1de4c6-717d-48d9-894f-f3e2f4e64dbe&DomainId=E57B59E7-5862-4250-9CE0-76FB411DC0D2 (Caused by <class 'socket.gaierror'>: [Errno 11001] getaddrinfo failed)",),))

Error: (09/27/2017 09:33:09 PM) (Source: Dell System Detect) (EventID: 0) (User: )
Description: <Exception><Type>System.Xml.XmlException</Type><Message><![CDATA[Il carattere '/', valore esadecimale 0x2F, non può essere utilizzato in un nome.]]></Message><Source><![CDATA[System.Xml]]></Source><StackTrace><![CDATA[ in System.Xml.XmlDocument.CheckName(String name)
in System.Xml.XmlElement..ctor(XmlName name, Boolean empty, XmlDocument doc)
in System.Xml.XmlDocument.CreateElement(String prefix, String localName, String namespaceURI)
in System.Xml.XmlDocument.CreateElement(String name)
in eSupport.Common.Client.Core.LastUpdatedHelper.SetLastUpdatedValue(String type, String value)]]></StackTrace><SysInfo STag="FPBCG52" SMBIOSMajVer="2" SMBIOSMinVer="7" SMBIOSBIOSVer="A09" SMBIOSPresent="True" Rel_Date="20141122000000.000000+000" DSDVersion="" Vendor="Dell Inc." PName="XPS 8700" Ident_Num="PC-MASSIMO" TimeZone="(UTC+01:00) Amsterdam, Berlino, Berna, Roma, Stoccolma, Vienna" OSName="Microsoft Windows 10 Home"/><Method>UpdateLastUpdatedConfig</Method><HostIP>192.168.1.153</HostIP></Exception>

Error: (09/27/2017 09:33:09 PM) (Source: Dell System Detect) (EventID: 0) (User: )
Description: <Exception><Type>System.Xml.XmlException</Type><Message><![CDATA[Il carattere '/', valore esadecimale 0x2F, non può essere utilizzato in un nome.]]></Message><Source><![CDATA[System.Xml]]></Source><StackTrace><![CDATA[ in System.Xml.XmlDocument.CheckName(String name)
in System.Xml.XmlElement..ctor(XmlName name, Boolean empty, XmlDocument doc)
in System.Xml.XmlDocument.CreateElement(String prefix, String localName, String namespaceURI)
in System.Xml.XmlDocument.CreateElement(String name)
in eSupport.Common.Client.Core.LastUpdatedHelper.SetLastUpdatedValue(String type, String value)]]></StackTrace><SysInfo STag="FPBCG52" SMBIOSMajVer="2" SMBIOSMinVer="7" SMBIOSBIOSVer="A09" SMBIOSPresent="True" Rel_Date="20141122000000.000000+000" DSDVersion="" Vendor="Dell Inc." PName="XPS 8700" Ident_Num="PC-MASSIMO" TimeZone="(UTC+01:00) Amsterdam, Berlino, Berna, Roma, Stoccolma, Vienna" OSName="Microsoft Windows 10 Home"/><Method>UpdateLastUpdatedConfig</Method><HostIP>192.168.1.153</HostIP></Exception>

Error: (09/27/2017 09:32:35 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Provider di eventi IntelWLANEventProvider: tentativo di registrazione della query "select * from CIntelQosEvent" con classe di destinazione "CIntelQosEvent" nello spazio dei nomi //./root/default, che non esiste. La query verrà ignorata.


System errors:
=============
Error: (09/28/2017 06:54:45 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Le impostazioni delle autorizzazioni impostazioni specifiche dell'applicazione non concedono l'autorizzazione di Attivazione in Locale per l'applicazione server COM con CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
all'utente NT AUTHORITY\SID SYSTEM (S-1-5-18) dall'indirizzo LocalHost (tramite LRPC) in esecuzione nel SID del contenitore di applicazioni Non disponibile (Non disponibile). Per modificare tale autorizzazione di sicurezza, è possibile utilizzare lo strumento amministrativo Servizi componenti.

Error: (09/28/2017 06:53:11 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Le impostazioni delle autorizzazioni impostazioni specifiche dell'applicazione non concedono l'autorizzazione di Attivazione in Locale per l'applicazione server COM con CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
all'utente NT AUTHORITY\SID SYSTEM (S-1-5-18) dall'indirizzo LocalHost (tramite LRPC) in esecuzione nel SID del contenitore di applicazioni Non disponibile (Non disponibile). Per modificare tale autorizzazione di sicurezza, è possibile utilizzare lo strumento amministrativo Servizi componenti.

Error: (09/28/2017 06:52:23 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Le impostazioni delle autorizzazioni impostazioni specifiche dell'applicazione non concedono l'autorizzazione di Attivazione in Locale per l'applicazione server COM con CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
all'utente NT AUTHORITY\SID SYSTEM (S-1-5-18) dall'indirizzo LocalHost (tramite LRPC) in esecuzione nel SID del contenitore di applicazioni Non disponibile (Non disponibile). Per modificare tale autorizzazione di sicurezza, è possibile utilizzare lo strumento amministrativo Servizi componenti.

Error: (09/28/2017 06:48:20 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Le impostazioni delle autorizzazioni impostazioni specifiche dell'applicazione non concedono l'autorizzazione di Attivazione in Locale per l'applicazione server COM con CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
e APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
all'utente NT AUTHORITY\SID SERVIZIO LOCALE (S-1-5-19) dall'indirizzo LocalHost (tramite LRPC) in esecuzione nel SID del contenitore di applicazioni Non disponibile (Non disponibile). Per modificare tale autorizzazione di sicurezza, è possibile utilizzare lo strumento amministrativo Servizi componenti.

Error: (09/28/2017 06:48:20 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Le impostazioni delle autorizzazioni impostazioni specifiche dell'applicazione non concedono l'autorizzazione di Attivazione in Locale per l'applicazione server COM con CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
e APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
all'utente NT AUTHORITY\SID SERVIZIO LOCALE (S-1-5-19) dall'indirizzo LocalHost (tramite LRPC) in esecuzione nel SID del contenitore di applicazioni Non disponibile (Non disponibile). Per modificare tale autorizzazione di sicurezza, è possibile utilizzare lo strumento amministrativo Servizi componenti.

Error: (09/27/2017 10:14:08 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Le impostazioni delle autorizzazioni impostazioni specifiche dell'applicazione non concedono l'autorizzazione di Attivazione in Locale per l'applicazione server COM con CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
all'utente NT AUTHORITY\SID SYSTEM (S-1-5-18) dall'indirizzo LocalHost (tramite LRPC) in esecuzione nel SID del contenitore di applicazioni Non disponibile (Non disponibile). Per modificare tale autorizzazione di sicurezza, è possibile utilizzare lo strumento amministrativo Servizi componenti.

Error: (09/27/2017 10:11:12 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (09/27/2017 09:06:03 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Le impostazioni delle autorizzazioni impostazioni specifiche dell'applicazione non concedono l'autorizzazione di Attivazione in Locale per l'applicazione server COM con CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
e APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
all'utente NT AUTHORITY\SID SERVIZIO LOCALE (S-1-5-19) dall'indirizzo LocalHost (tramite LRPC) in esecuzione nel SID del contenitore di applicazioni Non disponibile (Non disponibile). Per modificare tale autorizzazione di sicurezza, è possibile utilizzare lo strumento amministrativo Servizi componenti.

Error: (09/27/2017 09:06:03 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Le impostazioni delle autorizzazioni impostazioni specifiche dell'applicazione non concedono l'autorizzazione di Attivazione in Locale per l'applicazione server COM con CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
e APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
all'utente NT AUTHORITY\SID SERVIZIO LOCALE (S-1-5-19) dall'indirizzo LocalHost (tramite LRPC) in esecuzione nel SID del contenitore di applicazioni Non disponibile (Non disponibile). Per modificare tale autorizzazione di sicurezza, è possibile utilizzare lo strumento amministrativo Servizi componenti.

Error: (09/27/2017 09:05:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Il servizio CldFlt non è stato avviato per il seguente errore:
Richiesta non supportata.


CodeIntegrity:
===================================
Date: 2017-09-28 18:57:11.903
Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2017-09-28 18:56:39.866
Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume7\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2017-09-28 18:54:57.379
Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume7\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-119906.dll that did not meet the Microsoft signing level requirements.

Date: 2017-09-28 18:54:57.372
Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume7\Program Files (x86)\Raptr Inc\PlaysTV\ltc_help64-124599.dll that did not meet the Microsoft signing level requirements.

Date: 2017-09-28 18:54:57.365
Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume7\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-119906.dll that did not meet the Microsoft signing level requirements.

Date: 2017-09-28 18:54:57.358
Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume7\Program Files (x86)\Raptr Inc\PlaysTV\ltc_help64-124599.dll that did not meet the Microsoft signing level requirements.

Date: 2017-09-28 18:54:57.351
Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume7\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-119906.dll that did not meet the Microsoft signing level requirements.

Date: 2017-09-28 18:54:57.343
Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume7\Program Files (x86)\Raptr Inc\PlaysTV\ltc_help64-124599.dll that did not meet the Microsoft signing level requirements.

Date: 2017-09-28 18:54:52.314
Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume7\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-119906.dll that did not meet the Microsoft signing level requirements.

Date: 2017-09-28 18:54:52.313
Description: Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume7\Program Files (x86)\Raptr Inc\PlaysTV\ltc_help64-124599.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz
Percentage of memory in use: 14%
Total physical RAM: 32719.13 MB
Available physical RAM: 28044.55 MB
Total Virtual: 37583.13 MB
Available Virtual: 31379.55 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:225.61 GB) (Free:24 GB) NTFS
Drive d: (DATA) (Fixed) (Total:1862.89 GB) (Free:1862.56 GB) NTFS
Drive j: (ESP) (Fixed) (Total:0.48 GB) (Free:0.43 GB) FAT32
Drive w: () (Fixed) (Total:0.44 GB) (Free:0.04 GB) NTFS
Drive x: (PBR Image) (Fixed) (Total:9.77 GB) (Free:0.65 GB) NTFS
Drive z: (WINRETOOLS) (Fixed) (Total:2 GB) (Free:1.64 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 16F139AB)

Partition: GPT.

========================================================
Disk: 1 (Size: 238.5 GB) (Disk ID: 16F13976)

Partition: GPT.

==================== End of Addition.txt ============================
FCIM1908 è offline   Rispondi citando il messaggio o parte di esso
Old 28-09-2017, 18:13   #32
FCIM1908
Member
 
Iscritto dal: Dec 2008
Messaggi: 61
Allora: i due ultimi messaggi sono i report di FRST che sono riuscito a far girare sul PC FISSO. Non ho fatto però girare prima CCCleaner spero non sia un problema. Prima di postare gli altri report, ed alcuni non sono allegabili, mi fermo qui in attesa della tua analisi per favorire la leggibilità del tutto.
FCIM1908 è offline   Rispondi citando il messaggio o parte di esso
Old 28-09-2017, 19:25   #33
Dan1979
Member
 
Iscritto dal: Jun 2017
Messaggi: 175
Il pc portatile ok.. i pup che ti dava roguekiller del portatile lascia stare ....

Mentre il pc fisso le scansioni le hai gia fatte come ho visto i report a inizio topic...
Poi rigurdo ccleaner non inporta se non lo hai eseguito...

Allora con il fix risolviamo anche i pum rilevati nella scansione di roguekiller del fisso...
-posiziona frst sul desktop assieme al nuovo file allegato fixlist.txt (mi raccomando sul desktop)
-tasto dx sopra frst-->esegui come amministratore
-quando si apre frst clicca sul pulsante FIX
-attendi la fine delle operazioni e che il pc si riavvii (se non si riavvia fallo te manualmente)
-posta il fixlog.txt generato

-poi resetta i browser http://it.ccm.net/faq/1767-come-ripristinare-il-browser
-lascia stare edge
-dovrai reinpostare la pag iniziale di dei browser http://it.ccm.net/faq/2175-come-camb...le-del-browser

-fai pulizia con ccleaner sia sistema che registro..

Fa sapere come va il pc....
Se tutto è ok seguiranno le ultime pulizie dei programmi usati per le sacnsioni...

Ciao
Allegati
File Type: txt fixlist.txt (11.6 KB, 5 visite)
Ultima modifica di Dan1979 : 29-09-2017 alle 09:02.
Dan1979 è offline   Rispondi citando il messaggio o parte di esso
Old 29-09-2017, 18:24   #34
FCIM1908
Member
 
Iscritto dal: Dec 2008
Messaggi: 61
Posto il report fix, anche questo troppo grosso per allegarlo, lo copio e incollo:

Fix result of Farbar Recovery Scan Tool (x64) Version: 26-09-2017 01
Ran by Massimo (29-09-2017 19:15:06) Run:1
Running from C:\Users\Massimo\Desktop
Loaded Profiles: Massimo (Available Profiles: Massimo)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

HKU\S-1-5-21-925684549-1631372041-3969593942-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-925684549-1631372041-3969593942-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
SearchScopes: HKU\S-1-5-21-925684549-1631372041-3969593942-1001 -> DefaultScope {705F355A-2E54-4618-BAF3-7CE9CE440EBB} URL =
SearchScopes: HKU\S-1-5-21-925684549-1631372041-3969593942-1001 -> {705F355A-2E54-4618-BAF3-7CE9CE440EBB} URL =
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl] - hxxps://clients2.google.com/service/update2/crx
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
2017-09-23 18:43 - 2017-09-23 18:43 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign2a320bc09aae1a80
2017-09-23 18:39 - 2017-09-23 18:39 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign479c025829a95e42
2017-09-23 18:30 - 2017-09-23 18:30 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignda40dfc5ab25363f
2017-09-23 18:30 - 2017-09-23 18:30 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign2ddaface99846a8a
2017-09-23 13:02 - 2017-09-23 13:02 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign7997380020e32786
2017-09-23 12:47 - 2017-09-23 12:47 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign53c364e1a5886650
2017-09-23 12:47 - 2017-09-23 12:47 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign4da0e6ce8ca3057d
2017-09-23 12:04 - 2017-09-23 12:04 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign06e83898d9f60461
2017-09-23 12:02 - 2017-09-23 12:02 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign8c837a2b26383563
2017-09-23 12:02 - 2017-09-23 12:02 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign4c1bb57f89fc1310
2017-09-17 17:08 - 2017-09-17 17:08 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign893c25815c3e4e3a
2017-09-17 17:06 - 2017-09-17 17:06 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign7987e0021284a74e
2017-09-17 17:06 - 2017-09-17 17:06 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign10ea50dbf0c340f7
2017-09-16 19:56 - 2017-09-16 19:56 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign62dd29928e5a996b
2017-09-16 19:50 - 2017-09-16 19:50 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignb77f2abb1ed1c4b0
2017-09-16 19:48 - 2017-09-16 19:48 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignd2f2a585e3b848fa
2017-09-16 19:46 - 2017-09-16 19:46 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign0fbdb4686c8ecb22
2017-09-16 19:45 - 2017-09-16 19:45 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign366ab3d56b989fd6
2017-09-16 19:41 - 2017-09-16 19:41 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign7232ff2237a0e253
2017-09-16 19:19 - 2017-09-16 19:19 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign084b333675e35f54
2017-09-16 19:17 - 2017-09-16 19:17 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign526ef1bb8f88d475
2017-09-16 19:07 - 2017-09-16 19:07 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignf20327fecb0193a9
2017-09-16 19:06 - 2017-09-16 19:06 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsigndb98f867a6e6e1e7
2017-09-16 19:06 - 2017-09-16 19:06 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign34981d465a0fd3b8
2017-09-16 19:05 - 2017-09-16 19:05 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign9d29a0b28ce26a7f
2017-09-16 19:05 - 2017-09-16 19:05 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign11ee28dc4eacab8b
2017-09-16 12:00 - 2017-09-16 12:00 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign6454ee7fd0890f18
2017-09-16 11:59 - 2017-09-16 11:59 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign5629d315608a90a9
2017-09-16 11:58 - 2017-09-16 11:58 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignb3103856265dec45
2017-09-16 11:54 - 2017-09-16 11:54 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign1c4274d3e38961df
2017-09-16 11:51 - 2017-09-16 11:51 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignd51fef8312f2101a
2017-09-16 11:30 - 2017-09-16 11:30 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign833d8b9700f933df
2017-09-16 11:18 - 2017-09-16 11:18 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignc8c51583e68e24b3
2017-09-16 11:18 - 2017-09-16 11:18 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign8248ae5e369eed0a
2017-09-10 11:56 - 2017-09-10 11:56 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignee18b00e325a1e80
2017-09-10 11:53 - 2017-09-10 11:53 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign9c85a5e26f0a7895
2017-09-10 11:51 - 2017-09-10 11:51 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign538caf5474ceeabc
2017-09-10 11:49 - 2017-09-10 11:49 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign6fa9b74abd1fb3a1
2017-09-10 11:45 - 2017-09-10 11:45 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignbb386aaa93fbea85
2017-09-10 11:23 - 2017-09-10 11:23 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign891995a444fba673
2017-09-10 10:18 - 2017-09-10 10:18 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignf98c9c47f93ca431
2017-09-10 10:16 - 2017-09-10 10:16 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign04d653af51384666
2017-09-10 10:08 - 2017-09-10 10:08 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignd5187fbba5a664ed
2017-09-10 10:06 - 2017-09-10 10:06 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign4aa0d5c0956907c2
2017-09-10 10:02 - 2017-09-10 10:02 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign646ab2eec7c9e779
2017-09-10 09:54 - 2017-09-10 09:54 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsigna7cb8441e112d5f7
2017-09-10 09:43 - 2017-09-10 09:43 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign1d61bc997ca07367
2017-09-10 09:39 - 2017-09-10 09:39 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign657ed2562342561d
2017-09-10 09:37 - 2017-09-10 09:37 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign9c2a9532d8cc2517
2017-09-10 09:37 - 2017-09-10 09:37 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign40e3e5af22dfa156
2017-09-10 09:37 - 2017-09-10 09:37 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign39999b75eb0c922e
2017-09-10 09:37 - 2017-09-10 09:37 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign206bfaf458893073
2017-09-09 18:45 - 2017-09-09 18:45 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign043a21c81399d682
2017-09-09 18:42 - 2017-09-09 18:42 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign5e49fc571219bb1a
2017-09-09 18:40 - 2017-09-09 18:40 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignc00ea6420f47aa89
2017-09-09 18:34 - 2017-09-09 18:34 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsigna01fe20e43eef2f3
2017-09-09 18:28 - 2017-09-09 18:28 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsigne975c3133a042e6e
2017-09-09 18:21 - 2017-09-09 18:21 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignb1948ee5a5e73b5f
2017-09-09 18:18 - 2017-09-09 18:18 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignd1d46bcbf974787a
2017-09-09 18:17 - 2017-09-09 18:17 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign4ae3ad1da5dc5a6d
2017-09-09 18:16 - 2017-09-09 18:16 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignb588effe2b5a4d95
2017-09-09 18:08 - 2017-09-09 18:08 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign6ea268cae19881f7
2017-09-09 18:00 - 2017-09-09 18:00 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignef834f4688bde796
2017-09-09 17:58 - 2017-09-09 17:58 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignf8dfc166985e0737
2017-09-09 17:58 - 2017-09-09 17:58 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignd797bb9123a1fe57
2017-09-09 17:58 - 2017-09-09 17:58 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsignc170cdf4cae92f1a
2017-09-09 17:58 - 2017-09-09 17:58 - 000000000 ____D C:\Users\Massimo\AppData\Local\Tempzxpsign2d45ef39af036982
2017-09-23 11:45 - 2015-05-26 20:14 - 000000000 ____D C:\ProgramData\McAfee
2017-09-23 11:45 - 2015-05-26 20:14 - 000000000 ____D C:\Program Files\Common Files\McAfee
2017-09-23 11:43 - 2017-07-05 22:02 - 000000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2017-07-05 21:57 - 2017-07-05 21:57 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
2015-05-26 20:04 - 2015-05-26 20:05 - 000000121 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2015-05-26 20:03 - 2015-05-26 20:03 - 000000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2015-05-26 20:03 - 2015-05-26 20:04 - 000000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2015-05-26 20:04 - 2015-05-26 20:04 - 000000108 _____ () C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log
2015-05-26 20:03 - 2015-05-26 20:03 - 000000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
CustomCLSID: HKU\S-1-5-21-925684549-1631372041-3969593942-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-60C939DA79C8}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
Task: {006FBF0C-5862-4D40-B585-0722F984D416} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {163E4584-E82B-4692-96AB-AABE5A9958B6} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {18324A25-74C7-475B-9737-3ECE9AFD8FD0} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {2AACAEE8-0F48-4ADB-BB31-145E29AE924F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {72BAC8CB-CB94-48E3-9BFD-64C315ECDFF7} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {A0DA00E6-9AB8-4A27-8825-F344E243AAB1} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {A54F49BD-201A-45A4-9972-349C47BE3203} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {A776D140-6982-498D-845B-FB6C75D4BB01} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {AEC981D8-E03F-4CE7-8D1F-0AC46FFFE2CA} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {B48003BD-00E0-4F19-97A8-7DE676C7F06D} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {D5AFD4DB-3CF1-4723-867E-7FE694630097} - \WPD\SqmUpload_S-1-5-21-925684549-1631372041-3969593942-1001 -> No File <==== ATTENTION
Task: {D9353FD3-E581-46C6-8BB3-B315F1F3352A} - System32\Tasks\UninstallDDS-C960901F-CE14-4DE1-9729-1305F719A337 => C:\WINDOWS\TEMP\DeleteFolderTask.exe <==== ATTENTION
Task: {E4832B87-0A85-4479-989E-89CD51D56D84} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {FAEF1C22-CE3E-4315-93D1-2ACFDF164910} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\WINDOWS\TEMP\DeleteFolderTask.exe

HOSTS:
Removeproxy:
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset C:\resettcpip.txt
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
CMD: Bitsadmin /Reset /Allusers
EMPTYTEMP:
Reboot:

End
*****************

Restore point was successfully created.
Processes closed successfully.
HKU\S-1-5-21-925684549-1631372041-3969593942-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value removed successfully
HKU\S-1-5-21-925684549-1631372041-3969593942-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKU\S-1-5-21-925684549-1631372041-3969593942-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-925684549-1631372041-3969593942-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{705F355A-2E54-4618-BAF3-7CE9CE440EBB} => key removed successfully
HKLM\Software\Classes\CLSID\{705F355A-2E54-4618-BAF3-7CE9CE440EBB} => key not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gannpgaobkkhmpomoijebaigcapoeebl => key removed successfully
HKLM\System\CurrentControlSet\Services\ibtsiva => key removed successfully
ibtsiva => service removed successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign2a320bc09aae1a80 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign479c025829a95e42 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsignda40dfc5ab25363f => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign2ddaface99846a8a => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign7997380020e32786 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign53c364e1a5886650 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign4da0e6ce8ca3057d => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign06e83898d9f60461 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign8c837a2b26383563 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign4c1bb57f89fc1310 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign893c25815c3e4e3a => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign7987e0021284a74e => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign10ea50dbf0c340f7 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign62dd29928e5a996b => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsignb77f2abb1ed1c4b0 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsignd2f2a585e3b848fa => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign0fbdb4686c8ecb22 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign366ab3d56b989fd6 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign7232ff2237a0e253 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign084b333675e35f54 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign526ef1bb8f88d475 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsignf20327fecb0193a9 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsigndb98f867a6e6e1e7 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign34981d465a0fd3b8 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign9d29a0b28ce26a7f => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign11ee28dc4eacab8b => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign6454ee7fd0890f18 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign5629d315608a90a9 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsignb3103856265dec45 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign1c4274d3e38961df => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsignd51fef8312f2101a => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign833d8b9700f933df => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsignc8c51583e68e24b3 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign8248ae5e369eed0a => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsignee18b00e325a1e80 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign9c85a5e26f0a7895 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign538caf5474ceeabc => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign6fa9b74abd1fb3a1 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsignbb386aaa93fbea85 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign891995a444fba673 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsignf98c9c47f93ca431 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign04d653af51384666 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsignd5187fbba5a664ed => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign4aa0d5c0956907c2 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign646ab2eec7c9e779 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsigna7cb8441e112d5f7 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign1d61bc997ca07367 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign657ed2562342561d => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign9c2a9532d8cc2517 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign40e3e5af22dfa156 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign39999b75eb0c922e => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign206bfaf458893073 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign043a21c81399d682 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign5e49fc571219bb1a => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsignc00ea6420f47aa89 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsigna01fe20e43eef2f3 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsigne975c3133a042e6e => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsignb1948ee5a5e73b5f => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsignd1d46bcbf974787a => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign4ae3ad1da5dc5a6d => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsignb588effe2b5a4d95 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign6ea268cae19881f7 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsignef834f4688bde796 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsignf8dfc166985e0737 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsignd797bb9123a1fe57 => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsignc170cdf4cae92f1a => moved successfully
C:\Users\Massimo\AppData\Local\Tempzxpsign2d45ef39af036982 => moved successfully
C:\ProgramData\McAfee => moved successfully
C:\Program Files\Common Files\McAfee => moved successfully
C:\WINDOWS\System32\Tasks\McAfee => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log => moved successfully
C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log => moved successfully
C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log => moved successfully
C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log => moved successfully
C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log => moved successfully
HKU\S-1-5-21-925684549-1631372041-3969593942-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-60C939DA79C8} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{006FBF0C-5862-4D40-B585-0722F984D416} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{006FBF0C-5862-4D40-B585-0722F984D416} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{163E4584-E82B-4692-96AB-AABE5A9958B6} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{163E4584-E82B-4692-96AB-AABE5A9958B6} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{18324A25-74C7-475B-9737-3ECE9AFD8FD0} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{18324A25-74C7-475B-9737-3ECE9AFD8FD0} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2AACAEE8-0F48-4ADB-BB31-145E29AE924F} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2AACAEE8-0F48-4ADB-BB31-145E29AE924F} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{352E6CA0-7314-4DF4-89C4-682368D80D57} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{352E6CA0-7314-4DF4-89C4-682368D80D57} => key removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{72BAC8CB-CB94-48E3-9BFD-64C315ECDFF7} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{72BAC8CB-CB94-48E3-9BFD-64C315ECDFF7} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A0DA00E6-9AB8-4A27-8825-F344E243AAB1} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A0DA00E6-9AB8-4A27-8825-F344E243AAB1} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A54F49BD-201A-45A4-9972-349C47BE3203} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A54F49BD-201A-45A4-9972-349C47BE3203} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A776D140-6982-498D-845B-FB6C75D4BB01} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A776D140-6982-498D-845B-FB6C75D4BB01} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AEC981D8-E03F-4CE7-8D1F-0AC46FFFE2CA} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AEC981D8-E03F-4CE7-8D1F-0AC46FFFE2CA} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B48003BD-00E0-4F19-97A8-7DE676C7F06D} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B48003BD-00E0-4F19-97A8-7DE676C7F06D} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D5AFD4DB-3CF1-4723-867E-7FE694630097} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D5AFD4DB-3CF1-4723-867E-7FE694630097} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-925684549-1631372041-3969593942-1001 => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D9353FD3-E581-46C6-8BB3-B315F1F3352A} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D9353FD3-E581-46C6-8BB3-B315F1F3352A} => key removed successfully
C:\WINDOWS\System32\Tasks\UninstallDDS-C960901F-CE14-4DE1-9729-1305F719A337 => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UninstallDDS-C960901F-CE14-4DE1-9729-1305F719A337 => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E4832B87-0A85-4479-989E-89CD51D56D84} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E4832B87-0A85-4479-989E-89CD51D56D84} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FAEF1C22-CE3E-4315-93D1-2ACFDF164910} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FAEF1C22-CE3E-4315-93D1-2ACFDF164910} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => key removed successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
"C:\WINDOWS\TEMP\DeleteFolderTask.exe" => not found.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-925684549-1631372041-3969593942-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-925684549-1631372041-3969593942-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully


========= End of RemoveProxy: =========


========= netsh advfirewall reset =========

OK.


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

OK.


========= End of CMD: =========


========= ipconfig /flushdns =========


Configurazione IP di Windows

Cache del resolver DNS svuotata.

========= End of CMD: =========


========= netsh winsock reset catalog =========


Reimpostazione catalogo Winsock completata.
Ô necessario riavviare il computer per completare l'operazione.


========= End of CMD: =========


========= netsh int ip reset C:\resettcpip.txt =========

Reimpostazione di Inoltro raggruppamento completata.
Reimpostazione di Raggruppamento completata.
Reimpostazione di Protocollo di controllo completata.
Reimpostazione di Richiesta sequenza echo completata.
Reimpostazione di Globale completata.
Reimpostazione di Interfaccia completata.
Reimpostazione di Indirizzo Anycast completata.
Reimpostazione di Indirizzo multicast completata.
Reimpostazione di Indirizzo Unicast completata.
Reimpostazione di Router adiacente completata.
Reimpostazione di Percorso completata.
Reimpostazione di Potenziale completata.
Reimpostazione di Criteri di prefisso completata.
Reimpostazione di Router adiacente proxy completata.
Reimpostazione di Route completata.
Reimpostazione di Prefisso del sito completata.
Reimpostazione di Sottointerfaccia completata.
Reimpostazione di Pattern di attivazione completata.
Reimpostazione di Risolvi router adiacente completata.
Reimpostazione di completata.
Reimpostazione di completata.
Reimpostazione di completata.
Reimpostazione di completata.
Reimpostazione di non riuscita.
Accesso negato.

Reimpostazione di completata.
Reimpostazione di completata.
Reimpostazione di completata.
Reimpostazione di completata.
Reimpostazione di completata.
Reimpostazione di completata.
Reimpostazione di completata.
Riavviare il computer per completare l'azione.


========= End of CMD: =========


========= FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" =========

Impossibile cancellare il registro DebugChannel. Impossibile eseguire l'operazione richiesta su un canale diretto attivato. Prima di eseguire l'operazione richiesta è necessario disattivare il canale.
Impossibile cancellare il registro Microsoft-Windows-LiveId/Analytic. Accesso negato.
Impossibile cancellare il registro Microsoft-Windows-LiveId/Operational. Accesso negato.

========= End of CMD: =========


========= Bitsadmin /Reset /Allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

0 out of 0 jobs canceled.

========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 354239345 B
Java, Flash, Steam htmlcache => 21767 B
Windows/system/drivers => 845533 B
Edge => 314850231 B
Chrome => 0 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 347265 B
systemprofile32 => 0 B
LocalService => 36848 B
NetworkService => 2466 B
Massimo => 94590177 B

RecycleBin => 0 B
EmptyTemp: => 737 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:19:07 ====
FCIM1908 è offline   Rispondi citando il messaggio o parte di esso
Old 29-09-2017, 18:33   #35
FCIM1908
Member
 
Iscritto dal: Dec 2008
Messaggi: 61
dopo IL FIX ho eseguito CCcleaner pulendo sistema e registro. Non ho dovuto reimpostare pagine iniziali e per il momento il PC sembra funzionare come prima. Attendo istruzioni successive. Ciao
FCIM1908 è offline   Rispondi citando il messaggio o parte di esso
Old 29-09-2017, 19:25   #36
Dan1979
Member
 
Iscritto dal: Jun 2017
Messaggi: 175
Facciamo un ultima scansione per sicurezza con eset online scanner...
https://www.eset.com/us/home/online-scanner/
Collegati alla sua pagina principale usando Internet Explorer clicca sul pulsante Run Eset online scanner. Nella finestra che si apre, apponi il segno di spunta accanto alla voce Yes, I accept the Terms of Use e fai click su Start.
Successivamente, seleziona la barra gialla che compare in cima alla finestra del browser e clicca prima sulla voce Installa il componente aggiuntivo per tutti gli utenti del computer e poi sul pulsante Sì. Nella pagina che si apre, clicca prima su Next, poi su Sì e attendi che la scansione del sistema venga portata a termine (verranno scaricate prima le definizioni antivirus più recenti).
La scansione puo durare un po..
Posta il risultato....
Dan1979 è offline   Rispondi citando il messaggio o parte di esso
Old 30-09-2017, 14:30   #37
FCIM1908
Member
 
Iscritto dal: Dec 2008
Messaggi: 61
Ciao ho eseguito ESET. Però non ha prodotto un report ma solo una immagine a schermo che non riesco a postare o allegare. Mi dice però che non ha rilevato virus.
FCIM1908 è offline   Rispondi citando il messaggio o parte di esso
Old 30-09-2017, 14:57   #38
Dan1979
Member
 
Iscritto dal: Jun 2017
Messaggi: 175
Ok , se eset non ha prodotto il log vuol dire che non ha riscontrato problemi...

Anche il pc fisso è pulito...

Se non riscontri problemi,facciamo pulizia dei programmi installati per fare le scansioni....
Ora esegui questo programma sia sul portatile che sul fisso..
scarica sul desktop delfix da qui www.bleepingcomputer.com/download/delfix/
Aprilo e metti la spunta:

Activate uac
Remove disinfenction tool
Create registry beckup
Purge system restore

Clicca su run e attendi la fine delle operazioni....
Posta i due log generati (pc fisso - pc portatile)...

Dopo queste pulizie abbiamo concluso..
Ciao ,per qualsiasi cosa siamo qui...
Dan1979 è offline   Rispondi citando il messaggio o parte di esso
Old 02-10-2017, 09:20   #39
FCIM1908
Member
 
Iscritto dal: Dec 2008
Messaggi: 61
Grazie Dan.
Ieri il PC fisso non leggeva più i pdf ho reinstallato acrobat reader ed è andato tutto ok.
Adesso appena riesco seguo le tue ultime istruzioni e ti dico.
Grazie
Ciao
FCIM1908 è offline   Rispondi citando il messaggio o parte di esso
Old 02-10-2017, 16:00   #40
FCIM1908
Member
 
Iscritto dal: Dec 2008
Messaggi: 61
Dam, ho letto sotto di CCcleaner...io l'ho fatto girare speriamo che non sia stato lui a diffondere un virus. Posso disinstallare tutti questi programmi che ho fatto girare alla ricerca di virus?
Ultima cosa: secondo te c'è proprio bisogno di far girare questo delfix? Ho sempre paura
FCIM1908 è offline   Rispondi citando il messaggio o parte di esso
Pagina 2 di 3 < 1 2 3 >
 Rispondi

« Discussione precedente | Discussione successiva »

Recensione Samsung Galaxy Z Fold7: un grande salto generazionale Recensione Samsung Galaxy Z Fold7: un grande sal...
The Edge of Fate è Destiny 2.5. E questo è un problema The Edge of Fate è Destiny 2.5. E questo ...
Ryzen Threadripper 9980X e 9970X alla prova: AMD Zen 5 al massimo livello Ryzen Threadripper 9980X e 9970X alla prova: AMD...
Acer TravelMate P4 14: tanta sostanza per l'utente aziendale Acer TravelMate P4 14: tanta sostanza per l'uten...
Hisense M2 Pro: dove lo metti, sta. Mini proiettore laser 4K per il cinema ovunque Hisense M2 Pro: dove lo metti, sta. Mini proiett...
Apple Watch e Galaxy Watch ai minimi sto...
Il rover NASA Perseverance ha ''raccolto...
NASA e ISRO hanno lanciato il satellite ...
Switch 2 ha venduto 5,82 milioni di cons...
Assassin's Creed Black Flag Remake: le m...
Cosa ci fa una Xiaomi SU7 Ultra alle por...
Promo AliExpress Choice Day: prezzi stra...
Nostalgico, ma moderno: il nuovo THEC64 ...
AVM avvia la distribuzione di FRITZ! OS ...
Super offerte Bose: le QuietComfort a me...
Epic vince (ancora) contro Google: Andro...
Sconti nuovi di zecca su Amazon: 27 arti...
Un'esplorazione del 'lato oscuro' di Fac...
Apple ha venduto 3 miliardi di iPhone da...
Grandi sconti oggi sugli spazzolini elet...
Chromium
GPU-Z
OCCT
LibreOffice Portable
Opera One Portable
Opera One 106
CCleaner Portable
CCleaner Standard
Cpu-Z
Driver NVIDIA GeForce 546.65 WHQL
SmartFTP
Trillian
Google Chrome Portable
Google Chrome 120
VirtualBox
Tutti gli articoli Tutte le news Tutti i download

Strumenti

Regole
Non Puoi aprire nuove discussioni
Non Puoi rispondere ai messaggi
Non Puoi allegare file
Non Puoi modificare i tuoi messaggi
Il codice vB è On
Le Faccine sono On
Il codice [IMG] è On
Il codice HTML è Off
Vai al Forum


Tutti gli orari sono GMT +1. Ora sono le: 06:16.

Contattaci - Hardware Upgrade - Archivio - Note sulla Privacy - Su

Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.
Served by www3v