|
|
|
|
Strumenti |
02-11-2017, 08:40 | #1 |
Senior Member
Iscritto dal: Sep 2008
Messaggi: 1334
|
highjackthis: chi mi aiuta su cosa devo cancellare?
da qualche settimana a questa parte, in maniera random, mi capita che mi si blocchi la tastiera mentre sto scrivendo e devo riavviare il pc. mi esce una voce -trova- ed anche se provo a chiuderla non risolvo niente, anche staccando e rimettendo la tastiera, il problema non si risolve. non ho visitato siti strani, scaricato programmi nuovi, non so piu' dove sbattere la testa. allego qui il log anche perchè non riesco a caricare l'allegato.
Running processes: D:\STEAM DI MERDA\Steam.exe D:\STEAM DI MERDA\bin\cef\cef.win7\steamwebhelper.exe D:\STEAM DI MERDA\bin\cef\cef.win7\steamwebhelper.exe C:\Program Files (x86)\EagleGet\EGMonitor.exe C:\Program Files (x86)\Avira\Antivirus\avgnt.exe C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe C:\Program Files (x86)\IObit\Driver Booster\4.5.0\Scheduler.exe C:\Program Files (x86)\EagleGet\EagleGet.exe D:\MARIJUANAL PROPOSTE NUOVI PEZZI\EP 2017\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.it/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows \SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: bteagleget.com - {1E871FF8-029C-4732-8AA7-39E3D3872057} - C:\Program Files (x86)\EagleGet\eagleSniffer.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C: \PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C: \PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539- 4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [Steam] "D:\STEAM DI MERDA\steam.exe" -silent O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_794A01316FF834CFBC6EA254BFA37FF1] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 O8 - Extra context menu item: Download all links with EagleGet - res://C:\Program Files (x86)\EagleGet\IEGraberBHO.dll/202 O8 - Extra context menu item: Download with EagleGet - res://C:\Program Files (x86)\EagleGet\IEGraberBHO.dll/201 O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C: \PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: I&nvia a OneNote - res://C: \PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C: \Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849- EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: *.line6.net O15 - Trusted Zone: http://help.eset.com (HKLM) O15 - ESC Trusted Zone: http://help.eset.com (HKLM) O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/Driver...aSmartScan.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{55A0C60E-57E7-44EC-8F22-3AC48302900A}: NameServer = 85.37.17.51,8.8.4.4 O17 - HKLM\System\CCS\Services\Tcpip\..\{B561EC35-75E1-4658-B7B2-F68E1B51A93F}: NameServer = 8.8.8.8,8.8.4.4 O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows \System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows \system32\atiesrxx.exe (file missing) O23 - Service: ACP User Service (amdacpusrsvc) - Advanced Micro Devices - C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe O23 - Service: Avira Protezione email (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe O23 - Service: Avira Pianificatore (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\sched.exe O23 - Service: Avira Protezione in tempo reale (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avguard.exe O23 - Service: Avira Protezione web (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe O23 - Service: AvrcpService - Realtek Semiconductor Corporation - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe O23 - Service: BTDevManager - Unknown owner - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe O23 - Service: Com4QLBEx - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe (file missing) O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C: \Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows \System32\lsass.exe (file missing) O23 - Service: egGetSvc - Unknown owner - C:\Program Files (x86)\EagleGet\EGMonitor.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows \system32\fxssvc.exe (file missing) O23 - Service: Foxit Reader Service (FoxitReaderService) - Foxit Software Inc. - C: \PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\FoxitConnectedPDFService.exe O23 - Service: Servizio Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions \HPSupportSolutionsFrameworkService.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe O23 - Service: Intel® ME Service (Intel(R) ME Service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe O23 - Service: Intel(R) Update Manager (iumsvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components \DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components \LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: NeMeSys Service (Nemesys) - Fondazione Ugo Bordoni - C:\Program Files (x86)\Nemesys\dist\Nemesys.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C: \Windows\system32\lsass.exe (file missing) O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows \system32\GameMon.des.exe (file missing) O23 - Service: Overwolf Updater Windows SCM (OverwolfUpdater) - Overwolf LTD - C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C: \Windows\system32\locator.exe (file missing) O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C: \Program Files\Realtek\Audio\HDA\RtkAudioService64.exe O23 - Service: RtkBleServ - Realtek Semiconductor Corporation - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows \system32\lsass.exe (file missing) O23 - Service: Servizio Scout Update (scupdate) (scupdate) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe O23 - Service: Servizio Scout Update (scupdatem) (scupdatem) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C: \Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C: \Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C: \Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: TeamViewer 12 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C: \Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C: \Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows \System32\vds.exe (file missing) O23 - Service: Copia shadow del volume (VSS) - Unknown owner - C:\Windows \system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C: \Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) |
02-11-2017, 12:09 | #2 |
Member
Iscritto dal: Jun 2017
Messaggi: 175
|
Ciao
Te lo fa anche in modalita provvisoria?? Hjackthis è obsoleto..... esegui i software sotto in sequenza come postati ; Malwarebyte antimalware scaricalo da qui https://it.malwarebytes.com/ fai la scansione ed elimina cio che trova e posta il log generato Poi scarica adwcleaner da qui https://www.bleepingcomputer.com/download/adwcleaner/ tasto dx sopra eseguibile avvia come amministratore e fai la scansione elimina quello che trova e posta il log Scarica tdsskiller da qui www.bleepingcomputer.com/download/tdsskiller/ Segui questa guida per il programma http://www.why-tech.it/come-rimuover...-dal-pc-1.htmlPosta il log report Poi scarica Malwarebyte Antirootkit da qui https://it.malwarebytes.com/antirootkit/ Segui la guida fornita nel sito nella stessapagina del download Posta il log generato Infine ,esegui una scansione con roguekiller... Scaricalo da qui... http://www.adlice.com/download/roguekiller/ Segui questa guida per usare il programma http://it.ccm.net/faq/3204-come-usare Cancella solo le voci di colore rosso... Posta il.report Infine scarica frst da qui https://www.bleepingcomputer.com/dow...ery-scan-tool/ scarica la versione adatta al tuo sistema operativo 32 o 64 bit posiziona l eseguibile sul desktop tasto dx sopra eseguibile--apri come amministratore una volta aperto clicca su scan postare log frst.txt e addition.txt Non preoccuparti le scansioni sono quasi tutte relativamente veloci... Ultima modifica di Dan1979 : 02-11-2017 alle 12:37. |
02-11-2017, 15:56 | #3 |
Senior Member
Iscritto dal: Sep 2008
Messaggi: 1334
|
non mi sono state trovate praticamente infezioni , nessun file di colore rosso da eliminare, niente di niente.
|
02-11-2017, 17:25 | #4 |
Member
Iscritto dal: Jun 2017
Messaggi: 175
|
Ti riferisci a rogue killer??
Posta il log.... Posta i log di frst... |
02-11-2017, 22:19 | #5 |
Senior Member
Iscritto dal: Sep 2008
Messaggi: 1334
|
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE (AMD) C:\Windows\System32\atieclxx.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Valve Corporation) D:\STEAM DI MERDA\Steam.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe (Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe (Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\AvrcpService.exe () C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe (Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe (Fondazione Ugo Bordoni) C:\Program Files (x86)\Nemesys\dist\Nemesys.exe (Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\RtkBleServ.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe () C:\Program Files (x86)\EagleGet\EGMonitor.exe (Valve Corporation) D:\STEAM DI MERDA\bin\cef\cef.win7\steamwebhelper.exe (Valve Corporation) D:\STEAM DI MERDA\bin\cef\cef.win7\steamwebhelper.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (EagleGet.com) C:\Program Files (x86)\EagleGet\EagleGet.exe (HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKU\S-1-5-21-3496829260-2876884002-4000285576-1001\...\Run: [Steam] => D:\STEAM DI MERDA\steam.exe [3102496 2017-10-31] (Valve Corporation) HKU\S-1-5-21-3496829260-2876884002-4000285576-1001\...\Run: [GoogleChromeAutoLaunch_794A01316FF834CFBC6EA254BFA37FF1] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1451352 2017-09-21] (Google Inc.) HKU\S-1-5-21-3496829260-2876884002-4000285576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Steam] => D:\STEAM DI MERDA\steam.exe [3102496 2017-10-31] (Valve Corporation) HKU\S-1-5-21-3496829260-2876884002-4000285576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GoogleChromeAutoLaunch_794A01316FF834CFBC6EA254BFA37FF1] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1451352 2017-09-21] (Google Inc.) BootExecute: ampa GroupPolicy: Restriction <==== ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{55A0C60E-57E7-44EC-8F22-3AC48302900A}: [NameServer] 85.37.17.51,8.8.4.4 Tcpip\..\Interfaces\{55A0C60E-57E7-44EC-8F22-3AC48302900A}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{B561EC35-75E1-4658-B7B2-F68E1B51A93F}: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{B561EC35-75E1-4658-B7B2-F68E1B51A93F}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-3496829260-2876884002-4000285576-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-3496829260-2876884002-4000285576-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.it/ HKU\S-1-5-21-3496829260-2876884002-4000285576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-3496829260-2876884002-4000285576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.it/ SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-09-22] (Eyeo GmbH) BHO-x32: EGet Class -> {1E871FF8-029C-4732-8AA7-39E3D3872057} -> C:\Program Files (x86)\EagleGet\eagleSniffer.dll [2017-09-20] (EagleGet.com) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH) DPF: HKLM-x32 {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab FireFox: ======== FF ProfilePath: C:\Users\utente\AppData\Roaming\Mozilla\Firefox\Profiles\MtJsu49B.default [2016-11-24] FF Extension: (Avira Browser Safety) - C:\Users\utente\AppData\Roaming\Mozilla\Firefox\Profiles\MtJsu49B.default\Extensions\abs@avira.com [2016-11-24] FF HKU\S-1-5-21-3496829260-2876884002-4000285576-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi => not found FF HKU\S-1-5-21-3496829260-2876884002-4000285576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi => not found FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [No File] FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [No File] FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [No File] FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [No File] FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-11-10] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-11-10] (Intel Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2012-08-10] (Nero AG) FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npnxgameEU.dll [No File] FF Plugin-x32: @scout.avira-update.com/Avira Scout Update;version=3 -> C:\Program Files (x86)\Avira\Scout Update\1.3.32.7\npScoutUpdate3.dll [2017-04-19] (Avira Operations GmbH & Co. KG) FF Plugin-x32: @scout.avira-update.com/Avira Scout Update;version=9 -> C:\Program Files (x86)\Avira\Scout Update\1.3.32.7\npScoutUpdate3.dll [2017-04-19] (Avira Operations GmbH & Co. KG) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.) FF Plugin HKU\S-1-5-21-3496829260-2876884002-4000285576-1001: @my.com/Games -> C:\Users\utente\AppData\Local\MyComGames\NPMyComDetector.dll [2016-11-03] (MY.COM B.V.) FF Plugin HKU\S-1-5-21-3496829260-2876884002-4000285576-1001: eagleget.com/EagleGet32 -> C:\Program Files (x86)\EagleGet\npEagleget.dll [2016-08-01] (EagleGet) FF Plugin HKU\S-1-5-21-3496829260-2876884002-4000285576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @my.com/Games -> C:\Users\utente\AppData\Local\MyComGames\NPMyComDetector.dll [2016-11-03] (MY.COM B.V.) FF Plugin HKU\S-1-5-21-3496829260-2876884002-4000285576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: eagleget.com/EagleGet32 -> C:\Program Files (x86)\EagleGet\npEagleget.dll [2016-08-01] (EagleGet) Chrome: ======= CHR HomePage: Default -> hxxp://www.libero.it/ CHR Session Restore: Default -> is enabled. CHR Profile: C:\Users\utente\AppData\Local\Google\Chrome\User Data\Default [2017-11-02] CHR Extension: (Presentazioni) - C:\Users\utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12] CHR Extension: (Documenti) - C:\Users\utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12] CHR Extension: (Google Drive) - C:\Users\utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-10] CHR Extension: (Pop up blocker for Chrome™ - Poper Blocker) - C:\Users\utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2017-09-10] CHR Extension: (YouTube) - C:\Users\utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-10] CHR Extension: (uBlock Origin) - C:\Users\utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2017-10-16] CHR Extension: (Google Search) - C:\Users\utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-10] CHR Extension: (Tampermonkey) - C:\Users\utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2017-09-19] CHR Extension: (Fogli) - C:\Users\utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12] CHR Extension: (Sicurezza browser Avira) - C:\Users\utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-06-07] CHR Extension: (Google Documenti offline) - C:\Users\utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15] CHR Extension: (EagleGet Free Downloader) - C:\Users\utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\kaebhgioafceeldhgjmendlfhbfjefmo [2017-10-17] CHR Extension: (Skype) - C:\Users\utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-07-30] CHR Extension: (Pagamenti Chrome Web Store) - C:\Users\utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22] CHR Extension: (Google Publisher Toolbar) - C:\Users\utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\omioeahgfecgfpfldejlnideemfidnkc [2017-03-01] CHR Extension: (ForumFree) - C:\Users\utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\onpaokmjncandjkacmikamfgfpfkgfdb [2016-02-08] CHR Extension: (Gmail) - C:\Users\utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-10] CHR Extension: (Chrome Media Router) - C:\Users\utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-27] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [hdkdmoacnkphoadmfidlhfdobieblphn] - C:\Program Files (x86)\EagleGet\addon\eagleget_newtab.crx [2017-05-05] CHR HKLM\...\Chrome\Extension: [kaebhgioafceeldhgjmendlfhbfjefmo] - C:\Program Files (x86)\EagleGet\addon\eagleget_cext@eagleget.com.crx [2016-07-15] CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found> CHR HKU\S-1-5-21-3496829260-2876884002-4000285576-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [hdkdmoacnkphoadmfidlhfdobieblphn] - C:\Program Files (x86)\EagleGet\addon\eagleget_newtab.crx [2017-05-05] CHR HKU\S-1-5-21-3496829260-2876884002-4000285576-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kaebhgioafceeldhgjmendlfhbfjefmo] - C:\Program Files (x86)\EagleGet\addon\eagleget_cext@eagleget.com.crx [2016-07-15] CHR HKU\S-1-5-21-3496829260-2876884002-4000285576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [hdkdmoacnkphoadmfidlhfdobieblphn] - C:\Program Files (x86)\EagleGet\addon\eagleget_newtab.crx [2017-05-05] CHR HKU\S-1-5-21-3496829260-2876884002-4000285576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kaebhgioafceeldhgjmendlfhbfjefmo] - C:\Program Files (x86)\EagleGet\addon\eagleget_cext@eagleget.com.crx [2016-07-15] CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [hdkdmoacnkphoadmfidlhfdobieblphn] - C:\Program Files (x86)\EagleGet\addon\eagleget_newtab.crx [2017-05-05] CHR HKLM-x32\...\Chrome\Extension: [kaebhgioafceeldhgjmendlfhbfjefmo] - C:\Program Files (x86)\EagleGet\addon\eagleget_cext@eagleget.com.crx [2016-07-15] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2017-04-24] (Advanced Micro Devices) [File not signed] S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1128432 2017-10-12] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [490968 2017-10-12] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [490968 2017-10-12] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1525240 2017-10-12] (Avira Operations GmbH & Co. KG) R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [407408 2017-10-26] (Avira Operations GmbH & Co. KG) R2 AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [35328 2013-05-07] (Realtek Semiconductor Corporation) [File not signed] R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [79872 2014-01-06] () [File not signed] S2 egGetSvc; C:\Program Files (x86)\EagleGet\EGMonitor.exe [247992 2017-09-20] () R2 FoxitReaderService; C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\FoxitConnectedPDFService.exe [1659592 2017-04-13] (Foxit Software Inc.) R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [323952 2017-09-27] (HP Inc.) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [345864 2015-03-19] (Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [132896 2014-11-10] (Intel Corporation) S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2014-11-10] (Intel Corporation) S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes) R2 Nemesys; C:\Program Files (x86)\Nemesys\dist\Nemesys.exe [90112 2016-11-22] (Fondazione Ugo Bordoni) [File not signed] S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3519984 2016-01-27] (INCA Internet Co., Ltd.) S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1451336 2017-10-23] (Overwolf LTD) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [320512 2017-01-11] (Realtek Semiconductor) R2 RtkBleServ; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe [42496 2013-04-25] (Realtek Semiconductor Corporation) [File not signed] S2 scupdate; C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe [157144 2016-11-24] (Avira Operations GmbH & Co. KG) S3 scupdatem; C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe [157144 2016-11-24] (Avira Operations GmbH & Co. KG) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803440 2017-08-29] (TeamViewer GmbH) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) S3 Com4QLBEx; "C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe" [X] ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [305544 2017-08-03] (Advanced Micro Devices) S3 asmthub3; C:\Windows\System32\DRIVERS\asmthub3.sys [126952 2011-02-24] (ASMedia Technology Inc) [File not signed] S3 asmtxhci; C:\Windows\System32\DRIVERS\asmtxhci.sys [389608 2011-02-24] (ASMedia Technology Inc) [File not signed] S3 ASUSU1; C:\Windows\System32\drivers\cm11264.sys [1308160 2011-08-23] (C-Media Electronics Inc) R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [64504 2017-06-20] (Avira Operations GmbH & Co. KG) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [194272 2017-10-12] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [151128 2017-09-14] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [35328 2017-03-28] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [78600 2017-03-28] (Avira Operations GmbH & Co. KG) R0 avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [34128 2017-06-20] (Avira Operations GmbH & Co. KG) R3 eagleGet; C:\Windows\System32\Drivers\eagleGet.sys [77424 2016-10-06] (eagleGet) R3 ETDSMBus; C:\Windows\System32\DRIVERS\ETDSMBus.sys [32840 2017-06-22] (ELAN Microelectronic Corp.) R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-09-06] (REALiX(tm)) R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [31712 2016-06-19] (Intel Corporation) R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2013-07-18] (Qualcomm Atheros Co., Ltd.) S3 L6TPortA; C:\Windows\System32\Drivers\L6TPortA64.sys [777728 2015-08-21] (Line 6) [File not signed] R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [200272 2017-08-03] (Intel Corporation) S3 MODEMCSA; C:\Windows\System32\drivers\MODEMCSA.sys [24064 2009-07-14] (Microsoft Corporation) R1 npcap; C:\Windows\System32\DRIVERS\npcap.sys [72400 2017-07-27] (Insecure.Com LLC.) S3 RDID1117; C:\Windows\System32\Drivers\rdwm1117.sys [304512 2013-10-03] (Roland Corporation) R3 RtkBtFilter; C:\Windows\System32\DRIVERS\RtkBtfilter.sys [718080 2017-01-11] (Realtek Semiconductor Corporation) R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [6687184 2017-07-09] (Realtek Semiconductor Corporation ) R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [44144 2016-09-17] (Razer, Inc.) R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [137840 2016-10-08] (Razer, Inc.) S3 RZSURROUNDVADService; C:\Windows\System32\drivers\RzSurroundVAD.sys [49176 2016-10-16] (Windows (R) Win 7 DDK provider) S3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33008 2014-09-17] (Synaptics Incorporated) S3 BtAudioBusSrv; System32\Drivers\BtAudioBus.sys [X] S3 BthL2caScoIfSrv; System32\Drivers\BtL2caScoIf.sys [X] S3 btUrbFilterDrv; System32\Drivers\IvtUrbBtFlt.sys [X] S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 e1cexpress; system32\DRIVERS\e1c62x64.sys [X] S3 netr28x; system32\DRIVERS\netr28x.sys [X] U4 npcap_wifi; no ImagePath S4 NVHDA; system32\drivers\nvhda64v.sys [X] S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [X] S3 RSP2STOR; system32\DRIVERS\RtsP2Stor.sys [X] S3 rtbth; system32\DRIVERS\rtbth.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Three Months Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-11-02 16:53 - 2017-11-02 16:53 - 000026793 _____ C:\Users\utente\Desktop\FRST.txt 2017-11-02 16:53 - 2017-11-02 16:53 - 000000000 ____D C:\FRST 2017-11-02 16:50 - 2017-11-02 16:50 - 002403328 _____ (Farbar) C:\Users\utente\Desktop\FRST64.exe 2017-11-02 16:25 - 2017-11-02 16:33 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2017-11-02 16:25 - 2017-11-02 16:25 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\41378434.sys 2017-11-02 16:25 - 2017-11-02 16:25 - 000192952 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2017-11-02 16:24 - 2017-11-02 16:33 - 000000000 ____D C:\Users\utente\Desktop\mbar 2017-11-02 16:23 - 2017-11-02 16:23 - 000226080 _____ C:\TDSSKiller.3.1.0.15_02.11.2017_16.23.31_log.txt 2017-11-02 16:12 - 2017-11-02 16:25 - 000000000 ____D C:\ProgramData\Malwarebytes 2017-11-02 16:12 - 2017-11-02 16:12 - 000001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2017-11-02 16:12 - 2017-11-02 16:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2017-11-02 16:12 - 2017-11-02 16:12 - 000000000 ____D C:\Program Files\Malwarebytes 2017-11-02 16:12 - 2017-10-04 13:15 - 000077440 _____ C:\Windows\system32\Drivers\mbae64.sys 2017-10-30 08:05 - 2017-10-30 08:05 - 000000711 _____ C:\Users\utente\Desktop\TCC-0.8.30 - collegamento.lnk 2017-10-27 20:06 - 2017-10-27 20:06 - 000001116 _____ C:\Users\Public\Desktop\Avira.lnk 2017-10-26 10:14 - 2017-10-26 10:14 - 000000000 ____D C:\Users\utente\Documents\Audacity 2017-10-12 12:51 - 2017-11-02 16:19 - 000003292 _____ C:\Windows\System32\Tasks\Avira_Antivirus_Systray 2017-10-11 10:52 - 2017-10-11 10:52 - 126925120 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe 2017-10-11 08:08 - 2017-09-13 16:33 - 000631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2017-10-11 08:08 - 2017-09-13 16:32 - 005547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2017-10-11 08:08 - 2017-09-13 16:32 - 000706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2017-10-11 08:08 - 2017-09-13 16:32 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2017-10-11 08:08 - 2017-09-13 16:32 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2017-10-11 08:08 - 2017-09-13 16:31 - 001732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2017-10-11 08:08 - 2017-09-13 16:28 - 001212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2017-10-11 08:08 - 2017-09-13 16:28 - 001068544 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll 2017-10-11 08:08 - 2017-09-13 16:28 - 000886272 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll 2017-10-11 08:08 - 2017-09-13 16:28 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2017-10-11 08:08 - 2017-09-13 16:28 - 000448512 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll 2017-10-11 08:08 - 2017-09-13 16:28 - 000414208 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll 2017-10-11 08:08 - 2017-09-13 16:28 - 000362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2017-10-11 08:08 - 2017-09-13 16:28 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2017-10-11 08:08 - 2017-09-13 16:28 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2017-10-11 08:08 - 2017-09-13 16:28 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2017-10-11 08:08 - 2017-09-13 16:28 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2017-10-11 08:08 - 2017-09-13 16:28 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2017-10-11 08:08 - 2017-09-13 16:28 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2017-10-11 08:08 - 2017-09-13 16:28 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll 2017-10-11 08:08 - 2017-09-13 16:28 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2017-10-11 08:08 - 2017-09-13 16:28 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2017-10-11 08:08 - 2017-09-13 16:28 - 000118784 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll 2017-10-11 08:08 - 2017-09-13 16:28 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll 2017-10-11 08:08 - 2017-09-13 16:28 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2017-10-11 08:08 - 2017-09-13 16:28 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2017-10-11 08:08 - 2017-09-13 16:28 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2017-10-11 08:08 - 2017-09-13 16:28 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2017-10-11 08:08 - 2017-09-13 16:28 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2017-10-11 08:08 - 2017-09-13 16:28 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2017-10-11 08:08 - 2017-09-13 16:28 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2017-10-11 08:08 - 2017-09-13 16:28 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2017-10-11 08:08 - 2017-09-13 16:27 - 001460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2017-10-11 08:08 - 2017-09-13 16:27 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2017-10-11 08:08 - 2017-09-13 16:27 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2017-10-11 08:08 - 2017-09-13 16:27 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2017-10-11 08:08 - 2017-09-13 16:27 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2017-10-11 08:08 - 2017-09-13 16:27 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2017-10-11 08:08 - 2017-09-13 16:27 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2017-10-11 08:08 - 2017-09-13 16:27 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll 2017-10-11 08:08 - 2017-09-13 16:27 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2017-10-11 08:08 - 2017-09-13 16:27 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2017-10-11 08:08 - 2017-09-13 16:27 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2017-10-11 08:08 - 2017-09-13 16:27 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2017-10-11 08:08 - 2017-09-13 16:27 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2017-10-11 08:08 - 2017-09-13 16:27 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2017-10-11 08:08 - 2017-09-13 16:27 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2017-10-11 08:08 - 2017-09-13 16:27 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2017-10-11 08:08 - 2017-09-13 16:27 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2017-10-11 08:08 - 2017-09-13 16:27 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2017-10-11 08:08 - 2017-09-13 16:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2017-10-11 08:08 - 2017-09-13 16:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2017-10-11 08:08 - 2017-09-13 16:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2017-10-11 08:08 - 2017-09-13 16:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2017-10-11 08:08 - 2017-09-13 16:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2017-10-11 08:08 - 2017-09-13 16:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2017-10-11 08:08 - 2017-09-13 16:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2017-10-11 08:08 - 2017-09-13 16:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2017-10-11 08:08 - 2017-09-13 16:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2017-10-11 08:08 - 2017-09-13 16:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2017-10-11 08:08 - 2017-09-13 16:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2017-10-11 08:08 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2017-10-11 08:08 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2017-10-11 08:08 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2017-10-11 08:08 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2017-10-11 08:08 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2017-10-11 08:08 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2017-10-11 08:08 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2017-10-11 08:08 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2017-10-11 08:08 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2017-10-11 08:08 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2017-10-11 08:08 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2017-10-11 08:08 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2017-10-11 08:08 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2017-10-11 08:08 - 2017-09-13 16:13 - 004001512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2017-10-11 08:08 - 2017-09-13 16:13 - 003945704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2017-10-11 08:08 - 2017-09-13 16:10 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2017-10-11 08:08 - 2017-09-13 16:09 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2017-10-11 08:08 - 2017-09-13 16:09 - 000830464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll 2017-10-11 08:08 - 2017-09-13 16:09 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2017-10-11 08:08 - 2017-09-13 16:09 - 000428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll 2017-10-11 08:08 - 2017-09-13 16:09 - 000392704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlansec.dll 2017-10-11 08:08 - 2017-09-13 16:09 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2017-10-11 08:08 - 2017-09-13 16:09 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2017-10-11 08:08 - 2017-09-13 16:09 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2017-10-11 08:08 - 2017-09-13 16:09 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2017-10-11 08:08 - 2017-09-13 16:09 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2017-10-11 08:08 - 2017-09-13 16:09 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2017-10-11 08:08 - 2017-09-13 16:09 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll 2017-10-11 08:08 - 2017-09-13 16:09 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2017-10-11 08:08 - 2017-09-13 16:09 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll 2017-10-11 08:08 - 2017-09-13 16:09 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll 2017-10-11 08:08 - 2017-09-13 16:09 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll 2017-10-11 08:08 - 2017-09-13 16:09 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2017-10-11 08:08 - 2017-09-13 16:09 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2017-10-11 08:08 - 2017-09-13 16:09 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2017-10-11 08:08 - 2017-09-13 16:09 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2017-10-11 08:08 - 2017-09-13 16:09 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2017-10-11 08:08 - 2017-09-13 16:08 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2017-10-11 08:08 - 2017-09-13 16:08 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2017-10-11 08:08 - 2017-09-13 16:08 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2017-10-11 08:08 - 2017-09-13 16:08 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2017-10-11 08:08 - 2017-09-13 16:08 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll 2017-10-11 08:08 - 2017-09-13 16:08 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2017-10-11 08:08 - 2017-09-13 16:08 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2017-10-11 08:08 - 2017-09-13 16:08 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2017-10-11 08:08 - 2017-09-13 16:08 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2017-10-11 08:08 - 2017-09-13 16:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2017-10-11 08:08 - 2017-09-13 16:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2017-10-11 08:08 - 2017-09-13 16:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2017-10-11 08:08 - 2017-09-13 16:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2017-10-11 08:08 - 2017-09-13 16:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2017-10-11 08:08 - 2017-09-13 16:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2017-10-11 08:08 - 2017-09-13 16:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2017-10-11 08:08 - 2017-09-13 16:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2017-10-11 08:08 - 2017-09-13 16:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2017-10-11 08:08 - 2017-09-13 16:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2017-10-11 08:08 - 2017-09-13 16:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2017-10-11 08:08 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2017-10-11 08:08 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2017-10-11 08:08 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2017-10-11 08:08 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2017-10-11 08:08 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2017-10-11 08:08 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2017-10-11 08:08 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2017-10-11 08:08 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2017-10-11 08:08 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2017-10-11 08:08 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2017-10-11 08:08 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2017-10-11 08:08 - 2017-09-13 16:05 - 000324608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys 2017-10-11 08:08 - 2017-09-13 16:00 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2017-10-11 08:08 - 2017-09-13 16:00 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2017-10-11 08:08 - 2017-09-13 16:00 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2017-10-11 08:08 - 2017-09-13 16:00 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2017-10-11 08:08 - 2017-09-13 15:57 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2017-10-11 08:08 - 2017-09-13 15:56 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2017-10-11 08:08 - 2017-09-13 15:53 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2017-10-11 08:08 - 2017-09-13 15:53 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2017-10-11 08:08 - 2017-09-13 15:53 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2017-10-11 08:08 - 2017-09-13 15:52 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2017-10-11 08:08 - 2017-09-13 15:52 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2017-10-11 08:08 - 2017-09-13 15:50 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2017-10-11 08:08 - 2017-09-13 15:47 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2017-10-11 08:08 - 2017-09-13 15:46 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2017-10-11 08:08 - 2017-09-13 15:46 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2017-10-11 08:08 - 2017-09-13 15:46 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2017-10-11 08:08 - 2017-09-13 15:46 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2017-10-11 08:08 - 2017-09-13 15:46 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2017-10-11 08:08 - 2017-09-13 15:46 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2017-10-11 08:08 - 2017-09-13 15:46 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2017-10-11 08:08 - 2017-09-13 15:46 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2017-10-11 08:08 - 2017-09-09 01:45 - 000395984 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2017-10-11 08:08 - 2017-09-09 00:47 - 000347344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2017-10-11 08:08 - 2017-09-08 16:34 - 001680616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2017-10-11 08:08 - 2017-09-08 16:30 - 002319872 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll 2017-10-11 08:08 - 2017-09-08 16:30 - 002222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll 2017-10-11 08:08 - 2017-09-08 16:30 - 002058240 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll 2017-10-11 08:08 - 2017-09-08 16:30 - 000778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll 2017-10-11 08:08 - 2017-09-08 16:30 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll 2017-10-11 08:08 - 2017-09-08 16:30 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2017-10-11 08:08 - 2017-09-08 16:30 - 000288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll 2017-10-11 08:08 - 2017-09-08 16:30 - 000149504 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll 2017-10-11 08:08 - 2017-09-08 16:30 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll 2017-10-11 08:08 - 2017-09-08 16:30 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll 2017-10-11 08:08 - 2017-09-08 16:30 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll 2017-10-11 08:08 - 2017-09-08 16:30 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll 2017-10-11 08:08 - 2017-09-08 16:14 - 000591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe 2017-10-11 08:08 - 2017-09-08 16:13 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe 2017-10-11 08:08 - 2017-09-08 16:13 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe 2017-10-11 08:08 - 2017-09-08 16:10 - 001549824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll 2017-10-11 08:08 - 2017-09-08 16:10 - 001363968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Query.dll 2017-10-11 08:08 - 2017-09-08 16:10 - 000312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2017-10-11 08:08 - 2017-09-08 16:10 - 000109568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll 2017-10-11 08:08 - 2017-09-08 16:09 - 001400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll 2017-10-11 08:08 - 2017-09-08 16:09 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll 2017-10-11 08:08 - 2017-09-08 16:09 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll 2017-10-11 08:08 - 2017-09-08 16:09 - 000197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll 2017-10-11 08:08 - 2017-09-08 16:09 - 000104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll 2017-10-11 08:08 - 2017-09-08 16:09 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll 2017-10-11 08:08 - 2017-09-08 16:09 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll 2017-10-11 08:08 - 2017-09-08 16:00 - 003222016 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2017-10-11 08:08 - 2017-09-08 16:00 - 000427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe 2017-10-11 08:08 - 2017-09-08 16:00 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe 2017-10-11 08:08 - 2017-09-08 15:59 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe 2017-10-11 08:08 - 2017-09-08 15:59 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll 2017-10-11 08:08 - 2017-09-08 15:20 - 000640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswstr10.dll 2017-10-11 08:08 - 2017-09-08 15:20 - 000345088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll 2017-10-11 08:08 - 2017-09-08 15:20 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjint40.dll 2017-10-11 08:08 - 2017-09-07 22:38 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2017-10-11 08:08 - 2017-09-07 22:37 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2017-10-11 08:08 - 2017-09-07 22:19 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2017-10-11 08:08 - 2017-09-07 22:18 - 000417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2017-10-11 08:08 - 2017-09-07 22:18 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2017-10-11 08:08 - 2017-09-07 22:17 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2017-10-11 08:08 - 2017-09-07 22:17 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2017-10-11 08:08 - 2017-09-07 22:15 - 002902528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2017-10-11 08:08 - 2017-09-07 22:08 - 025729536 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2017-10-11 08:08 - 2017-09-07 22:08 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2017-10-11 08:08 - 2017-09-07 22:07 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2017-10-11 08:08 - 2017-09-07 22:02 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2017-10-11 08:08 - 2017-09-07 22:01 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2017-10-11 08:08 - 2017-09-07 22:01 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2017-10-11 08:08 - 2017-09-07 22:01 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2017-10-11 08:08 - 2017-09-07 22:00 - 000817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2017-10-11 08:08 - 2017-09-07 21:52 - 000968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2017-10-11 08:08 - 2017-09-07 21:48 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2017-10-11 08:08 - 2017-09-07 21:40 - 005982208 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2017-10-11 08:08 - 2017-09-07 21:39 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2017-10-11 08:08 - 2017-09-07 21:38 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2017-10-11 08:08 - 2017-09-07 21:37 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2017-10-11 08:08 - 2017-09-07 21:33 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2017-10-11 08:08 - 2017-09-07 21:32 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2017-10-11 08:08 - 2017-09-07 21:29 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2017-10-11 08:08 - 2017-09-07 21:27 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2017-10-11 08:08 - 2017-09-07 21:13 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2017-10-11 08:08 - 2017-09-07 21:10 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2017-10-11 08:08 - 2017-09-07 21:10 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2017-10-11 08:08 - 2017-09-07 21:08 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2017-10-11 08:08 - 2017-09-07 21:08 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2017-10-11 08:08 - 2017-09-07 20:44 - 015262720 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2017-10-11 08:08 - 2017-09-07 20:40 - 003240960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2017-10-11 08:08 - 2017-09-07 20:27 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2017-10-11 08:08 - 2017-09-07 20:27 - 001548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2017-10-11 08:08 - 2017-09-07 20:17 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2017-10-11 08:08 - 2017-09-07 20:11 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2017-10-11 08:08 - 2017-09-07 20:10 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2017-10-11 08:08 - 2017-09-07 20:10 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2017-10-11 08:08 - 2017-09-07 20:10 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2017-10-11 08:08 - 2017-09-07 20:09 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2017-10-11 08:08 - 2017-09-07 20:04 - 020267008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2017-10-11 08:08 - 2017-09-07 20:03 - 002292736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2017-10-11 08:08 - 2017-09-07 20:03 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2017-10-11 08:08 - 2017-09-07 20:02 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2017-10-11 08:08 - 2017-09-07 19:59 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2017-10-11 08:08 - 2017-09-07 19:58 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2017-10-11 08:08 - 2017-09-07 19:58 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2017-10-11 08:08 - 2017-09-07 19:58 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2017-10-11 08:08 - 2017-09-07 19:49 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2017-10-11 08:08 - 2017-09-07 19:44 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2017-10-11 08:08 - 2017-09-07 19:44 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2017-10-11 08:08 - 2017-09-07 19:43 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2017-10-11 08:08 - 2017-09-07 19:40 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2017-10-11 08:08 - 2017-09-07 19:39 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2017-10-11 08:08 - 2017-09-07 19:37 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2017-10-11 08:08 - 2017-09-07 19:36 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2017-10-11 08:08 - 2017-09-07 19:29 - 004547072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2017-10-11 08:08 - 2017-09-07 19:29 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2017-10-11 08:08 - 2017-09-07 19:26 - 000694784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2017-10-11 08:08 - 2017-09-07 19:25 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2017-10-11 08:08 - 2017-09-07 19:25 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2017-10-11 08:08 - 2017-09-07 19:17 - 013677568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2017-10-11 08:08 - 2017-09-07 19:01 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2017-10-11 08:08 - 2017-09-07 18:57 - 001316864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2017-10-11 08:08 - 2017-09-07 18:57 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2017-10-11 08:08 - 2017-09-07 16:31 - 002851328 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll 2017-10-11 08:08 - 2017-09-07 16:12 - 002755072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll 2017-10-11 08:08 - 2017-09-07 15:55 - 000461312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys 2017-10-11 08:08 - 2017-09-07 15:55 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys 2017-10-11 08:08 - 2017-09-07 15:55 - 000168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys 2017-10-11 08:08 - 2017-08-19 16:28 - 004121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2017-10-11 08:08 - 2017-08-19 16:28 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2017-10-11 08:08 - 2017-08-19 16:28 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll 2017-10-11 08:08 - 2017-08-19 16:10 - 003209216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll 2017-10-11 08:08 - 2017-08-19 16:10 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll 2017-10-11 08:08 - 2017-08-19 16:10 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll 2017-10-11 08:08 - 2017-08-19 16:08 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe 2017-10-11 08:08 - 2017-08-19 16:08 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe 2017-10-11 08:08 - 2017-08-19 15:57 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe 2017-10-11 08:08 - 2017-08-19 15:57 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe 2017-10-11 08:08 - 2017-08-14 18:35 - 001032192 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll 2017-10-11 08:08 - 2017-08-14 18:35 - 000827904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll 2017-10-11 08:08 - 2017-08-14 18:35 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll 2017-10-11 08:08 - 2017-08-13 22:45 - 000040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys 2017-10-08 09:58 - 2017-10-08 17:31 - 000000342 _____ C:\Users\utente\Desktop\last ride voce.txt 2017-09-19 14:52 - 2017-09-19 14:52 - 000000000 ____D C:\Users\utente\Documents\League of Legends 2017-09-19 14:40 - 2017-09-19 14:40 - 000000000 ____D C:\ProgramData\Riot Games 2017-09-19 14:39 - 2017-09-19 14:52 - 000000329 _____ C:\Users\Public\Desktop\League of Legends.lnk 2017-09-19 14:39 - 2017-09-19 14:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends 2017-09-19 14:39 - 2008-07-12 07:18 - 003851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll 2017-09-19 14:39 - 2008-07-12 07:18 - 001493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll 2017-09-19 14:39 - 2008-07-12 07:18 - 000467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll 2017-09-19 14:38 - 2017-09-19 14:39 - 000000000 ____D C:\Users\utente\AppData\Roaming\Riot Games 2017-09-16 19:11 - 2017-09-16 19:11 - 000000958 _____ C:\Users\utente\Desktop\ShinraMeterV2.12 - collegamento.lnk 2017-09-13 07:51 - 2017-08-19 16:28 - 000197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll 2017-09-13 07:51 - 2017-08-19 16:10 - 000180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll 2017-09-13 07:51 - 2017-08-16 16:29 - 000806912 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll 2017-09-13 07:51 - 2017-08-16 16:10 - 000629760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll 2017-09-13 07:51 - 2017-08-15 16:29 - 014182400 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2017-09-13 07:51 - 2017-08-15 16:29 - 001867264 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll 2017-09-13 07:51 - 2017-08-15 16:10 - 012880896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2017-09-13 07:51 - 2017-08-15 16:10 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll 2017-09-13 07:51 - 2017-08-14 18:35 - 003203584 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll 2017-09-13 07:51 - 2017-08-14 18:35 - 002150912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcndmgr.dll 2017-09-13 07:51 - 2017-08-14 18:35 - 000355328 _____ (Microsoft Corporation) C:\Windows\system32\mmcbase.dll 2017-09-13 07:51 - 2017-08-14 18:35 - 000303104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcbase.dll 2017-09-13 07:51 - 2017-08-14 18:35 - 000172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cic.dll 2017-09-13 07:51 - 2017-08-14 18:35 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\mmcshext.dll 2017-09-13 07:51 - 2017-08-14 18:35 - 000128512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcshext.dll 2017-09-13 07:51 - 2017-08-14 18:34 - 000211968 _____ (Microsoft Corporation) C:\Windows\system32\cic.dll 2017-09-13 07:51 - 2017-08-13 22:37 - 002144256 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe 2017-09-13 07:51 - 2017-08-13 22:30 - 001401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmc.exe 2017-09-13 07:51 - 2017-08-11 07:35 - 002065408 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2017-09-13 07:51 - 2017-08-11 07:35 - 000757248 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll 2017-09-13 07:51 - 2017-08-11 07:35 - 000512000 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll 2017-09-13 07:51 - 2017-08-11 07:35 - 000346112 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll 2017-09-13 07:51 - 2017-08-11 07:35 - 000313856 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll 2017-09-13 07:51 - 2017-08-11 07:35 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll 2017-09-13 07:51 - 2017-08-11 07:35 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\nsisvc.dll 2017-09-13 07:51 - 2017-08-11 07:35 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\winnsi.dll 2017-09-13 07:51 - 2017-08-11 07:35 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\nsi.dll 2017-09-13 07:51 - 2017-08-11 07:34 - 000971776 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2017-09-13 07:51 - 2017-08-11 07:34 - 000166400 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll 2017-09-13 07:51 - 2017-08-11 07:34 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll 2017-09-13 07:51 - 2017-08-11 07:34 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll 2017-09-13 07:51 - 2017-08-11 07:20 - 000071680 _____ C:\Windows\system32\PrintBrmUi.exe 2017-09-13 07:51 - 2017-08-11 07:20 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe 2017-09-13 07:51 - 2017-08-11 07:20 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe 2017-09-13 07:51 - 2017-08-11 07:19 - 001417728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll 2017-09-13 07:51 - 2017-08-11 07:19 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll 2017-09-13 07:51 - 2017-08-11 07:19 - 000299008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll 2017-09-13 07:51 - 2017-08-11 07:19 - 000271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll 2017-09-13 07:51 - 2017-08-11 07:19 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll 2017-09-13 07:51 - 2017-08-11 07:19 - 000016384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winnsi.dll 2017-09-13 07:51 - 2017-08-11 07:19 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nsi.dll 2017-09-13 07:51 - 2017-08-11 07:12 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe 2017-09-13 07:51 - 2017-08-11 07:09 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe 2017-09-13 07:51 - 2017-08-11 07:03 - 000026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe 2017-09-13 07:51 - 2017-08-11 07:01 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll 2017-09-13 07:51 - 2017-08-11 07:00 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys 2017-09-13 07:51 - 2017-08-11 06:58 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys 2017-09-13 07:51 - 2017-07-07 16:29 - 001143296 _____ (Microsoft Corporation) C:\Windows\system32\DXPTaskRingtone.dll 2017-09-13 07:51 - 2017-07-07 16:10 - 000973312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DXPTaskRingtone.dll 2017-09-12 19:41 - 2017-10-27 20:06 - 000003122 _____ C:\Windows\System32\Tasks\Avira SystrayStartTrigger 2017-09-07 09:52 - 2017-09-07 09:52 - 000114732 _____ C:\Users\utente\Downloads\EDDI DRAGO CV.pdf 2017-09-01 12:38 - 2017-09-01 12:51 - 000000000 ____D C:\Windows\SysWOW64\directx 2017-09-01 12:37 - 2017-09-01 13:16 - 000000000 ____D C:\Users\utente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner 2017-08-29 01:22 - 2017-08-29 01:23 - 000000530 _____ C:\Users\utente\Desktop\ANNUNCIO BATTERISTA FIVERR.txt 2017-08-27 12:01 - 2017-08-27 12:01 - 000001034 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk 2017-08-27 12:01 - 2017-08-27 12:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2017-08-27 12:01 - 2017-08-27 12:01 - 000000000 ____D C:\Program Files\VS Revo Group 2017-08-26 12:35 - 2017-08-26 12:35 - 000000000 ____D C:\Windows\SysWOW64\Npcap 2017-08-26 12:35 - 2017-08-26 12:35 - 000000000 ____D C:\Windows\system32\Npcap 2017-08-26 12:35 - 2017-08-26 12:35 - 000000000 ____D C:\Program Files\Npcap 2017-08-22 20:01 - 2017-08-22 20:01 - 000001391 _____ C:\Users\utente\Desktop\WinMTR - collegamento.lnk 2017-08-17 21:08 - 2017-08-17 21:09 - 000001366 _____ C:\Users\utente\Desktop\MM MECCANICHE.txt 2017-08-17 09:09 - 2017-08-17 09:09 - 000039976 _____ C:\ComboFix.txt 2017-08-17 09:02 - 2017-08-17 09:09 - 000000000 ____D C:\ComboFix 2017-08-17 08:16 - 2017-11-02 16:35 - 000028272 _____ C:\Windows\system32\Drivers\TrueSight.sys 2017-08-17 01:54 - 2017-08-17 01:55 - 000001049 _____ C:\Users\utente\Desktop\ISTRUZIONI RIMUOVERE MERDA DAL PC.txt 2017-08-17 01:52 - 2017-11-02 16:19 - 000000000 ____D C:\AdwCleaner 2017-08-17 01:51 - 2017-08-17 09:09 - 000000000 ____D C:\Qoobox 2017-08-17 01:51 - 2017-08-17 09:08 - 000000000 ____D C:\Windows\erdnt 2017-08-17 01:51 - 2011-06-26 07:45 - 000256000 _____ C:\Windows\PEV.exe 2017-08-17 01:51 - 2010-11-07 18:20 - 000208896 _____ C:\Windows\MBR.exe 2017-08-17 01:51 - 2009-04-20 05:56 - 000060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2017-08-17 01:51 - 2000-08-31 01:00 - 000518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2017-08-17 01:51 - 2000-08-31 01:00 - 000406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2017-08-17 01:51 - 2000-08-31 01:00 - 000098816 _____ C:\Windows\sed.exe 2017-08-17 01:51 - 2000-08-31 01:00 - 000080412 _____ C:\Windows\grep.exe 2017-08-17 01:51 - 2000-08-31 01:00 - 000068096 _____ C:\Windows\zip.exe 2017-08-17 01:49 - 2017-08-17 01:51 - 000000000 ____D C:\ProgramData\RogueKiller 2017-08-17 01:49 - 2017-08-17 01:49 - 000000858 _____ C:\Users\Public\Desktop\RogueKiller.lnk 2017-08-17 01:49 - 2017-08-17 01:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller 2017-08-17 01:48 - 2017-08-17 01:49 - 000000000 ____D C:\Program Files\RogueKiller 2017-08-09 10:28 - 2017-08-09 10:28 - 000000000 ____D C:\Users\utente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc 2017-08-09 08:44 - 2017-07-29 15:56 - 000117248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys 2017-08-09 08:44 - 2017-07-21 15:26 - 000518144 _____ C:\Windows\SysWOW64\msjetoledb40.dll 2017-08-09 08:44 - 2017-07-21 15:26 - 000409600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexch40.dll 2017-08-09 08:44 - 2017-07-21 15:26 - 000290816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjtes40.dll 2017-08-09 08:44 - 2017-07-21 15:26 - 000282624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstext40.dll 2017-08-09 08:44 - 2017-07-14 16:29 - 000486400 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2017-08-09 08:44 - 2017-07-14 16:29 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll 2017-08-09 08:44 - 2017-07-14 16:10 - 000382976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll 2017-08-09 08:44 - 2017-07-14 15:57 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe 2017-08-09 08:44 - 2017-07-14 15:50 - 000054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe 2017-08-09 08:44 - 2017-07-14 15:50 - 000028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll 2017-08-09 08:44 - 2017-07-08 16:34 - 000370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys 2017-08-09 08:44 - 2017-07-07 16:33 - 000363752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys 2017-08-09 08:44 - 2017-07-01 14:05 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll 2017-08-09 08:44 - 2017-07-01 14:05 - 000866816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswdat10.dll 2017-08-09 08:44 - 2017-07-01 14:05 - 000616448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrepl40.dll 2017-08-09 08:44 - 2017-07-01 14:05 - 000475648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxbde40.dll 2017-08-09 08:44 - 2017-07-01 14:05 - 000375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspbde40.dll 2017-08-09 08:44 - 2017-07-01 14:05 - 000343552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll 2017-08-09 08:44 - 2017-07-01 14:05 - 000310272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll 2017-08-09 08:44 - 2017-07-01 14:05 - 000240640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll 2017-08-09 08:44 - 2017-07-01 14:05 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjter40.dll ==================== Three Months Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-11-02 16:28 - 2009-07-14 05:45 - 000039584 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2017-11-02 16:28 - 2009-07-14 05:45 - 000039584 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2017-11-02 16:25 - 2015-12-29 17:49 - 000000000 ____D C:\Users\utente\AppData\Local\CrashDumps 2017-11-02 16:24 - 2011-04-12 11:49 - 000745010 _____ C:\Windows\system32\perfh010.dat 2017-11-02 16:24 - 2011-04-12 11:49 - 000148682 _____ C:\Windows\system32\perfc010.dat 2017-11-02 16:24 - 2009-07-14 06:13 - 001671482 _____ C:\Windows\system32\PerfStringBackup.INI 2017-11-02 16:24 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf 2017-11-02 16:20 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2017-11-02 16:19 - 2015-09-11 16:08 - 000065536 _____ C:\Windows\system32\spu_storage.bin 2017-11-02 16:09 - 2015-11-13 18:45 - 000000000 ____D C:\Users\utente\AppData\Roaming\TS3Client 2017-11-02 13:20 - 2015-11-10 23:03 - 000002882 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (utente) 2017-11-02 13:19 - 2016-01-14 16:42 - 000003192 _____ C:\Windows\System32\Tasks\HPCeeScheduleForutente 2017-11-02 13:19 - 2016-01-14 16:42 - 000000336 _____ C:\Windows\Tasks\HPCeeScheduleForutente.job 2017-11-02 10:24 - 2015-11-17 17:32 - 000000000 ____D C:\Users\utente\AppData\Roaming\Audacity 2017-10-31 13:37 - 2017-07-07 23:24 - 000001701 _____ C:\Users\utente\Desktop\TERA FOV.txt 2017-10-30 10:35 - 2016-07-15 13:31 - 000000000 ____D C:\Users\utente\AppData\LocalLow\Adblock Plus for IE 2017-10-27 20:06 - 2016-11-24 11:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2017-10-27 20:06 - 2015-09-11 15:26 - 000000000 ____D C:\ProgramData\Package Cache 2017-10-27 18:21 - 2015-11-13 18:21 - 000000000 ____D C:\Program Files (x86)\Overwolf 2017-10-25 21:51 - 2015-08-07 07:54 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2017-10-25 21:51 - 2015-08-07 07:54 - 000004460 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2017-10-25 21:51 - 2015-08-07 07:54 - 000000000 ____D C:\Windows\system32\Macromed 2017-10-25 21:51 - 2015-05-22 08:33 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2017-10-25 21:51 - 2015-05-22 08:33 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2017-10-25 15:50 - 2016-06-21 14:11 - 000000000 ____D C:\Users\utente\AppData\Local\ElevatedDiagnostics 2017-10-25 15:50 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\rescache 2017-10-20 09:59 - 2009-07-14 06:08 - 000032556 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2017-10-17 22:15 - 2016-07-15 09:04 - 000001011 _____ C:\Users\Public\Desktop\EagleGet.lnk 2017-10-17 22:15 - 2016-07-15 09:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EagleGet 2017-10-17 22:15 - 2016-07-15 09:04 - 000000000 ____D C:\Program Files (x86)\EagleGet 2017-10-15 00:01 - 2016-12-13 21:42 - 000000097 _____ C:\Users\utente\Desktop\TERA CLASSI PER IL CRAFTING.txt 2017-10-12 12:50 - 2016-11-24 11:42 - 000194272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2017-10-12 10:47 - 2017-07-12 08:43 - 000001313 _____ C:\Users\utente\Desktop\CALENDARIO TERA QUEST.txt 2017-10-12 07:37 - 2017-06-06 08:23 - 000000618 _____ C:\Users\utente\Desktop\FONDO ARCO.txt 2017-10-11 12:16 - 2009-07-14 05:45 - 000450232 _____ C:\Windows\system32\FNTCACHE.DAT 2017-10-11 10:53 - 2015-05-21 19:19 - 000000000 ____D C:\Windows\system32\MRT 2017-10-11 10:52 - 2015-05-21 19:19 - 126925120 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2017-10-11 10:51 - 2015-05-21 23:51 - 001645368 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2017-10-05 09:17 - 2015-11-11 14:40 - 000000000 ____D C:\Users\utente\AppData\Roaming\ObviousIdea ==================== Files in the root of some directories ======= 2015-11-11 15:38 - 2015-11-11 15:38 - 000000839 _____ () C:\Users\utente\AppData\Roaming\Drives Meter_Settings.ini 2015-11-11 15:34 - 2015-11-11 15:34 - 000000120 _____ () C:\Users\utente\AppData\Roaming\System Monitor II_UptimeRecord.ini 2015-09-11 16:37 - 2017-10-11 18:27 - 000305917 _____ () C:\Users\utente\AppData\Local\BTServer.log 2016-01-08 13:26 - 2016-01-08 13:26 - 000000000 _____ () C:\Users\utente\AppData\Local\{0891D3CB-9E51-4C73-AD7A-542EB0DD6BB5} 2016-01-14 15:58 - 2016-01-14 15:58 - 000000057 _____ () C:\ProgramData\Ament.ini 2016-06-01 17:48 - 2016-06-25 14:03 - 000000016 _____ () C:\ProgramData\autobk.inc 2015-11-11 10:46 - 2015-11-11 10:46 - 000000000 ____H () C:\ProgramData\DP45977C.lfl 2017-04-25 19:30 - 2017-07-23 11:44 - 000000060 _____ () C:\ProgramData\SoftwareUpdateTemp.xml Some files in TEMP: ==================== 2017-11-02 16:33 - 2017-09-13 16:31 - 001732864 _____ (Microsoft Corporation) C:\Users\utente\AppData\Local\Temp\dllnt_dump.dll 2017-10-17 22:10 - 2017-08-31 13:31 - 006744216 _____ (EagleGet ) C:\Users\utente\AppData\Local\Temp\EGSetup.exe 2017-08-31 16:31 - 2017-08-31 16:31 - 000192512 _____ () C:\Users\utente\AppData\Local\Temp\sfamcc00001.dll ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2017-10-25 15:43 ==================== End of FRST.txt ============================ 7-Zip 15.12 (x64) (HKLM\...\7-Zip) (Version: 15.12 - Igor Pavlov) Ableton Live 9 Suite (HKLM\...\{7597F2DC-003A-476E-9281-774AB112B7BE}) (Version: 9.0.0.0 - Ableton) ACP Application (HKLM\...\{08524C4D-56DD-188E-ECD8-4D3F976AA3CF}) (Version: 2017.0424.2109.30 - Advanced Micro Devices, Inc.) Hidden Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{3C1BB12D-B0E7-4697-B718-19BE1453AEF6}) (Version: 1.5 - Eyeo GmbH) Adobe Flash Player 27 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 27.0.0.183 - Adobe Systems Incorporated) AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.) AmpegSVX (HKLM-x32\...\{CF1D7323-8A0A-49C7-83B0-088DB90721E2}) (Version: 1.1.3 - IK Multimedia) AnalogX Vocal Remover (HKLM-x32\...\AnalogX Vocal Remover) (Version: - AnalogX) Application Profiles (HKLM-x32\...\{A8426044-BED4-8275-A078-EA7259C87FC5}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.13 - Michael Tippach) ASUS MultiFrame (HKLM-x32\...\{FB4D076A-DEFD-4EAF-AD63-70D5A3BC262A}) (Version: 1.1.1 - ASUS) ASUS Xonar U1 Audio (HKLM\...\C-Media CM112 Like Sound Driver) (Version: - ) Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Atheros Communications Inc.) Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros) Audacity 2.1.3 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.3 - Audacity Team) Avira (HKLM-x32\...\{bd94e862-c44b-4f68-98ca-b35ddf9dbbfc}) (Version: 1.2.98.37213 - Avira Operations GmbH & Co. KG) Avira (HKLM-x32\...\{D03EC4B7-E520-4A6F-974C-4F48533838EC}) (Version: 1.2.98.37213 - Avira Operations GmbH & Co. KG) Hidden Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.32.12 - Avira Operations GmbH & Co. KG) Avira Scout (HKLM-x32\...\Avira Scout) (Version: 17.6.3071.2851 - Avira Operations GmbH & Co. KG) Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - ) BIAS FX Plugins Pack (64bit) (HKLM\...\{77558DEB-4B65-4921-8855-D8593EF5BCDD}) (Version: 1.1.0.745 - PositiveGrid) Blade & Soul (HKLM-x32\...\{C3F383C1-D050-4A40-843F-8171A6A02C3A}) (Version: 1.0.63.260 - NC Interactive, LLC) Hidden Blade & Soul (HKLM-x32\...\InstallShield_{C3F383C1-D050-4A40-843F-8171A6A02C3A}) (Version: 1.0.63.260 - NC Interactive, LLC) Catalyst Control Center Next Localization BR (HKLM\...\{D6823E97-B396-927D-D651-AFB82BE03523}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHS (HKLM\...\{4B01C6D5-4693-6CA8-ECF7-A0F9E7FEC6DB}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHT (HKLM\...\{50DBC6DD-C2A2-2C38-FE37-A48208474155}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CS (HKLM\...\{BF26ACAF-6D09-023B-5FB7-8A848874A724}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DA (HKLM\...\{9DB37D05-F855-5D7D-08C2-25E00E2CCDBC}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DE (HKLM\...\{87250370-0A99-4ED9-DCE4-970DAC325FA5}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization EL (HKLM\...\{1F815C78-D31E-53FD-C8BF-3215E4F022A3}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization ES (HKLM\...\{79F58747-D616-4CDB-7D8B-4BC580D99153}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FI (HKLM\...\{02E80355-64BF-6C1E-B0B7-76857D62A86D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FR (HKLM\...\{77158555-E271-A561-ECDA-611639388B5C}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization HU (HKLM\...\{97673BD1-8CA0-53EF-C4E7-282CD8748F1C}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization IT (HKLM\...\{F1AD64B3-4114-8EF7-407C-F9F9122EDA68}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization JA (HKLM\...\{ED28D75F-557C-39C9-5004-F8F17C8BC279}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization KO (HKLM\...\{41268A73-D680-48C5-DE5E-CF67C05CBBBB}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NL (HKLM\...\{9655DE76-0987-9159-5A7E-FCE18409D004}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NO (HKLM\...\{CD73EC8B-9F04-5EA1-8FD4-AEE4DAC51267}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization PL (HKLM\...\{397C2EE5-B514-0CC5-53C3-2FBE46CE6EDF}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization RU (HKLM\...\{45FA39D2-8AEB-AFF8-2FA6-96891732CB80}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization SV (HKLM\...\{B3EA6CCB-F44C-DC35-94F5-1B9CC18FE598}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TH (HKLM\...\{AEE4C0AE-CDAF-5D37-2DA3-A2B3FDFE6E81}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TR (HKLM\...\{BE064737-1F2C-ECDD-916C-798E3D18C263}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden CDex - Digital Audio CD Extractor and Converter (HKLM-x32\...\CDex) (Version: 1.81.0.2016 - Georgy Berdyshev) Discord (HKU\S-1-5-21-3496829260-2876884002-4000285576-1001\...\Discord) (Version: 0.0.298 - Discord Inc.) Discord (HKU\S-1-5-21-3496829260-2876884002-4000285576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Discord) (Version: 0.0.298 - Discord Inc.) EagleGet version 2.0.4.28 (HKLM-x32\...\{F6D8142A-B30B-454B-9EE0-08A7B997DFE4}_is1) (Version: 2.0.4.28 - EagleGet) Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 8.3.1.21155 - Foxit Software Inc.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.100 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden GWX Control Panel (HKLM-x32\...\UltimateOutsider_GwxControlPanel) (Version: - UltimateOutsider) HP ENVY 4500 series Aiuto (HKLM-x32\...\{32EE4084-95F3-484A-85A3-0B3CA190DE47}) (Version: 30.0.0 - Hewlett Packard) HP ENVY 4500 series Software di base dispositivo (HKLM\...\{361E170A-EADF-4F79-A026-97DDDFE6616C}) (Version: 32.3.198.49673 - Hewlett-Packard Co.) HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP) HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.5.37.19 - Hewlett-Packard Company) HP Support Solutions Framework (HKLM-x32\...\{764B2B38-68B3-4183-8D3D-8D5577E91E4A}) (Version: 12.8.37.11 - HP) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.31.1000 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3993 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.1.0.1058 - Intel Corporation) Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 4.0.3.49 - Intel Corporation) IrfanView 4.44 (64-bit) (HKLM\...\IrfanView64) (Version: 4.44 - Irfan Skiljan) League of Legends (HKLM-x32\...\{1976A709-EC16-419D-85D4-52FE64A3A5C7}) (Version: 4.2.1 - Riot Games) Hidden League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games) LenovoUsbDriver 1.1.16 (HKLM-x32\...\LenovoUsbDriver) (Version: 1.1.16 - Lenovo) Line 6 Uninstaller (HKLM-x32\...\Line 6 Uninstaller) (Version: - Line 6) Malwarebytes versione 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes) Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation) Microsoft .NET Framework 4.7 (Italiano) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1040) (Version: 4.7.02053 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3496829260-2876884002-4000285576-1001\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3496829260-2876884002-4000285576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24123 (HKLM-x32\...\{206898cc-4b41-4d98-ac28-9f9ae57f91fe}) (Version: 14.0.24123.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools per Office Runtime (x64) - Language Pack - ITA (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ITA) (Version: 10.0.50903 - Microsoft Corporation) Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation) Mp3tag v2.75 (HKLM-x32\...\Mp3tag) (Version: v2.75 - Florian Heidenreich) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MuseScore 2 (HKLM-x32\...\{4F0E15EA-F64C-11E5-9992-E717EA7DB0C8}) (Version: 2.0.3 - Werner Schweer and Others) My.com Game Center (HKU\S-1-5-21-3496829260-2876884002-4000285576-1001\...\MyComGames) (Version: 3.190 - My.com B.V.) My.com Game Center (HKU\S-1-5-21-3496829260-2876884002-4000285576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MyComGames) (Version: 3.190 - My.com B.V.) NC Launcher (GameForge) (HKLM-x32\...\NCLauncher_GameForge) (Version: - NCsoft) NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version: - NCSOFT) Nero 12 (HKLM-x32\...\{560FC78C-A4B2-461D-9B47-820C1EEF87B8}) (Version: 12.0.02000 - Nero AG) Npcap 0.93 (HKLM-x32\...\NpcapInst) (Version: 0.93 - Nmap Project) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Overwolf (HKLM-x32\...\Overwolf) (Version: 0.107.256.0 - Overwolf Ltd.) Ozone Strike Battle Driver (HKLM-x32\...\{54C8FBB3-B992-43CB-8F0A-E26228013F88}) (Version: 1.0 - ) PDFill FREE PDF Tools (HKLM\...\{735A3951-E139-4E4A-AFAE-BA25E9FF5E6A}) (Version: 12.0 - PlotSoft LLC) Prerequisite installer (HKLM-x32\...\{3AAB08A3-F129-4BD5-B409-AE674F93759D}) (Version: 12.0.0002 - Nero AG) Hidden QLBCASL (HKLM-x32\...\{F1D7AC58-554A-4A58-B784-B61558B1449A}) (Version: 6.40.17.2 - Hewlett-Packard) Hidden QUAD-CAPTURE Driver (HKLM\...\RolandRDID0117) (Version: - Roland Corporation) RapeLay (remove only) (HKLM-x32\...\RapeLay) (Version: - ) REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.805.806.012014 - REALTEK Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.) REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0239 - REALTEK Semiconductor Corp.) REAPER (x64) (HKLM\...\REAPER) (Version: - ) Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation) Revelation Online (HKU\S-1-5-21-3496829260-2876884002-4000285576-1001\...\Revelation Online) (Version: 1.43 - My.com B.V.) Revelation Online (HKU\S-1-5-21-3496829260-2876884002-4000285576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Revelation Online) (Version: 1.43 - My.com B.V.) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation) Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.) Software per periferiche con chipset Intel® (HKLM-x32\...\{da2de8c3-61b9-4b3b-916d-6b2fb2b1a90c}) (Version: 10.0.21 - Intel(R) Corporation) Hidden Songr (HKU\S-1-5-21-3496829260-2876884002-4000285576-1001\...\Songr) (Version: 2.1 - Xamasoft) Songr (HKU\S-1-5-21-3496829260-2876884002-4000285576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Songr) (Version: 2.1 - Xamasoft) Speccy (HKLM\...\Speccy) (Version: 1.30 - Piriform) SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - ) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH) TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.83369 - TeamViewer) TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp) TempoPerfect Metronome Software (HKLM-x32\...\TempoPerfect) (Version: 4.08 - NCH Software) Tixati (HKLM-x32\...\tixati) (Version: - ) VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 3.26 - NCH Software) Vulkan Run Time Libraries 1.0.11.0 (HKLM\...\VulkanRT1.0.11.0) (Version: 1.0.11.0 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.11.0 (HKLM\...\VulkanRT1.0.11.0-2) (Version: 1.0.11.0 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.11.0 (HKLM\...\VulkanRT1.0.11.0-3) (Version: 1.0.11.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.13.0 (HKLM\...\VulkanRT1.0.13.0) (Version: 1.0.13.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0) (Version: 1.0.17.0 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0-2) (Version: 1.0.17.0 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0-3) (Version: 1.0.17.0 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0-4) (Version: 1.0.17.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.21.0 (HKLM\...\VulkanRT1.0.21.0) (Version: 1.0.21.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0-2) (Version: 1.0.26.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1-2) (Version: 1.0.3.1 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.37.0 (HKLM\...\VulkanRT1.0.37.0) (Version: 1.0.37.0 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.37.0 (HKLM\...\VulkanRT1.0.37.0-2) (Version: 1.0.37.0 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.37.0 (HKLM\...\VulkanRT1.0.37.0-3) (Version: 1.0.37.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1-2) (Version: 1.0.39.1 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1-3) (Version: 1.0.39.1 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1-4) (Version: 1.0.39.1 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1-5) (Version: 1.0.39.1 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.8.0 (HKLM\...\VulkanRT1.0.8.0) (Version: 1.0.8.0 - LunarG, Inc.) Welcome App (Start-up experience) (HKLM-x32\...\{828175FA-7307-4DBF-95AD-9CEE086B6F45}) (Version: 12.0.14000 - Nero AG) Hidden WinZip 15.0 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240C1}) (Version: 15.0.9411 - WinZip Computing, S.L. ) XiaoMiFlash (HKLM-x32\...\{9AF75396-D38E-4F07-831C-9F78923DC015}) (Version: 1.0.0 - XiaoMi) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) HKU\S-1-5-21-3496829260-2876884002-4000285576-1001\...\ChromeHTML: -> <==== ATTENTION CustomCLSID: HKU\S-1-5-21-3496829260-2876884002-4000285576-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation) CustomCLSID: HKU\S-1-5-21-3496829260-2876884002-4000285576-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\utente\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3496829260-2876884002-4000285576-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\utente\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3496829260-2876884002-4000285576-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\utente\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3496829260-2876884002-4000285576-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\utente\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3496829260-2876884002-4000285576-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\utente\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-11-19] (Igor Pavlov) ContextMenuHandlers1: [BtSendToMenuEx] -> {CF24E6B8-F148-4BCB-9108-ADF313966E80} => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\DevMenuExt.dll [2014-01-06] (Realtek Semiconductor Corporation) ContextMenuHandlers1: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_103.dll [2013-06-17] (Free Time) ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\ConvertToPDFShellExtension_x64.dll -> No File ContextMenuHandlers1: [IZArcCM] -> {BC593DF5-466F-44EC-8FFD-C4DBC603B917} => C:\Program Files (x86)\IZArc\IZArcCM64.dll [2012-07-20] () ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2015-10-10] (Florian Heidenreich) ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-10-12] (Avira Operations GmbH & Co. KG) ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2015-10-10] (Florian Heidenreich) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-11-19] (Igor Pavlov) ContextMenuHandlers4: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_103.dll [2013-06-17] (Free Time) ContextMenuHandlers4: [IZArcCM] -> {BC593DF5-466F-44EC-8FFD-C4DBC603B917} => C:\Program Files (x86)\IZArc\IZArcCM64.dll [2012-07-20] () ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2015-10-10] (Florian Heidenreich) ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-04-24] (Advanced Micro Devices, Inc.) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2015-03-19] (Intel Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-11-19] (Igor Pavlov) ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\ConvertToPDFShellExtension_x64.dll -> No File ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes) ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-10-12] (Avira Operations GmbH & Co. KG) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {067E386F-2FBA-4C0F-B6B3-09E5DE2041A8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.) Task: {0A6F373E-054D-4817-93FE-36653CBD21E0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.) Task: {0F979464-1946-480C-A4D3-4E17FC5C3320} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-09-27] (HP Inc.) Task: {147D7CBE-7BCA-44E3-938B-66D2C5909093} - \MSIAfterburner -> No File <==== ATTENTION Task: {1B05E31C-3048-4C6C-A7F8-915B763A7B48} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2017-08-14] (HP Inc.) Task: {1CE814AB-B01D-44AF-97C4-1557000188C7} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation) Task: {39AE225E-B8AC-419E-BB56-A7B46806790D} - System32\Tasks\HPCeeScheduleForutente => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard) Task: {3AD79B79-B62A-4EA6-8B01-0E95DCDDAD02} - System32\Tasks\Driver Booster Beta SkipUAC (utente) => C:\Program Files (x86)\IObit\Driver Booster Beta\4.0.1\DriverBooster.exe Task: {3B28F698-8EAE-4616-8D4D-A1E8B02717B6} - System32\Tasks\LIFECHAT_MSN_MESSENGER_INSTALL_WEB_PAGE => rundll32.exe url.dll,OpenURL hxxp://go.microsoft.com/fwlink/?linkId=57777&clcid=0x409 Task: {4445D47F-952C-4EBD-8E89-6A042F5C6CF9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-10-25] (Adobe Systems Incorporated) Task: {4DE6C942-55EA-4155-A7A8-243809BD4293} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-10] (Google Inc.) Task: {60456DE1-DCAC-4753-BD15-42267759FBE3} - System32\Tasks\Avira SystrayStartTrigger => Avira.SystrayStartTrigger.exe Task: {65D7843A-0DD5-4721-ABD0-C1F171B97235} - System32\Tasks\{A7E33A92-3A4F-443D-AF90-7DD9A14E58BE} => C:\Windows\system32\pcalua.exe -a "D:\MALLOPPO ROBE SCARICATE DA CHROME\mp520swin64101ea24.exe" -d C:\Users\utente\AppData\Roaming\IDM Task: {7B93D4CA-2A44-4A43-B49F-A0C2D60BB278} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-04-24] (Advanced Micro Devices, Inc.) Task: {882489C5-4CAC-4D35-99F9-DEAB25F72BF2} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation) Task: {896BC8BB-2DFC-4035-8DA3-0572AC7C62F8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2017-09-15] (HP Inc.) Task: {89DF8419-7D3C-4EA2-B3D4-CBA55FD85B98} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-10] (Google Inc.) Task: {8E59B598-AC90-491D-953E-997AC17F178E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.) Task: {8EAED7CE-3AB7-4AF0-A9C2-F25177A0D016} - System32\Tasks\{E577D140-CB00-4E32-8EB1-F32C90590E71} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\AnalogX\VocalRemover\vremu.exe" -d "C:\Program Files (x86)\AnalogX\VocalRemover\" -c -Register Task: {C259566F-573B-42F9-AF81-F84EAC8B350E} - System32\Tasks\AviraScoutUpdateTaskMachineCore => C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe [2016-11-24] (Avira Operations GmbH & Co. KG) Task: {C6124178-C83E-451C-9C7D-7AD9274A5837} - System32\Tasks\Driver Booster SkipUAC (utente) => C:\Program Files (x86)\IObit\Driver Booster\4.5.0\DriverBooster.exe [2017-07-28] (IObit) Task: {D2DC3FC2-68EF-4020-98B8-90FD4152127B} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2017-10-12] (Avira Operations GmbH & Co. KG) Task: {D3ADF138-9074-44D5-884A-F4682796FEAB} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.) Task: {D64DE423-E23F-4242-961C-1EFB5570A99D} - System32\Tasks\AviraScoutUpdateTaskMachineUA => C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe [2016-11-24] (Avira Operations GmbH & Co. KG) Task: {D9770DA8-59F7-4886-A1F1-A3E50B08E604} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2017-10-23] (Overwolf LTD) Task: {E1FD8ADA-8674-40A8-BCAA-7D9216CBAC25} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-09-27] (HP Inc.) Task: {F023C74D-99C8-4129-AC82-420E9854B020} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN58Q331SC => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2017-08-14] (HP Inc.) Task: {F30DD774-3136-4985-987C-49864B958CA7} - System32\Tasks\LifeChatTask => C:\Program Files\Microsoft LifeChat\LifeChat.exe Task: {FCA4E0DD-B9C0-4C45-BD62-C11F1C3DA2AB} - System32\Tasks\{1B4A5A0C-E045-4F74-BE8D-F4DC038CCEAA} => C:\Windows\system32\pcalua.exe -a "D:\MALLOPPO ROBE SCARICATE DA CHROME\wlsetup-web.exe" -d C:\Users\utente\AppData\Roaming\IDM (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\HPCeeScheduleForutente.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) Shortcut: C:\Users\utente\Favorites\Sito download di NCH Software.lnk -> hxxp://www.nchsoftware.com/it/index.htm ShortcutWithArgument: C:\Users\utente\Desktop\Avvio applicazioni di Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list ShortcutWithArgument: C:\Users\utente\AppData\Local\Google\Chrome\User Data\Avvio applicazioni di Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list ShortcutWithArgument: C:\Users\utente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Avvio applicazioni di Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list ShortcutWithArgument: C:\Users\utente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applicazioni Chrome\ForumFree.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=onpaokmjncandjkacmikamfgfpfkgfdb ShortcutWithArgument: C:\Users\utente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applicazioni Avira Scout\ForumFree.lnk -> C:\Program Files (x86)\Avira\Scout\Application\scout.exe (Avira Operations GmbH & Co. KG) -> --profile-directory=Default --app-id=onpaokmjncandjkacmikamfgfpfkgfdb ==================== Loaded Modules (Whitelisted) ============== 2013-09-05 00:17 - 2013-09-05 00:17 - 004300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2015-11-11 13:19 - 2012-07-20 13:39 - 002469888 _____ () C:\Program Files (x86)\IZArc\IZArcCM64.dll 2015-09-11 16:37 - 2014-01-06 13:56 - 000079872 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe 2016-07-15 09:04 - 2017-09-20 18:36 - 000247992 _____ () C:\Program Files (x86)\EagleGet\EGMonitor.exe 2017-09-26 09:11 - 2017-09-21 08:29 - 004022616 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\libglesv2.dll 2017-09-26 09:11 - 2017-09-21 08:29 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\libegl.dll 2017-06-06 20:35 - 2017-08-03 08:10 - 000356744 _____ () C:\Windows\SysWOW64\GameManager32.dll 2017-04-02 20:28 - 2017-09-09 20:25 - 000688416 _____ () D:\STEAM DI MERDA\SDL2.dll 2017-04-02 20:28 - 2016-09-01 02:02 - 004969248 _____ () D:\STEAM DI MERDA\v8.dll 2017-04-02 20:28 - 2016-09-01 02:02 - 001563936 _____ () D:\STEAM DI MERDA\icui18n.dll 2017-04-02 20:28 - 2016-09-01 02:02 - 001195296 _____ () D:\STEAM DI MERDA\icuuc.dll 2017-04-02 20:28 - 2017-10-31 04:22 - 002546976 _____ () D:\STEAM DI MERDA\video.dll 2017-04-02 20:28 - 2016-01-27 08:49 - 002549760 _____ () D:\STEAM DI MERDA\libavcodec-56.dll 2017-04-02 20:28 - 2016-01-27 08:49 - 000442880 _____ () D:\STEAM DI MERDA\libavutil-54.dll 2017-04-02 20:28 - 2016-01-27 08:49 - 000491008 _____ () D:\STEAM DI MERDA\libavformat-56.dll 2017-04-02 20:28 - 2016-01-27 08:49 - 000332800 _____ () D:\STEAM DI MERDA\libavresample-2.dll 2017-04-02 20:28 - 2016-01-27 08:49 - 000485888 _____ () D:\STEAM DI MERDA\libswscale-3.dll 2017-04-02 20:28 - 2017-10-31 04:22 - 000901408 _____ () D:\STEAM DI MERDA\bin\chromehtml.DLL 2017-04-02 20:28 - 2016-07-04 23:17 - 000266560 _____ () D:\STEAM DI MERDA\openvr_api.dll 2016-08-23 23:45 - 2016-01-11 21:45 - 000027648 _____ () C:\Program Files (x86)\Nemesys\dist\servicemanager.pyd 2016-08-23 23:45 - 2016-01-11 21:44 - 000110080 _____ () C:\Program Files (x86)\Nemesys\dist\pywintypes27.dll 2016-08-23 23:45 - 2016-01-11 21:45 - 000042496 _____ () C:\Program Files (x86)\Nemesys\dist\win32service.pyd 2016-08-23 23:45 - 2016-01-11 21:45 - 000100864 _____ () C:\Program Files (x86)\Nemesys\dist\win32api.pyd 2016-08-23 23:45 - 2016-06-27 15:21 - 001014272 _____ () C:\Program Files (x86)\Nemesys\dist\_hashlib.pyd 2016-08-23 23:45 - 2016-06-27 15:20 - 000047616 _____ () C:\Program Files (x86)\Nemesys\dist\_socket.pyd 2016-08-23 23:45 - 2016-06-27 15:21 - 001405440 _____ () C:\Program Files (x86)\Nemesys\dist\_ssl.pyd 2016-08-23 23:45 - 2016-06-27 15:20 - 000137728 _____ () C:\Program Files (x86)\Nemesys\dist\pyexpat.pyd 2016-08-23 23:45 - 2016-07-07 13:11 - 000006144 _____ () C:\Program Files (x86)\Nemesys\dist\tornado.speedups.pyd 2016-08-23 23:45 - 2016-06-27 15:20 - 000011264 _____ () C:\Program Files (x86)\Nemesys\dist\select.pyd 2016-08-23 23:45 - 2016-06-27 15:20 - 000092672 _____ () C:\Program Files (x86)\Nemesys\dist\_ctypes.pyd 2016-08-23 23:45 - 2016-06-27 15:20 - 000688128 _____ () C:\Program Files (x86)\Nemesys\dist\unicodedata.pyd 2016-08-23 23:45 - 2016-07-07 13:03 - 000014848 _____ () C:\Program Files (x86)\Nemesys\dist\netifaces.pyd 2016-08-23 23:45 - 2016-11-22 16:56 - 000046080 _____ () C:\Program Files (x86)\Nemesys\dist\psutil._psutil_windows.pyd 2016-07-15 09:04 - 2017-09-20 18:36 - 001010360 _____ () C:\Program Files (x86)\EagleGet\util.dll 2016-07-15 09:04 - 2017-08-28 19:24 - 000610304 _____ () C:\Program Files (x86)\EagleGet\sqlite3.dll 2017-04-02 20:28 - 2017-08-16 23:28 - 073130272 _____ () D:\STEAM DI MERDA\bin\cef\cef.win7\libcef.dll 2017-06-08 08:18 - 2017-09-07 03:04 - 000678400 _____ () D:\STEAM DI MERDA\bin\cef\cef.win7\SDL2.dll 2017-04-02 20:28 - 2015-09-25 00:52 - 000119208 _____ () D:\STEAM DI MERDA\winh264.dll 2016-07-15 09:04 - 2017-09-20 18:36 - 000225976 _____ () C:\Program Files (x86)\EagleGet\CrashRpt.dll 2016-07-15 09:04 - 2017-08-28 19:24 - 000053760 _____ () C:\Program Files (x86)\EagleGet\zlib.dll 2016-07-15 09:04 - 2017-09-20 18:36 - 000852664 _____ () C:\Program Files (x86)\EagleGet\ssl.dll 2013-09-05 00:14 - 2013-09-05 00:14 - 004300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2014-11-10 11:12 - 2014-11-10 11:12 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\Temp:1CE11B51 [152] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-3496829260-2876884002-4000285576-1001\...\line6.net -> line6.net IE trusted site: HKU\S-1-5-21-3496829260-2876884002-4000285576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\line6.net -> line6.net ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2016-09-06 10:26 - 2017-08-17 09:08 - 000000027 _____ C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3496829260-2876884002-4000285576-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\utente\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg HKU\S-1-5-21-3496829260-2876884002-4000285576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\utente\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 85.37.17.51 - 8.8.4.4 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == MSCONFIG\startupreg: BtServer => "C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe" MSCONFIG\startupreg: QlbCtrl.exe => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [TCP Query User{1CACFE96-6E89-4457-A289-99E40BA3EF05}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe FirewallRules: [UDP Query User{29672E5B-9D9B-492A-8F82-3954C1C4A4CB}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe FirewallRules: [{9746A5FF-9F0C-487D-99A3-2CB0C975F2A1}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe FirewallRules: [{8F448E99-E32F-4291-AE69-066EC4E1AD5E}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe FirewallRules: [{5E8A35B6-CD5A-4DE6-8234-F29AB4770182}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe FirewallRules: [{7CBE5788-B9E2-4C32-835B-8C604D4D5DD8}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe FirewallRules: [{603E8FE7-0FED-43A0-AE04-8FBB6F53D4E9}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe FirewallRules: [TCP Query User{1C20245B-7D29-443F-A7A8-003495513ED5}D:\tixati\tixati.exe] => (Allow) D:\tixati\tixati.exe FirewallRules: [UDP Query User{98FA3DB1-0AF9-401A-A3C6-26B738737E99}D:\tixati\tixati.exe] => (Allow) D:\tixati\tixati.exe FirewallRules: [{6C2A7F48-28F8-42FD-995A-670687E0B92F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{BC53E292-769D-48AD-A5B5-48750175E86A}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe FirewallRules: [{766175B5-1098-4BAF-B8FF-AB9B4517B56E}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe FirewallRules: [{72022D1C-6381-458B-B46C-25BF1B3B2E16}] => (Allow) C:\Users\utente\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe FirewallRules: [{9F129BC5-B1BC-4CDA-87BD-9193974108CA}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe FirewallRules: [{7A3335E4-B3E5-4B3D-80F5-12EBC3704324}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe FirewallRules: [TCP Query User{95334C12-EF1C-4E65-AD51-00AB94006ED0}C:\program files (x86)\formatfactory\ffmodules\package\ptinstonline.exe] => (Allow) C:\program files (x86)\formatfactory\ffmodules\package\ptinstonline.exe FirewallRules: [UDP Query User{8987E40E-094E-407F-A9ED-585811E8091F}C:\program files (x86)\formatfactory\ffmodules\package\ptinstonline.exe] => (Allow) C:\program files (x86)\formatfactory\ffmodules\package\ptinstonline.exe FirewallRules: [{617BDD83-789F-47E9-9DA9-F24F47E644BE}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Package\PTInstOnline.exe FirewallRules: [TCP Query User{B653C093-120E-48CE-9AA3-8DF371ED7D6E}D:\gameforgelive\games\ita_ita\aion\nclauncher.exe] => (Allow) D:\gameforgelive\games\ita_ita\aion\nclauncher.exe FirewallRules: [UDP Query User{C0EC94A9-C7A0-4DE6-A602-F21DAAF5E6FD}D:\gameforgelive\games\ita_ita\aion\nclauncher.exe] => (Allow) D:\gameforgelive\games\ita_ita\aion\nclauncher.exe FirewallRules: [TCP Query User{CFD6F15A-28A9-4B38-83B3-F9589F473C35}C:\program files (x86)\gameforge\nclauncher\nclauncher.exe] => (Allow) C:\program files (x86)\gameforge\nclauncher\nclauncher.exe FirewallRules: [UDP Query User{59696773-4604-4AEF-88BD-6556295E5ABF}C:\program files (x86)\gameforge\nclauncher\nclauncher.exe] => (Allow) C:\program files (x86)\gameforge\nclauncher\nclauncher.exe FirewallRules: [{A6268083-ADA8-4857-94C2-550FB7D65309}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe FirewallRules: [{3D1C9C99-609E-49BC-985A-AE81694C6DDD}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe FirewallRules: [{E5F39AB5-F6BB-4797-9026-DB8A1825EEEA}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe FirewallRules: [{9B238213-CBF6-43AC-B522-561673BD547F}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe FirewallRules: [{CB5D2DCE-7379-4694-9FFF-9134619E1965}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe FirewallRules: [{C5498E84-7F3E-45E1-B02B-D7923B1213C8}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe FirewallRules: [{44436462-5A53-452E-BCF3-2667CFAD1435}] => (Allow) C:\Program Files\HP\HP ENVY 4500 series\Bin\DeviceSetup.exe FirewallRules: [{C28787D8-2E05-4277-9EC2-D2ED356AB33D}] => (Allow) LPort=5357 FirewallRules: [{E102A707-8C81-4979-8368-55BFF07AA497}] => (Allow) C:\Program Files\HP\HP ENVY 4500 series\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{AD351E96-C220-448A-AF43-C67AAEC6DF0B}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe FirewallRules: [{41F55456-C90F-4B3B-B260-5F880ABE80C9}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe FirewallRules: [{000DA8FE-189E-410B-98E2-1116769CB4B7}] => (Block) %ALLUSERSPROFILE%\Ableton\Live 9 Suite\Program\Ableton Live 9 Suite.exe FirewallRules: [{81C64988-DD98-4667-A272-1D57575E52DA}] => (Allow) LPort=49170 FirewallRules: [{6BCB385E-2325-44DD-BE96-48F80D889FA1}] => (Allow) LPort=5000 FirewallRules: [TCP Query User{2A270360-E61F-489F-A657-D8329D32C456}D:\gameforgelive\games\ita_ita\tera\tera-launcher.exe] => (Allow) D:\gameforgelive\games\ita_ita\tera\tera-launcher.exe FirewallRules: [UDP Query User{728C7F87-F8FA-40C5-A9AB-04678CD4E9B8}D:\gameforgelive\games\ita_ita\tera\tera-launcher.exe] => (Allow) D:\gameforgelive\games\ita_ita\tera\tera-launcher.exe FirewallRules: [{D1850FF3-511B-4094-A81B-6D2185554A1B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{79EC9991-DEA3-4C89-94CC-945DB8FF13A3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{9099121A-F370-4153-8307-5EF05464517B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{2737E5B7-5367-4E36-9CB7-F44CC36D8EFF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{CAC3139A-E370-4E87-9BA1-69807DC48295}] => (Block) %ProgramFiles% (x86)\IK Multimedia\Authorization Manager\Authorization Manager.exe FirewallRules: [{836FB011-91FB-41D9-8191-A551BAC4B9C0}] => (Block) %ProgramFiles%\IK Multimedia\AmpliTube 4\AmpliTube 4.exe FirewallRules: [{59EBCEC4-4FDA-478D-8107-72BF506E176B}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe FirewallRules: [{1611E99B-7EBA-4797-A657-8E9A3B5CE202}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe FirewallRules: [{EF4B258B-1F06-4358-8D0F-C0D308F5B538}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe FirewallRules: [{5B4369CE-FF66-4695-AF3F-E55AF74FAF78}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe FirewallRules: [{241AD40D-564E-46AB-B694-CA1D0929C1B3}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Package\PTInstOnline.exe FirewallRules: [{0096437F-5E12-449C-9DE2-1143D14D499E}] => (Allow) D:\GameforgeLive\gfl_client.exe FirewallRules: [{00A1B2F6-B274-41A5-8A00-73A28ACBAD7B}] => (Allow) C:\Users\utente\AppData\Local\Temp\7zS13F1\HPDiagnosticCoreUI.exe FirewallRules: [{7973C325-2D19-4615-9E75-3FDEBFA10571}] => (Allow) C:\Users\utente\AppData\Local\Temp\7zS13F1\HPDiagnosticCoreUI.exe FirewallRules: [TCP Query User{F2C9F55D-C32D-4356-8F47-7AD490DA7BD6}D:\gameforgelive\games\ita_ita\tera\tera-launcher.exe] => (Allow) D:\gameforgelive\games\ita_ita\tera\tera-launcher.exe FirewallRules: [UDP Query User{DCC3C3F7-FA39-4BA6-9E75-EE5611F7A928}D:\gameforgelive\games\ita_ita\tera\tera-launcher.exe] => (Allow) D:\gameforgelive\games\ita_ita\tera\tera-launcher.exe FirewallRules: [{B9095A19-7A52-4119-A15F-8B440A57F302}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe FirewallRules: [{F4EF172F-02F9-4ABA-AE9D-10E5F794AE5B}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe FirewallRules: [TCP Query User{11F0939B-5B8E-4CEB-BC5C-169DD425EAC2}D:\tixati\tixati.exe] => (Allow) D:\tixati\tixati.exe FirewallRules: [UDP Query User{14C058B9-44F7-4D60-BD2E-314291BDE585}D:\tixati\tixati.exe] => (Allow) D:\tixati\tixati.exe FirewallRules: [{936B97C0-5154-4F9A-B9A6-86A292FE5171}] => (Allow) C:\Users\utente\AppData\Local\Temp\7zS7AD2\HPDiagnosticCoreUI.exe FirewallRules: [{B7134A5A-FE39-494D-A1DE-87B5A035722D}] => (Allow) C:\Users\utente\AppData\Local\Temp\7zS7AD2\HPDiagnosticCoreUI.exe FirewallRules: [{F3F7478B-5B10-4D07-A2FF-2738DC7BB610}] => (Allow) C:\Users\utente\AppData\Local\MyComGames\MyComGames.exe FirewallRules: [{0DC4D8BF-D711-47F6-8990-73728FF730E6}] => (Allow) C:\Users\utente\AppData\Local\MyComGames\MyComGames.exe FirewallRules: [{45DA740E-A54B-486E-9752-7EE72948F839}] => (Allow) D:\MisuraInternetSpeedTest\dist\mist.exe FirewallRules: [{B9C39D05-16FE-4B7D-A91A-9F0116E9E36A}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe FirewallRules: [{13B43426-3549-448C-BB94-F349BCA81604}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe FirewallRules: [{4E4A841E-480E-4A48-887B-6D081193F42F}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe FirewallRules: [{74DFC4AF-8066-49AE-A424-878A241E608A}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe FirewallRules: [{6FA72A4A-77CC-4F45-944D-2E9B3B78CFAC}] => (Allow) C:\Program Files (x86)\Nemesys\dist\login.exe FirewallRules: [{48B74807-EF65-4675-9D2E-3BB65FE20F2A}] => (Allow) C:\Program Files (x86)\Nemesys\dist\login.exe FirewallRules: [{20510439-D5A0-46D6-A5A7-3F3675482178}] => (Allow) C:\Program Files (x86)\Nemesys\dist\login.exe FirewallRules: [{C35CFB53-8C1D-45EA-8EC7-E78AEEBD10FD}] => (Allow) C:\Program Files (x86)\Nemesys\dist\login.exe FirewallRules: [TCP Query User{52A35EEC-6D53-4949-8888-8B991D117F4F}D:\mygames\revelation online\game\tianyu.exe] => (Allow) D:\mygames\revelation online\game\tianyu.exe FirewallRules: [UDP Query User{A41AC13F-750B-47F4-BD93-828C1CB94C79}D:\mygames\revelation online\game\tianyu.exe] => (Allow) D:\mygames\revelation online\game\tianyu.exe FirewallRules: [{EB1C1C16-0CF6-4EA8-9CB1-1078F48BE04D}] => (Allow) D:\STEAM DI MERDA\Steam.exe FirewallRules: [{6B270528-ADB7-41DF-B4F0-77F2A6A0B582}] => (Allow) D:\STEAM DI MERDA\Steam.exe FirewallRules: [{CFAC7A8F-44CA-48E4-892A-98BEAEE78436}] => (Allow) D:\STEAM DI MERDA\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{B0AC35FE-1ED4-4055-875C-56493FDE858F}] => (Allow) D:\STEAM DI MERDA\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{62E77EF5-C233-43B1-A268-275B4BD77FEA}] => (Block) LPort=445 FirewallRules: [{396BBB51-BA8B-4E9B-BA69-D3E25E9DFF55}] => (Block) LPort=445 FirewallRules: [{3863C903-F7DC-4887-BB25-9F86F2F6DD9A}] => (Allow) D:\CANZONI TIZIO XFUCKTOR\BIBBIA ACCORDI\ShinraMeterV1.97\ShinraMeter.exe FirewallRules: [{D86501E7-F46C-4297-B44B-5B9514D82CB6}] => (Allow) D:\CANZONI TIZIO XFUCKTOR\BIBBIA ACCORDI\ShinraMeterV1.97\ShinraMeter.exe FirewallRules: [{246A3D60-97FF-4CD6-84B3-5F0253D4898C}] => (Allow) D:\EAGLEGET DOWNLOAD VARI\ShinraMeterV2.00\ShinraMeterV2.00\ShinraMeter.exe FirewallRules: [{DD7C8B8D-FD34-4CD1-9C2D-2DA4FA63492A}] => (Allow) D:\EAGLEGET DOWNLOAD VARI\ShinraMeterV2.00\ShinraMeterV2.00\ShinraMeter.exe FirewallRules: [{EF55DA77-9C0D-42B5-BFA8-E756CE0D5561}] => (Allow) D:\EAGLEGET DOWNLOAD VARI\ShinraMeterV2.00\ShinraMeterV2.00\ShinraMeter.exe FirewallRules: [{583F47C9-FFB6-4374-98D6-4175BCBE58E6}] => (Allow) D:\EAGLEGET DOWNLOAD VARI\ShinraMeterV2.00\ShinraMeterV2.00\ShinraMeter.exe FirewallRules: [{5C3A1909-EB16-4849-8DCF-61F8B3A4677A}] => (Allow) D:\MisuraInternetSpeedTest\dist\mist.exe FirewallRules: [{FB1EEBB1-8E24-4BEE-AECC-88866CC380E1}] => (Allow) D:\MisuraInternetSpeedTest\dist\mist.exe FirewallRules: [{DA7814D9-4EFC-4441-9996-0F636043C940}] => (Allow) D:\MisuraInternetSpeedTest\dist\mist.exe FirewallRules: [{8DA7C7D3-C397-4B60-9366-3292A407D53B}] => (Allow) D:\MisuraInternetSpeedTest\dist\mist.exe FirewallRules: [{A4250C3B-BA96-4C87-8C4C-996E68627F18}] => (Allow) D:\MisuraInternetSpeedTest\dist\mist.exe FirewallRules: [{46FEB2BA-96D5-427D-A248-63A1EACAB3FB}] => (Allow) C:\Program Files (x86)\Avira\Scout\Application\scout.exe FirewallRules: [{9C3EAD91-D0AC-46BE-BA74-244B85F8D1D3}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.5.0\DriverBooster.exe FirewallRules: [{52A491B1-DACD-4438-AB12-84E8E06F947F}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.5.0\DriverBooster.exe FirewallRules: [{545D9C9B-8F1A-4A7E-9B95-0A16AE51C496}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.5.0\DBDownloader.exe FirewallRules: [{22C34E11-4615-4FE2-BC6F-1CCC624C4124}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.5.0\DBDownloader.exe FirewallRules: [{723D8C03-EB34-4DDC-B601-72472151AA2E}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.5.0\AutoUpdate.exe FirewallRules: [{278607AB-04D5-46F7-90FD-59A2B618DFE3}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.5.0\AutoUpdate.exe FirewallRules: [{E11542C2-73C6-4900-9A2B-5AE28AF6AFBD}] => (Allow) D:\GameforgeLive\GameforgeLive.exe FirewallRules: [{70816553-19DB-4E57-8C0B-F75714318E16}] => (Allow) D:\GameforgeLive\GameforgeLive.exe FirewallRules: [{8D3F5E31-DD1A-4B50-AD15-BA09ADDCF0E9}] => (Allow) D:\GameforgeLive\GameforgeLive.exe FirewallRules: [{D4E0AEB9-A8DA-40AB-B306-B5CD60D4362F}] => (Allow) D:\GameforgeLive\GameforgeLive.exe FirewallRules: [{09B5727B-592F-4E01-A3A4-AC7C46EEBA44}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{FBD3F670-02F5-4C80-A546-86A799160EF2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{282DFAC0-4A1A-486C-8171-2D9F99FD3674}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{0B6C52E2-D91A-4D35-ACBE-DF92943D61BD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{FE1B722E-B6CA-4317-AB01-E7EAEF4D82BC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Restore Points ========================= 19-09-2017 14:38:54 Microsoft Visual C++ 2005 Redistributable installato 19-09-2017 14:39:05 Installed League of Legends 19-09-2017 14:39:25 DirectX installato 28-09-2017 19:24:22 Revo Uninstaller's restore point - Microsoft LifeChat 28-09-2017 19:24:28 Microsoft LifeChat rimosso 28-09-2017 19:24:55 Revo Uninstaller's restore point - Microsoft LifeChat 11-10-2017 10:49:42 Windows Update 25-10-2017 15:50:10 Punto di controllo pianificato ==================== Faulty Device Manager Devices ============= Name: Enumeratore Bluetooth Microsoft Description: Enumeratore Bluetooth Microsoft Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974} Manufacturer: Microsoft Service: BthEnum Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Dispositivo Bluetooth (Personal Area Network) #2 Description: Dispositivo Bluetooth (Personal Area Network) Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: BthPan Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Dispositivo Bluetooth (RFCOMM protocollo TDI) #2 Description: Dispositivo Bluetooth (RFCOMM protocollo TDI) Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: RFCOMM Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (11/02/2017 04:50:56 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Generazione del contesto di attivazione non riuscita per "C:\Program Files (x86)\Audacity\audacity.exe". Errore nel file manifesto o dei criteri "", alla riga . Una versione del componente richiesta dall'applicazione è in conflitto con un'altra versione del componente già attiva. Componenti in conflitto:. Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Error: (11/02/2017 04:50:56 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Generazione del contesto di attivazione non riuscita per "C:\Program Files (x86)\Audacity\audacity.exe". Errore nel file manifesto o dei criteri "", alla riga . Una versione del componente richiesta dall'applicazione è in conflitto con un'altra versione del componente già attiva. Componenti in conflitto:. Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Error: (11/02/2017 04:33:28 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Il programma mbar.exe versione 1.9.1.1001 non interagisce più con Windows ed è stato chiuso. Per vedere se sono disponibili ulteriori informazioni sul problema, verificare la cronologia del problema in Centro operativo nel Pannello di controllo. ID processo: 22d8 Ora di avvio: 01d353eebf77fdc2 Ora di chiusura: 10832 Percorso applicazione: C:\Users\utente\Desktop\mbar\mbar.exe ID segnalazione: 2280b905-bfe3-11e7-bd32-d0509975c149 Error: (11/02/2017 04:25:23 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome dell'applicazione che ha generato l'errore: RadeonSettings.exe, versione: 10.1.1.1682, timestamp: 0x58fea395 Nome del modulo che ha generato l'errore: RadeonSettings.exe, versione: 10.1.1.1682, timestamp: 0x58fea395 Codice eccezione: 0xc0000409 Offset errore 0x0000000000061f6b ID processo che ha generato l'errore: 0xe58 Ora di avvio dell'applicazione che ha generato l'errore: 0x01d353ee18c4f1a3 Percorso dell'applicazione che ha generato l'errore: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe Percorso del modulo che ha generato l'errore: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe ID segnalazione: 0ac98810-bfe2-11e7-bd32-d0509975c149 Error: (11/02/2017 04:20:27 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Impossibile riattivare il filtro eventi con query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" nello spazio dei nomi "//./root/CIMV2". Errore 0x80041003. Impossibile recapitare gli eventi tramite questo filtro fino alla risoluzione del problema. Error: (11/02/2017 04:20:18 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Generazione del contesto di attivazione non riuscita per "C:\Program Files (x86)\Audacity\audacity.exe". Errore nel file manifesto o dei criteri "", alla riga . Una versione del componente richiesta dall'applicazione è in conflitto con un'altra versione del componente già attiva. Componenti in conflitto:. Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Error: (11/02/2017 04:20:18 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Generazione del contesto di attivazione non riuscita per "C:\Program Files (x86)\Audacity\audacity.exe". Errore nel file manifesto o dei criteri "", alla riga . Una versione del componente richiesta dall'applicazione è in conflitto con un'altra versione del componente già attiva. Componenti in conflitto:. Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Error: (11/02/2017 04:20:18 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Generazione del contesto di attivazione non riuscita per "C:\Program Files (x86)\Audacity\audacity.exe". Errore nel file manifesto o dei criteri "", alla riga . Una versione del componente richiesta dall'applicazione è in conflitto con un'altra versione del componente già attiva. Componenti in conflitto:. Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Error: (11/02/2017 04:20:18 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Generazione del contesto di attivazione non riuscita per "C:\Program Files (x86)\Audacity\audacity.exe". Errore nel file manifesto o dei criteri "", alla riga . Una versione del componente richiesta dall'applicazione è in conflitto con un'altra versione del componente già attiva. Componenti in conflitto:. Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest. Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest. Error: (11/02/2017 04:20:17 PM) (Source: PerfNet) (EventID: 2005) (User: ) Description: Impossibile aprire l'oggetto prestazione del servizio Server. I primi quattro byte (DWORD) della sezione Data contengono il codice di stato, i secondi quattro byte contengono IOSB.Status e i quattro byte successivi contengono IOSB.Information. System errors: ============= Error: (11/02/2017 04:20:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Arresto imprevista del servizio egGetSvc. Questo evento si è già verificato 1 volta(e). Error: (11/02/2017 04:20:27 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: All'avvio non è stato possibile caricare i seguenti driver: cdrom Error: (11/02/2017 04:19:47 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY) Description: Arresto imprevisto del modulo di estendibilità WLAN. Percorso modulo: C:\Windows\system32\Rtlihvs.dll Error: (11/02/2017 04:19:47 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY) Description: Arresto imprevisto del modulo di estendibilità WLAN. Percorso modulo: C:\Windows\system32\Rtlihvs.dll Error: (11/02/2017 04:19:45 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY) Description: Arresto imprevisto del modulo di estendibilità WLAN. Percorso modulo: C:\Windows\system32\Rtlihvs.dll Error: (11/02/2017 04:19:30 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: Ricevuto avviso di errore irreversibile: 70. Error: (11/02/2017 04:19:30 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: Ricevuto avviso di errore irreversibile: 70. Error: (11/02/2017 04:19:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Il servizio Avira Service Host è stato arrestato in modo imprevisto. Questo problema si è verificato 1 volta/e. Le seguenti azioni di correzione saranno eseguite tra 10000 millisecondi: Riavvia il servizio. Error: (11/02/2017 04:19:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Il servizio Servizio di condivisione in rete Windows Media Player è stato arrestato in modo imprevisto. Questo problema si è verificato 1 volta/e. Le seguenti azioni di correzione saranno eseguite tra 30000 millisecondi: Riavvia il servizio. Error: (11/02/2017 04:19:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Arresto imprevista del servizio Intel® ME Service. Questo evento si è già verificato 1 volta(e). CodeIntegrity: =================================== Date: 2017-11-02 16:26:30.140 Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\Program Files (x86)\EagleGet\_eagleGet_x86.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema. Date: 2017-11-02 16:26:30.057 Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\Program Files (x86)\EagleGet\_eagleGet_x86.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema. Date: 2017-11-02 16:26:29.973 Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\Program Files (x86)\EagleGet\_eagleGet_x86.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema. Date: 2017-11-02 16:26:29.887 Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\Program Files (x86)\EagleGet\_eagleGet_x86.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema. Date: 2017-11-02 16:26:29.803 Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\Program Files (x86)\EagleGet\_eagleGet_x86.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema. Date: 2017-11-02 16:26:29.719 Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\Program Files (x86)\EagleGet\_eagleGet_x86.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema. Date: 2017-11-02 16:26:29.629 Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\Program Files (x86)\EagleGet\_eagleGet_x64.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema. Date: 2017-11-02 16:26:29.546 Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\Program Files (x86)\EagleGet\_eagleGet_x64.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema. Date: 2017-11-02 16:26:29.461 Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\Program Files (x86)\EagleGet\_eagleGet_x64.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema. Date: 2017-11-02 16:26:29.373 Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\Program Files (x86)\EagleGet\_eagleGet_x64.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema. ==================== Memory info =========================== Processor: Intel(R) Xeon(R) CPU E3-1230 v3 @ 3.30GHz Percentage of memory in use: 42% Total physical RAM: 16335.33 MB Available physical RAM: 9455.68 MB Total Virtual: 32668.85 MB Available Virtual: 26454.62 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:230.79 GB) (Free:90.75 GB) NTFS Drive d: (Volume) (Fixed) (Total:931.51 GB) (Free:547.06 GB) NTFS Drive e: (HP_TOOLS) (Fixed) (Total:2 GB) (Free:1.92 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 55F2B1F7) Partition 1: (Active) - (Size=81 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=230.8 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=2 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 4560E80B) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) |
03-11-2017, 10:02 | #6 |
Member
Iscritto dal: Jun 2017
Messaggi: 175
|
Ciao
in modalita provvisoria prova se il problema si presenta... disinstalla questo programmi da pannello di controllo( e se non ti serve): -Driver booster (dimmi se cè o meno) Se non ti servono disinstalla anche questi: -Line 6 Uninstaller -Tixati -IZArc Poi posiziona frst sul desktop assieme al file allegato fixlist.txt (mettili tutti e due sul desktop) tasto dx sopra frst--->esegui come amministratore clicca su FIX attendi la fine delle operazioni e che il pc si riavvii ( se non riavvia fa fallo te) posta il file fixlog.txt (lo trovi sul desktop) Fai pulizia con ccleaner sia sistema che registro Fa sapere se il problema è risolto e ricordati di provare se te lo fa anche in modalita provvisoria.... Ciao Ultima modifica di Dan1979 : 03-11-2017 alle 10:05. |
04-11-2017, 08:04 | #7 |
Senior Member
Iscritto dal: Sep 2008
Messaggi: 1334
|
driver booster, tixati, izarc, line6
sono tutti programmi che utilizzo con discreta regolarità. posso sapere come mai mi consigli di eliminarli? ma ccleaner non era stato consigliato di non usarlo perchè aveva dei seri problemi ( malware)? |
04-11-2017, 16:54 | #8 |
Member
Iscritto dal: Jun 2017
Messaggi: 175
|
Ciao
Ancora non mi hai risposto se in modalita provvisoria te lo fa... Driver booster , è un ottimizzatore di driver , alle volte puo fare danni....non sono amante di questo genere e di programmi... Tixati mi pare che sia un programma p2p e quindi puo portare virus come qualsiasi programma p2p(es;utorrent)... Gli altri non li conosco.... Comunque se li utilizzi puoi tenerli, te l ho specificato nel post precedente.... Il fix e il resto delle istruzioni le hai eseguite?? Ricordati di postare il fixlog.txt.... Per quanto riguarda ccleaner, chi ti ha sconsigliato di usarlo?? Il fattaccio di ccleaner ormai è alle spalle... In piu riguarda chi ha installato la versione 5.33 a 32 bit, da meta agosto a meta settembre... Te non lo hai installato anzi non ce lo hai proprio installato.... Quindi scaricalo e usalo pure.... Ti rimando a questa mia guida rigurdo il virus di ccleaner...https://www.tomshw.it/forum/threads/...leaner.665763/ comunque esegui tutto e poi vediamo... Ultima modifica di Dan1979 : 04-11-2017 alle 17:07. |
04-11-2017, 18:10 | #9 |
Senior Member
Iscritto dal: Sep 2008
Messaggi: 1334
|
ok perfetto e grazie per l'aiuto. vedo in questi giorni di postarti il tutto. allora ti posso già dire che lo scherzetto della tastiera non me lo sta piu' facendo da quando ho eseguito le varie scansioni, anche in modalità provvisoria non me lo ha fatto. se mi dici che driver booster può far danni, lo tolgo
scusa la mia ignoranza: il file fixlog.txt è quello composto da 2 pagine di frst o è un altro programma ancora? comunque anche oggi, per il momento, nessun problema con la tastiera
__________________
http://www.soundclick.com/bands/defa...&content=music https://www.facebook.com/pages/Marij...?ref=bookmarks https://www.youtube.com/user/marijuanalband/videos NUOVA BAND https://open.spotify.com/artist/16NQy3R65tJVHg3STU4eFN Ultima modifica di lidel : 05-11-2017 alle 12:19. |
07-11-2017, 08:04 | #10 |
Member
Iscritto dal: Jun 2017
Messaggi: 175
|
Ciao
Driver booster non ho detto che lo devi togliere.... Se vuoi il mio parere per aggiornare i driver conviene sempre verificare a mano nei siti dei produttori se ci sono versioni di driver piu recenti... Poi se te ti trovi bene con driver booster nessun problema lo puoi tenere... Le due pagine di frst, come dici sono frst.txt e addition.txt che ha generato il programma la prima volta quando hai fatto la scansione (non centrano nulla con il fixlog.txt).. Il file fixlog.txt te lo genera dopo aver eseguito il FIX con frst (dovrebbe essere sul desktop se hai seguito le mie istruzioni),che ti ho fornito nei post precedenti(si chiama fixlist.txt)... Ciao |
Strumenti | |
|
|
Tutti gli orari sono GMT +1. Ora sono le: 15:16.