highjackthis: chi mi aiuta su cosa devo cancellare?

[lidel]

da qualche settimana a questa parte, in maniera random, mi capita che mi si blocchi la tastiera mentre sto scrivendo e devo riavviare il pc. mi esce una voce -trova- ed anche se provo a chiuderla non risolvo niente, anche staccando e rimettendo la tastiera, il problema non si risolve. non ho visitato siti strani, scaricato programmi nuovi, non so piu' dove sbattere la testa. allego qui il log anche perchè non riesco a caricare l'allegato.

Running processes:
D:\STEAM DI MERDA\Steam.exe
D:\STEAM DI MERDA\bin\cef\cef.win7\steamwebhelper.exe
D:\STEAM DI MERDA\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\EagleGet\EGMonitor.exe
C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
C:\Program Files (x86)\IObit\Driver Booster\4.5.0\Scheduler.exe
C:\Program Files (x86)\EagleGet\EagleGet.exe
D:\MARIJUANAL PROPOSTE NUOVI PEZZI\EP 2017\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.it/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows

\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: bteagleget.com - {1E871FF8-029C-4732-8AA7-39E3D3872057} - C:\Program Files

(x86)\EagleGet\eagleSniffer.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:

\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:

\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-

4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Steam] "D:\STEAM DI MERDA\steam.exe" -silent
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_794A01316FF834CFBC6EA254BFA37FF1] "C:\Program

Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
O8 - Extra context menu item: Download all links with EagleGet - res://C:\Program Files

(x86)\EagleGet\IEGraberBHO.dll/202
O8 - Extra context menu item: Download with EagleGet - res://C:\Program Files

(x86)\EagleGet\IEGraberBHO.dll/201
O8 - Extra context menu item: E&sporta in Microsoft Excel - res://C:

\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: I&nvia a OneNote - res://C:

\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program

Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:

\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra button: Invia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program

Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: I&nvia a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} -

C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -

C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Note collegate di OneNote - {789FE86F-6FC4-46A1-9849-

EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.line6.net
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) -

http://www.nvidia.com/content/Driver...aSmartScan.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{55A0C60E-57E7-44EC-8F22-3AC48302900A}: NameServer

= 85.37.17.51,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{B561EC35-75E1-4658-B7B2-F68E1B51A93F}: NameServer

= 8.8.8.8,8.8.4.4
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files

(x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe

Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows

\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows

\system32\atiesrxx.exe (file missing)
O23 - Service: ACP User Service (amdacpusrsvc) - Advanced Micro Devices - C:\Program

Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
O23 - Service: Avira Protezione email (AntiVirMailService) - Avira Operations GmbH & Co.

KG - C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
O23 - Service: Avira Pianificatore (AntiVirSchedulerService) - Avira Operations GmbH & Co.

KG - C:\Program Files (x86)\Avira\Antivirus\sched.exe
O23 - Service: Avira Protezione in tempo reale (AntiVirService) - Avira Operations GmbH &

Co. KG - C:\Program Files (x86)\Avira\Antivirus\avguard.exe
O23 - Service: Avira Protezione web (AntiVirWebService) - Avira Operations GmbH & Co. KG -

C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG -

C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service: AvrcpService - Realtek Semiconductor Corporation - C:\Program Files

(x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe
O23 - Service: BTDevManager - Unknown owner - C:\Program Files (x86)\REALTEK\Realtek

Bluetooth\BTDevMgr.exe
O23 - Service: Com4QLBEx - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\HP Quick

Launch Buttons\Com4QLBEx.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:

\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows

\System32\lsass.exe (file missing)
O23 - Service: egGetSvc - Unknown owner - C:\Program Files (x86)\EagleGet\EGMonitor.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows

\system32\fxssvc.exe (file missing)
O23 - Service: Foxit Reader Service (FoxitReaderService) - Foxit Software Inc. - C:

\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\FoxitConnectedPDFService.exe
O23 - Service: Servizio Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files

(x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program

Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files

(x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService)

- HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions

\HPSupportSolutionsFrameworkService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation -

C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService)

- Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) -

Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R)

Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel® ME Service (Intel(R) ME Service) - Intel Corporation - C:\Program

Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Intel Corporation - C:\Program Files

(x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) -

Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components

\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe

(file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS)

- Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components

\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe

(file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG -

C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: NeMeSys Service (Nemesys) - Fondazione Ugo Bordoni - C:\Program Files

(x86)\Nemesys\dist\Nemesys.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:

\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows

\system32\GameMon.des.exe (file missing)
O23 - Service: Overwolf Updater Windows SCM (OverwolfUpdater) - Overwolf LTD - C:\Program

Files (x86)\Overwolf\OverwolfUpdater.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner -

C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:

\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:

\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: RtkBleServ - Realtek Semiconductor Corporation - C:\Program Files

(x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows

\system32\lsass.exe (file missing)
O23 - Service: Servizio Scout Update (scupdate) (scupdate) - Avira Operations GmbH & Co.

KG - C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe
O23 - Service: Servizio Scout Update (scupdatem) (scupdatem) - Avira Operations GmbH & Co.

KG - C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files

(x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:

\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:

\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:

\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common

Files\Steam\SteamService.exe
O23 - Service: TeamViewer 12 (TeamViewer) - TeamViewer GmbH - C:\Program Files

(x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:

\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:

\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows

\System32\vds.exe (file missing)
O23 - Service: Copia shadow del volume (VSS) - Unknown owner - C:\Windows

\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner -

C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:

\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner -

C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) -

Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

[Dan1979]

Ciao
Te lo fa anche in modalita provvisoria??
Hjackthis è obsoleto.....
esegui i software sotto in sequenza come postati ;

Malwarebyte antimalware scaricalo da qui https://it.malwarebytes.com/
fai la scansione ed elimina cio che trova e posta il log generato

Poi scarica adwcleaner da qui https://www.bleepingcomputer.com/download/adwcleaner/
tasto dx sopra eseguibile avvia come amministratore e fai la scansione elimina quello che trova e posta il log

Scarica tdsskiller da qui www.bleepingcomputer.com/download/tdsskiller/
Segui questa guida per il programma http://www.why-tech.it/come-rimuover...-dal-pc-1.htmlPosta il log report

Poi scarica Malwarebyte Antirootkit da qui https://it.malwarebytes.com/antirootkit/
Segui la guida fornita nel sito nella stessapagina del download
Posta il log generato

Infine ,esegui una scansione con roguekiller...
Scaricalo da qui...
http://www.adlice.com/download/roguekiller/
Segui questa guida per usare il programma
http://it.ccm.net/faq/3204-come-usare
Cancella solo le voci di colore rosso...
Posta il.report

Infine scarica frst da qui https://www.bleepingcomputer.com/dow...ery-scan-tool/
scarica la versione adatta al tuo sistema operativo 32 o 64 bit
posiziona l eseguibile sul desktop
tasto dx sopra eseguibile--apri come amministratore
una volta aperto clicca su scan
postare log frst.txt e addition.txt

Non preoccuparti le scansioni sono quasi tutte relativamente veloci...

[lidel]

non mi sono state trovate praticamente infezioni , nessun file di colore rosso da eliminare, niente di niente.

[Dan1979]

Ti riferisci a rogue killer??
Posta il log....
Posta i log di frst...

[lidel]

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Valve Corporation) D:\STEAM DI MERDA\Steam.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe
(Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\AvrcpService.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
(Fondazione Ugo Bordoni) C:\Program Files (x86)\Nemesys\dist\Nemesys.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\RtkBleServ.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files (x86)\EagleGet\EGMonitor.exe
(Valve Corporation) D:\STEAM DI MERDA\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) D:\STEAM DI MERDA\bin\cef\cef.win7\steamwebhelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(EagleGet.com) C:\Program Files (x86)\EagleGet\EagleGet.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKU\S-1-5-21-3496829260-2876884002-4000285576-1001\...\Run: [Steam] => D:\STEAM DI MERDA\steam.exe [3102496 2017-10-31] (Valve Corporation)
HKU\S-1-5-21-3496829260-2876884002-4000285576-1001\...\Run: [GoogleChromeAutoLaunch_794A01316FF834CFBC6EA254BFA37FF1] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1451352 2017-09-21] (Google Inc.)
HKU\S-1-5-21-3496829260-2876884002-4000285576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Steam] => D:\STEAM DI MERDA\steam.exe [3102496 2017-10-31] (Valve Corporation)
HKU\S-1-5-21-3496829260-2876884002-4000285576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GoogleChromeAutoLaunch_794A01316FF834CFBC6EA254BFA37FF1] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1451352 2017-09-21] (Google Inc.)
BootExecute: ampa
GroupPolicy: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{55A0C60E-57E7-44EC-8F22-3AC48302900A}: [NameServer] 85.37.17.51,8.8.4.4
Tcpip\..\Interfaces\{55A0C60E-57E7-44EC-8F22-3AC48302900A}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{B561EC35-75E1-4658-B7B2-F68E1B51A93F}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{B561EC35-75E1-4658-B7B2-F68E1B51A93F}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3496829260-2876884002-4000285576-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3496829260-2876884002-4000285576-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.it/
HKU\S-1-5-21-3496829260-2876884002-4000285576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3496829260-2876884002-4000285576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.it/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-09-22] (Eyeo GmbH)
BHO-x32: EGet Class -> {1E871FF8-029C-4732-8AA7-39E3D3872057} -> C:\Program Files (x86)\EagleGet\eagleSniffer.dll [2017-09-20] (EagleGet.com)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH)
DPF: HKLM-x32 {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab

FireFox:
========
FF ProfilePath: C:\Users\utente\AppData\Roaming\Mozilla\Firefox\Profiles\MtJsu49B.default [2016-11-24]
FF Extension: (Avira Browser Safety) - C:\Users\utente\AppData\Roaming\Mozilla\Firefox\Profiles\MtJsu49B.default\Extensions\abs@avira.com [2016-11-24]
FF HKU\S-1-5-21-3496829260-2876884002-4000285576-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi => not found
FF HKU\S-1-5-21-3496829260-2876884002-4000285576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi => not found
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-11-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-11-10] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2012-08-10] (Nero AG)
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npnxgameEU.dll [No File]
FF Plugin-x32: @scout.avira-update.com/Avira Scout Update;version=3 -> C:\Program Files (x86)\Avira\Scout Update\1.3.32.7\npScoutUpdate3.dll [2017-04-19] (Avira Operations GmbH & Co. KG)
FF Plugin-x32: @scout.avira-update.com/Avira Scout Update;version=9 -> C:\Program Files (x86)\Avira\Scout Update\1.3.32.7\npScoutUpdate3.dll [2017-04-19] (Avira Operations GmbH & Co. KG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin HKU\S-1-5-21-3496829260-2876884002-4000285576-1001: @my.com/Games -> C:\Users\utente\AppData\Local\MyComGames\NPMyComDetector.dll [2016-11-03] (MY.COM B.V.)
FF Plugin HKU\S-1-5-21-3496829260-2876884002-4000285576-1001: eagleget.com/EagleGet32 -> C:\Program Files (x86)\EagleGet\npEagleget.dll [2016-08-01] (EagleGet)
FF Plugin HKU\S-1-5-21-3496829260-2876884002-4000285576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @my.com/Games -> C:\Users\utente\AppData\Local\MyComGames\NPMyComDetector.dll [2016-11-03] (MY.COM B.V.)
FF Plugin HKU\S-1-5-21-3496829260-2876884002-4000285576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: eagleget.com/EagleGet32 -> C:\Program Files (x86)\EagleGet\npEagleget.dll [2016-08-01] (EagleGet)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.libero.it/
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\utente\AppData\Local\Google\Chrome\User Data\Default [2017-11-02]
CHR Extension: (Presentazioni) - C:\Users\utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Documenti) - C:\Users\utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Google Drive) - C:\Users\utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-10]
CHR Extension: (Pop up blocker for Chrome™ - Poper Blocker) - C:\Users\utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2017-09-10]
CHR Extension: (YouTube) - C:\Users\utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-10]
CHR Extension: (uBlock Origin) - C:\Users\utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2017-10-16]
CHR Extension: (Google Search) - C:\Users\utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-10]
CHR Extension: (Tampermonkey) - C:\Users\utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2017-09-19]
CHR Extension: (Fogli) - C:\Users\utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Sicurezza browser Avira) - C:\Users\utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-06-07]
CHR Extension: (Google Documenti offline) - C:\Users\utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (EagleGet Free Downloader) - C:\Users\utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\kaebhgioafceeldhgjmendlfhbfjefmo [2017-10-17]
CHR Extension: (Skype) - C:\Users\utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-07-30]
CHR Extension: (Pagamenti Chrome Web Store) - C:\Users\utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Google Publisher Toolbar) - C:\Users\utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\omioeahgfecgfpfldejlnideemfidnkc [2017-03-01]
CHR Extension: (ForumFree) - C:\Users\utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\onpaokmjncandjkacmikamfgfpfkgfdb [2016-02-08]
CHR Extension: (Gmail) - C:\Users\utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-10]
CHR Extension: (Chrome Media Router) - C:\Users\utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-27]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [hdkdmoacnkphoadmfidlhfdobieblphn] - C:\Program Files (x86)\EagleGet\addon\eagleget_newtab.crx [2017-05-05]
CHR HKLM\...\Chrome\Extension: [kaebhgioafceeldhgjmendlfhbfjefmo] - C:\Program Files (x86)\EagleGet\addon\eagleget_cext@eagleget.com.crx [2016-07-15]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>
CHR HKU\S-1-5-21-3496829260-2876884002-4000285576-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [hdkdmoacnkphoadmfidlhfdobieblphn] - C:\Program Files (x86)\EagleGet\addon\eagleget_newtab.crx [2017-05-05]
CHR HKU\S-1-5-21-3496829260-2876884002-4000285576-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kaebhgioafceeldhgjmendlfhbfjefmo] - C:\Program Files (x86)\EagleGet\addon\eagleget_cext@eagleget.com.crx [2016-07-15]
CHR HKU\S-1-5-21-3496829260-2876884002-4000285576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [hdkdmoacnkphoadmfidlhfdobieblphn] - C:\Program Files (x86)\EagleGet\addon\eagleget_newtab.crx [2017-05-05]
CHR HKU\S-1-5-21-3496829260-2876884002-4000285576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kaebhgioafceeldhgjmendlfhbfjefmo] - C:\Program Files (x86)\EagleGet\addon\eagleget_cext@eagleget.com.crx [2016-07-15]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [hdkdmoacnkphoadmfidlhfdobieblphn] - C:\Program Files (x86)\EagleGet\addon\eagleget_newtab.crx [2017-05-05]
CHR HKLM-x32\...\Chrome\Extension: [kaebhgioafceeldhgjmendlfhbfjefmo] - C:\Program Files (x86)\EagleGet\addon\eagleget_cext@eagleget.com.crx [2016-07-15]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2017-04-24] (Advanced Micro Devices) [File not signed]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1128432 2017-10-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [490968 2017-10-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [490968 2017-10-12] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1525240 2017-10-12] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [407408 2017-10-26] (Avira Operations GmbH & Co. KG)
R2 AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [35328 2013-05-07] (Realtek Semiconductor Corporation) [File not signed]
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [79872 2014-01-06] () [File not signed]
S2 egGetSvc; C:\Program Files (x86)\EagleGet\EGMonitor.exe [247992 2017-09-20] ()
R2 FoxitReaderService; C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\FoxitConnectedPDFService.exe [1659592 2017-04-13] (Foxit Software Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [323952 2017-09-27] (HP Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [345864 2015-03-19] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [132896 2014-11-10] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2014-11-10] (Intel Corporation)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes)
R2 Nemesys; C:\Program Files (x86)\Nemesys\dist\Nemesys.exe [90112 2016-11-22] (Fondazione Ugo Bordoni) [File not signed]
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3519984 2016-01-27] (INCA Internet Co., Ltd.)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1451336 2017-10-23] (Overwolf LTD)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [320512 2017-01-11] (Realtek Semiconductor)
R2 RtkBleServ; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe [42496 2013-04-25] (Realtek Semiconductor Corporation) [File not signed]
S2 scupdate; C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe [157144 2016-11-24] (Avira Operations GmbH & Co. KG)
S3 scupdatem; C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe [157144 2016-11-24] (Avira Operations GmbH & Co. KG)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803440 2017-08-29] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 Com4QLBEx; "C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [305544 2017-08-03] (Advanced Micro Devices)
S3 asmthub3; C:\Windows\System32\DRIVERS\asmthub3.sys [126952 2011-02-24] (ASMedia Technology Inc) [File not signed]
S3 asmtxhci; C:\Windows\System32\DRIVERS\asmtxhci.sys [389608 2011-02-24] (ASMedia Technology Inc) [File not signed]
S3 ASUSU1; C:\Windows\System32\drivers\cm11264.sys [1308160 2011-08-23] (C-Media Electronics Inc)
R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [64504 2017-06-20] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [194272 2017-10-12] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [151128 2017-09-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [35328 2017-03-28] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [78600 2017-03-28] (Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [34128 2017-06-20] (Avira Operations GmbH & Co. KG)
R3 eagleGet; C:\Windows\System32\Drivers\eagleGet.sys [77424 2016-10-06] (eagleGet)
R3 ETDSMBus; C:\Windows\System32\DRIVERS\ETDSMBus.sys [32840 2017-06-22] (ELAN Microelectronic Corp.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-09-06] (REALiX(tm))
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [31712 2016-06-19] (Intel Corporation)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2013-07-18] (Qualcomm Atheros Co., Ltd.)
S3 L6TPortA; C:\Windows\System32\Drivers\L6TPortA64.sys [777728 2015-08-21] (Line 6) [File not signed]
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [200272 2017-08-03] (Intel Corporation)
S3 MODEMCSA; C:\Windows\System32\drivers\MODEMCSA.sys [24064 2009-07-14] (Microsoft Corporation)
R1 npcap; C:\Windows\System32\DRIVERS\npcap.sys [72400 2017-07-27] (Insecure.Com LLC.)
S3 RDID1117; C:\Windows\System32\Drivers\rdwm1117.sys [304512 2013-10-03] (Roland Corporation)
R3 RtkBtFilter; C:\Windows\System32\DRIVERS\RtkBtfilter.sys [718080 2017-01-11] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [6687184 2017-07-09] (Realtek Semiconductor Corporation )
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [44144 2016-09-17] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [137840 2016-10-08] (Razer, Inc.)
S3 RZSURROUNDVADService; C:\Windows\System32\drivers\RzSurroundVAD.sys [49176 2016-10-16] (Windows (R) Win 7 DDK provider)
S3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33008 2014-09-17] (Synaptics Incorporated)
S3 BtAudioBusSrv; System32\Drivers\BtAudioBus.sys [X]
S3 BthL2caScoIfSrv; System32\Drivers\BtL2caScoIf.sys [X]
S3 btUrbFilterDrv; System32\Drivers\IvtUrbBtFlt.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 e1cexpress; system32\DRIVERS\e1c62x64.sys [X]
S3 netr28x; system32\DRIVERS\netr28x.sys [X]
U4 npcap_wifi; no ImagePath
S4 NVHDA; system32\drivers\nvhda64v.sys [X]
S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [X]
S3 RSP2STOR; system32\DRIVERS\RtsP2Stor.sys [X]
S3 rtbth; system32\DRIVERS\rtbth.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Three Months Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-11-02 16:53 - 2017-11-02 16:53 - 000026793 _____ C:\Users\utente\Desktop\FRST.txt
2017-11-02 16:53 - 2017-11-02 16:53 - 000000000 ____D C:\FRST
2017-11-02 16:50 - 2017-11-02 16:50 - 002403328 _____ (Farbar) C:\Users\utente\Desktop\FRST64.exe
2017-11-02 16:25 - 2017-11-02 16:33 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-11-02 16:25 - 2017-11-02 16:25 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\41378434.sys
2017-11-02 16:25 - 2017-11-02 16:25 - 000192952 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2017-11-02 16:24 - 2017-11-02 16:33 - 000000000 ____D C:\Users\utente\Desktop\mbar
2017-11-02 16:23 - 2017-11-02 16:23 - 000226080 _____ C:\TDSSKiller.3.1.0.15_02.11.2017_16.23.31_log.txt
2017-11-02 16:12 - 2017-11-02 16:25 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-11-02 16:12 - 2017-11-02 16:12 - 000001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-11-02 16:12 - 2017-11-02 16:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-11-02 16:12 - 2017-11-02 16:12 - 000000000 ____D C:\Program Files\Malwarebytes
2017-11-02 16:12 - 2017-10-04 13:15 - 000077440 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-10-30 08:05 - 2017-10-30 08:05 - 000000711 _____ C:\Users\utente\Desktop\TCC-0.8.30 - collegamento.lnk
2017-10-27 20:06 - 2017-10-27 20:06 - 000001116 _____ C:\Users\Public\Desktop\Avira.lnk
2017-10-26 10:14 - 2017-10-26 10:14 - 000000000 ____D C:\Users\utente\Documents\Audacity
2017-10-12 12:51 - 2017-11-02 16:19 - 000003292 _____ C:\Windows\System32\Tasks\Avira_Antivirus_Systray
2017-10-11 10:52 - 2017-10-11 10:52 - 126925120 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2017-10-11 08:08 - 2017-09-13 16:33 - 000631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-10-11 08:08 - 2017-09-13 16:32 - 005547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-10-11 08:08 - 2017-09-13 16:32 - 000706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-10-11 08:08 - 2017-09-13 16:32 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-10-11 08:08 - 2017-09-13 16:32 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-10-11 08:08 - 2017-09-13 16:31 - 001732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-10-11 08:08 - 2017-09-13 16:28 - 001212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-10-11 08:08 - 2017-09-13 16:28 - 001068544 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2017-10-11 08:08 - 2017-09-13 16:28 - 000886272 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2017-10-11 08:08 - 2017-09-13 16:28 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-10-11 08:08 - 2017-09-13 16:28 - 000448512 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2017-10-11 08:08 - 2017-09-13 16:28 - 000414208 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2017-10-11 08:08 - 2017-09-13 16:28 - 000362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2017-10-11 08:08 - 2017-09-13 16:28 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-10-11 08:08 - 2017-09-13 16:28 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-10-11 08:08 - 2017-09-13 16:28 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-10-11 08:08 - 2017-09-13 16:28 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2017-10-11 08:08 - 2017-09-13 16:28 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-10-11 08:08 - 2017-09-13 16:28 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-10-11 08:08 - 2017-09-13 16:28 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-10-11 08:08 - 2017-09-13 16:28 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-10-11 08:08 - 2017-09-13 16:28 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-10-11 08:08 - 2017-09-13 16:28 - 000118784 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2017-10-11 08:08 - 2017-09-13 16:28 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2017-10-11 08:08 - 2017-09-13 16:28 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-10-11 08:08 - 2017-09-13 16:28 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-10-11 08:08 - 2017-09-13 16:28 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-10-11 08:08 - 2017-09-13 16:28 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-10-11 08:08 - 2017-09-13 16:28 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-10-11 08:08 - 2017-09-13 16:28 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-10-11 08:08 - 2017-09-13 16:28 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2017-10-11 08:08 - 2017-09-13 16:28 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2017-10-11 08:08 - 2017-09-13 16:27 - 001460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-10-11 08:08 - 2017-09-13 16:27 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-10-11 08:08 - 2017-09-13 16:27 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-10-11 08:08 - 2017-09-13 16:27 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-10-11 08:08 - 2017-09-13 16:27 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-10-11 08:08 - 2017-09-13 16:27 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-10-11 08:08 - 2017-09-13 16:27 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-10-11 08:08 - 2017-09-13 16:27 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-10-11 08:08 - 2017-09-13 16:27 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-10-11 08:08 - 2017-09-13 16:27 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-10-11 08:08 - 2017-09-13 16:27 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-10-11 08:08 - 2017-09-13 16:27 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-10-11 08:08 - 2017-09-13 16:27 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-10-11 08:08 - 2017-09-13 16:27 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-10-11 08:08 - 2017-09-13 16:27 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-10-11 08:08 - 2017-09-13 16:27 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-10-11 08:08 - 2017-09-13 16:27 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-10-11 08:08 - 2017-09-13 16:27 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-10-11 08:08 - 2017-09-13 16:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-10-11 08:08 - 2017-09-13 16:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-10-11 08:08 - 2017-09-13 16:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-10-11 08:08 - 2017-09-13 16:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-10-11 08:08 - 2017-09-13 16:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-10-11 08:08 - 2017-09-13 16:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-10-11 08:08 - 2017-09-13 16:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-10-11 08:08 - 2017-09-13 16:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-10-11 08:08 - 2017-09-13 16:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-10-11 08:08 - 2017-09-13 16:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-10-11 08:08 - 2017-09-13 16:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-10-11 08:08 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-10-11 08:08 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-10-11 08:08 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-10-11 08:08 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-10-11 08:08 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-10-11 08:08 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-10-11 08:08 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-10-11 08:08 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-10-11 08:08 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-10-11 08:08 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-10-11 08:08 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-10-11 08:08 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-10-11 08:08 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-10-11 08:08 - 2017-09-13 16:13 - 004001512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2017-10-11 08:08 - 2017-09-13 16:13 - 003945704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2017-10-11 08:08 - 2017-09-13 16:10 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-10-11 08:08 - 2017-09-13 16:09 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-10-11 08:08 - 2017-09-13 16:09 - 000830464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2017-10-11 08:08 - 2017-09-13 16:09 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-10-11 08:08 - 2017-09-13 16:09 - 000428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2017-10-11 08:08 - 2017-09-13 16:09 - 000392704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlansec.dll
2017-10-11 08:08 - 2017-09-13 16:09 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-10-11 08:08 - 2017-09-13 16:09 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-10-11 08:08 - 2017-09-13 16:09 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-10-11 08:08 - 2017-09-13 16:09 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-10-11 08:08 - 2017-09-13 16:09 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-10-11 08:08 - 2017-09-13 16:09 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-10-11 08:08 - 2017-09-13 16:09 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-10-11 08:08 - 2017-09-13 16:09 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-10-11 08:08 - 2017-09-13 16:09 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
2017-10-11 08:08 - 2017-09-13 16:09 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-10-11 08:08 - 2017-09-13 16:09 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2017-10-11 08:08 - 2017-09-13 16:09 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-10-11 08:08 - 2017-09-13 16:09 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-10-11 08:08 - 2017-09-13 16:09 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2017-10-11 08:08 - 2017-09-13 16:09 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-10-11 08:08 - 2017-09-13 16:09 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2017-10-11 08:08 - 2017-09-13 16:08 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-10-11 08:08 - 2017-09-13 16:08 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2017-10-11 08:08 - 2017-09-13 16:08 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-10-11 08:08 - 2017-09-13 16:08 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-10-11 08:08 - 2017-09-13 16:08 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-10-11 08:08 - 2017-09-13 16:08 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-10-11 08:08 - 2017-09-13 16:08 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2017-10-11 08:08 - 2017-09-13 16:08 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-10-11 08:08 - 2017-09-13 16:08 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-10-11 08:08 - 2017-09-13 16:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-10-11 08:08 - 2017-09-13 16:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-10-11 08:08 - 2017-09-13 16:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-10-11 08:08 - 2017-09-13 16:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-10-11 08:08 - 2017-09-13 16:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-10-11 08:08 - 2017-09-13 16:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-10-11 08:08 - 2017-09-13 16:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-10-11 08:08 - 2017-09-13 16:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-10-11 08:08 - 2017-09-13 16:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-10-11 08:08 - 2017-09-13 16:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-10-11 08:08 - 2017-09-13 16:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-10-11 08:08 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-10-11 08:08 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-10-11 08:08 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-10-11 08:08 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-10-11 08:08 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-10-11 08:08 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-10-11 08:08 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-10-11 08:08 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-10-11 08:08 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-10-11 08:08 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-10-11 08:08 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-10-11 08:08 - 2017-09-13 16:05 - 000324608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2017-10-11 08:08 - 2017-09-13 16:00 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-10-11 08:08 - 2017-09-13 16:00 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-10-11 08:08 - 2017-09-13 16:00 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-10-11 08:08 - 2017-09-13 16:00 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-10-11 08:08 - 2017-09-13 15:57 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-10-11 08:08 - 2017-09-13 15:56 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-10-11 08:08 - 2017-09-13 15:53 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-10-11 08:08 - 2017-09-13 15:53 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-10-11 08:08 - 2017-09-13 15:53 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-10-11 08:08 - 2017-09-13 15:52 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-10-11 08:08 - 2017-09-13 15:52 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-10-11 08:08 - 2017-09-13 15:50 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-10-11 08:08 - 2017-09-13 15:47 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2017-10-11 08:08 - 2017-09-13 15:46 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-10-11 08:08 - 2017-09-13 15:46 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2017-10-11 08:08 - 2017-09-13 15:46 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2017-10-11 08:08 - 2017-09-13 15:46 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-10-11 08:08 - 2017-09-13 15:46 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-10-11 08:08 - 2017-09-13 15:46 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-10-11 08:08 - 2017-09-13 15:46 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-10-11 08:08 - 2017-09-13 15:46 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2017-10-11 08:08 - 2017-09-09 01:45 - 000395984 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-10-11 08:08 - 2017-09-09 00:47 - 000347344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-10-11 08:08 - 2017-09-08 16:34 - 001680616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-10-11 08:08 - 2017-09-08 16:30 - 002319872 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-10-11 08:08 - 2017-09-08 16:30 - 002222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-10-11 08:08 - 2017-09-08 16:30 - 002058240 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2017-10-11 08:08 - 2017-09-08 16:30 - 000778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2017-10-11 08:08 - 2017-09-08 16:30 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2017-10-11 08:08 - 2017-09-08 16:30 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-10-11 08:08 - 2017-09-08 16:30 - 000288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2017-10-11 08:08 - 2017-09-08 16:30 - 000149504 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2017-10-11 08:08 - 2017-09-08 16:30 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2017-10-11 08:08 - 2017-09-08 16:30 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-10-11 08:08 - 2017-09-08 16:30 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2017-10-11 08:08 - 2017-09-08 16:30 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2017-10-11 08:08 - 2017-09-08 16:14 - 000591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-10-11 08:08 - 2017-09-08 16:13 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-10-11 08:08 - 2017-09-08 16:13 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2017-10-11 08:08 - 2017-09-08 16:10 - 001549824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-10-11 08:08 - 2017-09-08 16:10 - 001363968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Query.dll
2017-10-11 08:08 - 2017-09-08 16:10 - 000312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-10-11 08:08 - 2017-09-08 16:10 - 000109568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2017-10-11 08:08 - 2017-09-08 16:09 - 001400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-10-11 08:08 - 2017-09-08 16:09 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2017-10-11 08:08 - 2017-09-08 16:09 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2017-10-11 08:08 - 2017-09-08 16:09 - 000197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2017-10-11 08:08 - 2017-09-08 16:09 - 000104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2017-10-11 08:08 - 2017-09-08 16:09 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2017-10-11 08:08 - 2017-09-08 16:09 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2017-10-11 08:08 - 2017-09-08 16:00 - 003222016 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-10-11 08:08 - 2017-09-08 16:00 - 000427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-10-11 08:08 - 2017-09-08 16:00 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-10-11 08:08 - 2017-09-08 15:59 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2017-10-11 08:08 - 2017-09-08 15:59 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2017-10-11 08:08 - 2017-09-08 15:20 - 000640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswstr10.dll
2017-10-11 08:08 - 2017-09-08 15:20 - 000345088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2017-10-11 08:08 - 2017-09-08 15:20 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjint40.dll
2017-10-11 08:08 - 2017-09-07 22:38 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-10-11 08:08 - 2017-09-07 22:37 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-10-11 08:08 - 2017-09-07 22:19 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-10-11 08:08 - 2017-09-07 22:18 - 000417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-10-11 08:08 - 2017-09-07 22:18 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-10-11 08:08 - 2017-09-07 22:17 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-10-11 08:08 - 2017-09-07 22:17 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-10-11 08:08 - 2017-09-07 22:15 - 002902528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-10-11 08:08 - 2017-09-07 22:08 - 025729536 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-10-11 08:08 - 2017-09-07 22:08 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-10-11 08:08 - 2017-09-07 22:07 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-10-11 08:08 - 2017-09-07 22:02 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-10-11 08:08 - 2017-09-07 22:01 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-10-11 08:08 - 2017-09-07 22:01 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-10-11 08:08 - 2017-09-07 22:01 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-10-11 08:08 - 2017-09-07 22:00 - 000817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-10-11 08:08 - 2017-09-07 21:52 - 000968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-10-11 08:08 - 2017-09-07 21:48 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-10-11 08:08 - 2017-09-07 21:40 - 005982208 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-10-11 08:08 - 2017-09-07 21:39 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-10-11 08:08 - 2017-09-07 21:38 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-10-11 08:08 - 2017-09-07 21:37 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-10-11 08:08 - 2017-09-07 21:33 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-10-11 08:08 - 2017-09-07 21:32 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-10-11 08:08 - 2017-09-07 21:29 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-10-11 08:08 - 2017-09-07 21:27 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-10-11 08:08 - 2017-09-07 21:13 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-10-11 08:08 - 2017-09-07 21:10 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-10-11 08:08 - 2017-09-07 21:10 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-10-11 08:08 - 2017-09-07 21:08 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-10-11 08:08 - 2017-09-07 21:08 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-10-11 08:08 - 2017-09-07 20:44 - 015262720 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-10-11 08:08 - 2017-09-07 20:40 - 003240960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-10-11 08:08 - 2017-09-07 20:27 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-10-11 08:08 - 2017-09-07 20:27 - 001548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-10-11 08:08 - 2017-09-07 20:17 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-10-11 08:08 - 2017-09-07 20:11 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-10-11 08:08 - 2017-09-07 20:10 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-10-11 08:08 - 2017-09-07 20:10 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-10-11 08:08 - 2017-09-07 20:10 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-10-11 08:08 - 2017-09-07 20:09 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-10-11 08:08 - 2017-09-07 20:04 - 020267008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-10-11 08:08 - 2017-09-07 20:03 - 002292736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-10-11 08:08 - 2017-09-07 20:03 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-10-11 08:08 - 2017-09-07 20:02 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-10-11 08:08 - 2017-09-07 19:59 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-10-11 08:08 - 2017-09-07 19:58 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-10-11 08:08 - 2017-09-07 19:58 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-10-11 08:08 - 2017-09-07 19:58 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-10-11 08:08 - 2017-09-07 19:49 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-10-11 08:08 - 2017-09-07 19:44 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-10-11 08:08 - 2017-09-07 19:44 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-10-11 08:08 - 2017-09-07 19:43 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-10-11 08:08 - 2017-09-07 19:40 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-10-11 08:08 - 2017-09-07 19:39 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-10-11 08:08 - 2017-09-07 19:37 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-10-11 08:08 - 2017-09-07 19:36 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-10-11 08:08 - 2017-09-07 19:29 - 004547072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-10-11 08:08 - 2017-09-07 19:29 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-10-11 08:08 - 2017-09-07 19:26 - 000694784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-10-11 08:08 - 2017-09-07 19:25 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-10-11 08:08 - 2017-09-07 19:25 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-10-11 08:08 - 2017-09-07 19:17 - 013677568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-10-11 08:08 - 2017-09-07 19:01 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-10-11 08:08 - 2017-09-07 18:57 - 001316864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-10-11 08:08 - 2017-09-07 18:57 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-10-11 08:08 - 2017-09-07 16:31 - 002851328 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2017-10-11 08:08 - 2017-09-07 16:12 - 002755072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll
2017-10-11 08:08 - 2017-09-07 15:55 - 000461312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-10-11 08:08 - 2017-09-07 15:55 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-10-11 08:08 - 2017-09-07 15:55 - 000168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2017-10-11 08:08 - 2017-08-19 16:28 - 004121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2017-10-11 08:08 - 2017-08-19 16:28 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2017-10-11 08:08 - 2017-08-19 16:28 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2017-10-11 08:08 - 2017-08-19 16:10 - 003209216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2017-10-11 08:08 - 2017-08-19 16:10 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2017-10-11 08:08 - 2017-08-19 16:10 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2017-10-11 08:08 - 2017-08-19 16:08 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2017-10-11 08:08 - 2017-08-19 16:08 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2017-10-11 08:08 - 2017-08-19 15:57 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2017-10-11 08:08 - 2017-08-19 15:57 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2017-10-11 08:08 - 2017-08-14 18:35 - 001032192 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2017-10-11 08:08 - 2017-08-14 18:35 - 000827904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2017-10-11 08:08 - 2017-08-14 18:35 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2017-10-11 08:08 - 2017-08-13 22:45 - 000040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2017-10-08 09:58 - 2017-10-08 17:31 - 000000342 _____ C:\Users\utente\Desktop\last ride voce.txt
2017-09-19 14:52 - 2017-09-19 14:52 - 000000000 ____D C:\Users\utente\Documents\League of Legends
2017-09-19 14:40 - 2017-09-19 14:40 - 000000000 ____D C:\ProgramData\Riot Games
2017-09-19 14:39 - 2017-09-19 14:52 - 000000329 _____ C:\Users\Public\Desktop\League of Legends.lnk
2017-09-19 14:39 - 2017-09-19 14:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2017-09-19 14:39 - 2008-07-12 07:18 - 003851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2017-09-19 14:39 - 2008-07-12 07:18 - 001493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2017-09-19 14:39 - 2008-07-12 07:18 - 000467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2017-09-19 14:38 - 2017-09-19 14:39 - 000000000 ____D C:\Users\utente\AppData\Roaming\Riot Games
2017-09-16 19:11 - 2017-09-16 19:11 - 000000958 _____ C:\Users\utente\Desktop\ShinraMeterV2.12 - collegamento.lnk
2017-09-13 07:51 - 2017-08-19 16:28 - 000197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2017-09-13 07:51 - 2017-08-19 16:10 - 000180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2017-09-13 07:51 - 2017-08-16 16:29 - 000806912 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2017-09-13 07:51 - 2017-08-16 16:10 - 000629760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2017-09-13 07:51 - 2017-08-15 16:29 - 014182400 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-09-13 07:51 - 2017-08-15 16:29 - 001867264 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2017-09-13 07:51 - 2017-08-15 16:10 - 012880896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-09-13 07:51 - 2017-08-15 16:10 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2017-09-13 07:51 - 2017-08-14 18:35 - 003203584 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll
2017-09-13 07:51 - 2017-08-14 18:35 - 002150912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcndmgr.dll
2017-09-13 07:51 - 2017-08-14 18:35 - 000355328 _____ (Microsoft Corporation) C:\Windows\system32\mmcbase.dll
2017-09-13 07:51 - 2017-08-14 18:35 - 000303104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcbase.dll
2017-09-13 07:51 - 2017-08-14 18:35 - 000172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cic.dll
2017-09-13 07:51 - 2017-08-14 18:35 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\mmcshext.dll
2017-09-13 07:51 - 2017-08-14 18:35 - 000128512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcshext.dll
2017-09-13 07:51 - 2017-08-14 18:34 - 000211968 _____ (Microsoft Corporation) C:\Windows\system32\cic.dll
2017-09-13 07:51 - 2017-08-13 22:37 - 002144256 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe
2017-09-13 07:51 - 2017-08-13 22:30 - 001401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmc.exe
2017-09-13 07:51 - 2017-08-11 07:35 - 002065408 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-09-13 07:51 - 2017-08-11 07:35 - 000757248 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-09-13 07:51 - 2017-08-11 07:35 - 000512000 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2017-09-13 07:51 - 2017-08-11 07:35 - 000346112 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2017-09-13 07:51 - 2017-08-11 07:35 - 000313856 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2017-09-13 07:51 - 2017-08-11 07:35 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2017-09-13 07:51 - 2017-08-11 07:35 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\nsisvc.dll
2017-09-13 07:51 - 2017-08-11 07:35 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\winnsi.dll
2017-09-13 07:51 - 2017-08-11 07:35 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\nsi.dll
2017-09-13 07:51 - 2017-08-11 07:34 - 000971776 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-09-13 07:51 - 2017-08-11 07:34 - 000166400 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2017-09-13 07:51 - 2017-08-11 07:34 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2017-09-13 07:51 - 2017-08-11 07:34 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2017-09-13 07:51 - 2017-08-11 07:20 - 000071680 _____ C:\Windows\system32\PrintBrmUi.exe
2017-09-13 07:51 - 2017-08-11 07:20 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2017-09-13 07:51 - 2017-08-11 07:20 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2017-09-13 07:51 - 2017-08-11 07:19 - 001417728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-09-13 07:51 - 2017-08-11 07:19 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2017-09-13 07:51 - 2017-08-11 07:19 - 000299008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2017-09-13 07:51 - 2017-08-11 07:19 - 000271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2017-09-13 07:51 - 2017-08-11 07:19 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2017-09-13 07:51 - 2017-08-11 07:19 - 000016384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winnsi.dll
2017-09-13 07:51 - 2017-08-11 07:19 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nsi.dll
2017-09-13 07:51 - 2017-08-11 07:12 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2017-09-13 07:51 - 2017-08-11 07:09 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe
2017-09-13 07:51 - 2017-08-11 07:03 - 000026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2017-09-13 07:51 - 2017-08-11 07:01 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2017-09-13 07:51 - 2017-08-11 07:00 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2017-09-13 07:51 - 2017-08-11 06:58 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys
2017-09-13 07:51 - 2017-07-07 16:29 - 001143296 _____ (Microsoft Corporation) C:\Windows\system32\DXPTaskRingtone.dll
2017-09-13 07:51 - 2017-07-07 16:10 - 000973312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DXPTaskRingtone.dll
2017-09-12 19:41 - 2017-10-27 20:06 - 000003122 _____ C:\Windows\System32\Tasks\Avira SystrayStartTrigger
2017-09-07 09:52 - 2017-09-07 09:52 - 000114732 _____ C:\Users\utente\Downloads\EDDI DRAGO CV.pdf
2017-09-01 12:38 - 2017-09-01 12:51 - 000000000 ____D C:\Windows\SysWOW64\directx
2017-09-01 12:37 - 2017-09-01 13:16 - 000000000 ____D C:\Users\utente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2017-08-29 01:22 - 2017-08-29 01:23 - 000000530 _____ C:\Users\utente\Desktop\ANNUNCIO BATTERISTA FIVERR.txt
2017-08-27 12:01 - 2017-08-27 12:01 - 000001034 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2017-08-27 12:01 - 2017-08-27 12:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-08-27 12:01 - 2017-08-27 12:01 - 000000000 ____D C:\Program Files\VS Revo Group
2017-08-26 12:35 - 2017-08-26 12:35 - 000000000 ____D C:\Windows\SysWOW64\Npcap
2017-08-26 12:35 - 2017-08-26 12:35 - 000000000 ____D C:\Windows\system32\Npcap
2017-08-26 12:35 - 2017-08-26 12:35 - 000000000 ____D C:\Program Files\Npcap
2017-08-22 20:01 - 2017-08-22 20:01 - 000001391 _____ C:\Users\utente\Desktop\WinMTR - collegamento.lnk
2017-08-17 21:08 - 2017-08-17 21:09 - 000001366 _____ C:\Users\utente\Desktop\MM MECCANICHE.txt
2017-08-17 09:09 - 2017-08-17 09:09 - 000039976 _____ C:\ComboFix.txt
2017-08-17 09:02 - 2017-08-17 09:09 - 000000000 ____D C:\ComboFix
2017-08-17 08:16 - 2017-11-02 16:35 - 000028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2017-08-17 01:54 - 2017-08-17 01:55 - 000001049 _____ C:\Users\utente\Desktop\ISTRUZIONI RIMUOVERE MERDA DAL PC.txt
2017-08-17 01:52 - 2017-11-02 16:19 - 000000000 ____D C:\AdwCleaner
2017-08-17 01:51 - 2017-08-17 09:09 - 000000000 ____D C:\Qoobox
2017-08-17 01:51 - 2017-08-17 09:08 - 000000000 ____D C:\Windows\erdnt
2017-08-17 01:51 - 2011-06-26 07:45 - 000256000 _____ C:\Windows\PEV.exe
2017-08-17 01:51 - 2010-11-07 18:20 - 000208896 _____ C:\Windows\MBR.exe
2017-08-17 01:51 - 2009-04-20 05:56 - 000060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2017-08-17 01:51 - 2000-08-31 01:00 - 000518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2017-08-17 01:51 - 2000-08-31 01:00 - 000406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2017-08-17 01:51 - 2000-08-31 01:00 - 000098816 _____ C:\Windows\sed.exe
2017-08-17 01:51 - 2000-08-31 01:00 - 000080412 _____ C:\Windows\grep.exe
2017-08-17 01:51 - 2000-08-31 01:00 - 000068096 _____ C:\Windows\zip.exe
2017-08-17 01:49 - 2017-08-17 01:51 - 000000000 ____D C:\ProgramData\RogueKiller
2017-08-17 01:49 - 2017-08-17 01:49 - 000000858 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2017-08-17 01:49 - 2017-08-17 01:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2017-08-17 01:48 - 2017-08-17 01:49 - 000000000 ____D C:\Program Files\RogueKiller
2017-08-09 10:28 - 2017-08-09 10:28 - 000000000 ____D C:\Users\utente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2017-08-09 08:44 - 2017-07-29 15:56 - 000117248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2017-08-09 08:44 - 2017-07-21 15:26 - 000518144 _____ C:\Windows\SysWOW64\msjetoledb40.dll
2017-08-09 08:44 - 2017-07-21 15:26 - 000409600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexch40.dll
2017-08-09 08:44 - 2017-07-21 15:26 - 000290816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjtes40.dll
2017-08-09 08:44 - 2017-07-21 15:26 - 000282624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstext40.dll
2017-08-09 08:44 - 2017-07-14 16:29 - 000486400 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2017-08-09 08:44 - 2017-07-14 16:29 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2017-08-09 08:44 - 2017-07-14 16:10 - 000382976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2017-08-09 08:44 - 2017-07-14 15:57 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2017-08-09 08:44 - 2017-07-14 15:50 - 000054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2017-08-09 08:44 - 2017-07-14 15:50 - 000028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2017-08-09 08:44 - 2017-07-08 16:34 - 000370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2017-08-09 08:44 - 2017-07-07 16:33 - 000363752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys
2017-08-09 08:44 - 2017-07-01 14:05 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2017-08-09 08:44 - 2017-07-01 14:05 - 000866816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswdat10.dll
2017-08-09 08:44 - 2017-07-01 14:05 - 000616448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrepl40.dll
2017-08-09 08:44 - 2017-07-01 14:05 - 000475648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxbde40.dll
2017-08-09 08:44 - 2017-07-01 14:05 - 000375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspbde40.dll
2017-08-09 08:44 - 2017-07-01 14:05 - 000343552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2017-08-09 08:44 - 2017-07-01 14:05 - 000310272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll
2017-08-09 08:44 - 2017-07-01 14:05 - 000240640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll
2017-08-09 08:44 - 2017-07-01 14:05 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjter40.dll

==================== Three Months Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-11-02 16:28 - 2009-07-14 05:45 - 000039584 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-11-02 16:28 - 2009-07-14 05:45 - 000039584 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-11-02 16:25 - 2015-12-29 17:49 - 000000000 ____D C:\Users\utente\AppData\Local\CrashDumps
2017-11-02 16:24 - 2011-04-12 11:49 - 000745010 _____ C:\Windows\system32\perfh010.dat
2017-11-02 16:24 - 2011-04-12 11:49 - 000148682 _____ C:\Windows\system32\perfc010.dat
2017-11-02 16:24 - 2009-07-14 06:13 - 001671482 _____ C:\Windows\system32\PerfStringBackup.INI
2017-11-02 16:24 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2017-11-02 16:20 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-11-02 16:19 - 2015-09-11 16:08 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2017-11-02 16:09 - 2015-11-13 18:45 - 000000000 ____D C:\Users\utente\AppData\Roaming\TS3Client
2017-11-02 13:20 - 2015-11-10 23:03 - 000002882 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (utente)
2017-11-02 13:19 - 2016-01-14 16:42 - 000003192 _____ C:\Windows\System32\Tasks\HPCeeScheduleForutente
2017-11-02 13:19 - 2016-01-14 16:42 - 000000336 _____ C:\Windows\Tasks\HPCeeScheduleForutente.job
2017-11-02 10:24 - 2015-11-17 17:32 - 000000000 ____D C:\Users\utente\AppData\Roaming\Audacity
2017-10-31 13:37 - 2017-07-07 23:24 - 000001701 _____ C:\Users\utente\Desktop\TERA FOV.txt
2017-10-30 10:35 - 2016-07-15 13:31 - 000000000 ____D C:\Users\utente\AppData\LocalLow\Adblock Plus for IE
2017-10-27 20:06 - 2016-11-24 11:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-10-27 20:06 - 2015-09-11 15:26 - 000000000 ____D C:\ProgramData\Package Cache
2017-10-27 18:21 - 2015-11-13 18:21 - 000000000 ____D C:\Program Files (x86)\Overwolf
2017-10-25 21:51 - 2015-08-07 07:54 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-10-25 21:51 - 2015-08-07 07:54 - 000004460 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-10-25 21:51 - 2015-08-07 07:54 - 000000000 ____D C:\Windows\system32\Macromed
2017-10-25 21:51 - 2015-05-22 08:33 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-10-25 21:51 - 2015-05-22 08:33 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-10-25 15:50 - 2016-06-21 14:11 - 000000000 ____D C:\Users\utente\AppData\Local\ElevatedDiagnostics
2017-10-25 15:50 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\rescache
2017-10-20 09:59 - 2009-07-14 06:08 - 000032556 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-10-17 22:15 - 2016-07-15 09:04 - 000001011 _____ C:\Users\Public\Desktop\EagleGet.lnk
2017-10-17 22:15 - 2016-07-15 09:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EagleGet
2017-10-17 22:15 - 2016-07-15 09:04 - 000000000 ____D C:\Program Files (x86)\EagleGet
2017-10-15 00:01 - 2016-12-13 21:42 - 000000097 _____ C:\Users\utente\Desktop\TERA CLASSI PER IL CRAFTING.txt
2017-10-12 12:50 - 2016-11-24 11:42 - 000194272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2017-10-12 10:47 - 2017-07-12 08:43 - 000001313 _____ C:\Users\utente\Desktop\CALENDARIO TERA QUEST.txt
2017-10-12 07:37 - 2017-06-06 08:23 - 000000618 _____ C:\Users\utente\Desktop\FONDO ARCO.txt
2017-10-11 12:16 - 2009-07-14 05:45 - 000450232 _____ C:\Windows\system32\FNTCACHE.DAT
2017-10-11 10:53 - 2015-05-21 19:19 - 000000000 ____D C:\Windows\system32\MRT
2017-10-11 10:52 - 2015-05-21 19:19 - 126925120 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-10-11 10:51 - 2015-05-21 23:51 - 001645368 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2017-10-05 09:17 - 2015-11-11 14:40 - 000000000 ____D C:\Users\utente\AppData\Roaming\ObviousIdea

==================== Files in the root of some directories =======

2015-11-11 15:38 - 2015-11-11 15:38 - 000000839 _____ () C:\Users\utente\AppData\Roaming\Drives Meter_Settings.ini
2015-11-11 15:34 - 2015-11-11 15:34 - 000000120 _____ () C:\Users\utente\AppData\Roaming\System Monitor II_UptimeRecord.ini
2015-09-11 16:37 - 2017-10-11 18:27 - 000305917 _____ () C:\Users\utente\AppData\Local\BTServer.log
2016-01-08 13:26 - 2016-01-08 13:26 - 000000000 _____ () C:\Users\utente\AppData\Local\{0891D3CB-9E51-4C73-AD7A-542EB0DD6BB5}
2016-01-14 15:58 - 2016-01-14 15:58 - 000000057 _____ () C:\ProgramData\Ament.ini
2016-06-01 17:48 - 2016-06-25 14:03 - 000000016 _____ () C:\ProgramData\autobk.inc
2015-11-11 10:46 - 2015-11-11 10:46 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
2017-04-25 19:30 - 2017-07-23 11:44 - 000000060 _____ () C:\ProgramData\SoftwareUpdateTemp.xml

Some files in TEMP:
====================
2017-11-02 16:33 - 2017-09-13 16:31 - 001732864 _____ (Microsoft Corporation) C:\Users\utente\AppData\Local\Temp\dllnt_dump.dll
2017-10-17 22:10 - 2017-08-31 13:31 - 006744216 _____ (EagleGet ) C:\Users\utente\AppData\Local\Temp\EGSetup.exe
2017-08-31 16:31 - 2017-08-31 16:31 - 000192512 _____ () C:\Users\utente\AppData\Local\Temp\sfamcc00001.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-10-25 15:43

==================== End of FRST.txt ============================

7-Zip 15.12 (x64) (HKLM\...\7-Zip) (Version: 15.12 - Igor Pavlov)
Ableton Live 9 Suite (HKLM\...\{7597F2DC-003A-476E-9281-774AB112B7BE}) (Version: 9.0.0.0 - Ableton)
ACP Application (HKLM\...\{08524C4D-56DD-188E-ECD8-4D3F976AA3CF}) (Version: 2017.0424.2109.30 - Advanced Micro Devices, Inc.) Hidden
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{3C1BB12D-B0E7-4697-B718-19BE1453AEF6}) (Version: 1.5 - Eyeo GmbH)
Adobe Flash Player 27 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 27.0.0.183 - Adobe Systems Incorporated)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
AmpegSVX (HKLM-x32\...\{CF1D7323-8A0A-49C7-83B0-088DB90721E2}) (Version: 1.1.3 - IK Multimedia)
AnalogX Vocal Remover (HKLM-x32\...\AnalogX Vocal Remover) (Version: - AnalogX)
Application Profiles (HKLM-x32\...\{A8426044-BED4-8275-A078-EA7259C87FC5}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.13 - Michael Tippach)
ASUS MultiFrame (HKLM-x32\...\{FB4D076A-DEFD-4EAF-AD63-70D5A3BC262A}) (Version: 1.1.1 - ASUS)
ASUS Xonar U1 Audio (HKLM\...\C-Media CM112 Like Sound Driver) (Version: - )
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Atheros Communications Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros)
Audacity 2.1.3 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.3 - Audacity Team)
Avira (HKLM-x32\...\{bd94e862-c44b-4f68-98ca-b35ddf9dbbfc}) (Version: 1.2.98.37213 - Avira Operations GmbH & Co. KG)
Avira (HKLM-x32\...\{D03EC4B7-E520-4A6F-974C-4F48533838EC}) (Version: 1.2.98.37213 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.32.12 - Avira Operations GmbH & Co. KG)
Avira Scout (HKLM-x32\...\Avira Scout) (Version: 17.6.3071.2851 - Avira Operations GmbH & Co. KG)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - )
BIAS FX Plugins Pack (64bit) (HKLM\...\{77558DEB-4B65-4921-8855-D8593EF5BCDD}) (Version: 1.1.0.745 - PositiveGrid)
Blade & Soul (HKLM-x32\...\{C3F383C1-D050-4A40-843F-8171A6A02C3A}) (Version: 1.0.63.260 - NC Interactive, LLC) Hidden
Blade & Soul (HKLM-x32\...\InstallShield_{C3F383C1-D050-4A40-843F-8171A6A02C3A}) (Version: 1.0.63.260 - NC Interactive, LLC)
Catalyst Control Center Next Localization BR (HKLM\...\{D6823E97-B396-927D-D651-AFB82BE03523}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{4B01C6D5-4693-6CA8-ECF7-A0F9E7FEC6DB}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{50DBC6DD-C2A2-2C38-FE37-A48208474155}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{BF26ACAF-6D09-023B-5FB7-8A848874A724}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{9DB37D05-F855-5D7D-08C2-25E00E2CCDBC}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{87250370-0A99-4ED9-DCE4-970DAC325FA5}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{1F815C78-D31E-53FD-C8BF-3215E4F022A3}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{79F58747-D616-4CDB-7D8B-4BC580D99153}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{02E80355-64BF-6C1E-B0B7-76857D62A86D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{77158555-E271-A561-ECDA-611639388B5C}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{97673BD1-8CA0-53EF-C4E7-282CD8748F1C}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{F1AD64B3-4114-8EF7-407C-F9F9122EDA68}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED28D75F-557C-39C9-5004-F8F17C8BC279}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{41268A73-D680-48C5-DE5E-CF67C05CBBBB}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{9655DE76-0987-9159-5A7E-FCE18409D004}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{CD73EC8B-9F04-5EA1-8FD4-AEE4DAC51267}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{397C2EE5-B514-0CC5-53C3-2FBE46CE6EDF}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{45FA39D2-8AEB-AFF8-2FA6-96891732CB80}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{B3EA6CCB-F44C-DC35-94F5-1B9CC18FE598}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{AEE4C0AE-CDAF-5D37-2DA3-A2B3FDFE6E81}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{BE064737-1F2C-ECDD-916C-798E3D18C263}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
CDex - Digital Audio CD Extractor and Converter (HKLM-x32\...\CDex) (Version: 1.81.0.2016 - Georgy Berdyshev)
Discord (HKU\S-1-5-21-3496829260-2876884002-4000285576-1001\...\Discord) (Version: 0.0.298 - Discord Inc.)
Discord (HKU\S-1-5-21-3496829260-2876884002-4000285576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Discord) (Version: 0.0.298 - Discord Inc.)
EagleGet version 2.0.4.28 (HKLM-x32\...\{F6D8142A-B30B-454B-9EE0-08A7B997DFE4}_is1) (Version: 2.0.4.28 - EagleGet)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 8.3.1.21155 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.100 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
GWX Control Panel (HKLM-x32\...\UltimateOutsider_GwxControlPanel) (Version: - UltimateOutsider)
HP ENVY 4500 series Aiuto (HKLM-x32\...\{32EE4084-95F3-484A-85A3-0B3CA190DE47}) (Version: 30.0.0 - Hewlett Packard)
HP ENVY 4500 series Software di base dispositivo (HKLM\...\{361E170A-EADF-4F79-A026-97DDDFE6616C}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.5.37.19 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{764B2B38-68B3-4183-8D3D-8D5577E91E4A}) (Version: 12.8.37.11 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.31.1000 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3993 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.1.0.1058 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 4.0.3.49 - Intel Corporation)
IrfanView 4.44 (64-bit) (HKLM\...\IrfanView64) (Version: 4.44 - Irfan Skiljan)
League of Legends (HKLM-x32\...\{1976A709-EC16-419D-85D4-52FE64A3A5C7}) (Version: 4.2.1 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
LenovoUsbDriver 1.1.16 (HKLM-x32\...\LenovoUsbDriver) (Version: 1.1.16 - Lenovo)
Line 6 Uninstaller (HKLM-x32\...\Line 6 Uninstaller) (Version: - Line 6)
Malwarebytes versione 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (Italiano) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1040) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3496829260-2876884002-4000285576-1001\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3496829260-2876884002-4000285576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24123 (HKLM-x32\...\{206898cc-4b41-4d98-ac28-9f9ae57f91fe}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools per Office Runtime (x64) - Language Pack - ITA (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ITA) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Mp3tag v2.75 (HKLM-x32\...\Mp3tag) (Version: v2.75 - Florian Heidenreich)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MuseScore 2 (HKLM-x32\...\{4F0E15EA-F64C-11E5-9992-E717EA7DB0C8}) (Version: 2.0.3 - Werner Schweer and Others)
My.com Game Center (HKU\S-1-5-21-3496829260-2876884002-4000285576-1001\...\MyComGames) (Version: 3.190 - My.com B.V.)
My.com Game Center (HKU\S-1-5-21-3496829260-2876884002-4000285576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MyComGames) (Version: 3.190 - My.com B.V.)
NC Launcher (GameForge) (HKLM-x32\...\NCLauncher_GameForge) (Version: - NCsoft)
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version: - NCSOFT)
Nero 12 (HKLM-x32\...\{560FC78C-A4B2-461D-9B47-820C1EEF87B8}) (Version: 12.0.02000 - Nero AG)
Npcap 0.93 (HKLM-x32\...\NpcapInst) (Version: 0.93 - Nmap Project)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.107.256.0 - Overwolf Ltd.)
Ozone Strike Battle Driver (HKLM-x32\...\{54C8FBB3-B992-43CB-8F0A-E26228013F88}) (Version: 1.0 - )
PDFill FREE PDF Tools (HKLM\...\{735A3951-E139-4E4A-AFAE-BA25E9FF5E6A}) (Version: 12.0 - PlotSoft LLC)
Prerequisite installer (HKLM-x32\...\{3AAB08A3-F129-4BD5-B409-AE674F93759D}) (Version: 12.0.0002 - Nero AG) Hidden
QLBCASL (HKLM-x32\...\{F1D7AC58-554A-4A58-B784-B61558B1449A}) (Version: 6.40.17.2 - Hewlett-Packard) Hidden
QUAD-CAPTURE Driver (HKLM\...\RolandRDID0117) (Version: - Roland Corporation)
RapeLay (remove only) (HKLM-x32\...\RapeLay) (Version: - )
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.805.806.012014 - REALTEK Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0239 - REALTEK Semiconductor Corp.)
REAPER (x64) (HKLM\...\REAPER) (Version: - )
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
Revelation Online (HKU\S-1-5-21-3496829260-2876884002-4000285576-1001\...\Revelation Online) (Version: 1.43 - My.com B.V.)
Revelation Online (HKU\S-1-5-21-3496829260-2876884002-4000285576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Revelation Online) (Version: 1.43 - My.com B.V.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.)
Software per periferiche con chipset Intel® (HKLM-x32\...\{da2de8c3-61b9-4b3b-916d-6b2fb2b1a90c}) (Version: 10.0.21 - Intel(R) Corporation) Hidden
Songr (HKU\S-1-5-21-3496829260-2876884002-4000285576-1001\...\Songr) (Version: 2.1 - Xamasoft)
Songr (HKU\S-1-5-21-3496829260-2876884002-4000285576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Songr) (Version: 2.1 - Xamasoft)
Speccy (HKLM\...\Speccy) (Version: 1.30 - Piriform)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.83369 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
TempoPerfect Metronome Software (HKLM-x32\...\TempoPerfect) (Version: 4.08 - NCH Software)
Tixati (HKLM-x32\...\tixati) (Version: - )
VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 3.26 - NCH Software)
Vulkan Run Time Libraries 1.0.11.0 (HKLM\...\VulkanRT1.0.11.0) (Version: 1.0.11.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.11.0 (HKLM\...\VulkanRT1.0.11.0-2) (Version: 1.0.11.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.11.0 (HKLM\...\VulkanRT1.0.11.0-3) (Version: 1.0.11.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.13.0 (HKLM\...\VulkanRT1.0.13.0) (Version: 1.0.13.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0) (Version: 1.0.17.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0-2) (Version: 1.0.17.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0-3) (Version: 1.0.17.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0-4) (Version: 1.0.17.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.21.0 (HKLM\...\VulkanRT1.0.21.0) (Version: 1.0.21.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0-2) (Version: 1.0.26.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1-2) (Version: 1.0.3.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.37.0 (HKLM\...\VulkanRT1.0.37.0) (Version: 1.0.37.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.37.0 (HKLM\...\VulkanRT1.0.37.0-2) (Version: 1.0.37.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.37.0 (HKLM\...\VulkanRT1.0.37.0-3) (Version: 1.0.37.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1-2) (Version: 1.0.39.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1-3) (Version: 1.0.39.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1-4) (Version: 1.0.39.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1-5) (Version: 1.0.39.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.8.0 (HKLM\...\VulkanRT1.0.8.0) (Version: 1.0.8.0 - LunarG, Inc.)
Welcome App (Start-up experience) (HKLM-x32\...\{828175FA-7307-4DBF-95AD-9CEE086B6F45}) (Version: 12.0.14000 - Nero AG) Hidden
WinZip 15.0 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240C1}) (Version: 15.0.9411 - WinZip Computing, S.L. )
XiaoMiFlash (HKLM-x32\...\{9AF75396-D38E-4F07-831C-9F78923DC015}) (Version: 1.0.0 - XiaoMi)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

HKU\S-1-5-21-3496829260-2876884002-4000285576-1001\...\ChromeHTML: -> <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-3496829260-2876884002-4000285576-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3496829260-2876884002-4000285576-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\utente\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3496829260-2876884002-4000285576-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\utente\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3496829260-2876884002-4000285576-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\utente\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3496829260-2876884002-4000285576-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\utente\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3496829260-2876884002-4000285576-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\utente\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-11-19] (Igor Pavlov)
ContextMenuHandlers1: [BtSendToMenuEx] -> {CF24E6B8-F148-4BCB-9108-ADF313966E80} => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\DevMenuExt.dll [2014-01-06] (Realtek Semiconductor Corporation)
ContextMenuHandlers1: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_103.dll [2013-06-17] (Free Time)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\ConvertToPDFShellExtension_x64.dll -> No File
ContextMenuHandlers1: [IZArcCM] -> {BC593DF5-466F-44EC-8FFD-C4DBC603B917} => C:\Program Files (x86)\IZArc\IZArcCM64.dll [2012-07-20] ()
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2015-10-10] (Florian Heidenreich)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-10-12] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2015-10-10] (Florian Heidenreich)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-11-19] (Igor Pavlov)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_103.dll [2013-06-17] (Free Time)
ContextMenuHandlers4: [IZArcCM] -> {BC593DF5-466F-44EC-8FFD-C4DBC603B917} => C:\Program Files (x86)\IZArc\IZArcCM64.dll [2012-07-20] ()
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2015-10-10] (Florian Heidenreich)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-04-24] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2015-03-19] (Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-11-19] (Igor Pavlov)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\ConvertToPDFShellExtension_x64.dll -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-10-12] (Avira Operations GmbH & Co. KG)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {067E386F-2FBA-4C0F-B6B3-09E5DE2041A8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {0A6F373E-054D-4817-93FE-36653CBD21E0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {0F979464-1946-480C-A4D3-4E17FC5C3320} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-09-27] (HP Inc.)
Task: {147D7CBE-7BCA-44E3-938B-66D2C5909093} - \MSIAfterburner -> No File <==== ATTENTION
Task: {1B05E31C-3048-4C6C-A7F8-915B763A7B48} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2017-08-14] (HP Inc.)
Task: {1CE814AB-B01D-44AF-97C4-1557000188C7} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {39AE225E-B8AC-419E-BB56-A7B46806790D} - System32\Tasks\HPCeeScheduleForutente => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {3AD79B79-B62A-4EA6-8B01-0E95DCDDAD02} - System32\Tasks\Driver Booster Beta SkipUAC (utente) => C:\Program Files (x86)\IObit\Driver Booster Beta\4.0.1\DriverBooster.exe
Task: {3B28F698-8EAE-4616-8D4D-A1E8B02717B6} - System32\Tasks\LIFECHAT_MSN_MESSENGER_INSTALL_WEB_PAGE => rundll32.exe url.dll,OpenURL hxxp://go.microsoft.com/fwlink/?linkId=57777&clcid=0x409
Task: {4445D47F-952C-4EBD-8E89-6A042F5C6CF9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-10-25] (Adobe Systems Incorporated)
Task: {4DE6C942-55EA-4155-A7A8-243809BD4293} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-10] (Google Inc.)
Task: {60456DE1-DCAC-4753-BD15-42267759FBE3} - System32\Tasks\Avira SystrayStartTrigger => Avira.SystrayStartTrigger.exe
Task: {65D7843A-0DD5-4721-ABD0-C1F171B97235} - System32\Tasks\{A7E33A92-3A4F-443D-AF90-7DD9A14E58BE} => C:\Windows\system32\pcalua.exe -a "D:\MALLOPPO ROBE SCARICATE DA CHROME\mp520swin64101ea24.exe" -d C:\Users\utente\AppData\Roaming\IDM
Task: {7B93D4CA-2A44-4A43-B49F-A0C2D60BB278} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-04-24] (Advanced Micro Devices, Inc.)
Task: {882489C5-4CAC-4D35-99F9-DEAB25F72BF2} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {896BC8BB-2DFC-4035-8DA3-0572AC7C62F8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2017-09-15] (HP Inc.)
Task: {89DF8419-7D3C-4EA2-B3D4-CBA55FD85B98} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-10] (Google Inc.)
Task: {8E59B598-AC90-491D-953E-997AC17F178E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.)
Task: {8EAED7CE-3AB7-4AF0-A9C2-F25177A0D016} - System32\Tasks\{E577D140-CB00-4E32-8EB1-F32C90590E71} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\AnalogX\VocalRemover\vremu.exe" -d "C:\Program Files (x86)\AnalogX\VocalRemover\" -c -Register
Task: {C259566F-573B-42F9-AF81-F84EAC8B350E} - System32\Tasks\AviraScoutUpdateTaskMachineCore => C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe [2016-11-24] (Avira Operations GmbH & Co. KG)
Task: {C6124178-C83E-451C-9C7D-7AD9274A5837} - System32\Tasks\Driver Booster SkipUAC (utente) => C:\Program Files (x86)\IObit\Driver Booster\4.5.0\DriverBooster.exe [2017-07-28] (IObit)
Task: {D2DC3FC2-68EF-4020-98B8-90FD4152127B} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2017-10-12] (Avira Operations GmbH & Co. KG)
Task: {D3ADF138-9074-44D5-884A-F4682796FEAB} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.)
Task: {D64DE423-E23F-4242-961C-1EFB5570A99D} - System32\Tasks\AviraScoutUpdateTaskMachineUA => C:\Program Files (x86)\Avira\Scout Update\ScoutUpdate.exe [2016-11-24] (Avira Operations GmbH & Co. KG)
Task: {D9770DA8-59F7-4886-A1F1-A3E50B08E604} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2017-10-23] (Overwolf LTD)
Task: {E1FD8ADA-8674-40A8-BCAA-7D9216CBAC25} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-09-27] (HP Inc.)
Task: {F023C74D-99C8-4129-AC82-420E9854B020} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN58Q331SC => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2017-08-14] (HP Inc.)
Task: {F30DD774-3136-4985-987C-49864B958CA7} - System32\Tasks\LifeChatTask => C:\Program Files\Microsoft LifeChat\LifeChat.exe
Task: {FCA4E0DD-B9C0-4C45-BD62-C11F1C3DA2AB} - System32\Tasks\{1B4A5A0C-E045-4F74-BE8D-F4DC038CCEAA} => C:\Windows\system32\pcalua.exe -a "D:\MALLOPPO ROBE SCARICATE DA CHROME\wlsetup-web.exe" -d C:\Users\utente\AppData\Roaming\IDM

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\HPCeeScheduleForutente.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\utente\Favorites\Sito download di NCH Software.lnk -> hxxp://www.nchsoftware.com/it/index.htm

ShortcutWithArgument: C:\Users\utente\Desktop\Avvio applicazioni di Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\utente\AppData\Local\Google\Chrome\User Data\Avvio applicazioni di Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\utente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Avvio applicazioni di Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\utente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applicazioni Chrome\ForumFree.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=onpaokmjncandjkacmikamfgfpfkgfdb
ShortcutWithArgument: C:\Users\utente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applicazioni Avira Scout\ForumFree.lnk -> C:\Program Files (x86)\Avira\Scout\Application\scout.exe (Avira Operations GmbH & Co. KG) -> --profile-directory=Default --app-id=onpaokmjncandjkacmikamfgfpfkgfdb

==================== Loaded Modules (Whitelisted) ==============

2013-09-05 00:17 - 2013-09-05 00:17 - 004300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2015-11-11 13:19 - 2012-07-20 13:39 - 002469888 _____ () C:\Program Files (x86)\IZArc\IZArcCM64.dll
2015-09-11 16:37 - 2014-01-06 13:56 - 000079872 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
2016-07-15 09:04 - 2017-09-20 18:36 - 000247992 _____ () C:\Program Files (x86)\EagleGet\EGMonitor.exe
2017-09-26 09:11 - 2017-09-21 08:29 - 004022616 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\libglesv2.dll
2017-09-26 09:11 - 2017-09-21 08:29 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\libegl.dll
2017-06-06 20:35 - 2017-08-03 08:10 - 000356744 _____ () C:\Windows\SysWOW64\GameManager32.dll
2017-04-02 20:28 - 2017-09-09 20:25 - 000688416 _____ () D:\STEAM DI MERDA\SDL2.dll
2017-04-02 20:28 - 2016-09-01 02:02 - 004969248 _____ () D:\STEAM DI MERDA\v8.dll
2017-04-02 20:28 - 2016-09-01 02:02 - 001563936 _____ () D:\STEAM DI MERDA\icui18n.dll
2017-04-02 20:28 - 2016-09-01 02:02 - 001195296 _____ () D:\STEAM DI MERDA\icuuc.dll
2017-04-02 20:28 - 2017-10-31 04:22 - 002546976 _____ () D:\STEAM DI MERDA\video.dll
2017-04-02 20:28 - 2016-01-27 08:49 - 002549760 _____ () D:\STEAM DI MERDA\libavcodec-56.dll
2017-04-02 20:28 - 2016-01-27 08:49 - 000442880 _____ () D:\STEAM DI MERDA\libavutil-54.dll
2017-04-02 20:28 - 2016-01-27 08:49 - 000491008 _____ () D:\STEAM DI MERDA\libavformat-56.dll
2017-04-02 20:28 - 2016-01-27 08:49 - 000332800 _____ () D:\STEAM DI MERDA\libavresample-2.dll
2017-04-02 20:28 - 2016-01-27 08:49 - 000485888 _____ () D:\STEAM DI MERDA\libswscale-3.dll
2017-04-02 20:28 - 2017-10-31 04:22 - 000901408 _____ () D:\STEAM DI MERDA\bin\chromehtml.DLL
2017-04-02 20:28 - 2016-07-04 23:17 - 000266560 _____ () D:\STEAM DI MERDA\openvr_api.dll
2016-08-23 23:45 - 2016-01-11 21:45 - 000027648 _____ () C:\Program Files (x86)\Nemesys\dist\servicemanager.pyd
2016-08-23 23:45 - 2016-01-11 21:44 - 000110080 _____ () C:\Program Files (x86)\Nemesys\dist\pywintypes27.dll
2016-08-23 23:45 - 2016-01-11 21:45 - 000042496 _____ () C:\Program Files (x86)\Nemesys\dist\win32service.pyd
2016-08-23 23:45 - 2016-01-11 21:45 - 000100864 _____ () C:\Program Files (x86)\Nemesys\dist\win32api.pyd
2016-08-23 23:45 - 2016-06-27 15:21 - 001014272 _____ () C:\Program Files (x86)\Nemesys\dist\_hashlib.pyd
2016-08-23 23:45 - 2016-06-27 15:20 - 000047616 _____ () C:\Program Files (x86)\Nemesys\dist\_socket.pyd
2016-08-23 23:45 - 2016-06-27 15:21 - 001405440 _____ () C:\Program Files (x86)\Nemesys\dist\_ssl.pyd
2016-08-23 23:45 - 2016-06-27 15:20 - 000137728 _____ () C:\Program Files (x86)\Nemesys\dist\pyexpat.pyd
2016-08-23 23:45 - 2016-07-07 13:11 - 000006144 _____ () C:\Program Files (x86)\Nemesys\dist\tornado.speedups.pyd
2016-08-23 23:45 - 2016-06-27 15:20 - 000011264 _____ () C:\Program Files (x86)\Nemesys\dist\select.pyd
2016-08-23 23:45 - 2016-06-27 15:20 - 000092672 _____ () C:\Program Files (x86)\Nemesys\dist\_ctypes.pyd
2016-08-23 23:45 - 2016-06-27 15:20 - 000688128 _____ () C:\Program Files (x86)\Nemesys\dist\unicodedata.pyd
2016-08-23 23:45 - 2016-07-07 13:03 - 000014848 _____ () C:\Program Files (x86)\Nemesys\dist\netifaces.pyd
2016-08-23 23:45 - 2016-11-22 16:56 - 000046080 _____ () C:\Program Files (x86)\Nemesys\dist\psutil._psutil_windows.pyd
2016-07-15 09:04 - 2017-09-20 18:36 - 001010360 _____ () C:\Program Files (x86)\EagleGet\util.dll
2016-07-15 09:04 - 2017-08-28 19:24 - 000610304 _____ () C:\Program Files (x86)\EagleGet\sqlite3.dll
2017-04-02 20:28 - 2017-08-16 23:28 - 073130272 _____ () D:\STEAM DI MERDA\bin\cef\cef.win7\libcef.dll
2017-06-08 08:18 - 2017-09-07 03:04 - 000678400 _____ () D:\STEAM DI MERDA\bin\cef\cef.win7\SDL2.dll
2017-04-02 20:28 - 2015-09-25 00:52 - 000119208 _____ () D:\STEAM DI MERDA\winh264.dll
2016-07-15 09:04 - 2017-09-20 18:36 - 000225976 _____ () C:\Program Files (x86)\EagleGet\CrashRpt.dll
2016-07-15 09:04 - 2017-08-28 19:24 - 000053760 _____ () C:\Program Files (x86)\EagleGet\zlib.dll
2016-07-15 09:04 - 2017-09-20 18:36 - 000852664 _____ () C:\Program Files (x86)\EagleGet\ssl.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 004300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-11-10 11:12 - 2014-11-10 11:12 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:1CE11B51 [152]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3496829260-2876884002-4000285576-1001\...\line6.net -> line6.net
IE trusted site: HKU\S-1-5-21-3496829260-2876884002-4000285576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\line6.net -> line6.net

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-09-06 10:26 - 2017-08-17 09:08 - 000000027 _____ C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3496829260-2876884002-4000285576-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\utente\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-3496829260-2876884002-4000285576-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\utente\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 85.37.17.51 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupreg: BtServer => "C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe"
MSCONFIG\startupreg: QlbCtrl.exe => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [TCP Query User{1CACFE96-6E89-4457-A289-99E40BA3EF05}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [UDP Query User{29672E5B-9D9B-492A-8F82-3954C1C4A4CB}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [{9746A5FF-9F0C-487D-99A3-2CB0C975F2A1}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
FirewallRules: [{8F448E99-E32F-4291-AE69-066EC4E1AD5E}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe
FirewallRules: [{5E8A35B6-CD5A-4DE6-8234-F29AB4770182}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe
FirewallRules: [{7CBE5788-B9E2-4C32-835B-8C604D4D5DD8}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
FirewallRules: [{603E8FE7-0FED-43A0-AE04-8FBB6F53D4E9}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
FirewallRules: [TCP Query User{1C20245B-7D29-443F-A7A8-003495513ED5}D:\tixati\tixati.exe] => (Allow) D:\tixati\tixati.exe
FirewallRules: [UDP Query User{98FA3DB1-0AF9-401A-A3C6-26B738737E99}D:\tixati\tixati.exe] => (Allow) D:\tixati\tixati.exe
FirewallRules: [{6C2A7F48-28F8-42FD-995A-670687E0B92F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{BC53E292-769D-48AD-A5B5-48750175E86A}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{766175B5-1098-4BAF-B8FF-AB9B4517B56E}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{72022D1C-6381-458B-B46C-25BF1B3B2E16}] => (Allow) C:\Users\utente\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{9F129BC5-B1BC-4CDA-87BD-9193974108CA}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{7A3335E4-B3E5-4B3D-80F5-12EBC3704324}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [TCP Query User{95334C12-EF1C-4E65-AD51-00AB94006ED0}C:\program files (x86)\formatfactory\ffmodules\package\ptinstonline.exe] => (Allow) C:\program files (x86)\formatfactory\ffmodules\package\ptinstonline.exe
FirewallRules: [UDP Query User{8987E40E-094E-407F-A9ED-585811E8091F}C:\program files (x86)\formatfactory\ffmodules\package\ptinstonline.exe] => (Allow) C:\program files (x86)\formatfactory\ffmodules\package\ptinstonline.exe
FirewallRules: [{617BDD83-789F-47E9-9DA9-F24F47E644BE}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Package\PTInstOnline.exe
FirewallRules: [TCP Query User{B653C093-120E-48CE-9AA3-8DF371ED7D6E}D:\gameforgelive\games\ita_ita\aion\nclauncher.exe] => (Allow) D:\gameforgelive\games\ita_ita\aion\nclauncher.exe
FirewallRules: [UDP Query User{C0EC94A9-C7A0-4DE6-A602-F21DAAF5E6FD}D:\gameforgelive\games\ita_ita\aion\nclauncher.exe] => (Allow) D:\gameforgelive\games\ita_ita\aion\nclauncher.exe
FirewallRules: [TCP Query User{CFD6F15A-28A9-4B38-83B3-F9589F473C35}C:\program files (x86)\gameforge\nclauncher\nclauncher.exe] => (Allow) C:\program files (x86)\gameforge\nclauncher\nclauncher.exe
FirewallRules: [UDP Query User{59696773-4604-4AEF-88BD-6556295E5ABF}C:\program files (x86)\gameforge\nclauncher\nclauncher.exe] => (Allow) C:\program files (x86)\gameforge\nclauncher\nclauncher.exe
FirewallRules: [{A6268083-ADA8-4857-94C2-550FB7D65309}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{3D1C9C99-609E-49BC-985A-AE81694C6DDD}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{E5F39AB5-F6BB-4797-9026-DB8A1825EEEA}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{9B238213-CBF6-43AC-B522-561673BD547F}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{CB5D2DCE-7379-4694-9FFF-9134619E1965}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{C5498E84-7F3E-45E1-B02B-D7923B1213C8}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{44436462-5A53-452E-BCF3-2667CFAD1435}] => (Allow) C:\Program Files\HP\HP ENVY 4500 series\Bin\DeviceSetup.exe
FirewallRules: [{C28787D8-2E05-4277-9EC2-D2ED356AB33D}] => (Allow) LPort=5357
FirewallRules: [{E102A707-8C81-4979-8368-55BFF07AA497}] => (Allow) C:\Program Files\HP\HP ENVY 4500 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{AD351E96-C220-448A-AF43-C67AAEC6DF0B}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [{41F55456-C90F-4B3B-B260-5F880ABE80C9}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [{000DA8FE-189E-410B-98E2-1116769CB4B7}] => (Block) %ALLUSERSPROFILE%\Ableton\Live 9 Suite\Program\Ableton Live 9 Suite.exe
FirewallRules: [{81C64988-DD98-4667-A272-1D57575E52DA}] => (Allow) LPort=49170
FirewallRules: [{6BCB385E-2325-44DD-BE96-48F80D889FA1}] => (Allow) LPort=5000
FirewallRules: [TCP Query User{2A270360-E61F-489F-A657-D8329D32C456}D:\gameforgelive\games\ita_ita\tera\tera-launcher.exe] => (Allow) D:\gameforgelive\games\ita_ita\tera\tera-launcher.exe
FirewallRules: [UDP Query User{728C7F87-F8FA-40C5-A9AB-04678CD4E9B8}D:\gameforgelive\games\ita_ita\tera\tera-launcher.exe] => (Allow) D:\gameforgelive\games\ita_ita\tera\tera-launcher.exe
FirewallRules: [{D1850FF3-511B-4094-A81B-6D2185554A1B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{79EC9991-DEA3-4C89-94CC-945DB8FF13A3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{9099121A-F370-4153-8307-5EF05464517B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{2737E5B7-5367-4E36-9CB7-F44CC36D8EFF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{CAC3139A-E370-4E87-9BA1-69807DC48295}] => (Block) %ProgramFiles% (x86)\IK Multimedia\Authorization Manager\Authorization Manager.exe
FirewallRules: [{836FB011-91FB-41D9-8191-A551BAC4B9C0}] => (Block) %ProgramFiles%\IK Multimedia\AmpliTube 4\AmpliTube 4.exe
FirewallRules: [{59EBCEC4-4FDA-478D-8107-72BF506E176B}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{1611E99B-7EBA-4797-A657-8E9A3B5CE202}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{EF4B258B-1F06-4358-8D0F-C0D308F5B538}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{5B4369CE-FF66-4695-AF3F-E55AF74FAF78}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{241AD40D-564E-46AB-B694-CA1D0929C1B3}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Package\PTInstOnline.exe
FirewallRules: [{0096437F-5E12-449C-9DE2-1143D14D499E}] => (Allow) D:\GameforgeLive\gfl_client.exe
FirewallRules: [{00A1B2F6-B274-41A5-8A00-73A28ACBAD7B}] => (Allow) C:\Users\utente\AppData\Local\Temp\7zS13F1\HPDiagnosticCoreUI.exe
FirewallRules: [{7973C325-2D19-4615-9E75-3FDEBFA10571}] => (Allow) C:\Users\utente\AppData\Local\Temp\7zS13F1\HPDiagnosticCoreUI.exe
FirewallRules: [TCP Query User{F2C9F55D-C32D-4356-8F47-7AD490DA7BD6}D:\gameforgelive\games\ita_ita\tera\tera-launcher.exe] => (Allow) D:\gameforgelive\games\ita_ita\tera\tera-launcher.exe
FirewallRules: [UDP Query User{DCC3C3F7-FA39-4BA6-9E75-EE5611F7A928}D:\gameforgelive\games\ita_ita\tera\tera-launcher.exe] => (Allow) D:\gameforgelive\games\ita_ita\tera\tera-launcher.exe
FirewallRules: [{B9095A19-7A52-4119-A15F-8B440A57F302}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{F4EF172F-02F9-4ABA-AE9D-10E5F794AE5B}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [TCP Query User{11F0939B-5B8E-4CEB-BC5C-169DD425EAC2}D:\tixati\tixati.exe] => (Allow) D:\tixati\tixati.exe
FirewallRules: [UDP Query User{14C058B9-44F7-4D60-BD2E-314291BDE585}D:\tixati\tixati.exe] => (Allow) D:\tixati\tixati.exe
FirewallRules: [{936B97C0-5154-4F9A-B9A6-86A292FE5171}] => (Allow) C:\Users\utente\AppData\Local\Temp\7zS7AD2\HPDiagnosticCoreUI.exe
FirewallRules: [{B7134A5A-FE39-494D-A1DE-87B5A035722D}] => (Allow) C:\Users\utente\AppData\Local\Temp\7zS7AD2\HPDiagnosticCoreUI.exe
FirewallRules: [{F3F7478B-5B10-4D07-A2FF-2738DC7BB610}] => (Allow) C:\Users\utente\AppData\Local\MyComGames\MyComGames.exe
FirewallRules: [{0DC4D8BF-D711-47F6-8990-73728FF730E6}] => (Allow) C:\Users\utente\AppData\Local\MyComGames\MyComGames.exe
FirewallRules: [{45DA740E-A54B-486E-9752-7EE72948F839}] => (Allow) D:\MisuraInternetSpeedTest\dist\mist.exe
FirewallRules: [{B9C39D05-16FE-4B7D-A91A-9F0116E9E36A}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{13B43426-3549-448C-BB94-F349BCA81604}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{4E4A841E-480E-4A48-887B-6D081193F42F}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{74DFC4AF-8066-49AE-A424-878A241E608A}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{6FA72A4A-77CC-4F45-944D-2E9B3B78CFAC}] => (Allow) C:\Program Files (x86)\Nemesys\dist\login.exe
FirewallRules: [{48B74807-EF65-4675-9D2E-3BB65FE20F2A}] => (Allow) C:\Program Files (x86)\Nemesys\dist\login.exe
FirewallRules: [{20510439-D5A0-46D6-A5A7-3F3675482178}] => (Allow) C:\Program Files (x86)\Nemesys\dist\login.exe
FirewallRules: [{C35CFB53-8C1D-45EA-8EC7-E78AEEBD10FD}] => (Allow) C:\Program Files (x86)\Nemesys\dist\login.exe
FirewallRules: [TCP Query User{52A35EEC-6D53-4949-8888-8B991D117F4F}D:\mygames\revelation online\game\tianyu.exe] => (Allow) D:\mygames\revelation online\game\tianyu.exe
FirewallRules: [UDP Query User{A41AC13F-750B-47F4-BD93-828C1CB94C79}D:\mygames\revelation online\game\tianyu.exe] => (Allow) D:\mygames\revelation online\game\tianyu.exe
FirewallRules: [{EB1C1C16-0CF6-4EA8-9CB1-1078F48BE04D}] => (Allow) D:\STEAM DI MERDA\Steam.exe
FirewallRules: [{6B270528-ADB7-41DF-B4F0-77F2A6A0B582}] => (Allow) D:\STEAM DI MERDA\Steam.exe
FirewallRules: [{CFAC7A8F-44CA-48E4-892A-98BEAEE78436}] => (Allow) D:\STEAM DI MERDA\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{B0AC35FE-1ED4-4055-875C-56493FDE858F}] => (Allow) D:\STEAM DI MERDA\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{62E77EF5-C233-43B1-A268-275B4BD77FEA}] => (Block) LPort=445
FirewallRules: [{396BBB51-BA8B-4E9B-BA69-D3E25E9DFF55}] => (Block) LPort=445
FirewallRules: [{3863C903-F7DC-4887-BB25-9F86F2F6DD9A}] => (Allow) D:\CANZONI TIZIO XFUCKTOR\BIBBIA ACCORDI\ShinraMeterV1.97\ShinraMeter.exe
FirewallRules: [{D86501E7-F46C-4297-B44B-5B9514D82CB6}] => (Allow) D:\CANZONI TIZIO XFUCKTOR\BIBBIA ACCORDI\ShinraMeterV1.97\ShinraMeter.exe
FirewallRules: [{246A3D60-97FF-4CD6-84B3-5F0253D4898C}] => (Allow) D:\EAGLEGET DOWNLOAD VARI\ShinraMeterV2.00\ShinraMeterV2.00\ShinraMeter.exe
FirewallRules: [{DD7C8B8D-FD34-4CD1-9C2D-2DA4FA63492A}] => (Allow) D:\EAGLEGET DOWNLOAD VARI\ShinraMeterV2.00\ShinraMeterV2.00\ShinraMeter.exe
FirewallRules: [{EF55DA77-9C0D-42B5-BFA8-E756CE0D5561}] => (Allow) D:\EAGLEGET DOWNLOAD VARI\ShinraMeterV2.00\ShinraMeterV2.00\ShinraMeter.exe
FirewallRules: [{583F47C9-FFB6-4374-98D6-4175BCBE58E6}] => (Allow) D:\EAGLEGET DOWNLOAD VARI\ShinraMeterV2.00\ShinraMeterV2.00\ShinraMeter.exe
FirewallRules: [{5C3A1909-EB16-4849-8DCF-61F8B3A4677A}] => (Allow) D:\MisuraInternetSpeedTest\dist\mist.exe
FirewallRules: [{FB1EEBB1-8E24-4BEE-AECC-88866CC380E1}] => (Allow) D:\MisuraInternetSpeedTest\dist\mist.exe
FirewallRules: [{DA7814D9-4EFC-4441-9996-0F636043C940}] => (Allow) D:\MisuraInternetSpeedTest\dist\mist.exe
FirewallRules: [{8DA7C7D3-C397-4B60-9366-3292A407D53B}] => (Allow) D:\MisuraInternetSpeedTest\dist\mist.exe
FirewallRules: [{A4250C3B-BA96-4C87-8C4C-996E68627F18}] => (Allow) D:\MisuraInternetSpeedTest\dist\mist.exe
FirewallRules: [{46FEB2BA-96D5-427D-A248-63A1EACAB3FB}] => (Allow) C:\Program Files (x86)\Avira\Scout\Application\scout.exe
FirewallRules: [{9C3EAD91-D0AC-46BE-BA74-244B85F8D1D3}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.5.0\DriverBooster.exe
FirewallRules: [{52A491B1-DACD-4438-AB12-84E8E06F947F}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.5.0\DriverBooster.exe
FirewallRules: [{545D9C9B-8F1A-4A7E-9B95-0A16AE51C496}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.5.0\DBDownloader.exe
FirewallRules: [{22C34E11-4615-4FE2-BC6F-1CCC624C4124}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.5.0\DBDownloader.exe
FirewallRules: [{723D8C03-EB34-4DDC-B601-72472151AA2E}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.5.0\AutoUpdate.exe
FirewallRules: [{278607AB-04D5-46F7-90FD-59A2B618DFE3}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.5.0\AutoUpdate.exe
FirewallRules: [{E11542C2-73C6-4900-9A2B-5AE28AF6AFBD}] => (Allow) D:\GameforgeLive\GameforgeLive.exe
FirewallRules: [{70816553-19DB-4E57-8C0B-F75714318E16}] => (Allow) D:\GameforgeLive\GameforgeLive.exe
FirewallRules: [{8D3F5E31-DD1A-4B50-AD15-BA09ADDCF0E9}] => (Allow) D:\GameforgeLive\GameforgeLive.exe
FirewallRules: [{D4E0AEB9-A8DA-40AB-B306-B5CD60D4362F}] => (Allow) D:\GameforgeLive\GameforgeLive.exe
FirewallRules: [{09B5727B-592F-4E01-A3A4-AC7C46EEBA44}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{FBD3F670-02F5-4C80-A546-86A799160EF2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{282DFAC0-4A1A-486C-8171-2D9F99FD3674}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{0B6C52E2-D91A-4D35-ACBE-DF92943D61BD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{FE1B722E-B6CA-4317-AB01-E7EAEF4D82BC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

19-09-2017 14:38:54 Microsoft Visual C++ 2005 Redistributable installato
19-09-2017 14:39:05 Installed League of Legends
19-09-2017 14:39:25 DirectX installato
28-09-2017 19:24:22 Revo Uninstaller's restore point - Microsoft LifeChat
28-09-2017 19:24:28 Microsoft LifeChat rimosso
28-09-2017 19:24:55 Revo Uninstaller's restore point - Microsoft LifeChat
11-10-2017 10:49:42 Windows Update
25-10-2017 15:50:10 Punto di controllo pianificato

==================== Faulty Device Manager Devices =============

Name: Enumeratore Bluetooth Microsoft
Description: Enumeratore Bluetooth Microsoft
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Microsoft
Service: BthEnum
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Dispositivo Bluetooth (Personal Area Network) #2
Description: Dispositivo Bluetooth (Personal Area Network)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthPan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Dispositivo Bluetooth (RFCOMM protocollo TDI) #2
Description: Dispositivo Bluetooth (RFCOMM protocollo TDI)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RFCOMM
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/02/2017 04:50:56 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generazione del contesto di attivazione non riuscita per "C:\Program Files (x86)\Audacity\audacity.exe". Errore nel file manifesto o dei criteri "", alla riga .
Una versione del componente richiesta dall'applicazione è in conflitto con un'altra versione del componente già attiva.
Componenti in conflitto:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (11/02/2017 04:50:56 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generazione del contesto di attivazione non riuscita per "C:\Program Files (x86)\Audacity\audacity.exe". Errore nel file manifesto o dei criteri "", alla riga .
Una versione del componente richiesta dall'applicazione è in conflitto con un'altra versione del componente già attiva.
Componenti in conflitto:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (11/02/2017 04:33:28 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Il programma mbar.exe versione 1.9.1.1001 non interagisce più con Windows ed è stato chiuso. Per vedere se sono disponibili ulteriori informazioni sul problema, verificare la cronologia del problema in Centro operativo nel Pannello di controllo.

ID processo: 22d8

Ora di avvio: 01d353eebf77fdc2

Ora di chiusura: 10832

Percorso applicazione: C:\Users\utente\Desktop\mbar\mbar.exe

ID segnalazione: 2280b905-bfe3-11e7-bd32-d0509975c149

Error: (11/02/2017 04:25:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome dell'applicazione che ha generato l'errore: RadeonSettings.exe, versione: 10.1.1.1682, timestamp: 0x58fea395
Nome del modulo che ha generato l'errore: RadeonSettings.exe, versione: 10.1.1.1682, timestamp: 0x58fea395
Codice eccezione: 0xc0000409
Offset errore 0x0000000000061f6b
ID processo che ha generato l'errore: 0xe58
Ora di avvio dell'applicazione che ha generato l'errore: 0x01d353ee18c4f1a3
Percorso dell'applicazione che ha generato l'errore: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
Percorso del modulo che ha generato l'errore: C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
ID segnalazione: 0ac98810-bfe2-11e7-bd32-d0509975c149

Error: (11/02/2017 04:20:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Impossibile riattivare il filtro eventi con query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" nello spazio dei nomi "//./root/CIMV2". Errore 0x80041003. Impossibile recapitare gli eventi tramite questo filtro fino alla risoluzione del problema.

Error: (11/02/2017 04:20:18 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generazione del contesto di attivazione non riuscita per "C:\Program Files (x86)\Audacity\audacity.exe". Errore nel file manifesto o dei criteri "", alla riga .
Una versione del componente richiesta dall'applicazione è in conflitto con un'altra versione del componente già attiva.
Componenti in conflitto:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (11/02/2017 04:20:18 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generazione del contesto di attivazione non riuscita per "C:\Program Files (x86)\Audacity\audacity.exe". Errore nel file manifesto o dei criteri "", alla riga .
Una versione del componente richiesta dall'applicazione è in conflitto con un'altra versione del componente già attiva.
Componenti in conflitto:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (11/02/2017 04:20:18 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generazione del contesto di attivazione non riuscita per "C:\Program Files (x86)\Audacity\audacity.exe". Errore nel file manifesto o dei criteri "", alla riga .
Una versione del componente richiesta dall'applicazione è in conflitto con un'altra versione del componente già attiva.
Componenti in conflitto:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (11/02/2017 04:20:18 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generazione del contesto di attivazione non riuscita per "C:\Program Files (x86)\Audacity\audacity.exe". Errore nel file manifesto o dei criteri "", alla riga .
Una versione del componente richiesta dall'applicazione è in conflitto con un'altra versione del componente già attiva.
Componenti in conflitto:.
Componente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Componente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (11/02/2017 04:20:17 PM) (Source: PerfNet) (EventID: 2005) (User: )
Description: Impossibile aprire l'oggetto prestazione del servizio Server. I primi quattro byte (DWORD) della sezione Data contengono il codice di stato, i secondi quattro byte contengono IOSB.Status e i quattro byte successivi contengono IOSB.Information.


System errors:
=============
Error: (11/02/2017 04:20:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Arresto imprevista del servizio egGetSvc. Questo evento si è già verificato 1 volta(e).

Error: (11/02/2017 04:20:27 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: All'avvio non è stato possibile caricare i seguenti driver:
cdrom

Error: (11/02/2017 04:19:47 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Arresto imprevisto del modulo di estendibilità WLAN.

Percorso modulo: C:\Windows\system32\Rtlihvs.dll

Error: (11/02/2017 04:19:47 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Arresto imprevisto del modulo di estendibilità WLAN.

Percorso modulo: C:\Windows\system32\Rtlihvs.dll

Error: (11/02/2017 04:19:45 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Arresto imprevisto del modulo di estendibilità WLAN.

Percorso modulo: C:\Windows\system32\Rtlihvs.dll

Error: (11/02/2017 04:19:30 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Ricevuto avviso di errore irreversibile: 70.

Error: (11/02/2017 04:19:30 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Ricevuto avviso di errore irreversibile: 70.

Error: (11/02/2017 04:19:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Il servizio Avira Service Host è stato arrestato in modo imprevisto. Questo problema si è verificato 1 volta/e. Le seguenti azioni di correzione saranno eseguite tra 10000 millisecondi: Riavvia il servizio.

Error: (11/02/2017 04:19:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Il servizio Servizio di condivisione in rete Windows Media Player è stato arrestato in modo imprevisto. Questo problema si è verificato 1 volta/e. Le seguenti azioni di correzione saranno eseguite tra 30000 millisecondi: Riavvia il servizio.

Error: (11/02/2017 04:19:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Arresto imprevista del servizio Intel® ME Service. Questo evento si è già verificato 1 volta(e).


CodeIntegrity:
===================================
Date: 2017-11-02 16:26:30.140
Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\Program Files (x86)\EagleGet\_eagleGet_x86.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.

Date: 2017-11-02 16:26:30.057
Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\Program Files (x86)\EagleGet\_eagleGet_x86.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.

Date: 2017-11-02 16:26:29.973
Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\Program Files (x86)\EagleGet\_eagleGet_x86.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.

Date: 2017-11-02 16:26:29.887
Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\Program Files (x86)\EagleGet\_eagleGet_x86.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.

Date: 2017-11-02 16:26:29.803
Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\Program Files (x86)\EagleGet\_eagleGet_x86.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.

Date: 2017-11-02 16:26:29.719
Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\Program Files (x86)\EagleGet\_eagleGet_x86.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.

Date: 2017-11-02 16:26:29.629
Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\Program Files (x86)\EagleGet\_eagleGet_x64.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.

Date: 2017-11-02 16:26:29.546
Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\Program Files (x86)\EagleGet\_eagleGet_x64.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.

Date: 2017-11-02 16:26:29.461
Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\Program Files (x86)\EagleGet\_eagleGet_x64.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.

Date: 2017-11-02 16:26:29.373
Description: Controllo dell'integrità del codice: impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume2\Program Files (x86)\EagleGet\_eagleGet_x64.sys. Impossibile trovare l'insieme di hash dell'immagine per pagina nel sistema.


==================== Memory info ===========================

Processor: Intel(R) Xeon(R) CPU E3-1230 v3 @ 3.30GHz
Percentage of memory in use: 42%
Total physical RAM: 16335.33 MB
Available physical RAM: 9455.68 MB
Total Virtual: 32668.85 MB
Available Virtual: 26454.62 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:230.79 GB) (Free:90.75 GB) NTFS
Drive d: (Volume) (Fixed) (Total:931.51 GB) (Free:547.06 GB) NTFS
Drive e: (HP_TOOLS) (Fixed) (Total:2 GB) (Free:1.92 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 55F2B1F7)
Partition 1: (Active) - (Size=81 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=230.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=2 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 4560E80B)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

[Dan1979]

Ciao

in modalita provvisoria prova se il problema si presenta...

disinstalla questo programmi da pannello di controllo( e se non ti serve):
-Driver booster (dimmi se cè o meno)

Se non ti servono disinstalla anche questi:
-Line 6 Uninstaller
-Tixati
-IZArc

Poi posiziona frst sul desktop assieme al file allegato fixlist.txt (mettili tutti e due sul desktop)
tasto dx sopra frst--->esegui come amministratore
clicca su FIX
attendi la fine delle operazioni e che il pc si riavvii ( se non riavvia fa fallo te)
posta il file fixlog.txt (lo trovi sul desktop)

Fai pulizia con ccleaner sia sistema che registro

Fa sapere se il problema è risolto e ricordati di provare se te lo fa anche in modalita provvisoria....

Ciao

[lidel]

driver booster, tixati, izarc, line6

sono tutti programmi che utilizzo con discreta regolarità. posso sapere come mai mi consigli di eliminarli?

ma ccleaner non era stato consigliato di non usarlo perchè aveva dei seri problemi ( malware)?

[Dan1979]

Ciao

Ancora non mi hai risposto se in modalita provvisoria te lo fa...

Driver booster , è un ottimizzatore di driver , alle volte puo fare danni....non sono amante di questo genere e di programmi...
Tixati mi pare che sia un programma p2p e quindi puo portare virus come qualsiasi programma p2p(es;utorrent)...
Gli altri non li conosco....
Comunque se li utilizzi puoi tenerli, te l ho specificato nel post precedente....

Il fix e il resto delle istruzioni le hai eseguite??
Ricordati di postare il fixlog.txt....

Per quanto riguarda ccleaner, chi ti ha sconsigliato di usarlo??
Il fattaccio di ccleaner ormai è alle spalle...
In piu riguarda chi ha installato la versione 5.33 a 32 bit, da meta agosto a meta settembre...
Te non lo hai installato anzi non ce lo hai proprio installato....
Quindi scaricalo e usalo pure....
Ti rimando a questa mia guida rigurdo il virus di ccleaner...https://www.tomshw.it/forum/threads/...leaner.665763/

comunque esegui tutto e poi vediamo...

[lidel]

ok perfetto e grazie per l'aiuto. vedo in questi giorni di postarti il tutto. allora ti posso già dire che lo scherzetto della tastiera non me lo sta piu' facendo da quando ho eseguito le varie scansioni, anche in modalità provvisoria non me lo ha fatto. se mi dici che driver booster può far danni, lo tolgo

scusa la mia ignoranza: il file fixlog.txt è quello composto da 2 pagine di frst o è un altro programma ancora?

comunque anche oggi, per il momento, nessun problema con la tastiera

[Dan1979]

Ciao

Driver booster non ho detto che lo devi togliere....
Se vuoi il mio parere per aggiornare i driver conviene sempre verificare a mano nei siti dei produttori se ci sono versioni di driver piu recenti...
Poi se te ti trovi bene con driver booster nessun problema lo puoi tenere...

Le due pagine di frst, come dici sono frst.txt e addition.txt che ha generato il programma la prima volta quando hai fatto la scansione (non centrano nulla con il fixlog.txt)..
Il file fixlog.txt te lo genera dopo aver eseguito il FIX con frst (dovrebbe essere sul desktop se hai seguito le mie istruzioni),che ti ho fornito nei post precedenti(si chiama fixlist.txt)...

Ciao