-

[RISOLTO] Check Point Sandblast Agent for Browser

#1
Mi sono trovato questa estensione installata su Chrome. A quanto pare dovrebbe essere utile per la sicurezza di navigazione però vorrei disinstallarla.
Ho provato a farlo con CCleaner, IObit Uninstaller, in modalità provvisioria cancellando manualmente le cartelle, ma ogni volta che riavvio riappare.
Qualcuno ha idea di come riuscire a toglierla definitivamente dal pc?
Utilizzo Windows 10
Ringrazio anticipatamente chi vorrà aiutarmi
 

danilo79

Utente Attivo
1,541
375
Hardware Utente
#3
Ciao

-Verifica se hai installato qualche programma che fa riferimento a quell estensione tipo endpoint protection, oppure Total endpoint security ,quindi disinstallalo...
-Prova a cancellare l estensione, non riavviare...scrivi nella barra degli indirizzi chrome: // extensions e cancellala-...
-Prova a vedere se cè qualcosa anche in app...scrivi nella barra degli indirizzi chrome: // apps vedi e cancella...
-Resetta chrome ,vedi qui https://support.google.com/chrome/answer/3296214?hl=it

Poi apri Prompt dei comandi come amministratore, vedi qui per farlo https://it.ccm.net/faq/5335-come-aprire-un-prompt-di-comandi-con-permessi-amministratore

All apertura del prompt:

digita o copia: RD /S /Q "%WinDir%\System32\GroupPolicyUsers" e dare invio

digita o copia: RD /S /Q "%WinDir%\System32\GroupPolicy" e dare invio

digita o copia: gpupdate /force e dare invio

chiudi il Prompt e clicca col destro sul desktop e seleziona "Aggiorna"
Si deve cambiare la pagina iniziale di Chrome.

riavvia il pc e verifica se ha funzionato....

Poi esegui le seguenti scansioni in ordine come scritte:

Malwarebyte antimalware scaricalo da qui https://it.malwarebytes.com/
fai la scansione ed elimina cio che trova e posta il log generato

Poi scarica adwcleaner da quihttps://www.bleepingcomputer.com/download/adwcleaner/
tasto dx sopra eseguibile avvia come amministratore e fai la scansione elimina quello che trova e posta il log

Poi scarica frst da qui https://www.bleepingcomputer.com/dow...ery-scan-tool/
scarica la versione adatta al tuo sistemaoperativo 32 o 64 bit
posiziona l eseguibile sul desktop
tasto dx sopra eseguibile--apri come amministratore
una volta aperto clicca su scan
postare log frst.txt e addition.txt

Ciao
 
Ultima modifica:
#5
Allora andiamo con ordine.

L'estensione non si può disinstallare o disattivare



Nelle App non è presente
Ho eseguito i comandi da prompt come amministratore


La scansione con Malware Bytes non ha trovato niente.

La scansione con Adware ha trovato ed eliminato qualcosa.
# -------------------------------
# Malwarebytes AdwCleaner 7.2.1.0
# -------------------------------
# Build: 06-26-2018
# Database: 2018-06-19.4
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-19-2018
# Duration: 00:00:02
# OS: Windows 10 Home
# Cleaned: 7
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\Utente\AppData\Roaming\Wise Euask

***** [ Files ] *****

Deleted C:\Users\Utente\Downloads\WRCFree.exe

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted C:\Windows\System32\Tasks\FreeDownloadManagerNetworkMonitor

***** [ Registry ] *****

Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FreeDownloadManagerNetworkMonitor
Deleted HKLM\Software\Wow6432Node\POLICIES\GOOGLE\Chrome
Deleted HKLM\SOFTWARE\POLICIES\GOOGLE\Chrome
Deleted HKLM\Software\Classes\CLSID\{D4EF86C3-77D7-4F82-BBB8-6DFFAB6E2D32}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1754 octets] - [19/07/2018 16:32:39]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Risultati di Farbar
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15.07.2018
Ran by Utente (administrator) on DESKTOP-5MD0CU0 (19-07-2018 17:19:00)
Running from C:\Users\Utente\Desktop
Loaded Profiles: Utente (Available Profiles: defaultuser0 & Utente)
Platform: Windows 10 Home Version 1803 17134.165 (X64) Language: Italiano (Italia)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Qualcomm Technologies Inc.) C:\Windows\System32\QcomWlanSrvx64.exe
(Realtek) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlService.exe
() C:\Windows\runSW.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1806.18062-0\MsMpEng.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(Realtek) C:\Windows\SwUSB.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtWLan.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1806.18062-0\NisSrv.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.3\bin\postgres.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Telegram Messenger LLP) C:\Users\Utente\AppData\Roaming\Telegram Desktop\Telegram.exe
(Microsoft) C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeApp.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\mspaint.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9039880 2016-10-28] (Realtek Semiconductor)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2017-08-13] (IvoSoft)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133216 2017-03-23] (Wondershare)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-415792782-2538413634-1540922066-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18385368 2018-06-24] (Piriform Ltd)
HKU\S-1-5-21-415792782-2538413634-1540922066-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3201312 2018-06-09] (Valve Corporation)
HKU\S-1-5-21-415792782-2538413634-1540922066-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-415792782-2538413634-1540922066-1001\...\MountPoints2: {61c23bc1-8362-11e8-a1cf-00c0ca966474} - "V:\setup.exe"
HKU\S-1-5-21-415792782-2538413634-1540922066-1001\...\MountPoints2: {6b350627-67d8-11e8-a1b1-88d7f65269cd} - "V:\setup.exe"
HKU\S-1-5-21-415792782-2538413634-1540922066-1001\...\MountPoints2: {8802f70c-76c0-11e8-a1be-00c0ca966474} - "V:\setup.exe"
HKU\S-1-5-21-415792782-2538413634-1540922066-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Bubbles.scr [804352 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [Free Download Manager] => C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe [10177536 2018-05-28] (FreeDownloadManager.org)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MobileGo Service.lnk [2018-02-28]
ShortcutTarget: MobileGo Service.lnk -> C:\Program Files (x86)\Wondershare\MobileGo\MobileGoService.exe (Wondershare)
Startup: C:\Users\Utente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2018-03-14]
ShortcutTarget: Twitch.lnk -> C:\Users\Utente\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{8ed6f2bd-4eba-4952-8eee-b1c2a52eb8e1}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{d3de90b7-2a62-426c-aabf-57efa84f9009}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{d80df891-cd00-428e-89bc-f87f0e80c819}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{f44c80b5-2301-48b8-a391-38d2ed6ad9a9}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-415792782-2538413634-1540922066-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?ocid=iehp
HKU\S-1-5-21-415792782-2538413634-1540922066-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus17win10.msn.com/?pc=ASTE
SearchScopes: HKU\S-1-5-21-415792782-2538413634-1540922066-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2018-01-25] (IObit)
BHO: No Name -> {13D67BB7-DB5F-48AA-884D-7A5D94168509} -> No File
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (IvoSoft)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2017-08-13] (IvoSoft)
BHO-x32: No Name -> {13D67BB7-DB5F-48AA-884D-7A5D94168509} -> No File
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-13] (IvoSoft)
BHO-x32: No Name -> {C0E8AE32-0758-4C8D-AB71-23B361FE8964} -> No File
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2017-08-13] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-13] (IvoSoft)

FireFox:
========
FF DefaultProfile: czcpvqr1.default
FF ProfilePath: C:\Users\Utente\AppData\Roaming\Mozilla\Firefox\Profiles\czcpvqr1.default [2018-07-18]
FF Extension: (Adblock Plus) - C:\Users\Utente\AppData\Roaming\Mozilla\Firefox\Profiles\czcpvqr1.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-02-13]
FF HKLM\...\Firefox\Extensions: [@sandblast] - => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_30_0_0_134.dll [2018-07-15] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_134.dll [2018-07-15] ()
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-06-24] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-06-24] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://google.it/
CHR Profile: C:\Users\Utente\AppData\Local\Google\Chrome\User Data\Default [2018-07-19]
CHR Extension: (Presentazioni) - C:\Users\Utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-13]
CHR Extension: (Free Download Manager) - C:\Users\Utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmpjcflkgiildlgicmcieglgoilbfdp [2018-05-29]
CHR Extension: (Documenti) - C:\Users\Utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-13]
CHR Extension: (Google Drive) - C:\Users\Utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-02-13]
CHR Extension: (YouTube) - C:\Users\Utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-02-13]
CHR Extension: (Adblock Plus) - C:\Users\Utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-07-18]
CHR Extension: (Fogli) - C:\Users\Utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-13]
CHR Extension: (Google Documenti offline) - C:\Users\Utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-02-15]
CHR Extension: (Blocco dei Popup) - C:\Users\Utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiodaajmphnkcajieajajinghpejdjai [2018-06-15]
CHR Extension: (Video Downloader professional) - C:\Users\Utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmdldgcmokdpmacblnehppgkjphcbpnn [2018-07-05]
CHR Extension: (Pagamenti Chrome Web Store) - C:\Users\Utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\Utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-02-13]
CHR Extension: (Chrome Media Router) - C:\Users\Utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-06]
CHR Profile: C:\Users\Utente\AppData\Local\Google\Chrome\User Data\System Profile [2018-07-17]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\WINDOWS\system32\DRIVERS\AdminService.exe [414728 2017-11-08] (Windows (R) Win 7 DDK provider)
S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7002120 2017-12-20] ()
S3 DevActSvc; C:\Program Files (x86)\ASUS\ASUS Device Activation\DevActSvc.exe [326032 2018-06-05] ()
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [987432 2016-07-26] (Intel(R) Corporation)
R2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [206096 2018-01-25] (IObit)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-10-05] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764896 2018-05-20] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764896 2018-05-20] (NVIDIA Corporation)
R2 osrss; C:\WINDOWS\system32\osrss.dll [131288 2018-06-27] (Microsoft Corporation)
R2 QcomWlanSrv; C:\WINDOWS\System32\QcomWlanSrvx64.exe [220672 2017-11-08] (Qualcomm Technologies Inc.)
R2 RealtekWlanU; C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlService.exe [48856 2014-10-09] (Realtek)
S2 RTLDHCPService; C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe [262360 2014-10-09] (Realtek)
R2 RunSwUSB; C:\Windows\runSW.exe [44760 2014-12-15] ()
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11294448 2018-03-09] (TeamViewer GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\NisSrv.exe [3925648 2018-07-05] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MsMpEng.exe [100080 2018-07-05] (Microsoft Corporation)
S4 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.2.0.5\WsAppService.exe [411648 2016-03-31] (Wondershare) [File not signed]
S4 WsDrvInst; C:\Program Files (x86)\Wondershare\MobileGo\DriverInstall.exe [116368 2016-05-26] (Wondershare)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
S2 postgresql-x64-9.3; "C:\Program Files\PostgreSQL\9.3\bin\pg_ctl.exe" runservice -N "postgresql-x64-9.3" -D "C:/Program Files/PostgreSQL/9.3/data" -w [X] <==== ATTENTION

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 am7pro; C:\Games\ArtMoney\am74364.sys [10240 2013-02-24] () [File not signed]
S3 ampa; C:\Windows\system32\ampa.sys [38320 2016-12-26] ()
S3 ampa; C:\Windows\SysWOW64\ampa.sys [38320 2016-12-26] ()
R3 BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [70544 2017-11-08] (Qualcomm)
R2 cpbak; C:\WINDOWS\System32\DRIVERS\cpbak.sys [60080 2017-10-10] (Check Point Software Technologies Ltd.)
R1 CPEPMon; C:\WINDOWS\System32\DRIVERS\CPEPMon.sys [68280 2017-11-29] (Check Point Software Technologies Ltd.)
S3 Dnetr7364; C:\WINDOWS\System32\drivers\Dnetr7364.sys [716800 2009-06-17] (Ralink Technology, Corp.)
R3 DroidCam; C:\WINDOWS\system32\DRIVERS\droidcam.sys [33592 2015-05-24] (Dev47Apps)
R3 DroidCamVideo; C:\WINDOWS\system32\DRIVERS\droidcamvideo.sys [230712 2015-05-24] (Windows (R) Win 7 DDK provider)
R1 epnetflt; C:\WINDOWS\system32\drivers\epnetflt.sys [117400 2017-12-10] (Check Point Software Technologies)
R1 epregflt; C:\WINDOWS\system32\drivers\epregflt.sys [101552 2017-10-23] (Check Point Software Technologies)
R3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [39904 2017-06-06] (IObit.com)
R3 IURegProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegProcessFilter.sys [40328 2018-01-10] (IObit.com)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253664 2018-07-19] (Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvaki.inf_amd64_ac5431fc854f39b1\nvlddmkm.sys [17200392 2018-06-25] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [31200 2018-05-20] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [67432 2018-03-15] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [68112 2018-04-28] (NVIDIA Corporation)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] ()
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [943112 2016-08-22] (Realtek )
R3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [8228688 2018-05-03] (Realtek Semiconductor Corporation )
R1 UimBus; C:\WINDOWS\System32\drivers\uimbus.sys [108896 2017-09-12] (Paragon Software GmbH)
R1 Uim_DEVIM; C:\WINDOWS\System32\drivers\uimdevim.sys [44904 2017-09-12] (Paragon Software GmbH)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [213632 2018-02-26] (Oracle Corporation)
R1 vmkbd3; C:\WINDOWS\system32\DRIVERS\vmkbd.sys [52288 2018-01-08] (VMware, Inc.)
R0 vsock; C:\WINDOWS\system32\DRIVERS\vsock.sys [91712 2017-09-05] (VMware, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46592 2018-07-05] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [340008 2018-07-05] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [59944 2018-07-05] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-07-19 17:19 - 2018-07-19 17:19 - 000021724 _____ C:\Users\Utente\Desktop\FRST.txt
2018-07-19 17:18 - 2018-07-19 17:19 - 000000000 ____D C:\FRST
2018-07-19 17:16 - 2018-07-19 17:16 - 002412544 _____ (Farbar) C:\Users\Utente\Desktop\FRST64.exe
2018-07-19 16:30 - 2018-07-19 16:30 - 007395536 _____ (Malwarebytes) C:\Users\Utente\Downloads\AdwCleaner.exe
2018-07-19 16:04 - 2018-07-19 16:04 - 000900574 _____ C:\Users\Utente\Desktop\bookmarks_19_07_18.html
2018-07-19 16:01 - 2018-07-19 16:14 - 000000000 ____D C:\Users\Utente\Desktop\Revome Sandblast
2018-07-19 15:30 - 2018-07-19 16:36 - 000253664 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-07-19 15:30 - 2018-07-19 15:30 - 000001914 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-07-19 15:30 - 2018-07-19 15:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-07-19 15:30 - 2018-07-19 15:30 - 000000000 ____D C:\Program Files\Malwarebytes
2018-07-19 15:30 - 2018-04-26 05:36 - 000152184 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2018-07-19 15:11 - 2018-07-19 15:16 - 076534856 _____ (Malwarebytes ) C:\Users\Utente\Downloads\mb3-setup-35891.35891-3.5.1.2522-1.0.365-1.0.5292.exe
2018-07-18 17:36 - 2018-07-18 17:36 - 000001185 _____ C:\Users\Utente\Desktop\StarsHelper (2).lnk
2018-07-18 00:22 - 2018-07-19 14:32 - 2349553152 ____H C:\Users\Utente\Downloads\.getxfer.12716.0.mega
2018-07-15 16:42 - 2018-07-15 16:42 - 000000000 ____D C:\ProgramData\Paragon Software
2018-07-15 16:41 - 2018-07-15 16:41 - 000001424 _____ C:\Users\Public\Desktop\Paragon Hard Disk Manager™ 16 Basic.lnk
2018-07-15 16:41 - 2018-07-15 16:41 - 000000000 ____D C:\Users\Utente\AppData\Local\Paragon
2018-07-15 16:41 - 2018-07-15 16:41 - 000000000 ____D C:\Users\Utente\.Hard Disk Manager 16 Basic
2018-07-15 16:41 - 2018-07-15 16:41 - 000000000 ____D C:\Users\Public\Documents\My Wipe Reports
2018-07-15 16:41 - 2018-07-15 16:41 - 000000000 ____D C:\ProgramData\Paragon
2018-07-15 16:41 - 2018-07-15 16:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hard Disk Manager 16 Basic
2018-07-15 16:41 - 2018-07-15 16:41 - 000000000 ____D C:\Program Files\Paragon Software
2018-07-15 16:32 - 2018-07-15 16:39 - 168139792 _____ (Paragon Software GmbH) C:\Users\Utente\Downloads\hdm16_basic_x64.exe
2018-07-15 14:55 - 2018-07-15 14:55 - 000000000 ____D C:\Users\Utente\AppData\Local\StarsHelper
2018-07-15 14:54 - 2018-07-15 14:56 - 000000000 ____D C:\Program Files (x86)\StarsHelper
2018-07-15 14:54 - 2018-07-15 14:54 - 000001149 _____ C:\Users\Utente\Desktop\StarsHelper.lnk
2018-07-15 14:54 - 2018-07-15 14:54 - 000000000 ____D C:\Users\Utente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StarsHelper
2018-07-15 12:21 - 2018-07-15 12:21 - 000657628 _____ C:\Users\Utente\Downloads\SandBlast-Agent-for-Browsers-FAQ.pdf
2018-07-11 12:47 - 2018-07-06 16:20 - 002868640 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-07-11 12:47 - 2018-07-06 16:20 - 001610648 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-07-11 12:47 - 2018-07-06 16:20 - 000792472 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-07-11 12:47 - 2018-07-06 16:20 - 000689560 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-07-11 12:47 - 2018-07-06 16:20 - 000612248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-07-11 12:47 - 2018-07-06 16:20 - 000451992 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-07-11 12:47 - 2018-07-06 16:20 - 000309664 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-07-11 12:47 - 2018-07-06 16:20 - 000144792 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-07-11 12:47 - 2018-07-06 16:20 - 000070040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-07-11 12:47 - 2018-07-06 16:17 - 003932672 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2018-07-11 12:47 - 2018-07-06 16:14 - 000541592 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-07-11 12:47 - 2018-07-06 15:56 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2018-07-11 12:47 - 2018-07-06 15:53 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2018-07-11 12:47 - 2018-07-06 15:53 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2018-07-11 12:47 - 2018-07-06 15:53 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2018-07-11 12:47 - 2018-07-06 15:52 - 001787392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2018-07-11 12:47 - 2018-07-06 15:52 - 000677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2018-07-11 12:47 - 2018-07-06 15:51 - 003652608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-07-11 12:47 - 2018-07-06 15:51 - 002051584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2018-07-11 12:47 - 2018-07-06 15:51 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-07-11 12:47 - 2018-07-06 15:51 - 001004032 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2018-07-11 12:47 - 2018-07-06 15:51 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-07-11 12:47 - 2018-07-06 15:50 - 000615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2018-07-11 12:47 - 2018-07-06 15:49 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2018-07-11 12:47 - 2018-07-06 14:06 - 003611368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2018-07-11 12:47 - 2018-07-06 13:54 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2018-07-11 12:47 - 2018-07-06 13:54 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-07-11 12:47 - 2018-07-06 13:53 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2018-07-11 12:47 - 2018-07-06 13:53 - 000347136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2018-07-11 12:47 - 2018-07-06 13:52 - 002895360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-07-11 12:47 - 2018-07-06 13:52 - 001452544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2018-07-11 12:47 - 2018-07-06 13:52 - 001308160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2018-07-11 12:47 - 2018-07-06 13:51 - 002401280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2018-07-11 12:47 - 2018-07-06 13:51 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2018-07-11 12:47 - 2018-07-06 13:26 - 019525120 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-07-11 12:47 - 2018-07-06 13:25 - 023863296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-07-11 12:47 - 2018-07-06 13:01 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-07-11 12:47 - 2018-07-06 09:32 - 000480672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-07-11 12:47 - 2018-07-06 09:31 - 000462752 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-07-11 12:47 - 2018-07-06 09:31 - 000035232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-07-11 12:47 - 2018-07-06 09:29 - 000272296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-07-11 12:47 - 2018-07-06 09:29 - 000269224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-07-11 12:47 - 2018-07-06 09:27 - 001174432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-07-11 12:47 - 2018-07-06 09:27 - 001063320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-07-11 12:47 - 2018-07-06 09:27 - 001012632 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-07-11 12:47 - 2018-07-06 09:27 - 000709824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-07-11 12:47 - 2018-07-06 09:27 - 000567176 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-07-11 12:47 - 2018-07-06 09:27 - 000134552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-07-11 12:47 - 2018-07-06 09:27 - 000057440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.ShellCommon.Broker.dll
2018-07-11 12:47 - 2018-07-06 09:26 - 002712992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-07-11 12:47 - 2018-07-06 09:26 - 001148800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2018-07-11 12:47 - 2018-07-06 09:26 - 000930720 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2018-07-11 12:47 - 2018-07-06 09:26 - 000766608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2018-07-11 12:47 - 2018-07-06 09:26 - 000170912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-07-11 12:47 - 2018-07-06 09:25 - 009147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-07-11 12:47 - 2018-07-06 09:25 - 002753040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-07-11 12:47 - 2018-07-06 09:25 - 002571728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-07-11 12:47 - 2018-07-06 09:25 - 002420632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-07-11 12:47 - 2018-07-06 09:25 - 001945784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-07-11 12:47 - 2018-07-06 09:25 - 001026464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-07-11 12:47 - 2018-07-06 09:25 - 001018616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-07-11 12:47 - 2018-07-06 09:25 - 000885856 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-07-11 12:47 - 2018-07-06 09:25 - 000483048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-07-11 12:47 - 2018-07-06 09:25 - 000335776 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2018-07-11 12:47 - 2018-07-06 09:25 - 000267680 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-07-11 12:47 - 2018-07-06 09:25 - 000139672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2018-07-11 12:47 - 2018-07-06 09:24 - 000380824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-07-11 12:47 - 2018-07-06 09:16 - 000567144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-07-11 12:47 - 2018-07-06 09:14 - 002242208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-07-11 12:47 - 2018-07-06 09:14 - 001981896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-07-11 12:47 - 2018-07-06 09:14 - 001175568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-07-11 12:47 - 2018-07-06 09:14 - 000988640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2018-07-11 12:47 - 2018-07-06 09:14 - 000829856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2018-07-11 12:47 - 2018-07-06 09:14 - 000573904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2018-07-11 12:47 - 2018-07-06 09:13 - 001620872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-07-11 12:47 - 2018-07-06 09:10 - 025845760 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-07-11 12:47 - 2018-07-06 09:07 - 022006272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-07-11 12:47 - 2018-07-06 09:04 - 022713856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-07-11 12:47 - 2018-07-06 09:03 - 004371456 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-07-11 12:47 - 2018-07-06 09:02 - 009084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2018-07-11 12:47 - 2018-07-06 09:01 - 007057408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2018-07-11 12:47 - 2018-07-06 09:01 - 005883904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2018-07-11 12:47 - 2018-07-06 09:01 - 000104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2018-07-11 12:47 - 2018-07-06 09:01 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2018-07-11 12:47 - 2018-07-06 09:00 - 019403264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-07-11 12:47 - 2018-07-06 09:00 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2018-07-11 12:47 - 2018-07-06 09:00 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2018-07-11 12:47 - 2018-07-06 09:00 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2018-07-11 12:47 - 2018-07-06 09:00 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2018-07-11 12:47 - 2018-07-06 09:00 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsTelemetry.dll
2018-07-11 12:47 - 2018-07-06 09:00 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2018-07-11 12:47 - 2018-07-06 08:59 - 006647296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2018-07-11 12:47 - 2018-07-06 08:59 - 003381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2018-07-11 12:47 - 2018-07-06 08:59 - 001153536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2018-07-11 12:47 - 2018-07-06 08:59 - 000453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2018-07-11 12:47 - 2018-07-06 08:59 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\NmaDirect.dll
2018-07-11 12:47 - 2018-07-06 08:59 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Geolocation.dll
2018-07-11 12:47 - 2018-07-06 08:59 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2018-07-11 12:47 - 2018-07-06 08:59 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\tokenbinding.dll
2018-07-11 12:47 - 2018-07-06 08:59 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2018-07-11 12:47 - 2018-07-06 08:58 - 004867584 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-07-11 12:47 - 2018-07-06 08:58 - 002825728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2018-07-11 12:47 - 2018-07-06 08:58 - 001931776 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeangle.dll
2018-07-11 12:47 - 2018-07-06 08:58 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2018-07-11 12:47 - 2018-07-06 08:58 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-07-11 12:47 - 2018-07-06 08:58 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2018-07-11 12:47 - 2018-07-06 08:58 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2018-07-11 12:47 - 2018-07-06 08:58 - 000236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2018-07-11 12:47 - 2018-07-06 08:58 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Cortana.dll
2018-07-11 12:47 - 2018-07-06 08:58 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-07-11 12:47 - 2018-07-06 08:58 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProv2faHelper.dll
2018-07-11 12:47 - 2018-07-06 08:58 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2018-07-11 12:47 - 2018-07-06 08:58 - 000075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2018-07-11 12:47 - 2018-07-06 08:58 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tokenbinding.dll
2018-07-11 12:47 - 2018-07-06 08:57 - 007579648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-07-11 12:47 - 2018-07-06 08:57 - 005779456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-07-11 12:47 - 2018-07-06 08:57 - 003712512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-07-11 12:47 - 2018-07-06 08:57 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-07-11 12:47 - 2018-07-06 08:57 - 000839680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2018-07-11 12:47 - 2018-07-06 08:57 - 000813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-07-11 12:47 - 2018-07-06 08:57 - 000676864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Devices.dll
2018-07-11 12:47 - 2018-07-06 08:57 - 000614912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-07-11 12:47 - 2018-07-06 08:57 - 000473088 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2018-07-11 12:47 - 2018-07-06 08:57 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2018-07-11 12:47 - 2018-07-06 08:57 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NmaDirect.dll
2018-07-11 12:47 - 2018-07-06 08:56 - 001986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2018-07-11 12:47 - 2018-07-06 08:56 - 001817600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2018-07-11 12:47 - 2018-07-06 08:56 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-07-11 12:47 - 2018-07-06 08:56 - 001567744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2018-07-11 12:47 - 2018-07-06 08:56 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-07-11 12:47 - 2018-07-06 08:56 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2018-07-11 12:47 - 2018-07-06 08:56 - 000814592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-07-11 12:47 - 2018-07-06 08:56 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2018-07-11 12:47 - 2018-07-06 08:56 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-07-11 12:47 - 2018-07-06 08:56 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2018-07-11 12:47 - 2018-07-06 08:56 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2018-07-11 12:47 - 2018-07-06 08:56 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-07-11 12:47 - 2018-07-06 08:56 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-07-11 12:47 - 2018-07-06 08:56 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2018-07-11 12:47 - 2018-07-06 08:56 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioCredProv.dll
2018-07-11 12:47 - 2018-07-06 08:56 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2018-07-11 12:47 - 2018-07-06 08:56 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-07-11 12:47 - 2018-07-06 08:56 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProv2faHelper.dll
2018-07-11 12:47 - 2018-07-06 08:55 - 003440128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-07-11 12:47 - 2018-07-06 08:55 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-07-11 12:47 - 2018-07-06 08:55 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-07-11 12:47 - 2018-07-06 08:55 - 001395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-07-11 12:47 - 2018-07-06 08:55 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-07-11 12:47 - 2018-07-06 08:55 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2018-07-11 12:47 - 2018-07-06 08:55 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2018-07-11 12:47 - 2018-07-06 08:55 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2018-07-11 12:47 - 2018-07-06 08:55 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-07-11 12:47 - 2018-07-06 08:54 - 003015680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-07-11 12:47 - 2018-07-06 08:54 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2018-07-11 12:47 - 2018-07-06 08:54 - 002236928 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-07-11 12:47 - 2018-07-06 08:54 - 001214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2018-07-11 12:47 - 2018-07-06 08:54 - 000999936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-07-11 12:47 - 2018-07-06 08:54 - 000978944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2018-07-11 12:47 - 2018-07-06 08:54 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2018-07-11 12:47 - 2018-07-06 08:54 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2018-07-11 12:47 - 2018-07-06 08:54 - 000884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2018-07-11 12:47 - 2018-07-06 08:54 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2018-07-11 12:47 - 2018-07-06 08:54 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-07-11 12:47 - 2018-07-06 08:54 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-07-11 12:47 - 2018-07-06 08:54 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2018-07-11 12:47 - 2018-07-06 08:54 - 000254464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BioCredProv.dll
2018-07-11 12:47 - 2018-07-06 08:53 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2018-07-11 12:47 - 2018-07-06 08:53 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2018-07-11 12:47 - 2018-07-06 08:53 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2018-07-11 12:47 - 2018-07-06 08:53 - 000705024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2018-07-11 12:47 - 2018-07-06 08:52 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-07-11 12:47 - 2018-07-06 07:41 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2018-07-11 12:47 - 2018-06-29 06:16 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-07-10 21:11 - 2018-07-19 16:34 - 086245376 _____ C:\WINDOWS\system32\config\SOFTWARE
2018-07-09 13:56 - 2018-07-09 13:56 - 000000000 ____D C:\Users\Utente\AppData\Local\UnrealEngine
2018-07-09 13:56 - 2018-07-09 13:56 - 000000000 ____D C:\Users\Utente\AppData\Local\motogp18
2018-07-09 13:56 - 2018-07-09 13:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MotoGP 18
2018-07-07 12:15 - 2018-06-15 19:50 - 001376576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2018-07-07 12:15 - 2018-06-15 19:49 - 021388856 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-07-07 12:15 - 2018-06-15 19:48 - 002395056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2018-07-07 12:15 - 2018-06-15 19:48 - 000338352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2018-07-07 12:15 - 2018-06-15 19:34 - 008623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2018-07-07 12:15 - 2018-06-15 19:33 - 012710400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-07-07 12:15 - 2018-06-15 19:30 - 001308672 _____ C:\WINDOWS\system32\FaceProcessor.dll
2018-07-07 12:15 - 2018-06-15 19:30 - 001254400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-07-07 12:15 - 2018-06-15 19:30 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2018-07-07 12:15 - 2018-06-15 19:30 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2018-07-07 12:15 - 2018-06-15 19:29 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-07-07 12:15 - 2018-06-15 19:29 - 000740864 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2018-07-07 12:15 - 2018-06-15 19:28 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2018-07-07 12:15 - 2018-06-15 17:25 - 020383720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-07-07 12:15 - 2018-06-15 17:22 - 001026896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2018-07-07 12:15 - 2018-06-15 17:16 - 002206528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2018-07-07 12:15 - 2018-06-15 17:07 - 011901952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-07-07 12:15 - 2018-06-15 17:06 - 007987712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2018-07-07 12:15 - 2018-06-15 17:03 - 000667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-07-07 12:15 - 2018-06-15 17:02 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2018-07-07 12:15 - 2018-06-15 15:23 - 000788992 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2018-07-07 12:15 - 2018-06-15 07:21 - 001213368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2018-07-07 12:15 - 2018-06-15 07:21 - 000761440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2018-07-07 12:15 - 2018-06-15 07:19 - 001034632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-07-07 12:15 - 2018-06-15 07:16 - 000562080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2018-07-07 12:15 - 2018-06-15 07:16 - 000433560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-07-07 12:15 - 2018-06-15 07:15 - 002563960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2018-07-07 12:15 - 2018-06-15 07:15 - 000753152 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2018-07-07 12:15 - 2018-06-15 07:13 - 000510904 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2018-07-07 12:15 - 2018-06-15 07:13 - 000324000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2018-07-07 12:15 - 2018-06-15 07:12 - 007519992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-07-07 12:15 - 2018-06-15 07:12 - 000661152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2018-07-07 12:15 - 2018-06-15 07:12 - 000491304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2018-07-07 12:15 - 2018-06-15 07:12 - 000260896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-07-07 12:15 - 2018-06-15 07:11 - 006817872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2018-07-07 12:15 - 2018-06-15 07:10 - 001934400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-07-07 12:15 - 2018-06-15 07:10 - 001097640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-07-07 12:15 - 2018-06-15 07:10 - 000717208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2018-07-07 12:15 - 2018-06-15 07:10 - 000326024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2018-07-07 12:15 - 2018-06-15 07:09 - 007436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-07-07 12:15 - 2018-06-15 07:09 - 002830240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-07-07 12:15 - 2018-06-15 07:09 - 002546592 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2018-07-07 12:15 - 2018-06-15 07:09 - 001798552 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2018-07-07 12:15 - 2018-06-15 07:09 - 001742272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2018-07-07 12:15 - 2018-06-15 07:09 - 001659296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2018-07-07 12:15 - 2018-06-15 07:09 - 001209800 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-07-07 12:15 - 2018-06-15 07:09 - 001112600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2018-07-07 12:15 - 2018-06-15 07:09 - 000594128 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-07-07 12:15 - 2018-06-15 07:08 - 004403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-07-07 12:15 - 2018-06-15 07:08 - 002371392 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-07-07 12:15 - 2018-06-15 07:08 - 002062488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2018-07-07 12:15 - 2018-06-15 07:08 - 001946752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-07-07 12:15 - 2018-06-15 07:08 - 001921944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2018-07-07 12:15 - 2018-06-15 07:08 - 001784584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2018-07-07 12:15 - 2018-06-15 07:08 - 001457128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-07-07 12:15 - 2018-06-15 07:08 - 001288840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-07-07 12:15 - 2018-06-15 07:08 - 001258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-07-07 12:15 - 2018-06-15 07:08 - 001140568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-07-07 12:15 - 2018-06-15 07:08 - 000983008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-07-07 12:15 - 2018-06-15 07:08 - 000945568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2018-07-07 12:15 - 2018-06-15 07:08 - 000898760 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2018-07-07 12:15 - 2018-06-15 07:08 - 000604576 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-07-07 12:15 - 2018-06-15 07:08 - 000500552 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2018-07-07 12:15 - 2018-06-15 07:07 - 001611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2018-07-07 12:15 - 2018-06-15 07:07 - 001145696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2018-07-07 12:15 - 2018-06-15 07:05 - 000550608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2018-07-07 12:15 - 2018-06-15 07:05 - 000444240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2018-07-07 12:15 - 2018-06-15 07:04 - 002331576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-07-07 12:15 - 2018-06-15 07:04 - 001462824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2018-07-07 12:15 - 2018-06-15 07:04 - 001397192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2018-07-07 12:15 - 2018-06-15 07:04 - 001251736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2018-07-07 12:15 - 2018-06-15 07:04 - 000719552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2018-07-07 12:15 - 2018-06-15 07:04 - 000105376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2018-07-07 12:15 - 2018-06-15 07:03 - 006572000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-07-07 12:15 - 2018-06-15 07:03 - 006528600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2018-07-07 12:15 - 2018-06-15 07:03 - 006043600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-07-07 12:15 - 2018-06-15 07:03 - 004788504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-07-07 12:15 - 2018-06-15 07:03 - 002535032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2018-07-07 12:15 - 2018-06-15 07:03 - 002163184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2018-07-07 12:15 - 2018-06-15 07:03 - 001805752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-07-07 12:15 - 2018-06-15 07:03 - 001710240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2018-07-07 12:15 - 2018-06-15 07:03 - 001559368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-07-07 12:15 - 2018-06-15 07:03 - 001380192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2018-07-07 12:15 - 2018-06-15 07:03 - 001144120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2018-07-07 12:15 - 2018-06-15 07:03 - 001129640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-07-07 12:15 - 2018-06-15 07:03 - 001020160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2018-07-07 12:15 - 2018-06-15 07:03 - 001011968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-07-07 12:15 - 2018-06-15 07:03 - 000770152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2018-07-07 12:15 - 2018-06-15 07:03 - 000472136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2018-07-07 12:15 - 2018-06-15 07:03 - 000129192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-07-07 12:15 - 2018-06-15 06:49 - 002962944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-07-07 12:15 - 2018-06-15 06:48 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-07-07 12:15 - 2018-06-15 06:46 - 004706816 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-07-07 12:15 - 2018-06-15 06:46 - 004333568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2018-07-07 12:15 - 2018-06-15 06:46 - 001356800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2018-07-07 12:15 - 2018-06-15 06:46 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2018-07-07 12:15 - 2018-06-15 06:46 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2018-07-07 12:15 - 2018-06-15 06:45 - 002548736 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2018-07-07 12:15 - 2018-06-15 06:45 - 000992768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2018-07-07 12:15 - 2018-06-15 06:45 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2018-07-07 12:15 - 2018-06-15 06:44 - 001632256 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-07-07 12:15 - 2018-06-15 06:44 - 001342976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2018-07-07 12:15 - 2018-06-15 06:44 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2018-07-07 12:15 - 2018-06-15 06:44 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2018-07-07 12:15 - 2018-06-15 06:43 - 001114112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2018-07-07 12:15 - 2018-06-15 06:43 - 001110528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2018-07-07 12:15 - 2018-06-15 06:43 - 000675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2018-07-07 12:15 - 2018-06-15 06:43 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-07-07 12:15 - 2018-06-15 06:43 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2018-07-07 12:15 - 2018-06-15 06:42 - 003392512 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-07-07 12:15 - 2018-06-15 06:42 - 002367488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-07-07 12:15 - 2018-06-15 06:42 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2018-07-07 12:15 - 2018-06-15 06:42 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll
2018-07-07 12:15 - 2018-06-15 06:42 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2018-07-07 12:15 - 2018-06-15 06:42 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2018-07-07 12:15 - 2018-06-15 06:41 - 004561920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-07-07 12:15 - 2018-06-15 06:41 - 003320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-07-07 12:15 - 2018-06-15 06:41 - 001768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-07-07 12:15 - 2018-06-15 06:41 - 001724928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2018-07-07 12:15 - 2018-06-15 06:41 - 000811520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2018-07-07 12:15 - 2018-06-15 06:41 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-07-07 12:15 - 2018-06-15 06:41 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll
2018-07-07 12:15 - 2018-06-15 06:40 - 001550848 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-07-07 12:15 - 2018-06-15 06:40 - 001487360 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2018-07-07 12:15 - 2018-06-15 06:40 - 000827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2018-07-07 12:15 - 2018-06-15 06:40 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2018-07-07 12:15 - 2018-06-15 06:39 - 002903040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-07-07 12:15 - 2018-06-15 06:39 - 002583552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-07-07 12:15 - 2018-06-15 06:39 - 002172416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-07-07 12:15 - 2018-06-15 06:39 - 001303040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2018-07-07 12:15 - 2018-06-15 06:39 - 000916992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2018-07-07 12:15 - 2018-06-15 06:39 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-07-07 12:15 - 2018-06-15 06:39 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-07-07 12:15 - 2018-06-15 06:38 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-07-07 12:15 - 2018-06-15 06:38 - 001581568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2018-07-07 12:15 - 2018-06-15 06:38 - 001305088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2018-07-07 12:15 - 2018-06-15 06:38 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2018-07-07 12:15 - 2018-06-15 06:38 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-07-07 12:15 - 2018-06-15 06:38 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2018-07-07 12:15 - 2018-06-15 06:38 - 000910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2018-07-07 12:15 - 2018-06-15 06:38 - 000596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-07-07 12:15 - 2018-06-15 06:37 - 001374208 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-07-07 12:15 - 2018-06-15 06:37 - 001069056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2018-07-07 12:15 - 2018-06-15 06:37 - 000883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2018-07-07 12:14 - 2018-06-15 19:55 - 000542888 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
2018-07-07 12:14 - 2018-06-15 19:53 - 000348256 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-07-07 12:14 - 2018-06-15 19:53 - 000094104 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2018-07-07 12:14 - 2018-06-15 19:35 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2018-07-07 12:14 - 2018-06-15 19:34 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\DsmUserTask.exe
2018-07-07 12:14 - 2018-06-15 19:34 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfnet.dll
2018-07-07 12:14 - 2018-06-15 19:33 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2018-07-07 12:14 - 2018-06-15 19:33 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManagerAPI.dll
2018-07-07 12:14 - 2018-06-15 19:33 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2018-07-07 12:14 - 2018-06-15 19:32 - 000301568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2018-07-07 12:14 - 2018-06-15 19:32 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2018-07-07 12:14 - 2018-06-15 19:31 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2018-07-07 12:14 - 2018-06-15 19:31 - 000907776 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2018-07-07 12:14 - 2018-06-15 19:31 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-07-07 12:14 - 2018-06-15 19:29 - 002084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-07-07 12:14 - 2018-06-15 19:29 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2018-07-07 12:14 - 2018-06-15 19:29 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2018-07-07 12:14 - 2018-06-15 19:29 - 000103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSoftwareInstallationClient.dll
2018-07-07 12:14 - 2018-06-15 19:28 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpd_ci.dll
2018-07-07 12:14 - 2018-06-15 17:06 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfnet.dll
2018-07-07 12:14 - 2018-06-15 17:04 - 000851968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2018-07-07 12:14 - 2018-06-15 17:04 - 000373248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2018-07-07 12:14 - 2018-06-15 17:03 - 000831488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2018-07-07 12:14 - 2018-06-15 17:01 - 002015744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-07-07 12:14 - 2018-06-15 17:01 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2018-07-07 12:14 - 2018-06-15 09:11 - 000611232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-07-07 12:14 - 2018-06-15 09:10 - 000048544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2018-07-07 12:14 - 2018-06-15 09:03 - 000083360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2018-07-07 12:14 - 2018-06-15 07:19 - 000116632 _____ (Microsoft Corporation) C:\WINDOWS\system32\DTUHandler.exe
2018-07-07 12:14 - 2018-06-15 07:19 - 000093600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2018-07-07 12:14 - 2018-06-15 07:18 - 000228768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2018-07-07 12:14 - 2018-06-15 07:12 - 000118872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2018-07-07 12:14 - 2018-06-15 07:09 - 000247984 _____ (Microsoft Corporation) C:\WINDOWS\system32\RESAMPLEDMO.DLL
2018-07-07 12:14 - 2018-06-15 07:08 - 001150408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2018-07-07 12:14 - 2018-06-15 07:08 - 000642088 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2018-07-07 12:14 - 2018-06-15 07:08 - 000413816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2018-07-07 12:14 - 2018-06-15 07:08 - 000072768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WindowsTrustedRT.sys
2018-07-07 12:14 - 2018-06-15 07:04 - 000281080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll
2018-07-07 12:14 - 2018-06-15 07:03 - 000356960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2018-07-07 12:14 - 2018-06-15 07:03 - 000232488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RESAMPLEDMO.DLL
2018-07-07 12:14 - 2018-06-15 06:48 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Diagnostics.dll
2018-07-07 12:14 - 2018-06-15 06:47 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2018-07-07 12:14 - 2018-06-15 06:47 - 000515072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2018-07-07 12:14 - 2018-06-15 06:47 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2018-07-07 12:14 - 2018-06-15 06:46 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2018-07-07 12:14 - 2018-06-15 06:46 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2018-07-07 12:14 - 2018-06-15 06:45 - 000871424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2018-07-07 12:14 - 2018-06-15 06:45 - 000740352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2018-07-07 12:14 - 2018-06-15 06:45 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2018-07-07 12:14 - 2018-06-15 06:45 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2018-07-07 12:14 - 2018-06-15 06:45 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DTUHandlerPS.dll
2018-07-07 12:14 - 2018-06-15 06:44 - 000873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2018-07-07 12:14 - 2018-06-15 06:44 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2018-07-07 12:14 - 2018-06-15 06:44 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2018-07-07 12:14 - 2018-06-15 06:44 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2018-07-07 12:14 - 2018-06-15 06:44 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
2018-07-07 12:14 - 2018-06-15 06:43 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2018-07-07 12:14 - 2018-06-15 06:43 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-07-07 12:14 - 2018-06-15 06:43 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2018-07-07 12:14 - 2018-06-15 06:43 - 000191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VideoHandlers.dll
2018-07-07 12:14 - 2018-06-15 06:43 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2018-07-07 12:14 - 2018-06-15 06:43 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2018-07-07 12:14 - 2018-06-15 06:42 - 000978432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2018-07-07 12:14 - 2018-06-15 06:42 - 000558592 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2018-07-07 12:14 - 2018-06-15 06:42 - 000431104 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2018-07-07 12:14 - 2018-06-15 06:42 - 000319488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-07-07 12:14 - 2018-06-15 06:42 - 000273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2018-07-07 12:14 - 2018-06-15 06:42 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2018-07-07 12:14 - 2018-06-15 06:42 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2018-07-07 12:14 - 2018-06-15 06:41 - 000953856 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2018-07-07 12:14 - 2018-06-15 06:41 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-07-07 12:14 - 2018-06-15 06:41 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2018-07-07 12:14 - 2018-06-15 06:41 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2018-07-07 12:14 - 2018-06-15 06:41 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2018-07-07 12:14 - 2018-06-15 06:40 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2018-07-07 12:14 - 2018-06-15 06:36 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdrom.sys
2018-07-07 12:14 - 2018-06-01 07:18 - 000058524 _____ C:\WINDOWS\system32\srms.dat
2018-07-07 12:14 - 2018-05-20 13:53 - 000792984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-07-07 12:14 - 2018-05-20 13:52 - 000413080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-07-07 12:13 - 2018-06-24 17:40 - 000132032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2018-07-07 12:11 - 2018-06-25 19:25 - 040346984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2018-07-07 12:11 - 2018-06-25 19:25 - 035250256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2018-07-07 12:11 - 2018-06-25 19:25 - 031244248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2018-07-07 12:11 - 2018-06-25 19:25 - 013728120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2018-07-07 12:11 - 2018-06-25 19:25 - 011273632 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2018-07-07 12:11 - 2018-06-25 19:25 - 004350040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2018-07-07 12:11 - 2018-06-25 19:25 - 003760672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2018-07-07 12:11 - 2018-06-25 19:25 - 002013784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6439836.dll
2018-07-07 12:11 - 2018-06-25 19:25 - 001563392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2018-07-07 12:11 - 2018-06-25 19:25 - 001468448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6439836.dll
2018-07-07 12:11 - 2018-06-25 19:25 - 001419200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2018-07-07 12:11 - 2018-06-25 19:25 - 001216872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2018-07-07 12:11 - 2018-06-25 19:25 - 001092360 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2018-07-07 12:11 - 2018-06-25 19:25 - 000749472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2018-07-07 12:11 - 2018-06-25 19:25 - 000626616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2018-07-07 12:11 - 2018-06-25 19:25 - 000608512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2018-07-07 12:11 - 2018-06-25 19:25 - 000518208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2018-07-07 12:11 - 2018-06-25 19:24 - 025961336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2018-07-07 12:11 - 2018-06-25 19:24 - 017750344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2018-07-07 12:11 - 2018-06-25 19:24 - 015165008 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2018-07-07 12:11 - 2018-06-25 19:24 - 004126128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2018-07-07 12:11 - 2018-06-25 19:24 - 001356816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2018-07-07 12:11 - 2018-06-25 19:24 - 001347664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2018-07-07 12:11 - 2018-06-25 19:24 - 001157392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2018-07-07 12:11 - 2018-06-25 19:24 - 001069416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2018-07-07 12:11 - 2018-06-25 19:24 - 001063216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2018-07-07 12:11 - 2018-06-25 19:24 - 000904720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2018-07-07 12:11 - 2018-06-25 19:24 - 000814616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2018-07-07 12:11 - 2018-06-25 19:24 - 000652344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2018-07-07 12:11 - 2018-06-25 19:24 - 000634760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2018-07-07 11:54 - 2018-07-07 11:54 - 000002334 _____ C:\Users\Utente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Virtua Tennis 4™.lnk
2018-07-05 11:05 - 2018-07-05 11:06 - 000000000 ____D C:\Users\Utente\AppData\Local\Checkpoint
2018-07-05 10:56 - 2018-07-19 16:21 - 000000000 ____D C:\Program Files (x86)\CheckPoint
2018-07-05 02:01 - 2018-07-05 02:34 - 335834392 _____ C:\Users\Utente\Downloads\Check_Point_SmartConsole_R77.30.03_E80.70.exe
2018-07-05 01:51 - 2018-07-05 01:51 - 000000865 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-07-05 01:48 - 2018-07-05 01:50 - 015989160 _____ (Piriform Ltd) C:\Users\Utente\Downloads\ccsetup544.exe
2018-07-05 01:45 - 2018-07-05 01:45 - 000000014 _____ C:\Users\Utente\Desktop\WIFILI.txt
2018-07-04 18:18 - 2018-07-04 18:18 - 000002038 _____ C:\Users\Utente\Desktop\888poker.it.lnk
2018-07-04 13:15 - 2018-07-11 15:27 - 000679943 _____ C:\Users\Utente\Desktop\CONTINUATION BET by ElSamareno.odt
2018-06-29 20:58 - 2018-06-29 20:58 - 000000000 ____D C:\Users\Utente\.QtWebEngineProcess
2018-06-29 20:58 - 2018-06-29 20:58 - 000000000 ____D C:\Users\Utente\.PokerClient
2018-06-29 12:57 - 2018-06-29 12:57 - 000000000 ___HD C:\SandBlastBackup
2018-06-24 23:21 - 2018-06-24 23:21 - 000296448 _____ (PortableAppZ.blogspot.com) C:\Users\Utente\Downloads\Unlocker_Portable_1.9.2_32-64_Multilingual.exe
2018-06-24 13:48 - 2018-06-24 13:48 - 000000000 ____D C:\Users\Utente\Documents\Virtua Tennis 4
2018-06-24 13:47 - 2018-06-24 13:47 - 000000000 ____D C:\Users\Utente\Documents\Games for Windows - LIVE Demos
2018-06-24 13:44 - 2018-06-24 13:44 - 000000000 ____D C:\Program Files (x86)\Sega
2018-06-23 18:26 - 2018-06-23 18:26 - 000000000 ____H C:\Users\Utente\Downloads\.getxfer.3128.0.mega
2018-06-22 14:11 - 2018-06-22 14:11 - 000000000 ____D C:\Users\Utente\AppData\Local\Rockstar Games
2018-06-20 12:31 - 2018-07-19 04:21 - 000000000 ____D C:\ProgramData\Packages

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-07-19 17:19 - 2018-02-13 18:07 - 000000000 ____D C:\Users\Utente\Documents\888poker.it
2018-07-19 17:17 - 2018-03-31 14:09 - 000000000 ____D C:\Users\Utente\AppData\Local\ClassicShell
2018-07-19 17:13 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-07-19 16:42 - 2018-05-21 22:52 - 000000000 ____D C:\Users\Utente\AppData\Roaming\Telegram Desktop
2018-07-19 16:40 - 2017-04-23 20:31 - 000000000 ____D C:\ProgramData\NVIDIA
2018-07-19 16:35 - 2018-05-17 12:09 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-07-19 16:34 - 2018-04-11 23:04 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2018-07-19 16:32 - 2018-04-09 17:06 - 000000000 ____D C:\AdwCleaner
2018-07-19 16:28 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-07-19 16:20 - 2018-02-13 23:57 - 000000000 ____D C:\Users\Utente\AppData\Local\Free Download Manager
2018-07-19 16:18 - 2017-04-23 20:39 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-07-19 16:14 - 2018-03-31 18:08 - 000000008 __RSH C:\ProgramData\ntuser.pol
2018-07-19 15:30 - 2018-05-17 11:42 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-07-19 15:30 - 2018-02-24 16:52 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-07-19 15:04 - 2018-02-13 15:40 - 000000000 ____D C:\Users\Utente\AppData\LocalLow\Mozilla
2018-07-19 13:24 - 2018-02-13 19:19 - 000000000 ____D C:\Users\Utente\AppData\Local\CrashDumps
2018-07-19 13:01 - 2018-05-17 12:09 - 000003378 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-415792782-2538413634-1540922066-1001
2018-07-19 13:01 - 2018-05-17 11:47 - 000002414 _____ C:\Users\Utente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-07-19 13:01 - 2018-01-11 18:52 - 000000000 ___RD C:\Users\Utente\OneDrive
2018-07-19 12:58 - 2018-05-17 12:09 - 000003550 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2018-07-19 12:58 - 2018-05-17 12:09 - 000003540 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2018-07-19 12:54 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-07-19 04:22 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-07-19 02:42 - 2018-02-14 00:52 - 000000000 ____D C:\Users\Utente\AppData\Roaming\vlc
2018-07-19 02:37 - 2018-02-13 19:13 - 000000000 ____D C:\Users\Utente\AppData\Local\PokerStars.IT
2018-07-18 23:22 - 2018-02-14 14:27 - 000000000 ____D C:\Users\Utente\AppData\Roaming\WhatsApp
2018-07-18 15:51 - 2018-05-08 13:26 - 000000000 ____D C:\Users\Utente\Desktop\TEMP
2018-07-18 15:29 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2018-07-18 13:52 - 2018-05-17 12:09 - 000004210 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-07-18 12:45 - 2018-05-17 11:41 - 000527440 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-07-17 17:10 - 2018-02-22 02:21 - 000000000 ____D C:\Users\Utente\AppData\Roaming\obs-studio
2018-07-17 12:38 - 2018-03-14 13:47 - 000563832 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-07-17 01:00 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-07-15 16:41 - 2018-05-17 11:47 - 000000000 ____D C:\Users\Utente
2018-07-15 16:40 - 2017-04-23 20:29 - 000000000 ____D C:\ProgramData\Package Cache
2018-07-15 16:32 - 2018-02-14 18:39 - 000000000 ____D C:\Users\Utente\Downloads\poker
2018-07-15 14:54 - 2018-02-13 21:33 - 000000000 ____D C:\Users\Utente\Downloads\kodi
2018-07-15 12:18 - 2018-02-14 16:43 - 000000000 ____D C:\Users\Utente\AppData\Local\Adobe
2018-07-15 12:15 - 2018-05-17 12:09 - 000004738 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-07-15 12:15 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-07-15 12:15 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-07-15 01:29 - 2018-05-21 01:22 - 003584000 _____ C:\Users\Utente\NTUSER.rhk
2018-07-15 01:28 - 2018-06-18 20:58 - 000000000 ____D C:\Users\Utente\AppData\Roaming\WiseUpdate
2018-07-14 23:34 - 2018-06-02 13:19 - 000000000 ____D C:\Users\Utente\AppData\Roaming\NewGioco.it
2018-07-14 15:19 - 2018-02-14 14:27 - 000000000 ____D C:\Users\Utente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2018-07-14 15:19 - 2018-02-14 14:27 - 000000000 ____D C:\Users\Utente\AppData\Local\WhatsApp
2018-07-14 15:14 - 2018-02-14 14:27 - 000000000 ____D C:\Users\Utente\AppData\Local\SquirrelTemp
2018-07-13 23:48 - 2018-02-16 14:03 - 000000000 ____D C:\ProgramData\ProductData
2018-07-13 19:36 - 2018-04-07 00:38 - 000000000 ____D C:\Users\Utente\AppData\Local\PokerClient
2018-07-13 19:15 - 2018-04-07 00:37 - 000000000 ____D C:\Users\Utente\AppData\Local\Betclic Poker.it
2018-07-13 14:25 - 2018-02-17 12:45 - 000000000 ____D C:\Users\Utente\AppData\Local\Equilab
2018-07-12 23:58 - 2018-04-11 01:31 - 000000000 ____D C:\Program Files (x86)\Steam
2018-07-12 23:46 - 2018-06-01 01:11 - 000000000 ____D C:\Users\Utente\Downloads\Telegram Desktop
2018-07-12 12:06 - 2018-05-17 12:00 - 001751752 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-07-12 12:06 - 2018-04-12 18:25 - 000778096 _____ C:\WINDOWS\system32\perfh010.dat
2018-07-12 12:06 - 2018-04-12 18:25 - 000145658 _____ C:\WINDOWS\system32\perfc010.dat
2018-07-12 11:59 - 2018-02-13 22:50 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2018-07-12 11:59 - 2018-02-13 15:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-07-12 05:07 - 2018-04-12 18:29 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2018-07-12 05:07 - 2018-04-12 18:29 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2018-07-12 05:07 - 2018-04-12 18:29 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2018-07-12 05:07 - 2018-04-12 18:29 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2018-07-12 05:07 - 2018-04-12 18:29 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2018-07-12 05:07 - 2018-04-12 18:29 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2018-07-12 05:07 - 2018-04-12 18:29 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2018-07-12 05:07 - 2018-04-12 18:29 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2018-07-12 05:07 - 2018-04-12 18:29 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2018-07-12 05:07 - 2018-04-12 18:29 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2018-07-12 05:07 - 2018-04-12 18:29 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2018-07-12 05:07 - 2018-04-12 18:29 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2018-07-12 05:07 - 2018-04-12 18:29 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2018-07-12 05:07 - 2018-04-12 18:29 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2018-07-12 05:07 - 2018-04-12 18:29 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2018-07-12 05:07 - 2018-04-12 18:29 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2018-07-12 05:07 - 2018-04-12 18:29 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2018-07-12 05:07 - 2018-04-12 18:29 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2018-07-12 05:07 - 2018-04-12 18:29 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2018-07-12 05:07 - 2018-04-12 18:29 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2018-07-12 05:07 - 2018-04-12 18:29 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2018-07-12 05:07 - 2018-04-12 18:29 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2018-07-12 05:07 - 2018-04-12 18:29 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2018-07-12 05:07 - 2018-04-12 18:29 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2018-07-12 05:07 - 2018-04-12 18:29 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2018-07-12 05:07 - 2018-04-12 18:29 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2018-07-12 05:07 - 2018-04-12 18:29 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2018-07-12 05:07 - 2018-04-12 18:29 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2018-07-12 05:07 - 2018-04-12 18:29 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2018-07-12 05:07 - 2018-04-12 18:29 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2018-07-12 05:07 - 2018-04-12 18:29 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2018-07-12 05:07 - 2018-04-12 18:29 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2018-07-12 05:07 - 2018-04-12 18:29 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2018-07-12 05:07 - 2018-04-12 18:29 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2018-07-12 05:07 - 2018-04-12 18:29 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2018-07-12 05:07 - 2018-04-12 18:29 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2018-07-12 05:07 - 2018-04-12 18:29 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2018-07-12 05:07 - 2018-04-12 18:29 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2018-07-12 05:07 - 2018-04-12 18:29 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2018-07-12 05:07 - 2018-04-12 18:29 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2018-07-12 05:07 - 2018-04-12 18:29 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2018-07-12 05:07 - 2018-04-12 18:29 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2018-07-12 05:07 - 2018-04-12 18:29 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2018-07-12 05:07 - 2018-04-12 18:29 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2018-07-12 05:07 - 2018-04-12 01:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-07-12 05:07 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-07-12 05:07 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-07-12 05:07 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-07-11 16:15 - 2018-05-17 12:09 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2018-07-11 16:14 - 2018-04-07 12:04 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-07-11 12:56 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-07-11 12:56 - 2018-02-13 16:44 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-07-11 12:54 - 2018-02-13 16:43 - 134675576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-07-10 21:11 - 2018-05-18 03:42 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2018-07-10 13:32 - 2018-05-25 12:15 - 000000000 ____D C:\Users\Utente\AppData\Local\Deployment
2018-07-10 00:25 - 2018-03-20 15:03 - 000000000 ___RD C:\Users\Utente\Desktop\Games
2018-07-09 20:54 - 2018-01-11 18:49 - 000000000 ____D C:\Users\Utente\AppData\Local\NVIDIA
2018-07-08 17:07 - 2018-02-16 18:16 - 000000000 ___RD C:\Users\Utente\Desktop\POKER
2018-07-07 13:13 - 2018-02-15 17:27 - 000000000 ____D C:\Users\Utente\AppData\Local\ElevatedDiagnostics
2018-07-07 12:44 - 2018-02-16 20:50 - 000000000 ___RD C:\Users\Utente\3D Objects
2018-07-07 12:44 - 2017-04-23 20:25 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-07-07 12:38 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2018-07-07 12:14 - 2017-04-23 20:31 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-07-07 12:13 - 2018-05-31 11:56 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-07-05 16:29 - 2018-06-13 19:02 - 000000000 _____ C:\Users\Utente\Desktop\Nuovo documento di testo (3).txt
2018-07-05 16:21 - 2018-02-16 20:31 - 000000000 ____D C:\Users\Utente\AppData\Local\Packages
2018-07-05 16:17 - 2018-04-12 01:38 - 000000000 ___RD C:\WINDOWS\PrintDialog
2018-07-05 16:04 - 2018-02-16 21:10 - 000000000 ____D C:\Users\Utente\AppData\Local\PlaceholderTileLogoFolder
2018-07-05 01:49 - 2018-03-14 13:56 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-07-04 18:18 - 2018-05-23 19:59 - 000002062 _____ C:\Users\Utente\AppData\Roaming\Microsoft\Windows\Start Menu\888poker.it.lnk
2018-07-04 18:18 - 2018-02-13 18:06 - 000000000 ____D C:\Users\Utente\AppData\Roaming\InstallShield Installation Information
2018-07-04 18:18 - 2018-02-13 18:06 - 000000000 ____D C:\Users\Utente\AppData\Roaming\888poker.it
2018-07-04 18:17 - 2018-02-13 18:06 - 000000000 ____D C:\Users\Utente\AppData\Local\Downloaded Installations
2018-06-29 12:26 - 2018-04-06 16:29 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2018-06-29 03:13 - 2018-04-12 01:41 - 000835064 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-06-29 03:13 - 2018-04-12 01:41 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-06-29 00:52 - 2018-02-16 14:33 - 000000000 ____D C:\Users\Utente\AppData\Local\Arma 3
2018-06-29 00:49 - 2018-06-17 11:56 - 000000000 ____D C:\Users\Utente\AppData\Roaming\Tropico 5
2018-06-28 01:24 - 2018-05-17 12:22 - 000000000 ____D C:\Users\Utente\AppData\Local\D3DSCache
2018-06-27 14:11 - 2018-02-13 19:41 - 000000000 ____D C:\Users\Utente\AppData\Roaming\Kodi
2018-06-27 12:10 - 2018-02-13 16:59 - 000131288 _____ (Microsoft Corporation) C:\WINDOWS\system32\osrss.dll
2018-06-26 15:05 - 2018-03-29 15:35 - 000000000 ____D C:\Users\Utente\AppData\Roaming\VMware
2018-06-26 15:05 - 2018-03-29 15:35 - 000000000 ____D C:\Users\Utente\AppData\Local\VMware
2018-06-26 14:57 - 2018-03-26 01:26 - 000000000 ____D C:\Users\Utente\Downloads\HACK
2018-06-26 14:55 - 2018-03-29 15:41 - 000000000 ____D C:\Users\Utente\Documents\Virtual Machines
2018-06-26 14:15 - 2018-06-11 12:29 - 000000000 ____D C:\Users\Utente\Documents\My Kindle Content
2018-06-25 22:27 - 2018-02-13 23:19 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-06-25 19:24 - 2018-04-27 15:11 - 004856232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2018-06-24 19:27 - 2018-04-27 15:11 - 000044271 _____ C:\WINDOWS\system32\nvinfo.pb
2018-06-24 17:39 - 2018-05-29 10:53 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2018-06-24 17:31 - 2017-04-23 20:31 - 005947520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2018-06-24 17:31 - 2017-04-23 20:31 - 002612624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2018-06-24 17:31 - 2017-04-23 20:31 - 001767360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2018-06-24 17:31 - 2017-04-23 20:31 - 000633792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2018-06-24 17:31 - 2017-04-23 20:31 - 000451144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2018-06-24 17:31 - 2017-04-23 20:31 - 000124200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2018-06-24 17:31 - 2017-04-23 20:31 - 000083424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2018-06-24 11:33 - 2018-02-16 02:25 - 000000000 ____D C:\Games
2018-06-23 02:34 - 2018-04-09 16:37 - 000000000 ____D C:\ProgramData\Steam
2018-06-22 16:03 - 2018-03-11 03:48 - 000000000 ____D C:\Users\Utente\AppData\Roaming\Notepad++
2018-06-21 20:45 - 2016-11-11 10:17 - 000000000 ____D C:\Program Files (x86)\ASUS
2018-06-21 14:55 - 2018-02-25 14:54 - 000000000 ___RD C:\Users\Utente\Desktop\PROGRAMMI
2018-06-20 12:52 - 2017-04-23 20:31 - 008207422 _____ C:\WINDOWS\system32\nvcoproc.bin

==================== Files in the root of some directories =======

2016-11-14 12:22 - 2016-11-14 12:22 - 214460643 _____ () C:\Program Files (x86)\GTAVRepackpatchFIX.exe
2013-10-13 06:47 - 2013-10-13 06:47 - 000000732 _____ () C:\Program Files (x86)\visit-www.nosteam.ro.html
2018-02-28 16:15 - 2018-02-28 16:09 - 000127505 _____ () C:\Users\Utente\AppData\Roaming\Properties.xml
2018-03-24 04:45 - 2018-03-24 04:45 - 000007622 _____ () C:\Users\Utente\AppData\Local\Resmon.ResmonCfg

Some files in TEMP:
====================
2018-07-18 12:47 - 2018-04-12 01:35 - 000607840 _____ (Microsoft Corporation) C:\Users\Utente\AppData\Local\Temp\kernel32.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-17 11:41

==================== End of FRST.txt ============================

Risultato addition.txt
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15.07.2018
Ran by Utente (19-07-2018 17:20:33)
Running from C:\Users\Utente\Desktop
Windows 10 Home Version 1803 17134.165 (X64) (2018-05-17 10:10:44)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-415792782-2538413634-1540922066-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-415792782-2538413634-1540922066-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-415792782-2538413634-1540922066-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-415792782-2538413634-1540922066-501 - Limited - Disabled)
Utente (S-1-5-21-415792782-2538413634-1540922066-1001 - Administrator - Enabled) => C:\Users\Utente
WDAGUtilityAccount (S-1-5-21-415792782-2538413634-1540922066-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

888poker.it (HKLM-x32\...\{56F489BD-F066-4562-9AA1-5DD8371E8838}) (Version: 7.7.00010 - 888) Hidden
888poker.it (HKU\S-1-5-21-415792782-2538413634-1540922066-1001\...\InstallShield_{56F489BD-F066-4562-9AA1-5DD8371E8838}) (Version: 7.7.00010 - 888)
Adobe Acrobat Reader DC - Italiano (HKLM-x32\...\{AC76BA86-7AD7-1040-7B44-AC0F074E4100}) (Version: 18.011.20055 - Adobe Systems Incorporated)
Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.134 - Adobe Systems Incorporated)
Aggiornamenti NVIDIA 31.2.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.2.0.0 - NVIDIA Corporation) Hidden
Amazon Kindle (HKU\S-1-5-21-415792782-2538413634-1540922066-1001\...\Amazon Kindle) (Version: 1.23.1.50133 - Amazon)
AOMEI Partition Assistant Standard Edition 6.6 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version: - AOMEI Technology Co., Ltd.)
Arma 3 Tac-Ops Mission Pack (HKLM-x32\...\Arma 3 Tac-Ops Mission Pack_is1) (Version: - )
ArtMoney PRO v7.43.1 (HKLM-x32\...\ArtMoney PRO_is1) (Version: 7.43 - System SoftLab)
Assetto Corsa Ready to Race (HKLM\...\YXNzZXR0b2NvcnNh_is1) (Version: 1 - )
Assistente aggiornamento Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22391 - Microsoft Corporation)
ASUS Device Activation (HKLM-x32\...\{9C4B0706-9F9A-47BF-B417-0A111FC52B04}) (Version: 1.0.4.0 - ASUSTeK COMPUTER INC.)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.3 - ASUS)
Audacity 2.2.2 (HKLM-x32\...\Audacity_is1) (Version: 2.2.2 - Audacity Team)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.3.28 - ICEpower a/s)
Betclic Poker.it (HKU\S-1-5-21-415792782-2538413634-1540922066-1001\...\BetClic Poker) (Version: 1.1.1.37 - Betclic Poker.it)
CCleaner (HKLM\...\CCleaner) (Version: 5.44 - Piriform)
Check Point SBA (HKLM\...\{71F9D147-CC8F-4A64-AA7A-E878366A8319}) (Version: 86.4.2011 - Check Point Software Technologies Ltd.) Hidden
Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
CPUID HWMonitor Pro 1.32 (HKLM\...\CPUID HWMonitorPro_is1) (Version: 1.32 - CPUID, Inc.)
DaVinci Resolve (HKLM\...\{453E29B5-5119-4064-A34C-12B9FE06E965}) (Version: 14.3.0014 - Blackmagic Design)
DaVinci Resolve Panels (HKLM\...\{332552D0-B8EE-49BF-B904-E038A72BD2B2}) (Version: 1.1.2.0 - Blackmagic Design)
Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.2.5 - ASUSTek COMPUTER INC.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 398.36 - NVIDIA Corporation) Hidden
eMule (HKLM-x32\...\eMule) (Version: - )
EPUB Converter 12.3.6 (HKLM-x32\...\{13EF34D5-9C31-4751-9EFB-A44B7C38FBFA}) (Version: 12.3.6 - AniceSoft)
Free Download Manager (HKLM\...\{43781dff-e0df-49ce-a6d2-47da96a485e7}}_is1) (Version: 5.1.37.7258 - FreeDownloadManager.ORG)
Ghost Recon: Wildlands (HKLM-x32\...\Ghost Recon: Wildlands_is1) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.99 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
GXTool (HKLM-x32\...\93D383D2-DFB3-46F1-8A08-AA6113AB39DE) (Version: 1.0 - Trust International BV)
HoldemResources Calculator (HKLM-x32\...\HoldemResources Calculator) (Version: release - HoldemResources)
Icmizer (HKU\S-1-5-21-415792782-2538413634-1540922066-1001\...\bcfaecc00feb2640) (Version: 2.12.7.0 - Valentin Kuzub)
iFree Skype Recorder 7.0.23 (HKLM-x32\...\iFree Skype Recorder) (Version: 7.0.23 - iFree Skype Recorder)
Intel(R) Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1035 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1633.3 - Intel Corporation)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 7.4.0.8 - IObit)
Kodi (HKU\S-1-5-21-415792782-2538413634-1540922066-1001\...\Kodi) (Version: - XBMC-Foundation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Malwarebytes versione 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft OneDrive (HKU\S-1-5-21-415792782-2538413634-1540922066-1001\...\OneDriveSetup.exe) (Version: 18.111.0603.0006 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
MiniTool Partition Wizard Free 10.2.3 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.)
MotoGP 18 (HKLM-x32\...\MotoGP 18_is1) (Version: - )
Motorsport Manager - Challenge Pack (HKLM-x32\...\Motorsport Manager - Challenge Pack_is1) (Version: - )
Mozilla Firefox 60.0 (x64 en-US) (HKLM\...\Mozilla Firefox 60.0 (x64 en-US)) (Version: 60.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 58.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.6.0 - Mozilla)
Mozilla Thunderbird 52.9.1 (x86 it) (HKLM-x32\...\Mozilla Thunderbird 52.9.1 (x86 it)) (Version: 52.9.1 - Mozilla)
Nero BurningROM 2018 (HKLM-x32\...\{1E053FAF-91B8-431B-91D3-ABC34C081A46}) (Version: 19.0.00800 - Nero AG)
Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 19.0.1003 - Nero AG)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.5.6 - Notepad++ Team)
NVIDIA Driver 3D Vision 398.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 398.36 - NVIDIA Corporation)
NVIDIA Driver audio HD 1.3.37.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.37.4 - NVIDIA Corporation)
NVIDIA Driver del controller 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Driver grafico 398.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 398.36 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.14.0.139 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.14.0.139 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 21.0.1 - OBS Project)
OpenOffice 4.1.5 (HKLM-x32\...\{C1B85CE8-AE3A-4F45-8C91-3C16542EA154}) (Version: 4.15.9789 - Apache Software Foundation)
Oracle VM VirtualBox 5.2.8 (HKLM\...\{610D3D1E-1A10-4623-8DC3-2569187C8669}) (Version: 5.2.8 - Oracle Corporation)
Pannello di controllo NVIDIA 398.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 398.36 - NVIDIA Corporation) Hidden
Paragon Hard Disk Manager™ 16 Basic (HKLM\...\{E3DDD65A-480C-418C-8A1F-4BBEDCCBC04F}) (Version: 10.11.4.2509 - Paragon Software) Hidden
Paragon Hard Disk Manager™ 16 Basic (HKLM-x32\...\{c0470b9f-7620-47ad-a868-2fc85b838197}) (Version: 10.11.4.2509 - Paragon Software GmbH)
Paragon UIM (HKLM\...\{0892CBDA-F375-4B13-B4C5-9153F4F7940F}) (Version: 24.5.0.231 - Paragon Software) Hidden
PC Sleep (HKLM-x32\...\{11BD0F20-27DC-4584-AD10-9E99F32F8501}) (Version: 2.2.0 - www.pc-sleep.com)
PokerStars.it (HKLM-x32\...\PokerStars.it) (Version: - PokerStars.it)
PokerStrategy.com Equilab (HKLM-x32\...\{86D09F48-CDAB-4B4C-8806-F6C16F17935A}) (Version: 1.2.8.0 - PokerStrategy.com)
PokerTracker 4 (remove only) (HKLM-x32\...\PokerTracker4) (Version: - )
PostgreSQL 9.3 (HKLM\...\PostgreSQL 9.3) (Version: 9.3 - PostgreSQL Global Development Group)
PP HotKeys 1.2.4.2 (HKLM-x32\...\PP HotKeys_is1) (Version: 1.2.4.2 - ezio2000)
Prerequisite installer (HKLM-x32\...\{AD240F1A-3102-492E-B657-17969A9D5E9A}) (Version: 19.0.0004 - Nero AG) Hidden
Pro Evolution Soccer 2018 (HKLM-x32\...\{9C9C432B-A926-42D1-B16D-6C566431AC59}_is1) (Version: - Konami)
ProPokerHUDs HUD Resources Pack (HKU\S-1-5-21-415792782-2538413634-1540922066-1001\...\ProPokerHUDs HUD Resources Pack) (Version: 1.0 - ProPokerHUDs)
Qualcomm Atheros 11ac Wireless LAN&Bluetooth Installer (HKLM-x32\...\{3241744A-BA36-41F0-B4AA-EF3946D00632}) (Version: 11.0.0.10388 - Qualcomm Atheros)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.10.714.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7968 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver and Utility (HKLM-x32\...\{9C049509-055C-4CFF-A116-1D12312225EB}) (Version: 1.00.0285 - REALTEK Semiconductor Corp.)
Registry Trash Keys Finder (Freeware) (HKLM-x32\...\Registry Trash Keys Finder) (Version: 3.9.4.0 - SNC)
Reset Windows Update Tool (HKLM\...\Reset Windows Update Tool11.0.0.6) (Version: 11.0.0.6 - Manuel Gil)
Snai Poker (HKU\S-1-5-21-415792782-2538413634-1540922066-1001\...\Snai Poker) (Version: 1.1.1.33 - Snai Poker)
Speccy (HKLM\...\Speccy) (Version: 1.31 - Piriform)
StarsHelper (HKLM-x32\...\StarsHelper) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Strumento di download in USB/DVD per Windows 7 (HKLM-x32\...\{98012472-1B1A-4622-996F-D6ABA29D34BC}) (Version: 1.0.30 - Microsoft Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.8 - TeamSpeak Systems GmbH)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.1.1548 - TeamViewer)
Telegram Desktop version 1.3.10 (HKU\S-1-5-21-415792782-2538413634-1540922066-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.3.10 - Telegram Messenger LLP)
Twitch (HKU\S-1-5-21-415792782-2538413634-1540922066-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9C4F3AF4-21D8-43BD-A69C-517BB96012CF}) (Version: 2.12.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM-x32\...\{F35DD4F5-1F85-43CD-AC7A-FE54CA7EABA2}) (Version: 1.10.0.0 - Microsoft Corporation) Hidden
Virtua Tennis 4™ (HKLM-x32\...\{53450FA2-E900-456E-9715-501000008200}) (Version: 1.0.0000.130 - SEGA) Hidden
Virtua Tennis 4™ (HKLM-x32\...\GFWL_{53450FA2-E900-456E-9715-501000008200}) (Version: 1.0.0000.130 - SEGA)
VirtualDJ 8 (HKLM-x32\...\{E1962904-0960-42F6-9072-3EC7D66A5495}) (Version: 8.2.3994.0 - Atomix Productions)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.3 - VideoLAN)
VMware Player (HKLM\...\{2068E4B9-5A6D-41E3-8B50-CC2ECD49309B}) (Version: 14.1.1 - VMware, Inc.)
WhatsApp (HKU\S-1-5-21-415792782-2538413634-1540922066-1001\...\WhatsApp) (Version: 0.3.33 - WhatsApp)
Win32DiskImager version 1.0.0 (HKLM-x32\...\{3DFFA293-DF2C-4B23-92E5-3433BDC310E1}}_is1) (Version: 1.0.0 - ImageWriter Developers)
WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 4.1 - Sysprogs)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.2.9.0 - ASUSTeK COMPUTER INC.)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Wise Game Booster 1.39 (HKLM-x32\...\Wise Game Booster_is1) (Version: 1.39 - WiseCleaner.com, Inc.)
Wise Registry Cleaner 9.64 (HKLM-x32\...\Wise Registry Cleaner_is1) (Version: 9.64 - WiseCleaner.com, Inc.)
Wondershare Helper Compact 2.5.3 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.3 - Wondershare)
Wondershare MobileGo(Version 8.2.3) (HKLM-x32\...\{1E04C795-7359-4E05-8A0E-5644F777AA09}_is1) (Version: 8.2.3 - Wondershare)
Wondershare Video Converter Ultimate(Build 10.1.4.146) (HKLM-x32\...\Video Converter Ultimate_is1) (Version: 10.1.4.146 - Wondershare Software)
ZoneAlarm Firewall (HKLM-x32\...\{8EBC1C58-53F5-4338-BDE4-642C199CC948}) (Version: 15.2.053.17581 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Security (HKLM-x32\...\{B4C419B7-534C-46AA-A7CB-7C9A6867D7A5}) (Version: 15.2.053.17581 - Check Point Software Technologies Ltd.) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Utente\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Utente\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Utente\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Utente\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Utente\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Utente\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (IvoSoft)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2018-03-19] ()
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2018-01-25] (IObit)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Utente\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers1: [WinCDEmu] -> {D0E37FD2-F675-426F-B09A-2CF37BA46FD5} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-26] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-26] (Alexander Roshal)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Utente\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers2-x32: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => C:\Program Files (x86)\VMware\VMware Player\vmdkShellExt.dll [2018-01-08] (VMware, Inc.)
ContextMenuHandlers2-x32: [VMDiskMenuHandler64] -> {E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => C:\Program Files (x86)\VMware\VMware Player\x64\vmdkShellExt64.dll [2018-01-08] (VMware, Inc.)
ContextMenuHandlers2-x32: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Utente\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2018-01-25] (IObit)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Utente\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-06-24] (NVIDIA Corporation)
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2018-01-25] (IObit)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\System32\StartMenuHelper64.dll [2017-08-13] (IvoSoft)
ContextMenuHandlers6: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-26] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-26] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03B0BE2E-FCFF-4416-A56E-C62BADC0720F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-13] (Google Inc.)
Task: {1B6A7391-5EDD-4371-83D5-E575F4B7AC7E} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-06-08] (AVAST Software)
Task: {1F707114-1037-4DBB-ACD8-97654D42D97D} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {2E4B7987-70A0-4F31-B969-6EAE32921F48} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-05-20] (NVIDIA Corporation)
Task: {2EEA4828-C57A-44EB-83A0-7419C9299B7C} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-20] (NVIDIA Corporation)
Task: {3E0497FE-B79D-40B0-9EEA-43BC29E5CF15} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-05-20] (NVIDIA Corporation)
Task: {5170AAD7-1B8D-45F1-B842-21AFB6C4648D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-05-20] (NVIDIA Corporation)
Task: {54CD2E4E-70EE-44EF-B0ED-63D506D227F7} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-20] (NVIDIA Corporation)
Task: {5EE08B53-5F87-4A5E-86DF-72BD5B745C05} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2016-07-07] (ASUSTek COMPUTER INC.)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {68D50BED-44BE-4C52-A7E5-126CEEB81C89} - \FreeDownloadManagerNetworkMonitor -> No File <==== ATTENTION
Task: {6EA8B5D2-BE53-4771-AD69-8DC39E77CF2D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-06-24] (Piriform Ltd)
Task: {6F41E381-15FF-484B-8D22-3871FB53A102} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_134_Plugin.exe [2018-07-15] (Adobe Systems Incorporated)
Task: {74642F70-8AA5-42E9-BCB4-B8E513D6AD80} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated)
Task: {78818A57-7ED1-4324-94E8-7D86CD48561D} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-05-20] (NVIDIA Corporation)
Task: {79F0B55E-EE36-4EDF-B98B-15A1B2273FB7} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {7E09B21D-26D7-4C24-B94D-4BA97273BB1D} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-415792782-2538413634-1540922066-1001 => C:\Users\Utente\AppData\Local\MEGAsync\MEGAupdater.exe [2018-01-15] (Mega Limited)
Task: {A1F1DBE4-1A7E-4B69-9E00-C98698CF5E55} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2017-08-10] (Nero AG)
Task: {A3B35714-FE58-4DEA-974D-ED59729F7F56} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-07-05] (Microsoft Corporation)
Task: {B0210B18-02D6-40B6-8E77-7F7D506F9A39} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-13] (Google Inc.)
Task: {B0290FB6-3627-468E-B260-2F6428E0283D} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-05-20] (NVIDIA Corporation)
Task: {B06389D9-4EE1-492D-BA8B-E3EEC2BFD08D} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-05-20] (NVIDIA Corporation)
Task: {B1088BA1-3101-46E6-A140-59CC4BC9FA38} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-07-26] (Intel(R) Corporation)
Task: {B45408D8-A4E3-4459-8E27-A2BA2B4E5272} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-07-05] (Microsoft Corporation)
Task: {B5E26DD2-D4B0-4B01-AF28-8E35BA9E4699} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-20] (NVIDIA Corporation)
Task: {CE626ACD-F1F8-4532-8F77-46147E5E3C7E} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-20] (NVIDIA Corporation)
Task: {D06AE8FE-CFB0-488D-A167-D830727EF2D6} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {D55C76AD-B939-4D4B-AC13-C1879B3A99B1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-05-20] (NVIDIA Corporation)
Task: {E223B12B-CB1F-4C24-BFCC-78F78D2587BE} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-06-24] (Piriform Ltd)
Task: {E2467780-3C37-4EF6-A8D8-A87DEEA49731} - System32\Tasks\WiseCleaner\WRCSkipUAC => C:\Program Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe [2018-06-22] (WiseCleaner.com)
Task: {E39B04FB-3166-494E-B519-06F60D7B1BBC} - System32\Tasks\WpsExternal_20161111081738 => C:\Program Files (x86)\Kingsoft\WPS Office\ksolaunch.exe
Task: {E3DB0D44-5C31-4CE0-8CF8-06180AC026FC} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {E4A91E78-8D21-4927-A1C7-6B3C1DCA4F52} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-07-05] (Microsoft Corporation)
Task: {E905CAD6-1ED8-4F15-AB00-D26C4AC86A1C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-07-05] (Microsoft Corporation)
Task: {F6E1498D-5E94-492D-8A3E-8670F4104A32} - System32\Tasks\S-1-5-21-415792782-2538413634-1540922066-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2018-04-12] (Microsoft Corporation)
Task: {FA4C5D93-23BB-4BB7-BF79-A6B5044B9B71} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\WpsExternal_20161111081738.job => C:\Program Files (x86)\Kingsoft\WPS Office\ksolaunch.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\Utente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki
Shortcut: C:\Users\Utente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com

==================== Loaded Modules (Whitelisted) ==============

2018-05-29 10:53 - 2018-05-20 19:36 - 001315296 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-04-11 12:33 - 2014-12-15 14:31 - 000044760 _____ () C:\Windows\runSW.exe
2018-07-19 15:30 - 2018-04-25 13:16 - 002297040 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-02-13 18:21 - 2016-08-02 12:40 - 002257408 _____ () C:\Program Files\PostgreSQL\9.3\bin\libxml2.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-10-18 23:51 - 2017-10-18 23:51 - 000598528 _____ () C:\Users\Utente\AppData\Local\MEGAsync\ShellExtX64.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-03-19 01:40 - 2018-03-19 01:40 - 000230064 _____ () C:\Program Files\Notepad++\NppShell_06.dll
2018-07-11 12:47 - 2018-07-06 08:55 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-06-25 22:27 - 2018-06-22 21:15 - 004608856 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.99\libglesv2.dll
2018-06-25 22:27 - 2018-06-22 21:15 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.99\libegl.dll
2018-07-11 17:32 - 2018-06-28 11:49 - 031285248 _____ () C:\Users\Utente\AppData\Local\Google\Chrome\User Data\PepperFlash\30.0.0.134\pepflashplayer.dll
2018-05-29 10:53 - 2018-05-20 19:36 - 095437792 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2018-05-29 10:53 - 2018-05-20 19:36 - 003029472 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\swiftshader\libglesv2.dll
2018-05-29 10:53 - 2018-05-20 19:36 - 000149984 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\swiftshader\libegl.dll
2018-07-17 16:24 - 2018-07-17 16:24 - 000242176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\Microsoft.Skype.ImageTool.dll
2018-07-17 16:24 - 2018-07-17 16:28 - 000040960 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\TraceProvider.dll
2018-04-26 12:44 - 2018-04-26 12:45 - 000636416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\RuntimeConfiguration.dll
2018-07-17 16:24 - 2018-07-17 16:27 - 000146432 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.Proxies.dll
2018-07-17 16:24 - 2018-07-17 16:28 - 000631808 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\VideoN.dll
2018-07-17 16:24 - 2018-07-17 16:27 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-07-17 16:24 - 2018-07-17 16:27 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-07-17 16:24 - 2018-07-17 16:28 - 022373888 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-07-17 16:24 - 2018-07-17 16:27 - 002610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\skypert.dll
2018-07-17 16:24 - 2018-07-17 16:25 - 000653824 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2018-07-07 12:15 - 2018-06-15 19:30 - 001308672 _____ () c:\windows\system32\FaceProcessor.dll
2018-07-07 12:14 - 2018-06-15 19:55 - 000542888 _____ () c:\windows\system32\FaceProcessorCore.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 001348664 _____ () c:\windows\system32\FaceTrackerInternal.dll
2018-07-07 12:15 - 2018-06-15 06:41 - 005471232 _____ () C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUIDataModel.dll
2018-07-07 12:14 - 2018-06-15 06:36 - 000047616 _____ () C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUITelemetry.dll
2018-07-07 12:15 - 2018-06-15 06:40 - 005082112 _____ () C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUIViewModels.dll
2018-02-16 14:02 - 2017-05-22 11:16 - 000442144 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2018-02-16 14:02 - 2017-05-22 11:16 - 000210720 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2018-02-16 14:02 - 2017-05-22 11:16 - 000059680 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2018-04-11 12:33 - 2014-04-17 09:54 - 000221184 _____ () C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\EnumDevLib.dll
2018-02-16 14:02 - 2018-01-25 17:02 - 000899856 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\webres.dll
2018-02-16 14:02 - 2018-01-25 17:01 - 000631568 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\ProductStatistics.dll
2018-02-16 14:02 - 2017-05-22 11:16 - 000524064 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\sqlite3.dll
2018-05-29 10:53 - 2018-05-20 19:36 - 001033184 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-10-18 23:58 - 2017-10-18 23:58 - 000570368 _____ () C:\Users\Utente\AppData\Local\MEGAsync\ShellExtX32.dll
2016-10-05 22:17 - 2016-10-05 22:17 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 13:47 - 2018-04-04 13:13 - 000013966 _____ C:\WINDOWS\system32\Drivers\etc\hosts

0.0.0.0 0x1f4b0.com
0.0.0.0 1q2w3.fun
0.0.0.0 1q2w3.website
0.0.0.0 2giga.dowload
0.0.0.0 2giga.link
0.0.0.0 8jd2lfsq.me
0.0.0.0 aalbbh84.info
0.0.0.0 adless.io
0.0.0.0 ad-miner.com
0.0.0.0 adrenali.gq
0.0.0.0 afflow.18-plus.net
0.0.0.0 afminer.com
0.0.0.0 ajcryptominer.com
0.0.0.0 ajplugins.com
0.0.0.0 akvideo.stream
0.0.0.0 allfontshere.press
0.0.0.0 altavista.ovh
0.0.0.0 analytics.blue
0.0.0.0 andlache.com
0.0.0.0 anime.reactor.cc
0.0.0.0 a-o.ninja
0.0.0.0 api.inwemo.com
0.0.0.0 appelamule.com
0.0.0.0 aservices.party
0.0.0.0 audioknigi.club
0.0.0.0 auroramine.com
0.0.0.0 authedmine.com
0.0.0.0 averoconnector.com
0.0.0.0 azvjudwr.info
0.0.0.0 bablace.com

There are 507 more lines.


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-415792782-2538413634-1540922066-1001\Control Panel\Desktop\\Wallpaper -> c:\users\utente\appdata\local\microsoft\windows\themes\transcodedwallpaper
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: CPEFR => 2
MSCONFIG\Services: jswpbapi => 2
MSCONFIG\Services: jswpsapi => 3
MSCONFIG\Services: Kingsoft_WPS_UpdateService => 2
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\Services: Razer Game Manager Service => 2
MSCONFIG\Services: RemediationService => 2
MSCONFIG\Services: rpcapd => 3
MSCONFIG\Services: RzActionSvc => 2
MSCONFIG\Services: RzKLService => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\Services: TESvc => 2
MSCONFIG\Services: VMAuthdService => 2
MSCONFIG\Services: VMnetDHCP => 2
MSCONFIG\Services: VMUSBArbService => 2
MSCONFIG\Services: VMware NAT Service => 2
MSCONFIG\Services: wpscloudsvr => 3
MSCONFIG\Services: WsAppService => 2
MSCONFIG\Services: WsDrvInst => 3
MSCONFIG\Services: ZAARUpdateService => 2
HKLM\...\StartupApproved\StartupFolder: => "MobileGo Service.lnk"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "jswtrayutil"
HKU\S-1-5-21-415792782-2538413634-1540922066-1001\...\StartupApproved\StartupFolder: => "Twitch.lnk"
HKU\S-1-5-21-415792782-2538413634-1540922066-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-415792782-2538413634-1540922066-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-415792782-2538413634-1540922066-1001\...\StartupApproved\Run: => "Steam"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{0F610467-79CB-4067-A81F-A6902B0D1037}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe
FirewallRules: [{763F74AC-3E23-443E-B993-87EEB15B5EC6}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe
FirewallRules: [{790FF467-C733-4824-9841-9454E6B5E71C}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe
FirewallRules: [{593A334E-6E6A-435F-AB5D-D13EB8FFFFBA}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe
FirewallRules: [{396EF45F-8831-43F6-AA43-7BD0A87E6EDB}] => (Allow) LPort=1542
FirewallRules: [{B52695D4-A94B-4270-907B-EAF0CE76D58D}] => (Allow) LPort=1542
FirewallRules: [{37CD995F-77C3-4416-B7C0-417A297B5BC0}] => (Allow) LPort=53
FirewallRules: [{2D1DD22D-471B-4C8A-819B-EB708FC4EA5B}] => (Allow) C:\PROGRA~2\REALTEK\USBWIR~1\Rtldhcp.exe
FirewallRules: [{C718D835-0B8A-4BA7-B449-ECA9A87F7FE8}] => (Allow) LPort=53
FirewallRules: [{190B1B03-7A70-44BB-80F0-20B160AFF494}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{9835547B-E7AB-4BEB-BA8E-30BFA0F8BEB3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{E201B5B6-9379-4F42-A3A4-E42A05EF138A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{5A328296-7B86-4A51-ADAB-29980A959E2F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{07BC909A-FFC8-472D-804F-3DF3700CE11D}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [TCP Query User{4FF8713B-72A7-4898-807F-67CF32DA1806}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [{6CEAD2AC-A459-462A-A18E-4CDC2945153C}] => (Allow) C:\Program Files (x86)\Nero\Nero 2018\Nero Burning ROM\nero.exe
FirewallRules: [{4D297753-9A61-45D9-86E9-713B567D3A2E}] => (Allow) C:\Program Files (x86)\Nero\Nero 2018\Nero Burning ROM\StartNBR.exe
FirewallRules: [{0D61080A-774B-46EB-A8AA-0651DA2D675A}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [{AC97B04E-F185-4DC2-9639-B9C7C349B67E}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [{166B7FF0-154A-4E3D-AC91-48091282DC7C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{24CADF48-E834-477A-B885-06CA8835352F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{79D96B61-7A9A-46F7-B9D2-EDB2E12791FC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{2737A3A8-7376-45B7-BA61-904A57E91901}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{582EA02B-8EF5-4D92-85AB-7990BC3DD41E}] => (Allow) C:\Program Files (x86)\DroidCam\DroidCamApp.exe
FirewallRules: [{775C5F65-6C8B-44BA-93E4-C0E2D1BF8725}] => (Allow) C:\Program Files (x86)\DroidCam\DroidCamApp.exe
FirewallRules: [{309B4460-6B7C-4A6E-B242-6A5356D716FD}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DPDecoder.exe
FirewallRules: [{7E759D90-58A1-43BA-8A5B-DD5212DCED08}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\OxygenPanelDaemon.exe
FirewallRules: [{78AF72B9-7E6B-4A70-BC90-150F8D717338}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe
FirewallRules: [{DCB52EA2-9EF2-46F2-B3D8-4FC3DFA5743B}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe
FirewallRules: [{2920D8BF-E0E5-47F5-B40F-868A11DD9D55}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe
FirewallRules: [{1A4712AC-13E8-4F99-8B5D-EE07A48A2613}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe
FirewallRules: [{F0450B84-C750-4CDB-8C4F-BD416FDE7B6D}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe
FirewallRules: [{C366341F-5DDC-4A45-9867-CA1117E87BD8}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe
FirewallRules: [{1945EC13-54EE-4258-A66B-B2E8631749AA}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe
FirewallRules: [{19B31222-532C-4E7E-9742-175E40879A74}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{5C74758C-5796-4E2C-8C65-E32D28430103}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{D5374871-4253-4329-BF43-A633C44D8C65}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{6BD3D207-4413-4874-B4EF-15DF4EA33F70}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{A4493F7A-0CFB-46BC-8502-AC24EFDE5744}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{29AB4887-09B7-4372-9DF0-29EE7C1625D6}] => (Allow) C:\Program Files (x86)\Nero\Nero 2018\Nero Burning ROM\nero.exe
FirewallRules: [{52ACDD4B-689A-45B8-AEBC-14E6AC4C37F4}] => (Allow) C:\Program Files (x86)\Nero\Nero 2018\Nero Burning ROM\StartNBR.exe
FirewallRules: [{5D8F3997-B891-4E8F-AA5D-FF8DEA671BFE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F6EC6A36-00C8-4DD7-89A7-316A45BADABD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{46F4D93A-0779-492B-AE1F-3A37A5B6BEAF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{11C32F8E-F0AB-45D4-AF23-D9BEAB25AB6E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{46281275-CA9C-4FDE-B587-BF1E95BEF775}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Block) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe
FirewallRules: [UDP Query User{F2B89EAA-A779-44F2-8881-BC0893AC8B39}C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe] => (Block) C:\program files (x86)\wondershare\mobilego\mobilegoservice.exe
FirewallRules: [{E9F54208-F77F-42DF-8154-DE4FB36266AC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{18823E18-F620-47AA-A051-4100772381A9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{95440D0F-D229-44F9-89E8-1B2952720EE3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{DE276DF5-CC72-482B-97D2-A8ACB3F0D836}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{E0988DC4-9D06-41E6-B02A-57B7B7831D11}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{14295008-30E1-4A16-8CEC-29B9FC363072}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{A8560FEE-DF0F-4B4C-A957-9B9B52D7B101}C:\program files (x86)\arma 3 tac-ops mission pack\arma3.exe] => (Block) C:\program files (x86)\arma 3 tac-ops mission pack\arma3.exe
FirewallRules: [UDP Query User{D39D16B3-6C1D-4F3B-90EB-2E07CC8FC0E5}C:\program files (x86)\arma 3 tac-ops mission pack\arma3.exe] => (Block) C:\program files (x86)\arma 3 tac-ops mission pack\arma3.exe
FirewallRules: [TCP Query User{837B8196-D82F-4441-A2D5-861A8349206F}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{5899BEA7-FE7C-4D99-B460-65858DC75159}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [{EA52A98D-22A1-4FDB-AA0E-D43FD284ACF2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{854AFE18-91C8-4D86-8F7E-21C4FBF3E7A2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{799E3E47-2CC9-489A-B45D-D1A12AA92886}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{5045174E-C584-4F77-A965-CFFA1E858F2B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{AB90B07A-FBFC-4107-A4F4-719623F4ECA2}] => (Allow) C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe
FirewallRules: [{D3871F3F-E839-4AF6-81D2-943A77F698CF}] => (Allow) C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe
FirewallRules: [{97200F5C-6C35-4FE8-B5D5-05D7E1F73372}] => (Allow) C:\Program Files (x86)\Sega\Virtua Tennis 4\VT4.exe
FirewallRules: [{88EDD80D-5A71-48BB-94F0-DEA3A6E724BA}] => (Allow) C:\Program Files (x86)\Sega\Virtua Tennis 4\VT4.exe
FirewallRules: [{545FCDFA-096D-4A6F-A038-6F1CCCAF2287}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{AFC08BF5-7703-47EF-8210-DB639035BD52}C:\program files\freedownloadmanager.org\free download manager\fdm.exe] => (Allow) C:\program files\freedownloadmanager.org\free download manager\fdm.exe
FirewallRules: [UDP Query User{92484549-F39A-4308-B4D9-8FED3146969D}C:\program files\freedownloadmanager.org\free download manager\fdm.exe] => (Allow) C:\program files\freedownloadmanager.org\free download manager\fdm.exe
FirewallRules: [{758D9546-1129-433C-AFF1-0B1652B9F1B7}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{46E020B7-B76B-4097-A253-CB5E826902D5}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [TCP Query User{0A7F7BC8-7851-453F-B3FC-B450FB61C7A0}C:\users\utente\appdata\local\holdemresources\calculator\calculator.exe] => (Block) C:\users\utente\appdata\local\holdemresources\calculator\calculator.exe
FirewallRules: [UDP Query User{65389D4B-CB90-405D-95AD-51D314EBCDE9}C:\users\utente\appdata\local\holdemresources\calculator\calculator.exe] => (Block) C:\users\utente\appdata\local\holdemresources\calculator\calculator.exe
FirewallRules: [{83F4D2D8-3474-4978-8939-56CA7502E598}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.257.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{87421640-7849-4C27-935B-ED3DEA4CA5C6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.257.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{D0FB0EB2-5D2D-4821-8ABC-CB5012E803A6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.257.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{6D5E4378-6A9F-4A84-8A91-057C1A497785}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.257.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{8E3B47BB-9FD7-46A8-B85B-556A8421D9DC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.257.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{AB04B792-90ED-4611-9345-665DCF80A32D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.257.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{54AD5C40-E261-43D8-8FA7-1F13C0F0617D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.257.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{CDACE96D-D9FD-43E3-AB5D-6B49A17A0E59}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.257.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{064E5A27-7314-4782-87BF-831D576C9BB1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.257.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe
FirewallRules: [{404C9C7D-8544-423F-B25B-382A9AAC84AB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.85.257.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe

==================== Restore Points =========================

11-07-2018 12:46:30 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/19/2018 05:18:22 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-5MD0CU0)
Description: httphttp-2147467263

Error: (07/19/2018 04:45:42 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-5MD0CU0)
Description: httphttp-2147467263

Error: (07/19/2018 04:37:10 PM) (Source: PostgreSQL) (EventID: 0) (User: )
Description: Il tempo di attesa per l'avvio del server è scaduto

Error: (07/19/2018 04:25:30 PM) (Source: COM) (EventID: 10031) (User: )
Description: Un controllo dei criteri di unmarshalling è stato eseguito durante l'unmarshalling di un oggetto sottoposto a marshalling personalizzato e la classe {41FD88F7-F295-4D39-91AC-A85F3149A05B} è stata rifiutata

Error: (07/19/2018 04:25:30 PM) (Source: COM) (EventID: 10031) (User: )
Description: Un controllo dei criteri di unmarshalling è stato eseguito durante l'unmarshalling di un oggetto sottoposto a marshalling personalizzato e la classe {41FD88F7-F295-4D39-91AC-A85F3149A05B} è stata rifiutata

Error: (07/19/2018 04:18:22 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Errore del servizio Copia Shadow del volume: errore inatteso durante il richiamo della routine QueryFullProcessImageNameW. hr = 0x8007001f, Un dispositivo collegato al sistema non è in funzione.
.


Operazione:
Esecuzione operazione asincrona

Contesto:
Stato corrente: DoSnapshotSet

Error: (07/19/2018 03:32:11 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-5MD0CU0)
Description: httphttp-2147467263

Error: (07/19/2018 03:08:04 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-5MD0CU0)
Description: httphttp-2147467263


System errors:
=============
Error: (07/19/2018 04:40:15 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-5MD0CU0)
Description: Le impostazioni delle autorizzazioni impostazioni specifiche dell'applicazione non concedono l'autorizzazione di Attivazione in Locale per l'applicazione server COM con CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
e APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
all'utente DESKTOP-5MD0CU0\SID Utente (S-1-5-21-415792782-2538413634-1540922066-1001) dall'indirizzo LocalHost (tramite LRPC) in esecuzione nel SID del contenitore di applicazioni Non disponibile (Non disponibile). Per modificare tale autorizzazione di sicurezza, è possibile utilizzare lo strumento amministrativo Servizi componenti.

Error: (07/19/2018 04:40:06 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Le impostazioni delle autorizzazioni impostazioni specifiche dell'applicazione non concedono l'autorizzazione di Avvio in Locale per l'applicazione server COM con CLSID
Windows.SecurityCenter.WscDataProtection
e APPID
Non disponibile
all'utente NT AUTHORITY\SID SYSTEM (S-1-5-18) dall'indirizzo LocalHost (tramite LRPC) in esecuzione nel SID del contenitore di applicazioni Non disponibile (Non disponibile). Per modificare tale autorizzazione di sicurezza, è possibile utilizzare lo strumento amministrativo Servizi componenti.

Error: (07/19/2018 04:40:06 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Le impostazioni delle autorizzazioni impostazioni specifiche dell'applicazione non concedono l'autorizzazione di Avvio in Locale per l'applicazione server COM con CLSID
Windows.SecurityCenter.WscBrokerManager
e APPID
Non disponibile
all'utente NT AUTHORITY\SID SYSTEM (S-1-5-18) dall'indirizzo LocalHost (tramite LRPC) in esecuzione nel SID del contenitore di applicazioni Non disponibile (Non disponibile). Per modificare tale autorizzazione di sicurezza, è possibile utilizzare lo strumento amministrativo Servizi componenti.

Error: (07/19/2018 04:36:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Arresto imprevista del servizio Realtek DHCP Service. Questo evento si è già verificato 1 volta(e).

Error: (07/19/2018 04:36:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Il servizio am7pro non è stato avviato per il seguente errore:
Windows: impossibile verificare la firma digitale del file. In seguito a una modifica recente dell'hardware o del software, è possibile che sia stato installato un file danneggiato, con una firma non corretta o che potrebbe essere malware di origine sconosciuta.

Error: (07/19/2018 04:34:32 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Arresto imprevisto del modulo di estendibilità WLAN.

Percorso modulo: C:\WINDOWS\system32\Rtlihvs.dll

Error: (07/19/2018 04:34:32 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Arresto imprevisto del modulo di estendibilità WLAN.

Percorso modulo: C:\WINDOWS\system32\Rtlihvs.dll

Error: (07/19/2018 04:34:29 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Arresto imprevisto del modulo di estendibilità WLAN.

Percorso modulo: C:\WINDOWS\system32\Rtlihvs.dll


Windows Defender:
===================================
Date: 2018-07-19 02:42:44.775
Description:
Windows Defender Antivirus: analisi interrotta prima del completamento.
ID analisi: {F568673C-C09C-491C-ADA7-F14A1296959F}
Tipo analisi: Antimalware
Parametri analisi: Analisi veloce
Utente: NT AUTHORITY\SYSTEM

Date: 2018-07-11 02:10:33.407
Description:
Windows Defender Antivirus ha rilevato malware o altro software potenzialmente indesiderato.
Ulteriori informazioni sono riportate di seguito:
https://go.microsoft.com/fwlink/?li...luteal.B!rfn&threatid=2147727314&enterprise=0
Nome: Trojan:Win32/Bluteal.B!rfn
ID: 2147727314
Gravità: Grave
Categoria: Trojan
Percorso: file:_E:\Games\Forza Motorsport 7\Microsoft.ApolloBaseGame_1.126.9433.2_x64__8wekyb3d8bbwe\InstallApp.exe
Origine rilevamento: Computer locale
Tipo rilevamento: Concreta
Origine rilevamento: Protezione in tempo reale
Utente: DESKTOP-5MD0CU0\Utente
Nome processo: C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe
Versione firma: AV: 1.271.778.0, AS: 1.271.778.0, NIS: 1.271.778.0
Versione motore: AM: 1.1.15000.2, NIS: 1.1.15000.2

Date: 2018-07-10 18:10:22.895
Description:
Windows Defender Antivirus: analisi interrotta prima del completamento.
ID analisi: {47AFE730-2535-4F9E-8CFF-6B280FD53A3E}
Tipo analisi: Antimalware
Parametri analisi: Analisi veloce
Utente: NT AUTHORITY\SYSTEM

Date: 2018-07-02 12:31:51.352
Description:
Windows Defender Antivirus: analisi interrotta prima del completamento.
ID analisi: {470924AA-B137-4C69-975B-3C4FA6022985}
Tipo analisi: Antimalware
Parametri analisi: Analisi veloce
Utente: NT AUTHORITY\SYSTEM

Date: 2018-06-29 13:00:16.047
Description:
Windows Defender Antivirus: analisi interrotta prima del completamento.
ID analisi: {49279145-72F4-4190-9036-C7EA0C28B65B}
Tipo analisi: Antimalware
Parametri analisi: Analisi veloce
Utente: DESKTOP-5MD0CU0\Utente

Date: 2018-07-06 14:11:04.863
Description:
Windows Defender Antivirus: errore durante il tentativo di aggiornare le firme.
Nuova versione firma:
Versione firma precedente: 1.271.613.0
Origine aggiornamento: Server Microsoft Update
Tipo firma: Antivirus
Tipo aggiornamento: Completo
Utente: NT AUTHORITY\SYSTEM
Versione motore corrente:
Versione motore precedente: 1.1.15000.2
Codice errore: 0x80240438
Descrizione errore: Problema imprevisto durante la ricerca degli aggiornamenti. Per informazioni sull'installazione degli aggiornamenti o la risoluzione dei problemi relativi, consultare Guida e supporto tecnico.

Date: 2018-07-04 01:21:28.101
Description:
Windows Defender Antivirus: errore durante il tentativo di aggiornare le firme.
Nuova versione firma:
Versione firma precedente: 1.271.348.0
Origine aggiornamento: Server Microsoft Update
Tipo firma: Antivirus
Tipo aggiornamento: Completo
Utente: NT AUTHORITY\SYSTEM
Versione motore corrente:
Versione motore precedente: 1.1.15000.2
Codice errore: 0x80240438
Descrizione errore: Problema imprevisto durante la ricerca degli aggiornamenti. Per informazioni sull'installazione degli aggiornamenti o la risoluzione dei problemi relativi, consultare Guida e supporto tecnico.

Date: 2018-07-02 12:26:29.950
Description:
Windows Defender Antivirus: errore durante il tentativo di aggiornare le firme.
Nuova versione firma:
Versione firma precedente: 1.269.1873.0
Origine aggiornamento: Microsoft Malware Protection Center
Tipo firma: Antivirus
Tipo aggiornamento: Completo
Utente: NT AUTHORITY\SERVIZIO DI RETE
Versione motore corrente:
Versione motore precedente: 1.1.14901.4
Codice errore: 0x80072ee7
Descrizione errore: Impossibile risolvere il nome o l'indirizzo del server

Date: 2018-07-02 12:26:29.949
Description:
Windows Defender Antivirus: errore durante il tentativo di aggiornare le firme.
Nuova versione firma:
Versione firma precedente: 1.269.1873.0
Origine aggiornamento: Microsoft Malware Protection Center
Tipo firma: Antispyware
Tipo aggiornamento: Completo
Utente: NT AUTHORITY\SERVIZIO DI RETE
Versione motore corrente:
Versione motore precedente: 1.1.14901.4
Codice errore: 0x80072ee7
Descrizione errore: Impossibile risolvere il nome o l'indirizzo del server

Date: 2018-07-02 12:26:29.949
Description:
Windows Defender Antivirus: errore durante il tentativo di aggiornare le firme.
Nuova versione firma:
Versione firma precedente: 1.269.1873.0
Origine aggiornamento: Microsoft Malware Protection Center
Tipo firma: Antivirus
Tipo aggiornamento: Completo
Utente: NT AUTHORITY\SERVIZIO DI RETE
Versione motore corrente:
Versione motore precedente: 1.1.14901.4
Codice errore: 0x80072ee7
Descrizione errore: Impossibile risolvere il nome o l'indirizzo del server

CodeIntegrity:
===================================

Date: 2018-07-19 16:36:00.408
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Games\ArtMoney\am74364.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-07-19 16:22:03.481
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Games\ArtMoney\am74364.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-07-19 12:53:37.995
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Games\ArtMoney\am74364.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-07-18 12:45:25.625
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Games\ArtMoney\am74364.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-07-14 10:29:47.751
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Games\ArtMoney\am74364.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-07-12 12:00:30.454
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Games\ArtMoney\am74364.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-07-11 12:27:49.074
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Games\ArtMoney\am74364.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-07-10 20:12:44.464
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Games\ArtMoney\am74364.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-7400 CPU @ 3.00GHz
Percentage of memory in use: 23%
Total physical RAM: 16337.11 MB
Available physical RAM: 12527.25 MB
Total Virtual: 18769.11 MB
Available Virtual: 9521.58 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:930.75 GB) (Free:509.64 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (ALFA) (CDROM) (Total:2.04 GB) (Free:0 GB) UDF
Drive e: (Hddext) (Fixed) (Total:931.51 GB) (Free:511.05 GB) NTFS
Drive f: () (Removable) (Total:28.91 GB) (Free:25.57 GB) NTFS

\\?\Volume{5891931a-e303-4572-99b0-d64763e1ea8c}\ (RECOVERY) (Fixed) (Total:0.49 GB) (Free:0.1 GB) NTFS
\\?\Volume{98fe173d-1aff-4004-8498-4e6c7d8f6db2}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: FDA4C66A)

Partition: GPT.

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 391F5B0A)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 28.9 GB) (Disk ID: 247233F7)

Partition: GPT.

==================== End of Addition.txt ============================

Ti ringrazio perchè finalmente sono riuscito a disinstallare l'estensione. Grazie grazie grazie!
 

Discussioni Simili


Entra