PROBLEMA Malware o altro ?? Come eliminarlo ??

Pubblicità
IoSonoLeggenda ha detto:
A proposito sapete come evitare che si intrufolino malware o altro quando si guardano serie TV in streaming? Ogni volta escono millemila annunci pubblicitari e pagine dannose ed è facile se non si è lesti a chiudere o pratici beccare qualche virus. Non c'è un sistema per avitare tutto ciò in partenza?
Clicca per espandere...
Una cosa che aiuta e' non usare flash, o meglio, usare un browser che non usa flash.
Io per contenuti delicati e a rischio uso una macchina virtuale isolata dalla macchina reale.
 
IoSonoLeggenda ha detto:
A proposito sapete come evitare che si intrufolino malware o altro quando si guardano serie TV in streaming? Ogni volta escono millemila annunci pubblicitari e pagine dannose ed è facile se non si è lesti a chiudere o pratici beccare qualche virus. Non c'è un sistema per avitare tutto ciò in partenza?
Clicca per espandere...
si può installare il componente adblock o adblock plus nel browser che blocca tutti gli annunci pubblicitari, te ne rimangono 1 forse 2, ma non sono invasivi e li riesci a chiudere con la X
 
Niente da fa ragazzi. Ho cancellato tutto il cancellabile e scansionato tutto il possibile, continuano ad aprirsi pagine a caso mentre navigo e clicco :(
Non vorrei dover ricorrere alla formattazione cavoli anche perchè non so come procedere xD

Mi resta l'ultima spiaggia ossia rifare nuovamente tutte le scansioni come mi ha indicato @danilo79 nella speranza che possa risolvere.
 
# AdwCleaner 7.0.0.0 - Logfile created on Wed Jul 19 17:59:37 2017
# Updated on 2017/17/07 by Malwarebytes
# Running on Windows 7 Ultimate (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

No malicious folders deleted.

***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{8233093C-178B-484B-979E-3C6B5B147DBC}


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[C0].txt - [3420 B] - [2017/7/19 7:34:20]
C:/AdwCleaner/AdwCleaner[S0].txt - [3594 B] - [2017/7/19 7:32:40]
C:/AdwCleaner/AdwCleaner[S1].txt - [1147 B] - [2017/7/19 17:59:8]


########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt ##########
 


Aprendo il TaskManager di Chrome mi compare questa strana estensione, che diavolo è ???

Nome completo : Romanesc Normalizator
 
Fai la scansione con jrt e poi quella con frst
Quella con frst non elimina nulla..ma saro io a fornirti un fix per eliminare le voci...
Fai le scansioni e posta i log
 
Fatta la scansione con TDSKiller ma il log non me lo fa copiare e poi è lunghissimo ... come devo fare?
Comunque mi dice che non ha rilevato niente ...

Cosa diavolo è quell'estensione?
 
Ok tdss killer ok....per i log posta il file con l opzione carica documenti e immagini...
Comunque se tdss non trova niente non postarlo..
 
puoi inviarmi dinuovo la foto del taskmanager di google che però si vedono i nomi completi?
 
Forse ho trovato ragazzi porca trota.

Quell'estensione sospetta appena l'ho chiusa dal Task Manager mi ha fatto accedere alla sezione "Estensioni" dove prima non mi faceva vedere le estensioni installate, come se ci fosse un blocco.

Mi compare sta cosa adesso, credo sia quello che mi sta causando danni :

 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-07-2017
Ran by Mattia (administrator) on MATTIA-PC (19-07-2017 20:39:20)
Running from C:\Users\Mattia\Downloads
Loaded Profiles: Mattia (Available Profiles: Mattia)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Inglese (Stati Uniti)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
() C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe
() C:\Windows\SysWOW64\HsMgr.exe
() C:\Windows\system\HsMgr64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CrossLoop Inc) C:\Users\Mattia\AppData\Local\CrossLoop\CrossLoopService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\System32\PnkBstrA.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(AO Kaspersky Lab) C:\Users\Mattia\Desktop\tdsskiller.exe
(AO Kaspersky Lab) C:\Users\Mattia\AppData\Local\Temp\{CEB7394A-FD29-4A67-85A5-53524A8C4358}\{84D9BE17-FA54-4D0D-8B03-8E42D0BECA01}.exe
(Google Inc.) C:\Users\Mattia\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Mattia\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Mattia\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Mattia\AppData\Local\Google\Chrome\Application\chrome.exe
(Safer Networking Limited) C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe
(Google Inc.) C:\Users\Mattia\AppData\Local\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Cm112GX] => C:\Windows\syswow64\HsMgr.exe [200704 2008-07-11] ()
HKLM\...\Run: [Cm112GX64] => C:\Windows\system\HsMgr64.exe [282112 2008-07-11] ()
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-06-15] (NVIDIA Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-07-26] (Apple Inc.)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5015040 2012-02-09] (VIA)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [918008 2017-07-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-07-05] (Apple Inc.)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [97512 2017-06-13] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-4004414026-1949072511-525996340-1000\...\Run: [Google Update] => C:\Users\Mattia\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [601168 2017-04-29] (Google Inc.)
HKU\S-1-5-21-4004414026-1949072511-525996340-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8322328 2015-05-08] (Piriform Ltd)
HKU\S-1-5-21-4004414026-1949072511-525996340-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-4004414026-1949072511-525996340-1000\...\MountPoints2: {353d1a16-32f1-11e5-a52a-50465d67b077} - K:\Setup.exe
HKU\S-1-5-21-4004414026-1949072511-525996340-1000\...\MountPoints2: {a42e8fe9-653f-11e5-a216-50465d67b077} - K:\Setup.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk.disabled [2013-09-21]
ShortcutTarget: HP Digital Imaging Monitor.lnk.disabled -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{67091232-A0CA-4CFB-AF2B-066EB7E9DBB7}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-4004414026-1949072511-525996340-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope value is missing
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-09-21] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-09-21] (Oracle Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.)
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll No File
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Mattia\AppData\Roaming\Mozilla\Firefox\Profiles\6m3vbu6n.default-1470777857296 [2017-07-19]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-09-21] [not signed]
FF HKU\S-1-5-21-4004414026-1949072511-525996340-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_137.dll [2017-07-11] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\system32\npDeployJava1.dll [2013-09-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-09-21] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_137.dll [2017-07-11] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [No File]
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll [2013-11-21] (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @Intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @Intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4004414026-1949072511-525996340-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Mattia\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin HKU\S-1-5-21-4004414026-1949072511-525996340-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Mattia\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.it/
CHR StartupUrls: Default -> "hxxps://www.google.it/"
CHR Profile: C:\Users\Mattia\AppData\Local\Google\Chrome\User Data\Default [2017-07-19]
CHR Extension: (Documenti Google) - C:\Users\Mattia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Google Drive) - C:\Users\Mattia\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Mattia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Adblock Plus) - C:\Users\Mattia\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-07-13]
CHR Extension: (Google Search) - C:\Users\Mattia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Sicurezza browser Avira) - C:\Users\Mattia\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-06-08]
CHR Extension: (Google Documenti offline) - C:\Users\Mattia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Pagamenti Chrome Web Store) - C:\Users\Mattia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Românesc-Normalizator) - C:\Users\Mattia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjhdjhipilkdhpinkckkeoongbmbgap [2017-07-18]
CHR Extension: (Gmail) - C:\Users\Mattia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\Mattia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-14]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome.6QEJA4F3XXRBMJNEIRUCNYWBR4 - C:\Users\Mattia\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1128432 2017-07-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [490968 2017-07-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [490968 2017-07-18] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [377976 2017-06-13] (Avira Operations GmbH & Co. KG)
R2 CrossLoopService; C:\Users\Mattia\AppData\Local\CrossLoop\CrossLoopService.exe [560880 2011-04-07] (CrossLoop Inc)
R3 Disc Soft Lite Bus Service; C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [284736 2017-03-16] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6625856 2017-03-16] (GOG.com)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-06-15] (NVIDIA Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-06-15] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-06-15] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-06-15] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2123240 2017-04-03] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2184688 2017-04-03] (Electronic Arts)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-06-28] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-11-04] ()
S3 tvnserver; C:\Users\Mattia\AppData\Local\CrossLoop\tvnserver.exe [814080 2010-07-21] (GlavSoft LLC.) [File not signed]
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-11-11] (VIA Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
S4 AntiVirWebService; "C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ASUSU1; C:\Windows\System32\drivers\cm11264.sys [1312256 2010-12-15] (C-Media Electronics Inc)
R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [64504 2017-06-20] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [185032 2017-06-20] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [149976 2017-06-20] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [35328 2017-03-02] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [78600 2017-03-02] (Avira Operations GmbH & Co. KG)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-07-04] (Disc Soft Ltd)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-06-15] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R3 RTCore64; C:\Program Files (x86)\EVGA Precision X\RTCore64.sys [15176 2013-07-18] ()
S3 SaiK1703; C:\Windows\System32\DRIVERS\SaiK1703.sys [180544 2012-09-20] (Saitek)
R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [25120 2013-04-30] (Saitek)
R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [52640 2013-04-30] (Saitek)
S3 SaiU1703; C:\Windows\System32\DRIVERS\SaiU1703.sys [47168 2012-09-20] (Saitek)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-19 20:39 - 2017-07-19 20:39 - 00021419 _____ C:\Users\Mattia\Downloads\FRST.txt
2017-07-19 20:39 - 2017-07-19 20:39 - 00000000 ____D C:\FRST
2017-07-19 20:38 - 2017-07-19 20:38 - 02382336 _____ (Farbar) C:\Users\Mattia\Downloads\FRST64.exe
2017-07-19 20:26 - 2017-07-19 20:26 - 00000000 ____D C:\Program Files (x86)\TeaTimer (Spybot - Search & Destroy)
2017-07-19 20:24 - 2017-07-19 20:25 - 00219048 _____ C:\TDSSKiller.3.1.0.15_19.07.2017_20.24.06_log.txt
2017-07-19 20:18 - 2017-07-19 20:22 - 00219134 _____ C:\TDSSKiller.3.1.0.15_19.07.2017_20.18.09_log.txt
2017-07-19 20:17 - 2017-07-19 20:17 - 04922400 _____ (AO Kaspersky Lab) C:\Users\Mattia\Desktop\tdsskiller.exe
2017-07-19 09:30 - 2017-07-19 19:59 - 00000000 ____D C:\AdwCleaner
2017-07-19 09:30 - 2017-07-19 09:30 - 08162248 _____ (Malwarebytes) C:\Users\Mattia\Downloads\adwcleaner-7-0-0-0.exe
2017-07-18 00:03 - 2016-04-14 07:38 - 00113216 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2017-07-18 00:03 - 2016-04-14 07:38 - 00102976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2017-07-18 00:03 - 2016-04-14 07:38 - 00056384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2017-07-17 00:21 - 2017-07-17 00:21 - 00006351 _____ C:\Users\Mattia\Downloads\Copertura pianificata Adsl su DSLAM ATM da Centrale e da Armadio.zip
2017-07-16 21:08 - 2017-07-16 21:08 - 00000000 ____D C:\Users\Mattia\Documents\League of Legends
2017-06-30 22:42 - 2017-06-30 22:42 - 00000000 ____D C:\Users\Mattia\AppData\Local\UnrealEngine
2017-06-30 22:42 - 2017-06-30 22:42 - 00000000 ____D C:\Users\Mattia\AppData\Local\Destructive_Creations
2017-06-23 22:15 - 2017-06-24 13:32 - 00000000 ____D C:\Users\Mattia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2017-06-23 22:15 - 2017-06-23 22:15 - 00000000 ____D C:\Users\Mattia\Documents\Commandos - Behind Enemy Lines
2017-06-20 09:46 - 2017-06-20 09:45 - 00064504 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avdevprot.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-19 20:09 - 2009-07-14 06:45 - 00017136 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-07-19 20:09 - 2009-07-14 06:45 - 00017136 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-07-19 20:00 - 2015-07-25 19:59 - 00000000 ____D C:\ProgramData\NVIDIA
2017-07-19 20:00 - 2013-09-21 12:35 - 00000202 _____ C:\Windows\Tasks\AutoKMS.job
2017-07-19 20:00 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-07-19 19:55 - 2014-12-24 13:59 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-07-19 09:34 - 2013-09-21 13:29 - 00000000 ____D C:\Users\Mattia\AppData\Roaming\Yahoo!
2017-07-19 00:10 - 2014-12-24 13:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2017-07-19 00:10 - 2014-12-24 13:59 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2017-07-19 00:08 - 2017-04-23 12:57 - 00003026 _____ C:\Windows\System32\Tasks\EVGAPrecision
2017-07-18 13:24 - 2013-09-21 12:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-07-18 00:05 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2017-07-18 00:04 - 2015-07-25 20:23 - 00000000 ____D C:\Users\Mattia\AppData\Local\NVIDIA Corporation
2017-07-18 00:04 - 2015-07-25 20:23 - 00000000 ____D C:\Users\Mattia\AppData\Local\NVIDIA
2017-07-17 23:44 - 2014-09-25 21:50 - 00000000 ____D C:\Users\Mattia\AppData\Local\Battle.net
2017-07-17 22:30 - 2013-09-21 16:14 - 00000000 ____D C:\Program Files (x86)\StarCraft II
2017-07-17 22:25 - 2014-09-25 21:50 - 00000000 ____D C:\Program Files (x86)\Battle.net
2017-07-16 17:36 - 2013-09-22 16:46 - 00000000 ____D C:\Program Files (x86)\EVGA Precision X
2017-07-16 17:28 - 2013-09-21 16:14 - 00000000 ____D C:\Users\Mattia\Documents\StarCraft II
2017-07-11 16:50 - 2013-09-21 12:40 - 00803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-07-11 16:50 - 2013-09-21 12:40 - 00144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-07-11 16:50 - 2013-09-21 12:40 - 00004460 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-07-11 16:50 - 2013-09-21 12:40 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-07-11 16:50 - 2013-09-21 12:40 - 00000000 ____D C:\Windows\system32\Macromed
2017-07-09 22:33 - 2013-09-21 15:50 - 00000000 ____D C:\Program Files (x86)\Steam
2017-07-09 00:07 - 2016-05-06 19:17 - 00000000 ____D C:\Users\Mattia\Desktop\Palestra
2017-07-06 19:39 - 2013-11-01 00:24 - 00000000 ____D C:\ProgramData\Package Cache
2017-06-26 21:19 - 2013-09-21 12:43 - 00002345 _____ C:\Users\Mattia\Desktop\Google Chrome.lnk
2017-06-20 09:45 - 2016-10-11 11:22 - 00034128 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avusbflt.sys
2017-06-20 09:45 - 2013-09-21 12:48 - 00185032 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2017-06-20 09:45 - 2013-09-21 12:48 - 00149976 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2017-06-19 17:41 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF

==================== Files in the root of some directories =======

2013-09-21 20:38 - 2013-09-24 22:26 - 1065984 _____ () C:\Users\Mattia\AppData\Local\file__0.localstorage
2015-05-31 16:01 - 2015-05-31 16:01 - 0000017 _____ () C:\Users\Mattia\AppData\Local\resmon.resmoncfg
2013-09-21 13:26 - 2013-09-21 13:30 - 0000813 _____ () C:\ProgramData\hpzinstall.log

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-07-12 00:35

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-07-2017
Ran by Mattia (19-07-2017 20:39:58)
Running from C:\Users\Mattia\Downloads
Windows 7 Ultimate Service Pack 1 (X64) (2013-09-21 18:14:42)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4004414026-1949072511-525996340-500 - Administrator - Disabled)
Guest (S-1-5-21-4004414026-1949072511-525996340-501 - Limited - Disabled)
Mattia (S-1-5-21-4004414026-1949072511-525996340-1000 - Administrator - Enabled) => C:\Users\Mattia

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-4004414026-1949072511-525996340-1000\...\uTorrent) (Version: 3.4.7.42330 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (HKLM\...\{BE930E38-7BB3-45B6-85B2-5251F374F844}) (Version: 6.2.2 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Italiano (HKLM-x32\...\{AC76BA86-7AD7-1040-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Adobe Flash Player 26 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 26.0.0.137 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.137 - Adobe Systems Incorporated)
Aggiornamenti NVIDIA 2.11.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ASUS Xonar U3 Audio (HKLM\...\C-Media CM112 Like Sound Driver) (Version: - )
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.28.28 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{661C79C2-D156-419C-81CA-D1A2523B0841}) (Version: 1.2.91.10326 - Avira Operations GmbH & Co. KG) Hidden
Avira Connect (HKLM-x32\...\{dd9049b8-31d1-40bd-8c8c-97a7b087a78f}) (Version: 1.2.91.10326 - Avira Operations GmbH & Co. KG)
Batman: Arkham City GOTY (HKLM-x32\...\Steam App 200260) (Version: - Rocksteady Studios)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.8.2.48475 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
Besiege (HKLM-x32\...\Steam App 346010) (Version: - Spiderling Studios)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version: - Irrational Games)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Borderlands (HKLM-x32\...\Steam App 8980) (Version: - Gearbox Software)
BOSS (HKLM-x32\...\BOSS) (Version: 2.1.1 - BOSS Development Team)
Brothers - A Tale of Two Sons (HKLM-x32\...\Steam App 225080) (Version: - Starbreeze Studios AB)
CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform)
Chicken Invaders 5 (HKLM-x32\...\Steam App 353090) (Version: - InterAction studios)
Crysis 2 Maximum Edition (HKLM-x32\...\Steam App 108800) (Version: - Crytek Studios)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
DARK SOULS™ II (HKLM-x32\...\Steam App 236430) (Version: - FromSoftware, Inc)
Darksiders (HKLM-x32\...\Steam App 50620) (Version: - Vigil Games)
Darksiders II (HKLM-x32\...\Steam App 50650) (Version: - Vigil Games)
DarksidersInstaller (HKLM-x32\...\{B93EEE50-9C8F-45DF-95E4-3D85A6E242F3}) (Version: 1.00.1000 - Nome società)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Dragon Age: Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.05.13263.0 - Electronic Arts)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Fallout 4 (HKLM\...\Steam App 377160) (Version: - Bethesda Game Studios)
Fallout 4 (HKLM-x32\...\Fallout 4) (Version: - Bethesda Softworks)
Fraps (HKLM-x32\...\Fraps) (Version: - )
Google Chrome (HKU\S-1-5-21-4004414026-1949072511-525996340-1000\...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.)
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Hatred (HKLM\...\Steam App 341940) (Version: - Destructive Creations)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.245 - SurfRight B.V.)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet F2400 All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{819CA3BC-2FF8-4811-B42F-421F7BFD3559}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
iTunes (HKLM\...\{955524E7-79EB-4CA9-BA4D-FD2DF587651B}) (Version: 12.4.3.1 - Apple Inc.)
Java 7 Update 21 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417021FF}) (Version: 7.0.210 - Oracle)
Killing Floor 2 (HKLM-x32\...\Steam App 232090) (Version: - Tripwire Interactive)
LibreOffice 5.2.0.4 (HKLM-x32\...\{8FA59B7B-1D26-408F-A798-BD11A65A68B9}) (Version: 5.2.0.4 - The Document Foundation)
Lords Of The Fallen (HKLM-x32\...\Steam App 265300) (Version: - CI Games)
Mad Max (HKLM\...\Steam App 234140) (Version: - Avalanche Studios)
Malwarebytes Anti-Malware versione 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Mass Effect™ (HKLM-x32\...\{44A570EE-FD93-4086-8997-2C38DFDE0019}) (Version: 1.2.20608.0 - Electronic Arts)
Mass Effect™ 2 (HKLM-x32\...\{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}) (Version: 1.2.1604.0 - Electronic Arts)
Mass Effect™ 3 (HKLM-x32\...\{534A31BD-20F4-46b0-85CE-09778379663C}) (Version: 1.05.0.0 - Electronic Arts)
METAL GEAR SOLID V: THE PHANTOM PAIN (HKLM-x32\...\Steam App 287700) (Version: - Konami Digital Entertainment)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (Italiano) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1040) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052B-02A4-4627-81F2-1818DA5D550D}) (Version: - )
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837B34E3-7C30-493C-8F6A-2B0F04E2912C}) (Version: - )
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: - )
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: - )
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 40.0.3 (x86 it) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 it)) (Version: 40.0.3 - Mozilla)
Mumble 1.2.8 (HKLM-x32\...\{646A05E9-37A7-4FD1-8CAE-9D3E60EF4A09}) (Version: 1.2.8 - Thorvald Natvig)
MxBody2 (HKU\S-1-5-21-4004414026-1949072511-525996340-1000\...\b86e5b8b773b7902) (Version: 2.3.0.168 - MicheleVicario.net)
NVIDIA Driver 3D Vision 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.30 - NVIDIA Corporation)
NVIDIA Driver audio HD 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA Driver del controller 3D Vision 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA Driver grafico 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.30 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.4.5.30491 - Electronic Arts, Inc.)
Pannello di controllo NVIDIA 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 353.30 - NVIDIA Corporation) Hidden
Portal (HKLM-x32\...\Steam App 400) (Version: - Valve)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RAGE (HKLM-x32\...\Steam App 9200) (Version: - id Software)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.1 - Rockstar Games)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.)
Soldiers: Heroes of World War II (HKLM\...\Steam App 11480) (Version: - Best Way)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Supporto applicazioni Apple (32 bit) (HKLM-x32\...\{D4B07658-F443-4445-A261-E643996E139D}) (Version: 4.3.2 - Apple Inc.)
Supporto applicazioni Apple (64 bit) (HKLM\...\{A6B0442B-E159-444B-B49D-6B9AC531EAE3}) (Version: 4.3.2 - Apple Inc.)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The Binding of Isaac: Rebirth (HKLM\...\Steam App 250900) (Version: - Nicalis, Inc.)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
Total War: ROME II - Emperor Edition (HKLM-x32\...\Steam App 214950) (Version: - Creative Assembly)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version: - Firaxis Games)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4004414026-1949072511-525996340-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Mattia\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4004414026-1949072511-525996340-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Mattia\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4004414026-1949072511-525996340-1000_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Mattia\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4004414026-1949072511-525996340-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Mattia\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4004414026-1949072511-525996340-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Mattia\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4004414026-1949072511-525996340-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Mattia\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4004414026-1949072511-525996340-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Mattia\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4004414026-1949072511-525996340-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Mattia\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4004414026-1949072511-525996340-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Mattia\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4004414026-1949072511-525996340-1000_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Mattia\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4004414026-1949072511-525996340-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Mattia\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4004414026-1949072511-525996340-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Mattia\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4004414026-1949072511-525996340-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Mattia\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4004414026-1949072511-525996340-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Mattia\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4004414026-1949072511-525996340-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Mattia\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4004414026-1949072511-525996340-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Mattia\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4004414026-1949072511-525996340-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Mattia\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4004414026-1949072511-525996340-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Mattia\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => No File
ContextMenuHandlers01: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2015-04-26] (Apple Inc.)
ContextMenuHandlers01: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\AntiVir Desktop\shlext64.dll [2017-07-18] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers01: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal)
ContextMenuHandlers01: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers05: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-06-17] (NVIDIA Corporation)
ContextMenuHandlers06: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\AntiVir Desktop\shlext64.dll [2017-07-18] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers06: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal)
ContextMenuHandlers06: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0D917F56-CB76-4C7B-8732-326EE20A607C} - System32\Tasks\media enhance-chromeinstaller => C:\Program Files (x86)\media enhance\media enhance-chromeinstaller.exe <==== ATTENTION
Task: {122D2A0C-A7B3-4B5F-89C5-34F6321BEC51} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe
Task: {3FBFB51A-E32C-4A4C-8261-8139407A5FB0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {4085FC48-A2D3-443D-A5F3-46A6BE717DF8} - System32\Tasks\media enhance-codedownloader => C:\Program Files (x86)\media enhance\media enhance-codedownloader.exe <==== ATTENTION
Task: {5AF2BE65-2315-489F-BE33-5AA0C5516759} - System32\Tasks\media enhance-firefoxinstaller => C:\Program Files (x86)\media enhance\media enhance-firefoxinstaller.exe <==== ATTENTION
Task: {622ADBC5-1188-456E-A08A-AC22373C3C8D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4004414026-1949072511-525996340-1000UA => C:\Users\Mattia\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {821B292A-7F6A-42ED-A354-4C6C432163B4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-05-08] (Piriform Ltd)
Task: {91A6C7E1-BA30-4961-9364-260307A5B48B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-07-11] (Adobe Systems Incorporated)
Task: {934DC79B-8B47-4B2D-9B28-059BAEA00BCB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4004414026-1949072511-525996340-1000Core => C:\Users\Mattia\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {9A24AB41-F4F7-433F-8FD5-C9FE583570DA} - System32\Tasks\media enhance-enabler => C:\Program Files (x86)\media enhance\media enhance-enabler.exe <==== ATTENTION
Task: {AA98C61A-8275-43AD-B1E0-090B27FD72E9} - System32\Tasks\media enhance-updater => C:\Program Files (x86)\media enhance\media enhance-updater.exe <==== ATTENTION
Task: {D26FFE00-B636-4EF1-BF22-7502BCD4C2FE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {E6E9BEB8-12A8-4D7D-94CE-6C24349A8668} - System32\Tasks\EVGAPrecision => C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe [2013-07-18] ()

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\Mattia\Desktop\CrossLoop Connect.lnk -> C:\Users\Mattia\AppData\Local\CrossLoop\CrossLoopConnect.exe (CrossLoop) -> -ap=crossloop -port=5910 -udp=www.CrossLoop.com -webserver=server.crossloop.com -webservice=www.crossloop.com -startup=server -selftest

==================== Loaded Modules (Whitelisted) ==============

2015-07-25 19:59 - 2015-06-17 08:48 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-09-21 12:42 - 2005-03-12 01:07 - 00087040 _____ () C:\Windows\System32\pdfcmnnt.dll
2013-07-18 02:28 - 2013-07-18 02:28 - 00627016 _____ () C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe
2013-10-21 22:42 - 2008-07-11 09:04 - 00200704 ____N () C:\Windows\SysWOW64\HsMgr.exe
2013-10-21 22:42 - 2008-07-11 09:03 - 00282112 ____N () C:\Windows\system\HsMgr64.exe
2016-07-05 15:23 - 2016-07-05 15:23 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-07-05 15:23 - 2016-07-05 15:23 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-21 20:33 - 2011-12-06 03:58 - 00078448 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2013-09-21 20:33 - 2011-12-06 03:58 - 00386160 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2017-07-18 00:03 - 2016-06-15 03:14 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2017-07-18 00:03 - 2016-06-15 03:14 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2017-07-18 00:03 - 2016-06-15 03:14 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2015-12-24 20:41 - 2016-06-15 03:14 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2015-06-28 17:51 - 2015-06-28 17:51 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2017-07-18 00:03 - 2016-06-15 03:14 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2017-07-18 00:03 - 2016-06-15 03:14 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2017-07-18 00:03 - 2016-06-15 03:14 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-03-27 23:14 - 2016-06-15 03:14 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2017-07-18 00:03 - 2016-06-15 03:14 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2017-07-18 00:03 - 2016-06-15 03:14 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2017-06-26 21:19 - 2017-06-23 05:21 - 03807064 _____ () C:\Users\Mattia\AppData\Local\Google\Chrome\Application\59.0.3071.115\libglesv2.dll
2017-06-26 21:19 - 2017-06-23 05:21 - 00100184 _____ () C:\Users\Mattia\AppData\Local\Google\Chrome\Application\59.0.3071.115\libegl.dll
2013-05-15 18:49 - 2013-05-15 18:49 - 00071680 _____ () C:\Program Files (x86)\EVGA Precision X\RTMUI.dll
2013-05-15 18:48 - 2013-05-15 18:48 - 00056832 _____ () C:\Program Files (x86)\EVGA Precision X\RTFC.dll
2013-05-15 18:49 - 2013-05-15 18:49 - 00216064 _____ () C:\Program Files (x86)\EVGA Precision X\RTCore.dll
2013-05-15 18:49 - 2013-05-15 18:49 - 00127488 _____ () C:\Program Files (x86)\EVGA Precision X\RTUI.dll
2013-05-15 18:49 - 2013-05-15 18:49 - 00587776 _____ () C:\Program Files (x86)\EVGA Precision X\RTHAL.dll
2015-07-25 19:59 - 2016-06-15 03:14 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2013-09-21 11:35 - 2012-06-25 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2016-07-05 15:23 - 2016-07-05 15:23 - 01041208 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-07-05 15:24 - 2016-07-05 15:24 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-09-22 19:13 - 2008-06-19 17:35 - 00333288 _____ () C:\Program Files (x86)\Spybot - Search & Destroy\sqlite3.dll
2013-09-22 19:13 - 2008-03-04 14:52 - 00790392 _____ () C:\Program Files (x86)\Spybot - Search & Destroy\Plugins\Chai.dll
2013-09-22 19:13 - 2008-03-05 09:34 - 00795520 _____ () C:\Program Files (x86)\Spybot - Search & Destroy\Plugins\Fennel.dll
2013-09-22 19:13 - 2008-02-26 11:04 - 00717176 _____ () C:\Program Files (x86)\Spybot - Search & Destroy\Plugins\Mate.dll
2013-09-22 19:13 - 2007-12-24 01:05 - 00121344 _____ () C:\Program Files (x86)\Spybot - Search & Destroy\Plugins\TCPIPAddress.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:04EAB86F [310]
AlternateDataStreams: C:\ProgramData\TEMP:2A874675 [153]
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F [134]
AlternateDataStreams: C:\ProgramData\TEMP:31C9BA96 [250]
AlternateDataStreams: C:\ProgramData\TEMP:3ABC38E6 [302]
AlternateDataStreams: C:\ProgramData\TEMP:56699AAF [143]
AlternateDataStreams: C:\ProgramData\TEMP:569CEE83 [134]
AlternateDataStreams: C:\ProgramData\TEMP:7254CF01 [124]
AlternateDataStreams: C:\ProgramData\TEMP:869C6B4A [134]
AlternateDataStreams: C:\ProgramData\TEMP:94A31742 [286]
AlternateDataStreams: C:\ProgramData\TEMP:952245B1 [131]
AlternateDataStreams: C:\ProgramData\TEMP:98CF1A39 [131]
AlternateDataStreams: C:\ProgramData\TEMP:9BB8C675 [133]
AlternateDataStreams: C:\ProgramData\TEMP:9E3D44B7 [131]
AlternateDataStreams: C:\ProgramData\TEMP:A391510C [124]
AlternateDataStreams: C:\ProgramData\TEMP:A8185163 [135]
AlternateDataStreams: C:\ProgramData\TEMP:A9562832 [137]
AlternateDataStreams: C:\ProgramData\TEMP:AB0A5A80 [151]
AlternateDataStreams: C:\ProgramData\TEMP:B5FD4AA1 [258]
AlternateDataStreams: C:\ProgramData\TEMP:C7F08EA3 [130]
AlternateDataStreams: C:\ProgramData\TEMP:CB3667AF [268]
AlternateDataStreams: C:\ProgramData\TEMP:D4DD372D [67]
AlternateDataStreams: C:\ProgramData\TEMP:D8A1AC56 [124]
AlternateDataStreams: C:\ProgramData\TEMP:F9F58B80 [154]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4004414026-1949072511-525996340-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Mattia\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{0E7B9DC7-66A4-475D-A343-4117C665E162}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [UDP Query User{E554E055-DDAF-4095-8E14-573E3D5DFC82}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [{6D3FC9E5-10A1-4593-9F7F-0588F88FDCD1}] => (Allow) C:\Users\Mattia\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{26300C96-BB08-43AD-8534-DA5313058ACD}] => (Allow) C:\Users\Mattia\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{55E3003E-17F9-44C9-AB07-FBA12D5C1D31}] => (Allow) C:\Users\Mattia\AppData\Local\CrossLoop\vncviewer.exe
FirewallRules: [{79B7188C-F30F-4EB9-975D-9FA9FEF79AFB}] => (Allow) C:\Users\Mattia\AppData\Local\CrossLoop\vncviewer.exe
FirewallRules: [{BDDEC445-10E2-4AE4-B7B7-60B65F20BFC4}] => (Allow) C:\Users\Mattia\AppData\Local\CrossLoop\tvnserver.exe
FirewallRules: [{70C0F075-5A03-40B0-B071-790B62684BDB}] => (Allow) C:\Users\Mattia\AppData\Local\CrossLoop\tvnserver.exe
FirewallRules: [{02138578-9C1E-4E47-986A-8FDCE0A88C9E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{2CE013E1-48FF-4439-8C47-2C7F9BD0BD69}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{4EFE8E7A-C06D-48DF-B167-C45A78A42DF1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{477798F4-714A-4B4C-9627-99C733ECCF91}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{5F9567AE-DB53-40E0-8672-CD78EA3B9E79}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{8D8EDF6D-43E4-45CF-86BA-395BF5561A90}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{6C99EF0F-432E-48A0-A015-8D01FDFF770D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{FA2EE767-1ABD-402F-94E4-45E600292A38}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{528636BE-79BC-469A-BF6D-9125AEA561D2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{5A51C1D9-EF7D-4CEE-A7B2-6D12BD102BE3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{14C473AF-B798-4A74-B1E5-BF97CA142CBE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{7D23E8FD-A34E-4111-BFEE-805179EA65BC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{A14DD3DC-58A0-4F65-94CE-2DDECE1DE506}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{73CEDDB5-2EF0-4BFA-9A89-EC1BD4610516}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{8FDBFB2B-7FEB-4EE7-81AA-F01B9E1D0008}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E1A6A3C4-86D6-4DA1-8C38-642203E8A788}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B409F07C-6229-4730-9E70-75097C1B9FEC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C2C389D4-E7FB-4EE5-AEC0-62BB21830F85}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{FA786453-1779-4DA5-82D0-6545885DC723}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [TCP Query User{B377E51A-F577-4745-82F7-BD768F3422D1}C:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe] => (Block) C:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe
FirewallRules: [UDP Query User{C34DD9AB-831C-4089-BFF8-47536A8AAE5C}C:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe] => (Block) C:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe
FirewallRules: [{521E1689-6065-475B-A7DC-7DD2EA97579F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1040\Agent.exe
FirewallRules: [{C875A91A-E697-4DCF-BA3C-1F2A8C2E7F86}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1040\Agent.exe
FirewallRules: [{9D9EBC88-8184-4BD3-B9CA-2291E0908630}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{52A1A331-5E10-44F3-ABB0-6D0D2980F621}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{6615634A-6B4C-4D21-B920-E8308966097D}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [{87E361B2-64FE-4BE7-9D53-A1F6EDB4CF3A}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [TCP Query User{A51C8660-1B3C-4F1C-8752-6BE89F4AFC24}C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe] => (Block) C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [UDP Query User{B04F2DDB-73D6-4B43-8E62-6EA824D76EF2}C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe] => (Block) C:\program files (x86)\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [{575FBFA7-BB15-41BD-A539-2642977C0789}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 13\Game\fifa13.exe
FirewallRules: [{9B75E2FE-7CEF-47CC-94AA-ED1F364104FF}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 13\Game\fifa13.exe
FirewallRules: [TCP Query User{6F74F5EC-C3FC-441C-895E-50F62897A463}C:\program files (x86)\metro last light\metrollbenchmark.exe] => (Block) C:\program files (x86)\metro last light\metrollbenchmark.exe
FirewallRules: [UDP Query User{E57BF962-DBC7-432F-B50C-68FD7D8C86DB}C:\program files (x86)\metro last light\metrollbenchmark.exe] => (Block) C:\program files (x86)\metro last light\metrollbenchmark.exe
FirewallRules: [TCP Query User{F3A57BAA-F836-48E9-8E74-47C7FECCF2F8}C:\program files (x86)\bethesda softworks\dishonored\binaries\win32\dishonored.exe] => (Block) C:\program files (x86)\bethesda softworks\dishonored\binaries\win32\dishonored.exe
FirewallRules: [UDP Query User{279BF946-AAE5-4C85-BD6F-6344D70E8E5D}C:\program files (x86)\bethesda softworks\dishonored\binaries\win32\dishonored.exe] => (Block) C:\program files (x86)\bethesda softworks\dishonored\binaries\win32\dishonored.exe
FirewallRules: [{7512A157-5D2E-403B-B207-8A808C3BAA97}] => (Allow) C:\Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe
FirewallRules: [{4B6E0D15-F14E-4170-BB97-AC4A5E0351D1}] => (Allow) C:\Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe
FirewallRules: [TCP Query User{6941B087-299D-43CF-B2AC-1E8819098517}C:\program files (x86)\call of duty black ops\blackops.exe] => (Block) C:\program files (x86)\call of duty black ops\blackops.exe
FirewallRules: [UDP Query User{E7A4C74E-A775-4E82-BCE5-B38030671EAB}C:\program files (x86)\call of duty black ops\blackops.exe] => (Block) C:\program files (x86)\call of duty black ops\blackops.exe
FirewallRules: [{7DC18E29-EE12-4207-89BC-F8D2464B6BF3}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{46F5282D-14D5-4AA8-BCE5-7F10B8532CFC}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{BDA3EF07-7008-41CE-BF04-F628DBE76C08}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{73F8CA0B-C190-433B-97F0-E85D991E1449}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{D8D09C90-06CE-473F-8AB4-AF5EC048FF1F}] => (Allow) C:\Users\Mattia\Desktop\Battlefield 3\Battlefield 3™\bf3.exe
FirewallRules: [{2535B5B2-914C-4E47-9A91-76FE2DCAC6E2}] => (Allow) C:\Users\Mattia\Desktop\Battlefield 3\Battlefield 3™\bf3.exe
FirewallRules: [{308C35DA-5814-4DAE-9F58-E88B861652C3}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\Blacklist_Launcher.exe
FirewallRules: [{E85928D1-7AAA-442D-830C-FB86D0280CBC}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\Blacklist_Launcher.exe
FirewallRules: [{1935A2D1-BDED-4711-8A18-7FDE4B4E1876}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\src\SYSTEM\Blacklist_game.exe
FirewallRules: [{34A7AE18-2B85-44FE-8A9E-7C79FB7D76FB}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\src\SYSTEM\Blacklist_game.exe
FirewallRules: [{AF365505-CC00-4AC2-92D5-ADF38F8711B5}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\src\SYSTEM\Blacklist_DX11_game.exe
FirewallRules: [{DFF26F32-FA60-4837-B88B-17E86A09458E}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\src\SYSTEM\Blacklist_DX11_game.exe
FirewallRules: [{6B324CAD-A9FE-4743-A9A1-078C8FA14EA8}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\src\SYSTEM\gu.exe
FirewallRules: [{A7C860A3-C7EB-400B-AE3D-0C75B9CC4FEC}] => (Allow) C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell® Blacklist™\src\SYSTEM\gu.exe
FirewallRules: [{5FFA9B6C-AFF2-4F46-A6A1-0B64E283F82B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2328\Agent.exe
FirewallRules: [{DE47AAB3-E1EE-437B-8C84-30B20FC8EBA3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2328\Agent.exe
FirewallRules: [{6F02D84B-AE09-46E5-AF98-7D7D32D89DE1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{A7E3E620-FA26-4AA1-8D66-B67B584D91BD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{0338CB65-654C-4892-8C2F-F9B00D6F2D74}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{9F394AB2-B141-4BBF-9FCA-FB6CFA1823C8}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [TCP Query User{BE2749C8-F02E-4204-9ACE-9349CD982E7E}C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe] => (Block) C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [UDP Query User{E42B38BC-3337-448F-80C8-ADB262C3396F}C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe] => (Block) C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [TCP Query User{E5FBC704-CC2A-4529-B8EF-B03B5FE3D6B3}C:\program files\java\jre7\bin\javaw.exe] => (Block) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{43CEE155-9310-4A4B-86D1-94DFF63DA397}C:\program files\java\jre7\bin\javaw.exe] => (Block) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{D4C93145-7ED1-447D-969F-5E8EE73426BF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
FirewallRules: [{5ABA7284-30C1-4C7A-8FD3-6D2BEBC3BEB5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
FirewallRules: [{DD7F51B2-8DA8-4ADF-8AD3-1EDCC1718D76}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{6917DD5A-CCE4-40D3-8496-2E28536F9725}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [TCP Query User{B316A69F-EED7-4709-B0E9-29AF8C79DC84}C:\program files (x86)\saints row iv\saintsrowiv.exe] => (Block) C:\program files (x86)\saints row iv\saintsrowiv.exe
FirewallRules: [UDP Query User{EA249CB4-9735-4FF9-BA6E-29A9DFC1F702}C:\program files (x86)\saints row iv\saintsrowiv.exe] => (Block) C:\program files (x86)\saints row iv\saintsrowiv.exe
FirewallRules: [{609E63B2-4803-47DB-AD0C-EED496E653E7}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect\Binaries\MassEffect.exe
FirewallRules: [{2AE612D1-5B8C-46A6-ACF2-74C1584CE5B9}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect\Binaries\MassEffect.exe
FirewallRules: [{B4E19741-FCD1-4571-822E-2F5E28A8EB97}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{71F0C83A-CF84-4648-8D6D-C8D2A6396491}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{2B9EBF23-65EE-45F3-BB8A-45555121E0CB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{822BADBF-A72A-45A4-BD34-648876AE8D9D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [TCP Query User{E437157E-BCC0-4E26-A939-982E5C7A7077}C:\games\ubisoft\farcry 3\bin\farcry3.exe] => (Block) C:\games\ubisoft\farcry 3\bin\farcry3.exe
FirewallRules: [UDP Query User{3B2EE26C-90C2-4423-B717-9EFC73D0D641}C:\games\ubisoft\farcry 3\bin\farcry3.exe] => (Block) C:\games\ubisoft\farcry 3\bin\farcry3.exe
FirewallRules: [{1944DB38-CD74-4C5A-9173-A66B06FFA659}] => (Allow) C:\Users\Mattia\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{9D8898DD-EF83-42D7-B3B8-CD19F7A9456E}] => (Allow) C:\Users\Mattia\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{384F3F80-9EF1-45B7-BFFA-62D678B3AED7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{320A5CC3-F3E5-4A07-B16D-9962425C3121}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{65D03088-11EF-4C82-9B84-CB1BC087888D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{F90AEA93-1BD5-41DA-84B7-313D2F933429}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{AE7E57DD-1EBB-4AD1-8221-BAA887B6558A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{F98DF921-D1B2-4441-9A98-08399C17CFAD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{C32A566C-ED4B-4EC4-92BD-1BB80F4CF912}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{A7AE0BC9-61CC-42C6-A184-90F846ED452F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{5FFA24AC-DFD1-41D0-9E1B-94EA25E159DE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{73669827-EC22-44CF-92FA-657C23114949}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{E69FEB99-F279-4E13-B9CB-25CB1FD5DACF}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{FAE02428-CBCC-490E-8333-74A4AC4403E1}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{F0BFABED-EB2A-45A2-AFCC-03FB3D5BC2AA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{7F2C76B9-360F-45E4-A1A8-A2F32B23D043}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{272F2304-004E-4AFE-B613-56CD6CF57535}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{146D84DE-2A29-43D2-BAFE-CC93F351C51A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{A33BF1AB-8A57-4EF1-B762-37786586A992}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{32823A90-1A6E-48E3-9C26-3C3715BA205D}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{F28243DC-C4ED-4C0E-A232-C94B136D5159}C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe] => (Block) C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [UDP Query User{DF628F3B-A8F6-4D15-B91A-AA376209D756}C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe] => (Block) C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [{78E1C5BD-D685-4533-9B27-5986B78146C1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{7090CB57-9FA2-4017-9DD0-A6AE0B7371BA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{41A359F2-96CC-4EAE-9F8E-8471AECB59EA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe
FirewallRules: [{C26E793A-C648-4165-8F8E-DF5CAF63B736}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe
FirewallRules: [{3E9E4A87-B218-43ED-BB77-2D0167572753}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{2C9456CA-1C87-4DB6-8DAA-A485A0616455}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{280184DB-B4AF-432B-AE73-B680633064D7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [{1C82C5B5-A1F1-4022-93D5-0EE6FA9305C9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [TCP Query User{BAF71049-BF61-48F7-ACF7-51D503EDC9BC}C:\program files (x86)\origin games\mass effect 2\binaries\me2game.exe] => (Block) C:\program files (x86)\origin games\mass effect 2\binaries\me2game.exe
FirewallRules: [UDP Query User{21DF2E0F-0FB0-48E3-8115-71E8FB3C0FBD}C:\program files (x86)\origin games\mass effect 2\binaries\me2game.exe] => (Block) C:\program files (x86)\origin games\mass effect 2\binaries\me2game.exe
FirewallRules: [{B44C270D-8C65-4BCF-B18E-1BA788051B86}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect 3\Binaries\Win32\MassEffect3.exe
FirewallRules: [{FFCA39A6-5416-46EF-8E6E-624236F5A79D}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect 3\Binaries\Win32\MassEffect3.exe
FirewallRules: [{187475C3-703E-4F01-9010-E5209731B797}] => (Allow) C:\Program Files (x86)\The Evil Within\EvilWithin.exe
FirewallRules: [{FCDFC380-51FB-4AB9-8B43-9685E47282E1}] => (Allow) C:\Program Files (x86)\The Evil Within\EvilWithin.exe
FirewallRules: [{B5DDE519-6B8F-4A91-8585-39669597BB37}] => (Allow) C:\Program Files (x86)\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{3F5E3E03-5562-4C9C-A496-80CCAF5F8F9B}] => (Allow) C:\Program Files (x86)\Far Cry 4\bin\FarCry4.exe
FirewallRules: [TCP Query User{B93A094C-5D48-4F06-B972-50D88FD27224}C:\program files (x86)\dying light\dyinglightgame.exe] => (Block) C:\program files (x86)\dying light\dyinglightgame.exe
FirewallRules: [UDP Query User{0B11107C-11BF-463B-B02F-0C4A42C3386D}C:\program files (x86)\dying light\dyinglightgame.exe] => (Block) C:\program files (x86)\dying light\dyinglightgame.exe
FirewallRules: [TCP Query User{B4F98531-F0EA-4113-BD2F-61D3B2E51201}C:\program files (x86)\dying light\dyinglightgame-nologos.exe] => (Block) C:\program files (x86)\dying light\dyinglightgame-nologos.exe
FirewallRules: [UDP Query User{9053E3AE-F0A9-4751-A6E8-1DB69906E741}C:\program files (x86)\dying light\dyinglightgame-nologos.exe] => (Block) C:\program files (x86)\dying light\dyinglightgame-nologos.exe
FirewallRules: [{DE8F7EFE-8C62-4EBB-8A2B-FC4D9ACEB50D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{BE790356-AAEE-469C-A6E2-9D1D2EEE2AA5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{D3302FDE-A827-4FDA-A403-DAD56047886B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Lords Of The Fallen\bin\LordsOfTheFallen.exe
FirewallRules: [{D975325B-2D09-4B59-A97C-F9B7758AEFB3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Lords Of The Fallen\bin\LordsOfTheFallen.exe
FirewallRules: [{32F06315-0EA7-4B5D-B070-66C370FE22D9}] => (Allow) J:\SteamLibrary\steamapps\common\Borderlands\Binaries\Borderlands.exe
FirewallRules: [{EB02D619-EE36-4190-A5D1-6EAF28C96D4B}] => (Allow) J:\SteamLibrary\steamapps\common\Borderlands\Binaries\Borderlands.exe
FirewallRules: [TCP Query User{80382A49-B335-4091-891E-1E65DF7BC117}C:\program files (x86)\resident evil 6 repackv2\bh6.exe] => (Block) C:\program files (x86)\resident evil 6 repackv2\bh6.exe
FirewallRules: [UDP Query User{2D46F502-BC8C-4533-A76C-58961A9AAE18}C:\program files (x86)\resident evil 6 repackv2\bh6.exe] => (Block) C:\program files (x86)\resident evil 6 repackv2\bh6.exe
FirewallRules: [TCP Query User{CA1FB7E1-16E6-4671-8521-08749E500122}J:\steamlibrary\steamapps\common\total war rome ii\rome2.exe] => (Block) J:\steamlibrary\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [UDP Query User{C9CBE7CB-73A8-43AE-9FBE-34B555804AB7}J:\steamlibrary\steamapps\common\total war rome ii\rome2.exe] => (Block) J:\steamlibrary\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [{4DD0B3BB-C796-4A10-9D51-20964F991D25}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls II\Game\DarkSoulsII.exe
FirewallRules: [{9D2A1E9D-B0F7-4DA0-9F02-A3F36584DE6B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls II\Game\DarkSoulsII.exe
FirewallRules: [{C610E218-9BA2-4948-912A-3BC9D0A6A28C}] => (Allow) J:\SteamLibrary\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{5C07EC71-890F-45D3-B9DB-C6EA1A5AD42E}] => (Allow) J:\SteamLibrary\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{32666BC2-9533-493F-AC03-58BE94C3D5B3}] => (Allow) J:\SteamLibrary\steamapps\common\Batman Arkham City GOTY\Binaries\Win32\BatmanAC.exe
FirewallRules: [{AD353583-0305-402C-8E7E-2774F0919571}] => (Allow) J:\SteamLibrary\steamapps\common\Batman Arkham City GOTY\Binaries\Win32\BatmanAC.exe
FirewallRules: [{729EB84F-F2A8-495E-BFC5-B436C4EBDFF6}] => (Allow) J:\SteamLibrary\steamapps\common\Besiege\Besiege.exe
FirewallRules: [{2FE9A793-69DC-4F55-B31E-613A2D4F1BCF}] => (Allow) J:\SteamLibrary\steamapps\common\Besiege\Besiege.exe
FirewallRules: [{639A5162-4788-46ED-A3E2-BFE9A7F4C383}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{0AED32F5-64EF-44D7-8E85-E9E4C8F7848B}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{2AC5C2C6-13DD-47BB-9300-E87BDFBD2AA3}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{B773EB3E-39CB-4527-ABF5-B0EB3A1F8E80}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [TCP Query User{FC65AB15-7027-4250-AAC4-83968C8F7DD6}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{0CA715BE-A2F0-4531-B564-77D3921A274A}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [{6E1A7558-0A90-4547-A7B3-AC6AF17141C8}] => (Allow) J:\SteamLibrary\steamapps\common\Portal\hl2.exe
FirewallRules: [{ADA0A80F-97E8-4519-AC5E-FD0BEF71B2BE}] => (Allow) J:\SteamLibrary\steamapps\common\Portal\hl2.exe
FirewallRules: [{ED795A15-6A08-485C-AC4A-1E5A8EEC7313}] => (Allow) J:\SteamLibrary\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{67DEFA51-ABB0-4AF7-BEB1-F244767325BD}] => (Allow) J:\SteamLibrary\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{6AFD0446-EB6C-4527-8A5C-CE7244B5BA50}] => (Allow) J:\SteamLibrary\steamapps\common\RAGE\Rage.exe
FirewallRules: [{228FD947-F80B-46A9-81F8-13B275DFD814}] => (Allow) J:\SteamLibrary\steamapps\common\RAGE\Rage.exe
FirewallRules: [{3C46B35F-C40F-4B08-BA47-6515A2A7CF41}] => (Allow) J:\SteamLibrary\steamapps\common\RAGE\Rage64.exe
FirewallRules: [{D857C903-8626-4A78-82BF-4C3D1C5AB219}] => (Allow) J:\SteamLibrary\steamapps\common\RAGE\Rage64.exe
FirewallRules: [{803EF5A4-6202-4948-ACC4-B29E698C798A}] => (Allow) J:\SteamLibrary\steamapps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe
FirewallRules: [{A5090103-1460-4374-BA9F-8516D750BD20}] => (Allow) J:\SteamLibrary\steamapps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe
FirewallRules: [{2153FC89-330F-4942-B901-39376A3A6E1E}] => (Allow) J:\SteamLibrary\steamapps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe
FirewallRules: [{6054401A-8686-4547-9DA3-602F8BB33624}] => (Allow) J:\SteamLibrary\steamapps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe
FirewallRules: [{7254FEA2-5579-4753-A739-6AE2B02FEA21}] => (Allow) J:\SteamLibrary\steamapps\common\Chicken Invaders 5\CI5.exe
FirewallRules: [{12833733-85BA-4D7E-B9DC-26D97FA63C80}] => (Allow) J:\SteamLibrary\steamapps\common\Chicken Invaders 5\CI5.exe
FirewallRules: [{4CCEA37B-0F99-473C-9FEE-C4954CEB8DEB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D41FD601-9DEB-4DA1-8863-7AC53F3B122E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{80C1239F-B6C3-4F84-A519-FF5E8765D24F}] => (Allow) J:\SteamLibrary\steamapps\common\Darksiders\DarksidersPC.exe
FirewallRules: [{AEC99895-3831-428F-AC6D-CB4A9FC3F7D0}] => (Allow) J:\SteamLibrary\steamapps\common\Darksiders\DarksidersPC.exe
FirewallRules: [{266E3417-5C9E-4348-B7C4-09FD87903508}] => (Allow) J:\SteamLibrary\steamapps\common\Darksiders 2\Darksiders2.exe
FirewallRules: [{27379435-D630-4B81-90BF-68F9D706D7B9}] => (Allow) J:\SteamLibrary\steamapps\common\Darksiders 2\Darksiders2.exe
FirewallRules: [{ACC182C6-24B1-421A-9D26-DB7A1047B597}] => (Allow) J:\SteamLibrary\steamapps\common\Crysis 2 Game of the Year\bin32\Crysis2Launcher.exe
FirewallRules: [{02DE55C0-E0A2-49E8-A81A-C8F511CF9E40}] => (Allow) J:\SteamLibrary\steamapps\common\Crysis 2 Game of the Year\bin32\Crysis2Launcher.exe
FirewallRules: [TCP Query User{A67D087F-DB8F-4209-8F3E-8F0A46763418}J:\steamlibrary\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe] => (Block) J:\steamlibrary\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe
FirewallRules: [UDP Query User{74C4FCB9-5924-4966-9851-5A44FAF342D9}J:\steamlibrary\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe] => (Block) J:\steamlibrary\steamapps\common\crysis 2 game of the year\bin32\crysis2.exe
FirewallRules: [TCP Query User{490DA66E-9555-4867-B40E-0744342DA0B9}J:\gta5.exe] => (Block) J:\gta5.exe
FirewallRules: [UDP Query User{0AFE9211-CEE6-46C2-BFEA-36A80C503A00}J:\gta5.exe] => (Block) J:\gta5.exe
FirewallRules: [{851385FE-69E7-4559-A6A7-17E49EC140D2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{8D3170C7-E50C-4D7B-81A4-A4C1CA9A5AED}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{ACA11A88-4B55-45F7-AE4A-F4A5A4363F30}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{4EDF93AA-9017-456D-A931-2A07AD86E218}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{9F2FB279-8B48-48D3-BF99-9B16E14365FB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{DEFFF3E1-3CD9-40AC-AB6A-106BEF685364}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{027F56EB-F198-4A8E-A982-4967691DD5CC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{6E79D92D-7751-45B2-9C14-CBE6180EEBD9}J:\neverwinter\neverwinter_it\neverwinter\live\gameclient.exe] => (Block) J:\neverwinter\neverwinter_it\neverwinter\live\gameclient.exe
FirewallRules: [UDP Query User{88027630-FC0B-4CD6-AB30-7B66546D1C5B}J:\neverwinter\neverwinter_it\neverwinter\live\gameclient.exe] => (Block) J:\neverwinter\neverwinter_it\neverwinter\live\gameclient.exe
FirewallRules: [TCP Query User{E0CC83DD-E15F-4AC7-8667-38FD45040D01}J:\diablo 3\diablo iii\diablo iii.exe] => (Block) J:\diablo 3\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{F57E4C4E-FEDB-440B-9290-A2BD56C0AD6B}J:\diablo 3\diablo iii\diablo iii.exe] => (Block) J:\diablo 3\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{C0E11C54-326A-437C-9D48-181E6942AB2B}J:\steamlibrary\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe] => (Block) J:\steamlibrary\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe
FirewallRules: [UDP Query User{E51FD7CC-4B87-4CB8-B554-406BE22A4AFE}J:\steamlibrary\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe] => (Block) J:\steamlibrary\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe
FirewallRules: [{1185430C-8955-44D1-87AF-D8F63B23E3A0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3A6945B2-8076-4FEC-A6E5-4F6F35F51B81}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{BFABC72E-7793-48AC-8C3D-F4D17B5739FF}] => (Allow) J:\SteamLibrary\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{83F50537-E4EB-4813-AC1B-A92C798C7420}] => (Allow) J:\SteamLibrary\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{78A8AD67-817F-42D6-B6C9-9E823D1A8E81}] => (Allow) J:\SteamLibrary\steamapps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{D28E1FA3-FEEA-483C-B57C-EA44ED1DBE63}] => (Allow) J:\SteamLibrary\steamapps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [TCP Query User{0C4CC5D1-A989-4A8B-8811-635AC59DB259}C:\users\mattia\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\mattia\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{6DF4F967-FBEB-4108-BE3F-823EC3A8799C}C:\users\mattia\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\mattia\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [{164B47C5-2D5D-4BD8-BA91-F90FC5A32C9C}] => (Allow) J:\SteamLibrary\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{23D74D7B-9ABB-4E32-9302-9A36E8941952}] => (Allow) J:\SteamLibrary\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{0886E928-E33D-47C9-AAB8-7790AEC37F08}] => (Allow) C:\Users\Mattia\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C1A06F9B-08D4-452D-921E-72D2C2786E65}] => (Allow) C:\Users\Mattia\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A2A22AA8-9BFD-4CB3-BA32-FF6F036BEDBC}] => (Allow) C:\Users\Mattia\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{19F4A9D2-723E-4F8E-816F-DA12464D64C7}] => (Allow) C:\Users\Mattia\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{09275980-6657-4CDA-8D29-810863E1BA48}] => (Allow) C:\Users\Mattia\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{40823FCF-690A-4282-A8E0-7F68418627F4}] => (Allow) C:\Users\Mattia\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{94CE4174-CDE8-48FF-B5E2-093467E81E4C}C:\program files (x86)\starcraft ii\versions\base44983\sc2_x64.exe] => (Block) C:\program files (x86)\starcraft ii\versions\base44983\sc2_x64.exe
FirewallRules: [UDP Query User{E7063BF7-BEBA-4B72-83BF-3D429B05B786}C:\program files (x86)\starcraft ii\versions\base44983\sc2_x64.exe] => (Block) C:\program files (x86)\starcraft ii\versions\base44983\sc2_x64.exe
FirewallRules: [{C72E1130-D13E-46C0-8A18-A6BBB6AAA7A1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9F74BFF2-4B71-4018-87D1-C2414936FE4E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{91CE7EA7-BC86-416D-BFC7-EE8762054050}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9573BEC3-0F8F-408E-8857-B5317DADC674}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C3830F9B-0455-4535-8C84-4DEFC6F9348B}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{56038F7A-4A41-471D-8E38-444142605896}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{E74F0AF9-6230-4CF5-B737-03FC9C7086B9}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{CE8CFFFD-3A69-4951-BE20-FC9509EA75BC}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{23B759E6-6B9D-46DF-8C5B-C285738CE9FF}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{1FB7FAC4-9730-4D22-8388-A3457B283356}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age\bin_ship\daorigins.exe
FirewallRules: [{99703619-A987-45EA-99E6-E15FA47AD6FE}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age\bin_ship\daorigins.exe
FirewallRules: [{DF045CC6-0D9A-4DA8-BF60-11EB69B06E2F}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [{167AC5BD-3103-4BAC-8A11-F48BA0616593}] => (Allow) C:\Program Files (x86)\Origin Games\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [TCP Query User{80BF8EA1-661D-4EC5-8347-DDA8113FD6E0}C:\program files (x86)\battle.net\battle.net.8142\battle.net.exe] => (Block) C:\program files (x86)\battle.net\battle.net.8142\battle.net.exe
FirewallRules: [UDP Query User{3D519C85-536B-4707-9ED6-011F82E45740}C:\program files (x86)\battle.net\battle.net.8142\battle.net.exe] => (Block) C:\program files (x86)\battle.net\battle.net.8142\battle.net.exe
FirewallRules: [TCP Query User{48DDB107-DA7B-48C1-A816-F5944E1DFC9E}C:\program files (x86)\starcraft ii\versions\base48258\sc2_x64.exe] => (Block) C:\program files (x86)\starcraft ii\versions\base48258\sc2_x64.exe
FirewallRules: [UDP Query User{BE33FD37-11A5-4876-AFC6-E980C4B33BC6}C:\program files (x86)\starcraft ii\versions\base48258\sc2_x64.exe] => (Block) C:\program files (x86)\starcraft ii\versions\base48258\sc2_x64.exe
FirewallRules: [TCP Query User{15092526-1940-4E2E-A912-898CE2346DC4}C:\program files (x86)\starcraft ii\versions\base48645\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base48645\sc2_x64.exe
FirewallRules: [UDP Query User{52608CEE-B3F2-49D2-9A78-AE21B7B5CB0C}C:\program files (x86)\starcraft ii\versions\base48645\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base48645\sc2_x64.exe
FirewallRules: [{1216FC8C-5544-413F-9CE4-DA87B97B7D93}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{435574EB-A868-4D6B-B785-C447E25B30C0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{263C8678-435A-493D-9254-29682EB49F55}] => (Allow) J:\SteamLibrary\steamapps\common\Mad Max\MadMax.exe
FirewallRules: [{9D293872-094B-4E25-A1CF-A75F544D3A51}] => (Allow) J:\SteamLibrary\steamapps\common\Mad Max\MadMax.exe
FirewallRules: [{3598D678-E453-4896-9E34-5252A8059B18}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher.exe
FirewallRules: [{63E89934-64DA-4BD8-8944-B8A0FE67E1A9}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher.exe
FirewallRules: [{E00C232B-5CC9-4791-9458-173A7DE20DB8}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher_x86.exe
FirewallRules: [{6D86B4B3-21F2-43E8-B27B-40B80A161A1D}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher_x86.exe
FirewallRules: [{4A278076-8426-4370-9840-8C7600691618}] => (Allow) J:\SteamLibrary\steamapps\common\Zombie_Driver_HD\bin\ZombieDriverHD.exe
FirewallRules: [{BDFEA522-FD6E-450D-A456-B3D67ED0C9F0}] => (Allow) J:\SteamLibrary\steamapps\common\Zombie_Driver_HD\bin\ZombieDriverHD.exe
FirewallRules: [{BE174302-037B-43DF-8A52-CFAF861E0C8E}] => (Allow) J:\SteamLibrary\steamapps\common\Commandos Behind Enemy Lines\Legacy\Comandos.exe
FirewallRules: [{E490F61A-2D03-4927-BA6E-1636C365B6EA}] => (Allow) J:\SteamLibrary\steamapps\common\Commandos Behind Enemy Lines\Legacy\Comandos.exe
FirewallRules: [{658B1EA2-4128-4D2C-A6CE-7C127B41B993}] => (Allow) J:\SteamLibrary\steamapps\common\Soldiers Heroes of World War 2\Soldiers.exe
FirewallRules: [{70F9C72C-833E-44A6-B1AD-E28F3C97001D}] => (Allow) J:\SteamLibrary\steamapps\common\Soldiers Heroes of World War 2\Soldiers.exe
FirewallRules: [{ED5D2FA4-A0D9-4FB0-B887-BA1631C1F2AB}] => (Allow) J:\SteamLibrary\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{71499A2F-193E-42C9-BFA5-CED1521E8E94}] => (Allow) J:\SteamLibrary\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{8E7CED73-9367-4232-8A84-1440A28ABA53}] => (Allow) J:\SteamLibrary\steamapps\common\Hatred\Hatred\Binaries\HatredConfig.exe
FirewallRules: [{7256CF29-388C-4870-AF74-390AF2223920}] => (Allow) J:\SteamLibrary\steamapps\common\Hatred\Hatred\Binaries\HatredConfig.exe
FirewallRules: [TCP Query User{2CD715BB-4B4F-46CC-87ED-4A38E378A9D0}J:\steamlibrary\steamapps\common\hatred\hatred\binaries\win64\hatred-win64-shipping.exe] => (Block) J:\steamlibrary\steamapps\common\hatred\hatred\binaries\win64\hatred-win64-shipping.exe
FirewallRules: [UDP Query User{48DF1259-F069-4E3C-A6B6-A077F95DB7FB}J:\steamlibrary\steamapps\common\hatred\hatred\binaries\win64\hatred-win64-shipping.exe] => (Block) J:\steamlibrary\steamapps\common\hatred\hatred\binaries\win64\hatred-win64-shipping.exe
FirewallRules: [TCP Query User{75C24D53-E356-4353-8CAB-2B6AD91B0227}C:\program files (x86)\starcraft ii\versions\base54518\sc2_x64.exe] => (Block) C:\program files (x86)\starcraft ii\versions\base54518\sc2_x64.exe
FirewallRules: [UDP Query User{663993C6-7E2A-4D87-8754-A0C8BABFFE04}C:\program files (x86)\starcraft ii\versions\base54518\sc2_x64.exe] => (Block) C:\program files (x86)\starcraft ii\versions\base54518\sc2_x64.exe

==================== Restore Points =========================

19-07-2017 10:19:32 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/10/2017 08:42:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome dell'applicazione che ha generato l'errore: XONARU3AUDIOCENTER.EXE, versione: 0.3.0.35, timestamp: 0x4d2e6eca
Nome del modulo che ha generato l'errore: XONARU3AUDIOCENTER.EXE, versione: 0.3.0.35, timestamp: 0x4d2e6eca
Codice eccezione: 0xc0000005
Offset errore 0x000b646d
ID processo che ha generato l'errore: 0xdf0
Ora di avvio dell'applicazione che ha generato l'errore: 0x01d26b0cb4c58870
Percorso dell'applicazione che ha generato l'errore: C:\Program Files\ASUS Xonar U3 Audio\customapp\program\XONARU3AUDIOCENTER.EXE
Percorso del modulo che ha generato l'errore: C:\Program Files\ASUS Xonar U3 Audio\customapp\program\XONARU3AUDIOCENTER.EXE
ID segnalazione: fb761a1a-d6ff-11e6-bb56-50465d67b077

Error: (12/02/2016 11:35:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome dell'applicazione che ha generato l'errore: XORNET_I.EXE, versione: 1.0.1.0, timestamp: 0x561785ef
Nome del modulo che ha generato l'errore: XORNET_I.EXE, versione: 1.0.1.0, timestamp: 0x561785ef
Codice eccezione: 0xc0000005
Offset errore 0x0001099b
ID processo che ha generato l'errore: 0x145c
Ora di avvio dell'applicazione che ha generato l'errore: 0x01d24ce3f4f0615b
Percorso dell'applicazione che ha generato l'errore: L:\XORNET_I.00\XORNET_I.EXE
Percorso del modulo che ha generato l'errore: L:\XORNET_I.00\XORNET_I.EXE
ID segnalazione: 32aed677-b8d7-11e6-99a7-50465d67b077

Error: (12/02/2016 11:34:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome dell'applicazione che ha generato l'errore: XORNET_I.EXE, versione: 1.0.1.0, timestamp: 0x561785ef
Nome del modulo che ha generato l'errore: XORNET_I.EXE, versione: 1.0.1.0, timestamp: 0x561785ef
Codice eccezione: 0xc0000005
Offset errore 0x0001099b
ID processo che ha generato l'errore: 0x115c
Ora di avvio dell'applicazione che ha generato l'errore: 0x01d24ce3ee2def44
Percorso dell'applicazione che ha generato l'errore: L:\XORNET_I.00\XORNET_I.EXE
Percorso del modulo che ha generato l'errore: L:\XORNET_I.00\XORNET_I.EXE
ID segnalazione: 2c4b4ea4-b8d7-11e6-99a7-50465d67b077

Error: (11/26/2016 05:07:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome dell'applicazione che ha generato l'errore: steamwebhelper.exe, versione: 3.65.13.80, timestamp: 0x57fed9f2
Nome del modulo che ha generato l'errore: steamwebhelper.exe, versione: 3.65.13.80, timestamp: 0x57fed9f2
Codice eccezione: 0xc0000005
Offset errore 0x00037b59
ID processo che ha generato l'errore: 0xfe4
Ora di avvio dell'applicazione che ha generato l'errore: 0x01d247f6b946c473
Percorso dell'applicazione che ha generato l'errore: C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe
Percorso del modulo che ha generato l'errore: C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe
ID segnalazione: 092033cb-b3ea-11e6-b699-50465d67b077

Error: (11/13/2016 01:30:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome dell'applicazione che ha generato l'errore: steamwebhelper.exe, versione: 3.65.13.80, timestamp: 0x57fed9f2
Nome del modulo che ha generato l'errore: steamwebhelper.exe, versione: 3.65.13.80, timestamp: 0x57fed9f2
Codice eccezione: 0xc0000005
Offset errore 0x00037b59
ID processo che ha generato l'errore: 0x1430
Ora di avvio dell'applicazione che ha generato l'errore: 0x01d23d15a1eeee90
Percorso dell'applicazione che ha generato l'errore: C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe
Percorso del modulo che ha generato l'errore: C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe
ID segnalazione: f2b729ad-a92f-11e6-ba0d-50465d67b077

Error: (10/27/2016 11:31:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome dell'applicazione che ha generato l'errore: NvBackend.exe, versione: 20.14.1.0, timestamp: 0x568e3f71
Nome del modulo che ha generato l'errore: NvBackend.exe, versione: 20.14.1.0, timestamp: 0x568e3f71
Codice eccezione: 0xc0000005
Offset errore 0x0009a323
ID processo che ha generato l'errore: 0xa0c
Ora di avvio dell'applicazione che ha generato l'errore: 0x01d2303453f887b1
Percorso dell'applicazione che ha generato l'errore: C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
Percorso del modulo che ha generato l'errore: C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
ID segnalazione: c532cad9-9c8c-11e6-92a6-50465d67b077

Error: (09/02/2016 10:06:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome dell'applicazione che ha generato l'errore: Setup.exe_Microsoft Setup Bootstrapper, versione: 14.0.4755.1000, timestamp: 0x4b989df1
Nome del modulo che ha generato l'errore: ole32.dll, versione: 6.1.7601.17514, timestamp: 0x4ce7b96f
Codice eccezione: 0xc0000005
Offset errore 0x0003bc21
ID processo che ha generato l'errore: 0x171c
Ora di avvio dell'applicazione che ha generato l'errore: 0x01d2055584df059c
Percorso dell'applicazione che ha generato l'errore: C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exe
Percorso del modulo che ha generato l'errore: C:\Windows\syswow64\ole32.dll
ID segnalazione: c76c3c50-7148-11e6-839c-50465d67b077

Error: (06/08/2016 07:49:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome dell'applicazione che ha generato l'errore: XONARU3AUDIOCENTER.EXE, versione: 0.3.0.35, timestamp: 0x4d2e6eca
Nome del modulo che ha generato l'errore: XONARU3AUDIOCENTER.EXE, versione: 0.3.0.35, timestamp: 0x4d2e6eca
Codice eccezione: 0xc0000005
Offset errore 0x000b646d
ID processo che ha generato l'errore: 0xbcc
Ora di avvio dell'applicazione che ha generato l'errore: 0x01d1c1ae23fbe0ff
Percorso dell'applicazione che ha generato l'errore: C:\Program Files\ASUS Xonar U3 Audio\customapp\program\XONARU3AUDIOCENTER.EXE
Percorso del modulo che ha generato l'errore: C:\Program Files\ASUS Xonar U3 Audio\customapp\program\XONARU3AUDIOCENTER.EXE
ID segnalazione: 6acd7a56-2da1-11e6-9604-50465d67b077

Error: (06/01/2016 04:51:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome dell'applicazione che ha generato l'errore: Explorer.EXE, versione: 6.1.7601.17514, timestamp: 0x4ce7a144
Nome del modulo che ha generato l'errore: ntdll.dll, versione: 6.1.7601.17514, timestamp: 0x4ce7c8f9
Codice eccezione: 0xc0000374
Offset errore 0x00000000000c40f2
ID processo che ha generato l'errore: 0x838
Ora di avvio dell'applicazione che ha generato l'errore: 0x01d1bbb6c57c7139
Percorso dell'applicazione che ha generato l'errore: C:\Windows\Explorer.EXE
Percorso del modulo che ha generato l'errore: C:\Windows\SYSTEM32\ntdll.dll
ID segnalazione: 57edbda3-2808-11e6-ad4e-50465d67b077

Error: (05/22/2016 11:25:06 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Il programma uTorrent.exe versione 3.4.5.41202 non interagisce più con Windows ed è stato chiuso. Per vedere se sono disponibili ulteriori informazioni sul problema, verificare la cronologia del problema in Centro operativo nel Pannello di controllo.

ID processo: bd8

Ora di avvio: 01d1b40bc9dcda2f

Ora di chiusura: 14

Percorso applicazione: C:\Users\Mattia\AppData\Roaming\uTorrent\uTorrent.exe

ID segnalazione: 10ae9c13-1fff-11e6-984d-50465d67b077


System errors:
=============
Error: (07/19/2017 08:02:42 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Servizio Avira Mail Protection terminato. Errore specifico del servizio Funzione non corretta.
.

Error: (07/19/2017 08:02:41 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Servizio Avira Mail Protection bloccato in partenza.

Error: (07/19/2017 08:01:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Il servizio Origin Web Helper Service non è stato avviato per il seguente errore:
Il servizio non ha risposto alla richiesta di avvio o controllo nel tempo previsto.

Error: (07/19/2017 08:01:20 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Timeout (30000 millisecondi) durante l'attesa della connessione del servizio Origin Web Helper Service.

Error: (07/19/2017 07:59:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Il servizio Intel(R) Management and Security Application Local Management Service non è stato avviato per il seguente errore:
Pipe terminata.

Error: (07/19/2017 07:59:35 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Il servizio Windows Search è stato arrestato in modo imprevisto. Questo problema si è verificato 1 volta/e. Le seguenti azioni di correzione saranno eseguite tra 30000 millisecondi: Restart the service.

Error: (07/19/2017 07:59:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Arresto imprevista del servizio NVIDIA GeForce Experience Service. Questo evento si è già verificato 1 volta(e).

Error: (07/19/2017 07:59:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Arresto imprevista del servizio NVIDIA Streamer Network Service. Questo evento si è già verificato 1 volta(e).

Error: (07/19/2017 07:59:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Arresto imprevista del servizio Intel(R) Management and Security Application User Notification Service. Questo evento si è già verificato 1 volta(e).

Error: (07/19/2017 07:59:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Arresto imprevista del servizio Servizio iPod. Questo evento si è già verificato 1 volta(e).


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz
Percentage of memory in use: 34%
Total physical RAM: 8143.84 MB
Available physical RAM: 5330.83 MB
Total Virtual: 16285.88 MB
Available Virtual: 13174.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:81.54 GB) NTFS
Drive j: () (Fixed) (Total:931.51 GB) (Free:364.46 GB) NTFS
Drive k: (CASTOR Software) (CDROM) (Total:0.04 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: BABB9C48)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 72C96C6F)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
 
Io continuo a postare i log, ma gli antivirus non rilevano nient'altro. Disinstallando quell'estensione SEMBRA essersi risolto il problema, ma non me le faceva vedere prima senza chiudere quello strano processo dal Task Manager perchè ero sicuro fosse qualcosa del genere infatti è stata la prima cosa che ho controllato. Purtroppo ho avuto a che fare diverse volte con estensioni malevole che si sono installate da sole però non mi era mai capitata una cosa del genere

EDIT : scusate il macello e il mio scarso italiano, ma ho scritto tutto di botto perchè stavo facendo mille cose insieme nel tentativo di trovare la soluzione e non dover buttare il PC :D
Speriamo sta roba non abbia fatto danno visto che sta installata da 2 giorni .....
 
IoSonoLeggenda ha detto:
Forse ho trovato ragazzi porca trota.

Quell'estensione sospetta appena l'ho chiusa dal Task Manager mi ha fatto accedere alla sezione "Estensioni" dove prima non mi faceva vedere le estensioni installate, come se ci fosse un blocco.

Mi compare sta cosa adesso, credo sia quello che mi sta causando danni :

Clicca per espandere...
e quella mer** eliminala
 
Pubblicità
Pubblicità
Indietro
Top