Toggle sidebar Toggle sidebar

PROBLEMA PC INFETTO DA RAMNIT

O

oslo1

Nuovo Utente
148
9
CPU
Ryzen 5 2600
Dissipatore
ARCTIC Freezer 34 eSports DUO
Scheda Madre
Asus TUF Gaming B450-Pro
HDD
870 EVO
RAM
QUMOX
GPU
MSI RX 580 Armor
Monitor
Acer XF240H
PSU
Corsair CX450
Case
Fractal Design Meshify C
Salve a tutti, ieri sera ho aggiornato il pc da win 7 a win 10 e oggi andando ad accendere ho fatto una scansione con win defender, e mi ha trovato numerosissimi virus ramnit.. una cosa incredibile, come aprivo google chrome mi trovava 5-10 virus, poi aprivo steam me ne trovava altri, aprivo un altro programma e me ne trovava altri ancora. Non voglio formattare il PC visto che ho moltissimi dati che faticherei a portare tutti su chiavetta (e mettendo caso che anche quelli poi sono infetti non mi cambia un *****, visto che poi il virus continuerebbe a propagarsi anche dopo la formattazione). Come posso fare a rimuovere questo maledetto ramnit dal mio PC?
a53da308c1d6a3ea2020e6847bd8aac8.png
 
menatwork

menatwork

Utente Attivo
1,303
232
prova a fare un ripristino e vedi se risolvi, se non riesci fai questa scansione

scarica combofix sul desktop

alla richiesta se vuoi installare la recovery console clicca su NO

esegui ComboFix.exe

segui le instruzioni

finita la scansione portati in C:\ e allega nella tua prossima risposta, il contenuto del file di testo Combofix.txt
 
O

oslo1

Nuovo Utente
148
9
CPU
Ryzen 5 2600
Dissipatore
ARCTIC Freezer 34 eSports DUO
Scheda Madre
Asus TUF Gaming B450-Pro
HDD
870 EVO
RAM
QUMOX
GPU
MSI RX 580 Armor
Monitor
Acer XF240H
PSU
Corsair CX450
Case
Fractal Design Meshify C
non me lo fa avviare, dice che non è supportato per win 10 D:
 
menatwork

menatwork

Utente Attivo
1,303
232
vero non ricordavo :grat:.....fai questa scansione

scarica farbar-recovery e mettilo sul desktop


Devi scaricare la versione(32 o 64 bit) compatibile con il tuo sistema)

Avvialo e clicca su yes quando ti chiede di accettare le condizioni

Clicca su SCAN

Una volta terminata la scansione il tool creerà nella stessa directory di dove è posizionato FRST due log FRST.txt e Addition.txt

Allegali nella tua prossima risposta
 
O

oslo1

Nuovo Utente
148
9
CPU
Ryzen 5 2600
Dissipatore
ARCTIC Freezer 34 eSports DUO
Scheda Madre
Asus TUF Gaming B450-Pro
HDD
870 EVO
RAM
QUMOX
GPU
MSI RX 580 Armor
Monitor
Acer XF240H
PSU
Corsair CX450
Case
Fractal Design Meshify C
FRST.txt:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:05-03-2016 01Ran by Rob (administrator) on COMPUTERNABBO (18-03-2016 12:04:35)
Running from C:\Users\Rob\Downloads
Loaded Profiles: Rob (Available Profiles: Rob)
Platform: Microsoft Windows 10 Home Version 1511 (X86) Language: Italiano (Italia)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials


==================== Processes (Whitelisted) =================


(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)


(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.29.5\GoogleCrashHandler.ex e
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Nota Inc.) C:\Program Files\Gyazo\GyStation.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw 5n1h2txyewy\RemindersServer.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Telegram Messenger LLP) C:\Users\Rob\AppData\Roaming\Telegram Desktop\Telegram.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Valve Corporation) C:\Program Files\Steam\Steam.exe
(Valve Corporation) C:\Program Files\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files\Steam\bin\steamwebhelper.exe
() C:\Users\Rob\Desktop\Applicazioni\Giochi\Rockstar games\Gta San Andreas a\samp.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0 _x86__8wekyb3d8bbwe\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\backgroundTaskHost.exe




==================== Registry (Whitelisted) ===========================


(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)


HKLM\...\Run: [MRT] => C:\WINDOWS\system32\MRT.exe [141270216 2016-03-18] (Microsoft Corporation)
HKU\S-1-5-21-4065476890-3613898036-4242967038-1000\...\Run: [Gyazo] => C:\Program Files\Gyazo\GyStation.exe [3586848 2016-02-17] (Nota Inc.)
HKU\S-1-5-21-4065476890-3613898036-4242967038-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [50605696 2016-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-4065476890-3613898036-4242967038-1000\...\RunOnce: [Uninstall C:\Users\Rob\AppData\Local\Microsoft\OneDrive\17.3 .5892.0626] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Rob\AppData\Local\Microsoft\OneDrive\17.3 .5892.0626"


==================== Internet (Whitelisted) ====================


(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)


ProxyServer: [S-1-5-21-4065476890-3613898036-4242967038-1000] => 88.149.221.35:80
AutoConfigURL: [S-1-5-21-4065476890-3613898036-4242967038-1000] => 88.149.221.35:80
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{90d2c7a2-ced5-4c48-bd5e-171057577e1f}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{F79825C2-F5DA-4BA0-B32C-1CE09871F886}: [DhcpNameServer] 172.18.15.1


Internet Explorer:
==================
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_72\bin\ssv.dll [2016-02-21] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_72\bin\jp2ssv.dll [2016-02-21] (Oracle Corporation)


FireFox:
========
FF Plugin: @<a href="http://www.tomshw.it/forum/members/java-52816.html" target="_blank">java</a>.com/DTPlugin,version=11.72.2 -> C:\Program Files\Java\jre1.8.0_72\bin\dtplugin\npDeployJava1. dll [2016-02-21] (Oracle Corporation)
FF Plugin: @<a href="http://www.tomshw.it/forum/members/java-52816.html" target="_blank">java</a>.com/JavaPlugin,version=11.72.2 -> C:\Program Files\Java\jre1.8.0_72\bin\plugin2\npjp2.dll [2016-02-21] (Oracle Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-11-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4065476890-3613898036-4242967038-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Rob\AppData\LocalLow\Unity\WebPlayer\load er\npUnity3D32.dll [2015-12-17] (Unity Technologies ApS)


Chrome:
=======
CHR HomePage: Default -> hxxp://www.msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=it-it
CHR StartupUrls: Default -> "hxxps://www.google.it/"
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR Profile: C:\Users\Rob\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Presentazioni Google) - C:\Users\Rob\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhon fmgoek [2015-09-12]
CHR Extension: (Documenti Google) - C:\Users\Rob\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfi lokake [2015-09-12]
CHR Extension: (Google Drive) - C:\Users\Rob\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigk jlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Rob\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldk acnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\Rob\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljnie djpjpf [2015-10-27]
CHR Extension: (Fogli Google) - C:\Users\Rob\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpeb giejap [2015-09-12]
CHR Extension: (Google Documenti offline) - C:\Users\Rob\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdl olhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Users\Rob\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbi glidom [2016-03-18]
CHR Extension: (WhatFont) - C:\Users\Rob\AppData\Local\Google\Chrome\User Data\Default\Extensions\jabopobgcpjmedljpbcaablpml mfcogm [2015-10-18]
CHR Extension: (Facebook Flat — New Design & AdBlock) - C:\Users\Rob\AppData\Local\Google\Chrome\User Data\Default\Extensions\kadbillinepbjlgenaliokdhej dmmlgp [2016-02-14]
CHR Extension: (Pagamenti Chrome Web Store) - C:\Users\Rob\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccm gmieda [2015-09-12]
CHR Extension: (TunnelBear VPN) - C:\Users\Rob\AppData\Local\Google\Chrome\User Data\Default\Extensions\omdakjcmkglenbhjadbccaookp fjihpa [2016-02-12]
CHR Extension: (Proxy SwitchyOmega) - C:\Users\Rob\AppData\Local\Google\Chrome\User Data\Default\Extensions\padekgcemlokbadohgkifijomc lgjgif [2016-03-18]
CHR Extension: (Gmail) - C:\Users\Rob\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoe jaedia [2015-09-12]
CHR HKU\S-1-5-21-4065476890-3613898036-4242967038-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\ Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx


==================== Services (Whitelisted) ========================


(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


S2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [65128 2016-01-11] (CyberGhost S.R.L)
S4 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
S4 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S4 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S4 UpdateCenterService; C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe [121376 2009-01-07] (NVIDIA)
R2 VIAKaraokeService; C:\WINDOWS\system32\viakaraokesrv.exe [36504 2015-06-22] (VIA Technologies, Inc.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [280376 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23256 2015-10-30] (Microsoft Corporation)


===================== Drivers (Whitelisted) ==========================


(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


S1 axplhvru; C:\WINDOWS\system32\drivers\axplhvru.sys [48896 2016-03-17] (Microsoft Corporation)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2015-12-25] (REALiX(tm))
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation)
R3 MTsensor; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [13216 2015-12-25] ()
R3 netr28u; C:\WINDOWS\System32\drivers\netr28u.sys [1800704 2015-10-30] (MediaTek Inc.)
R2 NVR0FLASHDev; C:\Windows\nvflash.sys [36896 2009-01-07] (NVIDIA Corp.)
R3 SCREAMINGBDRIVER; C:\WINDOWS\system32\drivers\ScreamingBAudio.sys [34896 2012-07-31] (Screaming Bee LLC)
R3 tap-tb-0901; C:\WINDOWS\System32\drivers\tap-tb-0901.sys [33280 2015-08-10] (The OpenVPN Project)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [35288 2013-08-22] (The OpenVPN Project)
R3 VIAHdAudAddService; C:\WINDOWS\system32\drivers\viahduaa.sys [575184 2015-06-22] (VIA Technologies, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [37400 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [246104 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [98648 2015-10-30] (Microsoft Corporation)
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath


==================== NetSvcs (Whitelisted) ===================


(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)




==================== One Month Created files and folders ========


(If an entry is included in the fixlist, the file/folder will be moved.)


2016-03-18 12:04 - 2016-03-18 12:04 - 00011262 _____ C:\Users\Rob\Downloads\FRST.txt
2016-03-18 12:04 - 2016-03-18 12:04 - 00000000 ____D C:\FRST
2016-03-18 12:03 - 2016-03-18 12:04 - 01725440 _____ (Farbar) C:\Users\Rob\Downloads\FRST.exe
2016-03-18 12:02 - 2016-03-18 12:02 - 00000000 ____D C:\Users\Rob\AppData\Local\ElevatedDiagnostics
2016-03-18 11:19 - 2016-03-18 11:20 - 05658396 _____ (Swearware) C:\Users\Rob\Downloads\ComboFix.exe
2016-03-18 10:13 - 2016-03-18 10:18 - 62971063 _____ C:\Users\Rob\Downloads\directx_Jun2010_redist.exe
2016-03-18 10:11 - 2016-03-18 10:11 - 141270216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-03-18 10:11 - 2016-03-18 10:11 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-03-18 10:07 - 2016-03-18 10:08 - 00292184 _____ (Microsoft Corporation) C:\Users\Rob\Downloads\dxwebsetup.exe
2016-03-18 09:55 - 2016-03-18 10:09 - 00000000 ____D C:\WINDOWS\system32\directx
2016-03-18 09:51 - 2016-03-18 09:51 - 00065663 _____ C:\Users\Rob\Downloads\eax.dll por alexisflow99.rar
2016-03-18 09:51 - 2016-03-18 09:51 - 00014771 _____ C:\Users\Rob\Downloads\ogg.dll por alexisflow99.rar
2016-03-18 09:49 - 2016-03-18 09:49 - 00060774 _____ C:\Users\Rob\Downloads\silents_asi_loader_13 (4).zip
2016-03-18 09:11 - 2015-10-29 19:42 - 05739520 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2016-03-18 09:11 - 2015-10-29 19:41 - 02629632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2016-03-18 09:11 - 2015-10-29 19:24 - 04847616 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2016-03-18 09:07 - 2016-03-18 09:07 - 00001051 _____ C:\Users\Rob\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Funzionalità facoltative.lnk
2016-03-18 09:05 - 2016-03-18 09:05 - 00002095 _____ C:\Users\Rob\Desktop\Telegram.lnk
2016-03-18 08:56 - 2016-03-18 11:11 - 00000000 ____D C:\Users\Rob\AppData\Local\MicrosoftEdge
2016-03-18 08:55 - 2016-03-18 08:55 - 00000000 ____D C:\Users\Rob\AppData\Local\NetworkTiles
2016-03-18 08:53 - 2016-03-18 08:54 - 00000000 ____D C:\Users\Rob\AppData\Local\Comms
2016-03-18 00:03 - 2016-03-18 08:52 - 00002450 _____ C:\Users\Rob\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\OneDrive.lnk
2016-03-18 00:03 - 2016-03-18 08:52 - 00000000 ___RD C:\Users\Rob\OneDrive
2016-03-17 23:58 - 2016-03-17 23:58 - 00000000 ____D C:\Users\Rob\AppData\Local\ActiveSync
2016-03-17 23:56 - 2016-03-17 23:56 - 00000000 ____D C:\Users\Rob\AppData\Local\Publishers
2016-03-17 23:55 - 2016-03-17 23:55 - 00048896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\axplhvru.sys
2016-03-17 23:54 - 2016-03-18 11:08 - 00000000 ____D C:\Users\Rob\AppData\Local\Packages
2016-03-17 23:54 - 2016-03-17 23:54 - 00000020 ___SH C:\Users\Rob\ntuser.ini
2016-03-17 23:54 - 2016-03-17 23:54 - 00000000 ____D C:\Users\Rob\AppData\Local\TileDataLayer
2016-03-17 23:51 - 2016-03-17 23:51 - 00000000 _SHDL C:\Users\Default\Risorse di stampa
2016-03-17 23:51 - 2016-03-17 23:51 - 00000000 _SHDL C:\Users\Default\Risorse di rete
2016-03-17 23:51 - 2016-03-17 23:51 - 00000000 _SHDL C:\Users\Default\Recenti
2016-03-17 23:51 - 2016-03-17 23:51 - 00000000 _SHDL C:\Users\Default\Modelli
2016-03-17 23:51 - 2016-03-17 23:51 - 00000000 _SHDL C:\Users\Default\Menu Avvio
2016-03-17 23:51 - 2016-03-17 23:51 - 00000000 _SHDL C:\Users\Default\Impostazioni locali
2016-03-17 23:51 - 2016-03-17 23:51 - 00000000 _SHDL C:\Users\Default\Documents\Video
2016-03-17 23:51 - 2016-03-17 23:51 - 00000000 _SHDL C:\Users\Default\Documents\Musica
2016-03-17 23:51 - 2016-03-17 23:51 - 00000000 _SHDL C:\Users\Default\Documents\Immagini
2016-03-17 23:51 - 2016-03-17 23:51 - 00000000 _SHDL C:\Users\Default\Documenti
2016-03-17 23:51 - 2016-03-17 23:51 - 00000000 _SHDL C:\Users\Default\Dati applicazioni
2016-03-17 23:51 - 2016-03-17 23:51 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows \Start Menu\Programmi
2016-03-17 23:51 - 2016-03-17 23:51 - 00000000 _SHDL C:\Users\Default\AppData\Local\Dati applicazioni
2016-03-17 23:51 - 2016-03-17 23:51 - 00000000 _SHDL C:\Users\Default\AppData\Local\Cronologia
2016-03-17 23:51 - 2016-03-17 23:51 - 00000000 _SHDL C:\Users\Default User\Documents\Video
2016-03-17 23:51 - 2016-03-17 23:51 - 00000000 _SHDL C:\Users\Default User\Documents\Musica
2016-03-17 23:51 - 2016-03-17 23:51 - 00000000 _SHDL C:\Users\Default User\Documents\Immagini
2016-03-17 23:51 - 2016-03-17 23:51 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programmi
2016-03-17 23:51 - 2016-03-17 23:51 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Dati applicazioni
2016-03-17 23:51 - 2016-03-17 23:51 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Cronologia
2016-03-17 23:49 - 2016-03-17 23:49 - 00021500 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-03-17 23:39 - 2016-03-17 23:39 - 00001544 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-03-17 23:39 - 2016-03-17 23:39 - 00000000 ____D C:\Users\Default\AppData\Roaming\Media Center Programs
2016-03-17 23:39 - 2016-03-17 23:39 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Media Center Programs
2016-03-17 23:37 - 2016-03-17 23:37 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2016-03-17 23:33 - 2016-03-18 09:13 - 00000000 ____D C:\Users\Rob
2016-03-17 23:33 - 2016-03-17 23:33 - 00000000 _SHDL C:\Users\Rob\Risorse di stampa
2016-03-17 23:33 - 2016-03-17 23:33 - 00000000 _SHDL C:\Users\Rob\Risorse di rete
2016-03-17 23:33 - 2016-03-17 23:33 - 00000000 _SHDL C:\Users\Rob\Recenti
2016-03-17 23:33 - 2016-03-17 23:33 - 00000000 _SHDL C:\Users\Rob\Modelli
2016-03-17 23:33 - 2016-03-17 23:33 - 00000000 _SHDL C:\Users\Rob\Menu Avvio
2016-03-17 23:33 - 2016-03-17 23:33 - 00000000 _SHDL C:\Users\Rob\Impostazioni locali
2016-03-17 23:33 - 2016-03-17 23:33 - 00000000 _SHDL C:\Users\Rob\Documents\Video
2016-03-17 23:33 - 2016-03-17 23:33 - 00000000 _SHDL C:\Users\Rob\Documents\Musica
2016-03-17 23:33 - 2016-03-17 23:33 - 00000000 _SHDL C:\Users\Rob\Documents\Immagini
2016-03-17 23:33 - 2016-03-17 23:33 - 00000000 _SHDL C:\Users\Rob\Documenti
2016-03-17 23:33 - 2016-03-17 23:33 - 00000000 _SHDL C:\Users\Rob\Dati applicazioni
2016-03-17 23:33 - 2016-03-17 23:33 - 00000000 _SHDL C:\Users\Rob\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programmi
2016-03-17 23:33 - 2016-03-17 23:33 - 00000000 _SHDL C:\Users\Rob\AppData\Local\Dati applicazioni
2016-03-17 23:33 - 2016-03-17 23:33 - 00000000 _SHDL C:\Users\Rob\AppData\Local\Cronologia
2016-03-17 23:31 - 2016-03-18 08:53 - 02067418 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-17 23:28 - 2016-03-17 23:37 - 00000000 ____D C:\ProgramData\NVIDIA
2016-03-17 23:27 - 2016-03-17 23:37 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-03-17 23:27 - 2016-03-17 23:27 - 00000000 ____D C:\WINDOWS\system32\SRSLabs
2016-03-17 23:27 - 2016-03-17 23:27 - 00000000 ____D C:\Program Files\VIA
2016-03-17 23:27 - 2015-10-13 17:47 - 04388016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-03-17 23:27 - 2015-10-13 17:47 - 03060912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc.dll
2016-03-17 23:27 - 2015-10-13 17:47 - 02553520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-03-17 23:27 - 2015-10-13 17:47 - 00670512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-03-17 23:27 - 2015-10-13 17:47 - 00374904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-03-17 23:27 - 2015-10-13 17:47 - 00061560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-03-17 23:27 - 2015-10-13 15:55 - 05972783 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-03-17 23:26 - 2016-03-17 23:37 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-03-17 23:26 - 2016-03-17 23:26 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_ 00.Wdf
2016-03-17 23:24 - 2016-03-17 23:54 - 00000000 ___DC C:\WINDOWS\Panther
2016-03-17 23:18 - 2016-03-17 23:18 - 00000000 ____D C:\Windows.old
2016-03-17 23:17 - 2016-03-17 23:17 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-03-17 23:15 - 2016-03-17 23:15 - 00000000 ____D C:\WINDOWS\system32\XPSViewer
2016-03-17 23:15 - 2016-03-17 23:15 - 00000000 ____D C:\WINDOWS\system32\msmq
2016-03-17 23:15 - 2016-03-17 23:15 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2016-03-17 23:15 - 2016-03-17 23:15 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-03-17 23:15 - 2016-03-17 23:15 - 00000000 ____D C:\Program Files\MSBuild
2016-03-17 23:15 - 2016-03-17 23:15 - 00000000 ____D C:\inetpub
2016-03-17 23:14 - 2016-03-17 23:14 - 00942592 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-03-17 23:14 - 2016-03-17 23:14 - 00279376 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-03-17 23:14 - 2016-03-17 23:14 - 00228704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-03-17 23:14 - 2016-03-17 23:14 - 00153952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-03-17 23:14 - 2015-10-23 17:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-03-17 23:14 - 2015-10-23 17:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNativ e_v0300.dll
2016-03-17 23:14 - 2015-10-23 17:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-03-17 22:34 - 2015-10-30 06:45 - 00000001 ___SH C:\BOOTNXT
2016-03-17 22:29 - 2016-03-17 23:50 - 00010449 _____ C:\WINDOWS\diagerr.xml
2016-03-17 22:29 - 2016-03-17 23:50 - 00009528 _____ C:\WINDOWS\diagwrn.xml
2016-03-16 17:27 - 2016-03-16 17:27 - 00000000 ____D C:\Users\Rob\AppData\Local\My Games
2016-03-15 18:47 - 2016-03-15 18:47 - 00000214 _____ C:\Users\Rob\Desktop\Sid Meier's Civilization V.url
2016-03-15 18:32 - 2016-03-15 18:32 - 00000000 ____D C:\Users\Rob\AppData\LocalLow\WARTEAM
2016-03-13 18:44 - 2016-03-13 18:44 - 00000000 ____D C:\Users\Rob\Downloads\backup_1457545003_9055e521a 188ddce.sql
2016-03-13 18:44 - 2016-03-09 18:37 - 25602120 _____ C:\Users\Rob\Desktop\backup_1457545003_9055e521a18 8ddce.sql
2016-03-13 15:10 - 2016-03-13 15:10 - 00267174 _____ C:\Users\Rob\Desktop\Nuova immagine bitmap.bmp
2016-03-11 22:45 - 2016-03-11 22:45 - 00001269 _____ C:\Users\Rob\Desktop\messaggio moes.txt
2016-03-10 15:53 - 2016-03-10 15:53 - 00003288 ____N C:\bootsqm.dat
2016-03-09 18:36 - 2016-03-09 18:37 - 05389167 _____ C:\Users\Rob\Downloads\backup_1457545003_9055e521a 188ddce.sql.gz
2016-03-08 21:05 - 2016-03-08 21:05 - 00000000 ____D C:\Users\Rob\Desktop\bideo
2016-03-08 16:08 - 2016-03-08 16:08 - 01925049 _____ C:\Users\Rob\Desktop\icone.rar
2016-03-08 15:57 - 2016-03-18 09:43 - 00000000 ____D C:\Users\Rob\Desktop\new
2016-03-08 15:56 - 2016-03-08 15:57 - 01162568 _____ C:\Users\Rob\Downloads\new.rar
2016-03-07 19:10 - 2016-03-07 19:21 - 00000000 ____D C:\Users\Rob\Desktop\aa
2016-03-07 16:30 - 2016-03-07 16:30 - 00095619 _____ C:\Users\Rob\Desktop\0000ab9e_medium.jpeg
2016-03-07 15:04 - 2016-03-07 15:04 - 00890836 _____ C:\Users\Rob\Desktop\img 6
2016-03-07 14:56 - 2016-03-07 19:22 - 00000000 ____D C:\Users\Rob\Desktop\editate
2016-03-04 19:01 - 2016-03-04 20:21 - 00000232 _____ C:\Users\Rob\Desktop\proposte aggiunte.txt
2016-03-04 18:04 - 2016-03-04 18:04 - 00000000 ____D C:\Users\Rob\Desktop\proFormell
2016-03-04 18:03 - 2016-03-04 18:04 - 00181100 _____ C:\Users\Rob\Downloads\proFormell_2.0.3.zip
2016-03-03 19:06 - 2016-03-18 10:04 - 00000000 ____D C:\Users\Rob\Downloads\Telegram Desktop
2016-03-02 22:39 - 2016-03-17 23:59 - 00000000 ____D C:\Users\Rob\Desktop\se_square_left
2016-03-02 22:38 - 2016-03-02 22:38 - 06342352 _____ (Tim Kosse) C:\Users\Rob\Downloads\FileZilla_3.16.0_win32-setup.exe
2016-03-02 22:38 - 2016-03-02 22:38 - 00141453 _____ C:\Users\Rob\Downloads\sesquareleft.zip
2016-03-02 16:32 - 2016-03-02 16:32 - 00017645 _____ C:\Users\Rob\Downloads\anti adm freeze F10.cs
2016-03-02 16:02 - 2016-03-02 16:02 - 00018609 _____ C:\Users\Rob\Downloads\Unfreeze.rar.rar
2016-03-02 14:10 - 2016-03-18 09:54 - 00000000 ____D C:\Users\Rob\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\San Andreas Multiplayer
2016-03-01 20:02 - 2016-03-01 20:02 - 00069120 _____ C:\Users\Rob\Downloads\exdisp.asi
2016-03-01 12:30 - 2016-03-01 12:46 - 04311552 _____ C:\Users\Rob\Desktop\Plague Inc Evolved V0.8.6.3 Trainer +3 MrAntiFun.EXE
2016-03-01 12:14 - 2016-03-01 12:15 - 04156148 _____ C:\Users\Rob\Downloads\Plague Inc Evolved V0.8.6.3 Trainer +3 MrAntiFun.zip
2016-03-01 12:03 - 2016-03-01 12:04 - 03539017 _____ C:\Users\Rob\Downloads\Plague_Inc_Evolved__Early_A ccess_Trainer_plus1.zip
2016-02-29 16:37 - 2016-02-29 16:37 - 00000000 ____D C:\Users\Rob\AppData\Local\Ndemic Creations
2016-02-29 16:29 - 2016-03-17 23:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\by Decepticon
2016-02-29 16:29 - 2016-02-29 16:29 - 00001081 _____ C:\Users\Rob\Desktop\Plague Inc Evolved.lnk
2016-02-29 16:29 - 2016-02-29 16:29 - 00001056 _____ C:\Users\Rob\Desktop\Plague Inc Evolved-Scenario Creator.lnk
2016-02-29 16:28 - 2016-02-29 16:31 - 00000000 ____D C:\Program Files\Plague Inc Evolved
2016-02-29 16:26 - 2015-08-03 11:10 - 00000000 ____D C:\Users\Rob\Desktop\Plague Inc Evolved.(0.8.4.2).(2013) [Decepticon] RePack
2016-02-29 16:24 - 2016-02-29 16:24 - 189887846 _____ C:\Users\Rob\Downloads\Plague Inc Evolved.(0.8.4.2)NexT&G.rar
2016-02-28 11:51 - 2016-03-14 21:36 - 00000000 ____D C:\Users\Rob\AppData\Local\CrashDumps
2016-02-26 16:30 - 2016-03-17 23:35 - 00000000 ____D C:\Users\Rob\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Hammer & Chisel, Inc
2016-02-26 16:30 - 2016-03-05 20:42 - 00002159 _____ C:\Users\Rob\Desktop\Discord.lnk
2016-02-26 16:30 - 2016-02-26 17:00 - 00000000 ____D C:\Users\Rob\AppData\Roaming\discord
2016-02-26 16:29 - 2016-03-05 20:42 - 00000000 ____D C:\Users\Rob\AppData\Local\SquirrelTemp
2016-02-26 16:29 - 2016-03-05 20:42 - 00000000 ____D C:\Users\Rob\AppData\Local\Discord
2016-02-26 16:23 - 2016-02-26 16:27 - 48166072 _____ (Hammer & Chisel, Inc.) C:\Users\Rob\Downloads\DiscordSetup.exe
2016-02-25 12:14 - 2016-02-25 13:19 - 407651602 _____ C:\Users\Rob\Downloads\xonotic-0.8.1.zip
2016-02-24 20:08 - 2016-03-17 23:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2016-02-24 20:08 - 2016-02-24 22:12 - 00000000 ____D C:\Users\Rob\AppData\Roaming\Notepad++
2016-02-24 20:08 - 2016-02-24 20:08 - 00000000 ____D C:\Program Files\Notepad++
2016-02-24 20:07 - 2016-02-24 20:07 - 04204144 _____ C:\Users\Rob\Downloads\npp.6.9.Installer.exe
2016-02-24 20:04 - 2016-02-24 20:06 - 00000000 ____D C:\Users\Rob\AppData\Roaming\SQLyog
2016-02-24 20:04 - 2016-02-24 20:04 - 00000000 ____D C:\Program Files\SQLyog Trial
2016-02-24 20:02 - 2016-02-24 20:03 - 05860032 _____ (Webyog Inc.) C:\Users\Rob\Downloads\SQLyog-12.2.0-0.x86Trial.exe
2016-02-23 20:59 - 2016-02-19 16:47 - 02671822 _____ C:\Users\Rob\Desktop\LdAccount.sql
2016-02-23 17:17 - 2016-02-23 17:17 - 03020240 _____ C:\Users\Rob\Desktop\ts3_recording_16_02_23_17_17_ 26.wav
2016-02-22 14:22 - 2016-03-17 23:59 - 00000000 ____D C:\Users\Rob\Desktop\basic_orange
2016-02-22 14:21 - 2016-02-22 14:22 - 01409096 _____ C:\Users\Rob\Downloads\basic_orange.zip
2016-02-21 21:41 - 2016-02-21 21:45 - 00001931 _____ C:\Users\Rob\Desktop\stylesheet.css
2016-02-21 21:17 - 2016-02-21 21:17 - 00018760 _____ C:\Users\Rob\Downloads\prosilver_se_3.1.4 (1).zip
2016-02-21 21:16 - 2016-02-21 21:16 - 00000000 ____D C:\Users\Rob\Desktop\prosilver_se
2016-02-21 21:15 - 2016-02-21 21:15 - 00018760 _____ C:\Users\Rob\Downloads\prosilver_se_3.1.4.zip
2016-02-21 20:44 - 2016-02-21 20:44 - 00708302 _____ C:\Users\Rob\Downloads\301.zip
2016-02-21 20:18 - 2016-01-09 09:57 - 00000000 ____D C:\Users\Rob\Desktop\phpBB3
2016-02-21 20:16 - 2016-02-21 20:17 - 03950815 _____ C:\Users\Rob\Downloads\phpBB-3.1.7-pl1.zip
2016-02-21 19:57 - 2016-03-04 18:44 - 00000000 ____D C:\Users\Rob\AppData\Roaming\FileZilla
2016-02-21 19:56 - 2016-03-17 23:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2016-02-21 19:56 - 2016-02-21 19:56 - 00002043 _____ C:\Users\Public\Desktop\FileZilla Client.lnk
2016-02-21 19:56 - 2016-02-21 19:56 - 00000000 ____D C:\Program Files\FileZilla FTP Client
2016-02-21 19:53 - 2016-02-21 19:55 - 06342024 _____ (Tim Kosse) C:\Users\Rob\Downloads\FileZilla_3.15.0.2_win32-setup.exe
2016-02-21 17:22 - 2016-02-21 17:22 - 00000000 ____D C:\Program Files\Common Files\Java
2016-02-21 17:15 - 2016-02-21 17:20 - 00000000 ____D C:\Users\Rob\Desktop\Icone TeamSpeak
2016-02-20 16:27 - 2016-02-20 16:28 - 00327943 _____ C:\Users\Rob\Downloads\LdAccount.sql.zip
2016-02-20 15:49 - 2016-02-20 15:50 - 05354948 _____ C:\Users\Rob\Downloads\ocean.pwn
2016-02-20 13:44 - 2016-02-20 13:56 - 96723839 _____ C:\Users\Rob\Downloads\LSFD Official.zip
2016-02-17 15:14 - 2016-02-17 15:15 - 00973730 _____ C:\Users\Rob\Downloads\CLEO 4.4_custom and SAMPFUNCS 5.2.2.rar
2016-02-17 15:10 - 2016-02-17 15:10 - 00006337 _____ C:\WINDOWS\unins000.dat
2016-02-17 15:10 - 2016-02-17 15:09 - 01197151 _____ C:\WINDOWS\unins000.exe
2016-02-17 15:09 - 2016-02-17 15:09 - 00892903 _____ (Seemann, Deji, Alien ) C:\Users\Rob\Downloads\CLEO4_setup.exe
2016-02-17 14:36 - 2016-02-17 14:36 - 00046962 _____ C:\Users\Rob\Downloads\nametaghack_0.3.7.zip
2016-02-17 14:30 - 2016-02-13 16:43 - 00018775 _____ C:\Users\Rob\Desktop\Skin-Aimbot.cs
2016-02-17 14:29 - 2016-02-17 14:29 - 00531878 _____ C:\Users\Rob\Downloads\sf_5_3_1_bin.zip
2016-02-17 13:50 - 2016-02-17 13:50 - 00688833 _____ C:\Users\Rob\Downloads\IconsD.RAR
2016-02-17 13:48 - 2016-02-17 13:48 - 01779540 _____ C:\Users\Rob\Downloads\SA_HUD_icons.zip
2016-02-17 13:43 - 2016-02-17 13:43 - 00476626 _____ C:\Users\Rob\Downloads\TXDWS.2012_3.rar
2016-02-17 13:28 - 2016-02-17 13:30 - 12327960 _____ C:\Users\Rob\Downloads\SKINPACK Original Hood Piru by CaliDee Modding.rar
2016-02-17 12:23 - 2016-02-17 12:23 - 01049875 _____ C:\Users\Rob\Downloads\modloader.zip
2016-02-17 12:19 - 2016-02-17 12:20 - 00060774 _____ C:\Users\Rob\Downloads\silents_asi_loader_13 (3).zip


==================== One Month Modified files and folders ========


(If an entry is included in the fixlist, the file/folder will be moved.)


2016-03-18 12:04 - 2015-12-25 11:48 - 00000978 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-03-18 12:03 - 2015-10-30 06:48 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-18 12:03 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-03-18 12:00 - 2015-09-12 12:50 - 00000000 ____D C:\Users\Rob\AppData\Roaming\Skype
2016-03-18 11:41 - 2015-09-12 12:18 - 00001138 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-18 10:59 - 2015-11-24 14:31 - 00000000 ____D C:\Program Files\Steam
2016-03-18 10:31 - 2015-10-30 06:39 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-03-18 10:22 - 2015-10-30 06:44 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2016-03-18 10:22 - 2015-10-30 06:44 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2016-03-18 10:22 - 2015-10-30 06:44 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2016-03-18 10:22 - 2015-10-30 06:44 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2016-03-18 10:22 - 2015-10-30 06:44 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2016-03-18 10:22 - 2015-10-30 06:44 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2016-03-18 10:22 - 2015-10-30 06:44 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2016-03-18 10:21 - 2015-10-30 06:44 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dplayx.dll
2016-03-18 10:21 - 2015-10-30 06:44 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpwsockx.dll
2016-03-18 10:21 - 2015-10-30 06:44 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpmodemx.dll
2016-03-18 10:21 - 2015-10-30 06:44 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dplaysvr.exe
2016-03-18 10:09 - 2015-10-01 19:50 - 00000000 ___HD C:\WINDOWS\msdownld.tmp
2016-03-18 09:55 - 2016-01-24 18:13 - 00736866 _____ C:\Users\Rob\Downloads\mod_sa_installer.exe
2016-03-18 09:54 - 2015-09-13 12:28 - 16270006 _____ C:\Users\Rob\Downloads\sa-mp-0.3.7-install.exe
2016-03-18 09:12 - 2016-02-13 12:56 - 00000000 ____D C:\WINDOWS\OCR
2016-03-18 09:05 - 2015-10-13 19:47 - 00000000 ____D C:\Users\Rob\AppData\Roaming\Telegram Desktop
2016-03-18 08:55 - 2015-10-30 06:47 - 00000000 ____D C:\WINDOWS\INF
2016-03-18 08:53 - 2016-02-13 12:54 - 00901356 _____ C:\WINDOWS\system32\perfh010.dat
2016-03-18 08:53 - 2016-02-13 12:54 - 00186064 _____ C:\WINDOWS\system32\perfc010.dat
2016-03-18 08:52 - 2015-09-12 12:18 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-18 00:06 - 2015-09-12 13:17 - 00000000 ____D C:\Users\Rob\Desktop\Applicazioni
2016-03-17 23:55 - 2016-02-13 13:11 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-03-17 23:54 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\rescache
2016-03-17 23:52 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-03-17 23:51 - 2015-10-30 06:48 - 00000000 ____D C:\Program Files\Windows NT
2016-03-17 23:50 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\Registration
2016-03-17 23:49 - 2016-02-13 13:08 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-03-17 23:49 - 2015-10-30 06:48 - 00000000 __RSD C:\WINDOWS\Media
2016-03-17 23:49 - 2015-10-30 06:48 - 00000000 __RHD C:\Users\Public\Libraries
2016-03-17 23:48 - 2015-09-12 12:23 - 00002216 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-17 23:45 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\system32\spool
2016-03-17 23:41 - 2016-02-13 04:06 - 00201632 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-03-17 23:40 - 2016-02-10 18:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.5
2016-03-17 23:40 - 2016-02-09 21:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photobucket Backup
2016-03-17 23:40 - 2015-12-31 14:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-03-17 23:40 - 2015-12-28 13:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey
2016-03-17 23:40 - 2015-12-27 11:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-03-17 23:40 - 2015-12-25 10:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3
2016-03-17 23:40 - 2015-12-14 16:11 - 00000000 ____D C:\Users\Rob\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\No-IP DUC
2016-03-17 23:40 - 2015-12-14 16:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gyazo
2016-03-17 23:40 - 2015-11-24 14:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-03-17 23:40 - 2015-11-05 14:33 - 00000000 ____D C:\Users\Rob\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\MKing
2016-03-17 23:40 - 2015-10-30 06:13 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-03-17 23:40 - 2015-10-30 06:13 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-03-17 23:40 - 2015-10-15 14:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TCPEye
2016-03-17 23:40 - 2015-10-13 19:48 - 00000000 ____D C:\Users\Rob\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Telegram Desktop
2016-03-17 23:40 - 2015-10-10 20:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TSNotifier
2016-03-17 23:40 - 2015-10-01 15:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 5
2016-03-17 23:40 - 2015-09-17 18:30 - 00000000 ____D C:\Users\Rob\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Games
2016-03-17 23:40 - 2015-09-14 20:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-03-17 23:40 - 2015-09-13 12:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
2016-03-17 23:40 - 2015-09-12 13:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2016-03-17 23:40 - 2015-09-12 12:30 - 00000000 ____D C:\Users\Rob\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\WinRAR
2016-03-17 23:40 - 2015-09-12 12:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-03-17 23:39 - 2009-07-14 03:37 - 00000000 ____D C:\Users\Default.migrated
2016-03-17 23:38 - 2016-02-14 19:01 - 00000000 ____D C:\WINDOWS\system32\Hotspot Shield
2016-03-17 23:38 - 2015-11-30 22:53 - 00000000 ____D C:\WINDOWS\system32\xlive
2016-03-17 23:38 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-03-17 23:38 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-03-17 23:38 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\system32\IME
2016-03-17 23:37 - 2016-02-13 13:02 - 00000000 ____D C:\WINDOWS\ShellNew
2016-03-17 23:37 - 2016-02-13 12:54 - 00000000 ____D C:\WINDOWS\DigitalLocker
2016-03-17 23:37 - 2016-01-07 14:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-03-17 23:37 - 2015-10-30 06:48 - 00000000 __SHD C:\Program Files\Windows Sidebar
2016-03-17 23:37 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\schemas
2016-03-17 23:37 - 2015-10-30 06:48 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-03-17 23:37 - 2015-10-03 21:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameModding.net - Wot, Skyrim, GTA 4, GTA San Andreas, Fallout, GTA Vice City and Counter-Strike mods with automatic installation
2016-03-17 23:37 - 2015-10-02 14:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Screaming Bee
2016-03-17 23:37 - 2009-07-14 05:52 - 00000000 ____D C:\Program Files\Microsoft Games
2016-03-17 23:37 - 2009-07-14 05:52 - 00000000 ____D C:\Program Files\DVD Maker
2016-03-17 23:35 - 2016-02-12 15:02 - 00000000 ____D C:\Users\Rob\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\AnalogX
2016-03-17 23:31 - 2015-10-30 06:13 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-03-17 23:27 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\Help
2016-03-17 23:24 - 2015-10-30 06:48 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-03-17 23:15 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-03-17 23:15 - 2015-10-30 06:48 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2016-03-17 23:15 - 2015-10-30 06:45 - 01014272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2016-03-17 23:15 - 2015-10-30 06:45 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2016-03-17 23:15 - 2015-10-30 06:45 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2016-03-17 23:15 - 2015-10-30 06:45 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2016-03-17 23:15 - 2015-10-30 06:45 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2016-03-17 23:15 - 2015-10-30 06:45 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2016-03-17 23:15 - 2015-10-30 06:45 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2016-03-17 23:15 - 2015-10-30 06:45 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2016-03-17 23:15 - 2015-10-30 06:45 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2016-03-17 23:15 - 2015-10-30 06:45 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2016-03-17 23:15 - 2015-10-30 06:45 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2016-03-17 23:15 - 2015-10-30 06:45 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2016-03-17 23:15 - 2015-10-30 06:45 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2016-03-17 23:15 - 2015-10-30 06:45 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2016-03-17 23:15 - 2015-10-30 06:45 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2016-03-17 23:15 - 2015-10-30 06:45 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2016-03-17 23:15 - 2015-10-30 06:45 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2016-03-17 23:15 - 2015-10-30 06:45 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2016-03-17 23:15 - 2015-10-30 06:45 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2016-03-17 23:15 - 2015-10-30 06:45 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2016-03-17 23:15 - 2015-10-30 06:45 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2016-03-17 23:01 - 2011-04-12 05:27 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-03-17 22:36 - 2009-07-14 05:34 - 00028128 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-17 22:36 - 2009-07-14 05:34 - 00028128 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-17 22:34 - 2015-09-12 13:00 - 00008192 __RSH C:\BOOTSECT.BAK
2016-03-17 22:29 - 2016-02-13 13:50 - 00000000 ___HD C:\$WINDOWS.~BT
2016-03-16 17:27 - 2015-11-28 23:18 - 00000000 ____D C:\Users\Rob\Documents\My Games
2016-03-16 16:40 - 2015-11-24 14:31 - 00000000 ____D C:\Program Files\Common Files\Steam
2016-03-15 17:52 - 2015-09-12 13:21 - 00000000 ____D C:\Users\Rob\AppData\Roaming\TS3Client
2016-03-08 08:12 - 2015-10-30 06:49 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2016-03-08 08:12 - 2015-10-30 06:49 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2016-03-07 19:22 - 2015-09-12 16:28 - 00000132 _____ C:\Users\Rob\AppData\Roaming\Adobe PNG Format CS5 Prefs
2016-03-02 14:10 - 2015-12-14 16:00 - 00000000 ____D C:\Program Files\Gyazo
2016-02-25 10:52 - 2015-09-12 12:50 - 00000000 ____D C:\ProgramData\Skype
2016-02-21 17:22 - 2015-09-14 20:46 - 00000000 ____D C:\Users\Rob\.oracle_jre_usage
2016-02-21 17:21 - 2015-09-14 20:45 - 00095840 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2016-02-21 17:20 - 2015-09-14 20:45 - 00000000 ____D C:\Program Files\Java
2016-02-21 17:17 - 2015-12-25 10:50 - 00000000 ____D C:\ProgramData\ProductData
2016-02-20 15:35 - 2015-09-24 15:18 - 00000000 ____D C:\Users\Rob\Desktop\screens
2016-02-17 14:46 - 2016-02-14 15:30 - 00000000 ____D C:\Users\Rob\AppData\Roaming\SA-MP Audio Plugin


==================== Files in the root of some directories =======


2015-09-12 16:28 - 2016-03-07 19:22 - 0000132 _____ () C:\Users\Rob\AppData\Roaming\Adobe PNG Format CS5 Prefs
2015-12-15 14:57 - 2015-12-15 14:58 - 0104428 _____ () C:\Users\Rob\AppData\Roaming\sample.wav
2016-01-01 14:02 - 2016-01-01 14:02 - 0007605 _____ () C:\Users\Rob\AppData\Local\Resmon.ResmonCfg
2016-02-09 21:16 - 2016-02-09 21:16 - 0000098 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32. bc


==================== Bamital & volsnap =================


(There is no automatic fix for files that do not pass verification.)


C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed




LastRegBack: 2016-03-17 23:25


==================== End of FRST.txt ============================

Addition.txt:
Additional scan result of Farbar Recovery Scan Tool (x86) Version:05-03-2016 01Ran by Rob (2016-03-18 12:08:15)
Running from C:\Users\Rob\Downloads
Microsoft Windows 10 Home Version 1511 (X86) (2016-03-17 22:54:14)
Boot Mode: Normal
================================================== ========




==================== Accounts: =============================


Administrator (S-1-5-21-4065476890-3613898036-4242967038-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4065476890-3613898036-4242967038-503 - Limited - Disabled)
Guest (S-1-5-21-4065476890-3613898036-4242967038-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4065476890-3613898036-4242967038-1002 - Limited - Enabled)
Rob (S-1-5-21-4065476890-3613898036-4242967038-1000 - Administrator - Enabled) => C:\Users\Rob


==================== Security Center ========================


(If an entry is included in the fixlist, it will be removed.)


AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}


==================== Installed Programs ======================


(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)


µTorrent (HKU\S-1-5-21-4065476890-3613898036-4242967038-1000\...\uTorrent) (Version: 3.4.5.41372 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Italiano (HKLM\...\{AC76BA86-7AD7-1040-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated)
AnalogX Proxy (HKLM\...\AnalogX Proxy) (Version: - AnalogX)
Aspire Youtube Account Creator 1.2 (HKLM\...\Aspire Youtube Account Creator ) (Version: 1.2 - Youtube bots)
AutoHotkey 1.1.22.07 (HKLM\...\AutoHotkey) (Version: 1.1.22.07 - Lexikos)
Bandicam (HKLM\...\Bandicam) (Version: - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM\...\BandiMPEG1) (Version: - )
Brawlhalla (HKLM\...\Steam App 291550) (Version: - Blue Mammoth Games)
Cheat Engine 6.5 (HKLM\...\Cheat Engine 6.5_is1) (Version: - Cheat Engine)
CLEO 4.3 (HKLM\...\{A8F37EB0-C741-41D7-8CAB-5B40ECEEF094}_is1) (Version: 4.3 - Seemann, Deji, Alien)
CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version: - CyberGhost S.R.L.)
Discord (HKU\S-1-5-21-4065476890-3613898036-4242967038-1000\...\Discord) (Version: 0.0.286 - Hammer & Chisel, Inc.)
Driver Booster 3.1 (HKLM\...\Driver Booster_is1) (Version: 3.1 - IObit)
Emily is Away (HKLM\...\Steam App 417860) (Version: - Kyle Seeley)
FileZilla Client 3.15.0.2 (HKLM\...\FileZilla Client) (Version: 3.15.0.2 - Tim Kosse)
Google Chrome (HKLM\...\Google Chrome) (Version: 49.0.2623.87 - Google Inc.)
Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden
Gyazo 3.2.1 (HKLM\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.)
Half-Life 2 (HKLM\...\Steam App 220) (Version: - Valve)
Java 8 Update 60 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Java 8 Update 66 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.17 - Oracle Corporation)
Java 8 Update 72 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218072F0}) (Version: 8.0.720.15 - Oracle Corporation)
Malwarebytes Anti-Malware versione 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{59E4543A-D49D-4489-B445-473D763C79AF}) (Version: 2.0.672.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
MorphVOX Junior (HKLM\...\{E6C7380F-15DD-445E-BA02-B7A180BA0A5A}) (Version: 2.8.1 - Screaming Bee)
No-IP DUC (HKLM\...\NoIPDUC) (Version: 4.1.1 - Vitalwerks Internet Solutions LLC)
Notepad++ (HKLM\...\Notepad++) (Version: 6.9 - Notepad++ Team)
NVIDIA Driver del controller 3D Vision 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.57.35 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
NVIDIA System Monitor (HKLM\...\InstallShield_{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}) (Version: 1.00.0000 - NVIDIA Corporation)
NVIDIA System Update (HKLM\...\InstallShield_{6F69C969-2942-4E7B-B594-75B37664B8BA}) (Version: 1.00.0000 - NVIDIA Corporation)
osu! (HKLM\...\{2812b59b-7cc7-4de5-8f47-9c4f711b0231}) (Version: latest - ppy Pty Ltd)
Pannello di controllo NVIDIA 341.92 (Version: 341.92 - NVIDIA Corporation) Hidden
Photobucket Backup (HKLM\...\{98813202-6C6E-4ABE-A128-6E8FB3368BE0}) (Version: 1.0.7.2104 - Photobucket)
Plague Inc Evolved (HKLM\...\Plague Inc Evolved_is1) (Version: 0.8.4.2 - Decepticon)
POSTAL 2 (HKLM\...\Steam App 223470) (Version: - Running With Scissors)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
SAPDFR (HKLM\...\SAPDFR) (Version: - )
Sitecom Wireless Network 300N Adapter (HKLM\...\{F912EF57-65C8-48E8-911F-7FCAF8ADD62E}) (Version: 1.5.5.0 - Sitecom)
Skype Quote Creator (HKU\S-1-5-21-4065476890-3613898036-4242967038-1000\...\ad08ab58bc77059a) (Version: 1.0.6.0 - MKing)
Skype™ 7.18 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
SQLyog Trial 12.2 (32 bit) (HKLM\...\SQLyogTrial32) (Version: 12.2 (32 bit) - Webyog Inc.)
Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TCPEye 1.0 (HKLM\...\{998C9435-DAF8-4BDF-B9A5-F844B01D524C}_is1) (Version: - Free Software Relase)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
Technitium MAC Address Changer v6.0 (HKLM\...\TMACv6.0) (Version: 6.0 - Technitium)
Telegram Desktop version 0.9.32 (HKU\S-1-5-21-4065476890-3613898036-4242967038-1000\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 0.9.32 - Telegram Messenger LLP)
The Elder Scrolls IV - Oblivion (HKLM\...\The Elder Scrolls IV - Oblivion) (Version: - )
TS Notifier (HKLM\...\{A8C69D46-A92E-40FA-B393-0E3A417D8F2A}) (Version: 1.6.0000 - Andreas Gebert)
Unity Web Player (HKU\S-1-5-21-4065476890-3613898036-4242967038-1000\...\UnityWebPlayer) (Version: 5.3.1f1 - Unity Technologies ApS)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinRAR 5.30 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)


==================== Custom CLSID (Whitelisted): ==========================


(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


CustomCLSID: HKU\S-1-5-21-4065476890-3613898036-4242967038-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Rob\AppData\LocalLow\Unity\WebPlayer\load er\UnityWebPluginAX.ocx (Unity Technologies ApS)


==================== Scheduled Tasks (Whitelisted) =============


(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


Task: {021C63F7-F2E1-4D48-AE47-1C80E399E6E8} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {070960F4-44CD-4BA7-8013-B2DD4B823F6C} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {185508D1-56F3-48DE-8F2F-5AD05F9E1E8D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {1A6FE5DA-654C-4182-AA32-1E73ADDC232F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {2640C421-1465-4782-B3A6-5D706AF647F9} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {36323E63-142E-43DC-A222-37AAE3AFA2B8} - System32\Tasks\Driver Booster Scheduler => C:\Program Files\IObit\Driver Booster\Scheduler.exe [2015-11-30] (IObit)
Task: {452772D2-68B1-4838-ABA1-14A3D3D3B8BE} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {49D850D4-FC7C-4874-98C2-D11C89286918} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files\Gyazo\GyazoUpdate.exe [2016-02-17] ()
Task: {4C441120-A7A4-4E47-A16F-8CD08CC73E41} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {64147BAD-D369-4DB1-95B0-8FB88EB2EBA1} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files\Gyazo\GyazoUpdate.exe [2016-02-17] ()
Task: {655FD246-14DB-4830-8047-41F1B57FF5ED} - System32\Tasks\{1BB90AA6-F4F0-4EB5-9804-DD570A6188ED} => C:\Users\Rob\Desktop\Applicazioni\Giochi\GTA San Andreas\gta_sa.exe
Task: {6BA8FC8A-5586-4568-9CB7-C30A6B6C4876} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {6C31EE16-0A9C-4102-86FA-79C6EADCDC2D} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {74D28EC7-5C56-4EAF-BC43-3DA469989F83} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {76FE625F-391E-45CA-9F04-756C53FE921A} - System32\Tasks\{9D0D1C0B-5B0D-42D2-BECB-AF72D77F617C} => pcalua.exe -a C:\Users\Rob\Downloads\[CNV]The-Elder-Scrolls-IV---Oblivion[VIDEO][TBH].exe -d C:\Users\Rob\Downloads
Task: {7A368214-74E2-47E6-9792-69A69D0187BC} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {8129248C-AC27-457A-B0D0-F7C986F39273} - \Microsoft\Windows\Setup\gwx\refreshgwxcon****ndco ntent -> No File <==== ATTENTION
Task: {816F9C5D-A17D-415B-BDE0-5EC75878FA5D} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {843F5F8E-BEF1-485B-94BD-4D8582621A6D} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8A905FD5-4EC3-4E78-AA7B-B5968CB77521} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8D77753D-6791-4ADB-9D6C-9F104C691ACB} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {93DC20D2-AA04-4729-9113-A988E5508D39} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpda teService.exe [2016-02-21] (Adobe Systems Incorporated)
Task: {949FCEB2-EC0D-47D1-89ED-A00955244D12} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {99AF4F37-E362-4D72-BB02-81ADC99366BB} - System32\Tasks\Games\UpdateCheck_S-1-5-21-4065476890-3613898036-4242967038-1000
Task: {9C7A732D-B727-4351-9491-1ED147AF3808} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {9F5F7A74-546F-4C7D-82F2-8AF278AAFC14} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxcon fig-B -> No File <==== ATTENTION
Task: {A4C17CAE-6524-4DAE-9998-AF28C6E06524} - System32\Tasks\Driver Booster SkipUAC (Rob) => C:\Program Files\IObit\Driver Booster\DriverBooster.exe [2015-12-22] (IObit)
Task: {AA0C0190-2A3A-459A-91FF-ADA53134AE3C} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AD07F9BC-0A4B-4037-95E5-1623BB38109D} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AE95AE46-EC9A-4127-A366-4E836096B92A} - System32\Tasks\{0519FEEC-EDF1-4567-9B94-D964EA5F6BB1} => C:\Users\Rob\Desktop\Applicazioni\Giochi\GTA San Andreas\gta_sa.exe
Task: {B2C969F2-3058-4CE0-A7EF-53A6C9989867} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B4A5ABE4-8020-4136-A571-03E0D2D31504} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B69C69BA-9AE9-488B-B738-E241262088B2} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {B8AA7794-FB63-408B-A849-3AA51AF50648} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {BCD04FBF-3E80-4D87-B232-33F088868118} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BEB88CAA-6A94-4E9F-BF09-8BD6CF1E9060} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BFF0C21A-0389-4D0F-A841-A6700BEE495C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {C1C2FA3C-DAFA-4D13-8CDD-BF93BBBF0505} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C7714F0B-633C-409E-834B-B91078D4A15A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {D388CD6D-3F8C-485E-B6DC-E832878DCC25} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {D9E79833-A1A8-4DA8-BC23-F316D3431372} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {DB555BDA-7DB3-4FD2-AE0B-45023FBEE9D8} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgra deReminderTime -> No File <==== ATTENTION
Task: {DF11E826-DC96-4231-82F8-05AEAE89822C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-12] (Google Inc.)
Task: {E93AD75F-33DF-4905-8A41-44CFB908A550} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {EAC2C8DB-61A9-4183-ACB5-C17A14BDB38F} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgra deTime -> No File <==== ATTENTION
Task: {FB420BB5-8FE8-4050-8374-904A8AC43FD9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-12] (Google Inc.)
Task: {FBE65390-CC1B-44B6-8B18-8F257BAA21C8} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {FF2E8D4A-3B76-4F36-A4E6-699F7EBAAA1E} - System32\Tasks\{2276CB03-C57B-40A0-AC20-A29C5429FC20} => C:\Users\Rob\Desktop\Applicazioni\Giochi\GTA San Andreas\gta_sa.exe


(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpda teService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe


==================== Shortcuts =============================


(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============


2015-10-30 06:44 - 2015-10-30 06:44 - 00149504 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-03-17 23:27 - 2015-10-13 17:47 - 00113840 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2016-02-13 12:56 - 2016-02-13 12:56 - 01859448 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-02-10 20:48 - 2016-02-10 20:48 - 00048816 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2016-02-21 22:38 - 2016-02-21 22:38 - 00267952 _____ () C:\Program Files\Notepad++\NppShell_06.dll
2016-01-11 10:36 - 2016-01-11 10:36 - 00932032 ____R () C:\Program Files\Skype\Phone\ssScreenVVS2.dll
2016-02-13 12:56 - 2016-02-13 12:56 - 00471552 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw 5n1h2txyewy\Cortana.Core.dll
2016-03-15 15:52 - 2016-03-08 03:48 - 01676440 _____ () C:\Program Files\Google\Chrome\Application\49.0.2623.87\libgl esv2.dll
2016-03-15 15:52 - 2016-03-08 03:48 - 00086168 _____ () C:\Program Files\Google\Chrome\Application\49.0.2623.87\libeg l.dll
2016-02-13 12:56 - 2016-02-13 12:56 - 01859448 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-02-13 12:56 - 2016-02-13 12:56 - 00070656 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2t xyewy\Windows.UI.Shell.SharedUtilities.dll
2016-02-13 12:56 - 2016-02-13 12:56 - 00316416 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2t xyewy\QuickActions.dll
2016-02-13 12:56 - 2016-02-13 12:56 - 05340672 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw 5n1h2txyewy\CortanaApi.dll
2016-02-13 12:56 - 2016-02-13 12:56 - 00696320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw 5n1h2txyewy\Cortana.Actions.dll
2016-02-13 12:56 - 2016-02-13 12:56 - 02366464 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw 5n1h2txyewy\Cortana.BackgroundTask.dll
2016-02-13 12:56 - 2016-02-13 12:56 - 02656768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw 5n1h2txyewy\RemindersUI.dll
2015-11-24 14:45 - 2016-02-10 02:17 - 00782336 _____ () C:\Program Files\Steam\SDL2.dll
2015-11-24 14:45 - 2015-07-03 17:12 - 04962816 _____ () C:\Program Files\Steam\v8.dll
2015-11-24 14:45 - 2016-03-10 20:02 - 02547792 _____ () C:\Program Files\Steam\video.dll
2015-11-24 14:45 - 2015-07-03 17:12 - 01556992 _____ () C:\Program Files\Steam\icui18n.dll
2015-11-24 14:45 - 2015-07-03 17:12 - 01187840 _____ () C:\Program Files\Steam\icuuc.dll
2015-11-24 14:45 - 2016-02-09 00:14 - 02549760 _____ () C:\Program Files\Steam\libavcodec-56.dll
2015-11-24 14:45 - 2016-02-09 00:14 - 00491008 _____ () C:\Program Files\Steam\libavformat-56.dll
2015-11-24 14:45 - 2016-02-09 00:14 - 00332800 _____ () C:\Program Files\Steam\libavresample-2.dll
2015-11-24 14:45 - 2016-02-09 00:14 - 00442880 _____ () C:\Program Files\Steam\libavutil-54.dll
2015-11-24 14:45 - 2016-02-09 00:14 - 00485888 _____ () C:\Program Files\Steam\libswscale-3.dll
2015-11-24 14:45 - 2016-03-10 20:02 - 00802896 _____ () C:\Program Files\Steam\bin\chromehtml.DLL
2016-03-15 17:01 - 2016-02-17 23:25 - 00281088 _____ () C:\Program Files\Steam\openvr_api.dll
2015-11-24 14:45 - 2016-02-09 02:33 - 48400672 _____ () C:\Program Files\Steam\bin\libcef.dll
2015-11-24 14:45 - 2015-09-25 00:56 - 00119208 _____ () C:\Program Files\Steam\winh264.dll
2015-04-27 03:50 - 2015-04-27 03:50 - 00412672 _____ () C:\Users\Rob\Desktop\Applicazioni\Giochi\Rockstar games\Gta San Andreas a\samp.exe
2016-03-18 11:18 - 2016-03-18 11:32 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0 _x86__8wekyb3d8bbwe\SkypeHost.exe
2016-03-18 11:18 - 2016-03-18 11:32 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0 _x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-03-18 11:18 - 2016-03-18 11:32 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0 _x86__8wekyb3d8bbwe\SkyWrap.dll


==================== Alternate Data Streams (Whitelisted) =========


(If an entry is included in the fixlist, only the ADS will be removed.)


AlternateDataStreams: C:\WINDOWS\system32\Drivers\axplhvru.sys:changelis t [304]


==================== Safe Mode (Whitelisted) ===================


(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)




==================== EXE Association (Whitelisted) ===============


(If an entry is included in the fixlist, the registry item will be restored to default or removed.)




==================== Internet Explorer trusted/restricted ===============


(If an entry is included in the fixlist, it will be removed from the registry.)




==================== Hosts content: ===============================


(If needed Hosts: directive could be included in the fixlist to reset Hosts.)


2009-07-14 03:04 - 2016-02-15 16:13 - 00000822 ____A C:\WINDOWS\system32\Drivers\etc\hosts


# ::1 localhost


==================== Other Areas ============================


(Currently there is no automatic fix for this section.)


HKU\S-1-5-21-4065476890-3613898036-4242967038-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.


==================== MSCONFIG/TASK MANAGER disabled items ==


(Currently there is no automatic fix for this section.)


MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: CGVPNCliService => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: Stereo Service => 2
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\Services: TunnelBearMaintenance => 2
MSCONFIG\Services: UpdateCenterService => 2
MSCONFIG\Services: VIAKaraokeService => 2
MSCONFIG\startupfolder: C:^Users^Rob^AppData^Roaming^Microsoft^Windows^Sta rt Menu^Programs^Startup^Telegram.lnk => C:\Windows\pss\Telegram.lnk.Startup
MSCONFIG\startupreg: BingSvc => C:\Users\Rob\AppData\Local\Microsoft\BingSvc\BingS vc.exe
MSCONFIG\startupreg: CyberGhost => "C:\Program Files\CyberGhost 5\CyberGhost.exe" /autostart /min
MSCONFIG\startupreg: Steam => "C:\Program Files\Steam\steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: TunnelBear => C:\Program Files\TunnelBear\TBear.Client.exe -autoconnect


==================== FirewallRules (Whitelisted) ===============


(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-32bit] => (Allow) LPort=808
FirewallRules: [{DEECEFF1-306B-4122-A634-AC71F3584FB8}] => (Allow) C:\Program Files\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{2884502B-D702-4B9F-8C71-49BF960AEF8C}] => (Allow) C:\Program Files\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{21C65411-E487-4FFA-86CF-64A2DC6E0CC0}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{B7D49E03-6217-4153-999F-013FA80D6643}] => (Block) C:\program files\analogx\proxy\proxy.exe
FirewallRules: [{D2F403ED-DC7B-4054-B7EC-8495304524EB}] => (Block) C:\program files\analogx\proxy\proxy.exe
FirewallRules: [UDP Query User{F4CAE002-4980-4193-9033-C19229613B6E}C:\program files\analogx\proxy\proxy.exe] => (Allow) C:\program files\analogx\proxy\proxy.exe
FirewallRules: [TCP Query User{3B72BD6C-C5B6-4CD7-8ED4-86F720BA3509}C:\program files\analogx\proxy\proxy.exe] => (Allow) C:\program files\analogx\proxy\proxy.exe
FirewallRules: [{F3F5D18D-4D31-4471-BE81-07B384817E0F}] => (Allow) C:\Program Files\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{E6F0EE39-DF96-452A-80A3-580DEDB07883}] => (Allow) C:\Program Files\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{DA204C10-9A85-446B-9AE2-CD3EB0928FAC}] => (Allow) C:\Program Files\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{ABD2BFC1-257F-4504-816B-6ED8E9BC7660}] => (Allow) C:\Program Files\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{E9F09CC6-99EF-4F19-A0F4-7C8F5DD9B5E2}] => (Allow) C:\Program Files\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{E62D852D-F38C-4691-A5B3-4A7940906D46}] => (Allow) C:\Program Files\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{FED4FCEE-3DB3-4B20-B85F-3DCB1D1A9D9D}] => (Allow) C:\Program Files\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{BBEF6493-14FC-4FDD-AA5B-A3BAABF4D53B}] => (Allow) C:\Program Files\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{BB065DE9-052E-411C-841E-EB1FA03FD1FC}] => (Allow) C:\Users\Rob\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{2649B732-BB52-4AEF-815E-20DE5397E98B}] => (Allow) C:\Users\Rob\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D6B5BF53-A59F-4AB1-9F6C-F657D5571B8A}] => (Allow) C:\Users\Rob\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D9C205DD-0592-40C5-B2B0-FE01346FA31F}] => (Allow) C:\Users\Rob\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{3E2C4BE9-0E98-4A89-93D9-7C32759E830B}] => (Allow) C:\Users\Rob\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{345E61DB-DEB1-4073-B38A-EC67FA1E5254}] => (Allow) C:\Users\Rob\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{FD31827F-88DF-4C57-ACF0-D72EF92D89D6}] => (Allow) C:\Program Files\Steam\steamapps\common\POSTAL2Complete\Share ThePain\System\Postal2MP.exe
FirewallRules: [{9C95E5AE-E1C5-494D-BF12-8B10A3897C20}] => (Allow) C:\Program Files\Steam\steamapps\common\POSTAL2Complete\Share ThePain\System\Postal2MP.exe
FirewallRules: [{23491D25-25A8-4E7D-B0BC-0B235BF52F9B}] => (Allow) C:\Program Files\Steam\steamapps\common\POSTAL2Complete\Syste m\Postal2.exe
FirewallRules: [{2AA350D2-5288-43CF-B805-96A316F337B2}] => (Allow) C:\Program Files\Steam\steamapps\common\POSTAL2Complete\Syste m\Postal2.exe
FirewallRules: [{FD8E65E1-EC2F-4D16-A65B-BEBE1BB7A33A}] => (Allow) C:\Program Files\Steam\steamapps\common\Emily is Away\emily is away.exe
FirewallRules: [{B3BA746B-2DE9-4991-8AA9-490D742BE054}] => (Allow) C:\Program Files\Steam\steamapps\common\Emily is Away\emily is away.exe
FirewallRules: [{C13FB32E-4308-4A2C-9F4F-BF8C6A496277}] => (Block) C:\users\rob\desktop\dcomet\darkcomet.exe
FirewallRules: [{E5E1087F-7499-44BF-963F-84641A55063E}] => (Block) C:\users\rob\desktop\dcomet\darkcomet.exe
FirewallRules: [UDP Query User{202CD60E-2B5C-4C38-85B8-7586FD572304}C:\users\rob\desktop\dcomet\darkcomet .exe] => (Allow) C:\users\rob\desktop\dcomet\darkcomet.exe
FirewallRules: [TCP Query User{99F0666B-26C0-471D-BDBD-73B46C013148}C:\users\rob\desktop\dcomet\darkcomet .exe] => (Allow) C:\users\rob\desktop\dcomet\darkcomet.exe
FirewallRules: [{EFB402E5-E1B5-4BB3-B904-8ECCFF172BB4}] => (Allow) C:\Program Files\Steam\steamapps\common\Brawlhalla\Brawlhalla .exe
FirewallRules: [{A4B2B866-EF68-48AE-98A5-7926B6D25481}] => (Allow) C:\Program Files\Steam\steamapps\common\Brawlhalla\Brawlhalla .exe
FirewallRules: [{CC32D272-61F7-4B17-A884-E317A93674C7}] => (Allow) C:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{B00EB1E3-25B3-4F57-AD34-88DC2CB4EB7A}] => (Allow) C:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{D94C6DDC-2BFB-4EDB-BED1-FD7937AFB628}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{61CCECD6-EA35-41A6-87AC-AED43BD12624}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{50847B1E-5149-4944-80F4-097E1217DD6E}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSv cHost.exe
FirewallRules: [{D711F6FB-3040-4113-B74E-66A970735B30}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{9EBE8CE2-5575-4DBD-95CE-7A5DA85A716D}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{C5F6F81C-4CDF-4281-B0D8-1A85992363CD}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{1ACBA0F8-3C14-4886-969B-009B685CC865}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{456CC827-455A-41B1-AB04-DD65919EC4DA}] => (Allow) C:\Program Files\AVG\AVG2015\avgemcx.exe
FirewallRules: [{5DC64C4C-1FD3-4B44-87C1-E1C46ACE63E5}] => (Allow) C:\Program Files\AVG\AVG2015\avgemcx.exe
FirewallRules: [{2396BD41-20DE-41FC-AD39-F75CD163EEB9}] => (Allow) C:\Program Files\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{74E943EC-4FE8-476C-8AFC-48800A6B9B7B}] => (Allow) C:\Program Files\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{42973098-14EC-4C0A-A58F-09842EB135C5}] => (Allow) C:\Program Files\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{73EE50C9-729F-4DD8-996A-1A0E3BDA7727}] => (Allow) C:\Program Files\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{6AF9D707-E0B9-423C-8AD1-3985ED33DF19}] => (Allow) C:\Program Files\AVG\AVG2015\avgnsx.exe
FirewallRules: [{77CD21AD-9779-41EC-83D9-E697071A1BC9}] => (Allow) C:\Program Files\AVG\AVG2015\avgnsx.exe
FirewallRules: [{8B114495-2A7C-471F-B54D-39CE55DBE941}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe


==================== Restore Points =========================


ATTENTION: System Restore is disabled


==================== Faulty Device Manager Devices =============




==================== Event log errors: =========================


Application errors:
==================
Error: (03/18/2016 12:01:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome dell'applicazione che ha generato l'errore: gta_sa.exe, versione: 0.0.0.0, timestamp: 0x4270f18a
Nome del modulo che ha generato l'errore: unknown, versione: 0.0.0.0, timestamp: 0x00000000
Codice eccezione: 0xc0000005
Offset errore 0x00000000
ID processo che ha generato l'errore: 0x2578
Ora di avvio dell'applicazione che ha generato l'errore: 0xgta_sa.exe0
Percorso dell'applicazione che ha generato l'errore: gta_sa.exe1
Percorso del modulo che ha generato l'errore: gta_sa.exe2
ID segnalazione: gta_sa.exe3
Nome completo pacchetto che ha generato l'errore: gta_sa.exe4
ID applicazione relativo al pacchetto che ha generato l'errore: gta_sa.exe5


Error: (03/18/2016 11:47:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome dell'applicazione che ha generato l'errore: gta_sa.exe, versione: 0.0.0.0, timestamp: 0x4270f18a
Nome del modulo che ha generato l'errore: unknown, versione: 0.0.0.0, timestamp: 0x00000000
Codice eccezione: 0xc0000005
Offset errore 0x00000000
ID processo che ha generato l'errore: 0x14d0
Ora di avvio dell'applicazione che ha generato l'errore: 0xgta_sa.exe0
Percorso dell'applicazione che ha generato l'errore: gta_sa.exe1
Percorso del modulo che ha generato l'errore: gta_sa.exe2
ID segnalazione: gta_sa.exe3
Nome completo pacchetto che ha generato l'errore: gta_sa.exe4
ID applicazione relativo al pacchetto che ha generato l'errore: gta_sa.exe5


Error: (03/18/2016 11:40:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome dell'applicazione che ha generato l'errore: gta_sa.exe, versione: 0.0.0.0, timestamp: 0x4270f18a
Nome del modulo che ha generato l'errore: unknown, versione: 0.0.0.0, timestamp: 0x00000000
Codice eccezione: 0xc0000005
Offset errore 0x00000000
ID processo che ha generato l'errore: 0x1e50
Ora di avvio dell'applicazione che ha generato l'errore: 0xgta_sa.exe0
Percorso dell'applicazione che ha generato l'errore: gta_sa.exe1
Percorso del modulo che ha generato l'errore: gta_sa.exe2
ID segnalazione: gta_sa.exe3
Nome completo pacchetto che ha generato l'errore: gta_sa.exe4
ID applicazione relativo al pacchetto che ha generato l'errore: gta_sa.exe5


Error: (03/18/2016 11:27:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome dell'applicazione che ha generato l'errore: gta_sa.exe, versione: 0.0.0.0, timestamp: 0x4270f18a
Nome del modulo che ha generato l'errore: ntdll.dll, versione: 10.0.10586.103, timestamp: 0x56a84b33
Codice eccezione: 0xc0000005
Offset errore 0x0004aee3
ID processo che ha generato l'errore: 0x1b50
Ora di avvio dell'applicazione che ha generato l'errore: 0xgta_sa.exe0
Percorso dell'applicazione che ha generato l'errore: gta_sa.exe1
Percorso del modulo che ha generato l'errore: gta_sa.exe2
ID segnalazione: gta_sa.exe3
Nome completo pacchetto che ha generato l'errore: gta_sa.exe4
ID applicazione relativo al pacchetto che ha generato l'errore: gta_sa.exe5


Error: (03/18/2016 11:26:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome dell'applicazione che ha generato l'errore: gta_sa.exe, versione: 0.0.0.0, timestamp: 0x4270f18a
Nome del modulo che ha generato l'errore: unknown, versione: 0.0.0.0, timestamp: 0x00000000
Codice eccezione: 0xc0000005
Offset errore 0x00000000
ID processo che ha generato l'errore: 0xd58
Ora di avvio dell'applicazione che ha generato l'errore: 0xgta_sa.exe0
Percorso dell'applicazione che ha generato l'errore: gta_sa.exe1
Percorso del modulo che ha generato l'errore: gta_sa.exe2
ID segnalazione: gta_sa.exe3
Nome completo pacchetto che ha generato l'errore: gta_sa.exe4
ID applicazione relativo al pacchetto che ha generato l'errore: gta_sa.exe5


Error: (03/18/2016 10:35:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome dell'applicazione che ha generato l'errore: gta_sa.exe, versione: 0.0.0.0, timestamp: 0x4270f18a
Nome del modulo che ha generato l'errore: unknown, versione: 0.0.0.0, timestamp: 0x00000000
Codice eccezione: 0xc0000005
Offset errore 0x00000000
ID processo che ha generato l'errore: 0x2110
Ora di avvio dell'applicazione che ha generato l'errore: 0xgta_sa.exe0
Percorso dell'applicazione che ha generato l'errore: gta_sa.exe1
Percorso del modulo che ha generato l'errore: gta_sa.exe2
ID segnalazione: gta_sa.exe3
Nome completo pacchetto che ha generato l'errore: gta_sa.exe4
ID applicazione relativo al pacchetto che ha generato l'errore: gta_sa.exe5


Error: (03/18/2016 10:32:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome dell'applicazione che ha generato l'errore: gta_sa.exe, versione: 0.0.0.0, timestamp: 0x4270f18a
Nome del modulo che ha generato l'errore: unknown, versione: 0.0.0.0, timestamp: 0x00000000
Codice eccezione: 0xc0000005
Offset errore 0x00000000
ID processo che ha generato l'errore: 0x1050
Ora di avvio dell'applicazione che ha generato l'errore: 0xgta_sa.exe0
Percorso dell'applicazione che ha generato l'errore: gta_sa.exe1
Percorso del modulo che ha generato l'errore: gta_sa.exe2
ID segnalazione: gta_sa.exe3
Nome completo pacchetto che ha generato l'errore: gta_sa.exe4
ID applicazione relativo al pacchetto che ha generato l'errore: gta_sa.exe5


Error: (03/18/2016 10:31:52 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ComputerNabbo)
Description: Attivazione dell'app Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdg e non riuscita con errore: -2147023170 Per ulteriori informazioni, consulta il registro Microsoft-Windows-TWinUI/Operativo.


Error: (03/18/2016 10:31:49 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: ComputerNabbo)
Description: Il pacchetto Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wek yb3d8bbwe+MicrosoftEdge è stato interrotto perché la sospensione richiedeva troppo tempo.


Error: (03/18/2016 10:29:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome dell'applicazione che ha generato l'errore: gta_sa.exe, versione: 0.0.0.0, timestamp: 0x4270f18a
Nome del modulo che ha generato l'errore: unknown, versione: 0.0.0.0, timestamp: 0x00000000
Codice eccezione: 0xc0000005
Offset errore 0x00000000
ID processo che ha generato l'errore: 0x1010
Ora di avvio dell'applicazione che ha generato l'errore: 0xgta_sa.exe0
Percorso dell'applicazione che ha generato l'errore: gta_sa.exe1
Percorso del modulo che ha generato l'errore: gta_sa.exe2
ID segnalazione: gta_sa.exe3
Nome completo pacchetto che ha generato l'errore: gta_sa.exe4
ID applicazione relativo al pacchetto che ha generato l'errore: gta_sa.exe5




System errors:
=============
Error: (03/18/2016 12:03:41 PM) (Source: DCOM) (EventID: 10016) (User: ComputerNabbo)
Description: impostazioni predefinite del computerLocaleAttivazione{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}ComputerNabboRobS-1-5-21-4065476890-3613898036-4242967038-1000LocalHost (tramite LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_ne utral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742


Error: (03/18/2016 12:03:41 PM) (Source: DCOM) (EventID: 10016) (User: ComputerNabbo)
Description: impostazioni predefinite del computerLocaleAttivazione{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}ComputerNabboRobS-1-5-21-4065476890-3613898036-4242967038-1000LocalHost (tramite LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_ne utral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742


Error: (03/18/2016 12:03:41 PM) (Source: DCOM) (EventID: 10016) (User: ComputerNabbo)
Description: impostazioni predefinite del computerLocaleAttivazione{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}ComputerNabboRobS-1-5-21-4065476890-3613898036-4242967038-1000LocalHost (tramite LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_ne utral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742


Error: (03/18/2016 12:03:41 PM) (Source: DCOM) (EventID: 10016) (User: ComputerNabbo)
Description: impostazioni predefinite del computerLocaleAttivazione{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}ComputerNabboRobS-1-5-21-4065476890-3613898036-4242967038-1000LocalHost (tramite LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_ne utral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742


Error: (03/18/2016 12:01:19 PM) (Source: DCOM) (EventID: 10016) (User: ComputerNabbo)
Description: impostazioni predefinite del computerLocaleAttivazione{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}ComputerNabboRobS-1-5-21-4065476890-3613898036-4242967038-1000LocalHost (tramite LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_ne utral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742


Error: (03/18/2016 12:01:19 PM) (Source: DCOM) (EventID: 10016) (User: ComputerNabbo)
Description: impostazioni predefinite del computerLocaleAttivazione{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}ComputerNabboRobS-1-5-21-4065476890-3613898036-4242967038-1000LocalHost (tramite LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_ne utral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742


Error: (03/18/2016 11:57:49 AM) (Source: DCOM) (EventID: 10016) (User: ComputerNabbo)
Description: impostazioni predefinite del computerLocaleAttivazione{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}ComputerNabboRobS-1-5-21-4065476890-3613898036-4242967038-1000LocalHost (tramite LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_ne utral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742


Error: (03/18/2016 11:57:49 AM) (Source: DCOM) (EventID: 10016) (User: ComputerNabbo)
Description: impostazioni predefinite del computerLocaleAttivazione{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}ComputerNabboRobS-1-5-21-4065476890-3613898036-4242967038-1000LocalHost (tramite LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_ne utral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742


Error: (03/18/2016 11:57:49 AM) (Source: DCOM) (EventID: 10016) (User: ComputerNabbo)
Description: impostazioni predefinite del computerLocaleAttivazione{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}ComputerNabboRobS-1-5-21-4065476890-3613898036-4242967038-1000LocalHost (tramite LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_ne utral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742


Error: (03/18/2016 11:57:49 AM) (Source: DCOM) (EventID: 10016) (User: ComputerNabbo)
Description: impostazioni predefinite del computerLocaleAttivazione{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}ComputerNabboRobS-1-5-21-4065476890-3613898036-4242967038-1000LocalHost (tramite LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_ne utral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742




CodeIntegrity:
===================================
Date: 2016-03-17 23:44:35.514
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dl l because the set of per-page image hashes could not be found on the system.


Date: 2016-03-17 23:26:25.791
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dl l because the set of per-page image hashes could not be found on the system.




==================== Memory info ===========================


Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 5000+
Percentage of memory in use: 77%
Total physical RAM: 1919.23 MB
Available physical RAM: 429 MB
Total Virtual: 3748.33 MB
Available Virtual: 1119.42 MB


==================== Drives ================================


Drive c: () (Fixed) (Total:74.52 GB) (Free:20.16 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive e: (32 GB) (Removable) (Total:29.81 GB) (Free:8.15 GB) FAT32


==================== MBR & Partition Table ==================


================================================== ======
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 74.5 GB) (Disk ID: 0D090D08)
Partition 1: (Active) - (Size=74.5 GB) - (Type=07 NTFS)


================================================== ======
Disk: 1 (Size: 29.8 GB) (Disk ID: BDC0BDC0)
Partition 1: (Active) - (Size=29.8 GB) - (Type=0C)


==================== End of Addition.txt ============================

- - - Updated - - -

up, mi serve aiuto :(
 
menatwork

menatwork

Utente Attivo
1,303
232
questo programma lo conosci? lo hai installato tu?

C:\Program Files\Gyazo

fai anche questo passaggio

Scarica Farbar Service nel box bianco fai copia incolla di axplhvru e clicca su export service e dai invio
copia il contenuto
 
Ultima modifica:
Alex2002ita

Alex2002ita

Utente Attivo
832
206
CPU
AMD Ryzen 5 3600
Dissipatore
AMD Wraith Cooler
Scheda Madre
MSI B550 A-PRO
HDD
1x1TB HDD, 1x750GB HDD, 1x500GB HDD, 1x500GB SSD
RAM
2x8GB Crucial Ballistix 3600MHz BL2K8G36C16U4W
GPU
XFX AMD Radeon RX 5600 XT
Audio
Integrated mobo audio
Monitor
Samsung 27" 1080p
PSU
Sharkoon WPM Gold Zero 550W
Case
TECWARE Nexus Evo Black ATX
Periferiche
Logitech G203 & K120, Sharkoon Skiller SGH1
Net
Una 7Mega(bit)
OS
Windows 10 Pro 64-bit
MLG ha detto:
Salve a tutti, ieri sera ho aggiornato il pc da win 7 a win 10 e oggi andando ad accendere ho fatto una scansione con win defender, e mi ha trovato numerosissimi virus ramnit.. una cosa incredibile, come aprivo google chrome mi trovava 5-10 virus, poi aprivo steam me ne trovava altri, aprivo un altro programma e me ne trovava altri ancora. Non voglio formattare il PC visto che ho moltissimi dati che faticherei a portare tutti su chiavetta (e mettendo caso che anche quelli poi sono infetti non mi cambia un *****, visto che poi il virus continuerebbe a propagarsi anche dopo la formattazione). Come posso fare a rimuovere questo maledetto ramnit dal mio PC?
a53da308c1d6a3ea2020e6847bd8aac8.png
Clicca per espandere...

Ah vecchio mio, troppi video sconci, ma davvero TROPPI:lol:.
Scherzi a parte, leggi qui: https://www.microsoft.com/security/portal/threat/encyclopedia/entry.aspx?Name=Virus:Win32/Ramnit.A
Un virus davvero pesante e se Windows Defender te lo rileva per qualsiasi cosa tu faccia e perchè sto Ramnit infetta file HTML, exe e altro.
 
Devi accedere o registrarti per rispondere qui.

Ci sono discussioni simili a riguardo, dai un'occhiata!

E
GUIDA Rimozione del virus del collegamento dalle chiavette USB
Risposte
1
Visualizzazioni
769
Sicurezza
sp3ctrum
sp3ctrum
P
Malware su Mini PC Nipogi acquistato da 10 giorni ?
Risposte
7
Visualizzazioni
2K
Computer Multimediali e Mini PC
azi_muth
azi_muth
T
DOMANDA NVMe per un pc da ufficio....ne vale la pena?
Risposte
4
Visualizzazioni
590
Storage (HDD, SSD, M2, RAID e NAS)
thunder road
T
S
DOMANDA Aiuto Test 970EVO Plus Morente
Risposte
0
Visualizzazioni
251
Storage (HDD, SSD, M2, RAID e NAS)
SirDiff
S
Enzino99
DOMANDA Cmd che raramente si apre
Risposte
16
Visualizzazioni
762
Windows
Eren88
E

Entra

Hai dimenticato la password?
oppure Accedi utilizzando
Discord Ufficiale Entra ora!

Discussioni Simili