Ripristino impossibile malware

thenax

Nuovo Utente
102
0
Ciao mi son beccato un virus che mi ha installato un finto avast
195ACCE2-2746-46A2-AC0C-357312C963B4.jpeg
questi 3 processi che vedete non si riescono a chiudere in gestione attivita e mi bloccano la possibilità di fare un ripristino

come posso risolvere?
 
Ultima modifica da un moderatore:

Gabryy.

Utente Attivo
359
76
Non possiedo Avast ma su internet dicono che dopo l'ultimo aggiornamento, Avast ha deciso di cambiare nome al processo che si occupa della protezione in tempo reale... quindi tutto nella norma credo.

Qualcuno che usa Avast che può confermare quello che ho letto?
 

dave91

Utente Attivo
1,076
297
Fai click sulla freccia, poi click dx, apri percorso file. In base alla posizione e contenuto della cartella puoi capire di cosa si tratta, eventualmente controlla anche la firma sull'eseguibile. Click dx sull'eseguibile > proprietà
 

R16

Utente Èlite
2,307
425
CPU
boh
Scheda Madre
boh
HDD
boh
RAM
boh
GPU
boh
Audio
boh
Monitor
boh
PSU
boh
Case
boh
OS
boh
mi bloccano la possibilità di fare un ripristino
Occhio, perchè è facile che il virus abbia infettato i punti di ripristino.

Prova una scansione con Malwarebytes in Modalità provvisoria.

Poi esegui (sempre in Modalità provvisoria) Rogue Killer.
 
  • Mi piace
Reazioni: Moffetta88

thenax

Nuovo Utente
102
0
ecco qui!

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted C:\Windows\System32\Tasks\DRIVER BOOSTER SCHEDULER

***** [ Registry ] *****

Deleted HKCU\Software\csastats
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FFB98CCA-CA4F-4950-B16A-A65A331B13F6}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Scheduler

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.SamsungSmartSwitch Folder C:\Users\MARCO\AppData\Roaming\SAMSUNG\SMART SWITCH PC


*************************

[+] Delete Prefetch
[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2170 octets] - [28/05/2018 00:19:51]
AdwCleaner[C00].txt - [1826 octets] - [28/05/2018 00:24:14]
AdwCleaner[S01].txt - [2821 octets] - [07/05/2019 21:12:46]
AdwCleaner[C01].txt - [2524 octets] - [07/05/2019 21:13:26]
AdwCleaner[S02].txt - [2273 octets] - [19/04/2020 12:47:27]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########
Post unito automaticamente:

Malwarebytes
www.malwarebytes.com

-Dettagli log-
Data scansione: 19/04/20
Ora scansione: 12:59
File di log: d7e4ee6e-822c-11ea-a4af-4ccc6af9de14.json

-Informazioni software-
Versione: 4.1.0.56
Versione componenti: 1.0.875
Aggiorna versione pacchetto: 1.0.22660
Licenza: Trial

-Informazioni sistema-
SO: Windows 10 (Build 18362.778)
CPU: x64
File system: NTFS
Utente: MARCO_GABRIELLA\MARCO

-Riepilogo scansione-
Tipo di scansione: Ricerca elementi nocivi
Scansione avviata da: Manuale
Risultati: Completata
Elementi analizzati: 820497
Minacce rilevate: 3
Minacce messe in quarantena: 0
Tempo impiegato: 12 min, 4 sec

-Opzioni di scansione-
Memoria: Attivata
Esecuzioni automatiche: Attivata
File system: Attivata
Archivi compressi: Attivata
Rootkit: Attivata
Analisi euristica: Attivata
PUP: Rilevare
PUM: Rilevare

-Dettagli scansione-
Processo: 0
(Nessun elemento nocivo rilevato)

Modulo: 0
(Nessun elemento nocivo rilevato)

Chiave di registro: 0
(Nessun elemento nocivo rilevato)

Valore di registro: 0
(Nessun elemento nocivo rilevato)

Dati di registro: 0
(Nessun elemento nocivo rilevato)

Flusso di dati: 0
(Nessun elemento nocivo rilevato)

Cartella: 0
(Nessun elemento nocivo rilevato)

scansione con malwarebytes

File: 3
HackTool.SnadBoy, C:\PROGRAM FILES (X86)\SNADBOY'S REVELATION V2\REVELATION.EXE, Nessuna azione intrapresa, 9628, 299009, 1.0.22660, 2BEFA529B7889BBDC64B394A, dds, 00683043
PUP.Optional.SnadBoy, C:\PROGRAM FILES (X86)\SNADBOY'S REVELATION V2\REVELATIONHELPER.DLL, Nessuna azione intrapresa, 8738, 147848, 1.0.22660, , ame,
PUP.Optional.ChromePass, D:\DOWNLOADS\CHROMEPASS.ZIP, Nessuna azione intrapresa, 9074, 355393, 1.0.22660, , ame,

Settore fisico: 0
(Nessun elemento nocivo rilevato)

WMI: 0
(Nessun elemento nocivo rilevato)


(end)
Post unito automaticamente:

e quest o è l'ultimo report

RogueKiller Anti-Malware V14.4.0.0 (x64) [Apr 1 2020] (Free) by Adlice Software
mail : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 10 (10.0.18363) 64 bits
Started in : Normal mode
User : MARCO [Administrator]
Started from : C:\Users\MARCO\Desktop\RogueKiller_portable64.exe
Signatures : 20200414_084954, Driver : Loaded
Mode : Standard Scan, Scan -- Date : 2020/04/19 13:18:40 (Duration : 00:30:06)

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Process Modules ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Services ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Tasks ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ WMI ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Hosts File ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Files ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Web browsers ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
>>>>>> Chrome Config
[PUM.SearchEngine (Potentially Malicious)] default_search_provider_data.template_url_data.keyword (C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences) -- google.com_ -> Found
Post unito automaticamente:

e questo è quello che ha restituito frst64 (vedo degli avast che mi insospettiscono!)

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-04-2020
Ran by MARCO (19-04-2020 13:57:07)
Running from C:\Users\MARCO\Desktop
Windows 10 Home Version 1909 18363.778 (X64) (2019-08-17 20:13:03)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1801797792-2963998745-2400400606-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-1801797792-2963998745-2400400606-503 - Limited - Disabled)
gabriella (S-1-5-21-1801797792-2963998745-2400400606-1014 - Limited - Enabled) => C:\Users\gabriella
Guest (S-1-5-21-1801797792-2963998745-2400400606-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1801797792-2963998745-2400400606-1012 - Limited - Enabled)
MARCO (S-1-5-21-1801797792-2963998745-2400400606-1001 - Administrator - Enabled) => C:\Users\MARCO
Simone (S-1-5-21-1801797792-2963998745-2400400606-1007 - Limited - Enabled) => C:\Users\Simone
WDAGUtilityAccount (S-1-5-21-1801797792-2963998745-2400400606-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ACDSee Photo Studio Ultimate 2019 (HKLM\...\{05F371AF-BD6B-4D3E-93DA-C2071394B764}) (Version: 12.1.1.1673 - ACD Systems International Inc.)
ACDSee Photo Studio Ultimate 2020 (HKLM\...\{EB2BD38F-44CF-46BB-A00B-72D7FD826A24}) (Version: 13.0.2.2057 - ACD Systems International Inc.)
AceMoney (HKLM-x32\...\AceMoney_is1) (Version: - MechCAD Software)
ActivePresenter (HKLM\...\{A2A40277-D807-4754-95A3-2F294C2C51D3}_is1) (Version: 7.5.13 - Atomi Systems, Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 28.0.0.127 - Adobe Systems Incorporated)
Adobe Bridge 2020 (HKLM-x32\...\KBRG_10_0_3) (Version: 10.0.3 - Adobe Inc.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.1.0.407 - Adobe Systems Incorporated)
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.8 - Adobe Systems Incorporated)
Adobe Extension Manager CC (HKLM-x32\...\{244FD30F-63F1-49B9-9D98-1150FF4FFCB1}) (Version: 7.3.2 - Adobe Systems Incorporated)
Adobe Lightroom Classic (HKLM-x32\...\LTRM_9_2) (Version: 9.2 - Adobe Inc.)
Adobe Media Encoder 2019 (HKLM-x32\...\AME_13_1_3) (Version: 13.1.3 - Adobe Systems Incorporated)
Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_1_1) (Version: 21.1.1 - Adobe Inc.)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_1_9) (Version: 19.1.9 - Adobe Systems Incorporated)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_9) (Version: 20.0.9 - Adobe Inc.)
Affinity Photo (HKLM\...\{D39FC096-62B2-4F21-BA48-04DAC525F929}) (Version: 1.8.3.641 - Serif (Europe) Ltd)
Amazon Photos (HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\Amazon Photos) (Version: 5.6.1 - Amazon.com, Inc.)
AMD Ryzen Master (HKLM\...\{03213877-8001-4F2C-8917-26B127DE1540}) (Version: 1.0.1.0239 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 20.2.2 - Advanced Micro Devices, Inc.)
AOMEI Partition Assistant Standard Edition 6.6 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version: - AOMEI Technology Co., Ltd.)
APOInstallerMSISetup (HKLM\...\{804BB8D7-5971-46C0-849B-1F40D8545B0A}) (Version: 1.0.14 - Nahimic) Hidden
APPBook 1.5.3 (HKLM-x32\...\781df90e-341d-585c-9760-bfee4555962f) (Version: 1.5.3 - ELI S.R.L. - European Language Institute)
APPBook 1.5.6 (HKLM-x32\...\{781df90e-341d-585c-9760-bfee4555962f}) (Version: 1.5.6 - ELI S.R.L. - European Language Institute)
Apple Mobile Device Support (HKLM\...\{6CECF0FB-EE71-4FE5-8AE0-FA007408934A}) (Version: 13.0.0.38 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Ashampoo Burning Studio FREE (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.14.5 - Ashampoo GmbH & Co. KG)
Assistente aggiornamento Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17364 - Microsoft Corporation)
AudioDeviceFXPluginSampleUIMSISetup (HKLM\...\{4864889A-C092-451D-861C-9A334EBE1573}) (Version: 1.0.1401 - Nahimic) Hidden
Avidemux 2.7 - 64 bits (HKLM-x32\...\Avidemux 2.7 - 64 bits (64-bit)) (Version: 2.7.1.180604 - )
AviSynth 2.6 (HKLM-x32\...\AviSynth) (Version: 2.6.0.6 - GPL Public release.)
AVStoDVD 2.8.8 (HKLM-x32\...\AVStoDVD) (Version: 2.8.8 - MrC)
Backup and Sync from Google (HKLM\...\{FE296942-D2D3-4149-8895-60655FE4CFDE}) (Version: 3.49.9800.0000 - Google, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Branding64 (HKLM\...\{856DA29A-EA4A-468B-BBC2-B5F60DD75BFE}) (Version: 1.00.0002 - Advanced Micro Devices, Inc.) Hidden
calibre 64bit (HKLM\...\{FC12E3F8-E522-4E65-A416-D7BDF41FBBA7}) (Version: 2.68.0 - Kovid Goyal)
Canon Utilities Digital Photo Professional 4 (HKLM-x32\...\Digital Photo Professional 4 (x64)) (Version: 4.5.10.1 - Canon Inc.)
Canon Utilities EOS Lens Registration Tool (HKLM-x32\...\EOS Lens Registration Tool) (Version: 1.5.10.0 - Canon Inc.)
Capture One 20.0.4 (HKLM\...\CaptureOne13_is1) (Version: 13.0.4.8 - Phase One A/S)
Cars 2 multimedia game (HKLM-x32\...\{A72E0BF6-237D-B724-AA15-0B0D6C00EAE3}) (Version: 1.0 - Clementoni S.p.A) Hidden
Cars 2 multimedia game (HKLM-x32\...\it.clementoni.multimediagames.cars2) (Version: 1.0 - Clementoni S.p.A)
CD-LabelPrint (HKLM-x32\...\MediaNavigation.CDLabelPrint) (Version: - )
Centro gestione Mouse e Tastiere Microsoft (HKLM\...\{93FDA8B3-711F-45A7-B7E1-497452B34F5F}) (Version: 10.4.137.0 - Microsoft Corporation) Hidden
Centro gestione Mouse e Tastiere Microsoft (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 10.4.137.0 - Microsoft Corporation)
Chrome Remote Desktop Host (HKLM-x32\...\{654C49EB-D47E-4319-B719-DEEC73787B51}) (Version: 83.0.4103.2 - Google Inc.)
Citrix Online Launcher (HKLM-x32\...\{48947098-A67C-46D4-90C5-9F2F6F0F96FE}) (Version: 1.0.449 - Citrix)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
CrystalDiskInfo 8.4.2 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.4.2 - Crystal Dew World)
CSV to vCard (HKLM-x32\...\{B9DCBBD4-20F5-424B-9C56-FFF62BE71CD7}_is1) (Version: - csvtovcard.com)
CyberLink Application Manager (HKLM-x32\...\InstallShield_{D25D3E15-CABD-420c-B62C-70C1C5EE63FD}) (Version: 1.0.4110.0 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Data Lifeguard Diagnostic version 1.37 (HKLM-x32\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version: - Western Digital Corporation)
Desktop Telematico 1.0.0 (HKLM\...\Desktop Telematico 1.0.0) (Version: 1.0.0.0 - SOGEI)
DesktopTelematico 1.0.0 (HKLM\...\DesktopTelematico) (Version: - )
DesktopTelematico 1.0.0 (HKLM-x32\...\DesktopTelematico) (Version: - )
Dictate (HKLM-x32\...\{8475267E-D7DF-4A6D-A126-2C6B519E6F74}) (Version: 5.00.0000 - Microsoft)
Digitale_Capitello (HKLM-x32\...\{819FF49A-2BA9-CB4C-0A41-F2A406D42899}) (Version: 6.0 - UNKNOWN) Hidden
Digitale_Capitello (HKLM-x32\...\Digitale.Capitello) (Version: 6.0 - UNKNOWN)
DisplayCAL (HKLM-x32\...\{4714199A-0D66-4E69-97FF-7B54BFF80B88}_is1) (Version: 3.8.5.0 - Florian Höch)
Driver Booster 7 (HKLM-x32\...\Driver Booster_is1) (Version: 7.4.0 - IObit)
Driver Easy 5.6.14 (HKLM\...\DriverEasy_is1) (Version: 5.6.14 - Easeware)
DVDStyler v3.1 (HKLM\...\DVDStyler_is1) (Version: - Thüring IT-Consulting)
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version: - EaseUS)
EaseUS Todo Backup Free 10.6 (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 10.6 - CHENGDU YIWO Tech Development Co., Ltd)
Easy Photo Scan (HKLM-x32\...\{BB6241FF-8B76-45A5-95B9-888EDE8E47DC}) (Version: 1.00.0010 - Seiko Epson Corporation)
EndpointMonitoring Install MSISetup (HKLM\...\{FBEFDD01-23EE-46E0-961F-F443341E305C}) (Version: 1.0.1401 - Nahimic) Hidden
EOSCount ActiveX control (HKLM-x32\...\{63B230BF-D745-4ECC-B773-EA25A9AFDC36}) (Version: 2.3.5 - Sergey Vasilevskiy)
EOSInfo (HKLM-x32\...\{CC23FF9A-989C-4DEB-8970-50E6E4862315}) (Version: 0.2.0 - astrojargon.net)
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.4.0 - Seiko Epson Corporation)
Epson Easy Photo Print 2 (HKLM-x32\...\{F05A434E-D3CF-4B44-9D3E-779D42090781}) (Version: 2.8.0.0 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{9F205E94-9E42-4486-A92A-DF3F6CB85444}) (Version: 3.10.0061 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.50.00 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{B55DB65D-EF6E-4E04-89D5-B03603BF681B}) (Version: 4.4.5 - SEIKO EPSON CORPORATION)
EPSON XP-760 Series Printer Uninstall (HKLM\...\EPSON XP-760 Series) (Version: - SEIKO EPSON Corporation)
Ezviz Player version V7.2.0 (HKLM-x32\...\{FAC8D04A-541F-4d41-8BFE-4E5F735758DF}}_is1) (Version: V7.2.0 - )
Ezviz Studio (HKLM-x32\...\{49DF99D3-BC81-439A-8F40-A0529159024C}_is1) (Version: - EZVIZ Inc.)
FileZilla Client 3.43.0 (HKLM-x32\...\FileZilla Client) (Version: 3.43.0 - Tim Kosse)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.163 - Google LLC)
Google Earth Pro (HKLM-x32\...\{9D524A1E-F2FC-444D-B12A-7592CEB56EB5}) (Version: 7.3.2.5776 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Google Video Support Plugin (HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 19.12.1000.0 - Google, LLC.)
GUI for dvdauthor 1.07 (HKLM-x32\...\GUI for dvdauthor) (Version: 1.07 - Boraxsoft)
HandBrake 1.2.2 (HKLM-x32\...\HandBrake) (Version: 1.2.2 - )
Helix YUV Codecs (remove only) (HKLM-x32\...\HelixYUVCodecs) (Version: - )
iCloud (HKLM\...\{359CA9EA-898C-4F5C-80D9-C111F27B489E}) (Version: 7.17.0.13 - Apple Inc.)
il Nuovo Devoto-Oli Junior LeMonnier (HKLM-x32\...\il Nuovo Devoto-Oli Junior LeMonnier) (Version: 1.0.0.0 - edPan search engine)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.0.0 - LIGHTNING UK!)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Invoicex (HKLM\...\Invoicex) (Version: - )
iTunes (HKLM\...\{9816A31B-D5BE-4D4A-8073-2A7BD3B0EBAE}) (Version: 12.10.4.2 - Apple Inc.)
Java 8 Update 241 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180241F0}) (Version: 8.0.2410.7 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
K-Lite Codec Pack 14.1.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.1.5 - KLCP)
LAV Filters 0.73.1 (HKLM-x32\...\lavfilters_is1) (Version: 0.73.1 - Hendrik Leppkes)
Loom 0.30.11 (HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\{3643b966-bc28-5bc8-95ff-3d47d66438db}) (Version: 0.30.11 - Loom, Inc.)
Macromedia Extension Manager (HKLM-x32\...\{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}) (Version: 1.7.240 - Macromedia, Inc.)
Manuali EPSON (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.54.0.0 - Seiko Epson Corporation)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.0.88 - McAfee, LLC.)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{8EC9E7BB-2443-49B1-8476-490EBF932C2E}) (Version: 4.25.512.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - it-it (HKLM\...\ProPlusRetail - it-it) (Version: 16.0.12624.20466 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0012 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools per Office Runtime (x64) - Language Pack - ITA (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ITA) (Version: 10.0.50903 - Microsoft Corporation)
MiniTool Power Data Recovery Free Edition 7.0 (HKLM\...\MiniTool Power Data Recovery Free Edition_is1) (Version: - MiniTool Solution Ltd.)
Monitor Asset Manager (HKLM-x32\...\{AD0BBBFD-C5E9-4214-A863-E83313D67C0C}_is1) (Version: - EnTech Taiwan)
Movie Maker (HKLM-x32\...\{312F7EE7-37D0-484D-B974-0CE1B8560C79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.2.0.67 - MSI)
MSI Super Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.3.0.24 - MSI)
MSI X Boost (HKLM-x32\...\{515143BB-7A11-4D85-B941-D520AAAA099C}_is1) (Version: 1.0.0.36 - MSI)
MSVC80_x64_v2 (HKLM\...\{4D668D4F-FAA2-4726-834C-31F4614F312E}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (HKLM-x32\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MyEpson Portal (HKLM-x32\...\{3361D415-BA35-4143-B301-661991BA6219}) (Version: 1.1.2.2 - SEIKO EPSON CORPORATION) Hidden
MyEpson Portal (HKLM-x32\...\MyEpson Portal) (Version: - SEIKO EPSON Corporation)
Nahimic VR (HKLM-x32\...\{29dcab99-1f56-4497-aeb0-d8eeecf554e2}) (Version: 1.0.14 - Nahimic)
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
NineEarsSettings Install Configurator (HKLM\...\{0E9230A4-E580-47BC-ADAA-D17FA9E2082F}) (Version: 1.0.1401 - Nahimic) Hidden
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.7.1 - Notepad++ Team)
OEM Application Profile (HKLM-x32\...\{7F5DCD33-1039-C3B2-9538-B645B65BBA63}) (Version: 1.00.0000 - Nome società) Hidden
OEM Application Profile (HKLM-x32\...\{84AD2AF7-10C8-0395-66F9-FFAEB4C5DBF1}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12624.20442 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12624.20442 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12624.20466 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0410-0000-0000000FF1CE}) (Version: 16.0.12624.20442 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Pacchetto driver Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass (01/27/2014 9.0.0000.00000) (HKLM\...\9CA77E2A8332A0824C54DA611BBE4CA24AB1F750) (Version: 01/27/2014 9.0.0000.00000 - Google, Inc.)
Pacchetto driver Windows - Phase One / Mamiya V-Grip USB Driver (12/03/2014 1.2.0.0) (HKLM\...\3F504CC0B024052107934E093CC26DA720256A7A) (Version: 12/03/2014 1.2.0.0 - Phase One / Mamiya)
Pacchetto driver Windows - Phase One A/S (WinUSB) USBDevice (12/14/2018 1.15.0.0) (HKLM\...\9398055CF8BEEF1D6FCF147047450F15A1C7AF2A) (Version: 12/14/2018 1.15.0.0 - Phase One A/S)
Pacchetto driver Windows - Silicon Laboratories (WinUSB) USB DFU Devices (03/21/2013 1.00.0000) (HKLM\...\F10ECE8185B942E6F1FCC2956ECDFE0C0D33E8A5) (Version: 03/21/2013 1.00.0000 - Silicon Laboratories)
Pacchetto driver Windows - Silicon Laboratories Inc. (silabser) Ports (03/28/2016 6.7.3.350) (HKLM\...\9437A0D535B29915072FCF153C7CA9B5FD547A24) (Version: 03/28/2016 6.7.3.350 - Silicon Laboratories Inc.)
PhotoFilmStrip 3.1.1 (HKLM\...\PhotoFilmStrip_is1) (Version: 3.1.1 - Jens Göpfert)
Planet versione 4.8 (HKLM-x32\...\{90747FA4-A488-45D3-9F91-8E516610CDCF}_is1) (Version: 4.8 - Tecnos)
Poedit (HKLM-x32\...\{68EB2C37-083A-4303-B5D8-41FA67E50B8F}_is1) (Version: 2.0.1 - Vaclav Slavik)
proDAD Adorage 3.0 (64bit) (HKLM\...\proDAD-Adorage-3.0) (Version: 3.0.114.1 - proDAD GmbH)
ProductDaemon Install Setup (HKLM\...\{D5F66A96-C6BA-4E69-994D-EA858DD459F3}) (Version: 1.0.1401 - Nahimic) Hidden
PuTTY release 0.73 (64-bit) (HKLM\...\{44F7642C-AB7E-4468-B028-E8D08A0CBB0E}) (Version: 0.73.0.0 - Simon Tatham)
QGIS 3.4.2 'Madeira' (HKLM\...\QGIS 3.4) (Version: 3.4.2 - QGIS Development Team)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Raccolta foto (HKLM-x32\...\{86A1CEAD-EF47-47BB-AE79-DA8C09E15382}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
RAPID Mode (HKLM\...\{18DF567E-AA9B-434D-BE77-BFE2292712F6}) (Version: 1.0.1.96 - Samsung Electronics Co., Ltd.) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.35.510.2019 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8746.1 - Realtek Semiconductor Corp.)
RescuePRO Deluxe 5.2.6.6 (HKLM-x32\...\{38D9AAB8-116B-40BB-A801-50B71DF82D24}_is1) (Version: 5.2.6.6 - LC Technology International, Inc.)
Ruby 2.3.3-p222-x64 (HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\{96A4CEEE-5ACC-4FB2-AAB6-8152D5AB0C9E}_is1) (Version: 2.3.3-p222 - RubyInstaller Team)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.9.7 - Samsung Electronics)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
Screaming Frog SEO Spider (HKLM-x32\...\Screaming Frog SEO Spider) (Version: 11.1 - Screaming Frog Ltd)
ScreenManager Pro for LCD (HKLM-x32\...\{DAB265AD-27B2-4651-B8D8-F4F3A8ECC705}) (Version: 3.3.3.0 - EIZO Corporation)
SEO Macroscope (HKLM\...\{DC87D91B-D6D0-4557-B494-4501BD4FDA00}) (Version: 1.7.61 - Jason Holland)
Skype versione 8.58 (HKLM-x32\...\Skype_is1) (Version: 8.58 - Skype Technologies S.A.)
Skype Web Plugin (HKLM-x32\...\{EB96DF8B-65A7-4E72-BFB1-38DB36870D16}) (Version: 7.32.6.278 - Skype Technologies S.A.)
SmartSound Quicktracks 5 (HKLM-x32\...\{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.8 - SmartSound Software Inc.) Hidden
SmartSound Quicktracks 5 (HKLM-x32\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.8 - SmartSound Software Inc.)
SnadBoy's Revelation v2 (HKLM-x32\...\SnadBoy's Revelation v2) (Version: 2.0.1.100 - SnadBoy Software)
Software Saal Design Italy (HKLM-x32\...\{00E0CBD7-C440-FD08-478C-A2074418339E}) (Version: 4.0 - Saal Digital Fotoservice GmbH) Hidden
Software Saal Design Italy (HKLM-x32\...\SoftwareSaalDesignItaly) (Version: 4.0 - Saal Digital Fotoservice GmbH)
Spyder4Pro (HKLM-x32\...\Spyder4Pro) (Version: - )
SSAudioDaemon Install MSISetup (HKLM\...\{1428858F-547B-408D-B25B-0A28540E496A}) (Version: 1.0.14 - Nahimic) Hidden
Supporto applicazioni Apple (32 bit) (HKLM-x32\...\{A7039CC9-4669-4799-92B1-C5CE346DBE3D}) (Version: 8.3 - Apple Inc.)
Supporto applicazioni Apple (64 bit) (HKLM\...\{DA78A9DC-3599-4D81-A960-B679687A6C14}) (Version: 8.3 - Apple Inc.)
Tavoletta Wacom (HKLM\...\Wacom Tablet Driver) (Version: 6.3.11-4 - Wacom Technology Corp.)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.7.1965 - TeamViewer)
Therion (HKLM-x32\...\therion-4.66920160910299_is1) (Version: - Stacho Mudrak, Martin Budaj)
Topaz Adjust 5 (HKLM-x32\...\Topaz Adjust 5) (Version: 5.1.0 - Topaz Labs, LLC)
Unity Web Player (HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\UnityWebPlayer) (Version: 5.3.1f1 - Unity Technologies ApS)
Universal Adb Driver (HKLM-x32\...\{C0E08D8D-6076-4117-B644-2AF34F35B757}) (Version: 1.0.4 - ClockworkMod)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
update_server (HKLM-x32\...\{1D08522D-308D-4615-AEA9-44021FD7445A}_is1) (Version: - )
Video Download Capture V6.3.3 (HKLM-x32\...\{b3336f66-e079-4ff6-abdb-51e2fab781d5}_is1) (Version: 6.3.3 - APOWERSOFT LIMITED)
Video to Video (HKLM-x32\...\{7F95A744-78DA-4AED-A8F0-A0AF330B8411}_is1) (Version: - Media Converters)
Visual SEO Studio (HKLM-x32\...\{63ba0607-9e17-429a-8afd-cc7c0807d35b}) (Version: 1.8.1.2 - aStonish Studio)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.6 - VideoLAN)
VSO ConvertXToDVD 7 (HKLM-x32\...\{A021D003-6933-4EA4-B582-F1D0C3E52409}_is1) (Version: 7.0.0.59 - VSO Software)
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0-2) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0-3) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
WD Drive Utilities (HKLM-x32\...\{42CF3914-5357-45F2-8B3D-ED2F750FA7E4}) (Version: 1.1.0.51 - Western Digital Technologies, Inc.)
WebSite Auditor (HKLM-x32\...\seopowersuite) (Version: 4.38.11 - SEO PowerSuite)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.50 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Wondershare Video Converter Free(Build 6.5.2.3) (HKLM-x32\...\Wondershare Video Converter Free_is1) (Version: 6.5.2.3 - Wondershare Software)
YoutubeMovieMaker (HKLM\...\{543D2D61-3E3D-4CAD-A39A-B40D7E0911DB}) (Version: 18.16 - Youtube Movie Maker)

Packages:
=========
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc [2020-04-18] (Adobe Systems Incorporated)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2020-04-18] (Autodesk Inc.)
Componente aggiuntivo Foto -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2020-04-18] (Microsoft Corporation)
Componente aggiuntivo motore dei supporti Foto -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-04-18] (Microsoft Corporation)
Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_4.9.0.6_x86__h6adky7gbf63m [2020-04-18] (Gameloft SE)
Estensione video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2020-04-18] (Microsoft Corporation)
Kindle -> C:\Program Files\WindowsApps\AMZNMobileLLC.KindleforWindows8_2.1.0.2_neutral__stfe6vwa9jnbp [2020-04-12] (0)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-04-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-04-18] (Microsoft Corporation) [MS Ad]
Microsoft News: le ultime notizie in tempo reale -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.36.20714.0_x64__8wekyb3d8bbwe [2020-04-18] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.6.4030.0_x64__8wekyb3d8bbwe [2020-04-18] (Microsoft Studios) [MS Ad]
MSN Food & Drink -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2020-04-18] (Microsoft Corporation) [MS Ad]
MSN Meteo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-04-18] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.36.20714.0_x64__8wekyb3d8bbwe [2020-04-18] (Microsoft Corporation) [MS Ad]
MSN Salute & Benessere -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2020-04-18] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-04-18] (Microsoft Corporation) [MS Ad]
MSN Viaggi -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2020-04-18] (Microsoft Corporation) [MS Ad]
Raw Image Extension -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_1.0.21991.0_x64__8wekyb3d8bbwe [2020-04-18] (Microsoft Corporation)
TeamViewer: Remote Control -> C:\Program Files\WindowsApps\TeamViewer.31414B719FA93_15.0.100.0_x86__89446h4zmeyyt [2020-04-18] (TeamViewer)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2020-04-18] (Twitter Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1801797792-2963998745-2400400606-1001_Classes\CLSID\{41052F6E-3662-4584-BCD3-77BCCAAE8470}\InprocServer32 -> C:\Users\MARCO\AppData\Local\SkypePlugin\7.32.6.278\GatewayActiveX-x64.dll (Microsoft Corporation -> Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-1801797792-2963998745-2400400606-1001_Classes\CLSID\{46406D82-6EC0-47CC-8A75-1F33C6DEDBBE}\InprocServer32 -> C:\Users\MARCO\AppData\Local\Google\Update\1.3.35.442\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1801797792-2963998745-2400400606-1001_Classes\CLSID\{9B57F475-CCB0-4C85-88A9-2AA9A6C0809A} -> [Amazon Drive] => C:\Users\MARCO\Amazon Drive [2016-12-18 00:14]
CustomCLSID: HKU\S-1-5-21-1801797792-2963998745-2400400606-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
CustomCLSID: HKU\S-1-5-21-1801797792-2963998745-2400400606-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\MARCO\AppData\Local\Google\Update\1.3.35.452\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-1801797792-2963998745-2400400606-1001_Classes\CLSID\{E9E7529D-7F09-410B-AF2A-CC154473B19C}\InprocServer32 -> C:\Users\MARCO\AppData\Local\Google\Update\1.3.35.452\psuser_64.dll (Google LLC -> Google LLC)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-04-06] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-04-06] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-04-06] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2019-06-17] (Notepad++ -> )
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-04-06] (Google LLC -> Google)
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll -> No File
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2020-01-22] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [PicaViewCtxMenuShlExt] -> {F3CBBA61-EE3F-4D6D-B1C6-B3474E579936} => C:\Program Files\Common Files\ACD Systems\PicaView\ACDSeePV.dll [2019-09-23] (ACD Systems International Inc. -> ACD Systems International Inc.)
ContextMenuHandlers1: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2017-09-04] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => C:\WINDOWS\SysWOW64\WSCM64.dll [2018-03-26] (Wondershare Software Co., Ltd. -> )
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll -> No File
ContextMenuHandlers2: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2017-09-04] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd) [File not signed]
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-04-06] (Google LLC -> Google)
ContextMenuHandlers4: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2017-09-04] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd) [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2020-02-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => -> No File
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.pDAD] => C:\WINDOWS\system32\prodad-codec.dll [607256 2017-04-26] (proDAD GmbH -> proDAD GmbH)
HKLM\...\Drivers32: [vidc.yv12] => C:\Windows\SysWOW64\yv12vfw.dll [83456 2010-11-03] (www.helixcommunity.org) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\MARCO\Desktop\MATERIALE QGIS DEM\OSGeo4W\OSGeo4W Shell.lnk -> C:\OSGeo4W64\OSGeo4W.bat ()
ShortcutWithArgument: C:\Users\MARCO\Desktop\Marco (mmosca@credem.it) - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 5"
ShortcutWithArgument: C:\Users\MARCO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ruby 2.3.3-p222-x64\Start Command Prompt with Ruby.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /E:ON /K C:\Ruby23-x64\bin\setrbvars.bat
ShortcutWithArgument: C:\Users\MARCO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applicazioni Chrome\Sorgenia.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 3" --app-id=ldadomeegcgcdjfcijngdjglflcghljg
ShortcutWithArgument: C:\Users\MARCO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applicazioni Chrome\Vysor.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=gidgenkbbabolejbgbpnhbimgjbffefm
ShortcutWithArgument: C:\Users\MARCO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7cd27c6fdd0b5b45\Google Hangouts.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 3" --app-id=nckgahadagoaajjgafhacjanaoiihapd
ShortcutWithArgument: C:\Users\MARCO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\225bb61db2f318c1\Marco - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 3"

==================== Loaded Modules (Whitelisted) =============

2019-08-31 16:10 - 2019-03-04 01:31 - 000092672 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\_ctypes.pyd
2019-08-31 16:10 - 2019-03-04 01:34 - 001096192 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\_hashlib.pyd
2019-08-31 16:10 - 2019-03-04 01:32 - 000027648 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\_multiprocessing.pyd
2019-08-31 16:10 - 2019-03-04 01:33 - 000046592 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\_socket.pyd
2019-08-31 16:10 - 2019-03-04 01:34 - 001415680 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\_ssl.pyd
2019-08-31 16:10 - 2019-06-08 23:12 - 000016384 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\_winxptheme.pyd
2019-08-31 16:10 - 2019-03-04 01:32 - 000071168 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\bz2.pyd
2019-08-31 16:10 - 2019-06-08 21:25 - 000014336 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\faulthandler.pyd
2019-08-31 16:10 - 2018-08-04 17:26 - 000104448 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\numpy.core._multiarray_tests.pyd
2019-08-31 16:10 - 2018-08-04 17:26 - 001220608 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\numpy.core.multiarray.pyd
2019-08-31 16:10 - 2018-08-04 17:26 - 000717312 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\numpy.core.umath.pyd
2019-08-31 16:10 - 2018-08-04 17:26 - 000066560 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\numpy.fft.fftpack_lite.pyd
2019-08-31 16:10 - 2018-08-04 17:26 - 001478144 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\numpy.linalg._umath_linalg.pyd
2019-08-31 16:10 - 2018-08-04 17:26 - 001382912 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\numpy.linalg.lapack_lite.pyd
2019-08-31 16:10 - 2018-08-04 17:26 - 000664576 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\numpy.random.mtrand.pyd
2019-08-31 16:10 - 2019-03-04 01:32 - 000143360 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\pyexpat.pyd
2019-08-31 16:10 - 2018-09-28 17:23 - 000397824 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\pythoncom27.dll
2019-08-31 16:10 - 2018-09-28 17:21 - 000110592 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\pywintypes27.dll
2019-08-31 16:10 - 2019-03-04 01:32 - 000010240 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\select.pyd
2019-08-31 16:10 - 2019-03-04 01:32 - 000687104 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\unicodedata.pyd
2019-08-31 16:10 - 2019-06-08 23:12 - 000100864 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\win32api.pyd
2019-08-31 16:10 - 2019-06-08 23:12 - 000397824 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\win32com.shell.shell.pyd
2019-08-31 16:10 - 2019-06-08 23:12 - 000045568 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\win32console.pyd
2019-08-31 16:10 - 2019-06-08 23:12 - 000018432 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\win32event.pyd
2019-08-31 16:10 - 2019-06-08 23:12 - 000119808 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\win32file.pyd
2019-08-31 16:10 - 2019-06-08 23:12 - 000167936 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\win32gui.pyd
2019-08-31 16:10 - 2019-06-08 23:12 - 000036864 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\win32process.pyd
2019-08-31 16:10 - 2019-06-01 21:25 - 000862208 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\wx._adv.pyd
2019-08-31 16:10 - 2019-06-01 21:25 - 005679616 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\wx._core.pyd
2019-08-31 16:10 - 2019-06-01 21:25 - 000428544 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\wx._grid.pyd
2019-08-31 16:10 - 2019-06-01 21:25 - 000500736 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\wx._html.pyd
2019-08-31 16:10 - 2019-06-01 21:25 - 000066560 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\wx._xml.pyd
2019-08-31 16:10 - 2019-06-01 21:25 - 000091648 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\wx._xrc.pyd
2019-08-31 16:10 - 2019-06-01 21:25 - 000088576 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\wx.siplib.pyd
2019-10-05 00:41 - 2015-09-10 16:50 - 000195072 _____ () [File not signed] C:\Program Files (x86)\hicloud\update_server\ExceptionHandler.dll
2019-10-05 00:41 - 2015-09-10 16:50 - 001320448 _____ () [File not signed] C:\Program Files (x86)\hicloud\update_server\hlog.dll
2019-10-05 00:41 - 2015-09-10 16:50 - 000151607 _____ () [File not signed] C:\Program Files (x86)\hicloud\update_server\hpr.dll
2019-10-05 00:41 - 2015-09-10 16:50 - 000107520 _____ () [File not signed] C:\Program Files (x86)\hicloud\update_server\SPUpDate.dll
2020-03-08 18:56 - 2005-07-18 14:43 - 000160256 _____ () [File not signed] C:\Program Files (x86)\MSI\Live Update\unrar.dll
2020-04-19 13:17 - 2020-04-19 13:17 - 000114176 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\_ctypes.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000173056 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\_elementtree.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 002133504 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\_hashlib.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000032256 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\_multiprocessing.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000046080 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\_psutil_windows.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000047616 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\_socket.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 002701824 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\_ssl.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000026112 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\_yappi.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000080896 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\bz2.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000016384 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\common.time34.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000007680 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\hashobjs_ext.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000301568 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\PIL._imaging.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000169472 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\pyexpat.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 001084416 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\pysqlite2._sqlite.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000548864 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\pythoncom27.dll
2020-04-19 13:17 - 2020-04-19 13:17 - 000137728 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\pywintypes27.dll
2020-04-19 13:17 - 2020-04-19 13:17 - 000010752 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\select.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000020992 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\thumbnails_ext.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000689664 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\unicodedata.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000119808 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\usb_ext.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000128512 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\win32api.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000438784 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\win32com.shell.shell.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000011776 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\win32crypt.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000023040 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\win32event.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000149504 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\win32file.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000223232 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\win32gui.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000048128 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\win32inet.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000029696 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\win32pdh.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000027648 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\win32pipe.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000044032 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\win32process.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000020480 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\win32profile.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000136192 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\win32security.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000026624 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\win32ts.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000034816 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\windows.conditional.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000038400 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\windows.connectivity.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000071680 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\windows.device_monitor.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000109056 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\windows.volumes.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000020480 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\windows.winwrap.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 001325056 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\wx._controls_.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 001489408 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\wx._core_.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 001007104 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\wx._gdi_.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000103424 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\wx._html2.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000916992 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\wx._misc_.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 001039872 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\wx._windows_.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000114176 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\_ctypes.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000173056 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\_elementtree.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 002133504 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\_hashlib.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000032256 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\_multiprocessing.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000046080 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\_psutil_windows.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000047616 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\_socket.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 002701824 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\_ssl.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000026112 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\_yappi.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000080896 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\bz2.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000016384 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\common.time34.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000007680 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\hashobjs_ext.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000301568 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\PIL._imaging.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000169472 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\pyexpat.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 001084416 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\pysqlite2._sqlite.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000548864 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\pythoncom27.dll
2020-04-19 13:17 - 2020-04-19 13:17 - 000137728 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\pywintypes27.dll
2020-04-19 13:17 - 2020-04-19 13:17 - 000010752 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\select.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000020992 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\thumbnails_ext.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000689664 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\unicodedata.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000119808 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\usb_ext.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000128512 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\win32api.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000438784 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\win32com.shell.shell.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000011776 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\win32crypt.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000023040 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\win32event.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000149504 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\win32file.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000223232 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\win32gui.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000048128 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\win32inet.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000029696 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\win32pdh.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000027648 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\win32pipe.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000044032 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\win32process.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000020480 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\win32profile.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000136192 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\win32security.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000026624 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\win32ts.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000034816 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\windows.conditional.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000038400 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\windows.connectivity.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000071680 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\windows.device_monitor.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000109056 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\windows.volumes.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000020480 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\windows.winwrap.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 001325056 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\wx._controls_.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 001489408 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\wx._core_.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 001007104 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\wx._gdi_.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000103424 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\wx._html2.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000916992 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\wx._misc_.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 001039872 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\wx._windows_.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000114176 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\_ctypes.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000173056 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\_elementtree.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 002133504 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\_hashlib.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000032256 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\_multiprocessing.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000046080 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\_psutil_windows.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000047616 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\_socket.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 002701824 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\_ssl.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000026112 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\_yappi.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000080896 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\bz2.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000016384 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\common.time34.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000007680 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\hashobjs_ext.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000301568 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\PIL._imaging.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000169472 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\pyexpat.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 001084416 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\pysqlite2._sqlite.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000548864 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\pythoncom27.dll
2020-04-19 13:16 - 2020-04-19 13:16 - 000137728 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\pywintypes27.dll
2020-04-19 13:16 - 2020-04-19 13:16 - 000010752 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\select.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000020992 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\thumbnails_ext.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000689664 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\unicodedata.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000119808 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\usb_ext.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000128512 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\win32api.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000438784 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\win32com.shell.shell.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000011776 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\win32crypt.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000023040 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\win32event.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000149504 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\win32file.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000223232 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\win32gui.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000048128 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\win32inet.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000029696 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\win32pdh.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000027648 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\win32pipe.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000044032 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\win32process.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000020480 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\win32profile.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000136192 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\win32security.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000026624 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\win32ts.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000034816 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\windows.conditional.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000038400 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\windows.connectivity.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000071680 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\windows.device_monitor.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000109056 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\windows.volumes.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000020480 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\windows.winwrap.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 001325056 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\wx._controls_.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 001489408 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\wx._core_.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 001007104 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\wx._gdi_.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000103424 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\wx._html2.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000916992 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\wx._misc_.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 001039872 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\wx._windows_.pyd
2012-05-03 10:47 - 2012-05-03 10:47 - 001681408 _____ (/n software inc. - www.nsoftware.com) [File not signed] C:\Program Files\ACD Systems\ACDSee Ultimate\12.0\ipworksssl8.dll
2012-05-03 10:47 - 2012-05-03 10:47 - 001681408 _____ (/n software inc. - www.nsoftware.com) [File not signed] C:\Program Files\ACD Systems\ACDSee Ultimate\13.0\ipworksssl8.dll
2015-09-25 19:46 - 2012-09-21 05:00 - 000303104 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNCALBL.DLL
2014-11-22 21:53 - 2012-03-14 06:00 - 000385024 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMLMAE.DLL
2015-09-25 19:46 - 2012-09-20 05:00 - 000390656 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMLMBL.DLL
2014-11-17 00:02 - 2012-07-31 10:48 - 000359936 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL
2014-11-22 21:57 - 2012-03-14 06:00 - 000385024 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMXLMAE.DLL
2017-05-21 00:18 - 2012-09-20 05:00 - 000030208 _____ (CANON INC.) [File not signed] C:\WINDOWS\system32\spool\PRTPROCS\x64\CNMPDBL.DLL
2018-03-09 19:47 - 2017-09-04 18:47 - 000382096 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll
2014-04-20 11:17 - 2014-04-20 11:17 - 000803520 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicExplorer64.dll
2016-08-22 22:31 - 2019-03-04 01:31 - 002649600 _____ (Python Software Foundation) [File not signed] C:\Program Files (x86)\DisplayCAL\PYTHON27.DLL
2020-04-19 13:17 - 2020-04-19 13:17 - 003042816 _____ (Python Software Foundation) [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\python27.dll
2020-04-19 13:17 - 2020-04-19 13:17 - 003042816 _____ (Python Software Foundation) [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\python27.dll
2020-04-19 13:16 - 2020-04-19 13:16 - 003042816 _____ (Python Software Foundation) [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\python27.dll
2015-12-17 11:11 - 2015-12-17 11:11 - 000132096 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\epnsm.dll
2009-10-21 17:39 - 2009-10-21 17:39 - 000291328 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\LcMgr.dll
2019-02-22 18:01 - 2019-02-22 18:01 - 000704512 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files (x86)\EPSON\MyEpson Portal\Configration_00000171\MepCfg.dll
2019-02-22 16:09 - 2019-02-22 16:09 - 000475136 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files (x86)\EPSON\MyEpson Portal\Online Manual_00000013\MepFAQ.dll
2019-10-05 00:41 - 2015-09-10 16:50 - 000285184 _____ (The cURL library, hxxp://curl.haxx.se/) [File not signed] C:\Program Files (x86)\hicloud\update_server\libcurl.dll
2019-10-05 00:41 - 2015-09-10 16:50 - 001204736 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\hicloud\update_server\LIBEAY32.dll
2019-10-05 00:41 - 2015-09-10 16:50 - 000296448 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\hicloud\update_server\SSLEAY32.dll
2019-08-31 16:10 - 2019-06-01 21:25 - 000155136 _____ (wxWidgets development team) [File not signed] C:\Program Files (x86)\DisplayCAL\lib\wxbase30u_net_vc90.dll
2019-08-31 16:10 - 2019-06-01 21:25 - 002036736 _____ (wxWidgets development team) [File not signed] C:\Program Files (x86)\DisplayCAL\lib\wxbase30u_vc90.dll
2019-08-31 16:10 - 2019-06-01 21:25 - 000136192 _____ (wxWidgets development team) [File not signed] C:\Program Files (x86)\DisplayCAL\lib\wxbase30u_xml_vc90.dll
2019-08-31 16:10 - 2019-06-01 21:25 - 001253888 _____ (wxWidgets development team) [File not signed] C:\Program Files (x86)\DisplayCAL\lib\wxmsw30u_adv_vc90.dll
2019-08-31 16:10 - 2019-06-01 21:25 - 004882432 _____ (wxWidgets development team) [File not signed] C:\Program Files (x86)\DisplayCAL\lib\wxmsw30u_core_vc90.dll
2019-08-31 16:10 - 2019-06-01 21:25 - 000601600 _____ (wxWidgets development team) [File not signed] C:\Program Files (x86)\DisplayCAL\lib\wxmsw30u_html_vc90.dll
2019-08-31 16:10 - 2019-06-01 21:25 - 000687104 _____ (wxWidgets development team) [File not signed] C:\Program Files (x86)\DisplayCAL\lib\wxmsw30u_xrc_vc90.dll
2020-04-19 13:17 - 2020-04-19 13:17 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\wxbase30u_net_vc90_x64.dll
2020-04-19 13:17 - 2020-04-19 13:17 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\wxbase30u_vc90_x64.dll
2020-04-19 13:17 - 2020-04-19 13:17 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\wxmsw30u_adv_vc90_x64.dll
2020-04-19 13:17 - 2020-04-19 13:17 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\wxmsw30u_core_vc90_x64.dll
2020-04-19 13:17 - 2020-04-19 13:17 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\wxmsw30u_html_vc90_x64.dll
2020-04-19 13:17 - 2020-04-19 13:17 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\wxmsw30u_webview_vc90_x64.dll
2020-04-19 13:17 - 2020-04-19 13:17 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\wxbase30u_net_vc90_x64.dll
2020-04-19 13:17 - 2020-04-19 13:17 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\wxbase30u_vc90_x64.dll
2020-04-19 13:17 - 2020-04-19 13:17 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\wxmsw30u_adv_vc90_x64.dll
2020-04-19 13:17 - 2020-04-19 13:17 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\wxmsw30u_core_vc90_x64.dll
2020-04-19 13:17 - 2020-04-19 13:17 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\wxmsw30u_html_vc90_x64.dll
2020-04-19 13:17 - 2020-04-19 13:17 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\wxmsw30u_webview_vc90_x64.dll
2020-04-19 13:16 - 2020-04-19 13:16 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\wxbase30u_net_vc90_x64.dll
2020-04-19 13:16 - 2020-04-19 13:16 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\wxbase30u_vc90_x64.dll
2020-04-19 13:16 - 2020-04-19 13:16 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\wxmsw30u_adv_vc90_x64.dll
2020-04-19 13:16 - 2020-04-19 13:16 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\wxmsw30u_core_vc90_x64.dll
2020-04-19 13:16 - 2020-04-19 13:16 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\wxmsw30u_html_vc90_x64.dll
2020-04-19 13:16 - 2020-04-19 13:16 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\wxmsw30u_webview_vc90_x64.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:6DDED7D9 [280]
AlternateDataStreams: C:\Users\MARCO\Amazon Drive:com.amazon.drive.sync [88]
AlternateDataStreams: C:\Users\MARCO\Amazon Drive:com.amazon.drive.sync.root [42]
AlternateDataStreams: C:\Users\MARCO\AppData\Local\Temp:com.affinity.designer.2 [320]
AlternateDataStreams: C:\Users\MARCO\AppData\Local\Temp:com.affinity.photo.2 [366]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\localhost -> localhost

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2020-01-29 18:47 - 000000925 _____ C:\WINDOWS\system32\drivers\etc\hosts
83.103.59.70 mammacucina.it www.mammacucina.it
83.103.59.70 comeunavolta.it www.comeunavolta.it
83.103.59.70 wordpressfix.it www.wordpressfix.it

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64\compiler;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Calibre2\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files (x86)\Skype\Phone\;C:\Users\MARCO\AppData\Local\Microsoft\WindowsApps;C:\adb;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\PuTTY\
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\MARCO\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\win ltblue 1920x1200.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: cFosSpeedS => 2
MSCONFIG\Services: EaseUS Agent => 2
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: ICCS => 3
MSCONFIG\Services: McAfee WebAdvisor => 2
MSCONFIG\Services: MSIClock_CC => 3
MSCONFIG\Services: MSICOMM_CC => 3
MSCONFIG\Services: MSICPU_CC => 3
MSCONFIG\Services: MSICTL_CC => 2
MSCONFIG\Services: MSIDDR_CC => 2
MSCONFIG\Services: MSISMB_CC => 3
MSCONFIG\Services: MSISuperIO_CC => 3
MSCONFIG\Services: MSI_RAMDisk_Service => 2
MSCONFIG\Services: RAMDrivService => 2
MSCONFIG\Services: RichVideo64 => 2
MSCONFIG\Services: tbaseprovisioning => 2
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\Services: WsAppService => 2
MSCONFIG\Services: WsDrvInst => 2
MSCONFIG\Services: WTabletServicePro => 2
HKLM\...\StartupApproved\StartupFolder: => "ScreenManager Pro for LCD Ver3.3.3.lnk"
HKLM\...\StartupApproved\Run: => "VX3000"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "NahimicVRSvc64"
HKLM\...\StartupApproved\Run: => "NahimicVRSvc32"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "Live Update"
HKLM\...\StartupApproved\Run32: => "X_Boost"
HKLM\...\StartupApproved\Run32: => "Command Center"
HKLM\...\StartupApproved\Run32: => "Super Charger"
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\StartupApproved\StartupFolder: => "Invia a OneNote.lnk"
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\StartupApproved\Run: => "AceMoneyReminder"
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\StartupApproved\Run: => "AdobeBridge"
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\StartupApproved\Run: => "iCloudPhotos"
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\StartupApproved\Run: => "Skype for Desktop"
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\StartupApproved\Run: => "com.squirrel.WhatsApp.WhatsApp"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{C03958B7-874C-4CA3-993F-8DB651C5A533}C:\bitnami\wordpress-5.2.2-0\apache2\bin\httpd.exe] => (Allow) C:\bitnami\wordpress-5.2.2-0\apache2\bin\httpd.exe No File
FirewallRules: [TCP Query User{04CA0B51-9204-49E8-B303-5E761BC6F7D9}C:\bitnami\wordpress-5.2.2-0\apache2\bin\httpd.exe] => (Allow) C:\bitnami\wordpress-5.2.2-0\apache2\bin\httpd.exe No File
FirewallRules: [UDP Query User{3953C3F3-8C51-47DE-A87E-91708F33656E}C:\bitnami\wordpress-5.2.2-0\mysql\bin\mysqld.exe] => (Allow) C:\bitnami\wordpress-5.2.2-0\mysql\bin\mysqld.exe No File
FirewallRules: [TCP Query User{6954FCD0-DC02-415E-8900-1F139FFE129C}C:\bitnami\wordpress-5.2.2-0\mysql\bin\mysqld.exe] => (Allow) C:\bitnami\wordpress-5.2.2-0\mysql\bin\mysqld.exe No File
FirewallRules: [{972E1010-21DB-4298-92A6-A98028D3C0F2}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9D18D74D-C2A5-4FE6-B09D-630D4C550817}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C1B99A39-F5CB-41F1-B422-1F6CFF50C367}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F5A496EB-6B78-4AEC-862A-13889DA8E319}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E8154D50-8169-4B59-86FD-621541E92FD8}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe No File
FirewallRules: [{FEEB344A-AE96-4925-B7AE-A318D4D1B843}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe No File
FirewallRules: [{E626089B-D62E-4584-9D56-BFE1092E398F}] => (Allow) C:\Windows\SysWOW64\muzapp.exe (Musiccity Co.Ltd.) [File not signed]
FirewallRules: [{007FFAA1-927F-4423-83D2-BE6B7CFA51DC}] => (Allow) C:\Windows\SysWOW64\muzapp.exe (Musiccity Co.Ltd.) [File not signed]
FirewallRules: [TCP Query User{FE9B9AAC-1C6D-4480-90F4-DE8D5EFB5DCE}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe No File
FirewallRules: [{FF807332-3F5B-49CF-A3D6-9CEC3C667FA1}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManagerCoreServices.exe No File
FirewallRules: [{A618FC33-B00C-4BAA-9860-FE3B981D34B6}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManagerCoreServices.exe No File
FirewallRules: [{2D9F1D91-ECBB-4FB9-BFE2-2BC5B0AFA8C8}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManager.exe No File
FirewallRules: [{75800B39-434D-4DC6-BA0B-3ED5E1C36305}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManager.exe No File
FirewallRules: [{F0F18BF5-E904-4429-9883-ACD162F2C275}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\rtmpsrv.exe No File
FirewallRules: [{E5EECABC-DF11-4A9B-AA79-3FBA91AA2E44}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\rtmpsrv.exe No File
FirewallRules: [{53BD16A8-4D62-4F22-8905-A2F17D2E3CC1}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe No File
FirewallRules: [{44019131-5540-4B75-9587-674B25FA8019}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe No File
FirewallRules: [TCP Query User{F4D3DC62-A42A-41A2-8290-A4001B8DEB08}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [UDP Query User{CFF1661A-0E55-4D54-B43C-E2989C1DDE8D}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{264B0FE5-1294-44E6-A582-5EA2355254A6}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
FirewallRules: [{9936B3B5-C0DA-42ED-9179-4BFE54F65D4C}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
FirewallRules: [{6C5D71A8-1A61-41D2-B301-6E1F09E55902}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
FirewallRules: [{02B5CD24-67D3-4DF7-90F0-E9B6F12602B1}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
FirewallRules: [{EFEEBDB4-63B7-40B5-B65B-792DA410170A}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed]
FirewallRules: [{21531347-98A1-44AB-8F9F-0C6997A13F4E}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed]
FirewallRules: [{E2462E14-A0F7-4697-A9CD-5BEC34FF2220}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe No File
FirewallRules: [{5B9DEE0D-3E23-4634-AE73-167429B563D4}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe No File
FirewallRules: [{A865A004-0D04-4EAE-997B-15C01426B104}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe No File
FirewallRules: [{08275B6F-4CAD-4B9B-904A-712D96FEF081}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe No File
FirewallRules: [{4921D2F3-DB4F-4160-912D-AFC0383F77C9}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe No File
FirewallRules: [{2D84E32D-8E79-4FF0-8EBE-6F29D06D0CAD}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe No File
FirewallRules: [{34277CAD-9B1B-42E1-BB01-3F8EC9055578}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe No File
FirewallRules: [{DFCC4AD0-75F2-450A-8038-9C066F33F882}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\OxygenPanelDaemon.exe No File
FirewallRules: [{91795F08-39ED-4303-AB4B-E1D6BEAB6FAB}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DPDecoder.exe No File
FirewallRules: [{7B75AEBD-D2CF-4B4E-B26A-B45B248EF909}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe No File
FirewallRules: [TCP Query User{E965226C-B794-4CFC-9EA3-920864A73BC3}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe No File
FirewallRules: [UDP Query User{E87FEF4C-E305-4B1D-869A-E3574B06FF8C}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe No File
FirewallRules: [TCP Query User{6F6A641F-C412-4069-B166-F330322C883A}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe No File
FirewallRules: [UDP Query User{D706F419-8194-4C30-916D-1137C8C2ED34}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe No File
FirewallRules: [TCP Query User{283C508A-CD5F-4355-AA04-598D95FC5521}D:\downloads\argyll_v1.9.2_win64_exe (1)\argyll_v1.9.2\bin\dispwin.exe] => (Allow) D:\downloads\argyll_v1.9.2_win64_exe (1)\argyll_v1.9.2\bin\dispwin.exe () [File not signed]
FirewallRules: [UDP Query User{A392BE8E-8983-42E8-AC10-1D85A24670A1}D:\downloads\argyll_v1.9.2_win64_exe (1)\argyll_v1.9.2\bin\dispwin.exe] => (Allow) D:\downloads\argyll_v1.9.2_win64_exe (1)\argyll_v1.9.2\bin\dispwin.exe () [File not signed]
FirewallRules: [TCP Query User{32F8D665-FDA0-4A69-A82B-DD52EBED56E3}D:\downloads\argyll_v2.0.0\bin\dispcal.exe] => (Allow) D:\downloads\argyll_v2.0.0\bin\dispcal.exe () [File not signed]
FirewallRules: [UDP Query User{D914CCB3-1764-4AE8-A8BB-9929F2D09EB9}D:\downloads\argyll_v2.0.0\bin\dispcal.exe] => (Allow) D:\downloads\argyll_v2.0.0\bin\dispcal.exe () [File not signed]
FirewallRules: [TCP Query User{2B71089D-280D-49F9-93DA-DCB6D2171652}D:\downloads\argyll_v2.0.0\bin\dispwin.exe] => (Allow) D:\downloads\argyll_v2.0.0\bin\dispwin.exe () [File not signed]
FirewallRules: [UDP Query User{9240E0FB-7C16-42D4-BB09-F0FE4CAB1AD2}D:\downloads\argyll_v2.0.0\bin\dispwin.exe] => (Allow) D:\downloads\argyll_v2.0.0\bin\dispwin.exe () [File not signed]
FirewallRules: [{B2D78AD4-AAEC-4B6A-BC5C-FC929F067A48}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{20E9EEE9-1974-4478-8ACE-1B2E1EC825B6}C:\users\marco\appdata\local\vysor\app-1.8.3\vysor.exe] => (Block) C:\users\marco\appdata\local\vysor\app-1.8.3\vysor.exe No File
FirewallRules: [UDP Query User{12A5A4CE-96C5-4630-944A-9F0437508122}C:\users\marco\appdata\local\vysor\app-1.8.3\vysor.exe] => (Block) C:\users\marco\appdata\local\vysor\app-1.8.3\vysor.exe No File
FirewallRules: [TCP Query User{B38736B5-0BBD-4811-8636-46D6A9F22E5C}C:\users\marco\appdata\roaming\displaycal\dl\argyll_v2.1.1\bin\dispcal.exe] => (Allow) C:\users\marco\appdata\roaming\displaycal\dl\argyll_v2.1.1\bin\dispcal.exe () [File not signed]
FirewallRules: [UDP Query User{78298E55-EFFE-4CD2-927D-D3B0C8058B76}C:\users\marco\appdata\roaming\displaycal\dl\argyll_v2.1.1\bin\dispcal.exe] => (Allow) C:\users\marco\appdata\roaming\displaycal\dl\argyll_v2.1.1\bin\dispcal.exe () [File not signed]
FirewallRules: [TCP Query User{1F20F5BA-6DAC-4945-BD70-46991836642D}C:\users\marco\appdata\roaming\displaycal\dl\argyll_v2.1.1\bin\dispwin.exe] => (Allow) C:\users\marco\appdata\roaming\displaycal\dl\argyll_v2.1.1\bin\dispwin.exe () [File not signed]
FirewallRules: [UDP Query User{72A07AEB-AB22-434E-8F0A-F2AACE07444D}C:\users\marco\appdata\roaming\displaycal\dl\argyll_v2.1.1\bin\dispwin.exe] => (Allow) C:\users\marco\appdata\roaming\displaycal\dl\argyll_v2.1.1\bin\dispwin.exe () [File not signed]
FirewallRules: [{587EBAA7-3174-4274-A0C2-D4025119F113}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe No File
FirewallRules: [{AAA9196F-9E4E-4822-8D59-8456755D5E0F}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe No File
FirewallRules: [{FC0E23C3-DC2C-4E90-A927-BB4F147E898A}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe No File
FirewallRules: [{BD7FB9AE-3D18-48EA-B956-16F90447A12E}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe No File
FirewallRules: [{241B43D4-9AFD-44D5-8DF4-38C04690E4E2}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe No File
FirewallRules: [{81392681-C86E-4FD4-8195-5EFDC3792825}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe No File
FirewallRules: [TCP Query User{FFD84F39-CADE-4D5C-9B10-B3F563A13DA7}C:\users\marco\desktop\anydesk.exe] => (Allow) C:\users\marco\desktop\anydesk.exe (philandro Software GmbH -> )
FirewallRules: [UDP Query User{585FD831-6740-4D24-8ED6-2BAB3A8E53DF}C:\users\marco\desktop\anydesk.exe] => (Allow) C:\users\marco\desktop\anydesk.exe (philandro Software GmbH -> )
FirewallRules: [TCP Query User{F7E6F21A-0E24-4F67-B1A8-CA4034105276}C:\program files (x86)\ezviz studio\ezvizstudio.exe] => (Allow) C:\program files (x86)\ezviz studio\ezvizstudio.exe (EZVIZ Inc. -> EZVIZ Inc.)
FirewallRules: [UDP Query User{976E530D-B52E-4411-BEB8-A313FC302335}C:\program files (x86)\ezviz studio\ezvizstudio.exe] => (Allow) C:\program files (x86)\ezviz studio\ezvizstudio.exe (EZVIZ Inc. -> EZVIZ Inc.)
FirewallRules: [{B7DA1882-332C-44B5-8C61-1C4C6D09B4FC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{479AC355-0CDA-45AD-88DA-EC7055371F94}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{C2BB7098-1EBA-469C-9A40-A825EF85A371}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{9F4A151D-6B70-47F7-AEB9-6F5A06A7F477}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{C6988782-B7FC-4F58-AC4B-9D80FEB4BF94}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1C8E7729-7064-42B4-A115-FB352896BD6D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C872387C-87CB-4121-9D57-18CF35D44920}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1B3C7FC1-49E1-4A40-9492-CA41E1CEE2DF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1EEC9176-2FC0-4378-AB5A-35633A24FF5E}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{73B2FD4D-6410-4D3F-9E1B-AE1D96663C2E}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F2AAD59A-0BFA-4498-A9B7-0FA181247AD3}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0EBD4E54-453C-4093-A987-56A961CC98D4}] => (Allow) C:\Program Files\ATOMI\ActivePresenter\ActivePresenter.exe (ATOMI SYSTEMS, INC. -> Atomi Systems, Inc.)
FirewallRules: [{31E76FD8-B68E-4982-A6F0-8D6202A6E798}] => (Allow) C:\Program Files\ATOMI\ActivePresenter\rlactivator.exe (ATOMI SYSTEMS, INC. -> Atomi Systems, Inc.)
FirewallRules: [{A6340713-B7E1-4FB3-975B-3AB9308AA12D}] => (Allow) C:\Program Files\ON1\ON1 Photo RAW 2020\on1capture.exe No File
FirewallRules: [{EAE248D6-7334-4BBB-ACCE-C374DFCE6A28}] => (Allow) C:\Program Files\ON1\ON1 Photo RAW 2020\on1capture.exe No File
FirewallRules: [{43A65198-4C38-48EB-87FE-0D6B174EEF74}] => (Allow) C:\Program Files\ON1\ON1 Photo RAW 2020\on1sandbox.exe No File
FirewallRules: [{FB2184B0-DCA2-42D5-8129-360F55A5C024}] => (Allow) C:\Program Files\ON1\ON1 Photo RAW 2020\on1sandbox.exe No File
FirewallRules: [{629CF5F0-3599-47AF-826F-A6C2B70766BF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{D4E5D287-AA90-4736-AE91-26F7BBD365E7}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP - Installer for ACDSee Commander Ultimate 2019] => (Allow) C:\Program Files\ACD Systems\ACDSee Ultimate\12.0\ACDSeeCommanderUltimate12.exe (ACD Systems International Inc. -> )
FirewallRules: [UDP - Installer for ACDSee Commander Ultimate 2019] => (Allow) C:\Program Files\ACD Systems\ACDSee Ultimate\12.0\ACDSeeCommanderUltimate12.exe (ACD Systems International Inc. -> )
FirewallRules: [{BB05C3C8-52A7-43EE-8710-7EC4EFE48CF1}] => (Allow) C:\Program Files\ON1\ON1 Photo RAW 2020\ON1 Photo RAW 2020.exe No File
FirewallRules: [{B701C518-F668-49BE-97BB-659817964764}] => (Allow) C:\Program Files\ON1\ON1 Photo RAW 2020\ON1 Photo RAW 2020.exe No File
FirewallRules: [{D6294E22-CC9A-41C5-8E4A-73195D5DB1FC}] => (Allow) C:\Program Files\ON1\ON1 Photo RAW 2020\on1capture.exe No File
FirewallRules: [{6DF960EA-C40F-4D7D-805F-C03D53095CD5}] => (Allow) C:\Program Files\ON1\ON1 Photo RAW 2020\on1capture.exe No File
FirewallRules: [{6DAC54B4-1E82-442D-A0B1-8991BF2F6126}] => (Allow) C:\Program Files\ON1\ON1 Photo RAW 2020\on1sandbox.exe No File
FirewallRules: [{7C05B16A-216C-4016-8ABF-DBE01A14932F}] => (Allow) C:\Program Files\ON1\ON1 Photo RAW 2020\on1sandbox.exe No File
FirewallRules: [{E10BA5A5-2929-421A-BD1E-6C36EA782D92}] => (Allow) C:\Program Files\Easeware\DriverEasy\DriverEasy.exe (Easeware Technology Limited -> Easeware)
FirewallRules: [TCP - Installer for ACDSee Commander Ultimate 2020] => (Allow) C:\Program Files\ACD Systems\ACDSee Ultimate\13.0\ACDSeeCommanderUltimate13.exe (ACD Systems International Inc. -> )
FirewallRules: [UDP - Installer for ACDSee Commander Ultimate 2020] => (Allow) C:\Program Files\ACD Systems\ACDSee Ultimate\13.0\ACDSeeCommanderUltimate13.exe (ACD Systems International Inc. -> )
FirewallRules: [{26211AB9-B05C-4C58-A1F4-E0E76E82ED6C}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\83.0.4103.2\remoting_host.exe (Google LLC -> Google Inc.)

==================== Restore Points =========================

18-04-2020 23:38:11 Operazione di ripristino
19-04-2020 12:14:20 Driver Booster : Apple Mobile Device USB Driver
19-04-2020 12:48:33 AdwCleaner_BeforeCleaning_19/04/2020_12:48:24

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (04/19/2020 01:53:10 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Il Centro sicurezza PC non è riuscito a convalidare il chiamante con errore %1.

Error: (04/19/2020 01:51:34 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9968,R,98) TILEREPOSITORYS-1-5-18: Si è verificato l'errore -1023 (0xfffffc01) durante l'apertura del file di log C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (04/19/2020 01:31:36 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10952,R,98) TILEREPOSITORYS-1-5-18: Si è verificato l'errore -1023 (0xfffffc01) durante l'apertura del file di log C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (04/19/2020 01:22:03 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5312,R,98) TILEREPOSITORYS-1-5-18: Si è verificato l'errore -1023 (0xfffffc01) durante l'apertura del file di log C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (04/19/2020 01:17:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome dell'applicazione che ha generato l'errore: Radeonsoftware.exe, versione: 10.1.2.1788, timestamp: 0x5e59a285
Nome del modulo che ha generato l'errore: Radeonsoftware.exe, versione: 10.1.2.1788, timestamp: 0x5e59a285
Codice eccezione: 0xc0000005
Offset errore 0x00000000004082d7
ID processo che ha generato l'errore: 0x27f8
Ora di avvio dell'applicazione che ha generato l'errore: 0x01d6163c0873a2c1
Percorso dell'applicazione che ha generato l'errore: C:\Program Files\AMD\CNext\CNext\Radeonsoftware.exe
Percorso del modulo che ha generato l'errore: C:\Program Files\AMD\CNext\CNext\Radeonsoftware.exe
ID segnalazione: aba97c88-c3e2-4df2-96d8-e55f27c65cd8
Nome completo pacchetto che ha generato l'errore:
ID applicazione relativo al pacchetto che ha generato l'errore:

Error: (04/19/2020 01:13:17 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informazioni del servizio Copia Shadow del volume: impossibile avviare il server COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} denominato CEventSystem. [0x8007045b, È in corso l'arresto del sistema.
]

Error: (04/19/2020 01:13:17 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Errore del servizio Copia Shadow del volume: errore inatteso durante il richiamo della routine CoCreateInstance. hr = 0x8007045b, È in corso l'arresto del sistema.
.

Error: (04/19/2020 01:13:17 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informazioni del servizio Copia Shadow del volume: impossibile avviare il server COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} denominato CEventSystem. [0x8007045b, È in corso l'arresto del sistema.
]


System errors:
=============
Error: (04/19/2020 01:46:33 PM) (Source: DCOM) (EventID: 10001) (User: MARCO_GABRIELLA)
Description: Impossibile avviare un server DCOM Microsoft.Wallet_2.4.18324.0_x64__8wekyb3d8bbwe!App.AppXgvxkrr1tm1jwgecmqbxe81yfbwpjdn1h.mca come Non disponibile/Non disponibile. L'errore
"%%2147958106 = Il pacchetto non è attualmente disponibile."
si è verificato durante l'esecuzione del comando
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXggkaqzf6p31g37n0m8phzeswb0rt9m7e.mca

Error: (04/19/2020 12:49:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Il servizio Servizio A portata di clic di Microsoft Office è stato arrestato in modo imprevisto. Questo problema si è verificato 1 volta/e. Le seguenti azioni di correzione saranno eseguite tra 0 millisecondi: Riavvia il servizio.

Error: (04/19/2020 12:49:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Il servizio Apple Mobile Device Service è stato arrestato in modo imprevisto. Questo problema si è verificato 1 volta/e. Le seguenti azioni di correzione saranno eseguite tra 60000 millisecondi: Riavvia il servizio.

Error: (04/19/2020 12:49:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Arresto imprevista del servizio MSI_ActiveX_Service. Questo evento si è già verificato 1 volta(e).

Error: (04/19/2020 12:49:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Arresto imprevista del servizio MSI Live Update Service. Questo evento si è già verificato 1 volta(e).

Error: (04/19/2020 12:49:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Arresto imprevista del servizio Adobe Genuine Monitor Service. Questo evento si è già verificato 1 volta(e).

Error: (04/19/2020 12:49:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Arresto imprevista del servizio WD Drive Manager. Questo evento si è già verificato 1 volta(e).

Error: (04/19/2020 12:49:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Arresto imprevista del servizio Samsung RAPID Mode Service. Questo evento si è già verificato 1 volta(e).


Windows Defender:
===================================
Date: 2020-04-07 12:22:30.138
Description:
Windows Defender Antivirus: analisi interrotta prima del completamento.
ID analisi: {273E3667-4329-40A7-AC06-A987441D9EE3}
Tipo analisi: Antimalware
Parametri analisi: Analisi veloce
Utente: NT AUTHORITY\SYSTEM

Date: 2020-04-07 11:51:26.232
Description:
Windows Defender Antivirus: analisi interrotta prima del completamento.
ID analisi: {C274A005-1E0A-49D4-9093-5556023169B6}
Tipo analisi: Antimalware
Parametri analisi: Analisi veloce
Utente: NT AUTHORITY\SYSTEM

Date: 2020-04-07 09:55:36.298
Description:
Windows Defender Antivirus: analisi interrotta prima del completamento.
ID analisi: {FA7FC741-CB40-41AE-AE05-B7D43E474516}
Tipo analisi: Antimalware
Parametri analisi: Analisi veloce
Utente: NT AUTHORITY\SYSTEM

Date: 2020-04-06 23:21:17.926
Description:
Windows Defender Antivirus: analisi interrotta prima del completamento.
ID analisi: {3F1E8EA4-79A3-4D40-9AAC-378F58701B4A}
Tipo analisi: Antimalware
Parametri analisi: Analisi veloce
Utente: NT AUTHORITY\SYSTEM

Date: 2020-04-04 19:29:14.001
Description:
Windows Defender Antivirus: analisi interrotta prima del completamento.
ID analisi: {AAAD8449-328D-400C-9294-31A92F66BCAF}
Tipo analisi: Antimalware
Parametri analisi: Analisi veloce
Utente: NT AUTHORITY\SYSTEM

Date: 2020-04-19 01:56:19.618
Description:
Windows Defender Antivirus: errore durante il tentativo di caricare l'intelligence sulla sicurezza. Verrà tentato di ripristinare una versione valida.
%Intelligence sulla sicurezza tentata: Corrente
Codice errore: 0x80070003
Descrizione errore: Impossibile trovare il percorso specificato.
Versione intelligence sulla sicurezza: 0.0.0.0;0.0.0.0
Versione motore: 0.0.0.0

Date: 2020-04-18 12:30:14.503
Description:
Windows Defender Antivirus: errore durante il tentativo di caricare l'intelligence sulla sicurezza. Verrà tentato di ripristinare una versione valida.
%Intelligence sulla sicurezza tentata: Corrente
Codice errore: 0x80070003
Descrizione errore: Impossibile trovare il percorso specificato.
Versione intelligence sulla sicurezza: 0.0.0.0;0.0.0.0
Versione motore: 0.0.0.0

Date: 2020-04-16 22:35:54.281
Description:
Windows Defender Antivirus: il motore è stato terminato a causa di un errore imprevisto.
Tipo errore: Arresto anomalo
Codice eccezione: 0xc0000005
Risorsa: file:C:\Users\Administrator\Desktop\prova libro graphistudio\Contratto-tipo di servizio foto-video CCIAA Campobasso-Ise..pdf

CodeIntegrity:
===================================

Date: 2020-04-19 13:53:20.588
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-04-19 13:53:20.587
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-04-19 13:53:20.237
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-04-19 13:53:20.236
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-04-19 13:18:34.503
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2020-04-19 13:18:34.503
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2020-04-19 13:16:40.454
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2020-04-19 13:16:40.453
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 1.M0 01/23/2019
Motherboard: Micro-Star International Co., Ltd. B350 TOMAHAWK (MS-7A34)
Processor: AMD Ryzen 5 1600X Six-Core Processor
Percentage of memory in use: 43%
Total physical RAM: 16335.02 MB
Available physical RAM: 9265.97 MB
Total Virtual: 22209.02 MB
Available Virtual: 12237.36 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:475.89 GB) (Free:166.28 GB) NTFS
Drive d: (DATI) (Fixed) (Total:1862.89 GB) (Free:1025.99 GB) NTFS
Drive e: (ESD-ISO) (CDROM) (Total:3.08 GB) (Free:0 GB) UDF
Drive h: (Elements) (Fixed) (Total:3725.99 GB) (Free:950.79 GB) NTFS
Drive l: (FOTO) (Removable) (Total:28.65 GB) (Free:28.59 GB) NTFS
Drive n: () (Fixed) (Total:119.24 GB) (Free:82.66 GB) NTFS

\\?\Volume{2ec8b1ec-9dcc-11e6-83b5-902b34557b33}\ (Ripristino) (Fixed) (Total:0.29 GB) (Free:0.28 GB) NTFS
\\?\Volume{658b0dba-d338-4bf1-8e16-29accfc4a607}\ () (Fixed) (Total:0.54 GB) (Free:0.08 GB) NTFS
\\?\Volume{88f80dd2-4114-4c64-be29-2ee9e8e6faa8}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: C212A9CC)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 0FCFAF9E)

Partition: GPT.

==========================================================
Disk: 2 (Size: 119.2 GB) (Disk ID: C212A9CC)

Partition: GPT.

==========================================================
Disk: 3 (Size: 3726 GB) (Disk ID: 16F2A91F)

Partition: GPT.

==========================================================
Disk: 4 (MBR Code: Windows 7/8/10) (Size: 28.7 GB) (Disk ID: B1CC2181)
Partition 1: (Active) - (Size=28.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================







Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-04-2020
Ran by MARCO (administrator) on MARCO_GABRIELLA (Micro-Star International Co., Ltd. MS-7A34) (19-04-2020 13:55:29)
Running from C:\Users\MARCO\Desktop
Loaded Profiles: MARCO (Available Profiles: MARCO & Simone & gabriella & Administrator)
Platform: Windows 10 Home Version 1909 18363.778 (X64) Language: Italiano (Italia)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ACD Systems International Inc. -> ) C:\Program Files\ACD Systems\ACDSee Ultimate\12.0\ACDSeeCommanderUltimate12.exe
(ACD Systems International Inc. -> ) C:\Program Files\ACD Systems\ACDSee Ultimate\13.0\ACDSeeCommanderUltimate13.exe
(ACD Systems International Inc. -> ACD Systems) C:\Program Files\ACD Systems\ACDSee Ultimate\13.0\acdIDInTouch2.exe
(Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <3>
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0352369.inf_amd64_275818c45a90b362\B352355\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0352369.inf_amd64_275818c45a90b362\B352355\atiesrxx.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(EZVIZ Inc. -> ) C:\Program Files (x86)\hicloud\update_server\SPUpDateServer.exe
(EZVIZ Inc. -> ) C:\Program Files (x86)\hicloud\update_server\startUp.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <6>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\MKCHelper.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1910.0.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.8-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.8-0\NisSrv.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\EyeRest.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\NahimicMonitor.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\TriggerModeMonitor.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\VideoCardMonitorII.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
(Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(Node.js Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(Open Source Developer, Florian Höch -> ) C:\Program Files (x86)\DisplayCAL\DisplayCAL-apply-profiles.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
(Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Windows\System32\RAPID\SamsungRapidSvc.exe
(Samsung Electronics Co., Ltd. -> Samsung Electronics.) C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\epson\MyEpson Portal\mep.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\epson\MyEpson Portal\mepService.exe
(SEIKO EPSON Corporation -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATINJE.EXE
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [VX3000] => C:\Windows\vVX3000.exe [762736 2010-05-20] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [NahimicVRSvc32] => C:\Program Files\Nahimic\Nahimic VR\Foundation\NahimicVRSvc32.exe [990392 2017-08-07] (A-Volute -> A-Volute)
HKLM\...\Run: [NahimicVRSvc64] => C:\Program Files\Nahimic\Nahimic VR\Foundation\x64\NahimicVRSvc64.exe [1142456 2017-08-07] (A-Volute -> A-Volute)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [SamsungRapidApp] => C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [281696 2015-09-04] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9277520 2020-04-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2020-01-16] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [ACUW12IT] => C:\Program Files\ACD Systems\ACDSee Ultimate\12.0\acdIDInTouch2.exe [2145752 2018-08-16] (ACD Systems International Inc. -> ACD Systems)
HKLM\...\Run: [ACUW13EN] => C:\Program Files\ACD Systems\ACDSee Ultimate\13.0\acdIDInTouch2.exe [2128856 2019-11-28] (ACD Systems International Inc. -> ACD Systems)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1852264 2014-05-23] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [X_Boost] => C:\Program Files (x86)\MSI\MSI X Boost\X_Boost.exe [4225696 2017-12-04] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1028280 2017-11-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2042424 2020-03-16] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [SPUpDateServerrun] => C:\Program Files (x86)\hicloud\update_server\startUp.exe [14832 2015-09-10] (EZVIZ Inc. -> )
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [26310832 2020-02-06] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\Run: [98CA5D2E7C86B53A6751090CFC1EC8C74B51B24E._service_run] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service /prefetch:8
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATINJE.EXE [298560 2013-12-16] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-01-22] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [48214752 2020-04-06] (Google LLC -> )
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91584872 2020-03-12] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\Run: [com.squirrel.WhatsApp.WhatsApp] => C:\Users\MARCO\AppData\Local\WhatsApp\Update.exe [2253232 2019-08-08] (WhatsApp, Inc -> )
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [648328 2020-04-13] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\Run: [Google Update] => C:\Users\MARCO\AppData\Local\Google\Update\1.3.35.452\GoogleUpdateCore.exe [217544 2020-03-20] (Google LLC -> Google LLC)
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\Run: [ACDSeeCommanderUltimate12] => C:\Program Files\ACD Systems\ACDSee Ultimate\12.0\ACDSeeCommanderUltimate12.exe [4984848 2019-05-21] (ACD Systems International Inc. -> )
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\Run: [ACDSeeCommanderUltimate13] => C:\Program Files\ACD Systems\ACDSee Ultimate\13.0\ACDSeeCommanderUltimate13.exe [4989088 2020-04-10] (ACD Systems International Inc. -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.163\Installer\chrmstp.exe [2020-04-07] (Google LLC -> Google LLC)
Startup: C:\Users\MARCO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Invia a OneNote.lnk [2019-02-10]
ShortcutTarget: Invia a OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicyUsers\S-1-5-21-1801797792-2963998745-2400400606-1007\User: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {053190CE-6267-445E-A6F8-02329BB023DF} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {06C000EB-4C1D-4706-838C-ED44E1A6F8E7} - System32\Tasks\Nahimic2Svc32Run => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2Svc32.exe
Task: {0C8851C4-D40B-4937-B11C-B78BBDF92CBB} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2558224 2018-07-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {15C4DF43-2029-48EF-91E2-F173DC86CFAA} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {2958BE76-27C3-4E88-ACD7-F4F02ECA4577} - System32\Tasks\Avast Software\Overseer => C:\Program Files\AVAST Software\Avast\setup\overseer.exe
Task: {31A22761-988E-46FC-A32F-99D20E498D19} - System32\Tasks\NahimicVRSvc32Run => C:\Program Files\Nahimic\Nahimic VR\Foundation\NahimicVRSvc32.exe [990392 2017-08-07] (A-Volute -> A-Volute)
Task: {343D7F39-191C-46F6-ACE2-7C7CBB637302} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-info@moscamarco.it => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {46B9485E-49B6-4473-8D04-8F1B8D6D9504} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1628160 2020-02-29] (Advanced Micro Devices, Inc.) [File not signed]
Task: {47509DEA-E685-4478-B413-0C0850F09628} - System32\Tasks\AdobeAAMUpdater-1.0-Marco_Gabriella-Administrator => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {4ADE4881-E38A-4173-8806-FFD575A459AE} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [3660232 2020-02-17] (Easeware Technology Limited -> Easeware)
Task: {551AB9D9-1501-4EED-BC8E-BA4C278098B8} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {5946D6C4-29A5-4BA9-90C5-18470939BA4E} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [1628160 2020-02-29] (Advanced Micro Devices, Inc.) [File not signed]
Task: {5A3FB241-0B11-4EA5-BC66-0D9F1B406040} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM => {C8367320-6F85-11E0-A1F0-0800200C9A66} C:\WINDOWS\System32\BthTelemetry.dll [32256 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Task: {5D92FAFE-E339-4254-BC80-0E951C554C7D} - System32\Tasks\DisplayCAL Profile Loader Launcher => C:\Program Files (x86)\DisplayCAL\DisplayCAL-apply-profiles-launcher.exe [178064 2019-08-14] (Open Source Developer, Florian Höch -> )
Task: {5E726731-83B7-44A4-8740-29B55137D513} - System32\Tasks\NahimicVRSvc64Run => C:\Program Files\Nahimic\Nahimic VR\Foundation\x64\NahimicVRSvc64.exe [1142456 2017-08-07] (A-Volute -> A-Volute)
Task: {6184003C-0D04-4842-A392-CCE306E09FBD} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1628160 2020-02-29] (Advanced Micro Devices, Inc.) [File not signed]
Task: {6232243B-9F7B-4016-838A-9ECBACCFA9B0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1801797792-2963998745-2400400606-1001UA => C:\Users\MARCO\AppData\Local\Google\Update\GoogleUpdate.exe [156104 2020-03-12] (Google LLC -> Google LLC)
Task: {6456813A-1783-4C60-863B-3DA82D387A34} - \Microsoft\Windows\Setup\EOONotify -> No File <==== ATTENTION
Task: {68A819B1-CFCA-40C0-9B7D-9A3047C1A148} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24702832 2020-04-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {6DCE6212-F83A-4EB4-92D7-E461CE5A758D} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [1992936 2018-07-19] (Microsoft Corporation -> Microsoft)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {6FB47B7E-6583-4A99-9086-BE871D597D7E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4357016 2020-04-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {7178D70A-077C-4EEA-AA4F-A1EFDC2391B1} - System32\Tasks\AdobeAAMUpdater-1.0-Marco_Gabriella-gabriella => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {7BD96C03-CB34-421E-8DD9-6B66EAC27ABF} - System32\Tasks\Core Temp Autostart MARCO => C:\Program Files\Core Temp\Core Temp.exe
Task: {8038CA05-48FD-4657-A8CB-033362F5102F} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\7.4.0\AutoUpdate.exe [2369808 2020-03-06] (IObit Information Technology -> IObit)
Task: {8442CD01-3877-4FE8-904C-D8BE4F05A36D} - System32\Tasks\avastBCLRestartS-1-5-21-1801797792-2963998745-2400400606-1001 => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {9285967F-2948-4BF8-A451-46295DAA5D71} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {95CEBFE5-2161-4258-A855-73E45001E973} - System32\Tasks\Nahimic2UILauncherRun => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe
Task: {97B6D27C-E480-4BB0-837A-A984950C5A98} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115448 2020-04-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {9BB3B6E6-A32A-47B2-B0D1-9644CF0E1914} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [67688 2020-02-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {9CB01280-8246-4DCF-8F18-9A0EB00EC08F} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1919760 2018-07-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {9D5800A6-471B-40DB-BF81-BA330A624E27} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {9D977EF9-385A-4748-8733-A5F1FA9C3901} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2558224 2018-07-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {9E5CC968-C634-44FD-8FA2-7125CC10703B} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [60008 2020-02-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {9FC899F8-3F9E-48B0-A817-6C57591B1D66} - System32\Tasks\{79A8B2BC-9D7D-4BDB-863F-0DBC60B7C457} => C:\WINDOWS\system32\pcalua.exe -a L:\GDFWIN.EXE -d L:\
Task: {A487705F-F7CA-4EFC-939D-2D85FE67DF10} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {A87FB819-3E8E-4816-A21A-1EAA66FE73E2} - System32\Tasks\Driver Booster SkipUAC (MARCO) => C:\Program Files (x86)\IObit\Driver Booster\7.4.0\DriverBooster.exe [7929616 2020-04-03] (IObit Information Technology -> IObit)
Task: {AADAB735-B6DF-489F-880F-E4B88C486BC0} - System32\Tasks\AMD ThankingURL => C:\Program Files\AMD\CIM\Bin64\Setup.exe [1122920 2020-02-29] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {B8C52CCD-8B21-42FA-A382-D08A3539A23E} - System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ceip.exe [39664 2018-07-19] (Microsoft Corporation -> Microsoft)
Task: {B90A1EF4-BBE9-4692-91CB-4C3BEC621F9F} - System32\Tasks\EPSON XP-760 Series Update {6BC1F3E9-D233-4901-BC30-C8BA0B16F2BE} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNJE.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {BD530552-0741-4C3E-AC77-84D059417837} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24702832 2020-04-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {BE51E56B-A69A-464C-B30E-F56BC6C9C40A} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {C0EBD2D6-387D-443D-98C8-04EDC3380A92} - System32\Tasks\{58632460-3527-457D-A7E1-537C5C4170C0} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxps://ui.skype.com/ui/0/7.32.0.104/it/abandoninstall?page=tsProgressBar
Task: {CB23FD0F-A499-4A5C-8DF5-DD3DD58AB51B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1801797792-2963998745-2400400606-1001Core => C:\Users\MARCO\AppData\Local\Google\Update\GoogleUpdate.exe [156104 2020-03-12] (Google LLC -> Google LLC)
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {D1C2C80E-0B37-47DE-BF90-98B1C694BAF3} - System32\Tasks\Nahimic2Svc64Run => C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2Svc64.exe
Task: {D6157F54-87BC-4D54-9680-8E4E2923B64E} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {D79E9213-A389-4753-B3F6-EA25C17BA650} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {DCBFD8B1-697B-497B-ADD9-5069C3163D17} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115448 2020-04-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {DE7334D1-77BF-4270-9C73-206FBB707D2E} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [6206048 2016-05-13] (Samsung Electronics Co., Ltd. -> Samsung Electronics.)
Task: {E03F2807-D169-4A7C-999A-1EE1D454B411} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {E3DBEE7C-9013-49BB-AD0D-ACAE720C792C} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1919760 2018-07-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {E63297D9-B5F0-44FA-891F-AB16F184EAA1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {F4865F8F-9F90-4CDE-AC52-F2CCD977E985} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {F4B4B9DA-B311-4B39-87F4-C00B0CD29EF3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4357016 2020-04-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {FA5F4543-EF10-4868-84E5-4C4A497965BC} - System32\Tasks\UMonitor Task => C:\WINDOWS\SysWOW64\UMonit.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\WINDOWS\Tasks\EPSON XP-760 Series Update {6BC1F3E9-D233-4901-BC30-C8BA0B16F2BE}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNJE.EXE:/EXE:{6BC1F3E9-D233-4901-BC30-C8BA0B16F2BE} /F:UpdateWORKGROUP\MARCO_GABRIELLA$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{61402573-0713-4884-8ac4-83be55914fcb}: [NameServer] 209.244.0.4,4.2.2.3,192.168.1.1
Tcpip\..\Interfaces\{61402573-0713-4884-8ac4-83be55914fcb}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{72eaa5ae-7354-41e8-975a-3e1ea37060bc}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{72eaa5ae-7354-41e8-975a-3e1ea37060bc}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.it/
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-01-12] (Microsoft Corporation -> Microsoft Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2019-08-15] (McAfee, LLC -> McAfee, Inc.)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2020-01-12] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\ssv.dll [2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2019-08-15] (McAfee, LLC -> McAfee, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-08] (Microsoft Corporation -> Microsoft Corporation)

Edge:
======
DownloadDir: D:\downloads

FireFox:
========
FF DefaultProfile: 3f25p9p8.default
FF ProfilePath: C:\Users\MARCO\AppData\Roaming\Mozilla\Firefox\Profiles\3f25p9p8.default [2020-04-19]
FF Homepage: Mozilla\Firefox\Profiles\3f25p9p8.default -> about:blank
FF NewTab: Mozilla\Firefox\Profiles\3f25p9p8.default -> about:blank
FF Extension: (Cookies Manager+) - C:\Users\MARCO\AppData\Roaming\Mozilla\Firefox\Profiles\3f25p9p8.default\Extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d} [2018-01-03] [Legacy]
FF ProfilePath: C:\Users\MARCO\AppData\Roaming\kompozer.net\KompoZer\Profiles\ul291cqi.default [2018-01-03]
FF ProfilePath: C:\Users\MARCO\AppData\Roaming\KompoZer\Profiles\dn44yh4f.default [2018-01-03]
FF Extension: (No Name) - C:\Users\MARCO\AppData\Roaming\KompoZer\Profiles\dn44yh4f.default\Extensions\temp [2015-01-16] [not signed]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2019-08-15]
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2017-06-22] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2020-03-16] (Adobe Inc. -> Adobe Systems)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]
FF Plugin-x32: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-12-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2020-03-16] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]
FF Plugin HKU\S-1-5-21-1801797792-2963998745-2400400606-1001: @citrixonline.com/appdetectorplugin -> C:\Users\MARCO\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2016-12-16] (Citrix Online -> Citrix Online)
FF Plugin HKU\S-1-5-21-1801797792-2963998745-2400400606-1001: SkypePlugin -> C:\Users\MARCO\AppData\Local\SkypePlugin\7.32.6.278\npGatewayNpapi.dll [2017-04-18] (Microsoft Corporation -> Skype Technologies S.A.)
FF Plugin HKU\S-1-5-21-1801797792-2963998745-2400400606-1001: SkypePlugin64 -> C:\Users\MARCO\AppData\Local\SkypePlugin\7.32.6.278\npGatewayNpapi-x64.dll [2017-04-18] (Microsoft Corporation -> Skype Technologies S.A.)

Chrome:
=======
CHR DefaultProfile: Profile 3
CHR Profile: C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default [2020-04-03]
CHR DownloadDir: D:\downloads
CHR Notifications: Default -> hxxps://divisoup.com; hxxps://drive.google.com; hxxps://gaana.com; hxxps://generatewp.com; hxxps://it.investing.com; hxxps://shop.gopro.com; hxxps://webeers-com.pushengage.com; hxxps://www.budgetair.it; hxxps://www.facebook.com; hxxps://www.gwa.areawmcredem.it; hxxps://www.piucodicisconto.com; hxxps://www.shoutmeloud.com; hxxps://www.tomshw.it
CHR HomePage: Default -> hxxp://www.google.it/
CHR StartupUrls: Default -> "hxxps://www.google.com/?trackid=sp-006"
CHR DefaultSearchKeyword: Default -> google.com_
CHR Extension: (Google Drive) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (Chiamate Skype) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\blakpkgjpemejpbmfiglncklihnhjkij [2017-10-09]
CHR Extension: (YouTube) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Attacat Cookie Audit Tool) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\cebhpmcfenjfodganapapakfnhichojh [2018-01-23]
CHR Extension: (Google Search) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30]
CHR Extension: (Clear Cache) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\cppjkneekbjaeellbfkmgnhonkkjfpdn [2018-02-21]
CHR Extension: (Google Calendar) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2017-01-07]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2020-04-02]
CHR Extension: (Word Online) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\fiombgjlkfpdpkbhfioofeeinbehmajg [2014-11-16]
CHR Extension: (Documenti Google offline) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-12]
CHR Extension: (Vysor) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\gidgenkbbabolejbgbpnhbimgjbffefm [2020-03-11]
CHR Extension: (Excel Online) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\iljnkagajgfdmfnnidjijobijlfjfgnb [2014-11-16]
CHR Extension: (WhatFont) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm [2017-03-27]
CHR Extension: (Cashback IT-Bestshopping) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjandokkgclchaiipibaligpnceifmif [2017-09-21]
CHR Extension: (Vysor.com) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdphpklacmlhmooodiekhpbepcdlaghl [2018-05-18]
CHR Extension: (Powerpoint ppt to Swf) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\kljihkbpifdllhbhnlnhkkhdkkikcnba [2014-11-16]
CHR Extension: (Video DownloadHelper) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2020-04-02]
CHR Extension: (PowerPoint Online) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdafamggmaaaginooondinjgkgcbpnhp [2014-11-16]
CHR Extension: (Pagamenti Chrome Web Store) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-03-11]
CHR Extension: (Gmail) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-03-11]
CHR Extension: (Chrome Media Router) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-03]
CHR Profile: C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-03-23]
CHR Profile: C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3 [2020-04-19]
CHR Notifications: Profile 3 -> hxxps://app.landbot.io; hxxps://calendar.google.com; hxxps://click-it-now.online; hxxps://dashboard.tawk.to; hxxps://en.savefrom.net; hxxps://firstsiteguide.com; hxxps://generatewp.com; hxxps://gopro.com; hxxps://gretaith.com; hxxps://infinity-tv-by.accengage.net; hxxps://it.semrush.com; hxxps://meet.google.com; hxxps://pushcrew.com; hxxps://rankmath.com; hxxps://rinoverrop.pro; hxxps://s7.converto.io; hxxps://smallseotools.com; hxxps://watch-this.live; hxxps://web.whatsapp.com; hxxps://wordx.press; hxxps://www.autoparti.it; hxxps://www.facebook.com; hxxps://www.minigiochi.com; hxxps://www.mp3hub.com; hxxps://www.pinterest.it; hxxps://www.sorgenia.it
CHR HomePage: Profile 3 -> hxxp://www.google.it/
CHR StartupUrls: Profile 3 -> "hxxps://www.google.com/?trackid=sp-006"
CHR Extension: (Presentazioni) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-03-26]
CHR Extension: (Documenti) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2018-03-26]
CHR Extension: (Google Drive) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-20]
CHR Extension: (SEO META in 1 CLICK) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\bjogjfinolnhfhkbipphpdlldadpnmhc [2019-07-20]
CHR Extension: (YouTube) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-01]
CHR Extension: (Nimbus Screenshot & Screen Video Recorder) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\bpconcjcammlapcogcnnelfmaeghhagj [2020-03-22]
CHR Extension: (Google Calendar) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2017-08-01]
CHR Extension: (Fogli) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-03-26]
CHR Extension: (Word Online) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\fiombgjlkfpdpkbhfioofeeinbehmajg [2017-08-01]
CHR Extension: (Page load time) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\fploionmjgeclbkemipmkogoaohcdbig [2019-09-05]
CHR Extension: (Documenti Google offline) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-10]
CHR Extension: (Open SEO Stats(Formerly: PageRank Status)) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\hbdkkfheckcdppiaiabobmennhijkknn [2019-07-04]
CHR Extension: (Excel Online) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\iljnkagajgfdmfnnidjijobijlfjfgnb [2017-08-01]
CHR Extension: (WhatFont) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm [2017-08-01]
CHR Extension: (Cashback IT-Bestshopping) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\jjandokkgclchaiipibaligpnceifmif [2018-03-26]
CHR Extension: (Sorgenia) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ldadomeegcgcdjfcijngdjglflcghljg [2020-02-27]
CHR Extension: (PowerPoint Online) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\mdafamggmaaaginooondinjgkgcbpnhp [2017-08-01]
CHR Extension: (TubeBuddy) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\mhkhmbddkmdggbhaaaodilponhnccicb [2020-04-17]
CHR Extension: (Keepa - Amazon Price Tracker) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\neebplgakaahbhdphmkckjjcegoiijjo [2019-11-21]
CHR Extension: (Pagamenti Chrome Web Store) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-15]
CHR Extension: (Chrome Media Router) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-03]
CHR Profile: C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 5 [2020-04-17]
CHR Notifications: Profile 5 -> hxxps://calendar.google.com; hxxps://mail.google.com; hxxps://meet.google.com; hxxps://www.gwa.areawmcredem.it
CHR Extension: (Presentazioni) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-03-13]
CHR Extension: (Documenti) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aohghmighlieiainnegkcijnfilokake [2020-03-13]
CHR Extension: (Google Drive) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-03-13]
CHR Extension: (Download emails from Google Mail) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\bgoogiccigaepmddcjallepklfgmdnef [2020-03-13]
CHR Extension: (YouTube) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-03-13]
CHR Extension: (Smooth Checkbox for Gmail™) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\egkhfllhmjihbfnkikpnbeeakllbobjl [2020-03-13]
CHR Extension: (Fogli) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-03-13]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2020-03-13]
CHR Extension: (Documenti Google offline) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-13]
CHR Extension: (Legacy Browser Support) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\heildphpnddilhkemkielfhnkaagiabh [2020-03-13]
CHR Extension: (Row Highlighter for Gmail™ and Inbox™) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ijfolchflbmnfopmpmodilcelmdakbfl [2020-03-13]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2020-03-13]
CHR Extension: (Google Hangouts) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2020-03-13]
CHR Extension: (Pagamenti Chrome Web Store) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-03-13]
CHR Extension: (Gmail) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-03-13]
CHR Extension: (Chrome Media Router) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-06]
CHR Profile: C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\System Profile [2020-04-02]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [820280 2020-03-16] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3374160 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3103824 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\u0352369.inf_amd64_275818c45a90b362\B352355\atiesrxx.exe [522256 2020-03-02] (Advanced Micro Devices, Inc. -> AMD)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-08-26] (Apple Inc. -> Apple Inc.)
S3 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\83.0.4103.2\remoting_host.exe [72176 2020-04-03] (Google LLC -> Google Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [10626648 2020-04-10] (Microsoft Corporation -> Microsoft Corporation)
S4 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [40080 2017-08-30] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
S4 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S4 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [899264 2019-08-15] (McAfee, LLC -> McAfee, Inc.)
R2 MSI_ActiveX_Service; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe [83616 2017-12-04] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2325168 2020-02-03] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [183992 2017-12-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [714712 2017-06-28] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R2 SamsungRapidSvc; C:\WINDOWS\System32\RAPID\SamsungRapidSvc.exe [28256 2015-09-04] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12054872 2019-10-10] (TeamViewer GmbH -> TeamViewer GmbH)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [296312 2014-05-23] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\NisSrv.exe [3294680 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MsMpEng.exe [103168 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.236\WsAppService.exe [495840 2018-01-26] (Wondershare Technology Co.,Ltd -> Wondershare)
S4 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [672024 2015-02-27] (Wacom Technology Corp. -> Wacom Technology, Corp.)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 61883; C:\WINDOWS\System32\drivers\61883.sys [70144 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
R3 amdgpio2; C:\WINDOWS\System32\drivers\amdgpio2.sys [45320 2019-08-17] (Advanced Micro Devices INC. -> Advanced Micro Devices, Inc)
R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [24528 2019-08-17] (AMD PMP-PE CB Code Signer v20160415 -> Advanced Micro Devices, Inc)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\u0352369.inf_amd64_275818c45a90b362\B352355\atikmdag.sys [65731088 2020-03-02] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\u0352369.inf_amd64_275818c45a90b362\B352355\atikmpag.sys [589840 2020-03-02] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [102824 2020-03-02] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AMDPCIDev; C:\WINDOWS\System32\drivers\AMDPCIDev.sys [32520 2020-04-12] (Advanced Micro Devices INC. -> Advanced Micro Devices)
S0 amdpsp; C:\WINDOWS\System32\drivers\amdpsp.sys [138064 2019-08-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc. )
R2 AMDRyzenMasterDriver1.0.0; C:\Program Files\AMD\RyzenMaster\bin\AMDRyzenMasterDriver.sys [70312 2017-03-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R0 amd_sata; C:\WINDOWS\System32\drivers\amd_sata.sys [93240 2018-02-04] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R0 amd_xata; C:\WINDOWS\System32\drivers\amd_xata.sys [33336 2018-02-04] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 ampa; C:\WINDOWS\system32\ampa.sys [38320 2016-12-26] (CHENGDU AOMEI Tech Co., Ltd. -> )
R3 AmUStor; C:\WINDOWS\system32\drivers\AmUStorU.sys [127936 2020-04-01] (Alcorlink Corp. -> )
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [108152 2019-11-18] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R1 CFRMD; C:\WINDOWS\System32\DRIVERS\CFRMD.sys [40224 2014-06-26] (Comodo Security Solutions, Inc. -> Windows (R) Win 7 DDK provider)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2018-06-17] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 ElRawDisk; C:\WINDOWS\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation -> EldoS Corporation)
R1 epp; C:\EEK\bin64\epp.sys [124552 2016-11-23] (Emsisoft Ltd -> Emsisoft Ltd)
S3 etdrv; C:\Windows\etdrv.sys [25640 2017-04-30] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider)
R0 EUBKMON; C:\WINDOWS\System32\drivers\EUBKMON.sys [62528 2018-01-03] (CHENGDU YIWO Tech Development Co., Ltd. -> )
S3 gdrv; C:\Windows\gdrv.sys [25640 2017-04-30] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2017-04-30] (GIGA-BYTE TECHNOLOGY CO., LTD -> )
S3 hidkmdf; C:\WINDOWS\System32\drivers\hidkmdf.sys [14136 2014-10-25] (Wacom Technology Corp. -> Windows (R) Win 7 DDK provider)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-02-04] (Martin Malik - REALiX -> REALiX(tm))
S3 ipadtst; C:\Program Files (x86)\MSI\Super Charger\ipadtst_64.sys [20464 2013-11-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> Windows (R) Win 7 DDK provider)
S3 ipadtst2; C:\Program Files (x86)\MSI\Super Charger\ipadtst2_64.sys [16336 2016-07-29] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 LcUvcUpper; C:\WINDOWS\system32\DRIVERS\LcUvcUpper.sys [37912 2015-09-21] (Microsoft Corporation -> Microsoft Corporation)
S3 libusb0; C:\WINDOWS\System32\drivers\libusb0.sys [52832 2018-03-25] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net)
S3 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [52832 2017-01-12] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net)
R3 LifeCamTrueColor; C:\WINDOWS\system32\DRIVERS\LifeCamTrueColor.sys [37928 2016-07-27] (Microsoft Corporation -> Microsoft Corporation)
S3 NANMp50; C:\WINDOWS\System32\Drivers\NANMp50.sys [46776 2010-03-25] (PRINTING COMMUNICATIONS ASSOCIATES, INC -> Printing Communications Assoc., Inc. (PCAUSA))
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2014-08-16] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2017-08-03] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2013-09-30] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] (MiniTool Solution Ltd -> )
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1160280 2020-04-19] (Realtek Semiconductor Corp. -> Realtek )
R0 SamsungRapidDiskFltr; C:\WINDOWS\System32\DRIVERS\SamsungRapidDiskFltr.sys [271968 2015-09-04] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\WINDOWS\System32\DRIVERS\SamsungRapidFSFltr.sys [110688 2015-09-04] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 se64a; C:\WINDOWS\System32\drivers\se64a.sys [14032 2007-05-03] (EnTech Taiwan -> EnTech Taiwan)
S3 silabenm; C:\WINDOWS\system32\DRIVERS\silabenm.sys [23552 2014-12-01] (Silicon Laboratories) [File not signed]
S3 Spyder4; C:\WINDOWS\System32\drivers\dccmtr.sys [15360 2011-06-02] (Microsoft Windows Hardware Compatibility Publisher -> Datacolor)
S3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [46440 2017-04-06] (SteelSeries ApS -> SteelSeries ApS)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45960 2020-03-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [391392 2020-03-25] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [59104 2020-03-25] (Microsoft Windows -> Microsoft Corporation)
S2 MBAMChameleon; \SystemRoot\System32\Drivers\MbamChameleon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-04-19 13:55 - 2020-04-19 13:56 - 000059401 _____ C:\Users\MARCO\Desktop\FRST.txt
2020-04-19 13:54 - 2020-04-19 13:56 - 000000000 ____D C:\FRST
2020-04-19 13:54 - 2020-04-19 13:54 - 002281984 _____ (Farbar) C:\Users\MARCO\Desktop\FRST64.exe
2020-04-19 13:51 - 2020-04-19 13:51 - 000002522 _____ C:\Users\MARCO\Desktop\xxx.txt
2020-04-19 12:56 - 2020-04-19 13:53 - 000000000 ____D C:\Users\MARCO\AppData\LocalLow\IGDump
2020-04-19 12:55 - 2020-04-19 12:55 - 000000000 ____D C:\Users\MARCO\AppData\Local\mbamtray
2020-04-19 12:55 - 2020-04-19 12:55 - 000000000 ____D C:\Users\MARCO\AppData\Local\mbam
2020-04-19 12:37 - 2020-04-19 12:37 - 000000000 ____D C:\Users\MARCO\Desktop\filamti
2020-04-19 12:16 - 2020-04-19 12:16 - 072520600 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2020-04-19 12:16 - 2020-04-19 12:16 - 033399859 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2020-04-19 12:16 - 2020-04-19 12:16 - 015218512 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE3.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 007178360 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 007101632 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 006463760 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICV3apo.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 006270080 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64AF3.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 005593504 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICAPOlfx.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 005347096 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv211.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 003676960 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2020-04-19 12:16 - 2020-04-19 12:16 - 003445632 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 003340296 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 003306704 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE2.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 003266984 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RltkAPO.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 003168280 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 003159664 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 002992288 _____ (Audyssey Labs) C:\WINDOWS\system32\AudysseyEfx.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 002930040 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 002444792 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv201.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 002197872 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001971472 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001965264 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64AF3.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001788064 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001611064 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyAPOv251gm.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001598504 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001544360 _____ (Dolby Laboratories) C:\WINDOWS\system32\DAX3APOProp.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001516376 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001435032 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001396840 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001386680 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDHF64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001382128 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001372496 _____ (Dolby Laboratories) C:\WINDOWS\system32\DAX3APOv251.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001353208 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001337528 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaeapo64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001294184 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001287704 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyAPOvlldpgm.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001259832 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOvlldp.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001180792 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001159072 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOProp.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001110064 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001078576 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SEHDHF32.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001061464 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SECOMN32.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000964912 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000934848 _____ (ICEpower A/S) C:\WINDOWS\system32\ICEsoundAPO64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000873352 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000852024 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tosasfapo64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000751408 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000734880 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000715752 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000692056 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000604688 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaemaxapo64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000541008 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000511776 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000467048 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000453168 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000452840 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000448712 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000447072 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\toseaeapo64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000416400 _____ (Harman) C:\WINDOWS\system32\HMUI.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000406560 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2APIPCLL.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000392760 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000381296 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000378272 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2API.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000367712 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64AF3.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000366224 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\HMAPO.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000360448 _____ (Harman) C:\WINDOWS\system32\HMClariFi.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000343600 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000341040 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000341040 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000333112 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000327160 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000327160 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000316080 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64F3.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000278376 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000266440 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000261336 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000261304 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000260320 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000231808 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000230592 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000220280 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000218160 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000203944 _____ (Harman) C:\WINDOWS\system32\HMHVS.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000191040 _____ (Harman) C:\WINDOWS\system32\HMEQ_Voice.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000191040 _____ (Harman) C:\WINDOWS\system32\HMEQ.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000179728 _____ (Harman) C:\WINDOWS\system32\HMLimiter.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000174832 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000167224 _____ (ASUSTeK COMPUTER INC.) C:\WINDOWS\system32\ATKWMI.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000158584 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000157232 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000154256 _____ (Harman) C:\WINDOWS\system32\HarmanAudioInterface.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000139648 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000122208 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000118480 _____ C:\WINDOWS\system32\AcpiServiceVnA64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000116432 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000105200 _____ C:\WINDOWS\system32\audioLibVc.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000093792 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000090808 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000090064 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000088208 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000083512 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000075432 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll
2020-04-19 12:12 - 2020-04-19 12:12 - 000003178 _____ C:\WINDOWS\system32\Tasks\Driver Booster Update
2020-04-19 12:12 - 2020-04-19 12:12 - 000002343 _____ C:\Users\Public\Desktop\Driver Booster 7.lnk
2020-04-19 12:12 - 2020-04-19 12:12 - 000002343 _____ C:\ProgramData\Desktop\Driver Booster 7.lnk
2020-04-19 12:12 - 2020-04-19 12:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 7
2020-04-19 11:48 - 2020-04-19 11:48 - 000001539 _____ C:\Users\Public\Desktop\Data Lifeguard Diagnostic for Windows.lnk
2020-04-19 11:48 - 2020-04-19 11:48 - 000001539 _____ C:\ProgramData\Desktop\Data Lifeguard Diagnostic for Windows.lnk
2020-04-19 11:48 - 2020-04-19 11:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital Corporation
2020-04-19 11:48 - 2020-04-19 11:48 - 000000000 ____D C:\Program Files (x86)\Western Digital Corporation
2020-04-19 10:49 - 2020-04-19 10:49 - 000000000 ___HD C:\$SysReset
2020-04-19 01:56 - 2020-04-19 12:16 - 000000000 ____D C:\WINDOWS\LastGood
2020-04-19 00:22 - 2020-04-19 00:33 - 000000000 _____ C:\Recovery.txt
2020-04-18 23:06 - 2020-04-18 23:06 - 000000000 ____D C:\Users\MARCO\AppData\Local\CrashRpt
2020-04-18 23:05 - 2020-04-18 23:05 - 000012773 _____ C:\ProgramData\sokqucqi.nri
2020-04-18 23:04 - 2020-04-18 23:04 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\Avast Software
2020-04-18 23:02 - 2020-04-19 01:53 - 000000000 ____D C:\Users\MARCO\AppData\Local\WebDefence
2020-04-18 23:01 - 2020-04-18 23:01 - 000000000 ____D C:\Program Files\Avast Software
2020-04-18 23:01 - 2020-04-18 23:01 - 000000000 ____D C:\Program Files (x86)\Digital Communications
2020-04-18 22:46 - 2020-04-18 22:46 - 000000000 ____D C:\Users\MARCO\AppData\Local\Noël Danjou
2020-04-18 22:45 - 2020-04-18 22:53 - 000000000 ____D C:\Program Files (x86)\Noël Danjou
2020-04-18 18:51 - 2020-04-18 18:52 - 000000000 ____D C:\Users\MARCO\.openshot_qt
2020-04-18 15:53 - 2020-04-19 12:34 - 000000000 ____D C:\Users\MARCO\Desktop\Crociera
2020-04-18 13:51 - 2020-04-18 13:51 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\HD Tune Pro
2020-04-18 13:06 - 2020-04-18 13:06 - 000000000 ____D C:\ProgramData\Sony Corporation
2020-04-18 13:05 - 2013-12-06 04:05 - 000179712 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_YLMBNJE.DLL
2020-04-17 21:37 - 2020-04-17 21:37 - 000000000 ____D C:\ProgramData\AMD
2020-04-17 21:28 - 2020-03-10 23:30 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthA2dp.sys
2020-04-17 21:08 - 2020-04-18 23:42 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2020-04-16 22:24 - 2020-04-16 22:41 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2020-04-16 22:24 - 2020-04-16 22:24 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\71D6160D.sys
2020-04-15 00:13 - 2020-04-15 00:13 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 022636544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 019850240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 019812864 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 018027520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 007756800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 005910016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 004611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 004538880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 004129624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 003512320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 002951832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSAT.exe
2020-04-15 00:13 - 2020-04-15 00:13 - 002494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 002180408 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 001870408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 001397576 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-04-15 00:13 - 2020-04-15 00:13 - 001310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 001077064 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-04-15 00:13 - 2020-04-15 00:13 - 001013000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 001008128 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000983040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-04-15 00:13 - 2020-04-15 00:13 - 000775696 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-04-15 00:13 - 2020-04-15 00:13 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000686080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000420152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2020-04-15 00:13 - 2020-04-15 00:13 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumapi.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumapi.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-04-15 00:13 - 2020-04-15 00:13 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-04-15 00:13 - 2020-04-15 00:13 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-04-15 00:13 - 2020-04-15 00:13 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-04-15 00:13 - 2020-04-15 00:13 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-04-15 00:13 - 2020-04-15 00:13 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-04-15 00:13 - 2020-04-15 00:13 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-04-15 00:13 - 2020-04-15 00:13 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-04-15 00:13 - 2020-04-15 00:13 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-04-15 00:13 - 2020-04-15 00:13 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-04-15 00:13 - 2020-04-15 00:13 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-04-15 00:13 - 2020-04-15 00:13 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-04-15 00:12 - 2020-04-15 00:13 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 009930552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-04-15 00:12 - 2020-04-15 00:12 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 006523048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 005040640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 004563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-04-15 00:12 - 2020-04-15 00:12 - 003802624 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-04-15 00:12 - 2020-04-15 00:12 - 003587384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-04-15 00:12 - 2020-04-15 00:12 - 003109376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 002800128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-04-15 00:12 - 2020-04-15 00:12 - 002767928 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 002717184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-04-15 00:12 - 2020-04-15 00:12 - 002453504 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 002131456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 002086656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 001999960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 001764336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 001729024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 001665216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 001656904 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 001646048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 001612800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 001603584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 001484384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 001413840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 001318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 001153024 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 001009152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000982840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-04-15 00:12 - 2020-04-15 00:12 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowsperformancerecordercontrol.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-04-15 00:12 - 2020-04-15 00:12 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2020-04-15 00:12 - 2020-04-15 00:12 - 000768528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000722072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000673464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-04-15 00:12 - 2020-04-15 00:12 - 000629760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000628616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-04-15 00:12 - 2020-04-15 00:12 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-04-15 00:12 - 2020-04-15 00:12 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000510792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-04-15 00:12 - 2020-04-15 00:12 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpr.exe
2020-04-15 00:12 - 2020-04-15 00:12 - 000339304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-04-15 00:12 - 2020-04-15 00:12 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000268008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcDecoderHost.exe
2020-04-15 00:12 - 2020-04-15 00:12 - 000127280 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000089336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-04-15 00:12 - 2020-04-15 00:12 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3api.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3msm.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000058880 _____ C:\WINDOWS\system32\runexehelper.exe
2020-04-15 00:12 - 2020-04-15 00:12 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000047000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-04-15 00:12 - 2020-04-15 00:12 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsunattend.exe
2020-04-15 00:12 - 2020-04-15 00:12 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2020-04-15 00:12 - 2020-04-15 00:12 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2020-04-15 00:07 - 2020-04-15 00:07 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-04-15 00:07 - 2020-04-15 00:07 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-04-14 23:47 - 2020-04-14 23:47 - 000002451 _____ C:\Users\Public\Desktop\ACDSee Photo Studio Ultimate 2020.lnk
2020-04-14 23:47 - 2020-04-14 23:47 - 000002451 _____ C:\ProgramData\Desktop\ACDSee Photo Studio Ultimate 2020.lnk
2020-04-14 21:43 - 2020-04-14 21:43 - 000234535 _____ C:\Users\MARCO\Desktop\COMPITI CLASSE TERZA DAL 13 AL 17 APRILE.dotx
2020-04-14 17:03 - 2020-04-14 17:13 - 000000000 ____D C:\Users\MARCO\Desktop\O.S.B.A
2020-04-13 23:57 - 2020-04-13 23:57 - 000000135 _____ C:\Users\MARCO\Desktop\CUSTOMIZZAZIONI WORDPRESS.url
2020-04-13 13:03 - 2020-04-13 13:13 - 000000000 ____D C:\ProgramData\xml_param
2020-04-13 13:02 - 2020-04-13 13:02 - 000001493 _____ C:\Users\Public\Desktop\Wondershare Video Converter Free.lnk
2020-04-13 13:02 - 2020-04-13 13:02 - 000001493 _____ C:\ProgramData\Desktop\Wondershare Video Converter Free.lnk
2020-04-13 13:02 - 2020-04-13 13:02 - 000000000 ____D C:\Program Files\Common Files\Wondershare
2020-04-13 13:02 - 2018-03-26 15:52 - 000727952 _____ () C:\WINDOWS\SysWOW64\WSCM64.dll
2020-04-13 13:02 - 2018-03-26 15:52 - 000153088 _____ () C:\WINDOWS\SysWOW64\WSCM32.dll
2020-04-13 10:44 - 2020-04-13 10:45 - 000001004 _____ C:\Users\MARCO\Desktop\top.svg
2020-04-12 17:15 - 2020-04-12 17:15 - 000001026 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge 2020.lnk
2020-04-12 12:36 - 2020-04-19 01:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Easy
2020-04-12 12:21 - 2020-04-12 12:34 - 000000000 ____D C:\Program Files (x86)\ASUS E-Green
2020-04-12 10:48 - 2020-04-12 10:48 - 000000136 _____ C:\Users\MARCO\Desktop\FREE CONFERENCE CALL SKY NOW MEET.url
2020-04-10 19:03 - 2020-04-10 19:03 - 000001828 _____ C:\Users\MARCO\Desktop\CrystalDiskInfo.lnk
2020-04-10 19:03 - 2020-04-10 19:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2020-04-10 19:03 - 2020-04-10 19:03 - 000000000 ____D C:\Program Files\CrystalDiskInfo
2020-04-09 19:04 - 2020-04-09 19:05 - 000000000 ____D C:\ProgramData\Protexis64
2020-04-09 19:03 - 2020-04-09 19:08 - 000000000 ____D C:\ProgramData\Corel
2020-04-09 19:03 - 2020-04-09 19:03 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\Corel
2020-04-09 19:03 - 2020-04-09 19:03 - 000000000 ____D C:\ProgramData\Protexis
2020-04-09 19:01 - 2020-04-09 19:01 - 000000000 ____D C:\ProgramData\UniqueId
2020-04-09 17:07 - 2020-04-09 17:07 - 002110968 _____ (ON1, Inc.) C:\WINDOWS\system32\ONCoreFoundation14.dll
2020-04-09 17:07 - 2020-04-09 17:07 - 002110456 _____ (ON1, Inc.) C:\WINDOWS\system32\ONCore14.dll
2020-04-09 17:07 - 2020-04-09 17:07 - 001198072 _____ (ON1, Inc.) C:\WINDOWS\system32\ONDocument14.dll
2020-04-09 17:07 - 2020-04-09 17:07 - 000479736 _____ (ON1, Inc.) C:\WINDOWS\system32\ONProxySupport14.dll
2020-04-09 17:07 - 2020-04-09 17:07 - 000382456 _____ C:\WINDOWS\system32\ONCMS14.dll
2020-04-08 12:15 - 2020-04-08 12:15 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\ACD Systems
2020-04-08 12:10 - 2020-04-15 21:32 - 000000000 ____D C:\Users\MARCO\AppData\Local\ACD Systems
2020-04-08 12:10 - 2020-04-14 23:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ACD Systems
2020-04-08 12:10 - 2020-04-14 23:47 - 000000000 ____D C:\Program Files\Common Files\ACD Systems
2020-04-08 12:10 - 2020-04-08 12:10 - 000000000 ____D C:\ProgramData\ACD Systems
2020-04-08 12:10 - 2020-04-08 12:10 - 000000000 ____D C:\Program Files\ACD Systems
2020-04-06 22:50 - 2020-04-06 22:50 - 000000000 ____D C:\Users\MARCO\Desktop\CaptureOne
2020-04-04 01:03 - 2020-04-04 01:03 - 014818816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 008013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 007017472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 003753472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 003742544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 001545216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2020-04-04 01:03 - 2020-04-04 01:03 - 001477112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 001368576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 001368576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2020-04-04 01:03 - 2020-04-04 01:03 - 001245184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 001081856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 001055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000993280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000912896 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000892416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000785920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FlightSettings.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000673704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000647680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2020-04-04 01:03 - 2020-04-04 01:03 - 000538160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2020-04-04 01:03 - 2020-04-04 01:03 - 000507152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000491008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000487784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2020-04-04 01:03 - 2020-04-04 01:03 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2020-04-04 01:03 - 2020-04-04 01:03 - 000415760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000381440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\es.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbadmin.exe
2020-04-04 01:03 - 2020-04-04 01:03 - 000277864 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2020-04-04 01:03 - 2020-04-04 01:03 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasrad.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000190048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000187392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasrad.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000185952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.XamlHost.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.XamlHost.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000123952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000093712 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasacct.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000084280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2020-04-04 01:03 - 2020-04-04 01:03 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Custom.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000066624 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasacct.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000050544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2020-04-04 01:03 - 2020-04-04 01:03 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\iaspolcy.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iaspolcy.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ias.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2020-04-04 01:03 - 2020-04-04 01:03 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ias.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000021520 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wksprtPS.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Custom.ps.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 017790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 007849216 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 006168064 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 003708928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 003547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-04-04 01:02 - 2020-04-04 01:02 - 002871608 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2020-04-04 01:02 - 2020-04-04 01:02 - 002126144 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 002114560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001960448 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001945600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001918976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001762816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001757096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-04-04 01:02 - 2020-04-04 01:02 - 001726264 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001719808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001512832 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-04-04 01:02 - 2020-04-04 01:02 - 001497600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001480192 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-04-04 01:02 - 2020-04-04 01:02 - 001427456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001413704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001378528 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001300280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2020-04-04 01:02 - 2020-04-04 01:02 - 001263856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2020-04-04 01:02 - 2020-04-04 01:02 - 001261808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001243648 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001136128 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001127424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001071616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001011200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000974336 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000915192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000879616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000811320 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000759272 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000747320 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000684560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000638480 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000637240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2020-04-04 01:02 - 2020-04-04 01:02 - 000618296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-04-04 01:02 - 2020-04-04 01:02 - 000604984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000589384 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2020-04-04 01:02 - 2020-04-04 01:02 - 000524264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2020-04-04 01:02 - 2020-04-04 01:02 - 000515600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000513576 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-04-04 01:02 - 2020-04-04 01:02 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000465208 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000459688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-04-04 01:02 - 2020-04-04 01:02 - 000456504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2020-04-04 01:02 - 2020-04-04 01:02 - 000437560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2020-04-04 01:02 - 2020-04-04 01:02 - 000416016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\es.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcApi.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-04-04 01:02 - 2020-04-04 01:02 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000297272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2020-04-04 01:02 - 2020-04-04 01:02 - 000278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2020-04-04 01:02 - 2020-04-04 01:02 - 000259776 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000251704 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-04-04 01:02 - 2020-04-04 01:02 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000231912 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000193848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2020-04-04 01:02 - 2020-04-04 01:02 - 000178192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2020-04-04 01:02 - 2020-04-04 01:02 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2020-04-04 01:02 - 2020-04-04 01:02 - 000164368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2020-04-04 01:02 - 2020-04-04 01:02 - 000152408 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000151352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmbus.sys
2020-04-04 01:02 - 2020-04-04 01:02 - 000147696 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
2020-04-04 01:02 - 2020-04-04 01:02 - 000142544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe
2020-04-04 01:02 - 2020-04-04 01:02 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000115120 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2020-04-04 01:02 - 2020-04-04 01:02 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000102216 _____ (Microsoft Corporation) C:\WINDOWS\system32\changepk.exe
2020-04-04 01:02 - 2020-04-04 01:02 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Custom.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000089912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2020-04-04 01:02 - 2020-04-04 01:02 - 000088352 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000071480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\keepaliveprovider.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2020-04-04 01:02 - 2020-04-04 01:02 - 000059192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2020-04-04 01:02 - 2020-04-04 01:02 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2020-04-04 01:02 - 2020-04-04 01:02 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.Common.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe
2020-04-04 01:02 - 2020-04-04 01:02 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcProxyStubs.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2020-04-04 01:02 - 2020-04-04 01:02 - 000036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2020-04-04 01:02 - 2020-04-04 01:02 - 000033080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hwpolicy.sys
2020-04-04 01:02 - 2020-04-04 01:02 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprtPS.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-04-04 01:02 - 2020-04-04 01:02 - 000028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\flpydisk.sys
2020-04-04 01:02 - 2020-04-04 01:02 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Custom.ps.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbservicetrigger.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sfloppy.sys
2020-04-04 01:02 - 2020-04-04 01:02 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-04-04 00:52 - 2020-04-04 00:53 - 000000000 ____D C:\Program Files\Affinity
2020-04-01 16:35 - 2020-04-01 16:47 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\Affinity
2020-04-01 16:35 - 2020-04-01 16:47 - 000000000 ____D C:\ProgramData\Affinity
2020-04-01 16:34 - 2020-04-04 00:53 - 000001001 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Affinity Photo.lnk
2020-04-01 16:31 - 2020-04-01 16:31 - 000000039 _____ C:\Users\MARCO\AppData\Local\kritadisplayrc
2020-04-01 16:25 - 2020-04-01 16:25 - 000000357 _____ C:\Users\MARCO\AppData\Local\karboncalligraphyrc
2020-04-01 16:22 - 2020-04-01 16:31 - 000016053 _____ C:\Users\MARCO\AppData\Local\kritarc
2020-04-01 16:22 - 2020-04-01 16:22 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\krita
2020-04-01 16:22 - 2020-04-01 16:22 - 000000000 ____D C:\Users\MARCO\AppData\Local\krita
2020-04-01 12:23 - 2020-04-19 13:16 - 000003126 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2020-04-01 11:16 - 2020-04-19 13:16 - 000003112 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2020-04-01 11:16 - 2020-04-01 11:16 - 000003194 _____ C:\WINDOWS\system32\Tasks\ModifyLinkUpdate
2020-04-01 11:16 - 2020-03-02 18:36 - 000102824 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdkmpfd.sys
2020-04-01 11:15 - 2020-04-19 01:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Software
2020-04-01 11:15 - 2020-04-01 11:15 - 000003160 _____ C:\WINDOWS\system32\Tasks\StartCN
2020-04-01 11:15 - 2020-04-01 11:15 - 000003080 _____ C:\WINDOWS\system32\Tasks\StartDVR
2020-04-01 11:10 - 2020-04-01 11:10 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\ATI
2020-04-01 10:55 - 2020-04-01 10:55 - 001083424 _____ C:\WINDOWS\system32\AmRdrIco.icl
2020-03-31 17:51 - 2020-03-31 17:51 - 000012302 _____ C:\Users\MARCO\Desktop\TESSERAMENTO 31-03-2020.xlsx
2020-03-31 10:25 - 2020-03-31 10:25 - 000160254 _____ C:\Users\MARCO\Desktop\Confronto-LU1694212348_LU0076315455-martedì 31 marzo 2020.pdf
2020-03-31 10:23 - 2020-03-31 10:23 - 000891197 _____ C:\Users\MARCO\Desktop\Scheda prodotto Eurofundlux Floating Rate A Acc EUR.pdf
2020-03-31 10:19 - 2020-03-31 10:19 - 000444060 _____ C:\Users\MARCO\Desktop\Scheda prodotto-Nordea European Covered Bond BP Acc EUR.pdf
2020-03-30 23:10 - 2020-03-30 23:10 - 000001064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2020.lnk
2020-03-30 23:07 - 2020-03-30 23:07 - 000001085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2019.lnk
2020-03-30 12:22 - 2020-03-30 12:22 - 001353045 _____ C:\Users\MARCO\Desktop\inserimento-in-consulenza-di-covered-warrant-ed-etf-short-pub.pdf
2020-03-30 11:42 - 2020-03-30 11:42 - 002347203 _____ C:\Users\MARCO\Desktop\come-comportarsi-nelle-crisi-retail-2020-03-27-2.pdf
2020-03-29 17:07 - 2020-04-10 11:23 - 000000000 ____D C:\Users\MARCO\AppData\Local\CaptureOne
2020-03-29 17:07 - 2020-04-08 11:15 - 000000000 ____D C:\Users\MARCO\AppData\Local\Phase_One
2020-03-29 17:07 - 2020-04-06 22:52 - 000001121 _____ C:\Users\MARCO\Desktop\Capture One 20.0.4.lnk
2020-03-29 17:07 - 2020-03-29 17:07 - 000000000 ____D C:\ProgramData\Phase One
2020-03-29 17:07 - 2020-03-29 17:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Phase One
2020-03-29 17:06 - 2020-03-29 17:06 - 000000000 ____D C:\Program Files\Phase One
2020-03-29 16:18 - 2020-04-01 12:23 - 000000000 ____D C:\Users\MARCO\AppData\Local\cache
2020-03-29 12:38 - 2020-04-12 01:12 - 000000000 ____D C:\ProgramData\ON1
2020-03-29 12:37 - 2020-04-12 01:12 - 000000000 ____D C:\Program Files\ON1
2020-03-29 12:37 - 2020-04-09 23:32 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\ON1
2020-03-28 14:16 - 2020-04-01 10:50 - 000000000 ____D C:\Users\MARCO\Desktop\DA FARE ORA
2020-03-23 19:23 - 2020-03-23 19:23 - 000001085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom Classic.lnk

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-04-19 13:53 - 2019-03-19 06:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-04-19 13:53 - 2014-12-12 00:43 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-04-19 13:48 - 2014-12-12 00:33 - 000000000 ____D C:\ProgramData\RogueKiller
2020-04-19 13:46 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-04-19 13:19 - 2019-08-17 22:10 - 001764224 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-04-19 13:19 - 2019-03-19 14:33 - 000782874 _____ C:\WINDOWS\system32\perfh010.dat
2020-04-19 13:19 - 2019-03-19 14:33 - 000147392 _____ C:\WINDOWS\system32\perfc010.dat
2020-04-19 13:19 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2020-04-19 13:17 - 2014-11-17 00:30 - 000000000 ____D C:\Users\MARCO\AppData\Local\Adobe
2020-04-19 13:16 - 2016-08-22 22:31 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\DisplayCAL
2020-04-19 13:14 - 2019-08-17 22:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-04-19 13:14 - 2019-08-17 21:58 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-04-19 13:14 - 2018-08-28 23:09 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-04-19 13:13 - 2019-07-14 16:40 - 000000000 ____D C:\Program Files (x86)\SnadBoy's Revelation v2
2020-04-19 12:54 - 2017-06-25 16:35 - 000000000 ____D C:\Program Files\Malwarebytes
2020-04-19 12:49 - 2019-03-19 06:37 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2020-04-19 12:49 - 2018-02-04 21:01 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\IObit
2020-04-19 12:49 - 2017-05-21 00:19 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2020-04-19 12:49 - 2015-03-10 21:47 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\Samsung
2020-04-19 12:17 - 2019-08-17 22:41 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2020-04-19 12:17 - 2017-11-27 01:16 - 000000000 ____D C:\WINDOWS\system32\RTCOM
2020-04-19 12:16 - 2019-08-17 22:40 - 006886992 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2020-04-19 12:16 - 2019-08-17 22:40 - 005938800 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICV2apo.dll
2020-04-19 12:16 - 2019-08-17 22:40 - 003753024 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2020-04-19 12:16 - 2019-08-17 22:40 - 001003744 _____ (Nahimic Inc) C:\WINDOWS\system32\NahimicAPONSControl.dll
2020-04-19 12:16 - 2019-08-17 22:40 - 000192872 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2020-04-19 12:16 - 2019-08-17 22:40 - 000023584 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2020-04-19 12:16 - 2017-05-21 00:20 - 000000000 ____D C:\WINDOWS\system32\DAX3
2020-04-19 12:16 - 2017-05-21 00:20 - 000000000 ____D C:\WINDOWS\system32\DAX2
2020-04-19 12:15 - 2018-12-07 23:59 - 001160280 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2020-04-19 12:12 - 2019-08-17 22:12 - 000002952 _____ C:\WINDOWS\system32\Tasks\Driver Booster SkipUAC (MARCO)
2020-04-19 12:12 - 2018-02-04 21:02 - 000000000 ____D C:\ProgramData\ProductData
2020-04-19 12:12 - 2018-02-04 21:02 - 000000000 ____D C:\ProgramData\IObit
2020-04-19 11:35 - 2019-08-17 22:12 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1801797792-2963998745-2400400606-1001
2020-04-19 11:35 - 2019-08-17 20:54 - 000002470 _____ C:\Users\MARCO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-04-19 11:35 - 2014-11-16 20:41 - 000000000 ___RD C:\Users\MARCO\OneDrive
2020-04-19 10:55 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-04-19 10:55 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-04-19 10:55 - 2018-05-19 10:31 - 000000000 ____D C:\Users\MARCO\AppData\Local\D3DSCache
2020-04-19 10:50 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-04-19 10:44 - 2019-08-17 20:54 - 000000000 ____D C:\Users\MARCO
2020-04-19 02:01 - 2014-12-04 23:54 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-04-19 01:55 - 2017-06-22 21:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2020-04-19 01:54 - 2019-08-17 22:12 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2020-04-19 01:54 - 2019-08-17 20:54 - 000000000 ____D C:\Users\Simone
2020-04-19 01:54 - 2019-08-17 20:54 - 000000000 ____D C:\Users\gabriella
2020-04-19 01:54 - 2019-08-17 20:54 - 000000000 ____D C:\Users\Administrator
2020-04-19 01:54 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2020-04-19 01:54 - 2018-12-27 21:16 - 000000000 ____D C:\WINDOWS\system32\AMD
2020-04-19 01:54 - 2018-07-29 10:53 - 000000000 ____D C:\Program Files\Easeware
2020-04-19 01:54 - 2018-06-16 00:42 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2020-04-19 01:54 - 2018-02-04 12:01 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\Easeware
2020-04-19 01:54 - 2017-06-22 21:15 - 000000000 ____D C:\Program Files\Common Files\EPSON
2020-04-19 01:54 - 2017-05-21 00:20 - 000000000 ____D C:\WINDOWS\SysWOW64\LifeCamTrueColor
2020-04-19 01:54 - 2017-05-21 00:20 - 000000000 ____D C:\WINDOWS\system32\LifeCamTrueColor
2020-04-19 01:54 - 2017-05-21 00:19 - 000000000 ____D C:\Program Files\AMD
2020-04-19 01:54 - 2016-10-07 23:01 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\obs-studio
2020-04-19 01:54 - 2015-01-11 18:02 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\NCH Software
2020-04-19 01:54 - 2014-11-26 01:27 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\vlc
2020-04-19 01:54 - 2014-11-17 00:56 - 000000000 ____D C:\Program Files\Adobe
2020-04-19 01:54 - 2014-11-17 00:55 - 000000000 ____D C:\Program Files\Common Files\Adobe
2020-04-19 01:54 - 2014-11-16 22:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2020-04-19 01:53 - 2017-05-20 15:23 - 000000000 ____D C:\MSI
2020-04-19 01:53 - 2016-10-07 23:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2020-04-19 01:53 - 2015-01-11 18:02 - 000000000 ____D C:\Program Files (x86)\NCH Software
2020-04-19 01:53 - 2014-11-16 22:23 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2020-04-18 23:42 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\registration
2020-04-18 23:42 - 2017-06-22 20:59 - 000000000 ____D C:\ProgramData\Epson
2020-04-18 23:42 - 2014-12-11 23:59 - 000000000 ____D C:\ProgramData\AVAST Software
2020-04-18 23:42 - 2014-11-16 20:38 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\Adobe
2020-04-18 23:41 - 2017-11-07 01:04 - 000000000 ____D C:\Program Files (x86)\AMD
2020-04-18 23:41 - 2017-06-22 21:01 - 000000000 ____D C:\Program Files (x86)\EPSON Software
2020-04-18 23:37 - 2014-12-12 00:57 - 000000000 ____D C:\Users\MARCO\AppData\Local\CrashDumps
2020-04-18 23:06 - 2018-05-26 16:23 - 000000000 ____D C:\Users\MARCO\AppData\Local\Movavi
2020-04-18 23:02 - 2016-10-07 22:40 - 000000096 _____ C:\Users\MARCO\AppData\Roaming\version2.xml
2020-04-18 19:22 - 2017-12-03 20:14 - 000000000 ____D C:\Users\MARCO\AppData\Local\Packages
2020-04-18 18:33 - 2019-08-17 22:12 - 000000000 ____D C:\WINDOWS\system32\Tasks\NCH Software
2020-04-18 18:24 - 2019-08-17 22:21 - 000000000 ____D C:\Users\MARCO\AppData\Local\Deployment
2020-04-18 13:06 - 2017-10-15 23:09 - 000000000 ____D C:\ProgramData\UDL
2020-04-18 13:01 - 2018-01-14 23:52 - 000000000 ____D C:\Users\MARCO\AppData\Local\PlaceholderTileLogoFolder
2020-04-18 13:00 - 2018-02-04 11:33 - 000000000 ____D C:\Users\MARCO\AppData\Local\ElevatedDiagnostics
2020-04-17 21:36 - 2016-10-09 01:12 - 000000000 ____D C:\AMD
2020-04-17 20:59 - 2019-02-09 10:07 - 000000000 ___HD C:\adobeTemp
2020-04-15 21:34 - 2014-11-16 21:21 - 000000000 ____D C:\Program Files (x86)\Google
2020-04-15 00:30 - 2019-08-17 21:58 - 000662888 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-04-15 00:29 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-04-15 00:29 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-04-15 00:29 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-04-15 00:29 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-04-15 00:14 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-04-14 23:46 - 2014-11-16 22:22 - 000000000 ____D C:\Users\MARCO\AppData\Local\Downloaded Installations
2020-04-14 14:39 - 2014-12-03 01:43 - 000001456 _____ C:\Users\MARCO\AppData\Local\Adobe Salva per Web e dispositivi 13.0 Prefs
2020-04-13 20:36 - 2018-03-03 22:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2020-04-13 14:13 - 2020-02-22 18:06 - 000011249 _____ C:\Users\MARCO\Desktop\lista prenotati rifugio.xlsx
2020-04-13 13:02 - 2018-05-27 13:36 - 000000000 ____D C:\ProgramData\Wondershare Video Converter Free
2020-04-13 13:02 - 2017-07-15 14:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2020-04-13 13:01 - 2017-01-08 12:48 - 000000000 ____D C:\Program Files (x86)\Wondershare
2020-04-13 12:55 - 2018-07-02 20:26 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\HandBrake
2020-04-13 11:18 - 2015-01-21 01:30 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\dvdcss
2020-04-12 22:27 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ServiceState
2020-04-12 22:27 - 2018-07-03 08:40 - 000000000 ____D C:\ProgramData\Packages
2020-04-12 12:38 - 2019-02-09 17:50 - 000032520 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\AMDPCIDev.sys
2020-04-11 18:50 - 2018-03-22 20:23 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\ActivePresenter
2020-04-10 09:58 - 2015-11-09 22:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2020-04-08 04:06 - 2019-10-15 14:55 - 000002427 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2020-04-07 20:34 - 2014-11-16 21:22 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-04-06 22:52 - 2020-03-13 10:51 - 000002478 _____ C:\Users\MARCO\Desktop\Marco (mmosca@credem.it) - Chrome.lnk
2020-04-06 22:52 - 2020-02-10 21:35 - 000002286 _____ C:\Users\MARCO\Desktop\Loom.lnk
2020-04-06 22:52 - 2020-01-06 21:18 - 000001968 _____ C:\Users\MARCO\Desktop\AVStoDVD.lnk
2020-04-06 22:52 - 2020-01-06 21:08 - 000001003 _____ C:\Users\MARCO\Desktop\DVDStyler.lnk
2020-04-06 22:52 - 2018-03-28 20:25 - 000001147 _____ C:\Users\MARCO\Desktop\Start_CAIgest - collegamento.lnk
2020-04-06 22:50 - 2016-12-18 00:14 - 000000000 ___SD C:\Users\MARCO\Amazon Drive
2020-04-04 01:06 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2020-04-04 01:06 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\Provisioning
2020-04-02 13:51 - 2014-12-30 00:46 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\FileZilla
2020-04-02 11:25 - 2014-11-16 21:26 - 000744808 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-04-01 12:23 - 2018-07-28 13:30 - 000000000 ____D C:\Users\MARCO\AppData\Local\AMD
2020-04-01 10:55 - 2019-08-17 14:51 - 000127936 _____ () C:\WINDOWS\system32\Drivers\AmUStorU.sys
2020-03-29 13:39 - 2019-11-22 23:56 - 000000000 ____D C:\Program Files\Thuraya
2020-03-28 15:43 - 2018-07-07 17:30 - 000000000 ____D C:\Users\MARCO\Desktop\SIMONE MOSCA
2020-03-26 12:21 - 2018-03-22 20:23 - 000001999 _____ C:\Users\Public\Desktop\Active Presenter.lnk
2020-03-26 12:21 - 2018-03-22 20:23 - 000001999 _____ C:\ProgramData\Desktop\Active Presenter.lnk
2020-03-26 12:21 - 2018-03-22 20:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ActivePresenter
2020-03-25 11:14 - 2019-10-03 13:26 - 000003518 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2020-03-25 10:43 - 2018-02-28 21:18 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-03-23 19:18 - 2014-11-17 00:35 - 000000000 ____D C:\ProgramData\Adobe
2020-03-22 23:52 - 2018-08-30 22:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2020-03-21 15:36 - 2020-02-10 21:35 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\Loom
2020-03-20 22:28 - 2020-03-12 19:23 - 000003936 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-1801797792-2963998745-2400400606-1001UA
2020-03-20 22:28 - 2020-03-12 19:23 - 000003668 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-1801797792-2963998745-2400400606-1001Core
2020-03-20 21:29 - 2019-08-17 22:12 - 000003672 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-03-20 21:29 - 2019-08-17 22:12 - 000003548 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore

==================== Files in the root of some directories ========

2017-03-12 11:43 - 2017-03-13 23:19 - 000021368 _____ (Schneider Electric) C:\Users\MARCO\en_res.dll
2017-03-12 11:43 - 2017-03-13 23:19 - 000021368 _____ (Schneider Electric) C:\Users\MARCO\es_res.dll
2017-03-12 11:43 - 2017-03-13 23:19 - 000021880 _____ (Schneider Electric) C:\Users\MARCO\fr_res.dll
2017-03-12 11:43 - 2017-03-13 23:19 - 000021880 _____ (Schneider Electric) C:\Users\MARCO\grm_res.dll
2017-03-12 11:43 - 2017-03-13 23:19 - 000021368 _____ (Schneider Electric) C:\Users\MARCO\it_res.dll
2017-03-12 11:43 - 2017-03-13 23:19 - 000020344 _____ (Schneider Electric) C:\Users\MARCO\jp_res.dll
2017-03-12 11:43 - 2017-03-13 23:19 - 001079808 _____ (Microsoft Corporation) C:\Users\MARCO\mfc80u.dll
2017-03-12 11:43 - 2017-03-13 23:19 - 000626688 _____ (Microsoft Corporation) C:\Users\MARCO\msvcr80.dll
2017-03-12 11:43 - 2017-03-13 23:19 - 000021368 _____ (Schneider Electric) C:\Users\MARCO\pt_res.dll
2017-03-12 11:43 - 2017-03-13 23:19 - 000018808 _____ () C:\Users\MARCO\ResourceReader.dll
2017-03-12 11:43 - 2017-03-13 23:19 - 000020856 _____ (Schneider Electric) C:\Users\MARCO\ru_res.dll
2017-03-12 11:43 - 2017-03-13 23:19 - 000019832 _____ (Schneider Electric) C:\Users\MARCO\zh_res.dll
2016-04-23 14:46 - 2016-05-17 17:16 - 000003072 _____ () C:\Users\MARCO\AppData\Roaming\Album Studio 1.0 Prefsv3
2018-04-08 13:20 - 2018-04-08 13:20 - 005082084 _____ (The Public) C:\Users\MARCO\AppData\Roaming\Avisynth.exe
2018-04-08 13:20 - 2018-04-08 13:20 - 005243208 _____ ( ) C:\Users\MARCO\AppData\Roaming\AvsP.exe
2016-10-07 22:56 - 2016-10-07 22:56 - 000000057 _____ () C:\Users\MARCO\AppData\Roaming\Camdata.ini
2016-10-07 22:56 - 2016-10-07 22:56 - 000000408 _____ () C:\Users\MARCO\AppData\Roaming\CamLayout.ini
2016-10-07 22:56 - 2016-10-07 22:56 - 000000408 _____ () C:\Users\MARCO\AppData\Roaming\CamShapes.ini
2016-10-07 22:56 - 2016-10-07 22:56 - 000004545 _____ () C:\Users\MARCO\AppData\Roaming\CamStudio.cfg
2016-10-07 22:41 - 2016-10-07 22:51 - 000000000 _____ () C:\Users\MARCO\AppData\Roaming\CamStudio.Producer.Data.ini
2016-10-07 22:41 - 2016-10-07 22:51 - 000001205 _____ () C:\Users\MARCO\AppData\Roaming\CamStudio.Producer.ini
2018-04-08 13:20 - 2018-04-08 13:20 - 002169915 _____ (LIGHTNING UK!) C:\Users\MARCO\AppData\Roaming\Imgburn.exe
2018-06-16 16:13 - 2018-06-16 16:13 - 000099384 _____ () C:\Users\MARCO\AppData\Roaming\inst.exe
2014-11-17 23:06 - 2015-02-11 22:51 - 000000028 _____ () C:\Users\MARCO\AppData\Roaming\kulerdata.json
2018-12-10 22:34 - 2018-12-12 22:05 - 000001118 _____ () C:\Users\MARCO\AppData\Roaming\loch.ini
2018-04-08 13:20 - 2018-04-08 13:20 - 001357348 _____ () C:\Users\MARCO\AppData\Roaming\MatroskaSplitter.exe
2018-06-16 16:13 - 2018-06-16 16:13 - 000007859 _____ () C:\Users\MARCO\AppData\Roaming\pcouffin.cat
2018-06-16 16:13 - 2018-06-16 16:13 - 000001167 _____ () C:\Users\MARCO\AppData\Roaming\pcouffin.inf
2018-06-16 16:13 - 2018-06-16 16:13 - 000000055 _____ () C:\Users\MARCO\AppData\Roaming\pcouffin.log
2018-06-16 16:13 - 2018-06-16 16:13 - 000082816 _____ (VSO Software) C:\Users\MARCO\AppData\Roaming\pcouffin.sys
2018-04-08 13:20 - 2018-04-08 13:20 - 007760687 _____ (Boraxsoft) C:\Users\MARCO\AppData\Roaming\SetupGFD.exe
2015-01-11 19:12 - 2015-01-11 19:12 - 000001167 _____ () C:\Users\MARCO\AppData\Roaming\trace_FilterInstaller.1.txt
2015-01-11 19:12 - 2018-08-21 21:11 - 000000905 _____ () C:\Users\MARCO\AppData\Roaming\trace_FilterInstaller.txt
2015-01-11 19:12 - 2018-08-21 21:11 - 000000000 _____ () C:\Users\MARCO\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2014-12-07 01:31 - 2014-12-29 15:30 - 000022033 _____ () C:\Users\MARCO\AppData\Roaming\Valori separati da virgola.ADR
2016-10-07 22:40 - 2020-04-18 23:02 - 000000096 _____ () C:\Users\MARCO\AppData\Roaming\version2.xml
2018-04-08 13:20 - 2018-04-08 13:20 - 000117723 _____ () C:\Users\MARCO\AppData\Roaming\yuvcodecs-1.3.exe
2014-12-03 01:43 - 2020-04-14 14:39 - 000001456 _____ () C:\Users\MARCO\AppData\Local\Adobe Salva per Web e dispositivi 13.0 Prefs
2020-04-01 16:25 - 2020-04-01 16:25 - 000000357 _____ () C:\Users\MARCO\AppData\Local\karboncalligraphyrc
2020-04-01 16:22 - 2020-04-01 16:27 - 000002449 _____ () C:\Users\MARCO\AppData\Local\krita-sysinfo.log
2020-04-01 16:22 - 2020-04-01 16:31 - 000001035 _____ () C:\Users\MARCO\AppData\Local\krita.log
2020-04-01 16:31 - 2020-04-01 16:31 - 000000039 _____ () C:\Users\MARCO\AppData\Local\kritadisplayrc
2020-04-01 16:22 - 2020-04-01 16:31 - 000016053 _____ () C:\Users\MARCO\AppData\Local\kritarc
2018-09-28 09:04 - 2018-09-28 09:04 - 000000000 _____ () C:\Users\MARCO\AppData\Local\oobelibMkey.log
2019-06-26 12:26 - 2020-02-28 00:36 - 000000128 _____ () C:\Users\MARCO\AppData\Local\PUTTY.RND
2018-07-29 23:53 - 2018-07-29 23:53 - 000000218 _____ () C:\Users\MARCO\AppData\Local\recently-used.xbel
2017-06-11 00:41 - 2017-06-24 19:42 - 000007609 _____ () C:\Users\MARCO\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
 
Ultima modifica da un moderatore:

R16

Utente Èlite
2,307
425
CPU
boh
Scheda Madre
boh
HDD
boh
RAM
boh
GPU
boh
Audio
boh
Monitor
boh
PSU
boh
Case
boh
OS
boh
Scarica questo file sul desktop: (dove si trova FRST)
Avvia FRST e clicca su FIX una sola volta.
Attendi la fine della scansione.
Se il pc non si riavvia da solo, lo devi riavviare tu.
Posta il file fixlog.txt.
 

thenax

Nuovo Utente
102
0
Scarica questo file sul desktop: (dove si trova FRST)
Avvia FRST e clicca su FIX una sola volta.
Attendi la fine della scansione.
Se il pc non si riavvia da solo, lo devi riavviare tu.
Posta il file fixlog.txt.
eccolo

questo è quello che ha restituito frst64 (vedo degli avast che mi insospettiscono!)
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-04-2020
Ran by MARCO (19-04-2020 13:57:07)
Running from C:\Users\MARCO\Desktop
Windows 10 Home Version 1909 18363.778 (X64) (2019-08-17 20:13:03)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1801797792-2963998745-2400400606-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-1801797792-2963998745-2400400606-503 - Limited - Disabled)
gabriella (S-1-5-21-1801797792-2963998745-2400400606-1014 - Limited - Enabled) => C:\Users\gabriella
Guest (S-1-5-21-1801797792-2963998745-2400400606-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1801797792-2963998745-2400400606-1012 - Limited - Enabled)
MARCO (S-1-5-21-1801797792-2963998745-2400400606-1001 - Administrator - Enabled) => C:\Users\MARCO
Simone (S-1-5-21-1801797792-2963998745-2400400606-1007 - Limited - Enabled) => C:\Users\Simone
WDAGUtilityAccount (S-1-5-21-1801797792-2963998745-2400400606-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ACDSee Photo Studio Ultimate 2019 (HKLM\...\{05F371AF-BD6B-4D3E-93DA-C2071394B764}) (Version: 12.1.1.1673 - ACD Systems International Inc.)
ACDSee Photo Studio Ultimate 2020 (HKLM\...\{EB2BD38F-44CF-46BB-A00B-72D7FD826A24}) (Version: 13.0.2.2057 - ACD Systems International Inc.)
AceMoney (HKLM-x32\...\AceMoney_is1) (Version: - MechCAD Software)
ActivePresenter (HKLM\...\{A2A40277-D807-4754-95A3-2F294C2C51D3}_is1) (Version: 7.5.13 - Atomi Systems, Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 28.0.0.127 - Adobe Systems Incorporated)
Adobe Bridge 2020 (HKLM-x32\...\KBRG_10_0_3) (Version: 10.0.3 - Adobe Inc.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.1.0.407 - Adobe Systems Incorporated)
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.8 - Adobe Systems Incorporated)
Adobe Extension Manager CC (HKLM-x32\...\{244FD30F-63F1-49B9-9D98-1150FF4FFCB1}) (Version: 7.3.2 - Adobe Systems Incorporated)
Adobe Lightroom Classic (HKLM-x32\...\LTRM_9_2) (Version: 9.2 - Adobe Inc.)
Adobe Media Encoder 2019 (HKLM-x32\...\AME_13_1_3) (Version: 13.1.3 - Adobe Systems Incorporated)
Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_1_1) (Version: 21.1.1 - Adobe Inc.)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_1_9) (Version: 19.1.9 - Adobe Systems Incorporated)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_9) (Version: 20.0.9 - Adobe Inc.)
Affinity Photo (HKLM\...\{D39FC096-62B2-4F21-BA48-04DAC525F929}) (Version: 1.8.3.641 - Serif (Europe) Ltd)
Amazon Photos (HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\Amazon Photos) (Version: 5.6.1 - Amazon.com, Inc.)
AMD Ryzen Master (HKLM\...\{03213877-8001-4F2C-8917-26B127DE1540}) (Version: 1.0.1.0239 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 20.2.2 - Advanced Micro Devices, Inc.)
AOMEI Partition Assistant Standard Edition 6.6 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version: - AOMEI Technology Co., Ltd.)
APOInstallerMSISetup (HKLM\...\{804BB8D7-5971-46C0-849B-1F40D8545B0A}) (Version: 1.0.14 - Nahimic) Hidden
APPBook 1.5.3 (HKLM-x32\...\781df90e-341d-585c-9760-bfee4555962f) (Version: 1.5.3 - ELI S.R.L. - European Language Institute)
APPBook 1.5.6 (HKLM-x32\...\{781df90e-341d-585c-9760-bfee4555962f}) (Version: 1.5.6 - ELI S.R.L. - European Language Institute)
Apple Mobile Device Support (HKLM\...\{6CECF0FB-EE71-4FE5-8AE0-FA007408934A}) (Version: 13.0.0.38 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Ashampoo Burning Studio FREE (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.14.5 - Ashampoo GmbH & Co. KG)
Assistente aggiornamento Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17364 - Microsoft Corporation)
AudioDeviceFXPluginSampleUIMSISetup (HKLM\...\{4864889A-C092-451D-861C-9A334EBE1573}) (Version: 1.0.1401 - Nahimic) Hidden
Avidemux 2.7 - 64 bits (HKLM-x32\...\Avidemux 2.7 - 64 bits (64-bit)) (Version: 2.7.1.180604 - )
AviSynth 2.6 (HKLM-x32\...\AviSynth) (Version: 2.6.0.6 - GPL Public release.)
AVStoDVD 2.8.8 (HKLM-x32\...\AVStoDVD) (Version: 2.8.8 - MrC)
Backup and Sync from Google (HKLM\...\{FE296942-D2D3-4149-8895-60655FE4CFDE}) (Version: 3.49.9800.0000 - Google, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Branding64 (HKLM\...\{856DA29A-EA4A-468B-BBC2-B5F60DD75BFE}) (Version: 1.00.0002 - Advanced Micro Devices, Inc.) Hidden
calibre 64bit (HKLM\...\{FC12E3F8-E522-4E65-A416-D7BDF41FBBA7}) (Version: 2.68.0 - Kovid Goyal)
Canon Utilities Digital Photo Professional 4 (HKLM-x32\...\Digital Photo Professional 4 (x64)) (Version: 4.5.10.1 - Canon Inc.)
Canon Utilities EOS Lens Registration Tool (HKLM-x32\...\EOS Lens Registration Tool) (Version: 1.5.10.0 - Canon Inc.)
Capture One 20.0.4 (HKLM\...\CaptureOne13_is1) (Version: 13.0.4.8 - Phase One A/S)
Cars 2 multimedia game (HKLM-x32\...\{A72E0BF6-237D-B724-AA15-0B0D6C00EAE3}) (Version: 1.0 - Clementoni S.p.A) Hidden
Cars 2 multimedia game (HKLM-x32\...\it.clementoni.multimediagames.cars2) (Version: 1.0 - Clementoni S.p.A)
CD-LabelPrint (HKLM-x32\...\MediaNavigation.CDLabelPrint) (Version: - )
Centro gestione Mouse e Tastiere Microsoft (HKLM\...\{93FDA8B3-711F-45A7-B7E1-497452B34F5F}) (Version: 10.4.137.0 - Microsoft Corporation) Hidden
Centro gestione Mouse e Tastiere Microsoft (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 10.4.137.0 - Microsoft Corporation)
Chrome Remote Desktop Host (HKLM-x32\...\{654C49EB-D47E-4319-B719-DEEC73787B51}) (Version: 83.0.4103.2 - Google Inc.)
Citrix Online Launcher (HKLM-x32\...\{48947098-A67C-46D4-90C5-9F2F6F0F96FE}) (Version: 1.0.449 - Citrix)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
CrystalDiskInfo 8.4.2 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.4.2 - Crystal Dew World)
CSV to vCard (HKLM-x32\...\{B9DCBBD4-20F5-424B-9C56-FFF62BE71CD7}_is1) (Version: - csvtovcard.com)
CyberLink Application Manager (HKLM-x32\...\InstallShield_{D25D3E15-CABD-420c-B62C-70C1C5EE63FD}) (Version: 1.0.4110.0 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Data Lifeguard Diagnostic version 1.37 (HKLM-x32\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version: - Western Digital Corporation)
Desktop Telematico 1.0.0 (HKLM\...\Desktop Telematico 1.0.0) (Version: 1.0.0.0 - SOGEI)
DesktopTelematico 1.0.0 (HKLM\...\DesktopTelematico) (Version: - )
DesktopTelematico 1.0.0 (HKLM-x32\...\DesktopTelematico) (Version: - )
Dictate (HKLM-x32\...\{8475267E-D7DF-4A6D-A126-2C6B519E6F74}) (Version: 5.00.0000 - Microsoft)
Digitale_Capitello (HKLM-x32\...\{819FF49A-2BA9-CB4C-0A41-F2A406D42899}) (Version: 6.0 - UNKNOWN) Hidden
Digitale_Capitello (HKLM-x32\...\Digitale.Capitello) (Version: 6.0 - UNKNOWN)
DisplayCAL (HKLM-x32\...\{4714199A-0D66-4E69-97FF-7B54BFF80B88}_is1) (Version: 3.8.5.0 - Florian Höch)
Driver Booster 7 (HKLM-x32\...\Driver Booster_is1) (Version: 7.4.0 - IObit)
Driver Easy 5.6.14 (HKLM\...\DriverEasy_is1) (Version: 5.6.14 - Easeware)
DVDStyler v3.1 (HKLM\...\DVDStyler_is1) (Version: - Thüring IT-Consulting)
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version: - EaseUS)
EaseUS Todo Backup Free 10.6 (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 10.6 - CHENGDU YIWO Tech Development Co., Ltd)
Easy Photo Scan (HKLM-x32\...\{BB6241FF-8B76-45A5-95B9-888EDE8E47DC}) (Version: 1.00.0010 - Seiko Epson Corporation)
EndpointMonitoring Install MSISetup (HKLM\...\{FBEFDD01-23EE-46E0-961F-F443341E305C}) (Version: 1.0.1401 - Nahimic) Hidden
EOSCount ActiveX control (HKLM-x32\...\{63B230BF-D745-4ECC-B773-EA25A9AFDC36}) (Version: 2.3.5 - Sergey Vasilevskiy)
EOSInfo (HKLM-x32\...\{CC23FF9A-989C-4DEB-8970-50E6E4862315}) (Version: 0.2.0 - astrojargon.net)
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.4.0 - Seiko Epson Corporation)
Epson Easy Photo Print 2 (HKLM-x32\...\{F05A434E-D3CF-4B44-9D3E-779D42090781}) (Version: 2.8.0.0 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{9F205E94-9E42-4486-A92A-DF3F6CB85444}) (Version: 3.10.0061 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.50.00 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{B55DB65D-EF6E-4E04-89D5-B03603BF681B}) (Version: 4.4.5 - SEIKO EPSON CORPORATION)
EPSON XP-760 Series Printer Uninstall (HKLM\...\EPSON XP-760 Series) (Version: - SEIKO EPSON Corporation)
Ezviz Player version V7.2.0 (HKLM-x32\...\{FAC8D04A-541F-4d41-8BFE-4E5F735758DF}}_is1) (Version: V7.2.0 - )
Ezviz Studio (HKLM-x32\...\{49DF99D3-BC81-439A-8F40-A0529159024C}_is1) (Version: - EZVIZ Inc.)
FileZilla Client 3.43.0 (HKLM-x32\...\FileZilla Client) (Version: 3.43.0 - Tim Kosse)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.163 - Google LLC)
Google Earth Pro (HKLM-x32\...\{9D524A1E-F2FC-444D-B12A-7592CEB56EB5}) (Version: 7.3.2.5776 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Google Video Support Plugin (HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 19.12.1000.0 - Google, LLC.)
GUI for dvdauthor 1.07 (HKLM-x32\...\GUI for dvdauthor) (Version: 1.07 - Boraxsoft)
HandBrake 1.2.2 (HKLM-x32\...\HandBrake) (Version: 1.2.2 - )
Helix YUV Codecs (remove only) (HKLM-x32\...\HelixYUVCodecs) (Version: - )
iCloud (HKLM\...\{359CA9EA-898C-4F5C-80D9-C111F27B489E}) (Version: 7.17.0.13 - Apple Inc.)
il Nuovo Devoto-Oli Junior LeMonnier (HKLM-x32\...\il Nuovo Devoto-Oli Junior LeMonnier) (Version: 1.0.0.0 - edPan search engine)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.0.0 - LIGHTNING UK!)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Invoicex (HKLM\...\Invoicex) (Version: - )
iTunes (HKLM\...\{9816A31B-D5BE-4D4A-8073-2A7BD3B0EBAE}) (Version: 12.10.4.2 - Apple Inc.)
Java 8 Update 241 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180241F0}) (Version: 8.0.2410.7 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
K-Lite Codec Pack 14.1.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.1.5 - KLCP)
LAV Filters 0.73.1 (HKLM-x32\...\lavfilters_is1) (Version: 0.73.1 - Hendrik Leppkes)
Loom 0.30.11 (HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\{3643b966-bc28-5bc8-95ff-3d47d66438db}) (Version: 0.30.11 - Loom, Inc.)
Macromedia Extension Manager (HKLM-x32\...\{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}) (Version: 1.7.240 - Macromedia, Inc.)
Manuali EPSON (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.54.0.0 - Seiko Epson Corporation)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.0.88 - McAfee, LLC.)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{8EC9E7BB-2443-49B1-8476-490EBF932C2E}) (Version: 4.25.512.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - it-it (HKLM\...\ProPlusRetail - it-it) (Version: 16.0.12624.20466 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0012 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools per Office Runtime (x64) - Language Pack - ITA (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ITA) (Version: 10.0.50903 - Microsoft Corporation)
MiniTool Power Data Recovery Free Edition 7.0 (HKLM\...\MiniTool Power Data Recovery Free Edition_is1) (Version: - MiniTool Solution Ltd.)
Monitor Asset Manager (HKLM-x32\...\{AD0BBBFD-C5E9-4214-A863-E83313D67C0C}_is1) (Version: - EnTech Taiwan)
Movie Maker (HKLM-x32\...\{312F7EE7-37D0-484D-B974-0CE1B8560C79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.2.0.67 - MSI)
MSI Super Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.3.0.24 - MSI)
MSI X Boost (HKLM-x32\...\{515143BB-7A11-4D85-B941-D520AAAA099C}_is1) (Version: 1.0.0.36 - MSI)
MSVC80_x64_v2 (HKLM\...\{4D668D4F-FAA2-4726-834C-31F4614F312E}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (HKLM-x32\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MyEpson Portal (HKLM-x32\...\{3361D415-BA35-4143-B301-661991BA6219}) (Version: 1.1.2.2 - SEIKO EPSON CORPORATION) Hidden
MyEpson Portal (HKLM-x32\...\MyEpson Portal) (Version: - SEIKO EPSON Corporation)
Nahimic VR (HKLM-x32\...\{29dcab99-1f56-4497-aeb0-d8eeecf554e2}) (Version: 1.0.14 - Nahimic)
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
NineEarsSettings Install Configurator (HKLM\...\{0E9230A4-E580-47BC-ADAA-D17FA9E2082F}) (Version: 1.0.1401 - Nahimic) Hidden
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.7.1 - Notepad++ Team)
OEM Application Profile (HKLM-x32\...\{7F5DCD33-1039-C3B2-9538-B645B65BBA63}) (Version: 1.00.0000 - Nome società) Hidden
OEM Application Profile (HKLM-x32\...\{84AD2AF7-10C8-0395-66F9-FFAEB4C5DBF1}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12624.20442 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12624.20442 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12624.20466 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0410-0000-0000000FF1CE}) (Version: 16.0.12624.20442 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Pacchetto driver Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass (01/27/2014 9.0.0000.00000) (HKLM\...\9CA77E2A8332A0824C54DA611BBE4CA24AB1F750) (Version: 01/27/2014 9.0.0000.00000 - Google, Inc.)
Pacchetto driver Windows - Phase One / Mamiya V-Grip USB Driver (12/03/2014 1.2.0.0) (HKLM\...\3F504CC0B024052107934E093CC26DA720256A7A) (Version: 12/03/2014 1.2.0.0 - Phase One / Mamiya)
Pacchetto driver Windows - Phase One A/S (WinUSB) USBDevice (12/14/2018 1.15.0.0) (HKLM\...\9398055CF8BEEF1D6FCF147047450F15A1C7AF2A) (Version: 12/14/2018 1.15.0.0 - Phase One A/S)
Pacchetto driver Windows - Silicon Laboratories (WinUSB) USB DFU Devices (03/21/2013 1.00.0000) (HKLM\...\F10ECE8185B942E6F1FCC2956ECDFE0C0D33E8A5) (Version: 03/21/2013 1.00.0000 - Silicon Laboratories)
Pacchetto driver Windows - Silicon Laboratories Inc. (silabser) Ports (03/28/2016 6.7.3.350) (HKLM\...\9437A0D535B29915072FCF153C7CA9B5FD547A24) (Version: 03/28/2016 6.7.3.350 - Silicon Laboratories Inc.)
PhotoFilmStrip 3.1.1 (HKLM\...\PhotoFilmStrip_is1) (Version: 3.1.1 - Jens Göpfert)
Planet versione 4.8 (HKLM-x32\...\{90747FA4-A488-45D3-9F91-8E516610CDCF}_is1) (Version: 4.8 - Tecnos)
Poedit (HKLM-x32\...\{68EB2C37-083A-4303-B5D8-41FA67E50B8F}_is1) (Version: 2.0.1 - Vaclav Slavik)
proDAD Adorage 3.0 (64bit) (HKLM\...\proDAD-Adorage-3.0) (Version: 3.0.114.1 - proDAD GmbH)
ProductDaemon Install Setup (HKLM\...\{D5F66A96-C6BA-4E69-994D-EA858DD459F3}) (Version: 1.0.1401 - Nahimic) Hidden
PuTTY release 0.73 (64-bit) (HKLM\...\{44F7642C-AB7E-4468-B028-E8D08A0CBB0E}) (Version: 0.73.0.0 - Simon Tatham)
QGIS 3.4.2 'Madeira' (HKLM\...\QGIS 3.4) (Version: 3.4.2 - QGIS Development Team)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Raccolta foto (HKLM-x32\...\{86A1CEAD-EF47-47BB-AE79-DA8C09E15382}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
RAPID Mode (HKLM\...\{18DF567E-AA9B-434D-BE77-BFE2292712F6}) (Version: 1.0.1.96 - Samsung Electronics Co., Ltd.) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.35.510.2019 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8746.1 - Realtek Semiconductor Corp.)
RescuePRO Deluxe 5.2.6.6 (HKLM-x32\...\{38D9AAB8-116B-40BB-A801-50B71DF82D24}_is1) (Version: 5.2.6.6 - LC Technology International, Inc.)
Ruby 2.3.3-p222-x64 (HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\{96A4CEEE-5ACC-4FB2-AAB6-8152D5AB0C9E}_is1) (Version: 2.3.3-p222 - RubyInstaller Team)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.9.7 - Samsung Electronics)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
Screaming Frog SEO Spider (HKLM-x32\...\Screaming Frog SEO Spider) (Version: 11.1 - Screaming Frog Ltd)
ScreenManager Pro for LCD (HKLM-x32\...\{DAB265AD-27B2-4651-B8D8-F4F3A8ECC705}) (Version: 3.3.3.0 - EIZO Corporation)
SEO Macroscope (HKLM\...\{DC87D91B-D6D0-4557-B494-4501BD4FDA00}) (Version: 1.7.61 - Jason Holland)
Skype versione 8.58 (HKLM-x32\...\Skype_is1) (Version: 8.58 - Skype Technologies S.A.)
Skype Web Plugin (HKLM-x32\...\{EB96DF8B-65A7-4E72-BFB1-38DB36870D16}) (Version: 7.32.6.278 - Skype Technologies S.A.)
SmartSound Quicktracks 5 (HKLM-x32\...\{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.8 - SmartSound Software Inc.) Hidden
SmartSound Quicktracks 5 (HKLM-x32\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.8 - SmartSound Software Inc.)
SnadBoy's Revelation v2 (HKLM-x32\...\SnadBoy's Revelation v2) (Version: 2.0.1.100 - SnadBoy Software)
Software Saal Design Italy (HKLM-x32\...\{00E0CBD7-C440-FD08-478C-A2074418339E}) (Version: 4.0 - Saal Digital Fotoservice GmbH) Hidden
Software Saal Design Italy (HKLM-x32\...\SoftwareSaalDesignItaly) (Version: 4.0 - Saal Digital Fotoservice GmbH)
Spyder4Pro (HKLM-x32\...\Spyder4Pro) (Version: - )
SSAudioDaemon Install MSISetup (HKLM\...\{1428858F-547B-408D-B25B-0A28540E496A}) (Version: 1.0.14 - Nahimic) Hidden
Supporto applicazioni Apple (32 bit) (HKLM-x32\...\{A7039CC9-4669-4799-92B1-C5CE346DBE3D}) (Version: 8.3 - Apple Inc.)
Supporto applicazioni Apple (64 bit) (HKLM\...\{DA78A9DC-3599-4D81-A960-B679687A6C14}) (Version: 8.3 - Apple Inc.)
Tavoletta Wacom (HKLM\...\Wacom Tablet Driver) (Version: 6.3.11-4 - Wacom Technology Corp.)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.7.1965 - TeamViewer)
Therion (HKLM-x32\...\therion-4.66920160910299_is1) (Version: - Stacho Mudrak, Martin Budaj)
Topaz Adjust 5 (HKLM-x32\...\Topaz Adjust 5) (Version: 5.1.0 - Topaz Labs, LLC)
Unity Web Player (HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\UnityWebPlayer) (Version: 5.3.1f1 - Unity Technologies ApS)
Universal Adb Driver (HKLM-x32\...\{C0E08D8D-6076-4117-B644-2AF34F35B757}) (Version: 1.0.4 - ClockworkMod)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
update_server (HKLM-x32\...\{1D08522D-308D-4615-AEA9-44021FD7445A}_is1) (Version: - )
Video Download Capture V6.3.3 (HKLM-x32\...\{b3336f66-e079-4ff6-abdb-51e2fab781d5}_is1) (Version: 6.3.3 - APOWERSOFT LIMITED)
Video to Video (HKLM-x32\...\{7F95A744-78DA-4AED-A8F0-A0AF330B8411}_is1) (Version: - Media Converters)
Visual SEO Studio (HKLM-x32\...\{63ba0607-9e17-429a-8afd-cc7c0807d35b}) (Version: 1.8.1.2 - aStonish Studio)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.6 - VideoLAN)
VSO ConvertXToDVD 7 (HKLM-x32\...\{A021D003-6933-4EA4-B582-F1D0C3E52409}_is1) (Version: 7.0.0.59 - VSO Software)
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0-2) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0-3) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
WD Drive Utilities (HKLM-x32\...\{42CF3914-5357-45F2-8B3D-ED2F750FA7E4}) (Version: 1.1.0.51 - Western Digital Technologies, Inc.)
WebSite Auditor (HKLM-x32\...\seopowersuite) (Version: 4.38.11 - SEO PowerSuite)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.50 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Wondershare Video Converter Free(Build 6.5.2.3) (HKLM-x32\...\Wondershare Video Converter Free_is1) (Version: 6.5.2.3 - Wondershare Software)
YoutubeMovieMaker (HKLM\...\{543D2D61-3E3D-4CAD-A39A-B40D7E0911DB}) (Version: 18.16 - Youtube Movie Maker)

Packages:
=========
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc [2020-04-18] (Adobe Systems Incorporated)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2020-04-18] (Autodesk Inc.)
Componente aggiuntivo Foto -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2020-04-18] (Microsoft Corporation)
Componente aggiuntivo motore dei supporti Foto -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-04-18] (Microsoft Corporation)
Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_4.9.0.6_x86__h6adky7gbf63m [2020-04-18] (Gameloft SE)
Estensione video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2020-04-18] (Microsoft Corporation)
Kindle -> C:\Program Files\WindowsApps\AMZNMobileLLC.KindleforWindows8_2.1.0.2_neutral__stfe6vwa9jnbp [2020-04-12] (0)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-04-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-04-18] (Microsoft Corporation) [MS Ad]
Microsoft News: le ultime notizie in tempo reale -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.36.20714.0_x64__8wekyb3d8bbwe [2020-04-18] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.6.4030.0_x64__8wekyb3d8bbwe [2020-04-18] (Microsoft Studios) [MS Ad]
MSN Food & Drink -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2020-04-18] (Microsoft Corporation) [MS Ad]
MSN Meteo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-04-18] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.36.20714.0_x64__8wekyb3d8bbwe [2020-04-18] (Microsoft Corporation) [MS Ad]
MSN Salute & Benessere -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2020-04-18] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-04-18] (Microsoft Corporation) [MS Ad]
MSN Viaggi -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2020-04-18] (Microsoft Corporation) [MS Ad]
Raw Image Extension -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_1.0.21991.0_x64__8wekyb3d8bbwe [2020-04-18] (Microsoft Corporation)
TeamViewer: Remote Control -> C:\Program Files\WindowsApps\TeamViewer.31414B719FA93_15.0.100.0_x86__89446h4zmeyyt [2020-04-18] (TeamViewer)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2020-04-18] (Twitter Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1801797792-2963998745-2400400606-1001_Classes\CLSID\{41052F6E-3662-4584-BCD3-77BCCAAE8470}\InprocServer32 -> C:\Users\MARCO\AppData\Local\SkypePlugin\7.32.6.278\GatewayActiveX-x64.dll (Microsoft Corporation -> Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-1801797792-2963998745-2400400606-1001_Classes\CLSID\{46406D82-6EC0-47CC-8A75-1F33C6DEDBBE}\InprocServer32 -> C:\Users\MARCO\AppData\Local\Google\Update\1.3.35.442\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1801797792-2963998745-2400400606-1001_Classes\CLSID\{9B57F475-CCB0-4C85-88A9-2AA9A6C0809A} -> [Amazon Drive] => C:\Users\MARCO\Amazon Drive [2016-12-18 00:14]
CustomCLSID: HKU\S-1-5-21-1801797792-2963998745-2400400606-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
CustomCLSID: HKU\S-1-5-21-1801797792-2963998745-2400400606-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\MARCO\AppData\Local\Google\Update\1.3.35.452\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-1801797792-2963998745-2400400606-1001_Classes\CLSID\{E9E7529D-7F09-410B-AF2A-CC154473B19C}\InprocServer32 -> C:\Users\MARCO\AppData\Local\Google\Update\1.3.35.452\psuser_64.dll (Google LLC -> Google LLC)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-04-06] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-04-06] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-04-06] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2019-06-17] (Notepad++ -> )
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-04-06] (Google LLC -> Google)
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll -> No File
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2020-01-22] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [PicaViewCtxMenuShlExt] -> {F3CBBA61-EE3F-4D6D-B1C6-B3474E579936} => C:\Program Files\Common Files\ACD Systems\PicaView\ACDSeePV.dll [2019-09-23] (ACD Systems International Inc. -> ACD Systems International Inc.)
ContextMenuHandlers1: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2017-09-04] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => C:\WINDOWS\SysWOW64\WSCM64.dll [2018-03-26] (Wondershare Software Co., Ltd. -> )
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll -> No File
ContextMenuHandlers2: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2017-09-04] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd) [File not signed]
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-04-06] (Google LLC -> Google)
ContextMenuHandlers4: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2017-09-04] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd) [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2020-02-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => -> No File
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.pDAD] => C:\WINDOWS\system32\prodad-codec.dll [607256 2017-04-26] (proDAD GmbH -> proDAD GmbH)
HKLM\...\Drivers32: [vidc.yv12] => C:\Windows\SysWOW64\yv12vfw.dll [83456 2010-11-03] (www.helixcommunity.org) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\MARCO\Desktop\MATERIALE QGIS DEM\OSGeo4W\OSGeo4W Shell.lnk -> C:\OSGeo4W64\OSGeo4W.bat ()
ShortcutWithArgument: C:\Users\MARCO\Desktop\Marco (mmosca@credem.it) - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 5"
ShortcutWithArgument: C:\Users\MARCO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ruby 2.3.3-p222-x64\Start Command Prompt with Ruby.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /E:ON /K C:\Ruby23-x64\bin\setrbvars.bat
ShortcutWithArgument: C:\Users\MARCO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applicazioni Chrome\Sorgenia.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 3" --app-id=ldadomeegcgcdjfcijngdjglflcghljg
ShortcutWithArgument: C:\Users\MARCO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applicazioni Chrome\Vysor.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=gidgenkbbabolejbgbpnhbimgjbffefm
ShortcutWithArgument: C:\Users\MARCO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7cd27c6fdd0b5b45\Google Hangouts.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 3" --app-id=nckgahadagoaajjgafhacjanaoiihapd
ShortcutWithArgument: C:\Users\MARCO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\225bb61db2f318c1\Marco - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 3"

==================== Loaded Modules (Whitelisted) =============

2019-08-31 16:10 - 2019-03-04 01:31 - 000092672 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\_ctypes.pyd
2019-08-31 16:10 - 2019-03-04 01:34 - 001096192 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\_hashlib.pyd
2019-08-31 16:10 - 2019-03-04 01:32 - 000027648 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\_multiprocessing.pyd
2019-08-31 16:10 - 2019-03-04 01:33 - 000046592 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\_socket.pyd
2019-08-31 16:10 - 2019-03-04 01:34 - 001415680 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\_ssl.pyd
2019-08-31 16:10 - 2019-06-08 23:12 - 000016384 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\_winxptheme.pyd
2019-08-31 16:10 - 2019-03-04 01:32 - 000071168 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\bz2.pyd
2019-08-31 16:10 - 2019-06-08 21:25 - 000014336 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\faulthandler.pyd
2019-08-31 16:10 - 2018-08-04 17:26 - 000104448 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\numpy.core._multiarray_tests.pyd
2019-08-31 16:10 - 2018-08-04 17:26 - 001220608 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\numpy.core.multiarray.pyd
2019-08-31 16:10 - 2018-08-04 17:26 - 000717312 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\numpy.core.umath.pyd
2019-08-31 16:10 - 2018-08-04 17:26 - 000066560 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\numpy.fft.fftpack_lite.pyd
2019-08-31 16:10 - 2018-08-04 17:26 - 001478144 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\numpy.linalg._umath_linalg.pyd
2019-08-31 16:10 - 2018-08-04 17:26 - 001382912 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\numpy.linalg.lapack_lite.pyd
2019-08-31 16:10 - 2018-08-04 17:26 - 000664576 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\numpy.random.mtrand.pyd
2019-08-31 16:10 - 2019-03-04 01:32 - 000143360 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\pyexpat.pyd
2019-08-31 16:10 - 2018-09-28 17:23 - 000397824 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\pythoncom27.dll
2019-08-31 16:10 - 2018-09-28 17:21 - 000110592 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\pywintypes27.dll
2019-08-31 16:10 - 2019-03-04 01:32 - 000010240 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\select.pyd
2019-08-31 16:10 - 2019-03-04 01:32 - 000687104 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\unicodedata.pyd
2019-08-31 16:10 - 2019-06-08 23:12 - 000100864 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\win32api.pyd
2019-08-31 16:10 - 2019-06-08 23:12 - 000397824 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\win32com.shell.shell.pyd
2019-08-31 16:10 - 2019-06-08 23:12 - 000045568 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\win32console.pyd
2019-08-31 16:10 - 2019-06-08 23:12 - 000018432 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\win32event.pyd
2019-08-31 16:10 - 2019-06-08 23:12 - 000119808 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\win32file.pyd
2019-08-31 16:10 - 2019-06-08 23:12 - 000167936 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\win32gui.pyd
2019-08-31 16:10 - 2019-06-08 23:12 - 000036864 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\win32process.pyd
2019-08-31 16:10 - 2019-06-01 21:25 - 000862208 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\wx._adv.pyd
2019-08-31 16:10 - 2019-06-01 21:25 - 005679616 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\wx._core.pyd
2019-08-31 16:10 - 2019-06-01 21:25 - 000428544 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\wx._grid.pyd
2019-08-31 16:10 - 2019-06-01 21:25 - 000500736 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\wx._html.pyd
2019-08-31 16:10 - 2019-06-01 21:25 - 000066560 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\wx._xml.pyd
2019-08-31 16:10 - 2019-06-01 21:25 - 000091648 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\wx._xrc.pyd
2019-08-31 16:10 - 2019-06-01 21:25 - 000088576 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\wx.siplib.pyd
2019-10-05 00:41 - 2015-09-10 16:50 - 000195072 _____ () [File not signed] C:\Program Files (x86)\hicloud\update_server\ExceptionHandler.dll
2019-10-05 00:41 - 2015-09-10 16:50 - 001320448 _____ () [File not signed] C:\Program Files (x86)\hicloud\update_server\hlog.dll
2019-10-05 00:41 - 2015-09-10 16:50 - 000151607 _____ () [File not signed] C:\Program Files (x86)\hicloud\update_server\hpr.dll
2019-10-05 00:41 - 2015-09-10 16:50 - 000107520 _____ () [File not signed] C:\Program Files (x86)\hicloud\update_server\SPUpDate.dll
2020-03-08 18:56 - 2005-07-18 14:43 - 000160256 _____ () [File not signed] C:\Program Files (x86)\MSI\Live Update\unrar.dll
2020-04-19 13:17 - 2020-04-19 13:17 - 000114176 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\_ctypes.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000173056 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\_elementtree.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 002133504 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\_hashlib.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000032256 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\_multiprocessing.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000046080 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\_psutil_windows.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000047616 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\_socket.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 002701824 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\_ssl.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000026112 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\_yappi.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000080896 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\bz2.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000016384 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\common.time34.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000007680 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\hashobjs_ext.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000301568 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\PIL._imaging.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000169472 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\pyexpat.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 001084416 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\pysqlite2._sqlite.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000548864 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\pythoncom27.dll
2020-04-19 13:17 - 2020-04-19 13:17 - 000137728 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\pywintypes27.dll
2020-04-19 13:17 - 2020-04-19 13:17 - 000010752 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\select.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000020992 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\thumbnails_ext.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000689664 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\unicodedata.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000119808 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\usb_ext.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000128512 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\win32api.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000438784 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\win32com.shell.shell.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000011776 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\win32crypt.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000023040 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\win32event.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000149504 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\win32file.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000223232 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\win32gui.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000048128 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\win32inet.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000029696 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\win32pdh.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000027648 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\win32pipe.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000044032 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\win32process.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000020480 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\win32profile.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000136192 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\win32security.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000026624 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\win32ts.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000034816 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\windows.conditional.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000038400 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\windows.connectivity.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000071680 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\windows.device_monitor.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000109056 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\windows.volumes.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000020480 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\windows.winwrap.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 001325056 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\wx._controls_.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 001489408 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\wx._core_.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 001007104 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\wx._gdi_.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000103424 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\wx._html2.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000916992 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\wx._misc_.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 001039872 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\wx._windows_.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000114176 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\_ctypes.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000173056 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\_elementtree.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 002133504 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\_hashlib.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000032256 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\_multiprocessing.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000046080 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\_psutil_windows.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000047616 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\_socket.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 002701824 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\_ssl.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000026112 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\_yappi.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000080896 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\bz2.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000016384 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\common.time34.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000007680 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\hashobjs_ext.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000301568 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\PIL._imaging.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000169472 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\pyexpat.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 001084416 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\pysqlite2._sqlite.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000548864 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\pythoncom27.dll
2020-04-19 13:17 - 2020-04-19 13:17 - 000137728 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\pywintypes27.dll
2020-04-19 13:17 - 2020-04-19 13:17 - 000010752 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\select.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000020992 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\thumbnails_ext.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000689664 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\unicodedata.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000119808 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\usb_ext.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000128512 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\win32api.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000438784 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\win32com.shell.shell.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000011776 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\win32crypt.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000023040 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\win32event.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000149504 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\win32file.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000223232 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\win32gui.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000048128 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\win32inet.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000029696 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\win32pdh.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000027648 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\win32pipe.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000044032 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\win32process.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000020480 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\win32profile.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000136192 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\win32security.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000026624 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\win32ts.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000034816 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\windows.conditional.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000038400 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\windows.connectivity.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000071680 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\windows.device_monitor.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000109056 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\windows.volumes.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000020480 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\windows.winwrap.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 001325056 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\wx._controls_.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 001489408 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\wx._core_.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 001007104 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\wx._gdi_.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000103424 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\wx._html2.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000916992 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\wx._misc_.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 001039872 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\wx._windows_.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000114176 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\_ctypes.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000173056 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\_elementtree.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 002133504 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\_hashlib.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000032256 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\_multiprocessing.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000046080 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\_psutil_windows.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000047616 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\_socket.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 002701824 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\_ssl.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000026112 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\_yappi.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000080896 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\bz2.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000016384 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\common.time34.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000007680 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\hashobjs_ext.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000301568 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\PIL._imaging.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000169472 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\pyexpat.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 001084416 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\pysqlite2._sqlite.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000548864 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\pythoncom27.dll
2020-04-19 13:16 - 2020-04-19 13:16 - 000137728 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\pywintypes27.dll
2020-04-19 13:16 - 2020-04-19 13:16 - 000010752 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\select.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000020992 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\thumbnails_ext.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000689664 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\unicodedata.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000119808 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\usb_ext.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000128512 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\win32api.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000438784 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\win32com.shell.shell.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000011776 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\win32crypt.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000023040 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\win32event.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000149504 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\win32file.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000223232 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\win32gui.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000048128 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\win32inet.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000029696 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\win32pdh.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000027648 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\win32pipe.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000044032 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\win32process.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000020480 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\win32profile.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000136192 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\win32security.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000026624 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\win32ts.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000034816 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\windows.conditional.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000038400 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\windows.connectivity.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000071680 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\windows.device_monitor.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000109056 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\windows.volumes.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000020480 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\windows.winwrap.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 001325056 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\wx._controls_.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 001489408 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\wx._core_.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 001007104 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\wx._gdi_.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000103424 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\wx._html2.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000916992 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\wx._misc_.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 001039872 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\wx._windows_.pyd
2012-05-03 10:47 - 2012-05-03 10:47 - 001681408 _____ (/n software inc. - www.nsoftware.com) [File not signed] C:\Program Files\ACD Systems\ACDSee Ultimate\12.0\ipworksssl8.dll
2012-05-03 10:47 - 2012-05-03 10:47 - 001681408 _____ (/n software inc. - www.nsoftware.com) [File not signed] C:\Program Files\ACD Systems\ACDSee Ultimate\13.0\ipworksssl8.dll
2015-09-25 19:46 - 2012-09-21 05:00 - 000303104 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNCALBL.DLL
2014-11-22 21:53 - 2012-03-14 06:00 - 000385024 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMLMAE.DLL
2015-09-25 19:46 - 2012-09-20 05:00 - 000390656 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMLMBL.DLL
2014-11-17 00:02 - 2012-07-31 10:48 - 000359936 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL
2014-11-22 21:57 - 2012-03-14 06:00 - 000385024 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMXLMAE.DLL
2017-05-21 00:18 - 2012-09-20 05:00 - 000030208 _____ (CANON INC.) [File not signed] C:\WINDOWS\system32\spool\PRTPROCS\x64\CNMPDBL.DLL
2018-03-09 19:47 - 2017-09-04 18:47 - 000382096 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll
2014-04-20 11:17 - 2014-04-20 11:17 - 000803520 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicExplorer64.dll
2016-08-22 22:31 - 2019-03-04 01:31 - 002649600 _____ (Python Software Foundation) [File not signed] C:\Program Files (x86)\DisplayCAL\PYTHON27.DLL
2020-04-19 13:17 - 2020-04-19 13:17 - 003042816 _____ (Python Software Foundation) [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\python27.dll
2020-04-19 13:17 - 2020-04-19 13:17 - 003042816 _____ (Python Software Foundation) [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\python27.dll
2020-04-19 13:16 - 2020-04-19 13:16 - 003042816 _____ (Python Software Foundation) [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\python27.dll
2015-12-17 11:11 - 2015-12-17 11:11 - 000132096 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\epnsm.dll
2009-10-21 17:39 - 2009-10-21 17:39 - 000291328 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\LcMgr.dll
2019-02-22 18:01 - 2019-02-22 18:01 - 000704512 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files (x86)\EPSON\MyEpson Portal\Configration_00000171\MepCfg.dll
2019-02-22 16:09 - 2019-02-22 16:09 - 000475136 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files (x86)\EPSON\MyEpson Portal\Online Manual_00000013\MepFAQ.dll
2019-10-05 00:41 - 2015-09-10 16:50 - 000285184 _____ (The cURL library, hxxp://curl.haxx.se/) [File not signed] C:\Program Files (x86)\hicloud\update_server\libcurl.dll
2019-10-05 00:41 - 2015-09-10 16:50 - 001204736 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\hicloud\update_server\LIBEAY32.dll
2019-10-05 00:41 - 2015-09-10 16:50 - 000296448 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\hicloud\update_server\SSLEAY32.dll
2019-08-31 16:10 - 2019-06-01 21:25 - 000155136 _____ (wxWidgets development team) [File not signed] C:\Program Files (x86)\DisplayCAL\lib\wxbase30u_net_vc90.dll
2019-08-31 16:10 - 2019-06-01 21:25 - 002036736 _____ (wxWidgets development team) [File not signed] C:\Program Files (x86)\DisplayCAL\lib\wxbase30u_vc90.dll
2019-08-31 16:10 - 2019-06-01 21:25 - 000136192 _____ (wxWidgets development team) [File not signed] C:\Program Files (x86)\DisplayCAL\lib\wxbase30u_xml_vc90.dll
2019-08-31 16:10 - 2019-06-01 21:25 - 001253888 _____ (wxWidgets development team) [File not signed] C:\Program Files (x86)\DisplayCAL\lib\wxmsw30u_adv_vc90.dll
2019-08-31 16:10 - 2019-06-01 21:25 - 004882432 _____ (wxWidgets development team) [File not signed] C:\Program Files (x86)\DisplayCAL\lib\wxmsw30u_core_vc90.dll
2019-08-31 16:10 - 2019-06-01 21:25 - 000601600 _____ (wxWidgets development team) [File not signed] C:\Program Files (x86)\DisplayCAL\lib\wxmsw30u_html_vc90.dll
2019-08-31 16:10 - 2019-06-01 21:25 - 000687104 _____ (wxWidgets development team) [File not signed] C:\Program Files (x86)\DisplayCAL\lib\wxmsw30u_xrc_vc90.dll
2020-04-19 13:17 - 2020-04-19 13:17 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\wxbase30u_net_vc90_x64.dll
2020-04-19 13:17 - 2020-04-19 13:17 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\wxbase30u_vc90_x64.dll
2020-04-19 13:17 - 2020-04-19 13:17 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\wxmsw30u_adv_vc90_x64.dll
2020-04-19 13:17 - 2020-04-19 13:17 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\wxmsw30u_core_vc90_x64.dll
2020-04-19 13:17 - 2020-04-19 13:17 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\wxmsw30u_html_vc90_x64.dll
2020-04-19 13:17 - 2020-04-19 13:17 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\wxmsw30u_webview_vc90_x64.dll
2020-04-19 13:17 - 2020-04-19 13:17 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\wxbase30u_net_vc90_x64.dll
2020-04-19 13:17 - 2020-04-19 13:17 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\wxbase30u_vc90_x64.dll
2020-04-19 13:17 - 2020-04-19 13:17 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\wxmsw30u_adv_vc90_x64.dll
2020-04-19 13:17 - 2020-04-19 13:17 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\wxmsw30u_core_vc90_x64.dll
2020-04-19 13:17 - 2020-04-19 13:17 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\wxmsw30u_html_vc90_x64.dll
2020-04-19 13:17 - 2020-04-19 13:17 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\wxmsw30u_webview_vc90_x64.dll
2020-04-19 13:16 - 2020-04-19 13:16 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\wxbase30u_net_vc90_x64.dll
2020-04-19 13:16 - 2020-04-19 13:16 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\wxbase30u_vc90_x64.dll
2020-04-19 13:16 - 2020-04-19 13:16 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\wxmsw30u_adv_vc90_x64.dll
2020-04-19 13:16 - 2020-04-19 13:16 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\wxmsw30u_core_vc90_x64.dll
2020-04-19 13:16 - 2020-04-19 13:16 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\wxmsw30u_html_vc90_x64.dll
2020-04-19 13:16 - 2020-04-19 13:16 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\wxmsw30u_webview_vc90_x64.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:6DDED7D9 [280]
AlternateDataStreams: C:\Users\MARCO\Amazon Drive:com.amazon.drive.sync [88]
AlternateDataStreams: C:\Users\MARCO\Amazon Drive:com.amazon.drive.sync.root [42]
AlternateDataStreams: C:\Users\MARCO\AppData\Local\Temp:com.affinity.designer.2 [320]
AlternateDataStreams: C:\Users\MARCO\AppData\Local\Temp:com.affinity.photo.2 [366]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\localhost -> localhost

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2020-01-29 18:47 - 000000925 _____ C:\WINDOWS\system32\drivers\etc\hosts
83.103.59.70 mammacucina.it www.mammacucina.it
83.103.59.70 comeunavolta.it www.comeunavolta.it
83.103.59.70 wordpressfix.it www.wordpressfix.it

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64\compiler;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Calibre2\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files (x86)\Skype\Phone\;C:\Users\MARCO\AppData\Local\Microsoft\WindowsApps;C:\adb;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\PuTTY\
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\MARCO\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\win ltblue 1920x1200.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: cFosSpeedS => 2
MSCONFIG\Services: EaseUS Agent => 2
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: ICCS => 3
MSCONFIG\Services: McAfee WebAdvisor => 2
MSCONFIG\Services: MSIClock_CC => 3
MSCONFIG\Services: MSICOMM_CC => 3
MSCONFIG\Services: MSICPU_CC => 3
MSCONFIG\Services: MSICTL_CC => 2
MSCONFIG\Services: MSIDDR_CC => 2
MSCONFIG\Services: MSISMB_CC => 3
MSCONFIG\Services: MSISuperIO_CC => 3
MSCONFIG\Services: MSI_RAMDisk_Service => 2
MSCONFIG\Services: RAMDrivService => 2
MSCONFIG\Services: RichVideo64 => 2
MSCONFIG\Services: tbaseprovisioning => 2
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\Services: WsAppService => 2
MSCONFIG\Services: WsDrvInst => 2
MSCONFIG\Services: WTabletServicePro => 2
HKLM\...\StartupApproved\StartupFolder: => "ScreenManager Pro for LCD Ver3.3.3.lnk"
HKLM\...\StartupApproved\Run: => "VX3000"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "NahimicVRSvc64"
HKLM\...\StartupApproved\Run: => "NahimicVRSvc32"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "Live Update"
HKLM\...\StartupApproved\Run32: => "X_Boost"
HKLM\...\StartupApproved\Run32: => "Command Center"
HKLM\...\StartupApproved\Run32: => "Super Charger"
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\StartupApproved\StartupFolder: => "Invia a OneNote.lnk"
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\StartupApproved\Run: => "AceMoneyReminder"
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\StartupApproved\Run: => "AdobeBridge"
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\StartupApproved\Run: => "iCloudPhotos"
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\StartupApproved\Run: => "Skype for Desktop"
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\StartupApproved\Run: => "com.squirrel.WhatsApp.WhatsApp"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{C03958B7-874C-4CA3-993F-8DB651C5A533}C:\bitnami\wordpress-5.2.2-0\apache2\bin\httpd.exe] => (Allow) C:\bitnami\wordpress-5.2.2-0\apache2\bin\httpd.exe No File
FirewallRules: [TCP Query User{04CA0B51-9204-49E8-B303-5E761BC6F7D9}C:\bitnami\wordpress-5.2.2-0\apache2\bin\httpd.exe] => (Allow) C:\bitnami\wordpress-5.2.2-0\apache2\bin\httpd.exe No File
FirewallRules: [UDP Query User{3953C3F3-8C51-47DE-A87E-91708F33656E}C:\bitnami\wordpress-5.2.2-0\mysql\bin\mysqld.exe] => (Allow) C:\bitnami\wordpress-5.2.2-0\mysql\bin\mysqld.exe No File
FirewallRules: [TCP Query User{6954FCD0-DC02-415E-8900-1F139FFE129C}C:\bitnami\wordpress-5.2.2-0\mysql\bin\mysqld.exe] => (Allow) C:\bitnami\wordpress-5.2.2-0\mysql\bin\mysqld.exe No File
FirewallRules: [{972E1010-21DB-4298-92A6-A98028D3C0F2}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9D18D74D-C2A5-4FE6-B09D-630D4C550817}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C1B99A39-F5CB-41F1-B422-1F6CFF50C367}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F5A496EB-6B78-4AEC-862A-13889DA8E319}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E8154D50-8169-4B59-86FD-621541E92FD8}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe No File
FirewallRules: [{FEEB344A-AE96-4925-B7AE-A318D4D1B843}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe No File
FirewallRules: [{E626089B-D62E-4584-9D56-BFE1092E398F}] => (Allow) C:\Windows\SysWOW64\muzapp.exe (Musiccity Co.Ltd.) [File not signed]
FirewallRules: [{007FFAA1-927F-4423-83D2-BE6B7CFA51DC}] => (Allow) C:\Windows\SysWOW64\muzapp.exe (Musiccity Co.Ltd.) [File not signed]
FirewallRules: [TCP Query User{FE9B9AAC-1C6D-4480-90F4-DE8D5EFB5DCE}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe No File
FirewallRules: [{FF807332-3F5B-49CF-A3D6-9CEC3C667FA1}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManagerCoreServices.exe No File
FirewallRules: [{A618FC33-B00C-4BAA-9860-FE3B981D34B6}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManagerCoreServices.exe No File
FirewallRules: [{2D9F1D91-ECBB-4FB9-BFE2-2BC5B0AFA8C8}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManager.exe No File
FirewallRules: [{75800B39-434D-4DC6-BA0B-3ED5E1C36305}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManager.exe No File
FirewallRules: [{F0F18BF5-E904-4429-9883-ACD162F2C275}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\rtmpsrv.exe No File
FirewallRules: [{E5EECABC-DF11-4A9B-AA79-3FBA91AA2E44}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\rtmpsrv.exe No File
FirewallRules: [{53BD16A8-4D62-4F22-8905-A2F17D2E3CC1}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe No File
FirewallRules: [{44019131-5540-4B75-9587-674B25FA8019}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe No File
FirewallRules: [TCP Query User{F4D3DC62-A42A-41A2-8290-A4001B8DEB08}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [UDP Query User{CFF1661A-0E55-4D54-B43C-E2989C1DDE8D}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{264B0FE5-1294-44E6-A582-5EA2355254A6}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
FirewallRules: [{9936B3B5-C0DA-42ED-9179-4BFE54F65D4C}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
FirewallRules: [{6C5D71A8-1A61-41D2-B301-6E1F09E55902}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
FirewallRules: [{02B5CD24-67D3-4DF7-90F0-E9B6F12602B1}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
FirewallRules: [{EFEEBDB4-63B7-40B5-B65B-792DA410170A}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed]
FirewallRules: [{21531347-98A1-44AB-8F9F-0C6997A13F4E}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed]
FirewallRules: [{E2462E14-A0F7-4697-A9CD-5BEC34FF2220}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe No File
FirewallRules: [{5B9DEE0D-3E23-4634-AE73-167429B563D4}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe No File
FirewallRules: [{A865A004-0D04-4EAE-997B-15C01426B104}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe No File
FirewallRules: [{08275B6F-4CAD-4B9B-904A-712D96FEF081}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe No File
FirewallRules: [{4921D2F3-DB4F-4160-912D-AFC0383F77C9}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe No File
FirewallRules: [{2D84E32D-8E79-4FF0-8EBE-6F29D06D0CAD}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe No File
FirewallRules: [{34277CAD-9B1B-42E1-BB01-3F8EC9055578}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe No File
FirewallRules: [{DFCC4AD0-75F2-450A-8038-9C066F33F882}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\OxygenPanelDaemon.exe No File
FirewallRules: [{91795F08-39ED-4303-AB4B-E1D6BEAB6FAB}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DPDecoder.exe No File
FirewallRules: [{7B75AEBD-D2CF-4B4E-B26A-B45B248EF909}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe No File
FirewallRules: [TCP Query User{E965226C-B794-4CFC-9EA3-920864A73BC3}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe No File
FirewallRules: [UDP Query User{E87FEF4C-E305-4B1D-869A-E3574B06FF8C}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe No File
FirewallRules: [TCP Query User{6F6A641F-C412-4069-B166-F330322C883A}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe No File
FirewallRules: [UDP Query User{D706F419-8194-4C30-916D-1137C8C2ED34}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe No File
FirewallRules: [TCP Query User{283C508A-CD5F-4355-AA04-598D95FC5521}D:\downloads\argyll_v1.9.2_win64_exe (1)\argyll_v1.9.2\bin\dispwin.exe] => (Allow) D:\downloads\argyll_v1.9.2_win64_exe (1)\argyll_v1.9.2\bin\dispwin.exe () [File not signed]
FirewallRules: [UDP Query User{A392BE8E-8983-42E8-AC10-1D85A24670A1}D:\downloads\argyll_v1.9.2_win64_exe (1)\argyll_v1.9.2\bin\dispwin.exe] => (Allow) D:\downloads\argyll_v1.9.2_win64_exe (1)\argyll_v1.9.2\bin\dispwin.exe () [File not signed]
FirewallRules: [TCP Query User{32F8D665-FDA0-4A69-A82B-DD52EBED56E3}D:\downloads\argyll_v2.0.0\bin\dispcal.exe] => (Allow) D:\downloads\argyll_v2.0.0\bin\dispcal.exe () [File not signed]
FirewallRules: [UDP Query User{D914CCB3-1764-4AE8-A8BB-9929F2D09EB9}D:\downloads\argyll_v2.0.0\bin\dispcal.exe] => (Allow) D:\downloads\argyll_v2.0.0\bin\dispcal.exe () [File not signed]
FirewallRules: [TCP Query User{2B71089D-280D-49F9-93DA-DCB6D2171652}D:\downloads\argyll_v2.0.0\bin\dispwin.exe] => (Allow) D:\downloads\argyll_v2.0.0\bin\dispwin.exe () [File not signed]
FirewallRules: [UDP Query User{9240E0FB-7C16-42D4-BB09-F0FE4CAB1AD2}D:\downloads\argyll_v2.0.0\bin\dispwin.exe] => (Allow) D:\downloads\argyll_v2.0.0\bin\dispwin.exe () [File not signed]
FirewallRules: [{B2D78AD4-AAEC-4B6A-BC5C-FC929F067A48}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{20E9EEE9-1974-4478-8ACE-1B2E1EC825B6}C:\users\marco\appdata\local\vysor\app-1.8.3\vysor.exe] => (Block) C:\users\marco\appdata\local\vysor\app-1.8.3\vysor.exe No File
FirewallRules: [UDP Query User{12A5A4CE-96C5-4630-944A-9F0437508122}C:\users\marco\appdata\local\vysor\app-1.8.3\vysor.exe] => (Block) C:\users\marco\appdata\local\vysor\app-1.8.3\vysor.exe No File
FirewallRules: [TCP Query User{B38736B5-0BBD-4811-8636-46D6A9F22E5C}C:\users\marco\appdata\roaming\displaycal\dl\argyll_v2.1.1\bin\dispcal.exe] => (Allow) C:\users\marco\appdata\roaming\displaycal\dl\argyll_v2.1.1\bin\dispcal.exe () [File not signed]
FirewallRules: [UDP Query User{78298E55-EFFE-4CD2-927D-D3B0C8058B76}C:\users\marco\appdata\roaming\displaycal\dl\argyll_v2.1.1\bin\dispcal.exe] => (Allow) C:\users\marco\appdata\roaming\displaycal\dl\argyll_v2.1.1\bin\dispcal.exe () [File not signed]
FirewallRules: [TCP Query User{1F20F5BA-6DAC-4945-BD70-46991836642D}C:\users\marco\appdata\roaming\displaycal\dl\argyll_v2.1.1\bin\dispwin.exe] => (Allow) C:\users\marco\appdata\roaming\displaycal\dl\argyll_v2.1.1\bin\dispwin.exe () [File not signed]
FirewallRules: [UDP Query User{72A07AEB-AB22-434E-8F0A-F2AACE07444D}C:\users\marco\appdata\roaming\displaycal\dl\argyll_v2.1.1\bin\dispwin.exe] => (Allow) C:\users\marco\appdata\roaming\displaycal\dl\argyll_v2.1.1\bin\dispwin.exe () [File not signed]
FirewallRules: [{587EBAA7-3174-4274-A0C2-D4025119F113}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe No File
FirewallRules: [{AAA9196F-9E4E-4822-8D59-8456755D5E0F}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe No File
FirewallRules: [{FC0E23C3-DC2C-4E90-A927-BB4F147E898A}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe No File
FirewallRules: [{BD7FB9AE-3D18-48EA-B956-16F90447A12E}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe No File
FirewallRules: [{241B43D4-9AFD-44D5-8DF4-38C04690E4E2}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe No File
FirewallRules: [{81392681-C86E-4FD4-8195-5EFDC3792825}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe No File
FirewallRules: [TCP Query User{FFD84F39-CADE-4D5C-9B10-B3F563A13DA7}C:\users\marco\desktop\anydesk.exe] => (Allow) C:\users\marco\desktop\anydesk.exe (philandro Software GmbH -> )
FirewallRules: [UDP Query User{585FD831-6740-4D24-8ED6-2BAB3A8E53DF}C:\users\marco\desktop\anydesk.exe] => (Allow) C:\users\marco\desktop\anydesk.exe (philandro Software GmbH -> )
FirewallRules: [TCP Query User{F7E6F21A-0E24-4F67-B1A8-CA4034105276}C:\program files (x86)\ezviz studio\ezvizstudio.exe] => (Allow) C:\program files (x86)\ezviz studio\ezvizstudio.exe (EZVIZ Inc. -> EZVIZ Inc.)
FirewallRules: [UDP Query User{976E530D-B52E-4411-BEB8-A313FC302335}C:\program files (x86)\ezviz studio\ezvizstudio.exe] => (Allow) C:\program files (x86)\ezviz studio\ezvizstudio.exe (EZVIZ Inc. -> EZVIZ Inc.)
FirewallRules: [{B7DA1882-332C-44B5-8C61-1C4C6D09B4FC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{479AC355-0CDA-45AD-88DA-EC7055371F94}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{C2BB7098-1EBA-469C-9A40-A825EF85A371}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{9F4A151D-6B70-47F7-AEB9-6F5A06A7F477}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{C6988782-B7FC-4F58-AC4B-9D80FEB4BF94}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1C8E7729-7064-42B4-A115-FB352896BD6D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C872387C-87CB-4121-9D57-18CF35D44920}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1B3C7FC1-49E1-4A40-9492-CA41E1CEE2DF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1EEC9176-2FC0-4378-AB5A-35633A24FF5E}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{73B2FD4D-6410-4D3F-9E1B-AE1D96663C2E}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F2AAD59A-0BFA-4498-A9B7-0FA181247AD3}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0EBD4E54-453C-4093-A987-56A961CC98D4}] => (Allow) C:\Program Files\ATOMI\ActivePresenter\ActivePresenter.exe (ATOMI SYSTEMS, INC. -> Atomi Systems, Inc.)
FirewallRules: [{31E76FD8-B68E-4982-A6F0-8D6202A6E798}] => (Allow) C:\Program Files\ATOMI\ActivePresenter\rlactivator.exe (ATOMI SYSTEMS, INC. -> Atomi Systems, Inc.)
FirewallRules: [{A6340713-B7E1-4FB3-975B-3AB9308AA12D}] => (Allow) C:\Program Files\ON1\ON1 Photo RAW 2020\on1capture.exe No File
FirewallRules: [{EAE248D6-7334-4BBB-ACCE-C374DFCE6A28}] => (Allow) C:\Program Files\ON1\ON1 Photo RAW 2020\on1capture.exe No File
FirewallRules: [{43A65198-4C38-48EB-87FE-0D6B174EEF74}] => (Allow) C:\Program Files\ON1\ON1 Photo RAW 2020\on1sandbox.exe No File
FirewallRules: [{FB2184B0-DCA2-42D5-8129-360F55A5C024}] => (Allow) C:\Program Files\ON1\ON1 Photo RAW 2020\on1sandbox.exe No File
FirewallRules: [{629CF5F0-3599-47AF-826F-A6C2B70766BF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{D4E5D287-AA90-4736-AE91-26F7BBD365E7}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP - Installer for ACDSee Commander Ultimate 2019] => (Allow) C:\Program Files\ACD Systems\ACDSee Ultimate\12.0\ACDSeeCommanderUltimate12.exe (ACD Systems International Inc. -> )
FirewallRules: [UDP - Installer for ACDSee Commander Ultimate 2019] => (Allow) C:\Program Files\ACD Systems\ACDSee Ultimate\12.0\ACDSeeCommanderUltimate12.exe (ACD Systems International Inc. -> )
FirewallRules: [{BB05C3C8-52A7-43EE-8710-7EC4EFE48CF1}] => (Allow) C:\Program Files\ON1\ON1 Photo RAW 2020\ON1 Photo RAW 2020.exe No File
FirewallRules: [{B701C518-F668-49BE-97BB-659817964764}] => (Allow) C:\Program Files\ON1\ON1 Photo RAW 2020\ON1 Photo RAW 2020.exe No File
FirewallRules: [{D6294E22-CC9A-41C5-8E4A-73195D5DB1FC}] => (Allow) C:\Program Files\ON1\ON1 Photo RAW 2020\on1capture.exe No File
FirewallRules: [{6DF960EA-C40F-4D7D-805F-C03D53095CD5}] => (Allow) C:\Program Files\ON1\ON1 Photo RAW 2020\on1capture.exe No File
FirewallRules: [{6DAC54B4-1E82-442D-A0B1-8991BF2F6126}] => (Allow) C:\Program Files\ON1\ON1 Photo RAW 2020\on1sandbox.exe No File
FirewallRules: [{7C05B16A-216C-4016-8ABF-DBE01A14932F}] => (Allow) C:\Program Files\ON1\ON1 Photo RAW 2020\on1sandbox.exe No File
FirewallRules: [{E10BA5A5-2929-421A-BD1E-6C36EA782D92}] => (Allow) C:\Program Files\Easeware\DriverEasy\DriverEasy.exe (Easeware Technology Limited -> Easeware)
FirewallRules: [TCP - Installer for ACDSee Commander Ultimate 2020] => (Allow) C:\Program Files\ACD Systems\ACDSee Ultimate\13.0\ACDSeeCommanderUltimate13.exe (ACD Systems International Inc. -> )
FirewallRules: [UDP - Installer for ACDSee Commander Ultimate 2020] => (Allow) C:\Program Files\ACD Systems\ACDSee Ultimate\13.0\ACDSeeCommanderUltimate13.exe (ACD Systems International Inc. -> )
FirewallRules: [{26211AB9-B05C-4C58-A1F4-E0E76E82ED6C}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\83.0.4103.2\remoting_host.exe (Google LLC -> Google Inc.)

==================== Restore Points =========================

18-04-2020 23:38:11 Operazione di ripristino
19-04-2020 12:14:20 Driver Booster : Apple Mobile Device USB Driver
19-04-2020 12:48:33 AdwCleaner_BeforeCleaning_19/04/2020_12:48:24

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (04/19/2020 01:53:10 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Il Centro sicurezza PC non è riuscito a convalidare il chiamante con errore %1.

Error: (04/19/2020 01:51:34 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9968,R,98) TILEREPOSITORYS-1-5-18: Si è verificato l'errore -1023 (0xfffffc01) durante l'apertura del file di log C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (04/19/2020 01:31:36 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10952,R,98) TILEREPOSITORYS-1-5-18: Si è verificato l'errore -1023 (0xfffffc01) durante l'apertura del file di log C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (04/19/2020 01:22:03 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5312,R,98) TILEREPOSITORYS-1-5-18: Si è verificato l'errore -1023 (0xfffffc01) durante l'apertura del file di log C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (04/19/2020 01:17:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome dell'applicazione che ha generato l'errore: Radeonsoftware.exe, versione: 10.1.2.1788, timestamp: 0x5e59a285
Nome del modulo che ha generato l'errore: Radeonsoftware.exe, versione: 10.1.2.1788, timestamp: 0x5e59a285
Codice eccezione: 0xc0000005
Offset errore 0x00000000004082d7
ID processo che ha generato l'errore: 0x27f8
Ora di avvio dell'applicazione che ha generato l'errore: 0x01d6163c0873a2c1
Percorso dell'applicazione che ha generato l'errore: C:\Program Files\AMD\CNext\CNext\Radeonsoftware.exe
Percorso del modulo che ha generato l'errore: C:\Program Files\AMD\CNext\CNext\Radeonsoftware.exe
ID segnalazione: aba97c88-c3e2-4df2-96d8-e55f27c65cd8
Nome completo pacchetto che ha generato l'errore:
ID applicazione relativo al pacchetto che ha generato l'errore:

Error: (04/19/2020 01:13:17 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informazioni del servizio Copia Shadow del volume: impossibile avviare il server COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} denominato CEventSystem. [0x8007045b, È in corso l'arresto del sistema.
]

Error: (04/19/2020 01:13:17 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Errore del servizio Copia Shadow del volume: errore inatteso durante il richiamo della routine CoCreateInstance. hr = 0x8007045b, È in corso l'arresto del sistema.
.

Error: (04/19/2020 01:13:17 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informazioni del servizio Copia Shadow del volume: impossibile avviare il server COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} denominato CEventSystem. [0x8007045b, È in corso l'arresto del sistema.
]


System errors:
=============
Error: (04/19/2020 01:46:33 PM) (Source: DCOM) (EventID: 10001) (User: MARCO_GABRIELLA)
Description: Impossibile avviare un server DCOM Microsoft.Wallet_2.4.18324.0_x64__8wekyb3d8bbwe!App.AppXgvxkrr1tm1jwgecmqbxe81yfbwpjdn1h.mca come Non disponibile/Non disponibile. L'errore
"%%2147958106 = Il pacchetto non è attualmente disponibile."
si è verificato durante l'esecuzione del comando
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXggkaqzf6p31g37n0m8phzeswb0rt9m7e.mca

Error: (04/19/2020 12:49:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Il servizio Servizio A portata di clic di Microsoft Office è stato arrestato in modo imprevisto. Questo problema si è verificato 1 volta/e. Le seguenti azioni di correzione saranno eseguite tra 0 millisecondi: Riavvia il servizio.

Error: (04/19/2020 12:49:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Il servizio Apple Mobile Device Service è stato arrestato in modo imprevisto. Questo problema si è verificato 1 volta/e. Le seguenti azioni di correzione saranno eseguite tra 60000 millisecondi: Riavvia il servizio.

Error: (04/19/2020 12:49:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Arresto imprevista del servizio MSI_ActiveX_Service. Questo evento si è già verificato 1 volta(e).

Error: (04/19/2020 12:49:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Arresto imprevista del servizio MSI Live Update Service. Questo evento si è già verificato 1 volta(e).

Error: (04/19/2020 12:49:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Arresto imprevista del servizio Adobe Genuine Monitor Service. Questo evento si è già verificato 1 volta(e).

Error: (04/19/2020 12:49:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Arresto imprevista del servizio WD Drive Manager. Questo evento si è già verificato 1 volta(e).

Error: (04/19/2020 12:49:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Arresto imprevista del servizio Samsung RAPID Mode Service. Questo evento si è già verificato 1 volta(e).


Windows Defender:
===================================
Date: 2020-04-07 12:22:30.138
Description:
Windows Defender Antivirus: analisi interrotta prima del completamento.
ID analisi: {273E3667-4329-40A7-AC06-A987441D9EE3}
Tipo analisi: Antimalware
Parametri analisi: Analisi veloce
Utente: NT AUTHORITY\SYSTEM

Date: 2020-04-07 11:51:26.232
Description:
Windows Defender Antivirus: analisi interrotta prima del completamento.
ID analisi: {C274A005-1E0A-49D4-9093-5556023169B6}
Tipo analisi: Antimalware
Parametri analisi: Analisi veloce
Utente: NT AUTHORITY\SYSTEM

Date: 2020-04-07 09:55:36.298
Description:
Windows Defender Antivirus: analisi interrotta prima del completamento.
ID analisi: {FA7FC741-CB40-41AE-AE05-B7D43E474516}
Tipo analisi: Antimalware
Parametri analisi: Analisi veloce
Utente: NT AUTHORITY\SYSTEM

Date: 2020-04-06 23:21:17.926
Description:
Windows Defender Antivirus: analisi interrotta prima del completamento.
ID analisi: {3F1E8EA4-79A3-4D40-9AAC-378F58701B4A}
Tipo analisi: Antimalware
Parametri analisi: Analisi veloce
Utente: NT AUTHORITY\SYSTEM

Date: 2020-04-04 19:29:14.001
Description:
Windows Defender Antivirus: analisi interrotta prima del completamento.
ID analisi: {AAAD8449-328D-400C-9294-31A92F66BCAF}
Tipo analisi: Antimalware
Parametri analisi: Analisi veloce
Utente: NT AUTHORITY\SYSTEM

Date: 2020-04-19 01:56:19.618
Description:
Windows Defender Antivirus: errore durante il tentativo di caricare l'intelligence sulla sicurezza. Verrà tentato di ripristinare una versione valida.
%Intelligence sulla sicurezza tentata: Corrente
Codice errore: 0x80070003
Descrizione errore: Impossibile trovare il percorso specificato.
Versione intelligence sulla sicurezza: 0.0.0.0;0.0.0.0
Versione motore: 0.0.0.0

Date: 2020-04-18 12:30:14.503
Description:
Windows Defender Antivirus: errore durante il tentativo di caricare l'intelligence sulla sicurezza. Verrà tentato di ripristinare una versione valida.
%Intelligence sulla sicurezza tentata: Corrente
Codice errore: 0x80070003
Descrizione errore: Impossibile trovare il percorso specificato.
Versione intelligence sulla sicurezza: 0.0.0.0;0.0.0.0
Versione motore: 0.0.0.0

Date: 2020-04-16 22:35:54.281
Description:
Windows Defender Antivirus: il motore è stato terminato a causa di un errore imprevisto.
Tipo errore: Arresto anomalo
Codice eccezione: 0xc0000005
Risorsa: file:C:\Users\Administrator\Desktop\prova libro graphistudio\Contratto-tipo di servizio foto-video CCIAA Campobasso-Ise..pdf

CodeIntegrity:
===================================

Date: 2020-04-19 13:53:20.588
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-04-19 13:53:20.587
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-04-19 13:53:20.237
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-04-19 13:53:20.236
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-04-19 13:18:34.503
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2020-04-19 13:18:34.503
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2020-04-19 13:16:40.454
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2020-04-19 13:16:40.453
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 1.M0 01/23/2019
Motherboard: Micro-Star International Co., Ltd. B350 TOMAHAWK (MS-7A34)
Processor: AMD Ryzen 5 1600X Six-Core Processor
Percentage of memory in use: 43%
Total physical RAM: 16335.02 MB
Available physical RAM: 9265.97 MB
Total Virtual: 22209.02 MB
Available Virtual: 12237.36 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:475.89 GB) (Free:166.28 GB) NTFS
Drive d: (DATI) (Fixed) (Total:1862.89 GB) (Free:1025.99 GB) NTFS
Drive e: (ESD-ISO) (CDROM) (Total:3.08 GB) (Free:0 GB) UDF
Drive h: (Elements) (Fixed) (Total:3725.99 GB) (Free:950.79 GB) NTFS
Drive l: (FOTO) (Removable) (Total:28.65 GB) (Free:28.59 GB) NTFS
Drive n: () (Fixed) (Total:119.24 GB) (Free:82.66 GB) NTFS

\\?\Volume{2ec8b1ec-9dcc-11e6-83b5-902b34557b33}\ (Ripristino) (Fixed) (Total:0.29 GB) (Free:0.28 GB) NTFS
\\?\Volume{658b0dba-d338-4bf1-8e16-29accfc4a607}\ () (Fixed) (Total:0.54 GB) (Free:0.08 GB) NTFS
\\?\Volume{88f80dd2-4114-4c64-be29-2ee9e8e6faa8}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: C212A9CC)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 0FCFAF9E)

Partition: GPT.

==========================================================
Disk: 2 (Size: 119.2 GB) (Disk ID: C212A9CC)

Partition: GPT.

==========================================================
Disk: 3 (Size: 3726 GB) (Disk ID: 16F2A91F)

Partition: GPT.

==========================================================
Disk: 4 (MBR Code: Windows 7/8/10) (Size: 28.7 GB) (Disk ID: B1CC2181)
Partition 1: (Active) - (Size=28.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================







Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-04-2020
Ran by MARCO (administrator) on MARCO_GABRIELLA (Micro-Star International Co., Ltd. MS-7A34) (19-04-2020 13:55:29)
Running from C:\Users\MARCO\Desktop
Loaded Profiles: MARCO (Available Profiles: MARCO & Simone & gabriella & Administrator)
Platform: Windows 10 Home Version 1909 18363.778 (X64) Language: Italiano (Italia)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ACD Systems International Inc. -> ) C:\Program Files\ACD Systems\ACDSee Ultimate\12.0\ACDSeeCommanderUltimate12.exe
(ACD Systems International Inc. -> ) C:\Program Files\ACD Systems\ACDSee Ultimate\13.0\ACDSeeCommanderUltimate13.exe
(ACD Systems International Inc. -> ACD Systems) C:\Program Files\ACD Systems\ACDSee Ultimate\13.0\acdIDInTouch2.exe
(Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <3>
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0352369.inf_amd64_275818c45a90b362\B352355\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0352369.inf_amd64_275818c45a90b362\B352355\atiesrxx.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(EZVIZ Inc. -> ) C:\Program Files (x86)\hicloud\update_server\SPUpDateServer.exe
(EZVIZ Inc. -> ) C:\Program Files (x86)\hicloud\update_server\startUp.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <6>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\MKCHelper.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1910.0.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.8-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.8-0\NisSrv.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\EyeRest.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\NahimicMonitor.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\TriggerModeMonitor.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\VideoCardMonitorII.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
(Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(Node.js Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(Open Source Developer, Florian Höch -> ) C:\Program Files (x86)\DisplayCAL\DisplayCAL-apply-profiles.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
(Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Windows\System32\RAPID\SamsungRapidSvc.exe
(Samsung Electronics Co., Ltd. -> Samsung Electronics.) C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\epson\MyEpson Portal\mep.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\epson\MyEpson Portal\mepService.exe
(SEIKO EPSON Corporation -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATINJE.EXE
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [VX3000] => C:\Windows\vVX3000.exe [762736 2010-05-20] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [NahimicVRSvc32] => C:\Program Files\Nahimic\Nahimic VR\Foundation\NahimicVRSvc32.exe [990392 2017-08-07] (A-Volute -> A-Volute)
HKLM\...\Run: [NahimicVRSvc64] => C:\Program Files\Nahimic\Nahimic VR\Foundation\x64\NahimicVRSvc64.exe [1142456 2017-08-07] (A-Volute -> A-Volute)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [SamsungRapidApp] => C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [281696 2015-09-04] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9277520 2020-04-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2020-01-16] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [ACUW12IT] => C:\Program Files\ACD Systems\ACDSee Ultimate\12.0\acdIDInTouch2.exe [2145752 2018-08-16] (ACD Systems International Inc. -> ACD Systems)
HKLM\...\Run: [ACUW13EN] => C:\Program Files\ACD Systems\ACDSee Ultimate\13.0\acdIDInTouch2.exe [2128856 2019-11-28] (ACD Systems International Inc. -> ACD Systems)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1852264 2014-05-23] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [X_Boost] => C:\Program Files (x86)\MSI\MSI X Boost\X_Boost.exe [4225696 2017-12-04] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1028280 2017-11-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2042424 2020-03-16] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [SPUpDateServerrun] => C:\Program Files (x86)\hicloud\update_server\startUp.exe [14832 2015-09-10] (EZVIZ Inc. -> )
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [26310832 2020-02-06] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\Run: [98CA5D2E7C86B53A6751090CFC1EC8C74B51B24E._service_run] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service /prefetch:8
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATINJE.EXE [298560 2013-12-16] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-01-22] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [48214752 2020-04-06] (Google LLC -> )
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91584872 2020-03-12] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\Run: [com.squirrel.WhatsApp.WhatsApp] => C:\Users\MARCO\AppData\Local\WhatsApp\Update.exe [2253232 2019-08-08] (WhatsApp, Inc -> )
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [648328 2020-04-13] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\Run: [Google Update] => C:\Users\MARCO\AppData\Local\Google\Update\1.3.35.452\GoogleUpdateCore.exe [217544 2020-03-20] (Google LLC -> Google LLC)
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\Run: [ACDSeeCommanderUltimate12] => C:\Program Files\ACD Systems\ACDSee Ultimate\12.0\ACDSeeCommanderUltimate12.exe [4984848 2019-05-21] (ACD Systems International Inc. -> )
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\Run: [ACDSeeCommanderUltimate13] => C:\Program Files\ACD Systems\ACDSee Ultimate\13.0\ACDSeeCommanderUltimate13.exe [4989088 2020-04-10] (ACD Systems International Inc. -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.163\Installer\chrmstp.exe [2020-04-07] (Google LLC -> Google LLC)
Startup: C:\Users\MARCO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Invia a OneNote.lnk [2019-02-10]
ShortcutTarget: Invia a OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicyUsers\S-1-5-21-1801797792-2963998745-2400400606-1007\User: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {053190CE-6267-445E-A6F8-02329BB023DF} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {06C000EB-4C1D-4706-838C-ED44E1A6F8E7} - System32\Tasks\Nahimic2Svc32Run => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2Svc32.exe
Task: {0C8851C4-D40B-4937-B11C-B78BBDF92CBB} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2558224 2018-07-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {15C4DF43-2029-48EF-91E2-F173DC86CFAA} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {2958BE76-27C3-4E88-ACD7-F4F02ECA4577} - System32\Tasks\Avast Software\Overseer => C:\Program Files\AVAST Software\Avast\setup\overseer.exe
Task: {31A22761-988E-46FC-A32F-99D20E498D19} - System32\Tasks\NahimicVRSvc32Run => C:\Program Files\Nahimic\Nahimic VR\Foundation\NahimicVRSvc32.exe [990392 2017-08-07] (A-Volute -> A-Volute)
Task: {343D7F39-191C-46F6-ACE2-7C7CBB637302} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-info@moscamarco.it => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {46B9485E-49B6-4473-8D04-8F1B8D6D9504} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1628160 2020-02-29] (Advanced Micro Devices, Inc.) [File not signed]
Task: {47509DEA-E685-4478-B413-0C0850F09628} - System32\Tasks\AdobeAAMUpdater-1.0-Marco_Gabriella-Administrator => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {4ADE4881-E38A-4173-8806-FFD575A459AE} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [3660232 2020-02-17] (Easeware Technology Limited -> Easeware)
Task: {551AB9D9-1501-4EED-BC8E-BA4C278098B8} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {5946D6C4-29A5-4BA9-90C5-18470939BA4E} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [1628160 2020-02-29] (Advanced Micro Devices, Inc.) [File not signed]
Task: {5A3FB241-0B11-4EA5-BC66-0D9F1B406040} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM => {C8367320-6F85-11E0-A1F0-0800200C9A66} C:\WINDOWS\System32\BthTelemetry.dll [32256 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Task: {5D92FAFE-E339-4254-BC80-0E951C554C7D} - System32\Tasks\DisplayCAL Profile Loader Launcher => C:\Program Files (x86)\DisplayCAL\DisplayCAL-apply-profiles-launcher.exe [178064 2019-08-14] (Open Source Developer, Florian Höch -> )
Task: {5E726731-83B7-44A4-8740-29B55137D513} - System32\Tasks\NahimicVRSvc64Run => C:\Program Files\Nahimic\Nahimic VR\Foundation\x64\NahimicVRSvc64.exe [1142456 2017-08-07] (A-Volute -> A-Volute)
Task: {6184003C-0D04-4842-A392-CCE306E09FBD} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1628160 2020-02-29] (Advanced Micro Devices, Inc.) [File not signed]
Task: {6232243B-9F7B-4016-838A-9ECBACCFA9B0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1801797792-2963998745-2400400606-1001UA => C:\Users\MARCO\AppData\Local\Google\Update\GoogleUpdate.exe [156104 2020-03-12] (Google LLC -> Google LLC)
Task: {6456813A-1783-4C60-863B-3DA82D387A34} - \Microsoft\Windows\Setup\EOONotify -> No File <==== ATTENTION
Task: {68A819B1-CFCA-40C0-9B7D-9A3047C1A148} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24702832 2020-04-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {6DCE6212-F83A-4EB4-92D7-E461CE5A758D} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [1992936 2018-07-19] (Microsoft Corporation -> Microsoft)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {6FB47B7E-6583-4A99-9086-BE871D597D7E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4357016 2020-04-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {7178D70A-077C-4EEA-AA4F-A1EFDC2391B1} - System32\Tasks\AdobeAAMUpdater-1.0-Marco_Gabriella-gabriella => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {7BD96C03-CB34-421E-8DD9-6B66EAC27ABF} - System32\Tasks\Core Temp Autostart MARCO => C:\Program Files\Core Temp\Core Temp.exe
Task: {8038CA05-48FD-4657-A8CB-033362F5102F} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\7.4.0\AutoUpdate.exe [2369808 2020-03-06] (IObit Information Technology -> IObit)
Task: {8442CD01-3877-4FE8-904C-D8BE4F05A36D} - System32\Tasks\avastBCLRestartS-1-5-21-1801797792-2963998745-2400400606-1001 => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {9285967F-2948-4BF8-A451-46295DAA5D71} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {95CEBFE5-2161-4258-A855-73E45001E973} - System32\Tasks\Nahimic2UILauncherRun => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe
Task: {97B6D27C-E480-4BB0-837A-A984950C5A98} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115448 2020-04-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {9BB3B6E6-A32A-47B2-B0D1-9644CF0E1914} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [67688 2020-02-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {9CB01280-8246-4DCF-8F18-9A0EB00EC08F} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1919760 2018-07-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {9D5800A6-471B-40DB-BF81-BA330A624E27} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {9D977EF9-385A-4748-8733-A5F1FA9C3901} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2558224 2018-07-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {9E5CC968-C634-44FD-8FA2-7125CC10703B} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [60008 2020-02-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {9FC899F8-3F9E-48B0-A817-6C57591B1D66} - System32\Tasks\{79A8B2BC-9D7D-4BDB-863F-0DBC60B7C457} => C:\WINDOWS\system32\pcalua.exe -a L:\GDFWIN.EXE -d L:\
Task: {A487705F-F7CA-4EFC-939D-2D85FE67DF10} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {A87FB819-3E8E-4816-A21A-1EAA66FE73E2} - System32\Tasks\Driver Booster SkipUAC (MARCO) => C:\Program Files (x86)\IObit\Driver Booster\7.4.0\DriverBooster.exe [7929616 2020-04-03] (IObit Information Technology -> IObit)
Task: {AADAB735-B6DF-489F-880F-E4B88C486BC0} - System32\Tasks\AMD ThankingURL => C:\Program Files\AMD\CIM\Bin64\Setup.exe [1122920 2020-02-29] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {B8C52CCD-8B21-42FA-A382-D08A3539A23E} - System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ceip.exe [39664 2018-07-19] (Microsoft Corporation -> Microsoft)
Task: {B90A1EF4-BBE9-4692-91CB-4C3BEC621F9F} - System32\Tasks\EPSON XP-760 Series Update {6BC1F3E9-D233-4901-BC30-C8BA0B16F2BE} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNJE.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {BD530552-0741-4C3E-AC77-84D059417837} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24702832 2020-04-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {BE51E56B-A69A-464C-B30E-F56BC6C9C40A} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {C0EBD2D6-387D-443D-98C8-04EDC3380A92} - System32\Tasks\{58632460-3527-457D-A7E1-537C5C4170C0} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxps://ui.skype.com/ui/0/7.32.0.104/it/abandoninstall?page=tsProgressBar
Task: {CB23FD0F-A499-4A5C-8DF5-DD3DD58AB51B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1801797792-2963998745-2400400606-1001Core => C:\Users\MARCO\AppData\Local\Google\Update\GoogleUpdate.exe [156104 2020-03-12] (Google LLC -> Google LLC)
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {D1C2C80E-0B37-47DE-BF90-98B1C694BAF3} - System32\Tasks\Nahimic2Svc64Run => C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2Svc64.exe
Task: {D6157F54-87BC-4D54-9680-8E4E2923B64E} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {D79E9213-A389-4753-B3F6-EA25C17BA650} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {DCBFD8B1-697B-497B-ADD9-5069C3163D17} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115448 2020-04-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {DE7334D1-77BF-4270-9C73-206FBB707D2E} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [6206048 2016-05-13] (Samsung Electronics Co., Ltd. -> Samsung Electronics.)
Task: {E03F2807-D169-4A7C-999A-1EE1D454B411} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {E3DBEE7C-9013-49BB-AD0D-ACAE720C792C} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1919760 2018-07-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {E63297D9-B5F0-44FA-891F-AB16F184EAA1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {F4865F8F-9F90-4CDE-AC52-F2CCD977E985} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {F4B4B9DA-B311-4B39-87F4-C00B0CD29EF3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4357016 2020-04-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {FA5F4543-EF10-4868-84E5-4C4A497965BC} - System32\Tasks\UMonitor Task => C:\WINDOWS\SysWOW64\UMonit.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\WINDOWS\Tasks\EPSON XP-760 Series Update {6BC1F3E9-D233-4901-BC30-C8BA0B16F2BE}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNJE.EXE:/EXE:{6BC1F3E9-D233-4901-BC30-C8BA0B16F2BE} /F:UpdateWORKGROUP\MARCO_GABRIELLA$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{61402573-0713-4884-8ac4-83be55914fcb}: [NameServer] 209.244.0.4,4.2.2.3,192.168.1.1
Tcpip\..\Interfaces\{61402573-0713-4884-8ac4-83be55914fcb}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{72eaa5ae-7354-41e8-975a-3e1ea37060bc}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{72eaa5ae-7354-41e8-975a-3e1ea37060bc}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.it/
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-01-12] (Microsoft Corporation -> Microsoft Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2019-08-15] (McAfee, LLC -> McAfee, Inc.)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2020-01-12] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\ssv.dll [2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2019-08-15] (McAfee, LLC -> McAfee, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-08] (Microsoft Corporation -> Microsoft Corporation)

Edge:
======
DownloadDir: D:\downloads

FireFox:
========
FF DefaultProfile: 3f25p9p8.default
FF ProfilePath: C:\Users\MARCO\AppData\Roaming\Mozilla\Firefox\Profiles\3f25p9p8.default [2020-04-19]
FF Homepage: Mozilla\Firefox\Profiles\3f25p9p8.default -> about:blank
FF NewTab: Mozilla\Firefox\Profiles\3f25p9p8.default -> about:blank
FF Extension: (Cookies Manager+) - C:\Users\MARCO\AppData\Roaming\Mozilla\Firefox\Profiles\3f25p9p8.default\Extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d} [2018-01-03] [Legacy]
FF ProfilePath: C:\Users\MARCO\AppData\Roaming\kompozer.net\KompoZer\Profiles\ul291cqi.default [2018-01-03]
FF ProfilePath: C:\Users\MARCO\AppData\Roaming\KompoZer\Profiles\dn44yh4f.default [2018-01-03]
FF Extension: (No Name) - C:\Users\MARCO\AppData\Roaming\KompoZer\Profiles\dn44yh4f.default\Extensions\temp [2015-01-16] [not signed]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2019-08-15]
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2017-06-22] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2020-03-16] (Adobe Inc. -> Adobe Systems)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]
FF Plugin-x32: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-12-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2020-03-16] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]
FF Plugin HKU\S-1-5-21-1801797792-2963998745-2400400606-1001: @citrixonline.com/appdetectorplugin -> C:\Users\MARCO\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2016-12-16] (Citrix Online -> Citrix Online)
FF Plugin HKU\S-1-5-21-1801797792-2963998745-2400400606-1001: SkypePlugin -> C:\Users\MARCO\AppData\Local\SkypePlugin\7.32.6.278\npGatewayNpapi.dll [2017-04-18] (Microsoft Corporation -> Skype Technologies S.A.)
FF Plugin HKU\S-1-5-21-1801797792-2963998745-2400400606-1001: SkypePlugin64 -> C:\Users\MARCO\AppData\Local\SkypePlugin\7.32.6.278\npGatewayNpapi-x64.dll [2017-04-18] (Microsoft Corporation -> Skype Technologies S.A.)

Chrome:
=======
CHR DefaultProfile: Profile 3
CHR Profile: C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default [2020-04-03]
CHR DownloadDir: D:\downloads
CHR Notifications: Default -> hxxps://divisoup.com; hxxps://drive.google.com; hxxps://gaana.com; hxxps://generatewp.com; hxxps://it.investing.com; hxxps://shop.gopro.com; hxxps://webeers-com.pushengage.com; hxxps://www.budgetair.it; hxxps://www.facebook.com; hxxps://www.gwa.areawmcredem.it; hxxps://www.piucodicisconto.com; hxxps://www.shoutmeloud.com; hxxps://www.tomshw.it
CHR HomePage: Default -> hxxp://www.google.it/
CHR StartupUrls: Default -> "hxxps://www.google.com/?trackid=sp-006"
CHR DefaultSearchKeyword: Default -> google.com_
CHR Extension: (Google Drive) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (Chiamate Skype) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\blakpkgjpemejpbmfiglncklihnhjkij [2017-10-09]
CHR Extension: (YouTube) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Attacat Cookie Audit Tool) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\cebhpmcfenjfodganapapakfnhichojh [2018-01-23]
CHR Extension: (Google Search) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30]
CHR Extension: (Clear Cache) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\cppjkneekbjaeellbfkmgnhonkkjfpdn [2018-02-21]
CHR Extension: (Google Calendar) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2017-01-07]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2020-04-02]
CHR Extension: (Word Online) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\fiombgjlkfpdpkbhfioofeeinbehmajg [2014-11-16]
CHR Extension: (Documenti Google offline) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-12]
CHR Extension: (Vysor) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\gidgenkbbabolejbgbpnhbimgjbffefm [2020-03-11]
CHR Extension: (Excel Online) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\iljnkagajgfdmfnnidjijobijlfjfgnb [2014-11-16]
CHR Extension: (WhatFont) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm [2017-03-27]
CHR Extension: (Cashback IT-Bestshopping) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjandokkgclchaiipibaligpnceifmif [2017-09-21]
CHR Extension: (Vysor.com) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdphpklacmlhmooodiekhpbepcdlaghl [2018-05-18]
CHR Extension: (Powerpoint ppt to Swf) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\kljihkbpifdllhbhnlnhkkhdkkikcnba [2014-11-16]
CHR Extension: (Video DownloadHelper) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2020-04-02]
CHR Extension: (PowerPoint Online) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdafamggmaaaginooondinjgkgcbpnhp [2014-11-16]
CHR Extension: (Pagamenti Chrome Web Store) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-03-11]
CHR Extension: (Gmail) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-03-11]
CHR Extension: (Chrome Media Router) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-03]
CHR Profile: C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-03-23]
CHR Profile: C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3 [2020-04-19]
CHR Notifications: Profile 3 -> hxxps://app.landbot.io; hxxps://calendar.google.com; hxxps://click-it-now.online; hxxps://dashboard.tawk.to; hxxps://en.savefrom.net; hxxps://firstsiteguide.com; hxxps://generatewp.com; hxxps://gopro.com; hxxps://gretaith.com; hxxps://infinity-tv-by.accengage.net; hxxps://it.semrush.com; hxxps://meet.google.com; hxxps://pushcrew.com; hxxps://rankmath.com; hxxps://rinoverrop.pro; hxxps://s7.converto.io; hxxps://smallseotools.com; hxxps://watch-this.live; hxxps://web.whatsapp.com; hxxps://wordx.press; hxxps://www.autoparti.it; hxxps://www.facebook.com; hxxps://www.minigiochi.com; hxxps://www.mp3hub.com; hxxps://www.pinterest.it; hxxps://www.sorgenia.it
CHR HomePage: Profile 3 -> hxxp://www.google.it/
CHR StartupUrls: Profile 3 -> "hxxps://www.google.com/?trackid=sp-006"
CHR Extension: (Presentazioni) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-03-26]
CHR Extension: (Documenti) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2018-03-26]
CHR Extension: (Google Drive) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-20]
CHR Extension: (SEO META in 1 CLICK) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\bjogjfinolnhfhkbipphpdlldadpnmhc [2019-07-20]
CHR Extension: (YouTube) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-01]
CHR Extension: (Nimbus Screenshot & Screen Video Recorder) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\bpconcjcammlapcogcnnelfmaeghhagj [2020-03-22]
CHR Extension: (Google Calendar) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2017-08-01]
CHR Extension: (Fogli) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-03-26]
CHR Extension: (Word Online) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\fiombgjlkfpdpkbhfioofeeinbehmajg [2017-08-01]
CHR Extension: (Page load time) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\fploionmjgeclbkemipmkogoaohcdbig [2019-09-05]
CHR Extension: (Documenti Google offline) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-10]
CHR Extension: (Open SEO Stats(Formerly: PageRank Status)) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\hbdkkfheckcdppiaiabobmennhijkknn [2019-07-04]
CHR Extension: (Excel Online) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\iljnkagajgfdmfnnidjijobijlfjfgnb [2017-08-01]
CHR Extension: (WhatFont) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm [2017-08-01]
CHR Extension: (Cashback IT-Bestshopping) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\jjandokkgclchaiipibaligpnceifmif [2018-03-26]
CHR Extension: (Sorgenia) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ldadomeegcgcdjfcijngdjglflcghljg [2020-02-27]
CHR Extension: (PowerPoint Online) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\mdafamggmaaaginooondinjgkgcbpnhp [2017-08-01]
CHR Extension: (TubeBuddy) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\mhkhmbddkmdggbhaaaodilponhnccicb [2020-04-17]
CHR Extension: (Keepa - Amazon Price Tracker) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\neebplgakaahbhdphmkckjjcegoiijjo [2019-11-21]
CHR Extension: (Pagamenti Chrome Web Store) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-15]
CHR Extension: (Chrome Media Router) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-03]
CHR Profile: C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 5 [2020-04-17]
CHR Notifications: Profile 5 -> hxxps://calendar.google.com; hxxps://mail.google.com; hxxps://meet.google.com; hxxps://www.gwa.areawmcredem.it
CHR Extension: (Presentazioni) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-03-13]
CHR Extension: (Documenti) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aohghmighlieiainnegkcijnfilokake [2020-03-13]
CHR Extension: (Google Drive) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-03-13]
CHR Extension: (Download emails from Google Mail) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\bgoogiccigaepmddcjallepklfgmdnef [2020-03-13]
CHR Extension: (YouTube) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-03-13]
CHR Extension: (Smooth Checkbox for Gmail™) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\egkhfllhmjihbfnkikpnbeeakllbobjl [2020-03-13]
CHR Extension: (Fogli) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-03-13]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2020-03-13]
CHR Extension: (Documenti Google offline) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-13]
CHR Extension: (Legacy Browser Support) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\heildphpnddilhkemkielfhnkaagiabh [2020-03-13]
CHR Extension: (Row Highlighter for Gmail™ and Inbox™) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ijfolchflbmnfopmpmodilcelmdakbfl [2020-03-13]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2020-03-13]
CHR Extension: (Google Hangouts) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2020-03-13]
CHR Extension: (Pagamenti Chrome Web Store) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-03-13]
CHR Extension: (Gmail) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-03-13]
CHR Extension: (Chrome Media Router) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-06]
CHR Profile: C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\System Profile [2020-04-02]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [820280 2020-03-16] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3374160 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3103824 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\u0352369.inf_amd64_275818c45a90b362\B352355\atiesrxx.exe [522256 2020-03-02] (Advanced Micro Devices, Inc. -> AMD)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-08-26] (Apple Inc. -> Apple Inc.)
S3 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\83.0.4103.2\remoting_host.exe [72176 2020-04-03] (Google LLC -> Google Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [10626648 2020-04-10] (Microsoft Corporation -> Microsoft Corporation)
S4 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [40080 2017-08-30] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
S4 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S4 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [899264 2019-08-15] (McAfee, LLC -> McAfee, Inc.)
R2 MSI_ActiveX_Service; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe [83616 2017-12-04] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2325168 2020-02-03] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [183992 2017-12-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [714712 2017-06-28] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R2 SamsungRapidSvc; C:\WINDOWS\System32\RAPID\SamsungRapidSvc.exe [28256 2015-09-04] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12054872 2019-10-10] (TeamViewer GmbH -> TeamViewer GmbH)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [296312 2014-05-23] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\NisSrv.exe [3294680 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MsMpEng.exe [103168 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.236\WsAppService.exe [495840 2018-01-26] (Wondershare Technology Co.,Ltd -> Wondershare)
S4 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [672024 2015-02-27] (Wacom Technology Corp. -> Wacom Technology, Corp.)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 61883; C:\WINDOWS\System32\drivers\61883.sys [70144 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
R3 amdgpio2; C:\WINDOWS\System32\drivers\amdgpio2.sys [45320 2019-08-17] (Advanced Micro Devices INC. -> Advanced Micro Devices, Inc)
R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [24528 2019-08-17] (AMD PMP-PE CB Code Signer v20160415 -> Advanced Micro Devices, Inc)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\u0352369.inf_amd64_275818c45a90b362\B352355\atikmdag.sys [65731088 2020-03-02] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\u0352369.inf_amd64_275818c45a90b362\B352355\atikmpag.sys [589840 2020-03-02] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [102824 2020-03-02] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AMDPCIDev; C:\WINDOWS\System32\drivers\AMDPCIDev.sys [32520 2020-04-12] (Advanced Micro Devices INC. -> Advanced Micro Devices)
S0 amdpsp; C:\WINDOWS\System32\drivers\amdpsp.sys [138064 2019-08-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc. )
R2 AMDRyzenMasterDriver1.0.0; C:\Program Files\AMD\RyzenMaster\bin\AMDRyzenMasterDriver.sys [70312 2017-03-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R0 amd_sata; C:\WINDOWS\System32\drivers\amd_sata.sys [93240 2018-02-04] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R0 amd_xata; C:\WINDOWS\System32\drivers\amd_xata.sys [33336 2018-02-04] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 ampa; C:\WINDOWS\system32\ampa.sys [38320 2016-12-26] (CHENGDU AOMEI Tech Co., Ltd. -> )
R3 AmUStor; C:\WINDOWS\system32\drivers\AmUStorU.sys [127936 2020-04-01] (Alcorlink Corp. -> )
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [108152 2019-11-18] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R1 CFRMD; C:\WINDOWS\System32\DRIVERS\CFRMD.sys [40224 2014-06-26] (Comodo Security Solutions, Inc. -> Windows (R) Win 7 DDK provider)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2018-06-17] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 ElRawDisk; C:\WINDOWS\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation -> EldoS Corporation)
R1 epp; C:\EEK\bin64\epp.sys [124552 2016-11-23] (Emsisoft Ltd -> Emsisoft Ltd)
S3 etdrv; C:\Windows\etdrv.sys [25640 2017-04-30] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider)
R0 EUBKMON; C:\WINDOWS\System32\drivers\EUBKMON.sys [62528 2018-01-03] (CHENGDU YIWO Tech Development Co., Ltd. -> )
S3 gdrv; C:\Windows\gdrv.sys [25640 2017-04-30] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2017-04-30] (GIGA-BYTE TECHNOLOGY CO., LTD -> )
S3 hidkmdf; C:\WINDOWS\System32\drivers\hidkmdf.sys [14136 2014-10-25] (Wacom Technology Corp. -> Windows (R) Win 7 DDK provider)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-02-04] (Martin Malik - REALiX -> REALiX(tm))
S3 ipadtst; C:\Program Files (x86)\MSI\Super Charger\ipadtst_64.sys [20464 2013-11-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> Windows (R) Win 7 DDK provider)
S3 ipadtst2; C:\Program Files (x86)\MSI\Super Charger\ipadtst2_64.sys [16336 2016-07-29] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 LcUvcUpper; C:\WINDOWS\system32\DRIVERS\LcUvcUpper.sys [37912 2015-09-21] (Microsoft Corporation -> Microsoft Corporation)
S3 libusb0; C:\WINDOWS\System32\drivers\libusb0.sys [52832 2018-03-25] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net)
S3 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [52832 2017-01-12] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net)
R3 LifeCamTrueColor; C:\WINDOWS\system32\DRIVERS\LifeCamTrueColor.sys [37928 2016-07-27] (Microsoft Corporation -> Microsoft Corporation)
S3 NANMp50; C:\WINDOWS\System32\Drivers\NANMp50.sys [46776 2010-03-25] (PRINTING COMMUNICATIONS ASSOCIATES, INC -> Printing Communications Assoc., Inc. (PCAUSA))
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2014-08-16] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2017-08-03] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2013-09-30] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] (MiniTool Solution Ltd -> )
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1160280 2020-04-19] (Realtek Semiconductor Corp. -> Realtek )
R0 SamsungRapidDiskFltr; C:\WINDOWS\System32\DRIVERS\SamsungRapidDiskFltr.sys [271968 2015-09-04] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\WINDOWS\System32\DRIVERS\SamsungRapidFSFltr.sys [110688 2015-09-04] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 se64a; C:\WINDOWS\System32\drivers\se64a.sys [14032 2007-05-03] (EnTech Taiwan -> EnTech Taiwan)
S3 silabenm; C:\WINDOWS\system32\DRIVERS\silabenm.sys [23552 2014-12-01] (Silicon Laboratories) [File not signed]
S3 Spyder4; C:\WINDOWS\System32\drivers\dccmtr.sys [15360 2011-06-02] (Microsoft Windows Hardware Compatibility Publisher -> Datacolor)
S3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [46440 2017-04-06] (SteelSeries ApS -> SteelSeries ApS)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45960 2020-03-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [391392 2020-03-25] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [59104 2020-03-25] (Microsoft Windows -> Microsoft Corporation)
S2 MBAMChameleon; \SystemRoot\System32\Drivers\MbamChameleon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-04-19 13:55 - 2020-04-19 13:56 - 000059401 _____ C:\Users\MARCO\Desktop\FRST.txt
2020-04-19 13:54 - 2020-04-19 13:56 - 000000000 ____D C:\FRST
2020-04-19 13:54 - 2020-04-19 13:54 - 002281984 _____ (Farbar) C:\Users\MARCO\Desktop\FRST64.exe
2020-04-19 13:51 - 2020-04-19 13:51 - 000002522 _____ C:\Users\MARCO\Desktop\xxx.txt
2020-04-19 12:56 - 2020-04-19 13:53 - 000000000 ____D C:\Users\MARCO\AppData\LocalLow\IGDump
2020-04-19 12:55 - 2020-04-19 12:55 - 000000000 ____D C:\Users\MARCO\AppData\Local\mbamtray
2020-04-19 12:55 - 2020-04-19 12:55 - 000000000 ____D C:\Users\MARCO\AppData\Local\mbam
2020-04-19 12:37 - 2020-04-19 12:37 - 000000000 ____D C:\Users\MARCO\Desktop\filamti
2020-04-19 12:16 - 2020-04-19 12:16 - 072520600 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2020-04-19 12:16 - 2020-04-19 12:16 - 033399859 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2020-04-19 12:16 - 2020-04-19 12:16 - 015218512 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE3.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 007178360 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 007101632 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 006463760 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICV3apo.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 006270080 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64AF3.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 005593504 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICAPOlfx.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 005347096 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv211.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 003676960 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2020-04-19 12:16 - 2020-04-19 12:16 - 003445632 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 003340296 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 003306704 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE2.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 003266984 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RltkAPO.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 003168280 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 003159664 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 002992288 _____ (Audyssey Labs) C:\WINDOWS\system32\AudysseyEfx.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 002930040 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 002444792 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv201.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 002197872 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001971472 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001965264 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64AF3.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001788064 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001611064 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyAPOv251gm.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001598504 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001544360 _____ (Dolby Laboratories) C:\WINDOWS\system32\DAX3APOProp.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001516376 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001435032 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001396840 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001386680 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDHF64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001382128 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001372496 _____ (Dolby Laboratories) C:\WINDOWS\system32\DAX3APOv251.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001353208 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001337528 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaeapo64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001294184 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001287704 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyAPOvlldpgm.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001259832 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOvlldp.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001180792 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001159072 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOProp.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001110064 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001078576 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SEHDHF32.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001061464 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SECOMN32.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000964912 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000934848 _____ (ICEpower A/S) C:\WINDOWS\system32\ICEsoundAPO64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000873352 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000852024 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tosasfapo64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000751408 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000734880 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000715752 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000692056 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000604688 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaemaxapo64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000541008 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000511776 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000467048 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000453168 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000452840 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000448712 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000447072 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\toseaeapo64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000416400 _____ (Harman) C:\WINDOWS\system32\HMUI.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000406560 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2APIPCLL.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000392760 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000381296 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000378272 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2API.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000367712 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64AF3.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000366224 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\HMAPO.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000360448 _____ (Harman) C:\WINDOWS\system32\HMClariFi.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000343600 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000341040 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000341040 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000333112 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000327160 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000327160 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000316080 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64F3.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000278376 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000266440 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000261336 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000261304 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000260320 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000231808 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000230592 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000220280 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000218160 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000203944 _____ (Harman) C:\WINDOWS\system32\HMHVS.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000191040 _____ (Harman) C:\WINDOWS\system32\HMEQ_Voice.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000191040 _____ (Harman) C:\WINDOWS\system32\HMEQ.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000179728 _____ (Harman) C:\WINDOWS\system32\HMLimiter.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000174832 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000167224 _____ (ASUSTeK COMPUTER INC.) C:\WINDOWS\system32\ATKWMI.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000158584 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000157232 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000154256 _____ (Harman) C:\WINDOWS\system32\HarmanAudioInterface.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000139648 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000122208 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000118480 _____ C:\WINDOWS\system32\AcpiServiceVnA64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000116432 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000105200 _____ C:\WINDOWS\system32\audioLibVc.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000093792 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000090808 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000090064 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000088208 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000083512 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000075432 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll
2020-04-19 12:12 - 2020-04-19 12:12 - 000003178 _____ C:\WINDOWS\system32\Tasks\Driver Booster Update
2020-04-19 12:12 - 2020-04-19 12:12 - 000002343 _____ C:\Users\Public\Desktop\Driver Booster 7.lnk
2020-04-19 12:12 - 2020-04-19 12:12 - 000002343 _____ C:\ProgramData\Desktop\Driver Booster 7.lnk
2020-04-19 12:12 - 2020-04-19 12:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 7
2020-04-19 11:48 - 2020-04-19 11:48 - 000001539 _____ C:\Users\Public\Desktop\Data Lifeguard Diagnostic for Windows.lnk
2020-04-19 11:48 - 2020-04-19 11:48 - 000001539 _____ C:\ProgramData\Desktop\Data Lifeguard Diagnostic for Windows.lnk
2020-04-19 11:48 - 2020-04-19 11:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital Corporation
2020-04-19 11:48 - 2020-04-19 11:48 - 000000000 ____D C:\Program Files (x86)\Western Digital Corporation
2020-04-19 10:49 - 2020-04-19 10:49 - 000000000 ___HD C:\$SysReset
2020-04-19 01:56 - 2020-04-19 12:16 - 000000000 ____D C:\WINDOWS\LastGood
2020-04-19 00:22 - 2020-04-19 00:33 - 000000000 _____ C:\Recovery.txt
2020-04-18 23:06 - 2020-04-18 23:06 - 000000000 ____D C:\Users\MARCO\AppData\Local\CrashRpt
2020-04-18 23:05 - 2020-04-18 23:05 - 000012773 _____ C:\ProgramData\sokqucqi.nri
2020-04-18 23:04 - 2020-04-18 23:04 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\Avast Software
2020-04-18 23:02 - 2020-04-19 01:53 - 000000000 ____D C:\Users\MARCO\AppData\Local\WebDefence
2020-04-18 23:01 - 2020-04-18 23:01 - 000000000 ____D C:\Program Files\Avast Software
2020-04-18 23:01 - 2020-04-18 23:01 - 000000000 ____D C:\Program Files (x86)\Digital Communications
2020-04-18 22:46 - 2020-04-18 22:46 - 000000000 ____D C:\Users\MARCO\AppData\Local\Noël Danjou
2020-04-18 22:45 - 2020-04-18 22:53 - 000000000 ____D C:\Program Files (x86)\Noël Danjou
2020-04-18 18:51 - 2020-04-18 18:52 - 000000000 ____D C:\Users\MARCO\.openshot_qt
2020-04-18 15:53 - 2020-04-19 12:34 - 000000000 ____D C:\Users\MARCO\Desktop\Crociera
2020-04-18 13:51 - 2020-04-18 13:51 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\HD Tune Pro
2020-04-18 13:06 - 2020-04-18 13:06 - 000000000 ____D C:\ProgramData\Sony Corporation
2020-04-18 13:05 - 2013-12-06 04:05 - 000179712 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_YLMBNJE.DLL
2020-04-17 21:37 - 2020-04-17 21:37 - 000000000 ____D C:\ProgramData\AMD
2020-04-17 21:28 - 2020-03-10 23:30 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthA2dp.sys
2020-04-17 21:08 - 2020-04-18 23:42 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2020-04-16 22:24 - 2020-04-16 22:41 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2020-04-16 22:24 - 2020-04-16 22:24 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\71D6160D.sys
2020-04-15 00:13 - 2020-04-15 00:13 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 022636544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 019850240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 019812864 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 018027520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 007756800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 005910016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 004611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 004538880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 004129624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 003512320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 002951832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSAT.exe
2020-04-15 00:13 - 2020-04-15 00:13 - 002494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 002180408 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 001870408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 001397576 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-04-15 00:13 - 2020-04-15 00:13 - 001310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 001077064 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-04-15 00:13 - 2020-04-15 00:13 - 001013000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 001008128 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000983040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-04-15 00:13 - 2020-04-15 00:13 - 000775696 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-04-15 00:13 - 2020-04-15 00:13 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000686080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000420152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2020-04-15 00:13 - 2020-04-15 00:13 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumapi.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumapi.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-04-15 00:13 - 2020-04-15 00:13 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-04-15 00:13 - 2020-04-15 00:13 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-04-15 00:13 - 2020-04-15 00:13 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-04-15 00:13 - 2020-04-15 00:13 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-04-15 00:13 - 2020-04-15 00:13 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-04-15 00:13 - 2020-04-15 00:13 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-04-15 00:13 - 2020-04-15 00:13 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-04-15 00:13 - 2020-04-15 00:13 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-04-15 00:13 - 2020-04-15 00:13 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-04-15 00:13 - 2020-04-15 00:13 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-04-15 00:13 - 2020-04-15 00:13 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-04-15 00:12 - 2020-04-15 00:13 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 009930552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-04-15 00:12 - 2020-04-15 00:12 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 006523048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 005040640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 004563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-04-15 00:12 - 2020-04-15 00:12 - 003802624 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-04-15 00:12 - 2020-04-15 00:12 - 003587384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-04-15 00:12 - 2020-04-15 00:12 - 003109376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 002800128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-04-15 00:12 - 2020-04-15 00:12 - 002767928 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 002717184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-04-15 00:12 - 2020-04-15 00:12 - 002453504 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 002131456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 002086656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 001999960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 001764336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 001729024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 001665216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 001656904 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 001646048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 001612800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 001603584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 001484384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 001413840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 001318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 001153024 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 001009152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000982840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-04-15 00:12 - 2020-04-15 00:12 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowsperformancerecordercontrol.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-04-15 00:12 - 2020-04-15 00:12 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2020-04-15 00:12 - 2020-04-15 00:12 - 000768528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000722072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000673464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-04-15 00:12 - 2020-04-15 00:12 - 000629760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000628616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-04-15 00:12 - 2020-04-15 00:12 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-04-15 00:12 - 2020-04-15 00:12 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000510792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-04-15 00:12 - 2020-04-15 00:12 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpr.exe
2020-04-15 00:12 - 2020-04-15 00:12 - 000339304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-04-15 00:12 - 2020-04-15 00:12 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000268008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcDecoderHost.exe
2020-04-15 00:12 - 2020-04-15 00:12 - 000127280 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000089336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-04-15 00:12 - 2020-04-15 00:12 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3api.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3msm.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000058880 _____ C:\WINDOWS\system32\runexehelper.exe
2020-04-15 00:12 - 2020-04-15 00:12 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000047000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-04-15 00:12 - 2020-04-15 00:12 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsunattend.exe
2020-04-15 00:12 - 2020-04-15 00:12 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2020-04-15 00:12 - 2020-04-15 00:12 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2020-04-15 00:07 - 2020-04-15 00:07 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-04-15 00:07 - 2020-04-15 00:07 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-04-14 23:47 - 2020-04-14 23:47 - 000002451 _____ C:\Users\Public\Desktop\ACDSee Photo Studio Ultimate 2020.lnk
2020-04-14 23:47 - 2020-04-14 23:47 - 000002451 _____ C:\ProgramData\Desktop\ACDSee Photo Studio Ultimate 2020.lnk
2020-04-14 21:43 - 2020-04-14 21:43 - 000234535 _____ C:\Users\MARCO\Desktop\COMPITI CLASSE TERZA DAL 13 AL 17 APRILE.dotx
2020-04-14 17:03 - 2020-04-14 17:13 - 000000000 ____D C:\Users\MARCO\Desktop\O.S.B.A
2020-04-13 23:57 - 2020-04-13 23:57 - 000000135 _____ C:\Users\MARCO\Desktop\CUSTOMIZZAZIONI WORDPRESS.url
2020-04-13 13:03 - 2020-04-13 13:13 - 000000000 ____D C:\ProgramData\xml_param
2020-04-13 13:02 - 2020-04-13 13:02 - 000001493 _____ C:\Users\Public\Desktop\Wondershare Video Converter Free.lnk
2020-04-13 13:02 - 2020-04-13 13:02 - 000001493 _____ C:\ProgramData\Desktop\Wondershare Video Converter Free.lnk
2020-04-13 13:02 - 2020-04-13 13:02 - 000000000 ____D C:\Program Files\Common Files\Wondershare
2020-04-13 13:02 - 2018-03-26 15:52 - 000727952 _____ () C:\WINDOWS\SysWOW64\WSCM64.dll
2020-04-13 13:02 - 2018-03-26 15:52 - 000153088 _____ () C:\WINDOWS\SysWOW64\WSCM32.dll
2020-04-13 10:44 - 2020-04-13 10:45 - 000001004 _____ C:\Users\MARCO\Desktop\top.svg
2020-04-12 17:15 - 2020-04-12 17:15 - 000001026 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge 2020.lnk
2020-04-12 12:36 - 2020-04-19 01:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Easy
2020-04-12 12:21 - 2020-04-12 12:34 - 000000000 ____D C:\Program Files (x86)\ASUS E-Green
2020-04-12 10:48 - 2020-04-12 10:48 - 000000136 _____ C:\Users\MARCO\Desktop\FREE CONFERENCE CALL SKY NOW MEET.url
2020-04-10 19:03 - 2020-04-10 19:03 - 000001828 _____ C:\Users\MARCO\Desktop\CrystalDiskInfo.lnk
2020-04-10 19:03 - 2020-04-10 19:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2020-04-10 19:03 - 2020-04-10 19:03 - 000000000 ____D C:\Program Files\CrystalDiskInfo
2020-04-09 19:04 - 2020-04-09 19:05 - 000000000 ____D C:\ProgramData\Protexis64
2020-04-09 19:03 - 2020-04-09 19:08 - 000000000 ____D C:\ProgramData\Corel
2020-04-09 19:03 - 2020-04-09 19:03 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\Corel
2020-04-09 19:03 - 2020-04-09 19:03 - 000000000 ____D C:\ProgramData\Protexis
2020-04-09 19:01 - 2020-04-09 19:01 - 000000000 ____D C:\ProgramData\UniqueId
2020-04-09 17:07 - 2020-04-09 17:07 - 002110968 _____ (ON1, Inc.) C:\WINDOWS\system32\ONCoreFoundation14.dll
2020-04-09 17:07 - 2020-04-09 17:07 - 002110456 _____ (ON1, Inc.) C:\WINDOWS\system32\ONCore14.dll
2020-04-09 17:07 - 2020-04-09 17:07 - 001198072 _____ (ON1, Inc.) C:\WINDOWS\system32\ONDocument14.dll
2020-04-09 17:07 - 2020-04-09 17:07 - 000479736 _____ (ON1, Inc.) C:\WINDOWS\system32\ONProxySupport14.dll
2020-04-09 17:07 - 2020-04-09 17:07 - 000382456 _____ C:\WINDOWS\system32\ONCMS14.dll
2020-04-08 12:15 - 2020-04-08 12:15 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\ACD Systems
2020-04-08 12:10 - 2020-04-15 21:32 - 000000000 ____D C:\Users\MARCO\AppData\Local\ACD Systems
2020-04-08 12:10 - 2020-04-14 23:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ACD Systems
2020-04-08 12:10 - 2020-04-14 23:47 - 000000000 ____D C:\Program Files\Common Files\ACD Systems
2020-04-08 12:10 - 2020-04-08 12:10 - 000000000 ____D C:\ProgramData\ACD Systems
2020-04-08 12:10 - 2020-04-08 12:10 - 000000000 ____D C:\Program Files\ACD Systems
2020-04-06 22:50 - 2020-04-06 22:50 - 000000000 ____D C:\Users\MARCO\Desktop\CaptureOne
2020-04-04 01:03 - 2020-04-04 01:03 - 014818816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 008013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 007017472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 003753472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 003742544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 001545216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2020-04-04 01:03 - 2020-04-04 01:03 - 001477112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 001368576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 001368576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2020-04-04 01:03 - 2020-04-04 01:03 - 001245184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 001081856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 001055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000993280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000912896 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000892416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000785920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FlightSettings.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000673704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000647680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2020-04-04 01:03 - 2020-04-04 01:03 - 000538160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2020-04-04 01:03 - 2020-04-04 01:03 - 000507152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000491008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000487784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2020-04-04 01:03 - 2020-04-04 01:03 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2020-04-04 01:03 - 2020-04-04 01:03 - 000415760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000381440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\es.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbadmin.exe
2020-04-04 01:03 - 2020-04-04 01:03 - 000277864 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2020-04-04 01:03 - 2020-04-04 01:03 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasrad.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000190048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000187392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasrad.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000185952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.XamlHost.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.XamlHost.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000123952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000093712 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasacct.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000084280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2020-04-04 01:03 - 2020-04-04 01:03 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Custom.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000066624 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasacct.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000050544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2020-04-04 01:03 - 2020-04-04 01:03 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\iaspolcy.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iaspolcy.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ias.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2020-04-04 01:03 - 2020-04-04 01:03 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ias.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000021520 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wksprtPS.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Custom.ps.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 017790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 007849216 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 006168064 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 003708928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 003547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-04-04 01:02 - 2020-04-04 01:02 - 002871608 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2020-04-04 01:02 - 2020-04-04 01:02 - 002126144 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 002114560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001960448 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001945600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001918976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001762816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001757096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-04-04 01:02 - 2020-04-04 01:02 - 001726264 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001719808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001512832 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-04-04 01:02 - 2020-04-04 01:02 - 001497600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001480192 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-04-04 01:02 - 2020-04-04 01:02 - 001427456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001413704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001378528 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001300280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2020-04-04 01:02 - 2020-04-04 01:02 - 001263856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2020-04-04 01:02 - 2020-04-04 01:02 - 001261808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001243648 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001136128 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001127424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001071616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001011200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000974336 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000915192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000879616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000811320 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000759272 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000747320 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000684560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000638480 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000637240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2020-04-04 01:02 - 2020-04-04 01:02 - 000618296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-04-04 01:02 - 2020-04-04 01:02 - 000604984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000589384 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2020-04-04 01:02 - 2020-04-04 01:02 - 000524264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2020-04-04 01:02 - 2020-04-04 01:02 - 000515600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000513576 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-04-04 01:02 - 2020-04-04 01:02 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000465208 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000459688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-04-04 01:02 - 2020-04-04 01:02 - 000456504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2020-04-04 01:02 - 2020-04-04 01:02 - 000437560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2020-04-04 01:02 - 2020-04-04 01:02 - 000416016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\es.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcApi.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-04-04 01:02 - 2020-04-04 01:02 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000297272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2020-04-04 01:02 - 2020-04-04 01:02 - 000278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2020-04-04 01:02 - 2020-04-04 01:02 - 000259776 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000251704 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-04-04 01:02 - 2020-04-04 01:02 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000231912 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000193848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2020-04-04 01:02 - 2020-04-04 01:02 - 000178192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2020-04-04 01:02 - 2020-04-04 01:02 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2020-04-04 01:02 - 2020-04-04 01:02 - 000164368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2020-04-04 01:02 - 2020-04-04 01:02 - 000152408 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000151352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmbus.sys
2020-04-04 01:02 - 2020-04-04 01:02 - 000147696 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
2020-04-04 01:02 - 2020-04-04 01:02 - 000142544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe
2020-04-04 01:02 - 2020-04-04 01:02 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000115120 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2020-04-04 01:02 - 2020-04-04 01:02 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000102216 _____ (Microsoft Corporation) C:\WINDOWS\system32\changepk.exe
2020-04-04 01:02 - 2020-04-04 01:02 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Custom.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000089912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2020-04-04 01:02 - 2020-04-04 01:02 - 000088352 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000071480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\keepaliveprovider.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2020-04-04 01:02 - 2020-04-04 01:02 - 000059192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2020-04-04 01:02 - 2020-04-04 01:02 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2020-04-04 01:02 - 2020-04-04 01:02 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.Common.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe
2020-04-04 01:02 - 2020-04-04 01:02 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcProxyStubs.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2020-04-04 01:02 - 2020-04-04 01:02 - 000036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2020-04-04 01:02 - 2020-04-04 01:02 - 000033080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hwpolicy.sys
2020-04-04 01:02 - 2020-04-04 01:02 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprtPS.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-04-04 01:02 - 2020-04-04 01:02 - 000028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\flpydisk.sys
2020-04-04 01:02 - 2020-04-04 01:02 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Custom.ps.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbservicetrigger.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sfloppy.sys
2020-04-04 01:02 - 2020-04-04 01:02 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-04-04 00:52 - 2020-04-04 00:53 - 000000000 ____D C:\Program Files\Affinity
2020-04-01 16:35 - 2020-04-01 16:47 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\Affinity
2020-04-01 16:35 - 2020-04-01 16:47 - 000000000 ____D C:\ProgramData\Affinity
2020-04-01 16:34 - 2020-04-04 00:53 - 000001001 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Affinity Photo.lnk
2020-04-01 16:31 - 2020-04-01 16:31 - 000000039 _____ C:\Users\MARCO\AppData\Local\kritadisplayrc
2020-04-01 16:25 - 2020-04-01 16:25 - 000000357 _____ C:\Users\MARCO\AppData\Local\karboncalligraphyrc
2020-04-01 16:22 - 2020-04-01 16:31 - 000016053 _____ C:\Users\MARCO\AppData\Local\kritarc
2020-04-01 16:22 - 2020-04-01 16:22 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\krita
2020-04-01 16:22 - 2020-04-01 16:22 - 000000000 ____D C:\Users\MARCO\AppData\Local\krita
2020-04-01 12:23 - 2020-04-19 13:16 - 000003126 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2020-04-01 11:16 - 2020-04-19 13:16 - 000003112 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2020-04-01 11:16 - 2020-04-01 11:16 - 000003194 _____ C:\WINDOWS\system32\Tasks\ModifyLinkUpdate
2020-04-01 11:16 - 2020-03-02 18:36 - 000102824 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdkmpfd.sys
2020-04-01 11:15 - 2020-04-19 01:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Software
2020-04-01 11:15 - 2020-04-01 11:15 - 000003160 _____ C:\WINDOWS\system32\Tasks\StartCN
2020-04-01 11:15 - 2020-04-01 11:15 - 000003080 _____ C:\WINDOWS\system32\Tasks\StartDVR
2020-04-01 11:10 - 2020-04-01 11:10 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\ATI
2020-04-01 10:55 - 2020-04-01 10:55 - 001083424 _____ C:\WINDOWS\system32\AmRdrIco.icl
2020-03-31 17:51 - 2020-03-31 17:51 - 000012302 _____ C:\Users\MARCO\Desktop\TESSERAMENTO 31-03-2020.xlsx
2020-03-31 10:25 - 2020-03-31 10:25 - 000160254 _____ C:\Users\MARCO\Desktop\Confronto-LU1694212348_LU0076315455-martedì 31 marzo 2020.pdf
2020-03-31 10:23 - 2020-03-31 10:23 - 000891197 _____ C:\Users\MARCO\Desktop\Scheda prodotto Eurofundlux Floating Rate A Acc EUR.pdf
2020-03-31 10:19 - 2020-03-31 10:19 - 000444060 _____ C:\Users\MARCO\Desktop\Scheda prodotto-Nordea European Covered Bond BP Acc EUR.pdf
2020-03-30 23:10 - 2020-03-30 23:10 - 000001064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2020.lnk
2020-03-30 23:07 - 2020-03-30 23:07 - 000001085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2019.lnk
2020-03-30 12:22 - 2020-03-30 12:22 - 001353045 _____ C:\Users\MARCO\Desktop\inserimento-in-consulenza-di-covered-warrant-ed-etf-short-pub.pdf
2020-03-30 11:42 - 2020-03-30 11:42 - 002347203 _____ C:\Users\MARCO\Desktop\come-comportarsi-nelle-crisi-retail-2020-03-27-2.pdf
2020-03-29 17:07 - 2020-04-10 11:23 - 000000000 ____D C:\Users\MARCO\AppData\Local\CaptureOne
2020-03-29 17:07 - 2020-04-08 11:15 - 000000000 ____D C:\Users\MARCO\AppData\Local\Phase_One
2020-03-29 17:07 - 2020-04-06 22:52 - 000001121 _____ C:\Users\MARCO\Desktop\Capture One 20.0.4.lnk
2020-03-29 17:07 - 2020-03-29 17:07 - 000000000 ____D C:\ProgramData\Phase One
2020-03-29 17:07 - 2020-03-29 17:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Phase One
2020-03-29 17:06 - 2020-03-29 17:06 - 000000000 ____D C:\Program Files\Phase One
2020-03-29 16:18 - 2020-04-01 12:23 - 000000000 ____D C:\Users\MARCO\AppData\Local\cache
2020-03-29 12:38 - 2020-04-12 01:12 - 000000000 ____D C:\ProgramData\ON1
2020-03-29 12:37 - 2020-04-12 01:12 - 000000000 ____D C:\Program Files\ON1
2020-03-29 12:37 - 2020-04-09 23:32 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\ON1
2020-03-28 14:16 - 2020-04-01 10:50 - 000000000 ____D C:\Users\MARCO\Desktop\DA FARE ORA
2020-03-23 19:23 - 2020-03-23 19:23 - 000001085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom Classic.lnk

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-04-19 13:53 - 2019-03-19 06:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-04-19 13:53 - 2014-12-12 00:43 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-04-19 13:48 - 2014-12-12 00:33 - 000000000 ____D C:\ProgramData\RogueKiller
2020-04-19 13:46 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-04-19 13:19 - 2019-08-17 22:10 - 001764224 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-04-19 13:19 - 2019-03-19 14:33 - 000782874 _____ C:\WINDOWS\system32\perfh010.dat
2020-04-19 13:19 - 2019-03-19 14:33 - 000147392 _____ C:\WINDOWS\system32\perfc010.dat
2020-04-19 13:19 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2020-04-19 13:17 - 2014-11-17 00:30 - 000000000 ____D C:\Users\MARCO\AppData\Local\Adobe
2020-04-19 13:16 - 2016-08-22 22:31 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\DisplayCAL
2020-04-19 13:14 - 2019-08-17 22:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-04-19 13:14 - 2019-08-17 21:58 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-04-19 13:14 - 2018-08-28 23:09 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-04-19 13:13 - 2019-07-14 16:40 - 000000000 ____D C:\Program Files (x86)\SnadBoy's Revelation v2
2020-04-19 12:54 - 2017-06-25 16:35 - 000000000 ____D C:\Program Files\Malwarebytes
2020-04-19 12:49 - 2019-03-19 06:37 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2020-04-19 12:49 - 2018-02-04 21:01 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\IObit
2020-04-19 12:49 - 2017-05-21 00:19 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2020-04-19 12:49 - 2015-03-10 21:47 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\Samsung
2020-04-19 12:17 - 2019-08-17 22:41 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2020-04-19 12:17 - 2017-11-27 01:16 - 000000000 ____D C:\WINDOWS\system32\RTCOM
2020-04-19 12:16 - 2019-08-17 22:40 - 006886992 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2020-04-19 12:16 - 2019-08-17 22:40 - 005938800 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICV2apo.dll
2020-04-19 12:16 - 2019-08-17 22:40 - 003753024 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2020-04-19 12:16 - 2019-08-17 22:40 - 001003744 _____ (Nahimic Inc) C:\WINDOWS\system32\NahimicAPONSControl.dll
2020-04-19 12:16 - 2019-08-17 22:40 - 000192872 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2020-04-19 12:16 - 2019-08-17 22:40 - 000023584 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2020-04-19 12:16 - 2017-05-21 00:20 - 000000000 ____D C:\WINDOWS\system32\DAX3
2020-04-19 12:16 - 2017-05-21 00:20 - 000000000 ____D C:\WINDOWS\system32\DAX2
2020-04-19 12:15 - 2018-12-07 23:59 - 001160280 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2020-04-19 12:12 - 2019-08-17 22:12 - 000002952 _____ C:\WINDOWS\system32\Tasks\Driver Booster SkipUAC (MARCO)
2020-04-19 12:12 - 2018-02-04 21:02 - 000000000 ____D C:\ProgramData\ProductData
2020-04-19 12:12 - 2018-02-04 21:02 - 000000000 ____D C:\ProgramData\IObit
2020-04-19 11:35 - 2019-08-17 22:12 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1801797792-2963998745-2400400606-1001
2020-04-19 11:35 - 2019-08-17 20:54 - 000002470 _____ C:\Users\MARCO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-04-19 11:35 - 2014-11-16 20:41 - 000000000 ___RD C:\Users\MARCO\OneDrive
2020-04-19 10:55 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-04-19 10:55 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-04-19 10:55 - 2018-05-19 10:31 - 000000000 ____D C:\Users\MARCO\AppData\Local\D3DSCache
2020-04-19 10:50 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-04-19 10:44 - 2019-08-17 20:54 - 000000000 ____D C:\Users\MARCO
2020-04-19 02:01 - 2014-12-04 23:54 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-04-19 01:55 - 2017-06-22 21:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2020-04-19 01:54 - 2019-08-17 22:12 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2020-04-19 01:54 - 2019-08-17 20:54 - 000000000 ____D C:\Users\Simone
2020-04-19 01:54 - 2019-08-17 20:54 - 000000000 ____D C:\Users\gabriella
2020-04-19 01:54 - 2019-08-17 20:54 - 000000000 ____D C:\Users\Administrator
2020-04-19 01:54 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2020-04-19 01:54 - 2018-12-27 21:16 - 000000000 ____D C:\WINDOWS\system32\AMD
2020-04-19 01:54 - 2018-07-29 10:53 - 000000000 ____D C:\Program Files\Easeware
2020-04-19 01:54 - 2018-06-16 00:42 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2020-04-19 01:54 - 2018-02-04 12:01 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\Easeware
2020-04-19 01:54 - 2017-06-22 21:15 - 000000000 ____D C:\Program Files\Common Files\EPSON
2020-04-19 01:54 - 2017-05-21 00:20 - 000000000 ____D C:\WINDOWS\SysWOW64\LifeCamTrueColor
2020-04-19 01:54 - 2017-05-21 00:20 - 000000000 ____D C:\WINDOWS\system32\LifeCamTrueColor
2020-04-19 01:54 - 2017-05-21 00:19 - 000000000 ____D C:\Program Files\AMD
2020-04-19 01:54 - 2016-10-07 23:01 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\obs-studio
2020-04-19 01:54 - 2015-01-11 18:02 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\NCH Software
2020-04-19 01:54 - 2014-11-26 01:27 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\vlc
2020-04-19 01:54 - 2014-11-17 00:56 - 000000000 ____D C:\Program Files\Adobe
2020-04-19 01:54 - 2014-11-17 00:55 - 000000000 ____D C:\Program Files\Common Files\Adobe
2020-04-19 01:54 - 2014-11-16 22:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2020-04-19 01:53 - 2017-05-20 15:23 - 000000000 ____D C:\MSI
2020-04-19 01:53 - 2016-10-07 23:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2020-04-19 01:53 - 2015-01-11 18:02 - 000000000 ____D C:\Program Files (x86)\NCH Software
2020-04-19 01:53 - 2014-11-16 22:23 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2020-04-18 23:42 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\registration
2020-04-18 23:42 - 2017-06-22 20:59 - 000000000 ____D C:\ProgramData\Epson
2020-04-18 23:42 - 2014-12-11 23:59 - 000000000 ____D C:\ProgramData\AVAST Software
2020-04-18 23:42 - 2014-11-16 20:38 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\Adobe
2020-04-18 23:41 - 2017-11-07 01:04 - 000000000 ____D C:\Program Files (x86)\AMD
2020-04-18 23:41 - 2017-06-22 21:01 - 000000000 ____D C:\Program Files (x86)\EPSON Software
2020-04-18 23:37 - 2014-12-12 00:57 - 000000000 ____D C:\Users\MARCO\AppData\Local\CrashDumps
2020-04-18 23:06 - 2018-05-26 16:23 - 000000000 ____D C:\Users\MARCO\AppData\Local\Movavi
2020-04-18 23:02 - 2016-10-07 22:40 - 000000096 _____ C:\Users\MARCO\AppData\Roaming\version2.xml
2020-04-18 19:22 - 2017-12-03 20:14 - 000000000 ____D C:\Users\MARCO\AppData\Local\Packages
2020-04-18 18:33 - 2019-08-17 22:12 - 000000000 ____D C:\WINDOWS\system32\Tasks\NCH Software
2020-04-18 18:24 - 2019-08-17 22:21 - 000000000 ____D C:\Users\MARCO\AppData\Local\Deployment
2020-04-18 13:06 - 2017-10-15 23:09 - 000000000 ____D C:\ProgramData\UDL
2020-04-18 13:01 - 2018-01-14 23:52 - 000000000 ____D C:\Users\MARCO\AppData\Local\PlaceholderTileLogoFolder
2020-04-18 13:00 - 2018-02-04 11:33 - 000000000 ____D C:\Users\MARCO\AppData\Local\ElevatedDiagnostics
2020-04-17 21:36 - 2016-10-09 01:12 - 000000000 ____D C:\AMD
2020-04-17 20:59 - 2019-02-09 10:07 - 000000000 ___HD C:\adobeTemp
2020-04-15 21:34 - 2014-11-16 21:21 - 000000000 ____D C:\Program Files (x86)\Google
2020-04-15 00:30 - 2019-08-17 21:58 - 000662888 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-04-15 00:29 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-04-15 00:29 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-04-15 00:29 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-04-15 00:29 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-04-15 00:14 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-04-14 23:46 - 2014-11-16 22:22 - 000000000 ____D C:\Users\MARCO\AppData\Local\Downloaded Installations
2020-04-14 14:39 - 2014-12-03 01:43 - 000001456 _____ C:\Users\MARCO\AppData\Local\Adobe Salva per Web e dispositivi 13.0 Prefs
2020-04-13 20:36 - 2018-03-03 22:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2020-04-13 14:13 - 2020-02-22 18:06 - 000011249 _____ C:\Users\MARCO\Desktop\lista prenotati rifugio.xlsx
2020-04-13 13:02 - 2018-05-27 13:36 - 000000000 ____D C:\ProgramData\Wondershare Video Converter Free
2020-04-13 13:02 - 2017-07-15 14:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2020-04-13 13:01 - 2017-01-08 12:48 - 000000000 ____D C:\Program Files (x86)\Wondershare
2020-04-13 12:55 - 2018-07-02 20:26 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\HandBrake
2020-04-13 11:18 - 2015-01-21 01:30 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\dvdcss
2020-04-12 22:27 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ServiceState
2020-04-12 22:27 - 2018-07-03 08:40 - 000000000 ____D C:\ProgramData\Packages
2020-04-12 12:38 - 2019-02-09 17:50 - 000032520 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\AMDPCIDev.sys
2020-04-11 18:50 - 2018-03-22 20:23 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\ActivePresenter
2020-04-10 09:58 - 2015-11-09 22:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2020-04-08 04:06 - 2019-10-15 14:55 - 000002427 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2020-04-07 20:34 - 2014-11-16 21:22 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-04-06 22:52 - 2020-03-13 10:51 - 000002478 _____ C:\Users\MARCO\Desktop\Marco (mmosca@credem.it) - Chrome.lnk
2020-04-06 22:52 - 2020-02-10 21:35 - 000002286 _____ C:\Users\MARCO\Desktop\Loom.lnk
2020-04-06 22:52 - 2020-01-06 21:18 - 000001968 _____ C:\Users\MARCO\Desktop\AVStoDVD.lnk
2020-04-06 22:52 - 2020-01-06 21:08 - 000001003 _____ C:\Users\MARCO\Desktop\DVDStyler.lnk
2020-04-06 22:52 - 2018-03-28 20:25 - 000001147 _____ C:\Users\MARCO\Desktop\Start_CAIgest - collegamento.lnk
2020-04-06 22:50 - 2016-12-18 00:14 - 000000000 ___SD C:\Users\MARCO\Amazon Drive
2020-04-04 01:06 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2020-04-04 01:06 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\Provisioning
2020-04-02 13:51 - 2014-12-30 00:46 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\FileZilla
2020-04-02 11:25 - 2014-11-16 21:26 - 000744808 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-04-01 12:23 - 2018-07-28 13:30 - 000000000 ____D C:\Users\MARCO\AppData\Local\AMD
2020-04-01 10:55 - 2019-08-17 14:51 - 000127936 _____ () C:\WINDOWS\system32\Drivers\AmUStorU.sys
2020-03-29 13:39 - 2019-11-22 23:56 - 000000000 ____D C:\Program Files\Thuraya
2020-03-28 15:43 - 2018-07-07 17:30 - 000000000 ____D C:\Users\MARCO\Desktop\SIMONE MOSCA
2020-03-26 12:21 - 2018-03-22 20:23 - 000001999 _____ C:\Users\Public\Desktop\Active Presenter.lnk
2020-03-26 12:21 - 2018-03-22 20:23 - 000001999 _____ C:\ProgramData\Desktop\Active Presenter.lnk
2020-03-26 12:21 - 2018-03-22 20:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ActivePresenter
2020-03-25 11:14 - 2019-10-03 13:26 - 000003518 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2020-03-25 10:43 - 2018-02-28 21:18 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-03-23 19:18 - 2014-11-17 00:35 - 000000000 ____D C:\ProgramData\Adobe
2020-03-22 23:52 - 2018-08-30 22:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2020-03-21 15:36 - 2020-02-10 21:35 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\Loom
2020-03-20 22:28 - 2020-03-12 19:23 - 000003936 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-1801797792-2963998745-2400400606-1001UA
2020-03-20 22:28 - 2020-03-12 19:23 - 000003668 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-1801797792-2963998745-2400400606-1001Core
2020-03-20 21:29 - 2019-08-17 22:12 - 000003672 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-03-20 21:29 - 2019-08-17 22:12 - 000003548 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore

==================== Files in the root of some directories ========

2017-03-12 11:43 - 2017-03-13 23:19 - 000021368 _____ (Schneider Electric) C:\Users\MARCO\en_res.dll
2017-03-12 11:43 - 2017-03-13 23:19 - 000021368 _____ (Schneider Electric) C:\Users\MARCO\es_res.dll
2017-03-12 11:43 - 2017-03-13 23:19 - 000021880 _____ (Schneider Electric) C:\Users\MARCO\fr_res.dll
2017-03-12 11:43 - 2017-03-13 23:19 - 000021880 _____ (Schneider Electric) C:\Users\MARCO\grm_res.dll
2017-03-12 11:43 - 2017-03-13 23:19 - 000021368 _____ (Schneider Electric) C:\Users\MARCO\it_res.dll
2017-03-12 11:43 - 2017-03-13 23:19 - 000020344 _____ (Schneider Electric) C:\Users\MARCO\jp_res.dll
2017-03-12 11:43 - 2017-03-13 23:19 - 001079808 _____ (Microsoft Corporation) C:\Users\MARCO\mfc80u.dll
2017-03-12 11:43 - 2017-03-13 23:19 - 000626688 _____ (Microsoft Corporation) C:\Users\MARCO\msvcr80.dll
2017-03-12 11:43 - 2017-03-13 23:19 - 000021368 _____ (Schneider Electric) C:\Users\MARCO\pt_res.dll
2017-03-12 11:43 - 2017-03-13 23:19 - 000018808 _____ () C:\Users\MARCO\ResourceReader.dll
2017-03-12 11:43 - 2017-03-13 23:19 - 000020856 _____ (Schneider Electric) C:\Users\MARCO\ru_res.dll
2017-03-12 11:43 - 2017-03-13 23:19 - 000019832 _____ (Schneider Electric) C:\Users\MARCO\zh_res.dll
2016-04-23 14:46 - 2016-05-17 17:16 - 000003072 _____ () C:\Users\MARCO\AppData\Roaming\Album Studio 1.0 Prefsv3
2018-04-08 13:20 - 2018-04-08 13:20 - 005082084 _____ (The Public) C:\Users\MARCO\AppData\Roaming\Avisynth.exe
2018-04-08 13:20 - 2018-04-08 13:20 - 005243208 _____ ( ) C:\Users\MARCO\AppData\Roaming\AvsP.exe
2016-10-07 22:56 - 2016-10-07 22:56 - 000000057 _____ () C:\Users\MARCO\AppData\Roaming\Camdata.ini
2016-10-07 22:56 - 2016-10-07 22:56 - 000000408 _____ () C:\Users\MARCO\AppData\Roaming\CamLayout.ini
2016-10-07 22:56 - 2016-10-07 22:56 - 000000408 _____ () C:\Users\MARCO\AppData\Roaming\CamShapes.ini
2016-10-07 22:56 - 2016-10-07 22:56 - 000004545 _____ () C:\Users\MARCO\AppData\Roaming\CamStudio.cfg
2016-10-07 22:41 - 2016-10-07 22:51 - 000000000 _____ () C:\Users\MARCO\AppData\Roaming\CamStudio.Producer.Data.ini
2016-10-07 22:41 - 2016-10-07 22:51 - 000001205 _____ () C:\Users\MARCO\AppData\Roaming\CamStudio.Producer.ini
2018-04-08 13:20 - 2018-04-08 13:20 - 002169915 _____ (LIGHTNING UK!) C:\Users\MARCO\AppData\Roaming\Imgburn.exe
2018-06-16 16:13 - 2018-06-16 16:13 - 000099384 _____ () C:\Users\MARCO\AppData\Roaming\inst.exe
2014-11-17 23:06 - 2015-02-11 22:51 - 000000028 _____ () C:\Users\MARCO\AppData\Roaming\kulerdata.json
2018-12-10 22:34 - 2018-12-12 22:05 - 000001118 _____ () C:\Users\MARCO\AppData\Roaming\loch.ini
2018-04-08 13:20 - 2018-04-08 13:20 - 001357348 _____ () C:\Users\MARCO\AppData\Roaming\MatroskaSplitter.exe
2018-06-16 16:13 - 2018-06-16 16:13 - 000007859 _____ () C:\Users\MARCO\AppData\Roaming\pcouffin.cat
2018-06-16 16:13 - 2018-06-16 16:13 - 000001167 _____ () C:\Users\MARCO\AppData\Roaming\pcouffin.inf
2018-06-16 16:13 - 2018-06-16 16:13 - 000000055 _____ () C:\Users\MARCO\AppData\Roaming\pcouffin.log
2018-06-16 16:13 - 2018-06-16 16:13 - 000082816 _____ (VSO Software) C:\Users\MARCO\AppData\Roaming\pcouffin.sys
2018-04-08 13:20 - 2018-04-08 13:20 - 007760687 _____ (Boraxsoft) C:\Users\MARCO\AppData\Roaming\SetupGFD.exe
2015-01-11 19:12 - 2015-01-11 19:12 - 000001167 _____ () C:\Users\MARCO\AppData\Roaming\trace_FilterInstaller.1.txt
2015-01-11 19:12 - 2018-08-21 21:11 - 000000905 _____ () C:\Users\MARCO\AppData\Roaming\trace_FilterInstaller.txt
2015-01-11 19:12 - 2018-08-21 21:11 - 000000000 _____ () C:\Users\MARCO\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2014-12-07 01:31 - 2014-12-29 15:30 - 000022033 _____ () C:\Users\MARCO\AppData\Roaming\Valori separati da virgola.ADR
2016-10-07 22:40 - 2020-04-18 23:02 - 000000096 _____ () C:\Users\MARCO\AppData\Roaming\version2.xml
2018-04-08 13:20 - 2018-04-08 13:20 - 000117723 _____ () C:\Users\MARCO\AppData\Roaming\yuvcodecs-1.3.exe
2014-12-03 01:43 - 2020-04-14 14:39 - 000001456 _____ () C:\Users\MARCO\AppData\Local\Adobe Salva per Web e dispositivi 13.0 Prefs
2020-04-01 16:25 - 2020-04-01 16:25 - 000000357 _____ () C:\Users\MARCO\AppData\Local\karboncalligraphyrc
2020-04-01 16:22 - 2020-04-01 16:27 - 000002449 _____ () C:\Users\MARCO\AppData\Local\krita-sysinfo.log
2020-04-01 16:22 - 2020-04-01 16:31 - 000001035 _____ () C:\Users\MARCO\AppData\Local\krita.log
2020-04-01 16:31 - 2020-04-01 16:31 - 000000039 _____ () C:\Users\MARCO\AppData\Local\kritadisplayrc
2020-04-01 16:22 - 2020-04-01 16:31 - 000016053 _____ () C:\Users\MARCO\AppData\Local\kritarc
2018-09-28 09:04 - 2018-09-28 09:04 - 000000000 _____ () C:\Users\MARCO\AppData\Local\oobelibMkey.log
2019-06-26 12:26 - 2020-02-28 00:36 - 000000128 _____ () C:\Users\MARCO\AppData\Local\PUTTY.RND
2018-07-29 23:53 - 2018-07-29 23:53 - 000000218 _____ () C:\Users\MARCO\AppData\Local\recently-used.xbel
2017-06-11 00:41 - 2017-06-24 19:42 - 000007609 _____ () C:\Users\MARCO\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
 
Ultima modifica da un moderatore:

R16

Utente Èlite
2,307
425
CPU
boh
Scheda Madre
boh
HDD
boh
RAM
boh
GPU
boh
Audio
boh
Monitor
boh
PSU
boh
Case
boh
OS
boh
Quando hai aperto FRST hai cliccato su SCAN.
Riapri FRST e clicca su FIX.
Aspetta pazientemente che FRST esegua le eliminazioni.
Se il pc non si riavvia da solo, lo devi riavviare tu.
Posta il file fixlog.txt.
 

xylit

Utente Èlite
1,791
504
CPU
ryzen 5 2600x
Dissipatore
artic freezer 33 esport edition
Scheda Madre
asrock B450 gaming k4
HDD
qualcuno
RAM
2X8GB Corsair Vengeance LPX DDR4 3200Mhz
GPU
manli 2070 super gallardo
Monitor
Samsung C27JG52
PSU
Evga supernova 650 G2
Case
CM cosmos 2
Periferiche
MasterKeys CK550 Gateron Brown/ Logitech G502
Net
FTTH tiscali
OS
windows 10
Ciao mi son beccato un virus che mi ha installato un finto avast
Visualizza allegato 368744
questi 3 processi che vedete non si riescono a chiudere in gestione attivita e mi bloccano la possibilità di fare un ripristino

come posso risolvere?
Sicuro sia finto?

pochi antivirus possono essere terminati dal gestore attività

non hai avast tra i programmi installati e removibili?

posta lista software installati.
 

thenax

Nuovo Utente
102
0
Guarda che i software installati, li puoi vedere sul log di FRST che ha postato.

sta ancora frullando (è normale che dopo un'ora sia ancora fermo sulla cancellazione dei file temporanei nella cartella App local?), intanto ti posto il file che mi dicevi
Fix result of Farbar Recovery Scan Tool (x64) Version: 19-04-2020
Ran by MARCO (19-04-2020 19:17:43) Run:1
Running from C:\Users\MARCO\Desktop
Loaded Profiles: MARCO (Available Profiles: MARCO & Simone & gabriella & Administrator)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CreateRestorePoint:
CloseProcesses:
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicyUsers\S-1-5-21-1801797792-2963998745-2400400606-1007\User: Restriction <==== ATTENTION
Task: {053190CE-6267-445E-A6F8-02329BB023DF} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {2958BE76-27C3-4E88-ACD7-F4F02ECA4577} - System32\Tasks\Avast Software\Overseer => C:\Program Files\AVAST Software\Avast\setup\overseer.exe
Task: {551AB9D9-1501-4EED-BC8E-BA4C278098B8} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {6456813A-1783-4C60-863B-3DA82D387A34} - \Microsoft\Windows\Setup\EOONotify -> No File <==== ATTENTION
Task: {7BD96C03-CB34-421E-8DD9-6B66EAC27ABF} - System32\Tasks\Core Temp Autostart MARCO => C:\Program Files\Core Temp\Core Temp.exe
Task: {8442CD01-3877-4FE8-904C-D8BE4F05A36D} - System32\Tasks\avastBCLRestartS-1-5-21-1801797792-2963998745-2400400606-1001 => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Task: {BE51E56B-A69A-464C-B30E-F56BC6C9C40A} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {D6157F54-87BC-4D54-9680-8E4E2923B64E} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {E03F2807-D169-4A7C-999A-1EE1D454B411} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {E63297D9-B5F0-44FA-891F-AB16F184EAA1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\..\Interfaces\{61402573-0713-4884-8ac4-83be55914fcb}: [NameServer] 209.244.0.4,4.2.2.3,192.168.1.1
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
2020-04-19 01:54 - 2019-08-17 22:12 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2020-04-19 01:54 - 2018-06-16 00:42 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2020-04-18 23:42 - 2014-12-11 23:59 - 000000000 ____D C:\ProgramData\AVAST Software
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll -> No File
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => -> No File
Shortcut: C:\Users\MARCO\Desktop\MATERIALE QGIS DEM\OSGeo4W\OSGeo4W Shell.lnk -> C:\OSGeo4W64\OSGeo4W.bat ()
ShortcutWithArgument: C:\Users\MARCO\Desktop\Marco (mmosca@xxxx.it) - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 5"
ShortcutWithArgument: C:\Users\MARCO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ruby 2.3.3-p222-x64\Start Command Prompt with Ruby.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /E:ON /K C:\Ruby23-x64\bin\setrbvars.bat
ShortcutWithArgument: C:\Users\MARCO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applicazioni Chrome\Sorgenia.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 3" --app-id=ldadomeegcgcdjfcijngdjglflcghljg
ShortcutWithArgument: C:\Users\MARCO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applicazioni Chrome\Vysor.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=gidgenkbbabolejbgbpnhbimgjbffefm
ShortcutWithArgument: C:\Users\MARCO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7cd27c6fdd0b5b45\Google Hangouts.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 3" --app-id=nckgahadagoaajjgafhacjanaoiihapd
ShortcutWithArgument: C:\Users\MARCO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\225bb61db2f318c1\Marco - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 3"
AlternateDataStreams: C:\ProgramData\TEMP:6DDED7D9 [280]
AlternateDataStreams: C:\Users\MARCO\Amazon Drive:com.amazon.drive.sync [88]
AlternateDataStreams: C:\Users\MARCO\Amazon Drive:com.amazon.drive.sync.root [42]
AlternateDataStreams: C:\Users\MARCO\AppData\Local\Temp:com.affinity.designer.2 [320]
AlternateDataStreams: C:\Users\MARCO\AppData\Local\Temp:com.affinity.photo.2 [366]
FirewallRules: [UDP Query User{C03958B7-874C-4CA3-993F-8DB651C5A533}C:\bitnami\wordpress-5.2.2-0\apache2\bin\httpd.exe] => (Allow) C:\bitnami\wordpress-5.2.2-0\apache2\bin\httpd.exe No File
FirewallRules: [TCP Query User{04CA0B51-9204-49E8-B303-5E761BC6F7D9}C:\bitnami\wordpress-5.2.2-0\apache2\bin\httpd.exe] => (Allow) C:\bitnami\wordpress-5.2.2-0\apache2\bin\httpd.exe No File
FirewallRules: [UDP Query User{3953C3F3-8C51-47DE-A87E-91708F33656E}C:\bitnami\wordpress-5.2.2-0\mysql\bin\mysqld.exe] => (Allow) C:\bitnami\wordpress-5.2.2-0\mysql\bin\mysqld.exe No File
FirewallRules: [TCP Query User{6954FCD0-DC02-415E-8900-1F139FFE129C}C:\bitnami\wordpress-5.2.2-0\mysql\bin\mysqld.exe] => (Allow) C:\bitnami\wordpress-5.2.2-0\mysql\bin\mysqld.exe No File
FirewallRules: [{E8154D50-8169-4B59-86FD-621541E92FD8}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe No File
FirewallRules: [{FEEB344A-AE96-4925-B7AE-A318D4D1B843}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe No File
FirewallRules: [{FF807332-3F5B-49CF-A3D6-9CEC3C667FA1}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManagerCoreServices.exe No File
FirewallRules: [{A618FC33-B00C-4BAA-9860-FE3B981D34B6}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManagerCoreServices.exe No File
FirewallRules: [{2D9F1D91-ECBB-4FB9-BFE2-2BC5B0AFA8C8}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManager.exe No File
FirewallRules: [{75800B39-434D-4DC6-BA0B-3ED5E1C36305}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManager.exe No File
FirewallRules: [{F0F18BF5-E904-4429-9883-ACD162F2C275}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\rtmpsrv.exe No File
FirewallRules: [{E5EECABC-DF11-4A9B-AA79-3FBA91AA2E44}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\rtmpsrv.exe No File
FirewallRules: [{53BD16A8-4D62-4F22-8905-A2F17D2E3CC1}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe No File
FirewallRules: [{44019131-5540-4B75-9587-674B25FA8019}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe No File
FirewallRules: [{E2462E14-A0F7-4697-A9CD-5BEC34FF2220}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe No File
FirewallRules: [{5B9DEE0D-3E23-4634-AE73-167429B563D4}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe No File
FirewallRules: [{A865A004-0D04-4EAE-997B-15C01426B104}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe No File
FirewallRules: [{08275B6F-4CAD-4B9B-904A-712D96FEF081}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe No File
FirewallRules: [{4921D2F3-DB4F-4160-912D-AFC0383F77C9}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe No File
FirewallRules: [{2D84E32D-8E79-4FF0-8EBE-6F29D06D0CAD}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe No File
FirewallRules: [{34277CAD-9B1B-42E1-BB01-3F8EC9055578}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe No File
FirewallRules: [{DFCC4AD0-75F2-450A-8038-9C066F33F882}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\OxygenPanelDaemon.exe No File
FirewallRules: [{91795F08-39ED-4303-AB4B-E1D6BEAB6FAB}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DPDecoder.exe No File
FirewallRules: [{7B75AEBD-D2CF-4B4E-B26A-B45B248EF909}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe No File
FirewallRules: [TCP Query User{E965226C-B794-4CFC-9EA3-920864A73BC3}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe No File
FirewallRules: [UDP Query User{E87FEF4C-E305-4B1D-869A-E3574B06FF8C}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe No File
FirewallRules: [TCP Query User{6F6A641F-C412-4069-B166-F330322C883A}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe No File
FirewallRules: [UDP Query User{D706F419-8194-4C30-916D-1137C8C2ED34}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe No File
FirewallRules: [TCP Query User{20E9EEE9-1974-4478-8ACE-1B2E1EC825B6}C:\users\marco\appdata\local\vysor\app-1.8.3\vysor.exe] => (Block) C:\users\marco\appdata\local\vysor\app-1.8.3\vysor.exe No File
FirewallRules: [UDP Query User{12A5A4CE-96C5-4630-944A-9F0437508122}C:\users\marco\appdata\local\vysor\app-1.8.3\vysor.exe] => (Block) C:\users\marco\appdata\local\vysor\app-1.8.3\vysor.exe No File
FirewallRules: [{587EBAA7-3174-4274-A0C2-D4025119F113}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe No File
FirewallRules: [{AAA9196F-9E4E-4822-8D59-8456755D5E0F}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe No File
FirewallRules: [{FC0E23C3-DC2C-4E90-A927-BB4F147E898A}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe No File
FirewallRules: [{BD7FB9AE-3D18-48EA-B956-16F90447A12E}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe No File
FirewallRules: [{241B43D4-9AFD-44D5-8DF4-38C04690E4E2}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe No File
FirewallRules: [{81392681-C86E-4FD4-8195-5EFDC3792825}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe No File
FirewallRules: [{A6340713-B7E1-4FB3-975B-3AB9308AA12D}] => (Allow) C:\Program Files\ON1\ON1 Photo RAW 2020\on1capture.exe No File
FirewallRules: [{EAE248D6-7334-4BBB-ACCE-C374DFCE6A28}] => (Allow) C:\Program Files\ON1\ON1 Photo RAW 2020\on1capture.exe No File
FirewallRules: [{43A65198-4C38-48EB-87FE-0D6B174EEF74}] => (Allow) C:\Program Files\ON1\ON1 Photo RAW 2020\on1sandbox.exe No File
FirewallRules: [{FB2184B0-DCA2-42D5-8129-360F55A5C024}] => (Allow) C:\Program Files\ON1\ON1 Photo RAW 2020\on1sandbox.exe No File
FirewallRules: [{BB05C3C8-52A7-43EE-8710-7EC4EFE48CF1}] => (Allow) C:\Program Files\ON1\ON1 Photo RAW 2020\ON1 Photo RAW 2020.exe No File
FirewallRules: [{B701C518-F668-49BE-97BB-659817964764}] => (Allow) C:\Program Files\ON1\ON1 Photo RAW 2020\ON1 Photo RAW 2020.exe No File
FirewallRules: [{D6294E22-CC9A-41C5-8E4A-73195D5DB1FC}] => (Allow) C:\Program Files\ON1\ON1 Photo RAW 2020\on1capture.exe No File
FirewallRules: [{6DF960EA-C40F-4D7D-805F-C03D53095CD5}] => (Allow) C:\Program Files\ON1\ON1 Photo RAW 2020\on1capture.exe No File
FirewallRules: [{6DAC54B4-1E82-442D-A0B1-8991BF2F6126}] => (Allow) C:\Program Files\ON1\ON1 Photo RAW 2020\on1sandbox.exe No File
FirewallRules: [{7C05B16A-216C-4016-8ABF-DBE01A14932F}] => (Allow) C:\Program Files\ON1\ON1 Photo RAW 2020\on1sandbox.exe No File
hosts:
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
EmptyTemp:
cmd: sfc /scannow


*****************

Restore point was successfully created.
Processes closed successfully.
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\system32\GroupPolicyUsers\S-1-5-21-1801797792-2963998745-2400400606-1007\User => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{053190CE-6267-445E-A6F8-02329BB023DF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{053190CE-6267-445E-A6F8-02329BB023DF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{2958BE76-27C3-4E88-ACD7-F4F02ECA4577}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2958BE76-27C3-4E88-ACD7-F4F02ECA4577}" => removed successfully
C:\WINDOWS\System32\Tasks\Avast Software\Overseer => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avast Software\Overseer" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{551AB9D9-1501-4EED-BC8E-BA4C278098B8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{551AB9D9-1501-4EED-BC8E-BA4C278098B8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6456813A-1783-4C60-863B-3DA82D387A34}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6456813A-1783-4C60-863B-3DA82D387A34}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\EOONotify" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7BD96C03-CB34-421E-8DD9-6B66EAC27ABF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7BD96C03-CB34-421E-8DD9-6B66EAC27ABF}" => removed successfully
C:\WINDOWS\System32\Tasks\Core Temp Autostart MARCO => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Core Temp Autostart MARCO" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8442CD01-3877-4FE8-904C-D8BE4F05A36D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8442CD01-3877-4FE8-904C-D8BE4F05A36D}" => removed successfully
C:\WINDOWS\System32\Tasks\avastBCLRestartS-1-5-21-1801797792-2963998745-2400400606-1001 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\avastBCLRestartS-1-5-21-1801797792-2963998745-2400400606-1001" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BE51E56B-A69A-464C-B30E-F56BC6C9C40A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BE51E56B-A69A-464C-B30E-F56BC6C9C40A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D6157F54-87BC-4D54-9680-8E4E2923B64E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D6157F54-87BC-4D54-9680-8E4E2923B64E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E03F2807-D169-4A7C-999A-1EE1D454B411}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E03F2807-D169-4A7C-999A-1EE1D454B411}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E63297D9-B5F0-44FA-891F-AB16F184EAA1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E63297D9-B5F0-44FA-891F-AB16F184EAA1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000008 => removed successfully
HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64\000000000008 => removed successfully
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{61402573-0713-4884-8ac4-83be55914fcb}\\NameServer" => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho => removed successfully
C:\WINDOWS\system32\Tasks\AVAST Software => moved successfully
C:\Program Files\Common Files\AVAST Software => moved successfully
C:\ProgramData\AVAST Software => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Glary Utilities => removed successfully
HKLM\Software\Classes\CLSID\{B3C418F8-922B-4faf-915E-59BC14448CF7} => removed successfully
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\Glary Utilities => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxDTCM => removed successfully
C:\Users\MARCO\Desktop\MATERIALE QGIS DEM\OSGeo4W\OSGeo4W Shell.lnk => moved successfully
C:\Users\MARCO\Desktop\Marco (mmosca@xxxx.it) - Chrome.lnk => Shortcut argument removed successfully
C:\Users\MARCO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ruby 2.3.3-p222-x64\Start Command Prompt with Ruby.lnk => Shortcut argument removed successfully
C:\Users\MARCO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applicazioni Chrome\Sorgenia.lnk => Shortcut argument removed successfully
C:\Users\MARCO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applicazioni Chrome\Vysor.lnk => Shortcut argument removed successfully
C:\Users\MARCO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7cd27c6fdd0b5b45\Google Hangouts.lnk => Shortcut argument removed successfully
C:\Users\MARCO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\225bb61db2f318c1\Marco - Chrome.lnk => Shortcut argument removed successfully
C:\ProgramData\TEMP => ":6DDED7D9" ADS removed successfully
C:\Users\MARCO\Amazon Drive => ":com.amazon.drive.sync" ADS removed successfully
C:\Users\MARCO\Amazon Drive => ":com.amazon.drive.sync.root" ADS removed successfully
C:\Users\MARCO\AppData\Local\Temp => ":com.affinity.designer.2" ADS removed successfully
C:\Users\MARCO\AppData\Local\Temp => ":com.affinity.photo.2" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C03958B7-874C-4CA3-993F-8DB651C5A533}C:\bitnami\wordpress-5.2.2-0\apache2\bin\httpd.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{04CA0B51-9204-49E8-B303-5E761BC6F7D9}C:\bitnami\wordpress-5.2.2-0\apache2\bin\httpd.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{3953C3F3-8C51-47DE-A87E-91708F33656E}C:\bitnami\wordpress-5.2.2-0\mysql\bin\mysqld.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{6954FCD0-DC02-415E-8900-1F139FFE129C}C:\bitnami\wordpress-5.2.2-0\mysql\bin\mysqld.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E8154D50-8169-4B59-86FD-621541E92FD8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FEEB344A-AE96-4925-B7AE-A318D4D1B843}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FF807332-3F5B-49CF-A3D6-9CEC3C667FA1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A618FC33-B00C-4BAA-9860-FE3B981D34B6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2D9F1D91-ECBB-4FB9-BFE2-2BC5B0AFA8C8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{75800B39-434D-4DC6-BA0B-3ED5E1C36305}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F0F18BF5-E904-4429-9883-ACD162F2C275}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E5EECABC-DF11-4A9B-AA79-3FBA91AA2E44}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{53BD16A8-4D62-4F22-8905-A2F17D2E3CC1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{44019131-5540-4B75-9587-674B25FA8019}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E2462E14-A0F7-4697-A9CD-5BEC34FF2220}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5B9DEE0D-3E23-4634-AE73-167429B563D4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A865A004-0D04-4EAE-997B-15C01426B104}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{08275B6F-4CAD-4B9B-904A-712D96FEF081}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4921D2F3-DB4F-4160-912D-AFC0383F77C9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2D84E32D-8E79-4FF0-8EBE-6F29D06D0CAD}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{34277CAD-9B1B-42E1-BB01-3F8EC9055578}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DFCC4AD0-75F2-450A-8038-9C066F33F882}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{91795F08-39ED-4303-AB4B-E1D6BEAB6FAB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7B75AEBD-D2CF-4B4E-B26A-B45B248EF909}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E965226C-B794-4CFC-9EA3-920864A73BC3}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E87FEF4C-E305-4B1D-869A-E3574B06FF8C}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{6F6A641F-C412-4069-B166-F330322C883A}C:\program files\blackmagic design\davinci resolve\resolve.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D706F419-8194-4C30-916D-1137C8C2ED34}C:\program files\blackmagic design\davinci resolve\resolve.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{20E9EEE9-1974-4478-8ACE-1B2E1EC825B6}C:\users\marco\appdata\local\vysor\app-1.8.3\vysor.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{12A5A4CE-96C5-4630-944A-9F0437508122}C:\users\marco\appdata\local\vysor\app-1.8.3\vysor.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{587EBAA7-3174-4274-A0C2-D4025119F113}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AAA9196F-9E4E-4822-8D59-8456755D5E0F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FC0E23C3-DC2C-4E90-A927-BB4F147E898A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BD7FB9AE-3D18-48EA-B956-16F90447A12E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{241B43D4-9AFD-44D5-8DF4-38C04690E4E2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{81392681-C86E-4FD4-8195-5EFDC3792825}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A6340713-B7E1-4FB3-975B-3AB9308AA12D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EAE248D6-7334-4BBB-ACCE-C374DFCE6A28}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{43A65198-4C38-48EB-87FE-0D6B174EEF74}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FB2184B0-DCA2-42D5-8129-360F55A5C024}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BB05C3C8-52A7-43EE-8710-7EC4EFE48CF1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B701C518-F668-49BE-97BB-659817964764}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D6294E22-CC9A-41C5-8E4A-73195D5DB1FC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6DF960EA-C40F-4D7D-805F-C03D53095CD5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6DAC54B4-1E82-442D-A0B1-8991BF2F6126}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7C05B16A-216C-4016-8ABF-DBE01A14932F}" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= ipconfig /flushdns =========


Configurazione IP di Windows

Cache del resolver DNS svuotata.

========= End of CMD: =========


========= netsh winsock reset catalog =========

Impossibile avviare la funzione di inizializzazione InitHelperDll in NSHHTTP.DLL
Codice di errore 11003

Reimpostazione catalogo Winsock completata.
Ô necessario riavviare il computer per completare l'operazione.


========= End of CMD: =========


========= sfc /scannow =========



Avvio in corso dell'analisi del sistema. Attendere. L'operazione richiederà alcuni minuti.



Avvio in corso della fase di verifica dell'analisi del sistema.


0% della verifica completato.
1% della verifica completato.
1% della verifica completato.
2% della verifica completato.
3% della verifica completato.
3% della verifica completato.
4% della verifica completato.
4% della verifica completato.
5% della verifica completato.
6% della verifica completato.
6% della verifica completato.
7% della verifica completato.
8% della verifica completato.
8% della verifica completato.
9% della verifica completato.
9% della verifica completato.
10% della verifica completato.
11% della verifica completato.
11% della verifica completato.
12% della verifica completato.
12% della verifica completato.
13% della verifica completato.
14% della verifica completato.
14% della verifica completato.
15% della verifica completato.
16% della verifica completato.
16% della verifica completato.
17% della verifica completato.
17% della verifica completato.
18% della verifica completato.
19% della verifica completato.
19% della verifica completato.
20% della verifica completato.
20% della verifica completato.
21% della verifica completato.
22% della verifica completato.
22% della verifica completato.
23% della verifica completato.
24% della verifica completato.
24% della verifica completato.
25% della verifica completato.
25% della verifica completato.
26% della verifica completato.
27% della verifica completato.
27% della verifica completato.
28% della verifica completato.
29% della verifica completato.
29% della verifica completato.
30% della verifica completato.
30% della verifica completato.
31% della verifica completato.
32% della verifica completato.
32% della verifica completato.
33% della verifica completato.
33% della verifica completato.
34% della verifica completato.
35% della verifica completato.
35% della verifica completato.
36% della verifica completato.
37% della verifica completato.
37% della verifica completato.
38% della verifica completato.
38% della verifica completato.
39% della verifica completato.
40% della verifica completato.
40% della verifica completato.
41% della verifica completato.
41% della verifica completato.
42% della verifica completato.
43% della verifica completato.
43% della verifica completato.
44% della verifica completato.
45% della verifica completato.
45% della verifica completato.
46% della verifica completato.
46% della verifica completato.
47% della verifica completato.
48% della verifica completato.
48% della verifica completato.
49% della verifica completato.
49% della verifica completato.
50% della verifica completato.
51% della verifica completato.
51% della verifica completato.
52% della verifica completato.
53% della verifica completato.
53% della verifica completato.
54% della verifica completato.
54% della verifica completato.
55% della verifica completato.
56% della verifica completato.
56% della verifica completato.
57% della verifica completato.
58% della verifica completato.
58% della verifica completato.
59% della verifica completato.
59% della verifica completato.
60% della verifica completato.
61% della verifica completato.
61% della verifica completato.
62% della verifica completato.
62% della verifica completato.
63% della verifica completato.
64% della verifica completato.
64% della verifica completato.
65% della verifica completato.
66% della verifica completato.
66% della verifica completato.
67% della verifica completato.
67% della verifica completato.
68% della verifica completato.
69% della verifica completato.
69% della verifica completato.
70% della verifica completato.
70% della verifica completato.
71% della verifica completato.
72% della verifica completato.
72% della verifica completato.
73% della verifica completato.
74% della verifica completato.
74% della verifica completato.
75% della verifica completato.
75% della verifica completato.
76% della verifica completato.
77% della verifica completato.
77% della verifica completato.
78% della verifica completato.
79% della verifica completato.
79% della verifica completato.
80% della verifica completato.
80% della verifica completato.
81% della verifica completato.
82% della verifica completato.
82% della verifica completato.
83% della verifica completato.
83% della verifica completato.
84% della verifica completato.
85% della verifica completato.
85% della verifica completato.
86% della verifica completato.
87% della verifica completato.
87% della verifica completato.
88% della verifica completato.
88% della verifica completato.
89% della verifica completato.
90% della verifica completato.
90% della verifica completato.
91% della verifica completato.
91% della verifica completato.
92% della verifica completato.
93% della verifica completato.
93% della verifica completato.
94% della verifica completato.
95% della verifica completato.
95% della verifica completato.
96% della verifica completato.
96% della verifica completato.
97% della verifica completato.
98% della verifica completato.
98% della verifica completato.
99% della verifica completato.
99% della verifica completato.
100% della verifica completato.


Protezione risorse di Windows: nessuna violazione di integrità trovata.


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 438364281 B
Java, Flash, Steam htmlcache => 524 B
Windows/system/drivers => 29733598 B
Edge => 1719344 B
Chrome => 1918661814 B
Firefox => 19753951 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 2016477 B
systemprofile32 => 4538765 B
LocalService => 4588097 B
NetworkService => 5328079 B
 
Ultima modifica da un moderatore:

R16

Utente Èlite
2,307
425
CPU
boh
Scheda Madre
boh
HDD
boh
RAM
boh
GPU
boh
Audio
boh
Monitor
boh
PSU
boh
Case
boh
OS
boh
ta ancora frullando (è normale che dopo un'ora sia ancora fermo sulla cancellazione dei file temporanei nella cartella App local?),

In pratica mi hai spedito i log quando FRST era ancora in esecuzione?
Comunque fammi saper come funziona il il pc quando ha finito e quali problemi riscontri.
.
 

thenax

Nuovo Utente
102
0
esatto...comunque dopo due ore è ancora bloccato sulla cartella appdata/local/temp
Post unito automaticamente:
 

Entra

oppure Accedi utilizzando
Discord Ufficiale Entra ora!

Discussioni Simili