No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted C:\Windows\System32\Tasks\DRIVER BOOSTER SCHEDULER
***** [ Registry ] *****
Deleted HKCU\Software\csastats
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FFB98CCA-CA4F-4950-B16A-A65A331B13F6}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Scheduler
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.SamsungSmartSwitch Folder C:\Users\MARCO\AppData\Roaming\SAMSUNG\SMART SWITCH PC
*************************
[+] Delete Prefetch
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [2170 octets] - [28/05/2018 00:19:51]
AdwCleaner[C00].txt - [1826 octets] - [28/05/2018 00:24:14]
AdwCleaner[S01].txt - [2821 octets] - [07/05/2019 21:12:46]
AdwCleaner[C01].txt - [2524 octets] - [07/05/2019 21:13:26]
AdwCleaner[S02].txt - [2273 octets] - [19/04/2020 12:47:27]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########
Post unito automaticamente: 19 Aprile 2020
Malwarebytes
www.malwarebytes.com
-Dettagli log-
Data scansione: 19/04/20
Ora scansione: 12:59
File di log: d7e4ee6e-822c-11ea-a4af-4ccc6af9de14.json
-Informazioni software-
Versione: 4.1.0.56
Versione componenti: 1.0.875
Aggiorna versione pacchetto: 1.0.22660
Licenza: Trial
-Informazioni sistema-
SO: Windows 10 (Build 18362.778)
CPU: x64
File system: NTFS
Utente: MARCO_GABRIELLA\MARCO
-Riepilogo scansione-
Tipo di scansione: Ricerca elementi nocivi
Scansione avviata da: Manuale
Risultati: Completata
Elementi analizzati: 820497
Minacce rilevate: 3
Minacce messe in quarantena: 0
Tempo impiegato: 12 min, 4 sec
-Opzioni di scansione-
Memoria: Attivata
Esecuzioni automatiche: Attivata
File system: Attivata
Archivi compressi: Attivata
Rootkit: Attivata
Analisi euristica: Attivata
PUP: Rilevare
PUM: Rilevare
-Dettagli scansione-
Processo: 0
(Nessun elemento nocivo rilevato)
Modulo: 0
(Nessun elemento nocivo rilevato)
Chiave di registro: 0
(Nessun elemento nocivo rilevato)
Valore di registro: 0
(Nessun elemento nocivo rilevato)
Dati di registro: 0
(Nessun elemento nocivo rilevato)
Flusso di dati: 0
(Nessun elemento nocivo rilevato)
Cartella: 0
(Nessun elemento nocivo rilevato)
scansione con malwarebytes
File: 3
HackTool.SnadBoy, C:\PROGRAM FILES (X86)\SNADBOY'S REVELATION V2\REVELATION.EXE, Nessuna azione intrapresa, 9628, 299009, 1.0.22660, 2BEFA529B7889BBDC64B394A, dds, 00683043
PUP.Optional.SnadBoy, C:\PROGRAM FILES (X86)\SNADBOY'S REVELATION V2\REVELATIONHELPER.DLL, Nessuna azione intrapresa, 8738, 147848, 1.0.22660, , ame,
PUP.Optional.ChromePass, D:\DOWNLOADS\CHROMEPASS.ZIP, Nessuna azione intrapresa, 9074, 355393, 1.0.22660, , ame,
Settore fisico: 0
(Nessun elemento nocivo rilevato)
WMI: 0
(Nessun elemento nocivo rilevato)
(end)
Post unito automaticamente: 19 Aprile 2020
e quest o è l'ultimo report
RogueKiller Anti-Malware V14.4.0.0 (x64) [Apr 1 2020] (Free) by Adlice Software
mail :
https://adlice.com/contact/
Website :
https://adlice.com/download/roguekiller/
Operating System : Windows 10 (10.0.18363) 64 bits
Started in : Normal mode
User : MARCO [Administrator]
Started from : C:\Users\MARCO\Desktop\RogueKiller_portable64.exe
Signatures : 20200414_084954, Driver : Loaded
Mode : Standard Scan, Scan -- Date : 2020/04/19 13:18:40 (Duration : 00:30:06)
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Process Modules ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Services ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Tasks ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ WMI ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Hosts File ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Files ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Web browsers ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
>>>>>> Chrome Config
[PUM.SearchEngine (Potentially Malicious)] default_search_provider_data.template_url_data.keyword (C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences) -- google.com_ -> Found
Post unito automaticamente: 19 Aprile 2020
e questo è quello che ha restituito frst64 (vedo degli avast che mi insospettiscono!)
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-04-2020
Ran by MARCO (19-04-2020 13:57:07)
Running from C:\Users\MARCO\Desktop
Windows 10 Home Version 1909 18363.778 (X64) (2019-08-17 20:13:03)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1801797792-2963998745-2400400606-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-1801797792-2963998745-2400400606-503 - Limited - Disabled)
gabriella (S-1-5-21-1801797792-2963998745-2400400606-1014 - Limited - Enabled) => C:\Users\gabriella
Guest (S-1-5-21-1801797792-2963998745-2400400606-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1801797792-2963998745-2400400606-1012 - Limited - Enabled)
MARCO (S-1-5-21-1801797792-2963998745-2400400606-1001 - Administrator - Enabled) => C:\Users\MARCO
Simone (S-1-5-21-1801797792-2963998745-2400400606-1007 - Limited - Enabled) => C:\Users\Simone
WDAGUtilityAccount (S-1-5-21-1801797792-2963998745-2400400606-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ACDSee Photo Studio Ultimate 2019 (HKLM\...\{05F371AF-BD6B-4D3E-93DA-C2071394B764}) (Version: 12.1.1.1673 - ACD Systems International Inc.)
ACDSee Photo Studio Ultimate 2020 (HKLM\...\{EB2BD38F-44CF-46BB-A00B-72D7FD826A24}) (Version: 13.0.2.2057 - ACD Systems International Inc.)
AceMoney (HKLM-x32\...\AceMoney_is1) (Version: - MechCAD Software)
ActivePresenter (HKLM\...\{A2A40277-D807-4754-95A3-2F294C2C51D3}_is1) (Version: 7.5.13 - Atomi Systems, Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 28.0.0.127 - Adobe Systems Incorporated)
Adobe Bridge 2020 (HKLM-x32\...\KBRG_10_0_3) (Version: 10.0.3 - Adobe Inc.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.1.0.407 - Adobe Systems Incorporated)
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.8 - Adobe Systems Incorporated)
Adobe Extension Manager CC (HKLM-x32\...\{244FD30F-63F1-49B9-9D98-1150FF4FFCB1}) (Version: 7.3.2 - Adobe Systems Incorporated)
Adobe Lightroom Classic (HKLM-x32\...\LTRM_9_2) (Version: 9.2 - Adobe Inc.)
Adobe Media Encoder 2019 (HKLM-x32\...\AME_13_1_3) (Version: 13.1.3 - Adobe Systems Incorporated)
Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_1_1) (Version: 21.1.1 - Adobe Inc.)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_1_9) (Version: 19.1.9 - Adobe Systems Incorporated)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_9) (Version: 20.0.9 - Adobe Inc.)
Affinity Photo (HKLM\...\{D39FC096-62B2-4F21-BA48-04DAC525F929}) (Version: 1.8.3.641 - Serif (Europe) Ltd)
Amazon Photos (HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\Amazon Photos) (Version: 5.6.1 - Amazon.com, Inc.)
AMD Ryzen Master (HKLM\...\{03213877-8001-4F2C-8917-26B127DE1540}) (Version: 1.0.1.0239 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 20.2.2 - Advanced Micro Devices, Inc.)
AOMEI Partition Assistant Standard Edition 6.6 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version: - AOMEI Technology Co., Ltd.)
APOInstallerMSISetup (HKLM\...\{804BB8D7-5971-46C0-849B-1F40D8545B0A}) (Version: 1.0.14 - Nahimic) Hidden
APPBook 1.5.3 (HKLM-x32\...\781df90e-341d-585c-9760-bfee4555962f) (Version: 1.5.3 - ELI S.R.L. - European Language Institute)
APPBook 1.5.6 (HKLM-x32\...\{781df90e-341d-585c-9760-bfee4555962f}) (Version: 1.5.6 - ELI S.R.L. - European Language Institute)
Apple Mobile Device Support (HKLM\...\{6CECF0FB-EE71-4FE5-8AE0-FA007408934A}) (Version: 13.0.0.38 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Ashampoo Burning Studio FREE (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.14.5 - Ashampoo GmbH & Co. KG)
Assistente aggiornamento Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17364 - Microsoft Corporation)
AudioDeviceFXPluginSampleUIMSISetup (HKLM\...\{4864889A-C092-451D-861C-9A334EBE1573}) (Version: 1.0.1401 - Nahimic) Hidden
Avidemux 2.7 - 64 bits (HKLM-x32\...\Avidemux 2.7 - 64 bits (64-bit)) (Version: 2.7.1.180604 - )
AviSynth 2.6 (HKLM-x32\...\AviSynth) (Version: 2.6.0.6 - GPL Public release.)
AVStoDVD 2.8.8 (HKLM-x32\...\AVStoDVD) (Version: 2.8.8 - MrC)
Backup and Sync from Google (HKLM\...\{FE296942-D2D3-4149-8895-60655FE4CFDE}) (Version: 3.49.9800.0000 - Google, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Branding64 (HKLM\...\{856DA29A-EA4A-468B-BBC2-B5F60DD75BFE}) (Version: 1.00.0002 - Advanced Micro Devices, Inc.) Hidden
calibre 64bit (HKLM\...\{FC12E3F8-E522-4E65-A416-D7BDF41FBBA7}) (Version: 2.68.0 - Kovid Goyal)
Canon Utilities Digital Photo Professional 4 (HKLM-x32\...\Digital Photo Professional 4 (x64)) (Version: 4.5.10.1 - Canon Inc.)
Canon Utilities EOS Lens Registration Tool (HKLM-x32\...\EOS Lens Registration Tool) (Version: 1.5.10.0 - Canon Inc.)
Capture One 20.0.4 (HKLM\...\CaptureOne13_is1) (Version: 13.0.4.8 - Phase One A/S)
Cars 2 multimedia game (HKLM-x32\...\{A72E0BF6-237D-B724-AA15-0B0D6C00EAE3}) (Version: 1.0 - Clementoni S.p.A) Hidden
Cars 2 multimedia game (HKLM-x32\...\it.clementoni.multimediagames.cars2) (Version: 1.0 - Clementoni S.p.A)
CD-LabelPrint (HKLM-x32\...\MediaNavigation.CDLabelPrint) (Version: - )
Centro gestione Mouse e Tastiere Microsoft (HKLM\...\{93FDA8B3-711F-45A7-B7E1-497452B34F5F}) (Version: 10.4.137.0 - Microsoft Corporation) Hidden
Centro gestione Mouse e Tastiere Microsoft (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 10.4.137.0 - Microsoft Corporation)
Chrome Remote Desktop Host (HKLM-x32\...\{654C49EB-D47E-4319-B719-DEEC73787B51}) (Version: 83.0.4103.2 - Google Inc.)
Citrix Online Launcher (HKLM-x32\...\{48947098-A67C-46D4-90C5-9F2F6F0F96FE}) (Version: 1.0.449 - Citrix)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
CrystalDiskInfo 8.4.2 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.4.2 - Crystal Dew World)
CSV to vCard (HKLM-x32\...\{B9DCBBD4-20F5-424B-9C56-FFF62BE71CD7}_is1) (Version: - csvtovcard.com)
CyberLink Application Manager (HKLM-x32\...\InstallShield_{D25D3E15-CABD-420c-B62C-70C1C5EE63FD}) (Version: 1.0.4110.0 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Data Lifeguard Diagnostic version 1.37 (HKLM-x32\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version: - Western Digital Corporation)
Desktop Telematico 1.0.0 (HKLM\...\Desktop Telematico 1.0.0) (Version: 1.0.0.0 - SOGEI)
DesktopTelematico 1.0.0 (HKLM\...\DesktopTelematico) (Version: - )
DesktopTelematico 1.0.0 (HKLM-x32\...\DesktopTelematico) (Version: - )
Dictate (HKLM-x32\...\{8475267E-D7DF-4A6D-A126-2C6B519E6F74}) (Version: 5.00.0000 - Microsoft)
Digitale_Capitello (HKLM-x32\...\{819FF49A-2BA9-CB4C-0A41-F2A406D42899}) (Version: 6.0 - UNKNOWN) Hidden
Digitale_Capitello (HKLM-x32\...\Digitale.Capitello) (Version: 6.0 - UNKNOWN)
DisplayCAL (HKLM-x32\...\{4714199A-0D66-4E69-97FF-7B54BFF80B88}_is1) (Version: 3.8.5.0 - Florian Höch)
Driver Booster 7 (HKLM-x32\...\Driver Booster_is1) (Version: 7.4.0 - IObit)
Driver Easy 5.6.14 (HKLM\...\DriverEasy_is1) (Version: 5.6.14 - Easeware)
DVDStyler v3.1 (HKLM\...\DVDStyler_is1) (Version: - Thüring IT-Consulting)
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version: - EaseUS)
EaseUS Todo Backup Free 10.6 (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 10.6 - CHENGDU YIWO Tech Development Co., Ltd)
Easy Photo Scan (HKLM-x32\...\{BB6241FF-8B76-45A5-95B9-888EDE8E47DC}) (Version: 1.00.0010 - Seiko Epson Corporation)
EndpointMonitoring Install MSISetup (HKLM\...\{FBEFDD01-23EE-46E0-961F-F443341E305C}) (Version: 1.0.1401 - Nahimic) Hidden
EOSCount ActiveX control (HKLM-x32\...\{63B230BF-D745-4ECC-B773-EA25A9AFDC36}) (Version: 2.3.5 - Sergey Vasilevskiy)
EOSInfo (HKLM-x32\...\{CC23FF9A-989C-4DEB-8970-50E6E4862315}) (Version: 0.2.0 - astrojargon.net)
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.4.0 - Seiko Epson Corporation)
Epson Easy Photo Print 2 (HKLM-x32\...\{F05A434E-D3CF-4B44-9D3E-779D42090781}) (Version: 2.8.0.0 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{9F205E94-9E42-4486-A92A-DF3F6CB85444}) (Version: 3.10.0061 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.50.00 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{B55DB65D-EF6E-4E04-89D5-B03603BF681B}) (Version: 4.4.5 - SEIKO EPSON CORPORATION)
EPSON XP-760 Series Printer Uninstall (HKLM\...\EPSON XP-760 Series) (Version: - SEIKO EPSON Corporation)
Ezviz Player version V7.2.0 (HKLM-x32\...\{FAC8D04A-541F-4d41-8BFE-4E5F735758DF}}_is1) (Version: V7.2.0 - )
Ezviz Studio (HKLM-x32\...\{49DF99D3-BC81-439A-8F40-A0529159024C}_is1) (Version: - EZVIZ Inc.)
FileZilla Client 3.43.0 (HKLM-x32\...\FileZilla Client) (Version: 3.43.0 - Tim Kosse)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.163 - Google LLC)
Google Earth Pro (HKLM-x32\...\{9D524A1E-F2FC-444D-B12A-7592CEB56EB5}) (Version: 7.3.2.5776 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Google Video Support Plugin (HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 19.12.1000.0 - Google, LLC.)
GUI for dvdauthor 1.07 (HKLM-x32\...\GUI for dvdauthor) (Version: 1.07 - Boraxsoft)
HandBrake 1.2.2 (HKLM-x32\...\HandBrake) (Version: 1.2.2 - )
Helix YUV Codecs (remove only) (HKLM-x32\...\HelixYUVCodecs) (Version: - )
iCloud (HKLM\...\{359CA9EA-898C-4F5C-80D9-C111F27B489E}) (Version: 7.17.0.13 - Apple Inc.)
il Nuovo Devoto-Oli Junior LeMonnier (HKLM-x32\...\il Nuovo Devoto-Oli Junior LeMonnier) (Version: 1.0.0.0 - edPan search engine)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.0.0 - LIGHTNING UK!)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Invoicex (HKLM\...\Invoicex) (Version: - )
iTunes (HKLM\...\{9816A31B-D5BE-4D4A-8073-2A7BD3B0EBAE}) (Version: 12.10.4.2 - Apple Inc.)
Java 8 Update 241 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180241F0}) (Version: 8.0.2410.7 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
K-Lite Codec Pack 14.1.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.1.5 - KLCP)
LAV Filters 0.73.1 (HKLM-x32\...\lavfilters_is1) (Version: 0.73.1 - Hendrik Leppkes)
Loom 0.30.11 (HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\{3643b966-bc28-5bc8-95ff-3d47d66438db}) (Version: 0.30.11 - Loom, Inc.)
Macromedia Extension Manager (HKLM-x32\...\{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}) (Version: 1.7.240 - Macromedia, Inc.)
Manuali EPSON (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.54.0.0 - Seiko Epson Corporation)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.0.88 - McAfee, LLC.)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{8EC9E7BB-2443-49B1-8476-490EBF932C2E}) (Version: 4.25.512.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - it-it (HKLM\...\ProPlusRetail - it-it) (Version: 16.0.12624.20466 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0012 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools per Office Runtime (x64) - Language Pack - ITA (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ITA) (Version: 10.0.50903 - Microsoft Corporation)
MiniTool Power Data Recovery Free Edition 7.0 (HKLM\...\MiniTool Power Data Recovery Free Edition_is1) (Version: - MiniTool Solution Ltd.)
Monitor Asset Manager (HKLM-x32\...\{AD0BBBFD-C5E9-4214-A863-E83313D67C0C}_is1) (Version: - EnTech Taiwan)
Movie Maker (HKLM-x32\...\{312F7EE7-37D0-484D-B974-0CE1B8560C79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.2.0.67 - MSI)
MSI Super Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.3.0.24 - MSI)
MSI X Boost (HKLM-x32\...\{515143BB-7A11-4D85-B941-D520AAAA099C}_is1) (Version: 1.0.0.36 - MSI)
MSVC80_x64_v2 (HKLM\...\{4D668D4F-FAA2-4726-834C-31F4614F312E}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (HKLM-x32\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MyEpson Portal (HKLM-x32\...\{3361D415-BA35-4143-B301-661991BA6219}) (Version: 1.1.2.2 - SEIKO EPSON CORPORATION) Hidden
MyEpson Portal (HKLM-x32\...\MyEpson Portal) (Version: - SEIKO EPSON Corporation)
Nahimic VR (HKLM-x32\...\{29dcab99-1f56-4497-aeb0-d8eeecf554e2}) (Version: 1.0.14 - Nahimic)
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
NineEarsSettings Install Configurator (HKLM\...\{0E9230A4-E580-47BC-ADAA-D17FA9E2082F}) (Version: 1.0.1401 - Nahimic) Hidden
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.7.1 - Notepad++ Team)
OEM Application Profile (HKLM-x32\...\{7F5DCD33-1039-C3B2-9538-B645B65BBA63}) (Version: 1.00.0000 - Nome società) Hidden
OEM Application Profile (HKLM-x32\...\{84AD2AF7-10C8-0395-66F9-FFAEB4C5DBF1}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12624.20442 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12624.20442 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12624.20466 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0410-0000-0000000FF1CE}) (Version: 16.0.12624.20442 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Pacchetto driver Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass (01/27/2014 9.0.0000.00000) (HKLM\...\9CA77E2A8332A0824C54DA611BBE4CA24AB1F750) (Version: 01/27/2014 9.0.0000.00000 - Google, Inc.)
Pacchetto driver Windows - Phase One / Mamiya V-Grip USB Driver (12/03/2014 1.2.0.0) (HKLM\...\3F504CC0B024052107934E093CC26DA720256A7A) (Version: 12/03/2014 1.2.0.0 - Phase One / Mamiya)
Pacchetto driver Windows - Phase One A/S (WinUSB) USBDevice (12/14/2018 1.15.0.0) (HKLM\...\9398055CF8BEEF1D6FCF147047450F15A1C7AF2A) (Version: 12/14/2018 1.15.0.0 - Phase One A/S)
Pacchetto driver Windows - Silicon Laboratories (WinUSB) USB DFU Devices (03/21/2013 1.00.0000) (HKLM\...\F10ECE8185B942E6F1FCC2956ECDFE0C0D33E8A5) (Version: 03/21/2013 1.00.0000 - Silicon Laboratories)
Pacchetto driver Windows - Silicon Laboratories Inc. (silabser) Ports (03/28/2016 6.7.3.350) (HKLM\...\9437A0D535B29915072FCF153C7CA9B5FD547A24) (Version: 03/28/2016 6.7.3.350 - Silicon Laboratories Inc.)
PhotoFilmStrip 3.1.1 (HKLM\...\PhotoFilmStrip_is1) (Version: 3.1.1 - Jens Göpfert)
Planet versione 4.8 (HKLM-x32\...\{90747FA4-A488-45D3-9F91-8E516610CDCF}_is1) (Version: 4.8 - Tecnos)
Poedit (HKLM-x32\...\{68EB2C37-083A-4303-B5D8-41FA67E50B8F}_is1) (Version: 2.0.1 - Vaclav Slavik)
proDAD Adorage 3.0 (64bit) (HKLM\...\proDAD-Adorage-3.0) (Version: 3.0.114.1 - proDAD GmbH)
ProductDaemon Install Setup (HKLM\...\{D5F66A96-C6BA-4E69-994D-EA858DD459F3}) (Version: 1.0.1401 - Nahimic) Hidden
PuTTY release 0.73 (64-bit) (HKLM\...\{44F7642C-AB7E-4468-B028-E8D08A0CBB0E}) (Version: 0.73.0.0 - Simon Tatham)
QGIS 3.4.2 'Madeira' (HKLM\...\QGIS 3.4) (Version: 3.4.2 - QGIS Development Team)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Raccolta foto (HKLM-x32\...\{86A1CEAD-EF47-47BB-AE79-DA8C09E15382}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
RAPID Mode (HKLM\...\{18DF567E-AA9B-434D-BE77-BFE2292712F6}) (Version: 1.0.1.96 - Samsung Electronics Co., Ltd.) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.35.510.2019 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8746.1 - Realtek Semiconductor Corp.)
RescuePRO Deluxe 5.2.6.6 (HKLM-x32\...\{38D9AAB8-116B-40BB-A801-50B71DF82D24}_is1) (Version: 5.2.6.6 - LC Technology International, Inc.)
Ruby 2.3.3-p222-x64 (HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\{96A4CEEE-5ACC-4FB2-AAB6-8152D5AB0C9E}_is1) (Version: 2.3.3-p222 - RubyInstaller Team)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.9.7 - Samsung Electronics)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
Screaming Frog SEO Spider (HKLM-x32\...\Screaming Frog SEO Spider) (Version: 11.1 - Screaming Frog Ltd)
ScreenManager Pro for LCD (HKLM-x32\...\{DAB265AD-27B2-4651-B8D8-F4F3A8ECC705}) (Version: 3.3.3.0 - EIZO Corporation)
SEO Macroscope (HKLM\...\{DC87D91B-D6D0-4557-B494-4501BD4FDA00}) (Version: 1.7.61 - Jason Holland)
Skype versione 8.58 (HKLM-x32\...\Skype_is1) (Version: 8.58 - Skype Technologies S.A.)
Skype Web Plugin (HKLM-x32\...\{EB96DF8B-65A7-4E72-BFB1-38DB36870D16}) (Version: 7.32.6.278 - Skype Technologies S.A.)
SmartSound Quicktracks 5 (HKLM-x32\...\{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.8 - SmartSound Software Inc.) Hidden
SmartSound Quicktracks 5 (HKLM-x32\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.8 - SmartSound Software Inc.)
SnadBoy's Revelation v2 (HKLM-x32\...\SnadBoy's Revelation v2) (Version: 2.0.1.100 - SnadBoy Software)
Software Saal Design Italy (HKLM-x32\...\{00E0CBD7-C440-FD08-478C-A2074418339E}) (Version: 4.0 - Saal Digital Fotoservice GmbH) Hidden
Software Saal Design Italy (HKLM-x32\...\SoftwareSaalDesignItaly) (Version: 4.0 - Saal Digital Fotoservice GmbH)
Spyder4Pro (HKLM-x32\...\Spyder4Pro) (Version: - )
SSAudioDaemon Install MSISetup (HKLM\...\{1428858F-547B-408D-B25B-0A28540E496A}) (Version: 1.0.14 - Nahimic) Hidden
Supporto applicazioni Apple (32 bit) (HKLM-x32\...\{A7039CC9-4669-4799-92B1-C5CE346DBE3D}) (Version: 8.3 - Apple Inc.)
Supporto applicazioni Apple (64 bit) (HKLM\...\{DA78A9DC-3599-4D81-A960-B679687A6C14}) (Version: 8.3 - Apple Inc.)
Tavoletta Wacom (HKLM\...\Wacom Tablet Driver) (Version: 6.3.11-4 - Wacom Technology Corp.)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.7.1965 - TeamViewer)
Therion (HKLM-x32\...\therion-4.66920160910299_is1) (Version: - Stacho Mudrak, Martin Budaj)
Topaz Adjust 5 (HKLM-x32\...\Topaz Adjust 5) (Version: 5.1.0 - Topaz Labs, LLC)
Unity Web Player (HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\UnityWebPlayer) (Version: 5.3.1f1 - Unity Technologies ApS)
Universal Adb Driver (HKLM-x32\...\{C0E08D8D-6076-4117-B644-2AF34F35B757}) (Version: 1.0.4 - ClockworkMod)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
update_server (HKLM-x32\...\{1D08522D-308D-4615-AEA9-44021FD7445A}_is1) (Version: - )
Video Download Capture V6.3.3 (HKLM-x32\...\{b3336f66-e079-4ff6-abdb-51e2fab781d5}_is1) (Version: 6.3.3 - APOWERSOFT LIMITED)
Video to Video (HKLM-x32\...\{7F95A744-78DA-4AED-A8F0-A0AF330B8411}_is1) (Version: - Media Converters)
Visual SEO Studio (HKLM-x32\...\{63ba0607-9e17-429a-8afd-cc7c0807d35b}) (Version: 1.8.1.2 - aStonish Studio)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.6 - VideoLAN)
VSO ConvertXToDVD 7 (HKLM-x32\...\{A021D003-6933-4EA4-B582-F1D0C3E52409}_is1) (Version: 7.0.0.59 - VSO Software)
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0-2) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0-3) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
WD Drive Utilities (HKLM-x32\...\{42CF3914-5357-45F2-8B3D-ED2F750FA7E4}) (Version: 1.1.0.51 - Western Digital Technologies, Inc.)
WebSite Auditor (HKLM-x32\...\seopowersuite) (Version: 4.38.11 - SEO PowerSuite)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.50 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Wondershare Video Converter Free(Build 6.5.2.3) (HKLM-x32\...\Wondershare Video Converter Free_is1) (Version: 6.5.2.3 - Wondershare Software)
YoutubeMovieMaker (HKLM\...\{543D2D61-3E3D-4CAD-A39A-B40D7E0911DB}) (Version: 18.16 - Youtube Movie Maker)
Packages:
=========
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc [2020-04-18] (Adobe Systems Incorporated)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2020-04-18] (Autodesk Inc.)
Componente aggiuntivo Foto -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2020-04-18] (Microsoft Corporation)
Componente aggiuntivo motore dei supporti Foto -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-04-18] (Microsoft Corporation)
Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_4.9.0.6_x86__h6adky7gbf63m [2020-04-18] (Gameloft SE)
Estensione video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2020-04-18] (Microsoft Corporation)
Kindle -> C:\Program Files\WindowsApps\AMZNMobileLLC.KindleforWindows8_2.1.0.2_neutral__stfe6vwa9jnbp [2020-04-12] (0)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-04-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-04-18] (Microsoft Corporation) [MS Ad]
Microsoft News: le ultime notizie in tempo reale -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.36.20714.0_x64__8wekyb3d8bbwe [2020-04-18] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.6.4030.0_x64__8wekyb3d8bbwe [2020-04-18] (Microsoft Studios) [MS Ad]
MSN Food & Drink -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2020-04-18] (Microsoft Corporation) [MS Ad]
MSN Meteo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-04-18] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.36.20714.0_x64__8wekyb3d8bbwe [2020-04-18] (Microsoft Corporation) [MS Ad]
MSN Salute & Benessere -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2020-04-18] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-04-18] (Microsoft Corporation) [MS Ad]
MSN Viaggi -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2020-04-18] (Microsoft Corporation) [MS Ad]
Raw Image Extension -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_1.0.21991.0_x64__8wekyb3d8bbwe [2020-04-18] (Microsoft Corporation)
TeamViewer: Remote Control -> C:\Program Files\WindowsApps\TeamViewer.31414B719FA93_15.0.100.0_x86__89446h4zmeyyt [2020-04-18] (TeamViewer)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2020-04-18] (Twitter Inc.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1801797792-2963998745-2400400606-1001_Classes\CLSID\{41052F6E-3662-4584-BCD3-77BCCAAE8470}\InprocServer32 -> C:\Users\MARCO\AppData\Local\SkypePlugin\7.32.6.278\GatewayActiveX-x64.dll (Microsoft Corporation -> Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-1801797792-2963998745-2400400606-1001_Classes\CLSID\{46406D82-6EC0-47CC-8A75-1F33C6DEDBBE}\InprocServer32 -> C:\Users\MARCO\AppData\Local\Google\Update\1.3.35.442\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1801797792-2963998745-2400400606-1001_Classes\CLSID\{9B57F475-CCB0-4C85-88A9-2AA9A6C0809A} -> [Amazon Drive] => C:\Users\MARCO\Amazon Drive [2016-12-18 00:14]
CustomCLSID: HKU\S-1-5-21-1801797792-2963998745-2400400606-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
CustomCLSID: HKU\S-1-5-21-1801797792-2963998745-2400400606-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\MARCO\AppData\Local\Google\Update\1.3.35.452\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-1801797792-2963998745-2400400606-1001_Classes\CLSID\{E9E7529D-7F09-410B-AF2A-CC154473B19C}\InprocServer32 -> C:\Users\MARCO\AppData\Local\Google\Update\1.3.35.452\psuser_64.dll (Google LLC -> Google LLC)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-04-06] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-04-06] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-04-06] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2019-06-17] (Notepad++ -> )
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-04-06] (Google LLC -> Google)
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll -> No File
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2020-01-22] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [PicaViewCtxMenuShlExt] -> {F3CBBA61-EE3F-4D6D-B1C6-B3474E579936} => C:\Program Files\Common Files\ACD Systems\PicaView\ACDSeePV.dll [2019-09-23] (ACD Systems International Inc. -> ACD Systems International Inc.)
ContextMenuHandlers1: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2017-09-04] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => C:\WINDOWS\SysWOW64\WSCM64.dll [2018-03-26] (Wondershare Software Co., Ltd. -> )
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll -> No File
ContextMenuHandlers2: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2017-09-04] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd) [File not signed]
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-04-06] (Google LLC -> Google)
ContextMenuHandlers4: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2017-09-04] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd) [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2020-02-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => -> No File
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [vidc.pDAD] => C:\WINDOWS\system32\prodad-codec.dll [607256 2017-04-26] (proDAD GmbH -> proDAD GmbH)
HKLM\...\Drivers32: [vidc.yv12] => C:\Windows\SysWOW64\yv12vfw.dll [83456 2010-11-03] (
www.helixcommunity.org ) [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\MARCO\Desktop\MATERIALE QGIS DEM\OSGeo4W\OSGeo4W Shell.lnk -> C:\OSGeo4W64\OSGeo4W.bat ()
ShortcutWithArgument: C:\Users\MARCO\Desktop\Marco (
mmosca@credem.it ) - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 5"
ShortcutWithArgument: C:\Users\MARCO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ruby 2.3.3-p222-x64\Start Command Prompt with Ruby.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /E:ON /K C:\Ruby23-x64\bin\setrbvars.bat
ShortcutWithArgument: C:\Users\MARCO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applicazioni Chrome\Sorgenia.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 3" --app-id=ldadomeegcgcdjfcijngdjglflcghljg
ShortcutWithArgument: C:\Users\MARCO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applicazioni Chrome\Vysor.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=gidgenkbbabolejbgbpnhbimgjbffefm
ShortcutWithArgument: C:\Users\MARCO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7cd27c6fdd0b5b45\Google Hangouts.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 3" --app-id=nckgahadagoaajjgafhacjanaoiihapd
ShortcutWithArgument: C:\Users\MARCO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\225bb61db2f318c1\Marco - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 3"
==================== Loaded Modules (Whitelisted) =============
2019-08-31 16:10 - 2019-03-04 01:31 - 000092672 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\_ctypes.pyd
2019-08-31 16:10 - 2019-03-04 01:34 - 001096192 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\_hashlib.pyd
2019-08-31 16:10 - 2019-03-04 01:32 - 000027648 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\_multiprocessing.pyd
2019-08-31 16:10 - 2019-03-04 01:33 - 000046592 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\_socket.pyd
2019-08-31 16:10 - 2019-03-04 01:34 - 001415680 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\_ssl.pyd
2019-08-31 16:10 - 2019-06-08 23:12 - 000016384 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\_winxptheme.pyd
2019-08-31 16:10 - 2019-03-04 01:32 - 000071168 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\bz2.pyd
2019-08-31 16:10 - 2019-06-08 21:25 - 000014336 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\faulthandler.pyd
2019-08-31 16:10 - 2018-08-04 17:26 - 000104448 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\numpy.core._multiarray_tests.pyd
2019-08-31 16:10 - 2018-08-04 17:26 - 001220608 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\numpy.core.multiarray.pyd
2019-08-31 16:10 - 2018-08-04 17:26 - 000717312 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\numpy.core.umath.pyd
2019-08-31 16:10 - 2018-08-04 17:26 - 000066560 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\numpy.fft.fftpack_lite.pyd
2019-08-31 16:10 - 2018-08-04 17:26 - 001478144 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\numpy.linalg._umath_linalg.pyd
2019-08-31 16:10 - 2018-08-04 17:26 - 001382912 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\numpy.linalg.lapack_lite.pyd
2019-08-31 16:10 - 2018-08-04 17:26 - 000664576 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\numpy.random.mtrand.pyd
2019-08-31 16:10 - 2019-03-04 01:32 - 000143360 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\pyexpat.pyd
2019-08-31 16:10 - 2018-09-28 17:23 - 000397824 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\pythoncom27.dll
2019-08-31 16:10 - 2018-09-28 17:21 - 000110592 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\pywintypes27.dll
2019-08-31 16:10 - 2019-03-04 01:32 - 000010240 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\select.pyd
2019-08-31 16:10 - 2019-03-04 01:32 - 000687104 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\unicodedata.pyd
2019-08-31 16:10 - 2019-06-08 23:12 - 000100864 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\win32api.pyd
2019-08-31 16:10 - 2019-06-08 23:12 - 000397824 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\win32com.shell.shell.pyd
2019-08-31 16:10 - 2019-06-08 23:12 - 000045568 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\win32console.pyd
2019-08-31 16:10 - 2019-06-08 23:12 - 000018432 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\win32event.pyd
2019-08-31 16:10 - 2019-06-08 23:12 - 000119808 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\win32file.pyd
2019-08-31 16:10 - 2019-06-08 23:12 - 000167936 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\win32gui.pyd
2019-08-31 16:10 - 2019-06-08 23:12 - 000036864 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\win32process.pyd
2019-08-31 16:10 - 2019-06-01 21:25 - 000862208 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\wx._adv.pyd
2019-08-31 16:10 - 2019-06-01 21:25 - 005679616 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\wx._core.pyd
2019-08-31 16:10 - 2019-06-01 21:25 - 000428544 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\wx._grid.pyd
2019-08-31 16:10 - 2019-06-01 21:25 - 000500736 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\wx._html.pyd
2019-08-31 16:10 - 2019-06-01 21:25 - 000066560 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\wx._xml.pyd
2019-08-31 16:10 - 2019-06-01 21:25 - 000091648 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\wx._xrc.pyd
2019-08-31 16:10 - 2019-06-01 21:25 - 000088576 _____ () [File not signed] C:\Program Files (x86)\DisplayCAL\lib\wx.siplib.pyd
2019-10-05 00:41 - 2015-09-10 16:50 - 000195072 _____ () [File not signed] C:\Program Files (x86)\hicloud\update_server\ExceptionHandler.dll
2019-10-05 00:41 - 2015-09-10 16:50 - 001320448 _____ () [File not signed] C:\Program Files (x86)\hicloud\update_server\hlog.dll
2019-10-05 00:41 - 2015-09-10 16:50 - 000151607 _____ () [File not signed] C:\Program Files (x86)\hicloud\update_server\hpr.dll
2019-10-05 00:41 - 2015-09-10 16:50 - 000107520 _____ () [File not signed] C:\Program Files (x86)\hicloud\update_server\SPUpDate.dll
2020-03-08 18:56 - 2005-07-18 14:43 - 000160256 _____ () [File not signed] C:\Program Files (x86)\MSI\Live Update\unrar.dll
2020-04-19 13:17 - 2020-04-19 13:17 - 000114176 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\_ctypes.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000173056 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\_elementtree.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 002133504 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\_hashlib.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000032256 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\_multiprocessing.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000046080 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\_psutil_windows.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000047616 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\_socket.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 002701824 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\_ssl.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000026112 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\_yappi.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000080896 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\bz2.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000016384 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\common.time34.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000007680 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\hashobjs_ext.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000301568 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\PIL._imaging.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000169472 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\pyexpat.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 001084416 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\pysqlite2._sqlite.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000548864 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\pythoncom27.dll
2020-04-19 13:17 - 2020-04-19 13:17 - 000137728 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\pywintypes27.dll
2020-04-19 13:17 - 2020-04-19 13:17 - 000010752 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\select.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000020992 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\thumbnails_ext.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000689664 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\unicodedata.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000119808 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\usb_ext.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000128512 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\win32api.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000438784 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\win32com.shell.shell.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000011776 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\win32crypt.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000023040 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\win32event.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000149504 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\win32file.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000223232 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\win32gui.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000048128 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\win32inet.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000029696 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\win32pdh.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000027648 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\win32pipe.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000044032 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\win32process.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000020480 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\win32profile.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000136192 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\win32security.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000026624 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\win32ts.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000034816 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\windows.conditional.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000038400 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\windows.connectivity.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000071680 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\windows.device_monitor.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000109056 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\windows.volumes.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000020480 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\windows.winwrap.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 001325056 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\wx._controls_.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 001489408 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\wx._core_.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 001007104 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\wx._gdi_.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000103424 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\wx._html2.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000916992 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\wx._misc_.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 001039872 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\wx._windows_.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000114176 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\_ctypes.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000173056 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\_elementtree.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 002133504 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\_hashlib.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000032256 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\_multiprocessing.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000046080 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\_psutil_windows.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000047616 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\_socket.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 002701824 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\_ssl.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000026112 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\_yappi.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000080896 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\bz2.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000016384 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\common.time34.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000007680 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\hashobjs_ext.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000301568 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\PIL._imaging.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000169472 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\pyexpat.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 001084416 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\pysqlite2._sqlite.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000548864 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\pythoncom27.dll
2020-04-19 13:17 - 2020-04-19 13:17 - 000137728 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\pywintypes27.dll
2020-04-19 13:17 - 2020-04-19 13:17 - 000010752 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\select.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000020992 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\thumbnails_ext.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000689664 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\unicodedata.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000119808 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\usb_ext.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000128512 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\win32api.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000438784 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\win32com.shell.shell.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000011776 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\win32crypt.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000023040 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\win32event.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000149504 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\win32file.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000223232 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\win32gui.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000048128 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\win32inet.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000029696 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\win32pdh.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000027648 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\win32pipe.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000044032 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\win32process.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000020480 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\win32profile.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000136192 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\win32security.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000026624 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\win32ts.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000034816 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\windows.conditional.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000038400 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\windows.connectivity.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000071680 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\windows.device_monitor.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000109056 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\windows.volumes.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000020480 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\windows.winwrap.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 001325056 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\wx._controls_.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 001489408 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\wx._core_.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 001007104 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\wx._gdi_.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000103424 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\wx._html2.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 000916992 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\wx._misc_.pyd
2020-04-19 13:17 - 2020-04-19 13:17 - 001039872 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\wx._windows_.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000114176 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\_ctypes.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000173056 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\_elementtree.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 002133504 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\_hashlib.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000032256 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\_multiprocessing.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000046080 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\_psutil_windows.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000047616 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\_socket.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 002701824 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\_ssl.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000026112 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\_yappi.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000080896 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\bz2.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000016384 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\common.time34.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000007680 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\hashobjs_ext.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000301568 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\PIL._imaging.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000169472 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\pyexpat.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 001084416 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\pysqlite2._sqlite.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000548864 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\pythoncom27.dll
2020-04-19 13:16 - 2020-04-19 13:16 - 000137728 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\pywintypes27.dll
2020-04-19 13:16 - 2020-04-19 13:16 - 000010752 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\select.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000020992 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\thumbnails_ext.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000689664 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\unicodedata.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000119808 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\usb_ext.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000128512 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\win32api.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000438784 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\win32com.shell.shell.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000011776 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\win32crypt.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000023040 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\win32event.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000149504 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\win32file.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000223232 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\win32gui.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000048128 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\win32inet.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000029696 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\win32pdh.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000027648 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\win32pipe.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000044032 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\win32process.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000020480 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\win32profile.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000136192 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\win32security.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000026624 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\win32ts.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000034816 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\windows.conditional.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000038400 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\windows.connectivity.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000071680 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\windows.device_monitor.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000109056 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\windows.volumes.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000020480 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\windows.winwrap.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 001325056 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\wx._controls_.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 001489408 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\wx._core_.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 001007104 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\wx._gdi_.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000103424 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\wx._html2.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 000916992 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\wx._misc_.pyd
2020-04-19 13:16 - 2020-04-19 13:16 - 001039872 _____ () [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\wx._windows_.pyd
2012-05-03 10:47 - 2012-05-03 10:47 - 001681408 _____ (/n software inc. -
www.nsoftware.com ) [File not signed] C:\Program Files\ACD Systems\ACDSee Ultimate\12.0\ipworksssl8.dll
2012-05-03 10:47 - 2012-05-03 10:47 - 001681408 _____ (/n software inc. -
www.nsoftware.com ) [File not signed] C:\Program Files\ACD Systems\ACDSee Ultimate\13.0\ipworksssl8.dll
2015-09-25 19:46 - 2012-09-21 05:00 - 000303104 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNCALBL.DLL
2014-11-22 21:53 - 2012-03-14 06:00 - 000385024 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMLMAE.DLL
2015-09-25 19:46 - 2012-09-20 05:00 - 000390656 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMLMBL.DLL
2014-11-17 00:02 - 2012-07-31 10:48 - 000359936 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL
2014-11-22 21:57 - 2012-03-14 06:00 - 000385024 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMXLMAE.DLL
2017-05-21 00:18 - 2012-09-20 05:00 - 000030208 _____ (CANON INC.) [File not signed] C:\WINDOWS\system32\spool\PRTPROCS\x64\CNMPDBL.DLL
2018-03-09 19:47 - 2017-09-04 18:47 - 000382096 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd) [File not signed] C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll
2014-04-20 11:17 - 2014-04-20 11:17 - 000803520 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicExplorer64.dll
2016-08-22 22:31 - 2019-03-04 01:31 - 002649600 _____ (Python Software Foundation) [File not signed] C:\Program Files (x86)\DisplayCAL\PYTHON27.DLL
2020-04-19 13:17 - 2020-04-19 13:17 - 003042816 _____ (Python Software Foundation) [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\python27.dll
2020-04-19 13:17 - 2020-04-19 13:17 - 003042816 _____ (Python Software Foundation) [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\python27.dll
2020-04-19 13:16 - 2020-04-19 13:16 - 003042816 _____ (Python Software Foundation) [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\python27.dll
2015-12-17 11:11 - 2015-12-17 11:11 - 000132096 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\epnsm.dll
2009-10-21 17:39 - 2009-10-21 17:39 - 000291328 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\LcMgr.dll
2019-02-22 18:01 - 2019-02-22 18:01 - 000704512 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files (x86)\EPSON\MyEpson Portal\Configration_00000171\MepCfg.dll
2019-02-22 16:09 - 2019-02-22 16:09 - 000475136 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files (x86)\EPSON\MyEpson Portal\Online Manual_00000013\MepFAQ.dll
2019-10-05 00:41 - 2015-09-10 16:50 - 000285184 _____ (The cURL library, hxxp://curl.haxx.se/) [File not signed] C:\Program Files (x86)\hicloud\update_server\libcurl.dll
2019-10-05 00:41 - 2015-09-10 16:50 - 001204736 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\hicloud\update_server\LIBEAY32.dll
2019-10-05 00:41 - 2015-09-10 16:50 - 000296448 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\hicloud\update_server\SSLEAY32.dll
2019-08-31 16:10 - 2019-06-01 21:25 - 000155136 _____ (wxWidgets development team) [File not signed] C:\Program Files (x86)\DisplayCAL\lib\wxbase30u_net_vc90.dll
2019-08-31 16:10 - 2019-06-01 21:25 - 002036736 _____ (wxWidgets development team) [File not signed] C:\Program Files (x86)\DisplayCAL\lib\wxbase30u_vc90.dll
2019-08-31 16:10 - 2019-06-01 21:25 - 000136192 _____ (wxWidgets development team) [File not signed] C:\Program Files (x86)\DisplayCAL\lib\wxbase30u_xml_vc90.dll
2019-08-31 16:10 - 2019-06-01 21:25 - 001253888 _____ (wxWidgets development team) [File not signed] C:\Program Files (x86)\DisplayCAL\lib\wxmsw30u_adv_vc90.dll
2019-08-31 16:10 - 2019-06-01 21:25 - 004882432 _____ (wxWidgets development team) [File not signed] C:\Program Files (x86)\DisplayCAL\lib\wxmsw30u_core_vc90.dll
2019-08-31 16:10 - 2019-06-01 21:25 - 000601600 _____ (wxWidgets development team) [File not signed] C:\Program Files (x86)\DisplayCAL\lib\wxmsw30u_html_vc90.dll
2019-08-31 16:10 - 2019-06-01 21:25 - 000687104 _____ (wxWidgets development team) [File not signed] C:\Program Files (x86)\DisplayCAL\lib\wxmsw30u_xrc_vc90.dll
2020-04-19 13:17 - 2020-04-19 13:17 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\wxbase30u_net_vc90_x64.dll
2020-04-19 13:17 - 2020-04-19 13:17 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\wxbase30u_vc90_x64.dll
2020-04-19 13:17 - 2020-04-19 13:17 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\wxmsw30u_adv_vc90_x64.dll
2020-04-19 13:17 - 2020-04-19 13:17 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\wxmsw30u_core_vc90_x64.dll
2020-04-19 13:17 - 2020-04-19 13:17 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\wxmsw30u_html_vc90_x64.dll
2020-04-19 13:17 - 2020-04-19 13:17 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI118802\wxmsw30u_webview_vc90_x64.dll
2020-04-19 13:17 - 2020-04-19 13:17 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\wxbase30u_net_vc90_x64.dll
2020-04-19 13:17 - 2020-04-19 13:17 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\wxbase30u_vc90_x64.dll
2020-04-19 13:17 - 2020-04-19 13:17 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\wxmsw30u_adv_vc90_x64.dll
2020-04-19 13:17 - 2020-04-19 13:17 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\wxmsw30u_core_vc90_x64.dll
2020-04-19 13:17 - 2020-04-19 13:17 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\wxmsw30u_html_vc90_x64.dll
2020-04-19 13:17 - 2020-04-19 13:17 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI121922\wxmsw30u_webview_vc90_x64.dll
2020-04-19 13:16 - 2020-04-19 13:16 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\wxbase30u_net_vc90_x64.dll
2020-04-19 13:16 - 2020-04-19 13:16 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\wxbase30u_vc90_x64.dll
2020-04-19 13:16 - 2020-04-19 13:16 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\wxmsw30u_adv_vc90_x64.dll
2020-04-19 13:16 - 2020-04-19 13:16 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\wxmsw30u_core_vc90_x64.dll
2020-04-19 13:16 - 2020-04-19 13:16 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\wxmsw30u_html_vc90_x64.dll
2020-04-19 13:16 - 2020-04-19 13:16 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\MARCO\AppData\Local\Temp\_MEI97242\wxmsw30u_webview_vc90_x64.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:6DDED7D9 [280]
AlternateDataStreams: C:\Users\MARCO\Amazon Drive:com.amazon.drive.sync [88]
AlternateDataStreams: C:\Users\MARCO\Amazon Drive:com.amazon.drive.sync.root [42]
AlternateDataStreams: C:\Users\MARCO\AppData\Local\Temp:com.affinity.designer.2 [320]
AlternateDataStreams: C:\Users\MARCO\AppData\Local\Temp:com.affinity.photo.2 [366]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\localhost -> localhost
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2020-01-29 18:47 - 000000925 _____ C:\WINDOWS\system32\drivers\etc\hosts
83.103.59.70 mammacucina.it
www.mammacucina.it
83.103.59.70 comeunavolta.it
www.comeunavolta.it
83.103.59.70 wordpressfix.it
www.wordpressfix.it
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64\compiler;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Calibre2\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files (x86)\Skype\Phone\;C:\Users\MARCO\AppData\Local\Microsoft\WindowsApps;C:\adb;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\PuTTY\
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\MARCO\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\win ltblue 1920x1200.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\Services: cFosSpeedS => 2
MSCONFIG\Services: EaseUS Agent => 2
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: ICCS => 3
MSCONFIG\Services: McAfee WebAdvisor => 2
MSCONFIG\Services: MSIClock_CC => 3
MSCONFIG\Services: MSICOMM_CC => 3
MSCONFIG\Services: MSICPU_CC => 3
MSCONFIG\Services: MSICTL_CC => 2
MSCONFIG\Services: MSIDDR_CC => 2
MSCONFIG\Services: MSISMB_CC => 3
MSCONFIG\Services: MSISuperIO_CC => 3
MSCONFIG\Services: MSI_RAMDisk_Service => 2
MSCONFIG\Services: RAMDrivService => 2
MSCONFIG\Services: RichVideo64 => 2
MSCONFIG\Services: tbaseprovisioning => 2
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\Services: WsAppService => 2
MSCONFIG\Services: WsDrvInst => 2
MSCONFIG\Services: WTabletServicePro => 2
HKLM\...\StartupApproved\StartupFolder: => "ScreenManager Pro for LCD Ver3.3.3.lnk"
HKLM\...\StartupApproved\Run: => "VX3000"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "NahimicVRSvc64"
HKLM\...\StartupApproved\Run: => "NahimicVRSvc32"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "Live Update"
HKLM\...\StartupApproved\Run32: => "X_Boost"
HKLM\...\StartupApproved\Run32: => "Command Center"
HKLM\...\StartupApproved\Run32: => "Super Charger"
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\StartupApproved\StartupFolder: => "Invia a OneNote.lnk"
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\StartupApproved\Run: => "AceMoneyReminder"
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\StartupApproved\Run: => "AdobeBridge"
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\StartupApproved\Run: => "iCloudPhotos"
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\StartupApproved\Run: => "Skype for Desktop"
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\StartupApproved\Run: => "com.squirrel.WhatsApp.WhatsApp"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{C03958B7-874C-4CA3-993F-8DB651C5A533}C:\bitnami\wordpress-5.2.2-0\apache2\bin\httpd.exe] => (Allow) C:\bitnami\wordpress-5.2.2-0\apache2\bin\httpd.exe No File
FirewallRules: [TCP Query User{04CA0B51-9204-49E8-B303-5E761BC6F7D9}C:\bitnami\wordpress-5.2.2-0\apache2\bin\httpd.exe] => (Allow) C:\bitnami\wordpress-5.2.2-0\apache2\bin\httpd.exe No File
FirewallRules: [UDP Query User{3953C3F3-8C51-47DE-A87E-91708F33656E}C:\bitnami\wordpress-5.2.2-0\mysql\bin\mysqld.exe] => (Allow) C:\bitnami\wordpress-5.2.2-0\mysql\bin\mysqld.exe No File
FirewallRules: [TCP Query User{6954FCD0-DC02-415E-8900-1F139FFE129C}C:\bitnami\wordpress-5.2.2-0\mysql\bin\mysqld.exe] => (Allow) C:\bitnami\wordpress-5.2.2-0\mysql\bin\mysqld.exe No File
FirewallRules: [{972E1010-21DB-4298-92A6-A98028D3C0F2}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9D18D74D-C2A5-4FE6-B09D-630D4C550817}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C1B99A39-F5CB-41F1-B422-1F6CFF50C367}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F5A496EB-6B78-4AEC-862A-13889DA8E319}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E8154D50-8169-4B59-86FD-621541E92FD8}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe No File
FirewallRules: [{FEEB344A-AE96-4925-B7AE-A318D4D1B843}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe No File
FirewallRules: [{E626089B-D62E-4584-9D56-BFE1092E398F}] => (Allow) C:\Windows\SysWOW64\muzapp.exe (Musiccity Co.Ltd.) [File not signed]
FirewallRules: [{007FFAA1-927F-4423-83D2-BE6B7CFA51DC}] => (Allow) C:\Windows\SysWOW64\muzapp.exe (Musiccity Co.Ltd.) [File not signed]
FirewallRules: [TCP Query User{FE9B9AAC-1C6D-4480-90F4-DE8D5EFB5DCE}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe No File
FirewallRules: [{FF807332-3F5B-49CF-A3D6-9CEC3C667FA1}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManagerCoreServices.exe No File
FirewallRules: [{A618FC33-B00C-4BAA-9860-FE3B981D34B6}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManagerCoreServices.exe No File
FirewallRules: [{2D9F1D91-ECBB-4FB9-BFE2-2BC5B0AFA8C8}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManager.exe No File
FirewallRules: [{75800B39-434D-4DC6-BA0B-3ED5E1C36305}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManager.exe No File
FirewallRules: [{F0F18BF5-E904-4429-9883-ACD162F2C275}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\rtmpsrv.exe No File
FirewallRules: [{E5EECABC-DF11-4A9B-AA79-3FBA91AA2E44}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\rtmpsrv.exe No File
FirewallRules: [{53BD16A8-4D62-4F22-8905-A2F17D2E3CC1}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe No File
FirewallRules: [{44019131-5540-4B75-9587-674B25FA8019}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe No File
FirewallRules: [TCP Query User{F4D3DC62-A42A-41A2-8290-A4001B8DEB08}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [UDP Query User{CFF1661A-0E55-4D54-B43C-E2989C1DDE8D}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{264B0FE5-1294-44E6-A582-5EA2355254A6}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
FirewallRules: [{9936B3B5-C0DA-42ED-9179-4BFE54F65D4C}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
FirewallRules: [{6C5D71A8-1A61-41D2-B301-6E1F09E55902}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
FirewallRules: [{02B5CD24-67D3-4DF7-90F0-E9B6F12602B1}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
FirewallRules: [{EFEEBDB4-63B7-40B5-B65B-792DA410170A}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed]
FirewallRules: [{21531347-98A1-44AB-8F9F-0C6997A13F4E}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed]
FirewallRules: [{E2462E14-A0F7-4697-A9CD-5BEC34FF2220}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe No File
FirewallRules: [{5B9DEE0D-3E23-4634-AE73-167429B563D4}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe No File
FirewallRules: [{A865A004-0D04-4EAE-997B-15C01426B104}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe No File
FirewallRules: [{08275B6F-4CAD-4B9B-904A-712D96FEF081}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe No File
FirewallRules: [{4921D2F3-DB4F-4160-912D-AFC0383F77C9}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe No File
FirewallRules: [{2D84E32D-8E79-4FF0-8EBE-6F29D06D0CAD}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe No File
FirewallRules: [{34277CAD-9B1B-42E1-BB01-3F8EC9055578}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe No File
FirewallRules: [{DFCC4AD0-75F2-450A-8038-9C066F33F882}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\OxygenPanelDaemon.exe No File
FirewallRules: [{91795F08-39ED-4303-AB4B-E1D6BEAB6FAB}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DPDecoder.exe No File
FirewallRules: [{7B75AEBD-D2CF-4B4E-B26A-B45B248EF909}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe No File
FirewallRules: [TCP Query User{E965226C-B794-4CFC-9EA3-920864A73BC3}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe No File
FirewallRules: [UDP Query User{E87FEF4C-E305-4B1D-869A-E3574B06FF8C}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe No File
FirewallRules: [TCP Query User{6F6A641F-C412-4069-B166-F330322C883A}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe No File
FirewallRules: [UDP Query User{D706F419-8194-4C30-916D-1137C8C2ED34}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe No File
FirewallRules: [TCP Query User{283C508A-CD5F-4355-AA04-598D95FC5521}D:\downloads\argyll_v1.9.2_win64_exe (1)\argyll_v1.9.2\bin\dispwin.exe] => (Allow) D:\downloads\argyll_v1.9.2_win64_exe (1)\argyll_v1.9.2\bin\dispwin.exe () [File not signed]
FirewallRules: [UDP Query User{A392BE8E-8983-42E8-AC10-1D85A24670A1}D:\downloads\argyll_v1.9.2_win64_exe (1)\argyll_v1.9.2\bin\dispwin.exe] => (Allow) D:\downloads\argyll_v1.9.2_win64_exe (1)\argyll_v1.9.2\bin\dispwin.exe () [File not signed]
FirewallRules: [TCP Query User{32F8D665-FDA0-4A69-A82B-DD52EBED56E3}D:\downloads\argyll_v2.0.0\bin\dispcal.exe] => (Allow) D:\downloads\argyll_v2.0.0\bin\dispcal.exe () [File not signed]
FirewallRules: [UDP Query User{D914CCB3-1764-4AE8-A8BB-9929F2D09EB9}D:\downloads\argyll_v2.0.0\bin\dispcal.exe] => (Allow) D:\downloads\argyll_v2.0.0\bin\dispcal.exe () [File not signed]
FirewallRules: [TCP Query User{2B71089D-280D-49F9-93DA-DCB6D2171652}D:\downloads\argyll_v2.0.0\bin\dispwin.exe] => (Allow) D:\downloads\argyll_v2.0.0\bin\dispwin.exe () [File not signed]
FirewallRules: [UDP Query User{9240E0FB-7C16-42D4-BB09-F0FE4CAB1AD2}D:\downloads\argyll_v2.0.0\bin\dispwin.exe] => (Allow) D:\downloads\argyll_v2.0.0\bin\dispwin.exe () [File not signed]
FirewallRules: [{B2D78AD4-AAEC-4B6A-BC5C-FC929F067A48}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{20E9EEE9-1974-4478-8ACE-1B2E1EC825B6}C:\users\marco\appdata\local\vysor\app-1.8.3\vysor.exe] => (Block) C:\users\marco\appdata\local\vysor\app-1.8.3\vysor.exe No File
FirewallRules: [UDP Query User{12A5A4CE-96C5-4630-944A-9F0437508122}C:\users\marco\appdata\local\vysor\app-1.8.3\vysor.exe] => (Block) C:\users\marco\appdata\local\vysor\app-1.8.3\vysor.exe No File
FirewallRules: [TCP Query User{B38736B5-0BBD-4811-8636-46D6A9F22E5C}C:\users\marco\appdata\roaming\displaycal\dl\argyll_v2.1.1\bin\dispcal.exe] => (Allow) C:\users\marco\appdata\roaming\displaycal\dl\argyll_v2.1.1\bin\dispcal.exe () [File not signed]
FirewallRules: [UDP Query User{78298E55-EFFE-4CD2-927D-D3B0C8058B76}C:\users\marco\appdata\roaming\displaycal\dl\argyll_v2.1.1\bin\dispcal.exe] => (Allow) C:\users\marco\appdata\roaming\displaycal\dl\argyll_v2.1.1\bin\dispcal.exe () [File not signed]
FirewallRules: [TCP Query User{1F20F5BA-6DAC-4945-BD70-46991836642D}C:\users\marco\appdata\roaming\displaycal\dl\argyll_v2.1.1\bin\dispwin.exe] => (Allow) C:\users\marco\appdata\roaming\displaycal\dl\argyll_v2.1.1\bin\dispwin.exe () [File not signed]
FirewallRules: [UDP Query User{72A07AEB-AB22-434E-8F0A-F2AACE07444D}C:\users\marco\appdata\roaming\displaycal\dl\argyll_v2.1.1\bin\dispwin.exe] => (Allow) C:\users\marco\appdata\roaming\displaycal\dl\argyll_v2.1.1\bin\dispwin.exe () [File not signed]
FirewallRules: [{587EBAA7-3174-4274-A0C2-D4025119F113}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe No File
FirewallRules: [{AAA9196F-9E4E-4822-8D59-8456755D5E0F}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe No File
FirewallRules: [{FC0E23C3-DC2C-4E90-A927-BB4F147E898A}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe No File
FirewallRules: [{BD7FB9AE-3D18-48EA-B956-16F90447A12E}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe No File
FirewallRules: [{241B43D4-9AFD-44D5-8DF4-38C04690E4E2}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe No File
FirewallRules: [{81392681-C86E-4FD4-8195-5EFDC3792825}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe No File
FirewallRules: [TCP Query User{FFD84F39-CADE-4D5C-9B10-B3F563A13DA7}C:\users\marco\desktop\anydesk.exe] => (Allow) C:\users\marco\desktop\anydesk.exe (philandro Software GmbH -> )
FirewallRules: [UDP Query User{585FD831-6740-4D24-8ED6-2BAB3A8E53DF}C:\users\marco\desktop\anydesk.exe] => (Allow) C:\users\marco\desktop\anydesk.exe (philandro Software GmbH -> )
FirewallRules: [TCP Query User{F7E6F21A-0E24-4F67-B1A8-CA4034105276}C:\program files (x86)\ezviz studio\ezvizstudio.exe] => (Allow) C:\program files (x86)\ezviz studio\ezvizstudio.exe (EZVIZ Inc. -> EZVIZ Inc.)
FirewallRules: [UDP Query User{976E530D-B52E-4411-BEB8-A313FC302335}C:\program files (x86)\ezviz studio\ezvizstudio.exe] => (Allow) C:\program files (x86)\ezviz studio\ezvizstudio.exe (EZVIZ Inc. -> EZVIZ Inc.)
FirewallRules: [{B7DA1882-332C-44B5-8C61-1C4C6D09B4FC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{479AC355-0CDA-45AD-88DA-EC7055371F94}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{C2BB7098-1EBA-469C-9A40-A825EF85A371}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{9F4A151D-6B70-47F7-AEB9-6F5A06A7F477}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{C6988782-B7FC-4F58-AC4B-9D80FEB4BF94}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1C8E7729-7064-42B4-A115-FB352896BD6D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C872387C-87CB-4121-9D57-18CF35D44920}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1B3C7FC1-49E1-4A40-9492-CA41E1CEE2DF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1EEC9176-2FC0-4378-AB5A-35633A24FF5E}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{73B2FD4D-6410-4D3F-9E1B-AE1D96663C2E}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F2AAD59A-0BFA-4498-A9B7-0FA181247AD3}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0EBD4E54-453C-4093-A987-56A961CC98D4}] => (Allow) C:\Program Files\ATOMI\ActivePresenter\ActivePresenter.exe (ATOMI SYSTEMS, INC. -> Atomi Systems, Inc.)
FirewallRules: [{31E76FD8-B68E-4982-A6F0-8D6202A6E798}] => (Allow) C:\Program Files\ATOMI\ActivePresenter\rlactivator.exe (ATOMI SYSTEMS, INC. -> Atomi Systems, Inc.)
FirewallRules: [{A6340713-B7E1-4FB3-975B-3AB9308AA12D}] => (Allow) C:\Program Files\ON1\ON1 Photo RAW 2020\on1capture.exe No File
FirewallRules: [{EAE248D6-7334-4BBB-ACCE-C374DFCE6A28}] => (Allow) C:\Program Files\ON1\ON1 Photo RAW 2020\on1capture.exe No File
FirewallRules: [{43A65198-4C38-48EB-87FE-0D6B174EEF74}] => (Allow) C:\Program Files\ON1\ON1 Photo RAW 2020\on1sandbox.exe No File
FirewallRules: [{FB2184B0-DCA2-42D5-8129-360F55A5C024}] => (Allow) C:\Program Files\ON1\ON1 Photo RAW 2020\on1sandbox.exe No File
FirewallRules: [{629CF5F0-3599-47AF-826F-A6C2B70766BF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{D4E5D287-AA90-4736-AE91-26F7BBD365E7}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP - Installer for ACDSee Commander Ultimate 2019] => (Allow) C:\Program Files\ACD Systems\ACDSee Ultimate\12.0\ACDSeeCommanderUltimate12.exe (ACD Systems International Inc. -> )
FirewallRules: [UDP - Installer for ACDSee Commander Ultimate 2019] => (Allow) C:\Program Files\ACD Systems\ACDSee Ultimate\12.0\ACDSeeCommanderUltimate12.exe (ACD Systems International Inc. -> )
FirewallRules: [{BB05C3C8-52A7-43EE-8710-7EC4EFE48CF1}] => (Allow) C:\Program Files\ON1\ON1 Photo RAW 2020\ON1 Photo RAW 2020.exe No File
FirewallRules: [{B701C518-F668-49BE-97BB-659817964764}] => (Allow) C:\Program Files\ON1\ON1 Photo RAW 2020\ON1 Photo RAW 2020.exe No File
FirewallRules: [{D6294E22-CC9A-41C5-8E4A-73195D5DB1FC}] => (Allow) C:\Program Files\ON1\ON1 Photo RAW 2020\on1capture.exe No File
FirewallRules: [{6DF960EA-C40F-4D7D-805F-C03D53095CD5}] => (Allow) C:\Program Files\ON1\ON1 Photo RAW 2020\on1capture.exe No File
FirewallRules: [{6DAC54B4-1E82-442D-A0B1-8991BF2F6126}] => (Allow) C:\Program Files\ON1\ON1 Photo RAW 2020\on1sandbox.exe No File
FirewallRules: [{7C05B16A-216C-4016-8ABF-DBE01A14932F}] => (Allow) C:\Program Files\ON1\ON1 Photo RAW 2020\on1sandbox.exe No File
FirewallRules: [{E10BA5A5-2929-421A-BD1E-6C36EA782D92}] => (Allow) C:\Program Files\Easeware\DriverEasy\DriverEasy.exe (Easeware Technology Limited -> Easeware)
FirewallRules: [TCP - Installer for ACDSee Commander Ultimate 2020] => (Allow) C:\Program Files\ACD Systems\ACDSee Ultimate\13.0\ACDSeeCommanderUltimate13.exe (ACD Systems International Inc. -> )
FirewallRules: [UDP - Installer for ACDSee Commander Ultimate 2020] => (Allow) C:\Program Files\ACD Systems\ACDSee Ultimate\13.0\ACDSeeCommanderUltimate13.exe (ACD Systems International Inc. -> )
FirewallRules: [{26211AB9-B05C-4C58-A1F4-E0E76E82ED6C}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\83.0.4103.2\remoting_host.exe (Google LLC -> Google Inc.)
==================== Restore Points =========================
18-04-2020 23:38:11 Operazione di ripristino
19-04-2020 12:14:20 Driver Booster : Apple Mobile Device USB Driver
19-04-2020 12:48:33 AdwCleaner_BeforeCleaning_19/04/2020_12:48:24
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (04/19/2020 01:53:10 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Il Centro sicurezza PC non è riuscito a convalidare il chiamante con errore %1.
Error: (04/19/2020 01:51:34 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9968,R,98) TILEREPOSITORYS-1-5-18: Si è verificato l'errore -1023 (0xfffffc01) durante l'apertura del file di log C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (04/19/2020 01:31:36 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10952,R,98) TILEREPOSITORYS-1-5-18: Si è verificato l'errore -1023 (0xfffffc01) durante l'apertura del file di log C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (04/19/2020 01:22:03 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5312,R,98) TILEREPOSITORYS-1-5-18: Si è verificato l'errore -1023 (0xfffffc01) durante l'apertura del file di log C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (04/19/2020 01:17:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome dell'applicazione che ha generato l'errore: Radeonsoftware.exe, versione: 10.1.2.1788, timestamp: 0x5e59a285
Nome del modulo che ha generato l'errore: Radeonsoftware.exe, versione: 10.1.2.1788, timestamp: 0x5e59a285
Codice eccezione: 0xc0000005
Offset errore 0x00000000004082d7
ID processo che ha generato l'errore: 0x27f8
Ora di avvio dell'applicazione che ha generato l'errore: 0x01d6163c0873a2c1
Percorso dell'applicazione che ha generato l'errore: C:\Program Files\AMD\CNext\CNext\Radeonsoftware.exe
Percorso del modulo che ha generato l'errore: C:\Program Files\AMD\CNext\CNext\Radeonsoftware.exe
ID segnalazione: aba97c88-c3e2-4df2-96d8-e55f27c65cd8
Nome completo pacchetto che ha generato l'errore:
ID applicazione relativo al pacchetto che ha generato l'errore:
Error: (04/19/2020 01:13:17 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informazioni del servizio Copia Shadow del volume: impossibile avviare il server COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} denominato CEventSystem. [0x8007045b, È in corso l'arresto del sistema.
]
Error: (04/19/2020 01:13:17 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Errore del servizio Copia Shadow del volume: errore inatteso durante il richiamo della routine CoCreateInstance. hr = 0x8007045b, È in corso l'arresto del sistema.
.
Error: (04/19/2020 01:13:17 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informazioni del servizio Copia Shadow del volume: impossibile avviare il server COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} denominato CEventSystem. [0x8007045b, È in corso l'arresto del sistema.
]
System errors:
=============
Error: (04/19/2020 01:46:33 PM) (Source: DCOM) (EventID: 10001) (User: MARCO_GABRIELLA)
Description: Impossibile avviare un server DCOM Microsoft.Wallet_2.4.18324.0_x64__8wekyb3d8bbwe!App.AppXgvxkrr1tm1jwgecmqbxe81yfbwpjdn1h.mca come Non disponibile/Non disponibile. L'errore
"%%2147958106 = Il pacchetto non è attualmente disponibile."
si è verificato durante l'esecuzione del comando
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXggkaqzf6p31g37n0m8phzeswb0rt9m7e.mca
Error: (04/19/2020 12:49:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Il servizio Servizio A portata di clic di Microsoft Office è stato arrestato in modo imprevisto. Questo problema si è verificato 1 volta/e. Le seguenti azioni di correzione saranno eseguite tra 0 millisecondi: Riavvia il servizio.
Error: (04/19/2020 12:49:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Il servizio Apple Mobile Device Service è stato arrestato in modo imprevisto. Questo problema si è verificato 1 volta/e. Le seguenti azioni di correzione saranno eseguite tra 60000 millisecondi: Riavvia il servizio.
Error: (04/19/2020 12:49:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Arresto imprevista del servizio MSI_ActiveX_Service. Questo evento si è già verificato 1 volta(e).
Error: (04/19/2020 12:49:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Arresto imprevista del servizio MSI Live Update Service. Questo evento si è già verificato 1 volta(e).
Error: (04/19/2020 12:49:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Arresto imprevista del servizio Adobe Genuine Monitor Service. Questo evento si è già verificato 1 volta(e).
Error: (04/19/2020 12:49:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Arresto imprevista del servizio WD Drive Manager. Questo evento si è già verificato 1 volta(e).
Error: (04/19/2020 12:49:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Arresto imprevista del servizio Samsung RAPID Mode Service. Questo evento si è già verificato 1 volta(e).
Windows Defender:
===================================
Date: 2020-04-07 12:22:30.138
Description:
Windows Defender Antivirus: analisi interrotta prima del completamento.
ID analisi: {273E3667-4329-40A7-AC06-A987441D9EE3}
Tipo analisi: Antimalware
Parametri analisi: Analisi veloce
Utente: NT AUTHORITY\SYSTEM
Date: 2020-04-07 11:51:26.232
Description:
Windows Defender Antivirus: analisi interrotta prima del completamento.
ID analisi: {C274A005-1E0A-49D4-9093-5556023169B6}
Tipo analisi: Antimalware
Parametri analisi: Analisi veloce
Utente: NT AUTHORITY\SYSTEM
Date: 2020-04-07 09:55:36.298
Description:
Windows Defender Antivirus: analisi interrotta prima del completamento.
ID analisi: {FA7FC741-CB40-41AE-AE05-B7D43E474516}
Tipo analisi: Antimalware
Parametri analisi: Analisi veloce
Utente: NT AUTHORITY\SYSTEM
Date: 2020-04-06 23:21:17.926
Description:
Windows Defender Antivirus: analisi interrotta prima del completamento.
ID analisi: {3F1E8EA4-79A3-4D40-9AAC-378F58701B4A}
Tipo analisi: Antimalware
Parametri analisi: Analisi veloce
Utente: NT AUTHORITY\SYSTEM
Date: 2020-04-04 19:29:14.001
Description:
Windows Defender Antivirus: analisi interrotta prima del completamento.
ID analisi: {AAAD8449-328D-400C-9294-31A92F66BCAF}
Tipo analisi: Antimalware
Parametri analisi: Analisi veloce
Utente: NT AUTHORITY\SYSTEM
Date: 2020-04-19 01:56:19.618
Description:
Windows Defender Antivirus: errore durante il tentativo di caricare l'intelligence sulla sicurezza. Verrà tentato di ripristinare una versione valida.
%Intelligence sulla sicurezza tentata: Corrente
Codice errore: 0x80070003
Descrizione errore: Impossibile trovare il percorso specificato.
Versione intelligence sulla sicurezza: 0.0.0.0;0.0.0.0
Versione motore: 0.0.0.0
Date: 2020-04-18 12:30:14.503
Description:
Windows Defender Antivirus: errore durante il tentativo di caricare l'intelligence sulla sicurezza. Verrà tentato di ripristinare una versione valida.
%Intelligence sulla sicurezza tentata: Corrente
Codice errore: 0x80070003
Descrizione errore: Impossibile trovare il percorso specificato.
Versione intelligence sulla sicurezza: 0.0.0.0;0.0.0.0
Versione motore: 0.0.0.0
Date: 2020-04-16 22:35:54.281
Description:
Windows Defender Antivirus: il motore è stato terminato a causa di un errore imprevisto.
Tipo errore: Arresto anomalo
Codice eccezione: 0xc0000005
Risorsa: file:C:\Users\Administrator\Desktop\prova libro graphistudio\Contratto-tipo di servizio foto-video CCIAA Campobasso-Ise..pdf
CodeIntegrity:
===================================
Date: 2020-04-19 13:53:20.588
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-04-19 13:53:20.587
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-04-19 13:53:20.237
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-04-19 13:53:20.236
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2020-04-19 13:18:34.503
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2020-04-19 13:18:34.503
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2020-04-19 13:16:40.454
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2020-04-19 13:16:40.453
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 1.M0 01/23/2019
Motherboard: Micro-Star International Co., Ltd. B350 TOMAHAWK (MS-7A34)
Processor: AMD Ryzen 5 1600X Six-Core Processor
Percentage of memory in use: 43%
Total physical RAM: 16335.02 MB
Available physical RAM: 9265.97 MB
Total Virtual: 22209.02 MB
Available Virtual: 12237.36 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:475.89 GB) (Free:166.28 GB) NTFS
Drive d: (DATI) (Fixed) (Total:1862.89 GB) (Free:1025.99 GB) NTFS
Drive e: (ESD-ISO) (CDROM) (Total:3.08 GB) (Free:0 GB) UDF
Drive h: (Elements) (Fixed) (Total:3725.99 GB) (Free:950.79 GB) NTFS
Drive l: (FOTO) (Removable) (Total:28.65 GB) (Free:28.59 GB) NTFS
Drive n: () (Fixed) (Total:119.24 GB) (Free:82.66 GB) NTFS
\\?\Volume{2ec8b1ec-9dcc-11e6-83b5-902b34557b33}\ (Ripristino) (Fixed) (Total:0.29 GB) (Free:0.28 GB) NTFS
\\?\Volume{658b0dba-d338-4bf1-8e16-29accfc4a607}\ () (Fixed) (Total:0.54 GB) (Free:0.08 GB) NTFS
\\?\Volume{88f80dd2-4114-4c64-be29-2ee9e8e6faa8}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: C212A9CC)
Partition: GPT.
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 0FCFAF9E)
Partition: GPT.
==========================================================
Disk: 2 (Size: 119.2 GB) (Disk ID: C212A9CC)
Partition: GPT.
==========================================================
Disk: 3 (Size: 3726 GB) (Disk ID: 16F2A91F)
Partition: GPT.
==========================================================
Disk: 4 (MBR Code: Windows 7/8/10) (Size: 28.7 GB) (Disk ID: B1CC2181)
Partition 1: (Active) - (Size=28.7 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-04-2020
Ran by MARCO (administrator) on MARCO_GABRIELLA (Micro-Star International Co., Ltd. MS-7A34) (19-04-2020 13:55:29)
Running from C:\Users\MARCO\Desktop
Loaded Profiles: MARCO (Available Profiles: MARCO & Simone & gabriella & Administrator)
Platform: Windows 10 Home Version 1909 18363.778 (X64) Language: Italiano (Italia)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ACD Systems International Inc. -> ) C:\Program Files\ACD Systems\ACDSee Ultimate\12.0\ACDSeeCommanderUltimate12.exe
(ACD Systems International Inc. -> ) C:\Program Files\ACD Systems\ACDSee Ultimate\13.0\ACDSeeCommanderUltimate13.exe
(ACD Systems International Inc. -> ACD Systems) C:\Program Files\ACD Systems\ACDSee Ultimate\13.0\acdIDInTouch2.exe
(Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <3>
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0352369.inf_amd64_275818c45a90b362\B352355\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0352369.inf_amd64_275818c45a90b362\B352355\atiesrxx.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(EZVIZ Inc. -> ) C:\Program Files (x86)\hicloud\update_server\SPUpDateServer.exe
(EZVIZ Inc. -> ) C:\Program Files (x86)\hicloud\update_server\startUp.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <6>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\MKCHelper.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1910.0.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.8-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.8-0\NisSrv.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\EyeRest.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\NahimicMonitor.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\TriggerModeMonitor.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\VideoCardMonitorII.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
(Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(Node.js Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(Open Source Developer, Florian Höch -> ) C:\Program Files (x86)\DisplayCAL\DisplayCAL-apply-profiles.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
(Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Windows\System32\RAPID\SamsungRapidSvc.exe
(Samsung Electronics Co., Ltd. -> Samsung Electronics.) C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\epson\MyEpson Portal\mep.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\epson\MyEpson Portal\mepService.exe
(SEIKO EPSON Corporation -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATINJE.EXE
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [VX3000] => C:\Windows\vVX3000.exe [762736 2010-05-20] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [NahimicVRSvc32] => C:\Program Files\Nahimic\Nahimic VR\Foundation\NahimicVRSvc32.exe [990392 2017-08-07] (A-Volute -> A-Volute)
HKLM\...\Run: [NahimicVRSvc64] => C:\Program Files\Nahimic\Nahimic VR\Foundation\x64\NahimicVRSvc64.exe [1142456 2017-08-07] (A-Volute -> A-Volute)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [SamsungRapidApp] => C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [281696 2015-09-04] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9277520 2020-04-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2020-01-16] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [ACUW12IT] => C:\Program Files\ACD Systems\ACDSee Ultimate\12.0\acdIDInTouch2.exe [2145752 2018-08-16] (ACD Systems International Inc. -> ACD Systems)
HKLM\...\Run: [ACUW13EN] => C:\Program Files\ACD Systems\ACDSee Ultimate\13.0\acdIDInTouch2.exe [2128856 2019-11-28] (ACD Systems International Inc. -> ACD Systems)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1852264 2014-05-23] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [X_Boost] => C:\Program Files (x86)\MSI\MSI X Boost\X_Boost.exe [4225696 2017-12-04] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1028280 2017-11-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2042424 2020-03-16] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [SPUpDateServerrun] => C:\Program Files (x86)\hicloud\update_server\startUp.exe [14832 2015-09-10] (EZVIZ Inc. -> )
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [26310832 2020-02-06] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\Run: [98CA5D2E7C86B53A6751090CFC1EC8C74B51B24E._service_run] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service /prefetch:8
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATINJE.EXE [298560 2013-12-16] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-01-22] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [48214752 2020-04-06] (Google LLC -> )
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91584872 2020-03-12] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\Run: [com.squirrel.WhatsApp.WhatsApp] => C:\Users\MARCO\AppData\Local\WhatsApp\Update.exe [2253232 2019-08-08] (WhatsApp, Inc -> )
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [648328 2020-04-13] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\Run: [Google Update] => C:\Users\MARCO\AppData\Local\Google\Update\1.3.35.452\GoogleUpdateCore.exe [217544 2020-03-20] (Google LLC -> Google LLC)
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\Run: [ACDSeeCommanderUltimate12] => C:\Program Files\ACD Systems\ACDSee Ultimate\12.0\ACDSeeCommanderUltimate12.exe [4984848 2019-05-21] (ACD Systems International Inc. -> )
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\...\Run: [ACDSeeCommanderUltimate13] => C:\Program Files\ACD Systems\ACDSee Ultimate\13.0\ACDSeeCommanderUltimate13.exe [4989088 2020-04-10] (ACD Systems International Inc. -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.163\Installer\chrmstp.exe [2020-04-07] (Google LLC -> Google LLC)
Startup: C:\Users\MARCO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Invia a OneNote.lnk [2019-02-10]
ShortcutTarget: Invia a OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicyUsers\S-1-5-21-1801797792-2963998745-2400400606-1007\User: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {053190CE-6267-445E-A6F8-02329BB023DF} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {06C000EB-4C1D-4706-838C-ED44E1A6F8E7} - System32\Tasks\Nahimic2Svc32Run => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2Svc32.exe
Task: {0C8851C4-D40B-4937-B11C-B78BBDF92CBB} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2558224 2018-07-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {15C4DF43-2029-48EF-91E2-F173DC86CFAA} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {2958BE76-27C3-4E88-ACD7-F4F02ECA4577} - System32\Tasks\Avast Software\Overseer => C:\Program Files\AVAST Software\Avast\setup\overseer.exe
Task: {31A22761-988E-46FC-A32F-99D20E498D19} - System32\Tasks\NahimicVRSvc32Run => C:\Program Files\Nahimic\Nahimic VR\Foundation\NahimicVRSvc32.exe [990392 2017-08-07] (A-Volute -> A-Volute)
Task: {343D7F39-191C-46F6-ACE2-7C7CBB637302} - System32\Tasks\
AdobeAAMUpdater-1.0-MicrosoftAccount-info@moscamarco.it => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {46B9485E-49B6-4473-8D04-8F1B8D6D9504} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1628160 2020-02-29] (Advanced Micro Devices, Inc.) [File not signed]
Task: {47509DEA-E685-4478-B413-0C0850F09628} - System32\Tasks\AdobeAAMUpdater-1.0-Marco_Gabriella-Administrator => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {4ADE4881-E38A-4173-8806-FFD575A459AE} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [3660232 2020-02-17] (Easeware Technology Limited -> Easeware)
Task: {551AB9D9-1501-4EED-BC8E-BA4C278098B8} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {5946D6C4-29A5-4BA9-90C5-18470939BA4E} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [1628160 2020-02-29] (Advanced Micro Devices, Inc.) [File not signed]
Task: {5A3FB241-0B11-4EA5-BC66-0D9F1B406040} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM => {C8367320-6F85-11E0-A1F0-0800200C9A66} C:\WINDOWS\System32\BthTelemetry.dll [32256 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Task: {5D92FAFE-E339-4254-BC80-0E951C554C7D} - System32\Tasks\DisplayCAL Profile Loader Launcher => C:\Program Files (x86)\DisplayCAL\DisplayCAL-apply-profiles-launcher.exe [178064 2019-08-14] (Open Source Developer, Florian Höch -> )
Task: {5E726731-83B7-44A4-8740-29B55137D513} - System32\Tasks\NahimicVRSvc64Run => C:\Program Files\Nahimic\Nahimic VR\Foundation\x64\NahimicVRSvc64.exe [1142456 2017-08-07] (A-Volute -> A-Volute)
Task: {6184003C-0D04-4842-A392-CCE306E09FBD} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1628160 2020-02-29] (Advanced Micro Devices, Inc.) [File not signed]
Task: {6232243B-9F7B-4016-838A-9ECBACCFA9B0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1801797792-2963998745-2400400606-1001UA => C:\Users\MARCO\AppData\Local\Google\Update\GoogleUpdate.exe [156104 2020-03-12] (Google LLC -> Google LLC)
Task: {6456813A-1783-4C60-863B-3DA82D387A34} - \Microsoft\Windows\Setup\EOONotify -> No File <==== ATTENTION
Task: {68A819B1-CFCA-40C0-9B7D-9A3047C1A148} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24702832 2020-04-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {6DCE6212-F83A-4EB4-92D7-E461CE5A758D} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [1992936 2018-07-19] (Microsoft Corporation -> Microsoft)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {6FB47B7E-6583-4A99-9086-BE871D597D7E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4357016 2020-04-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {7178D70A-077C-4EEA-AA4F-A1EFDC2391B1} - System32\Tasks\AdobeAAMUpdater-1.0-Marco_Gabriella-gabriella => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {7BD96C03-CB34-421E-8DD9-6B66EAC27ABF} - System32\Tasks\Core Temp Autostart MARCO => C:\Program Files\Core Temp\Core Temp.exe
Task: {8038CA05-48FD-4657-A8CB-033362F5102F} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\7.4.0\AutoUpdate.exe [2369808 2020-03-06] (IObit Information Technology -> IObit)
Task: {8442CD01-3877-4FE8-904C-D8BE4F05A36D} - System32\Tasks\avastBCLRestartS-1-5-21-1801797792-2963998745-2400400606-1001 => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {9285967F-2948-4BF8-A451-46295DAA5D71} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {95CEBFE5-2161-4258-A855-73E45001E973} - System32\Tasks\Nahimic2UILauncherRun => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe
Task: {97B6D27C-E480-4BB0-837A-A984950C5A98} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115448 2020-04-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {9BB3B6E6-A32A-47B2-B0D1-9644CF0E1914} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [67688 2020-02-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {9CB01280-8246-4DCF-8F18-9A0EB00EC08F} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1919760 2018-07-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {9D5800A6-471B-40DB-BF81-BA330A624E27} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {9D977EF9-385A-4748-8733-A5F1FA9C3901} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2558224 2018-07-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {9E5CC968-C634-44FD-8FA2-7125CC10703B} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [60008 2020-02-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {9FC899F8-3F9E-48B0-A817-6C57591B1D66} - System32\Tasks\{79A8B2BC-9D7D-4BDB-863F-0DBC60B7C457} => C:\WINDOWS\system32\pcalua.exe -a L:\GDFWIN.EXE -d L:\
Task: {A487705F-F7CA-4EFC-939D-2D85FE67DF10} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {A87FB819-3E8E-4816-A21A-1EAA66FE73E2} - System32\Tasks\Driver Booster SkipUAC (MARCO) => C:\Program Files (x86)\IObit\Driver Booster\7.4.0\DriverBooster.exe [7929616 2020-04-03] (IObit Information Technology -> IObit)
Task: {AADAB735-B6DF-489F-880F-E4B88C486BC0} - System32\Tasks\AMD ThankingURL => C:\Program Files\AMD\CIM\Bin64\Setup.exe [1122920 2020-02-29] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {B8C52CCD-8B21-42FA-A382-D08A3539A23E} - System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ceip.exe [39664 2018-07-19] (Microsoft Corporation -> Microsoft)
Task: {B90A1EF4-BBE9-4692-91CB-4C3BEC621F9F} - System32\Tasks\EPSON XP-760 Series Update {6BC1F3E9-D233-4901-BC30-C8BA0B16F2BE} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNJE.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {BD530552-0741-4C3E-AC77-84D059417837} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24702832 2020-04-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {BE51E56B-A69A-464C-B30E-F56BC6C9C40A} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {C0EBD2D6-387D-443D-98C8-04EDC3380A92} - System32\Tasks\{58632460-3527-457D-A7E1-537C5C4170C0} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxps://ui.skype.com/ui/0/7.32.0.104/it/abandoninstall?page=tsProgressBar
Task: {CB23FD0F-A499-4A5C-8DF5-DD3DD58AB51B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1801797792-2963998745-2400400606-1001Core => C:\Users\MARCO\AppData\Local\Google\Update\GoogleUpdate.exe [156104 2020-03-12] (Google LLC -> Google LLC)
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {D1C2C80E-0B37-47DE-BF90-98B1C694BAF3} - System32\Tasks\Nahimic2Svc64Run => C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2Svc64.exe
Task: {D6157F54-87BC-4D54-9680-8E4E2923B64E} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {D79E9213-A389-4753-B3F6-EA25C17BA650} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {DCBFD8B1-697B-497B-ADD9-5069C3163D17} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115448 2020-04-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {DE7334D1-77BF-4270-9C73-206FBB707D2E} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [6206048 2016-05-13] (Samsung Electronics Co., Ltd. -> Samsung Electronics.)
Task: {E03F2807-D169-4A7C-999A-1EE1D454B411} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {E3DBEE7C-9013-49BB-AD0D-ACAE720C792C} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1919760 2018-07-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {E63297D9-B5F0-44FA-891F-AB16F184EAA1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {F4865F8F-9F90-4CDE-AC52-F2CCD977E985} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {F4B4B9DA-B311-4B39-87F4-C00B0CD29EF3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4357016 2020-04-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {FA5F4543-EF10-4868-84E5-4C4A497965BC} - System32\Tasks\UMonitor Task => C:\WINDOWS\SysWOW64\UMonit.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\WINDOWS\Tasks\EPSON XP-760 Series Update {6BC1F3E9-D233-4901-BC30-C8BA0B16F2BE}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNJE.EXE:/EXE:{6BC1F3E9-D233-4901-BC30-C8BA0B16F2BE} /F:UpdateWORKGROUP\MARCO_GABRIELLA$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{61402573-0713-4884-8ac4-83be55914fcb}: [NameServer] 209.244.0.4,4.2.2.3,192.168.1.1
Tcpip\..\Interfaces\{61402573-0713-4884-8ac4-83be55914fcb}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{72eaa5ae-7354-41e8-975a-3e1ea37060bc}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{72eaa5ae-7354-41e8-975a-3e1ea37060bc}: [DhcpNameServer] 192.168.1.254
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.it/
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-01-12] (Microsoft Corporation -> Microsoft Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2019-08-15] (McAfee, LLC -> McAfee, Inc.)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2020-01-12] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\ssv.dll [2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2019-08-15] (McAfee, LLC -> McAfee, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-08] (Microsoft Corporation -> Microsoft Corporation)
Edge:
======
DownloadDir: D:\downloads
FireFox:
========
FF DefaultProfile: 3f25p9p8.default
FF ProfilePath: C:\Users\MARCO\AppData\Roaming\Mozilla\Firefox\Profiles\3f25p9p8.default [2020-04-19]
FF Homepage: Mozilla\Firefox\Profiles\3f25p9p8.default -> about:blank
FF NewTab: Mozilla\Firefox\Profiles\3f25p9p8.default -> about:blank
FF Extension: (Cookies Manager+) - C:\Users\MARCO\AppData\Roaming\Mozilla\Firefox\Profiles\3f25p9p8.default\Extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d} [2018-01-03] [Legacy]
FF ProfilePath: C:\Users\MARCO\AppData\Roaming\kompozer.net\KompoZer\Profiles\ul291cqi.default [2018-01-03]
FF ProfilePath: C:\Users\MARCO\AppData\Roaming\KompoZer\Profiles\dn44yh4f.default [2018-01-03]
FF Extension: (No Name) - C:\Users\MARCO\AppData\Roaming\KompoZer\Profiles\dn44yh4f.default\Extensions\temp [2015-01-16] [not signed]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2019-08-15]
FF HKLM-x32\...\Firefox\Extensions: [
e-webprint@epson.com ] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2017-06-22] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2020-03-16] (Adobe Inc. -> Adobe Systems)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]
FF Plugin-x32: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-12-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2020-03-16] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]
FF Plugin HKU\S-1-5-21-1801797792-2963998745-2400400606-1001: @citrixonline.com/appdetectorplugin -> C:\Users\MARCO\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2016-12-16] (Citrix Online -> Citrix Online)
FF Plugin HKU\S-1-5-21-1801797792-2963998745-2400400606-1001: SkypePlugin -> C:\Users\MARCO\AppData\Local\SkypePlugin\7.32.6.278\npGatewayNpapi.dll [2017-04-18] (Microsoft Corporation -> Skype Technologies S.A.)
FF Plugin HKU\S-1-5-21-1801797792-2963998745-2400400606-1001: SkypePlugin64 -> C:\Users\MARCO\AppData\Local\SkypePlugin\7.32.6.278\npGatewayNpapi-x64.dll [2017-04-18] (Microsoft Corporation -> Skype Technologies S.A.)
Chrome:
=======
CHR DefaultProfile: Profile 3
CHR Profile: C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default [2020-04-03]
CHR DownloadDir: D:\downloads
CHR Notifications: Default -> hxxps://divisoup.com; hxxps://drive.google.com; hxxps://gaana.com; hxxps://generatewp.com; hxxps://it.investing.com; hxxps://shop.gopro.com; hxxps://webeers-com.pushengage.com; hxxps://www.budgetair.it; hxxps://www.facebook.com; hxxps://www.gwa.areawmcredem.it; hxxps://www.piucodicisconto.com; hxxps://www.shoutmeloud.com; hxxps://www.tomshw.it
CHR HomePage: Default -> hxxp://www.google.it/
CHR StartupUrls: Default -> "hxxps://www.google.com/?trackid=sp-006"
CHR DefaultSearchKeyword: Default -> google.com_
CHR Extension: (Google Drive) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (Chiamate Skype) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\blakpkgjpemejpbmfiglncklihnhjkij [2017-10-09]
CHR Extension: (YouTube) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Attacat Cookie Audit Tool) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\cebhpmcfenjfodganapapakfnhichojh [2018-01-23]
CHR Extension: (Google Search) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30]
CHR Extension: (Clear Cache) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\cppjkneekbjaeellbfkmgnhonkkjfpdn [2018-02-21]
CHR Extension: (Google Calendar) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2017-01-07]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2020-04-02]
CHR Extension: (Word Online) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\fiombgjlkfpdpkbhfioofeeinbehmajg [2014-11-16]
CHR Extension: (Documenti Google offline) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-12]
CHR Extension: (Vysor) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\gidgenkbbabolejbgbpnhbimgjbffefm [2020-03-11]
CHR Extension: (Excel Online) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\iljnkagajgfdmfnnidjijobijlfjfgnb [2014-11-16]
CHR Extension: (WhatFont) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm [2017-03-27]
CHR Extension: (Cashback IT-Bestshopping) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjandokkgclchaiipibaligpnceifmif [2017-09-21]
CHR Extension: (Vysor.com) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdphpklacmlhmooodiekhpbepcdlaghl [2018-05-18]
CHR Extension: (Powerpoint ppt to Swf) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\kljihkbpifdllhbhnlnhkkhdkkikcnba [2014-11-16]
CHR Extension: (Video DownloadHelper) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2020-04-02]
CHR Extension: (PowerPoint Online) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdafamggmaaaginooondinjgkgcbpnhp [2014-11-16]
CHR Extension: (Pagamenti Chrome Web Store) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-03-11]
CHR Extension: (Gmail) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-03-11]
CHR Extension: (Chrome Media Router) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-03]
CHR Profile: C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-03-23]
CHR Profile: C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3 [2020-04-19]
CHR Notifications: Profile 3 -> hxxps://app.landbot.io; hxxps://calendar.google.com; hxxps://click-it-now.online; hxxps://dashboard.tawk.to; hxxps://en.savefrom.net; hxxps://firstsiteguide.com; hxxps://generatewp.com; hxxps://gopro.com; hxxps://gretaith.com; hxxps://infinity-tv-by.accengage.net; hxxps://it.semrush.com; hxxps://meet.google.com; hxxps://pushcrew.com; hxxps://rankmath.com; hxxps://rinoverrop.pro; hxxps://s7.converto.io; hxxps://smallseotools.com; hxxps://watch-this.live; hxxps://web.whatsapp.com; hxxps://wordx.press; hxxps://www.autoparti.it; hxxps://www.facebook.com; hxxps://www.minigiochi.com; hxxps://www.mp3hub.com; hxxps://www.pinterest.it; hxxps://www.sorgenia.it
CHR HomePage: Profile 3 -> hxxp://www.google.it/
CHR StartupUrls: Profile 3 -> "hxxps://www.google.com/?trackid=sp-006"
CHR Extension: (Presentazioni) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-03-26]
CHR Extension: (Documenti) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2018-03-26]
CHR Extension: (Google Drive) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-20]
CHR Extension: (SEO META in 1 CLICK) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\bjogjfinolnhfhkbipphpdlldadpnmhc [2019-07-20]
CHR Extension: (YouTube) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-01]
CHR Extension: (Nimbus Screenshot & Screen Video Recorder) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\bpconcjcammlapcogcnnelfmaeghhagj [2020-03-22]
CHR Extension: (Google Calendar) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2017-08-01]
CHR Extension: (Fogli) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-03-26]
CHR Extension: (Word Online) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\fiombgjlkfpdpkbhfioofeeinbehmajg [2017-08-01]
CHR Extension: (Page load time) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\fploionmjgeclbkemipmkogoaohcdbig [2019-09-05]
CHR Extension: (Documenti Google offline) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-10]
CHR Extension: (Open SEO Stats(Formerly: PageRank Status)) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\hbdkkfheckcdppiaiabobmennhijkknn [2019-07-04]
CHR Extension: (Excel Online) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\iljnkagajgfdmfnnidjijobijlfjfgnb [2017-08-01]
CHR Extension: (WhatFont) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm [2017-08-01]
CHR Extension: (Cashback IT-Bestshopping) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\jjandokkgclchaiipibaligpnceifmif [2018-03-26]
CHR Extension: (Sorgenia) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ldadomeegcgcdjfcijngdjglflcghljg [2020-02-27]
CHR Extension: (PowerPoint Online) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\mdafamggmaaaginooondinjgkgcbpnhp [2017-08-01]
CHR Extension: (TubeBuddy) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\mhkhmbddkmdggbhaaaodilponhnccicb [2020-04-17]
CHR Extension: (Keepa - Amazon Price Tracker) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\neebplgakaahbhdphmkckjjcegoiijjo [2019-11-21]
CHR Extension: (Pagamenti Chrome Web Store) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-15]
CHR Extension: (Chrome Media Router) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-03]
CHR Profile: C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 5 [2020-04-17]
CHR Notifications: Profile 5 -> hxxps://calendar.google.com; hxxps://mail.google.com; hxxps://meet.google.com; hxxps://www.gwa.areawmcredem.it
CHR Extension: (Presentazioni) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-03-13]
CHR Extension: (Documenti) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aohghmighlieiainnegkcijnfilokake [2020-03-13]
CHR Extension: (Google Drive) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-03-13]
CHR Extension: (Download emails from Google Mail) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\bgoogiccigaepmddcjallepklfgmdnef [2020-03-13]
CHR Extension: (YouTube) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-03-13]
CHR Extension: (Smooth Checkbox for Gmail™) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\egkhfllhmjihbfnkikpnbeeakllbobjl [2020-03-13]
CHR Extension: (Fogli) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-03-13]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2020-03-13]
CHR Extension: (Documenti Google offline) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-13]
CHR Extension: (Legacy Browser Support) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\heildphpnddilhkemkielfhnkaagiabh [2020-03-13]
CHR Extension: (Row Highlighter for Gmail™ and Inbox™) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ijfolchflbmnfopmpmodilcelmdakbfl [2020-03-13]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2020-03-13]
CHR Extension: (Google Hangouts) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2020-03-13]
CHR Extension: (Pagamenti Chrome Web Store) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-03-13]
CHR Extension: (Gmail) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-03-13]
CHR Extension: (Chrome Media Router) - C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-06]
CHR Profile: C:\Users\MARCO\AppData\Local\Google\Chrome\User Data\System Profile [2020-04-02]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKU\S-1-5-21-1801797792-2963998745-2400400606-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [820280 2020-03-16] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3374160 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3103824 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\u0352369.inf_amd64_275818c45a90b362\B352355\atiesrxx.exe [522256 2020-03-02] (Advanced Micro Devices, Inc. -> AMD)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-08-26] (Apple Inc. -> Apple Inc.)
S3 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\83.0.4103.2\remoting_host.exe [72176 2020-04-03] (Google LLC -> Google Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [10626648 2020-04-10] (Microsoft Corporation -> Microsoft Corporation)
S4 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [40080 2017-08-30] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed]
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
S4 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S4 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [899264 2019-08-15] (McAfee, LLC -> McAfee, Inc.)
R2 MSI_ActiveX_Service; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe [83616 2017-12-04] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2325168 2020-02-03] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [183992 2017-12-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [714712 2017-06-28] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R2 SamsungRapidSvc; C:\WINDOWS\System32\RAPID\SamsungRapidSvc.exe [28256 2015-09-04] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12054872 2019-10-10] (TeamViewer GmbH -> TeamViewer GmbH)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [296312 2014-05-23] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\NisSrv.exe [3294680 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MsMpEng.exe [103168 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.236\WsAppService.exe [495840 2018-01-26] (Wondershare Technology Co.,Ltd -> Wondershare)
S4 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [672024 2015-02-27] (Wacom Technology Corp. -> Wacom Technology, Corp.)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 61883; C:\WINDOWS\System32\drivers\61883.sys [70144 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
R3 amdgpio2; C:\WINDOWS\System32\drivers\amdgpio2.sys [45320 2019-08-17] (Advanced Micro Devices INC. -> Advanced Micro Devices, Inc)
R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [24528 2019-08-17] (AMD PMP-PE CB Code Signer v20160415 -> Advanced Micro Devices, Inc)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\u0352369.inf_amd64_275818c45a90b362\B352355\atikmdag.sys [65731088 2020-03-02] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\u0352369.inf_amd64_275818c45a90b362\B352355\atikmpag.sys [589840 2020-03-02] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [102824 2020-03-02] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AMDPCIDev; C:\WINDOWS\System32\drivers\AMDPCIDev.sys [32520 2020-04-12] (Advanced Micro Devices INC. -> Advanced Micro Devices)
S0 amdpsp; C:\WINDOWS\System32\drivers\amdpsp.sys [138064 2019-08-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc. )
R2 AMDRyzenMasterDriver1.0.0; C:\Program Files\AMD\RyzenMaster\bin\AMDRyzenMasterDriver.sys [70312 2017-03-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R0 amd_sata; C:\WINDOWS\System32\drivers\amd_sata.sys [93240 2018-02-04] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R0 amd_xata; C:\WINDOWS\System32\drivers\amd_xata.sys [33336 2018-02-04] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 ampa; C:\WINDOWS\system32\ampa.sys [38320 2016-12-26] (CHENGDU AOMEI Tech Co., Ltd. -> )
R3 AmUStor; C:\WINDOWS\system32\drivers\AmUStorU.sys [127936 2020-04-01] (Alcorlink Corp. -> )
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [108152 2019-11-18] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R1 CFRMD; C:\WINDOWS\System32\DRIVERS\CFRMD.sys [40224 2014-06-26] (Comodo Security Solutions, Inc. -> Windows (R) Win 7 DDK provider)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2018-06-17] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 ElRawDisk; C:\WINDOWS\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation -> EldoS Corporation)
R1 epp; C:\EEK\bin64\epp.sys [124552 2016-11-23] (Emsisoft Ltd -> Emsisoft Ltd)
S3 etdrv; C:\Windows\etdrv.sys [25640 2017-04-30] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider)
R0 EUBKMON; C:\WINDOWS\System32\drivers\EUBKMON.sys [62528 2018-01-03] (CHENGDU YIWO Tech Development Co., Ltd. -> )
S3 gdrv; C:\Windows\gdrv.sys [25640 2017-04-30] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2017-04-30] (GIGA-BYTE TECHNOLOGY CO., LTD -> )
S3 hidkmdf; C:\WINDOWS\System32\drivers\hidkmdf.sys [14136 2014-10-25] (Wacom Technology Corp. -> Windows (R) Win 7 DDK provider)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-02-04] (Martin Malik - REALiX -> REALiX(tm))
S3 ipadtst; C:\Program Files (x86)\MSI\Super Charger\ipadtst_64.sys [20464 2013-11-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> Windows (R) Win 7 DDK provider)
S3 ipadtst2; C:\Program Files (x86)\MSI\Super Charger\ipadtst2_64.sys [16336 2016-07-29] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 LcUvcUpper; C:\WINDOWS\system32\DRIVERS\LcUvcUpper.sys [37912 2015-09-21] (Microsoft Corporation -> Microsoft Corporation)
S3 libusb0; C:\WINDOWS\System32\drivers\libusb0.sys [52832 2018-03-25] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net)
S3 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [52832 2017-01-12] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net)
R3 LifeCamTrueColor; C:\WINDOWS\system32\DRIVERS\LifeCamTrueColor.sys [37928 2016-07-27] (Microsoft Corporation -> Microsoft Corporation)
S3 NANMp50; C:\WINDOWS\System32\Drivers\NANMp50.sys [46776 2010-03-25] (PRINTING COMMUNICATIONS ASSOCIATES, INC -> Printing Communications Assoc., Inc. (PCAUSA))
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2014-08-16] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2017-08-03] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2013-09-30] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] (MiniTool Solution Ltd -> )
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1160280 2020-04-19] (Realtek Semiconductor Corp. -> Realtek )
R0 SamsungRapidDiskFltr; C:\WINDOWS\System32\DRIVERS\SamsungRapidDiskFltr.sys [271968 2015-09-04] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\WINDOWS\System32\DRIVERS\SamsungRapidFSFltr.sys [110688 2015-09-04] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 se64a; C:\WINDOWS\System32\drivers\se64a.sys [14032 2007-05-03] (EnTech Taiwan -> EnTech Taiwan)
S3 silabenm; C:\WINDOWS\system32\DRIVERS\silabenm.sys [23552 2014-12-01] (Silicon Laboratories) [File not signed]
S3 Spyder4; C:\WINDOWS\System32\drivers\dccmtr.sys [15360 2011-06-02] (Microsoft Windows Hardware Compatibility Publisher -> Datacolor)
S3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [46440 2017-04-06] (SteelSeries ApS -> SteelSeries ApS)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45960 2020-03-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [391392 2020-03-25] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [59104 2020-03-25] (Microsoft Windows -> Microsoft Corporation)
S2 MBAMChameleon; \SystemRoot\System32\Drivers\MbamChameleon.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-04-19 13:55 - 2020-04-19 13:56 - 000059401 _____ C:\Users\MARCO\Desktop\FRST.txt
2020-04-19 13:54 - 2020-04-19 13:56 - 000000000 ____D C:\FRST
2020-04-19 13:54 - 2020-04-19 13:54 - 002281984 _____ (Farbar) C:\Users\MARCO\Desktop\FRST64.exe
2020-04-19 13:51 - 2020-04-19 13:51 - 000002522 _____ C:\Users\MARCO\Desktop\xxx.txt
2020-04-19 12:56 - 2020-04-19 13:53 - 000000000 ____D C:\Users\MARCO\AppData\LocalLow\IGDump
2020-04-19 12:55 - 2020-04-19 12:55 - 000000000 ____D C:\Users\MARCO\AppData\Local\mbamtray
2020-04-19 12:55 - 2020-04-19 12:55 - 000000000 ____D C:\Users\MARCO\AppData\Local\mbam
2020-04-19 12:37 - 2020-04-19 12:37 - 000000000 ____D C:\Users\MARCO\Desktop\filamti
2020-04-19 12:16 - 2020-04-19 12:16 - 072520600 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2020-04-19 12:16 - 2020-04-19 12:16 - 033399859 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2020-04-19 12:16 - 2020-04-19 12:16 - 015218512 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE3.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 007178360 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 007101632 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 006463760 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICV3apo.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 006270080 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64AF3.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 005593504 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICAPOlfx.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 005347096 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv211.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 003676960 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2020-04-19 12:16 - 2020-04-19 12:16 - 003445632 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 003340296 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 003306704 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE2.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 003266984 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RltkAPO.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 003168280 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 003159664 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 002992288 _____ (Audyssey Labs) C:\WINDOWS\system32\AudysseyEfx.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 002930040 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 002444792 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv201.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 002197872 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001971472 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001965264 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64AF3.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001788064 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001611064 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyAPOv251gm.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001598504 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001544360 _____ (Dolby Laboratories) C:\WINDOWS\system32\DAX3APOProp.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001516376 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001435032 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001396840 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001386680 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDHF64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001382128 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001372496 _____ (Dolby Laboratories) C:\WINDOWS\system32\DAX3APOv251.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001353208 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001337528 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaeapo64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001294184 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001287704 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyAPOvlldpgm.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001259832 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOvlldp.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001180792 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001159072 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOProp.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001110064 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001078576 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SEHDHF32.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 001061464 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SECOMN32.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000964912 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000934848 _____ (ICEpower A/S) C:\WINDOWS\system32\ICEsoundAPO64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000873352 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000852024 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tosasfapo64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000751408 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000734880 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000715752 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000692056 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000604688 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaemaxapo64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000541008 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000511776 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000467048 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000453168 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000452840 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000448712 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000447072 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\toseaeapo64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000416400 _____ (Harman) C:\WINDOWS\system32\HMUI.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000406560 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2APIPCLL.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000392760 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000381296 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000378272 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2API.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000367712 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64AF3.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000366224 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\HMAPO.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000360448 _____ (Harman) C:\WINDOWS\system32\HMClariFi.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000343600 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000341040 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000341040 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000333112 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000327160 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000327160 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000316080 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64F3.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000278376 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000266440 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000261336 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000261304 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000260320 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000231808 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000230592 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000220280 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000218160 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000203944 _____ (Harman) C:\WINDOWS\system32\HMHVS.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000191040 _____ (Harman) C:\WINDOWS\system32\HMEQ_Voice.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000191040 _____ (Harman) C:\WINDOWS\system32\HMEQ.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000179728 _____ (Harman) C:\WINDOWS\system32\HMLimiter.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000174832 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000167224 _____ (ASUSTeK COMPUTER INC.) C:\WINDOWS\system32\ATKWMI.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000158584 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000157232 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000154256 _____ (Harman) C:\WINDOWS\system32\HarmanAudioInterface.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000139648 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000122208 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000118480 _____ C:\WINDOWS\system32\AcpiServiceVnA64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000116432 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000105200 _____ C:\WINDOWS\system32\audioLibVc.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000093792 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000090808 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000090064 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000088208 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000083512 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2020-04-19 12:16 - 2020-04-19 12:16 - 000075432 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll
2020-04-19 12:12 - 2020-04-19 12:12 - 000003178 _____ C:\WINDOWS\system32\Tasks\Driver Booster Update
2020-04-19 12:12 - 2020-04-19 12:12 - 000002343 _____ C:\Users\Public\Desktop\Driver Booster 7.lnk
2020-04-19 12:12 - 2020-04-19 12:12 - 000002343 _____ C:\ProgramData\Desktop\Driver Booster 7.lnk
2020-04-19 12:12 - 2020-04-19 12:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 7
2020-04-19 11:48 - 2020-04-19 11:48 - 000001539 _____ C:\Users\Public\Desktop\Data Lifeguard Diagnostic for Windows.lnk
2020-04-19 11:48 - 2020-04-19 11:48 - 000001539 _____ C:\ProgramData\Desktop\Data Lifeguard Diagnostic for Windows.lnk
2020-04-19 11:48 - 2020-04-19 11:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital Corporation
2020-04-19 11:48 - 2020-04-19 11:48 - 000000000 ____D C:\Program Files (x86)\Western Digital Corporation
2020-04-19 10:49 - 2020-04-19 10:49 - 000000000 ___HD C:\$SysReset
2020-04-19 01:56 - 2020-04-19 12:16 - 000000000 ____D C:\WINDOWS\LastGood
2020-04-19 00:22 - 2020-04-19 00:33 - 000000000 _____ C:\Recovery.txt
2020-04-18 23:06 - 2020-04-18 23:06 - 000000000 ____D C:\Users\MARCO\AppData\Local\CrashRpt
2020-04-18 23:05 - 2020-04-18 23:05 - 000012773 _____ C:\ProgramData\sokqucqi.nri
2020-04-18 23:04 - 2020-04-18 23:04 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\Avast Software
2020-04-18 23:02 - 2020-04-19 01:53 - 000000000 ____D C:\Users\MARCO\AppData\Local\WebDefence
2020-04-18 23:01 - 2020-04-18 23:01 - 000000000 ____D C:\Program Files\Avast Software
2020-04-18 23:01 - 2020-04-18 23:01 - 000000000 ____D C:\Program Files (x86)\Digital Communications
2020-04-18 22:46 - 2020-04-18 22:46 - 000000000 ____D C:\Users\MARCO\AppData\Local\Noël Danjou
2020-04-18 22:45 - 2020-04-18 22:53 - 000000000 ____D C:\Program Files (x86)\Noël Danjou
2020-04-18 18:51 - 2020-04-18 18:52 - 000000000 ____D C:\Users\MARCO\.openshot_qt
2020-04-18 15:53 - 2020-04-19 12:34 - 000000000 ____D C:\Users\MARCO\Desktop\Crociera
2020-04-18 13:51 - 2020-04-18 13:51 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\HD Tune Pro
2020-04-18 13:06 - 2020-04-18 13:06 - 000000000 ____D C:\ProgramData\Sony Corporation
2020-04-18 13:05 - 2013-12-06 04:05 - 000179712 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_YLMBNJE.DLL
2020-04-17 21:37 - 2020-04-17 21:37 - 000000000 ____D C:\ProgramData\AMD
2020-04-17 21:28 - 2020-03-10 23:30 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthA2dp.sys
2020-04-17 21:08 - 2020-04-18 23:42 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2020-04-16 22:24 - 2020-04-16 22:41 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2020-04-16 22:24 - 2020-04-16 22:24 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\71D6160D.sys
2020-04-15 00:13 - 2020-04-15 00:13 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 022636544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 019850240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 019812864 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 018027520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 007756800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 005910016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 004611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 004538880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 004129624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 003512320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 002951832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSAT.exe
2020-04-15 00:13 - 2020-04-15 00:13 - 002494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 002180408 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 001870408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 001397576 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-04-15 00:13 - 2020-04-15 00:13 - 001310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 001077064 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-04-15 00:13 - 2020-04-15 00:13 - 001013000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 001008128 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000983040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-04-15 00:13 - 2020-04-15 00:13 - 000775696 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-04-15 00:13 - 2020-04-15 00:13 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000686080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000420152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2020-04-15 00:13 - 2020-04-15 00:13 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumapi.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumapi.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-04-15 00:13 - 2020-04-15 00:13 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-04-15 00:13 - 2020-04-15 00:13 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-04-15 00:13 - 2020-04-15 00:13 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-04-15 00:13 - 2020-04-15 00:13 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-04-15 00:13 - 2020-04-15 00:13 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-04-15 00:13 - 2020-04-15 00:13 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-04-15 00:13 - 2020-04-15 00:13 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-04-15 00:13 - 2020-04-15 00:13 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-04-15 00:13 - 2020-04-15 00:13 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-04-15 00:13 - 2020-04-15 00:13 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-04-15 00:13 - 2020-04-15 00:13 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-04-15 00:13 - 2020-04-15 00:13 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-04-15 00:12 - 2020-04-15 00:13 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 009930552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-04-15 00:12 - 2020-04-15 00:12 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 006523048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 005040640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 004563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-04-15 00:12 - 2020-04-15 00:12 - 003802624 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-04-15 00:12 - 2020-04-15 00:12 - 003587384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-04-15 00:12 - 2020-04-15 00:12 - 003109376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 002800128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-04-15 00:12 - 2020-04-15 00:12 - 002767928 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 002717184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-04-15 00:12 - 2020-04-15 00:12 - 002453504 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 002131456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 002086656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 001999960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 001764336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 001729024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 001665216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 001656904 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 001646048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 001612800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 001603584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 001484384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 001413840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 001318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 001153024 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 001009152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000982840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-04-15 00:12 - 2020-04-15 00:12 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowsperformancerecordercontrol.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-04-15 00:12 - 2020-04-15 00:12 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2020-04-15 00:12 - 2020-04-15 00:12 - 000768528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000722072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000673464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-04-15 00:12 - 2020-04-15 00:12 - 000629760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000628616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-04-15 00:12 - 2020-04-15 00:12 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-04-15 00:12 - 2020-04-15 00:12 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000510792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-04-15 00:12 - 2020-04-15 00:12 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpr.exe
2020-04-15 00:12 - 2020-04-15 00:12 - 000339304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-04-15 00:12 - 2020-04-15 00:12 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000268008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcDecoderHost.exe
2020-04-15 00:12 - 2020-04-15 00:12 - 000127280 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000089336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-04-15 00:12 - 2020-04-15 00:12 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3api.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3msm.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000058880 _____ C:\WINDOWS\system32\runexehelper.exe
2020-04-15 00:12 - 2020-04-15 00:12 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000047000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-04-15 00:12 - 2020-04-15 00:12 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsunattend.exe
2020-04-15 00:12 - 2020-04-15 00:12 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2020-04-15 00:12 - 2020-04-15 00:12 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-04-15 00:12 - 2020-04-15 00:12 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2020-04-15 00:07 - 2020-04-15 00:07 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-04-15 00:07 - 2020-04-15 00:07 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-04-14 23:47 - 2020-04-14 23:47 - 000002451 _____ C:\Users\Public\Desktop\ACDSee Photo Studio Ultimate 2020.lnk
2020-04-14 23:47 - 2020-04-14 23:47 - 000002451 _____ C:\ProgramData\Desktop\ACDSee Photo Studio Ultimate 2020.lnk
2020-04-14 21:43 - 2020-04-14 21:43 - 000234535 _____ C:\Users\MARCO\Desktop\COMPITI CLASSE TERZA DAL 13 AL 17 APRILE.dotx
2020-04-14 17:03 - 2020-04-14 17:13 - 000000000 ____D C:\Users\MARCO\Desktop\O.S.B.A
2020-04-13 23:57 - 2020-04-13 23:57 - 000000135 _____ C:\Users\MARCO\Desktop\CUSTOMIZZAZIONI WORDPRESS.url
2020-04-13 13:03 - 2020-04-13 13:13 - 000000000 ____D C:\ProgramData\xml_param
2020-04-13 13:02 - 2020-04-13 13:02 - 000001493 _____ C:\Users\Public\Desktop\Wondershare Video Converter Free.lnk
2020-04-13 13:02 - 2020-04-13 13:02 - 000001493 _____ C:\ProgramData\Desktop\Wondershare Video Converter Free.lnk
2020-04-13 13:02 - 2020-04-13 13:02 - 000000000 ____D C:\Program Files\Common Files\Wondershare
2020-04-13 13:02 - 2018-03-26 15:52 - 000727952 _____ () C:\WINDOWS\SysWOW64\WSCM64.dll
2020-04-13 13:02 - 2018-03-26 15:52 - 000153088 _____ () C:\WINDOWS\SysWOW64\WSCM32.dll
2020-04-13 10:44 - 2020-04-13 10:45 - 000001004 _____ C:\Users\MARCO\Desktop\top.svg
2020-04-12 17:15 - 2020-04-12 17:15 - 000001026 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge 2020.lnk
2020-04-12 12:36 - 2020-04-19 01:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Easy
2020-04-12 12:21 - 2020-04-12 12:34 - 000000000 ____D C:\Program Files (x86)\ASUS E-Green
2020-04-12 10:48 - 2020-04-12 10:48 - 000000136 _____ C:\Users\MARCO\Desktop\FREE CONFERENCE CALL SKY NOW MEET.url
2020-04-10 19:03 - 2020-04-10 19:03 - 000001828 _____ C:\Users\MARCO\Desktop\CrystalDiskInfo.lnk
2020-04-10 19:03 - 2020-04-10 19:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2020-04-10 19:03 - 2020-04-10 19:03 - 000000000 ____D C:\Program Files\CrystalDiskInfo
2020-04-09 19:04 - 2020-04-09 19:05 - 000000000 ____D C:\ProgramData\Protexis64
2020-04-09 19:03 - 2020-04-09 19:08 - 000000000 ____D C:\ProgramData\Corel
2020-04-09 19:03 - 2020-04-09 19:03 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\Corel
2020-04-09 19:03 - 2020-04-09 19:03 - 000000000 ____D C:\ProgramData\Protexis
2020-04-09 19:01 - 2020-04-09 19:01 - 000000000 ____D C:\ProgramData\UniqueId
2020-04-09 17:07 - 2020-04-09 17:07 - 002110968 _____ (ON1, Inc.) C:\WINDOWS\system32\ONCoreFoundation14.dll
2020-04-09 17:07 - 2020-04-09 17:07 - 002110456 _____ (ON1, Inc.) C:\WINDOWS\system32\ONCore14.dll
2020-04-09 17:07 - 2020-04-09 17:07 - 001198072 _____ (ON1, Inc.) C:\WINDOWS\system32\ONDocument14.dll
2020-04-09 17:07 - 2020-04-09 17:07 - 000479736 _____ (ON1, Inc.) C:\WINDOWS\system32\ONProxySupport14.dll
2020-04-09 17:07 - 2020-04-09 17:07 - 000382456 _____ C:\WINDOWS\system32\ONCMS14.dll
2020-04-08 12:15 - 2020-04-08 12:15 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\ACD Systems
2020-04-08 12:10 - 2020-04-15 21:32 - 000000000 ____D C:\Users\MARCO\AppData\Local\ACD Systems
2020-04-08 12:10 - 2020-04-14 23:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ACD Systems
2020-04-08 12:10 - 2020-04-14 23:47 - 000000000 ____D C:\Program Files\Common Files\ACD Systems
2020-04-08 12:10 - 2020-04-08 12:10 - 000000000 ____D C:\ProgramData\ACD Systems
2020-04-08 12:10 - 2020-04-08 12:10 - 000000000 ____D C:\Program Files\ACD Systems
2020-04-06 22:50 - 2020-04-06 22:50 - 000000000 ____D C:\Users\MARCO\Desktop\CaptureOne
2020-04-04 01:03 - 2020-04-04 01:03 - 014818816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 008013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 007017472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 003753472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 003742544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 001545216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2020-04-04 01:03 - 2020-04-04 01:03 - 001477112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 001368576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 001368576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2020-04-04 01:03 - 2020-04-04 01:03 - 001245184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 001081856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 001055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000993280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000912896 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000892416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000785920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FlightSettings.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000673704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000647680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2020-04-04 01:03 - 2020-04-04 01:03 - 000538160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2020-04-04 01:03 - 2020-04-04 01:03 - 000507152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000491008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000487784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2020-04-04 01:03 - 2020-04-04 01:03 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2020-04-04 01:03 - 2020-04-04 01:03 - 000415760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000381440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\es.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbadmin.exe
2020-04-04 01:03 - 2020-04-04 01:03 - 000277864 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2020-04-04 01:03 - 2020-04-04 01:03 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasrad.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000190048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000187392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasrad.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000185952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.XamlHost.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.XamlHost.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000123952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000093712 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasacct.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000084280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2020-04-04 01:03 - 2020-04-04 01:03 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Custom.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000066624 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasacct.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000050544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2020-04-04 01:03 - 2020-04-04 01:03 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\iaspolcy.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iaspolcy.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ias.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2020-04-04 01:03 - 2020-04-04 01:03 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ias.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000021520 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wksprtPS.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Custom.ps.dll
2020-04-04 01:03 - 2020-04-04 01:03 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 017790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 007849216 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 006168064 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 003708928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 003547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 002986808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-04-04 01:02 - 2020-04-04 01:02 - 002871608 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2020-04-04 01:02 - 2020-04-04 01:02 - 002126144 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 002114560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001960448 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001945600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001918976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001762816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001757096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-04-04 01:02 - 2020-04-04 01:02 - 001726264 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001719808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001512832 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-04-04 01:02 - 2020-04-04 01:02 - 001497600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001480192 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-04-04 01:02 - 2020-04-04 01:02 - 001427456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001413704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001378528 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001300280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2020-04-04 01:02 - 2020-04-04 01:02 - 001263856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2020-04-04 01:02 - 2020-04-04 01:02 - 001261808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001243648 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001136128 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001127424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001071616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 001011200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000974336 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000915192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000879616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000811320 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000759272 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000747320 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000684560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000638480 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000637240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2020-04-04 01:02 - 2020-04-04 01:02 - 000618296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-04-04 01:02 - 2020-04-04 01:02 - 000604984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000589384 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2020-04-04 01:02 - 2020-04-04 01:02 - 000524264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2020-04-04 01:02 - 2020-04-04 01:02 - 000515600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000513576 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000477496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-04-04 01:02 - 2020-04-04 01:02 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000465208 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000459688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-04-04 01:02 - 2020-04-04 01:02 - 000456504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2020-04-04 01:02 - 2020-04-04 01:02 - 000437560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2020-04-04 01:02 - 2020-04-04 01:02 - 000416016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\es.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcApi.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-04-04 01:02 - 2020-04-04 01:02 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000297272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2020-04-04 01:02 - 2020-04-04 01:02 - 000278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2020-04-04 01:02 - 2020-04-04 01:02 - 000259776 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000251704 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-04-04 01:02 - 2020-04-04 01:02 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000231912 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000193848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2020-04-04 01:02 - 2020-04-04 01:02 - 000178192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2020-04-04 01:02 - 2020-04-04 01:02 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2020-04-04 01:02 - 2020-04-04 01:02 - 000164368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2020-04-04 01:02 - 2020-04-04 01:02 - 000152408 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000151352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmbus.sys
2020-04-04 01:02 - 2020-04-04 01:02 - 000147696 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
2020-04-04 01:02 - 2020-04-04 01:02 - 000142544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe
2020-04-04 01:02 - 2020-04-04 01:02 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000115120 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2020-04-04 01:02 - 2020-04-04 01:02 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000102216 _____ (Microsoft Corporation) C:\WINDOWS\system32\changepk.exe
2020-04-04 01:02 - 2020-04-04 01:02 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Custom.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000089912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2020-04-04 01:02 - 2020-04-04 01:02 - 000088352 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000071480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\keepaliveprovider.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2020-04-04 01:02 - 2020-04-04 01:02 - 000059192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2020-04-04 01:02 - 2020-04-04 01:02 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2020-04-04 01:02 - 2020-04-04 01:02 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.Common.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe
2020-04-04 01:02 - 2020-04-04 01:02 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcProxyStubs.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2020-04-04 01:02 - 2020-04-04 01:02 - 000036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2020-04-04 01:02 - 2020-04-04 01:02 - 000033080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hwpolicy.sys
2020-04-04 01:02 - 2020-04-04 01:02 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprtPS.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-04-04 01:02 - 2020-04-04 01:02 - 000028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\flpydisk.sys
2020-04-04 01:02 - 2020-04-04 01:02 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Custom.ps.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbservicetrigger.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sfloppy.sys
2020-04-04 01:02 - 2020-04-04 01:02 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2020-04-04 01:02 - 2020-04-04 01:02 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-04-04 00:52 - 2020-04-04 00:53 - 000000000 ____D C:\Program Files\Affinity
2020-04-01 16:35 - 2020-04-01 16:47 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\Affinity
2020-04-01 16:35 - 2020-04-01 16:47 - 000000000 ____D C:\ProgramData\Affinity
2020-04-01 16:34 - 2020-04-04 00:53 - 000001001 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Affinity Photo.lnk
2020-04-01 16:31 - 2020-04-01 16:31 - 000000039 _____ C:\Users\MARCO\AppData\Local\kritadisplayrc
2020-04-01 16:25 - 2020-04-01 16:25 - 000000357 _____ C:\Users\MARCO\AppData\Local\karboncalligraphyrc
2020-04-01 16:22 - 2020-04-01 16:31 - 000016053 _____ C:\Users\MARCO\AppData\Local\kritarc
2020-04-01 16:22 - 2020-04-01 16:22 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\krita
2020-04-01 16:22 - 2020-04-01 16:22 - 000000000 ____D C:\Users\MARCO\AppData\Local\krita
2020-04-01 12:23 - 2020-04-19 13:16 - 000003126 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2020-04-01 11:16 - 2020-04-19 13:16 - 000003112 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2020-04-01 11:16 - 2020-04-01 11:16 - 000003194 _____ C:\WINDOWS\system32\Tasks\ModifyLinkUpdate
2020-04-01 11:16 - 2020-03-02 18:36 - 000102824 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdkmpfd.sys
2020-04-01 11:15 - 2020-04-19 01:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Software
2020-04-01 11:15 - 2020-04-01 11:15 - 000003160 _____ C:\WINDOWS\system32\Tasks\StartCN
2020-04-01 11:15 - 2020-04-01 11:15 - 000003080 _____ C:\WINDOWS\system32\Tasks\StartDVR
2020-04-01 11:10 - 2020-04-01 11:10 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\ATI
2020-04-01 10:55 - 2020-04-01 10:55 - 001083424 _____ C:\WINDOWS\system32\AmRdrIco.icl
2020-03-31 17:51 - 2020-03-31 17:51 - 000012302 _____ C:\Users\MARCO\Desktop\TESSERAMENTO 31-03-2020.xlsx
2020-03-31 10:25 - 2020-03-31 10:25 - 000160254 _____ C:\Users\MARCO\Desktop\Confronto-LU1694212348_LU0076315455-martedì 31 marzo 2020.pdf
2020-03-31 10:23 - 2020-03-31 10:23 - 000891197 _____ C:\Users\MARCO\Desktop\Scheda prodotto Eurofundlux Floating Rate A Acc EUR.pdf
2020-03-31 10:19 - 2020-03-31 10:19 - 000444060 _____ C:\Users\MARCO\Desktop\Scheda prodotto-Nordea European Covered Bond BP Acc EUR.pdf
2020-03-30 23:10 - 2020-03-30 23:10 - 000001064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2020.lnk
2020-03-30 23:07 - 2020-03-30 23:07 - 000001085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2019.lnk
2020-03-30 12:22 - 2020-03-30 12:22 - 001353045 _____ C:\Users\MARCO\Desktop\inserimento-in-consulenza-di-covered-warrant-ed-etf-short-pub.pdf
2020-03-30 11:42 - 2020-03-30 11:42 - 002347203 _____ C:\Users\MARCO\Desktop\come-comportarsi-nelle-crisi-retail-2020-03-27-2.pdf
2020-03-29 17:07 - 2020-04-10 11:23 - 000000000 ____D C:\Users\MARCO\AppData\Local\CaptureOne
2020-03-29 17:07 - 2020-04-08 11:15 - 000000000 ____D C:\Users\MARCO\AppData\Local\Phase_One
2020-03-29 17:07 - 2020-04-06 22:52 - 000001121 _____ C:\Users\MARCO\Desktop\Capture One 20.0.4.lnk
2020-03-29 17:07 - 2020-03-29 17:07 - 000000000 ____D C:\ProgramData\Phase One
2020-03-29 17:07 - 2020-03-29 17:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Phase One
2020-03-29 17:06 - 2020-03-29 17:06 - 000000000 ____D C:\Program Files\Phase One
2020-03-29 16:18 - 2020-04-01 12:23 - 000000000 ____D C:\Users\MARCO\AppData\Local\cache
2020-03-29 12:38 - 2020-04-12 01:12 - 000000000 ____D C:\ProgramData\ON1
2020-03-29 12:37 - 2020-04-12 01:12 - 000000000 ____D C:\Program Files\ON1
2020-03-29 12:37 - 2020-04-09 23:32 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\ON1
2020-03-28 14:16 - 2020-04-01 10:50 - 000000000 ____D C:\Users\MARCO\Desktop\DA FARE ORA
2020-03-23 19:23 - 2020-03-23 19:23 - 000001085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom Classic.lnk
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-04-19 13:53 - 2019-03-19 06:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-04-19 13:53 - 2014-12-12 00:43 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-04-19 13:48 - 2014-12-12 00:33 - 000000000 ____D C:\ProgramData\RogueKiller
2020-04-19 13:46 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-04-19 13:19 - 2019-08-17 22:10 - 001764224 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-04-19 13:19 - 2019-03-19 14:33 - 000782874 _____ C:\WINDOWS\system32\perfh010.dat
2020-04-19 13:19 - 2019-03-19 14:33 - 000147392 _____ C:\WINDOWS\system32\perfc010.dat
2020-04-19 13:19 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2020-04-19 13:17 - 2014-11-17 00:30 - 000000000 ____D C:\Users\MARCO\AppData\Local\Adobe
2020-04-19 13:16 - 2016-08-22 22:31 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\DisplayCAL
2020-04-19 13:14 - 2019-08-17 22:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-04-19 13:14 - 2019-08-17 21:58 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-04-19 13:14 - 2018-08-28 23:09 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-04-19 13:13 - 2019-07-14 16:40 - 000000000 ____D C:\Program Files (x86)\SnadBoy's Revelation v2
2020-04-19 12:54 - 2017-06-25 16:35 - 000000000 ____D C:\Program Files\Malwarebytes
2020-04-19 12:49 - 2019-03-19 06:37 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2020-04-19 12:49 - 2018-02-04 21:01 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\IObit
2020-04-19 12:49 - 2017-05-21 00:19 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2020-04-19 12:49 - 2015-03-10 21:47 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\Samsung
2020-04-19 12:17 - 2019-08-17 22:41 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2020-04-19 12:17 - 2017-11-27 01:16 - 000000000 ____D C:\WINDOWS\system32\RTCOM
2020-04-19 12:16 - 2019-08-17 22:40 - 006886992 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2020-04-19 12:16 - 2019-08-17 22:40 - 005938800 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICV2apo.dll
2020-04-19 12:16 - 2019-08-17 22:40 - 003753024 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2020-04-19 12:16 - 2019-08-17 22:40 - 001003744 _____ (Nahimic Inc) C:\WINDOWS\system32\NahimicAPONSControl.dll
2020-04-19 12:16 - 2019-08-17 22:40 - 000192872 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2020-04-19 12:16 - 2019-08-17 22:40 - 000023584 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2020-04-19 12:16 - 2017-05-21 00:20 - 000000000 ____D C:\WINDOWS\system32\DAX3
2020-04-19 12:16 - 2017-05-21 00:20 - 000000000 ____D C:\WINDOWS\system32\DAX2
2020-04-19 12:15 - 2018-12-07 23:59 - 001160280 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2020-04-19 12:12 - 2019-08-17 22:12 - 000002952 _____ C:\WINDOWS\system32\Tasks\Driver Booster SkipUAC (MARCO)
2020-04-19 12:12 - 2018-02-04 21:02 - 000000000 ____D C:\ProgramData\ProductData
2020-04-19 12:12 - 2018-02-04 21:02 - 000000000 ____D C:\ProgramData\IObit
2020-04-19 11:35 - 2019-08-17 22:12 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1801797792-2963998745-2400400606-1001
2020-04-19 11:35 - 2019-08-17 20:54 - 000002470 _____ C:\Users\MARCO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-04-19 11:35 - 2014-11-16 20:41 - 000000000 ___RD C:\Users\MARCO\OneDrive
2020-04-19 10:55 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-04-19 10:55 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-04-19 10:55 - 2018-05-19 10:31 - 000000000 ____D C:\Users\MARCO\AppData\Local\D3DSCache
2020-04-19 10:50 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-04-19 10:44 - 2019-08-17 20:54 - 000000000 ____D C:\Users\MARCO
2020-04-19 02:01 - 2014-12-04 23:54 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-04-19 01:55 - 2017-06-22 21:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2020-04-19 01:54 - 2019-08-17 22:12 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2020-04-19 01:54 - 2019-08-17 20:54 - 000000000 ____D C:\Users\Simone
2020-04-19 01:54 - 2019-08-17 20:54 - 000000000 ____D C:\Users\gabriella
2020-04-19 01:54 - 2019-08-17 20:54 - 000000000 ____D C:\Users\Administrator
2020-04-19 01:54 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2020-04-19 01:54 - 2018-12-27 21:16 - 000000000 ____D C:\WINDOWS\system32\AMD
2020-04-19 01:54 - 2018-07-29 10:53 - 000000000 ____D C:\Program Files\Easeware
2020-04-19 01:54 - 2018-06-16 00:42 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2020-04-19 01:54 - 2018-02-04 12:01 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\Easeware
2020-04-19 01:54 - 2017-06-22 21:15 - 000000000 ____D C:\Program Files\Common Files\EPSON
2020-04-19 01:54 - 2017-05-21 00:20 - 000000000 ____D C:\WINDOWS\SysWOW64\LifeCamTrueColor
2020-04-19 01:54 - 2017-05-21 00:20 - 000000000 ____D C:\WINDOWS\system32\LifeCamTrueColor
2020-04-19 01:54 - 2017-05-21 00:19 - 000000000 ____D C:\Program Files\AMD
2020-04-19 01:54 - 2016-10-07 23:01 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\obs-studio
2020-04-19 01:54 - 2015-01-11 18:02 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\NCH Software
2020-04-19 01:54 - 2014-11-26 01:27 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\vlc
2020-04-19 01:54 - 2014-11-17 00:56 - 000000000 ____D C:\Program Files\Adobe
2020-04-19 01:54 - 2014-11-17 00:55 - 000000000 ____D C:\Program Files\Common Files\Adobe
2020-04-19 01:54 - 2014-11-16 22:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2020-04-19 01:53 - 2017-05-20 15:23 - 000000000 ____D C:\MSI
2020-04-19 01:53 - 2016-10-07 23:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2020-04-19 01:53 - 2015-01-11 18:02 - 000000000 ____D C:\Program Files (x86)\NCH Software
2020-04-19 01:53 - 2014-11-16 22:23 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2020-04-18 23:42 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\registration
2020-04-18 23:42 - 2017-06-22 20:59 - 000000000 ____D C:\ProgramData\Epson
2020-04-18 23:42 - 2014-12-11 23:59 - 000000000 ____D C:\ProgramData\AVAST Software
2020-04-18 23:42 - 2014-11-16 20:38 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\Adobe
2020-04-18 23:41 - 2017-11-07 01:04 - 000000000 ____D C:\Program Files (x86)\AMD
2020-04-18 23:41 - 2017-06-22 21:01 - 000000000 ____D C:\Program Files (x86)\EPSON Software
2020-04-18 23:37 - 2014-12-12 00:57 - 000000000 ____D C:\Users\MARCO\AppData\Local\CrashDumps
2020-04-18 23:06 - 2018-05-26 16:23 - 000000000 ____D C:\Users\MARCO\AppData\Local\Movavi
2020-04-18 23:02 - 2016-10-07 22:40 - 000000096 _____ C:\Users\MARCO\AppData\Roaming\version2.xml
2020-04-18 19:22 - 2017-12-03 20:14 - 000000000 ____D C:\Users\MARCO\AppData\Local\Packages
2020-04-18 18:33 - 2019-08-17 22:12 - 000000000 ____D C:\WINDOWS\system32\Tasks\NCH Software
2020-04-18 18:24 - 2019-08-17 22:21 - 000000000 ____D C:\Users\MARCO\AppData\Local\Deployment
2020-04-18 13:06 - 2017-10-15 23:09 - 000000000 ____D C:\ProgramData\UDL
2020-04-18 13:01 - 2018-01-14 23:52 - 000000000 ____D C:\Users\MARCO\AppData\Local\PlaceholderTileLogoFolder
2020-04-18 13:00 - 2018-02-04 11:33 - 000000000 ____D C:\Users\MARCO\AppData\Local\ElevatedDiagnostics
2020-04-17 21:36 - 2016-10-09 01:12 - 000000000 ____D C:\AMD
2020-04-17 20:59 - 2019-02-09 10:07 - 000000000 ___HD C:\adobeTemp
2020-04-15 21:34 - 2014-11-16 21:21 - 000000000 ____D C:\Program Files (x86)\Google
2020-04-15 00:30 - 2019-08-17 21:58 - 000662888 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-04-15 00:29 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-04-15 00:29 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-04-15 00:29 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-04-15 00:29 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-04-15 00:14 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-04-14 23:46 - 2014-11-16 22:22 - 000000000 ____D C:\Users\MARCO\AppData\Local\Downloaded Installations
2020-04-14 14:39 - 2014-12-03 01:43 - 000001456 _____ C:\Users\MARCO\AppData\Local\Adobe Salva per Web e dispositivi 13.0 Prefs
2020-04-13 20:36 - 2018-03-03 22:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2020-04-13 14:13 - 2020-02-22 18:06 - 000011249 _____ C:\Users\MARCO\Desktop\lista prenotati rifugio.xlsx
2020-04-13 13:02 - 2018-05-27 13:36 - 000000000 ____D C:\ProgramData\Wondershare Video Converter Free
2020-04-13 13:02 - 2017-07-15 14:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2020-04-13 13:01 - 2017-01-08 12:48 - 000000000 ____D C:\Program Files (x86)\Wondershare
2020-04-13 12:55 - 2018-07-02 20:26 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\HandBrake
2020-04-13 11:18 - 2015-01-21 01:30 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\dvdcss
2020-04-12 22:27 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ServiceState
2020-04-12 22:27 - 2018-07-03 08:40 - 000000000 ____D C:\ProgramData\Packages
2020-04-12 12:38 - 2019-02-09 17:50 - 000032520 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\AMDPCIDev.sys
2020-04-11 18:50 - 2018-03-22 20:23 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\ActivePresenter
2020-04-10 09:58 - 2015-11-09 22:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2020-04-08 04:06 - 2019-10-15 14:55 - 000002427 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2020-04-07 20:34 - 2014-11-16 21:22 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-04-06 22:52 - 2020-03-13 10:51 - 000002478 _____ C:\Users\MARCO\Desktop\Marco (
mmosca@credem.it ) - Chrome.lnk
2020-04-06 22:52 - 2020-02-10 21:35 - 000002286 _____ C:\Users\MARCO\Desktop\Loom.lnk
2020-04-06 22:52 - 2020-01-06 21:18 - 000001968 _____ C:\Users\MARCO\Desktop\AVStoDVD.lnk
2020-04-06 22:52 - 2020-01-06 21:08 - 000001003 _____ C:\Users\MARCO\Desktop\DVDStyler.lnk
2020-04-06 22:52 - 2018-03-28 20:25 - 000001147 _____ C:\Users\MARCO\Desktop\Start_CAIgest - collegamento.lnk
2020-04-06 22:50 - 2016-12-18 00:14 - 000000000 ___SD C:\Users\MARCO\Amazon Drive
2020-04-04 01:06 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2020-04-04 01:06 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\Provisioning
2020-04-02 13:51 - 2014-12-30 00:46 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\FileZilla
2020-04-02 11:25 - 2014-11-16 21:26 - 000744808 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-04-01 12:23 - 2018-07-28 13:30 - 000000000 ____D C:\Users\MARCO\AppData\Local\AMD
2020-04-01 10:55 - 2019-08-17 14:51 - 000127936 _____ () C:\WINDOWS\system32\Drivers\AmUStorU.sys
2020-03-29 13:39 - 2019-11-22 23:56 - 000000000 ____D C:\Program Files\Thuraya
2020-03-28 15:43 - 2018-07-07 17:30 - 000000000 ____D C:\Users\MARCO\Desktop\SIMONE MOSCA
2020-03-26 12:21 - 2018-03-22 20:23 - 000001999 _____ C:\Users\Public\Desktop\Active Presenter.lnk
2020-03-26 12:21 - 2018-03-22 20:23 - 000001999 _____ C:\ProgramData\Desktop\Active Presenter.lnk
2020-03-26 12:21 - 2018-03-22 20:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ActivePresenter
2020-03-25 11:14 - 2019-10-03 13:26 - 000003518 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2020-03-25 10:43 - 2018-02-28 21:18 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-03-23 19:18 - 2014-11-17 00:35 - 000000000 ____D C:\ProgramData\Adobe
2020-03-22 23:52 - 2018-08-30 22:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2020-03-21 15:36 - 2020-02-10 21:35 - 000000000 ____D C:\Users\MARCO\AppData\Roaming\Loom
2020-03-20 22:28 - 2020-03-12 19:23 - 000003936 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-1801797792-2963998745-2400400606-1001UA
2020-03-20 22:28 - 2020-03-12 19:23 - 000003668 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-1801797792-2963998745-2400400606-1001Core
2020-03-20 21:29 - 2019-08-17 22:12 - 000003672 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-03-20 21:29 - 2019-08-17 22:12 - 000003548 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
==================== Files in the root of some directories ========
2017-03-12 11:43 - 2017-03-13 23:19 - 000021368 _____ (Schneider Electric) C:\Users\MARCO\en_res.dll
2017-03-12 11:43 - 2017-03-13 23:19 - 000021368 _____ (Schneider Electric) C:\Users\MARCO\es_res.dll
2017-03-12 11:43 - 2017-03-13 23:19 - 000021880 _____ (Schneider Electric) C:\Users\MARCO\fr_res.dll
2017-03-12 11:43 - 2017-03-13 23:19 - 000021880 _____ (Schneider Electric) C:\Users\MARCO\grm_res.dll
2017-03-12 11:43 - 2017-03-13 23:19 - 000021368 _____ (Schneider Electric) C:\Users\MARCO\it_res.dll
2017-03-12 11:43 - 2017-03-13 23:19 - 000020344 _____ (Schneider Electric) C:\Users\MARCO\jp_res.dll
2017-03-12 11:43 - 2017-03-13 23:19 - 001079808 _____ (Microsoft Corporation) C:\Users\MARCO\mfc80u.dll
2017-03-12 11:43 - 2017-03-13 23:19 - 000626688 _____ (Microsoft Corporation) C:\Users\MARCO\msvcr80.dll
2017-03-12 11:43 - 2017-03-13 23:19 - 000021368 _____ (Schneider Electric) C:\Users\MARCO\pt_res.dll
2017-03-12 11:43 - 2017-03-13 23:19 - 000018808 _____ () C:\Users\MARCO\ResourceReader.dll
2017-03-12 11:43 - 2017-03-13 23:19 - 000020856 _____ (Schneider Electric) C:\Users\MARCO\ru_res.dll
2017-03-12 11:43 - 2017-03-13 23:19 - 000019832 _____ (Schneider Electric) C:\Users\MARCO\zh_res.dll
2016-04-23 14:46 - 2016-05-17 17:16 - 000003072 _____ () C:\Users\MARCO\AppData\Roaming\Album Studio 1.0 Prefsv3
2018-04-08 13:20 - 2018-04-08 13:20 - 005082084 _____ (The Public) C:\Users\MARCO\AppData\Roaming\Avisynth.exe
2018-04-08 13:20 - 2018-04-08 13:20 - 005243208 _____ ( ) C:\Users\MARCO\AppData\Roaming\AvsP.exe
2016-10-07 22:56 - 2016-10-07 22:56 - 000000057 _____ () C:\Users\MARCO\AppData\Roaming\Camdata.ini
2016-10-07 22:56 - 2016-10-07 22:56 - 000000408 _____ () C:\Users\MARCO\AppData\Roaming\CamLayout.ini
2016-10-07 22:56 - 2016-10-07 22:56 - 000000408 _____ () C:\Users\MARCO\AppData\Roaming\CamShapes.ini
2016-10-07 22:56 - 2016-10-07 22:56 - 000004545 _____ () C:\Users\MARCO\AppData\Roaming\CamStudio.cfg
2016-10-07 22:41 - 2016-10-07 22:51 - 000000000 _____ () C:\Users\MARCO\AppData\Roaming\CamStudio.Producer.Data.ini
2016-10-07 22:41 - 2016-10-07 22:51 - 000001205 _____ () C:\Users\MARCO\AppData\Roaming\CamStudio.Producer.ini
2018-04-08 13:20 - 2018-04-08 13:20 - 002169915 _____ (LIGHTNING UK!) C:\Users\MARCO\AppData\Roaming\Imgburn.exe
2018-06-16 16:13 - 2018-06-16 16:13 - 000099384 _____ () C:\Users\MARCO\AppData\Roaming\inst.exe
2014-11-17 23:06 - 2015-02-11 22:51 - 000000028 _____ () C:\Users\MARCO\AppData\Roaming\kulerdata.json
2018-12-10 22:34 - 2018-12-12 22:05 - 000001118 _____ () C:\Users\MARCO\AppData\Roaming\loch.ini
2018-04-08 13:20 - 2018-04-08 13:20 - 001357348 _____ () C:\Users\MARCO\AppData\Roaming\MatroskaSplitter.exe
2018-06-16 16:13 - 2018-06-16 16:13 - 000007859 _____ () C:\Users\MARCO\AppData\Roaming\pcouffin.cat
2018-06-16 16:13 - 2018-06-16 16:13 - 000001167 _____ () C:\Users\MARCO\AppData\Roaming\pcouffin.inf
2018-06-16 16:13 - 2018-06-16 16:13 - 000000055 _____ () C:\Users\MARCO\AppData\Roaming\pcouffin.log
2018-06-16 16:13 - 2018-06-16 16:13 - 000082816 _____ (VSO Software) C:\Users\MARCO\AppData\Roaming\pcouffin.sys
2018-04-08 13:20 - 2018-04-08 13:20 - 007760687 _____ (Boraxsoft) C:\Users\MARCO\AppData\Roaming\SetupGFD.exe
2015-01-11 19:12 - 2015-01-11 19:12 - 000001167 _____ () C:\Users\MARCO\AppData\Roaming\trace_FilterInstaller.1.txt
2015-01-11 19:12 - 2018-08-21 21:11 - 000000905 _____ () C:\Users\MARCO\AppData\Roaming\trace_FilterInstaller.txt
2015-01-11 19:12 - 2018-08-21 21:11 - 000000000 _____ () C:\Users\MARCO\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2014-12-07 01:31 - 2014-12-29 15:30 - 000022033 _____ () C:\Users\MARCO\AppData\Roaming\Valori separati da virgola.ADR
2016-10-07 22:40 - 2020-04-18 23:02 - 000000096 _____ () C:\Users\MARCO\AppData\Roaming\version2.xml
2018-04-08 13:20 - 2018-04-08 13:20 - 000117723 _____ () C:\Users\MARCO\AppData\Roaming\yuvcodecs-1.3.exe
2014-12-03 01:43 - 2020-04-14 14:39 - 000001456 _____ () C:\Users\MARCO\AppData\Local\Adobe Salva per Web e dispositivi 13.0 Prefs
2020-04-01 16:25 - 2020-04-01 16:25 - 000000357 _____ () C:\Users\MARCO\AppData\Local\karboncalligraphyrc
2020-04-01 16:22 - 2020-04-01 16:27 - 000002449 _____ () C:\Users\MARCO\AppData\Local\krita-sysinfo.log
2020-04-01 16:22 - 2020-04-01 16:31 - 000001035 _____ () C:\Users\MARCO\AppData\Local\krita.log
2020-04-01 16:31 - 2020-04-01 16:31 - 000000039 _____ () C:\Users\MARCO\AppData\Local\kritadisplayrc
2020-04-01 16:22 - 2020-04-01 16:31 - 000016053 _____ () C:\Users\MARCO\AppData\Local\kritarc
2018-09-28 09:04 - 2018-09-28 09:04 - 000000000 _____ () C:\Users\MARCO\AppData\Local\oobelibMkey.log
2019-06-26 12:26 - 2020-02-28 00:36 - 000000128 _____ () C:\Users\MARCO\AppData\Local\PUTTY.RND
2018-07-29 23:53 - 2018-07-29 23:53 - 000000218 _____ () C:\Users\MARCO\AppData\Local\recently-used.xbel
2017-06-11 00:41 - 2017-06-24 19:42 - 000007609 _____ () C:\Users\MARCO\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================