Infection possible – Aide à la suppression des virus, chevaux de Troie, logiciels espions et programmes malveillants – Bien choisir son serveur d impression

Résultat de l'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 19-04-2020

Ran par Daniele (administrateur) sur DANIELE-PC (Acer Aspire 5750G) (19-04-2020 14:37:26)

Exécution à partir de C: Users Daniele Downloads

Profils chargés: Daniele (Profils disponibles: Daniele & Ree)

Plateforme: Windows 7 Home Premium Service Pack 1 (X64) Langue: Italiano (Italia)

Internet Explorer version 11 (navigateur par défaut: FF)

Mode de démarrage: Normal

==================== Processus (sur liste blanche) =================

(Si une entrée est incluse dans la liste de correctifs, le processus sera fermé. Le fichier ne sera pas déplacé.)

(Adobe Inc. -> Adobe Systems) C: Program Files (x86) Common Files Adobe ARM 1.0 armsvc.exe

(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C: Program Files (x86) Avira Antivirus avgnt.exe

(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C: Program Files (x86) Avira Antivirus avguard.exe

(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C: Program Files (x86) Avira Antivirus avscan.exe <2>

(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C: Program Files (x86) Avira Antivirus avshadow.exe

(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C: Program Files (x86) Avira Antivirus sched.exe

(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C: Program Files (x86) Avira Launcher Avira.ServiceHost.exe

(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C: Program Files (x86) Avira Launcher Avira.Systray.exe

(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C: Program Files (x86) Avira Optimizer Host Avira.OptimizerHost.exe

(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C: Program Files (x86) Avira SoftwareUpdater Avira.SoftwareUpdater.ServiceHost.exe

(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C: Program Files (x86) Avira VPN Avira.VpnService.exe

(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C: Program Files (x86) Battle.net Battle.net.exe <3>

(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C: ProgramData Battle.net Agent Agent.7022 Agent.exe

(CyberLink -> CyberLink Corp.) C: Program Files (x86) Acer clear.fi MVP clear.fiAgent.exe

(CyberLink -> CyberLink) C: Program Files (x86) Acer clear.fi MVP Kernel DMR DMREngine.exe

(Discord Inc. -> Discord Inc.) C: Users Daniele AppData Local Discord app-0.0.306 Discord.exe <6>

(Even Balance, Inc. ->) C: Windows SysWOW64 PnkBstrA.exe

(Google LLC -> Google LLC) C: Program Files (x86) Google Chrome Application chrome.exe <28>

(HearthSim, LLC -> HearthSim) C: Users Daniele AppData Local HearthstoneDeckTracker app-1.10.7 HearthstoneDeckTracker.exe

(Intel Corporation -> Intel Corporation) C: Windows System32 igfxpers.exe

(Intel Corporation -> Intel Corporation) C: Windows System32 igfxtray.exe

(McAfee, LLC -> McAfee, LLC) C: Program Files McAfee WebAdvisor servicehost.exe

(McAfee, LLC -> McAfee, LLC) C: Program Files McAfee WebAdvisor uihost.exe

(Microsoft Corporation -> Microsoft Corporation) C: Program Files (x86) Fichiers communs microsoft shared Virtualization Handler CVHSVC.EXE

(Microsoft Corporation -> Microsoft Corporation) C: Program Files (x86) Microsoft Application Virtualization Client sftlist.exe

(Microsoft Corporation -> Microsoft Corporation) C: Program Files (x86) Microsoft Application Virtualization Client sftvsa.exe

(Microsoft Corporation -> Microsoft Corporation) C: Program Files Microsoft Security Client MsMpEng.exe

(Microsoft Corporation -> Microsoft Corporation) C: Program Files Microsoft Security Client msseces.exe

(Microsoft Corporation -> Microsoft Corporation) C: Program Files Microsoft Security Client NisSrv.exe

(Microsoft Windows -> Microsoft Corporation) C: Windows System32 dllhost.exe

(Microsoft Windows -> Microsoft Corporation) C: Windows System32 rundll32.exe

(Mozilla Corporation -> Mozilla Corporation) C: Program Files (x86) Mozilla Firefox firefox.exe <5>

(NVIDIA Corporation -> NVIDIA Corporation) C: Program Files (x86) NVIDIA Corporation NvTelemetry NvTelemetryContainer.exe

(NVIDIA Corporation -> NVIDIA Corporation) C: Program Files NVIDIA Corporation Display.NvContainer NVDisplay.Container.exe <2>

(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C: Program Files Fichiers communs EPSON EPW! 3 SSRP E_S60RPB.EXE

(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C: Windows System32 spool drivers x64 3 E_IATILFE.EXE

(Shanghai Changzhi Network Technology Co., Ltd. ->) D: XuanZhi LDPlayer ldnews.exe

(Synaptics Incorporated -> Synaptics Incorporated) C: Program Files Synaptics SynTP SynTPEnh.exe

(Synaptics Incorporated -> Synaptics Incorporated) C: Program Files Synaptics SynTP SynTPHelper.exe

(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C: Program Files (x86) TeamViewer TeamViewer.exe

(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C: Program Files (x86) TeamViewer TeamViewer_Service.exe

(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C: Program Files (x86) TeamViewer tv_w32.exe

(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C: Program Files (x86) TeamViewer tv_x64.exe

==================== Registre (liste blanche) ===================

(Si une entrée est incluse dans la liste de correctifs, l'élément de registre sera restauré par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM … Run: [MSC] => C: Program Files Microsoft Security Client msseces.exe [1353680 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)

HKLM … Run: [SynTPEnh] => C: Program Files Synaptics SynTP SynTPEnh.exe [2280232 2010-07-29] (Synaptics Incorporated -> Synaptics Incorporated)

HKLM … Run: [] => [X]

HKLM-x32 … Exécuter: [KeePass 2 PreLoad] => C: Program Files (x86) KeePass Password Safe 2 KeePass.exe [3331264 2020-01-20] (Développeur Open Source, Dominik Reichl -> Dominik Reichl)

HKLM-x32 … Exécuter: [Avira SystrayStartTrigger] => C: Program Files (x86) Avira Launcher Avira.SystrayStartTrigger.exe [239520 2020-04-02] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

HKLM-x32 … Exécuter: [Avira System Speedup User Starter] => C: Program Files (x86) Avira System Speedup Avira.SystemSpeedup.Core.Common.Starter.exe [331368 2020-01-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

HKLM-x32 … Exécuter: [] => [X]

HKU S-1-5-19 … RunOnce: [IsMyWinLockerReboot] => msiexec.exe / qn / x voidguid

HKU S-1-5-20 … RunOnce: [IsMyWinLockerReboot] => msiexec.exe / qn / x voidguid

HKU S-1-5-21-1536202438-368462837-3654654372-1001 … Run: [EPLTargetP0000000000000001] => C: Windows system32 spool DRIVERS x64 3 E_IATILFE.EXE [297024 2013-01-24] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)

HKU S-1-5-21-1536202438-368462837-3654654372-1001 … Run: [Discord] => C: Users Daniele AppData Local Discord app-0.0.306 Discord.exe [90950968 2020-02-24] (Discord Inc. -> Discord Inc.)

HKU S-1-5-21-1536202438-368462837-3654654372-1001 … Run: [LDNews] => D: XuanZhi LDPlayer ldnews.exe [1309368 2020-03-25] (Shanghai Changzhi Network Technology Co., Ltd. ->)

HKU S-1-5-21-1536202438-368462837-3654654372-1001 … Run: [] => [X]

HKU S-1-5-21-1536202438-368462837-3654654372-1001 … RunOnce: [FlashPlayerUpdate] => C: Windows SysWOW64 Macromed Flash FlashUtil32_32_0_0_303_Plugin.exe [1457720 2019-12-18] (Adobe Inc. -> Adobe)

HKU S-1-5-21-1536202438-368462837-3654654372-1001 … MountPoints2: 050c8d1e-37e4-11ea-9ee4-1c7508f37aca – H: RTK_NIC_DRIVER_INSTALLER.sfx.exe

HKU S-1-5-21-1536202438-368462837-3654654372-1001 … MountPoints2: 5e68e840-be54-11e2-b434-806e6f6e6963 – G: Setup.exe

HKU S-1-5-21-1536202438-368462837-3654654372-1001 … MountPoints2: 839489ac-58a7-11e5-ac80-1c7508ead495 – C: Windows system32 RunDLL32.EXE Shell32.DLL, ShellExec_RunDLL H: Start.exe

HKU S-1-5-21-1536202438-368462837-3654654372-1001 … MountPoints2: 84650df6-67d9-11ea-9c89-1c7508f37aca – H: HiSuiteDownLoader.exe} – H: HiSuiteDownLoader.exe

HKU S-1-5-21-1536202438-368462837-3654654372-1001 … MountPoints2: aab47bad-b4df-11e2-b1df-1c7508ead495 – F: LANLauncher.exe

HKU S-1-5-21-1536202438-368462837-3654654372-1001 … MountPoints2: b7603e81-b1e8-11e7-9500-1c7508ead495 – G: HiSuiteDownLoader.exe

HKU S-1-5-21-1536202438-368462837-3654654372-1001 … MountPoints2: fb958786-5f36-11e3-8f8a-1c7508ead495 – F: autorun.exe

HKU S-1-5-21-1536202438-368462837-3654654372-1001 Control Panel Desktop SCRNSAVE.EXE -> C: Windows system32 scrnsave.scr [11264 2009-07-14] (Microsoft Windows -> Microsoft Corporation)

HKU S-1-5-18 … RunOnce: [IsMyWinLockerReboot] => msiexec.exe / qn / x voidguid

HKLM Software Microsoft Active Setup Installed Components: [2D46B6DC-2207-486B-B523-A557E6D54B47] -> C: Windows system32 cmd.exe / D / C démarrer C: Windows system32 ie4uinit.exe -ClearIconCache

HKLM Software Microsoft Active Setup Installed Components: [8A69D345-D564-463c-AFF1-A69D9E530F96] -> C: Program Files (x86) Google Chrome Application 81.0.4044.113 Installer chrmstp.exe [2020-04-15] (Google LLC -> Google LLC)

HKLM Software Wow6432Node Microsoft Active Setup Installed Components: [2D46B6DC-2207-486B-B523-A557E6D54B47] -> C: Windows system32 cmd.exe / D / C démarrer C: Windows system32 ie4uinit.exe -ClearIconCache

HKLM Software Wow6432Node Microsoft Active Setup Installed Components: [8A69D345-D564-463c-AFF1-A69D9E530F96] -> "C: Program Files (x86) Google Chrome Application 57.0.2987.133 Installer chrmstp.exe" –configure-user-settings –verbose-logging –system-level

HKLM Software Wow6432Node Microsoft Active Setup Installed Components: [A6EADE66-0000-0000-484E-7E8A45000000] -> C: Program Files (x86) Adobe Acrobat Reader DC Esl AiodLite.dll [2019-05-03] (Adobe Inc. -> Adobe Systems, Inc.)

HKLM Software … Authentication Credential Providers: [F8A0B131-5F68-486c-8040-7E8FC3C85BB6] -> C: Program Files Fichiers communs Microsoft Shared Windows Live WLIDCREDPROV.DLL [2011-03-29] (Microsoft Corporation -> Microsoft Corp.)

Fournisseurs HKLM Software … Authentication PLAP: [60442b50-aac2-4db7-b9b0-813d2107287d] -> c: windows system32 dsNcSmartCardProv.dll [2014-04-16] (Juniper Networks, Inc. -> Juniper Networks)

Fournisseurs HKLM Software … Authentication PLAP: [9f4a51de-92b1-483a-b717-dd7d3bb7d3db] -> c: windows system32 dsNcCredProv.dll [2014-04-16] (Juniper Networks, Inc. -> Juniper Networks)

AppInit_DLLs: C: Windows system32 nvinitx.dll => C: Windows system32 nvinitx.dll [182784 2018-03-25] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)

AppInit_DLLs-x32: C: Windows SysWOW64 nvinit.dll => C: Windows SysWOW64 nvinit.dll [159704 2018-03-25] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)

==================== Tâches planifiées (liste blanche) ============

(Si une entrée est incluse dans la liste de correctifs, elle sera supprimée du registre. Le fichier ne sera pas déplacé sauf s'il est répertorié séparément.)

Tâche: 0587C257-D7C6-4C78-8F21-1D7F3939B9B9 – System32 Tasks Recovery Management Burn Notification => C: Program Files Acer Acer eRecovery Management NotificationCenter Notification.exe [816520 2011-08-09] (Acer Incorporated -> Acer)

Tâche: 0698585B-BA25-4335-9278-3BC3C18BE8B5 – System32 Tasks Adobe Flash Player NPAPI Notifier => C: Windows SysWOW64 Macromed Flash FlashUtil32_32_0_0_303_Plugin.exe [1457720 2019-12-18] (Adobe Inc. -> Adobe)

Tâche: 0D073FB3-7592-4AD3-ACD5-261412DDD7DF – System32 Tasks EPSON XP-312 313 315 Series Invitation 6AFC5C38-E427-4C18-A613-15CA4120664F => C: Windows system32 spool DRIVERS x64 3 E_ITSLFE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)

Tâche: 0D415B8D-D7FD-477F-97FB-381B18EBA498 – Tâche de mise à jour System32 Tasks Adobe Acrobat => C: Program Files (x86) Common Files Adobe ARM 1.0 AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)

Tâche: 16CBEF8D-2362-4ADC-9C8E-7F143609615F – System32 Tasks clear.fiAgent => C: Program Files (x86) Acer clear.fi MVP clear.fiAgent.exe [120104 2011-08-24] (CyberLink -> CyberLink Corp.)

Tâche: 19BE36DC-19D0-4AE2-B932-4E92E841E50E – System32 Tasks NvTmMon_ B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C: Program Files (x86) NVIDIA Corporation Update Core NvTmMon.exe [510912 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)

Tâche: 28017D3E-92AD-4139-B233-772380FCF796 – System32 Tasks 898F6CA2-2FC0-4969-9594-F4670EF81EBA => C: Program Files (x86) Activision Rome – Total War RomeTW.exe

Tâche: 28FFE953-0A42-4552-8E34-DC5CE2F4000A – System32 Tasks F3E47E76-9709-4A21-BB71-1B0C6C9B8223 => C: Windows system32 pcalua.exe -a E: Setup.exe – d E:

Tâche: 2AFD2942-0BC9-4D3A-A82D-AD1D5CCE73FD – System32 Tasks E3F8847E-F1BC-4BFB-8A19-8DF64248AAFE => C: Program Files (x86) Activision Rome – Total War RomeTW.exe

Tâche: 34FFA4CE-EA47-418C-BE0E-1EA34C5DCC7B – System32 Tasks AviraSystemSpeedupUpdate => C: ProgramData Avira SystemSpeedup Update avira_speedup_setup_update.exe [27848432 2020-04-09] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

Tâche: 461EE1FB-988C-4A90-BB13-D665D42A365A – System32 Tasks NvProfileUpdaterDaily_ B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C: Program Files NVIDIA Corporation Update Core NvProfileUpdater64 [662464 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)

Tâche: 4802D53D-7317-4F6D-96B0-025C0D18E41B – System32 Tasks 5B715CDF-6EE8-460D-A988-FA5FE01124D1 => E: baldur.exe

Tâche: 53F97095-C1E8-4C4E-8E7E-D640EAC6E922 – System32 Tasks NVIDIA GeForce Experience SelfUpdate_ B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C: Program Files (x86) NVIDIA Corporation NVIDIA GeForce Experience NVIDIA GeForce Experience.exe [2069952 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)

Tâche: 576D0D33-BE9A-4724-A555-8F4E9B90573B – System32 Tasks EPSON XP-312 313 315 Series Update E25A4D64-F87D-4249-99D5-CFF2F8F8E6DF => C: Windows system32 spool DRIVERS x64 3 E_ITSLFE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)

Tâche: 58DE433B-64F3-4832-A901-30F96F3625BA – System32 Tasks NvProfileUpdaterOnLogon_ B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C: Program Files NVIDIA Corporation Update Core NvProfileUpdater64 [662464 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)

Tâche: 5CED6FD0-67EC-4881-BEBA-77F9D42F4209 – System32 Tasks Adobe Flash Player Updater => C: Windows SysWOW64 Macromed Flash FlashPlayerUpdateService.exe [335416 2019-12-18] (Adobe Inc. -> Adobe)

Tâche: 6DA9947E-16BB-412B-9076-BAB7FB4730DC – System32 Tasks NvTmRep_ B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C: Program Files (x86) NVIDIA Corporation Update Core NvTmRep.exe [757184 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)

Tâche: 6E86E2AF-4A75-49B5-B12F-E52842CDEB92 – System32 Tasks E4841482-3364-44D1-9773-1AA169AD4679 => C: Program Files (x86) Activision Rome – Total War RomeTW.exe

Tâche: 6E924764-AF68-4394-8DE7-E26688CAA88F – System32 Tasks E6B67C06-3DA8-48D9-8061-CC54EDA7A03D => C: Users Daniele Desktop Tor Browser Browser firefox.exe.exe

Tâche: 82643A6B-7C76-4DDE-9EFC-EAA23691FC3F – System32 Tasks 7D643D1C-0931-495D-8883-8D8B85E39BAB => C: Windows system32 pcalua.exe -a C: Users Daniele Bureau hpflash1.exe -d C: Users Daniele Desktop

Tâche: 89BBD1F3-AD18-4295-9C8F-408713D375EF – System32 Tasks DMREngine => C: Program Files (x86) Acer clear.fi MVP . Kernel DMR DMREngine.exe [169352 2011-08-24] (CyberLink -> CyberLink)

Tâche: 8DA7805F-DA82-44FD-8C16-3DB36A78306A – System32 Tasks UALU notificatin => C: Program Files Acer Acer Updater UALU.exe [22392 2012-04-05] (Acer Incorporated -> Acer Incorporated)

Tâche: 906AA2A6-A3F5-419E-AD07-0DC22E0C18E7 – System32 Tasks clear.fi => C: Program Files (x86) Acer clear.fi MVP clear.fi.exe [264760 2011-08-24] (CyberLink -> Acer Incorporated)

Tâche: 91BE0F27-0BB1-4F2D-AA59-B164367ED37B – System32 Tasks GoogleUpdateTaskMachineCore => C: Program Files (x86) Google Update GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)

Tâche: 944C8AC3-46F0-49EA-BCE6-BD5F2ABF1E25 – System32 Tasks NvBatteryBoostCheckOnLogon_ B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C: Program Files (x86) NVontia Corporation NvC [469952 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)

Tâche: 947B3B5A-7121-4AA4-A132-B3723F145F31 – System32 Tasks EPSON XP-312 313 315 Series Update 6AFC5C38-E427-4C18-A613-15CA4120664F => C: Windows system32 spool DRIVERS x64 3 E_ITSLFE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)

Tâche: 96EC6761-5AF9-498C-A923-CBEB073F3C48 – System32 Tasks Microsoft Microsoft Antimalware Microsoft Antimalware Scheduled Scan => C: Program Files Microsoft Security Client MpCmdRun.exe [410784 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)

Tâche: 971CBDDC-AE71-4383-BF3E-55684DC6BE1F – Tâche System32 Tasks Overwolf Updater => C: Program Files (x86) Overwolf OverwolfUpdater.exe [2463064 2020-03-14] (Overwolf Ltd -> Overwolf LTD)

Tâche: 9C563B9F-8477-4F74-9683-3D0C349598DD – System32 Tasks EPSON XP-312 313 315 Series Invitation E25A4D64-F87D-4249-99D5-CFF2F8F8E6DF => C: Windows system32 spool DRIVERS x64 3 E_ITSLFE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)

Tâche: A2AF1F20-FAF1-44EB-A8EE-F9E61B94538B – System32 Tasks CEF4E478-F540-44FA-8A0A-B04F0C79ED38 => C: Windows system32 pcalua.exe -a C: Users Daniele Téléchargements HijackThis.exe -d C: Users Daniele Downloads

Tâche: A4CA37D7-063A-4E31-BD80-149FDBF10BE1 – System32 Tasks 5D586F1C-A007-495B-A683-84471FF9182E => C: Windows system32 pcalua.exe -a C: Users Daniele Desktop BaldursGate2 Setup.exe -d C: Users Daniele Desktop BaldursGate2

Tâche: A5D1C74C-C335-4965-A36A-010CC81124C7 – System32 Tasks E1FD0496-34FB-4E32-BE56-1638E11B44F0 => C: Program Files (x86) Activision Rome – Total War RomeTW.exe

Tâche: AA9292C3-4A04-427B-83C6-1D8EA215F4AC – System32 Tasks A07D0381-8480-48E5-93B1-1CD22638FA0B => C: Windows system32 pcalua.exe -a E: Launch.exe – d E:

Tâche: AF175631-4055-4EDD-B91E-ADC2D47EC4D7 – System32 Tasks NvNodeLauncher_ B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C: Program Files (x86) NVIDIA Corporation NvNode nvnodejsla [976832 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)

Tâche: D7C41E02-A0BF-4278-A071-55694952ACDC – System32 Tasks GoogleUpdateTaskMachineUA => C: Program Files (x86) Google Update GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)

Tâche: D7F35FFC-47BF-4DC2-97D2-9C611F8EC20B – System32 Tasks Microsoft Windows Live SOXE Extractor Definitions Update Task => 3519154C-227E-47F3-9CC9-12C3F05817F1

Tâche: DD604AC5-C11F-4371-84FE-2AC34CF0D167 – System32 Tasks NvDriverUpdateCheckDaily_ B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C: Program Files NVIDIA Corporation NvContainer nvcontain.exe [522688 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)

Tâche: E002599A-08C1-4C42-883F-191BB591BB0F – System32 Tasks 6E01CB89-B997-4F11-A30C-C7CE8A9C91A1 => C: Windows system32 pcalua.exe -a C: Users Daniele Téléchargements win32_152824.exe -d C: Users Daniele Downloads

Tâche: F75AEAE1-46D4-4AE2-B52C-212BD3348EFE – System32 Tasks Avira_Antivirus_Systray => C: Program Files (x86) Avira Antivirus avgnt.exe [2759304 2020-04-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

(Si une entrée est incluse dans la liste de correctifs, le fichier de tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

Tâche: C: Windows Tasks EPSON XP-312 313 315 Series Invitation 6AFC5C38-E427-4C18-A613-15CA4120664F .job => C: Windows system32 spool DRIVERS x64 3 E_ITSLFE.EXE

Tâche: C: Windows Tasks EPSON XP-312 313 315 Series Invitation E25A4D64-F87D-4249-99D5-CFF2F8F8E6DF .job => C: Windows system32 spool DRIVERS x64 3 E_ITSLFE.EXE

Tâche: C: Windows Tasks EPSON XP-312 313 315 Series Update 6AFC5C38-E427-4C18-A613-15CA4120664F .job => C: Windows system32 spool DRIVERS x64 3 E_ITSLFE.EXE : / EXE: 6AFC5C38-E427-4C18-A613-15CA4120664F / F: UpdateSYSTEMĊ Recherche les mises à jour du logiciel EPSON et vous avertit lorsque des mises à jour sont disponibles.Si cette tâche est désactivée ou arrêtée, votre logiciel EPSON ne sera pas automatiquement mis à jour date.Thi

Tâche: C: Windows Tasks EPSON XP-312 313 315 Series Update E25A4D64-F87D-4249-99D5-CFF2F8F8E6DF .job => C: Windows system32 spool DRIVERS x64 3 E_ITSLFE.EXE : / EXE: E25A4D64-F87D-4249-99D5-CFF2F8F8E6DF / F: UpdateSYSTEMĊ Recherche les mises à jour du logiciel EPSON et vous avertit lorsque des mises à jour sont disponibles. Si cette tâche est désactivée ou arrêtée, votre logiciel EPSON ne sera pas automatiquement tenu à jour. date.Thi

==================== Internet (liste blanche) ====================

(Si un élément est inclus dans la liste de correctifs, s'il s'agit d'un élément du registre, il sera supprimé ou restauré par défaut.)

Winsock: Catalog5 07 C: Program Files (x86) Fichiers communs Microsoft Shared Windows Live WLIDNSP.DLL [145280 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)

Winsock: Catalog5 08 C: Program Files (x86) Fichiers communs Microsoft Shared Windows Live WLIDNSP.DLL [145280 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)

Winsock: Catalog5-x64 07 C: Program Files Fichiers communs Microsoft Shared Windows Live WLIDNSP.DLL [171392 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)

Winsock: Catalog5-x64 08 C: Program Files Fichiers communs Microsoft Shared Windows Live WLIDNSP.DLL [171392 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)

Tcpip Paramètres: [DhcpNameServer] 194.168.4.100 194.168.8.100

Tcpip .. Interfaces 0EF91A76-19E2-4548-BB51-E60CD7106D02: [DhcpNameServer] 192.168.0.1

Tcpip .. Interfaces 3EFC82CC-B91A-4C1E-B521-C2B94DC80088: [DhcpNameServer] 194.168.4.100 194.168.8.100

Tcpip .. Interfaces 49233639-7CE3-4A19-9C9C-58E97178E1DA: [DhcpNameServer] 194.168.4.100 194.168.8.100

Tcpip .. Interfaces C05787A9-9258-4705-B63A-09E187B553B7: [DhcpNameServer] 192.168.42.129

Tcpip .. Interfaces E302DF92-CA2E-4BE6-BBDF-9847BF0E7A4F: [DhcpNameServer] 192.168.42.129

Internet Explorer:

==================

HKU S-1-5-21-1536202438-368462837-3654654372-1001 Software Microsoft Internet Explorer Main, page de démarrage = hxxp: //uk.search.yahoo.com/? Type = 714647 & fr = spigot-yhp -c'est à dire

SearchScopes: HKLM -> DefaultScope 0633EE93-D776-472f-A0FF-E1416B8B2E3A URL = hxxp: //www.bing.com/search? Q = searchTerms & form = AARTDF & pc = MAAR & src = IE-SearchBox

SearchScopes: HKLM -> 0633EE93-D776-472f-A0FF-E1416B8B2E3A URL = hxxp: //www.bing.com/search? Q = searchTerms & form = AARTDF & pc = MAAR & src = IE-SearchBox

SearchScopes: HKLM-x32 -> DefaultScope 0633EE93-D776-472f-A0FF-E1416B8B2E3A URL = hxxp: //www.bing.com/search? Q = searchTerms & form = AARTDF & pc = MAAR & src = IE-SearchBox

SearchScopes: HKLM-x32 -> 0633EE93-D776-472f-A0FF-E1416B8B2E3A URL = hxxp: //www.bing.com/search? Q = searchTerms & form = AARTDF & pc = MAAR & src = IE-SearchBox

SearchScopes: HKU .DEFAULT -> DefaultScope 0633EE93-D776-472f-A0FF-E1416B8B2E3A URL =

SearchScopes: HKU .DEFAULT -> 0633EE93-D776-472f-A0FF-E1416B8B2E3A URL =

SearchScopes: HKU S-1-5-21-1536202438-368462837-3654654372-1001 -> DefaultScope 6F10B82E-F8E1-488B-AFF0-66E6D7950E71 URL = hxxps: //uk.search.yahoo.com/search? Fr = chr-greentree_ie & ei = utf-8 & ilc = 12 & type = 714647 & p = searchTerms

SearchScopes: HKU S-1-5-21-1536202438-368462837-3654654372-1001 -> 0633EE93-D776-472f-A0FF-E1416B8B2E3A URL =

SearchScopes: HKU S-1-5-21-1536202438-368462837-3654654372-1001 -> 0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9 URL = hxxp: //www1.delta-search.com/? Q = searchTerms & affID = 119776 & tt = gc_ & babsrc = SP_ss & mntrId = 0A75EC55F940E88A

SearchScopes: HKU S-1-5-21-1536202438-368462837-3654654372-1001 -> 6F10B82E-F8E1-488B-AFF0-66E6D7950E71 URL = hxxps: //uk.search.yahoo.com/search? Fr = chr-greentree_ie & ei = utf-8 & ilc = 12 & type = 714647 & p = searchTerms

SearchScopes: HKU S-1-5-21-1536202438-368462837-3654654372-1001 -> 7405AE7F-13A6-4266-A4B2-512B544AACDB URL = hxxp: //uk.search.yahoo.com/search? Fr = chr-greentree_ie & ei = utf-8 & ilc = 12 & type = 714647 & p = searchTerms

SearchScopes: HKU S-1-5-21-1536202438-368462837-3654654372-1001 -> 99209B94-587D-42C2-A3CA-F72D0A76A2F6 URL = hxxp: //www.bing.com/search? Q = searchTerms & r = 503

BHO: Aide à la connexion Windows Live ID -> 9030D464-4C02-4ABF-8ECC-5164760863C6 -> C: Program Files Fichiers communs Microsoft Shared Windows Live WindowsLiveLogin.dll [2011-03-29] (Microsoft Corporation -> Microsoft Corp.)

BHO: McAfee WebAdvisor -> B164E929-A1B6-4A06-B104-2CD0E90A88FF -> C: Program Files McAfee WebAdvisor x64 IEPlugin.dll [2020-04-08] (McAfee, LLC -> McAfee, LLC)

BHO-x32: Java ™ Plug-In SSV Helper -> 761497BB-D6F0-462C-B6EB-D4DAF1D92D43 -> C: Program Files (x86) Java jre1.8.0_171 bin ssv.dll [2018-04-24] (Oracle America, Inc. -> Oracle Corporation)

BHO-x32: Aide à la connexion Windows Live ID -> 9030D464-4C02-4ABF-8ECC-5164760863C6 -> C: Program Files (x86) Common Files Microsoft Shared Windows Live WindowsLiveLogin.dll [2011-03-29] (Microsoft Corporation -> Microsoft Corp.)

BHO-x32: McAfee WebAdvisor -> B164E929-A1B6-4A06-B104-2CD0E90A88FF -> C: Program Files McAfee WebAdvisor win32 IEPlugin.dll [2020-04-08] (McAfee, LLC -> McAfee, LLC)

BHO-x32: Java ™ Plug-In 2 SSV Helper -> DBC80044-A445-435b-BC74-9C25C1C588A9 -> C: Program Files (x86) Java jre1.8.0_171 bin jp2ssv.dll [2018-04-24] (Oracle America, Inc. -> Oracle Corporation)

Restauration de session IE: HKU S-1-5-21-1536202438-368462837-3654654372-1001 -> est activé.

DPF: HKLM AA570693-00E2-4907-B6F1-60A1199B030C hxxps: //juniper.net/dana-cached/sc/JuniperSetupClient64.cab

DPF: HKLM-x32 E5F5D008-DD2C-4D32-977D-1A0ADF03058B hxxps: //juniper.net/dana-cached/setup/JuniperSetupSP1.cab

DPF: HKLM-x32 F27237D7-93C8-44C2-AC6E-D6057B9A918F hxxps: //juniper.net/dana-cached/sc/JuniperSetupClient.cab

Gestionnaire: skype4com – FFC8B962-9B40-4DFF-9458-1830C7DD7F5D – Aucun fichier

Filter-x32: application / x-ica – CFB6322E-CC85-4d1b-82C7-893888A236BC – C: Program Files (x86) Citrix ICA Client IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc. -> Citrix Systems, Inc.)

Filter-x32: application / x-ica; charset = euc-jp – CFB6322E-CC85-4d1b-82C7-893888A236BC – C: Program Files (x86) Citrix ICA Client IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc. -> Citrix Systems, Inc.)

Filter-x32: application / x-ica; charset = ISO-8859-1 – CFB6322E-CC85-4d1b-82C7-893888A236BC – C: Program Files (x86) Citrix ICA Client IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc. -> Citrix Systems, Inc.)

Filter-x32: application / x-ica; charset = MS936 – CFB6322E-CC85-4d1b-82C7-893888A236BC – C: Program Files (x86) Citrix ICA Client IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc. -> Citrix Systems, Inc.)

Filter-x32: application / x-ica; charset = MS949 – CFB6322E-CC85-4d1b-82C7-893888A236BC – C: Program Files (x86) Citrix ICA Client IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc. -> Citrix Systems, Inc.)

Filter-x32: application / x-ica; charset = MS950 – CFB6322E-CC85-4d1b-82C7-893888A236BC – C: Program Files (x86) Citrix ICA Client IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc. -> Citrix Systems, Inc.)

Filter-x32: application / x-ica; charset = UTF-8 – CFB6322E-CC85-4d1b-82C7-893888A236BC – C: Program Files (x86) Citrix ICA Client IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc. -> Citrix Systems, Inc.)

Filter-x32: application / x-ica; charset = UTF8 – CFB6322E-CC85-4d1b-82C7-893888A236BC – C: Program Files (x86) Citrix ICA Client IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc. -> Citrix Systems, Inc.)

Filter-x32: application / x-ica; charset = euc-jp – CFB6322E-CC85-4d1b-82C7-893888A236BC – C: Program Files (x86) Citrix ICA Client IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc. -> Citrix Systems, Inc.)

Filter-x32: application / x-ica; charset = ISO-8859-1 – CFB6322E-CC85-4d1b-82C7-893888A236BC – C: Program Files (x86) Citrix ICA Client IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc. -> Citrix Systems, Inc.)

Filter-x32: application / x-ica; charset = MS936 – CFB6322E-CC85-4d1b-82C7-893888A236BC – C: Program Files (x86) Citrix ICA Client IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc. -> Citrix Systems, Inc.)

Filter-x32: application / x-ica; charset = MS949 – CFB6322E-CC85-4d1b-82C7-893888A236BC – C: Program Files (x86) Citrix ICA Client IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc. -> Citrix Systems, Inc.)

Filter-x32: application / x-ica; charset = MS950 – CFB6322E-CC85-4d1b-82C7-893888A236BC – C: Program Files (x86) Citrix ICA Client IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc. -> Citrix Systems, Inc.)

Filter-x32: application / x-ica; charset = UTF-8 – CFB6322E-CC85-4d1b-82C7-893888A236BC – C: Program Files (x86) Citrix ICA Client IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc. -> Citrix Systems, Inc.)

Filter-x32: application / x-ica; charset = UTF8 – CFB6322E-CC85-4d1b-82C7-893888A236BC – C: Program Files (x86) Citrix ICA Client IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc. -> Citrix Systems, Inc.)

Filter-x32: ica – CFB6322E-CC85-4d1b-82C7-893888A236BC – C: Program Files (x86) Citrix ICA Client IcaMimeFilter.dll [2013-10-01] (Citrix Systems, Inc. -> Citrix Systems, Inc.)

FireFox:

========

FF DefaultProfile: xlbk4m4f.default-1485720396432

FF ProfilePath: C: Users Daniele AppData Roaming Mozilla Firefox Profiles xlbk4m4f.default-1485720396432 [2020-04-19]

Restauration de session FF: Mozilla Firefox Profiles xlbk4m4f.default-1485720396432 -> est activé.

Extension FF: (Sécurité du navigateur Avira) – C: Users Daniele AppData Roaming Mozilla Firefox Profiles xlbk4m4f.default-1485720396432 Extensions [email protected] [2020-03-23]

Extension FF: (Recherche et nouvel onglet par Yahoo) – C: Users Daniele AppData Roaming Mozilla Firefox Profiles xlbk4m4f.default-1485720396432 Extensions [email protected] [2019-05-16]

Plugin FF: @ adobe.com / FlashPlayer -> C: Windows system32 Macromed Flash NPSWF64_32_0_0_303.dll [2019-12-18] (Adobe Inc. ->)

Plugin FF: @ microsoft.com / GENUINE -> désactivé [No File]

Plugin FF: @ Microsoft.com / NpCtrl, version = 1.0 -> C: Program Files Microsoft Silverlight 5.1.50918.0 npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @ adobe.com / FlashPlayer -> C: Windows SysWOW64 Macromed Flash NPSWF32_32_0_0_303.dll [2019-12-18] (Adobe Inc. ->)

FF Plugin-x32: @ Citrix.com / npican -> C: Program Files (x86) Citrix ICA Client npicaN.dll [2013-10-01] (Citrix Systems, Inc. -> Citrix Systems, Inc.)

FF Plugin-x32: @ java.com / DTPlugin, version = 11.171.2 -> C: Program Files (x86) Java jre1.8.0_171 bin dtplugin npDeployJava1.dll [2018-04-24] (Oracle America, Inc. -> Oracle Corporation)

FF Plugin-x32: @ java.com / JavaPlugin, version = 11.171.2 -> C: Program Files (x86) Java jre1.8.0_171 bin plugin2 npjp2.dll [2018-04-24] (Oracle America, Inc. -> Oracle Corporation)

FF Plugin-x32: @ microsoft.com / GENUINE -> désactivé [No File]

FF Plugin-x32: @ Microsoft.com / NpCtrl, version = 1.0 -> C: Program Files (x86) Microsoft Silverlight 5.1.50918.0 npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @ microsoft.com / SharePoint, version = 14.0 -> C: PROGRA ~ 2 MICROS ~ 4 Office14 NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @ microsoft.com / WLPG, version = 15.4.3502.0922 -> C: Program Files (x86) Windows Live Photo Gallery NPWLPG.dll [2011-05-13] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @ microsoft.com / WLPG, version = 15.4.3538.0513 -> C: Program Files (x86) Windows Live Photo Gallery NPWLPG.dll [2011-05-13] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @ videolan.org / vlc, version = 2.0.6 -> C: Program Files (x86) VideoLAN VLC npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)

FF Plugin-x32: @ videolan.org / vlc, version = 2.1.2 -> C: Program Files (x86) VideoLAN VLC npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)

FF Plugin-x32: @ videolan.org / vlc, version = 2.2.1 -> C: Program Files (x86) VideoLAN VLC npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)

FF Plugin-x32: @ videolan.org / vlc, version = 2.2.6 -> C: Program Files (x86) VideoLAN VLC npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)

FF Plugin-x32: @ videolan.org / vlc, version = 3.0.8 -> C: Program Files (x86) VideoLAN VLC npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)

FF Plugin-x32: @ WildTangent.com / GamesAppPresenceDetector, Version = 1.0 -> C: Program Files (x86) WildTangent Games App BrowserIntegration Registered 0 NP_wtapp.dll [2013-08-06] (WildTangent Inc ->)

FF Plugin-x32: Adobe Reader -> C: Program Files (x86) Adobe Acrobat Reader DC Reader AIR nppdf32.dll [2020-03-05] (Adobe Inc. -> Adobe Systems Inc.)

Plugin FF HKU S-1-5-21-1536202438-368462837-3654654372-1001: @ asperasoft.com / AsperaConnect -> C: Users Daniele AppData Local Programs Aspera Aspera Connect lib 3.6. 1 npasperaweb_3.6.1.111228.dll [2015-09-11] (Aspera, Inc. -> Aspera, Inc.)

Plugin FF HKU S-1-5-21-1536202438-368462837-3654654372-1001: @ Unity3d.com / UnityPlayer, version = 1.0 -> C: Users Daniele AppData LocalLow Unity WebPlayer Loader npUnity3D32 .dll [2015-03-27] (Unity Technologies SF -> Unity Technologies ApS)

Plugin FF HKU S-1-5-21-1536202438-368462837-3654654372-1001: SkypeForBusinessPlugin-15.8 -> C: Users Daniele AppData Local Microsoft SkypeForBusinessPlugin 15.8.20020.400 npGatewayNpapi.dll [2015-06-15] (Microsoft Corporation -> Microsoft Corporation)

Plugin FF HKU S-1-5-21-1536202438-368462837-3654654372-1001: SkypeForBusinessPlugin64-15.8 -> C: Users Daniele AppData Local Microsoft SkypeForBusinessPlugin 15.8.20020.400 npGatewayNpapi-x64.dll [2015-06-15] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin HKUS-1-5-21-1536202438-368462837-3654654372-1001: SkypePlugin -> C:UsersDanieleAppDataLocalSkypePlugin7.26.0.48npGatewayNpapi.dll [2016-09-22] (Microsoft Corporation -> Skype Technologies S.A.)

FF Plugin HKUS-1-5-21-1536202438-368462837-3654654372-1001: SkypePlugin64 -> C:UsersDanieleAppDataLocalSkypePlugin7.26.0.48npGatewayNpapi-x64.dll [2016-09-22] (Microsoft Corporation -> Skype Technologies S.A.)

Chrome:

=======

CHR Profile: C:UsersDanieleAppDataLocalGoogleChromeUser DataDefault [2020-04-19]

CHR Notifications: Default -> hxxps://uk-mg42.mail.yahoo.com; hxxps://web.skype.com; hxxps://web.whatsapp.com; hxxps://www.hotukdeals.com; hxxps://www.reddit.com

CHR HomePage: Default -> hxxp://uk.search.yahoo.com/?type=714647&fr=spigot-yhp-ch

CHR StartupUrls: Default -> "hxxps://www.google.co.uk/"

CHR Session Restore: Default -> is enabled.

CHR Extension: (Presentazioni) – C:UsersDanieleAppDataLocalGoogleChromeUser DataDefaultExtensionsaapocclcgogkmnckokdopfmhonfmgoek [2017-10-16]

CHR Extension: (Documenti) – C:UsersDanieleAppDataLocalGoogleChromeUser DataDefaultExtensionsaohghmighlieiainnegkcijnfilokake [2017-10-16]

CHR Extension: (Google Drive) – C:UsersDanieleAppDataLocalGoogleChromeUser DataDefaultExtensionsapdfllckaahabafndbhieahigkjlhalf [2015-10-21]

CHR Extension: (YouTube) – C:UsersDanieleAppDataLocalGoogleChromeUser DataDefaultExtensionsblpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]

CHR Extension: (Avira Password Manager) – C:UsersDanieleAppDataLocalGoogleChromeUser DataDefaultExtensionscaljgklbbfbcjjanaijlacgncafpegll [2020-04-14]

CHR Extension: (Google Search) – C:UsersDanieleAppDataLocalGoogleChromeUser DataDefaultExtensionscoobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]

CHR Extension: (Fogli) – C:UsersDanieleAppDataLocalGoogleChromeUser DataDefaultExtensionsfelcaaldnbdncclmgdcncolpebgiejap [2017-10-16]

CHR Extension: (Documenti Google offline) – C:UsersDanieleAppDataLocalGoogleChromeUser DataDefaultExtensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-17]

CHR Extension: (AdBlock: il miglior ad-blocker di sempre) – C:UsersDanieleAppDataLocalGoogleChromeUser DataDefaultExtensionsgighmmpiobklfepjocnamgkkbiglidom [2020-04-17]

CHR Extension: (Lightshot (strumento per screenshot)) – C:UsersDanieleAppDataLocalGoogleChromeUser DataDefaultExtensionsmbniclmhobmnbdlbpiphghaielnnpgdp [2020-01-31]

CHR Extension: (Pagamenti Chrome Web Store) – C:UsersDanieleAppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda [2019-10-05]

CHR Extension: (Gmail) – C:UsersDanieleAppDataLocalGoogleChromeUser DataDefaultExtensionspjkljhegncpnkpknbcohdijeoejaedia [2019-05-16]

CHR Extension: (Chrome Media Router) – C:UsersDanieleAppDataLocalGoogleChromeUser DataDefaultExtensionspkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-14]

CHR HKLM…ChromeExtension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]

CHR HKLM…ChromeExtension: [fheoggkfdfchfphceeifdbepaooicaho]

CHR HKLM-x32…ChromeExtension: [caljgklbbfbcjjanaijlacgncafpegll]

CHR HKLM-x32…ChromeExtension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]

CHR HKLM-x32…ChromeExtension: [efaidnbmnnnibpcajpcglclefindmkaj]

CHR HKLM-x32…ChromeExtension: [fheoggkfdfchfphceeifdbepaooicaho]

CHR HKLM-x32…ChromeExtension: [flliilndjeohchalpbbcdekjklbdgfkk]

CHR HKLM-x32…ChromeExtension: [ibbfklbaljofpaanmpaeadejijfdddco]

CHR HKLM-x32…ChromeExtension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]

CHR HKLM-x32…ChromeExtension: [nbmafkdmkkckhggblphicnnhlgljnoje] –

CHR HKLM-x32…ChromeExtension: [njpedbdniajflhgfoipnjkednnlkngbj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:Program Files (x86)AviraAntivirusavmailc7.exe [1209856 2020-04-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

R2 AntiVirSchedulerService; C:Program Files (x86)AviraAntivirussched.exe [485960 2020-04-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:Program Files (x86)AviraAntivirusavguard.exe [485960 2020-04-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

S2 AntiVirWebService; C:Program Files (x86)AviraAntivirusavwebg7.exe [573760 2020-03-22] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

R2 Avira.ServiceHost; C:Program Files (x86)AviraLauncherAvira.ServiceHost.exe [634896 2020-04-02] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

R2 AviraOptimizerHost; C:Program Files (x86)AviraOptimizer HostAvira.OptimizerHost.exe [2989888 2020-01-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

R2 AviraPhantomVPN; C:Program Files (x86)AviraVPNAvira.VpnService.exe [382992 2020-03-18] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

R2 AviraUpdaterService; C:Program Files (x86)AviraSoftwareUpdaterAvira.SoftwareUpdater.ServiceHost.exe [161216 2020-04-09] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

S4 EpsonScanSvc; C:Windowssystem32EscSvc64.exe [144560 2012-05-17] (SEIKO EPSON Corporation -> Seiko Epson Corporation)

R2 EPSON_PM_RPCV4_06; C:Program FilesCommon FilesEPSONEPW!3 SSRPE_S60RPB.EXE [152640 2013-04-15] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)

S3 fussvc; C:Program Files (x86)Windows Kits8.1App Certification Kitfussvc.exe [143872 2014-10-24] (Microsoft Corporation) [File not signed]

S4 GamesAppIntegrationService; C:Program Files (x86)WildTangent GamesAppGamesAppIntegrationService.exe [240736 2013-10-07] (WildTangent Inc -> WildTangent)

R2 McAfee WebAdvisor; C:Program FilesMcAfeeWebAdvisorServiceHost.exe [913640 2020-04-08] (McAfee, LLC -> McAfee, LLC)

R2 MsMpSvc; C:Program FilesMicrosoft Security ClientMsMpEng.exe [119864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)

S4 MyEpson Portal Service; C:Program Files (x86)EPSONMyEpson PortalmepService.exe [714712 2017-06-28] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)

R3 NisSrv; C:Program FilesMicrosoft Security ClientNisSrv.exe [361816 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)

S4 NTI IScheduleSvc; C:Program Files (x86)NTIAcer Backup ManagerIScheduleSvc.exe [256832 2011-04-24] (NTI Corporation -> NTI Corporation)

S3 NvContainerLocalSystem; C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe [522688 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)

S3 NvContainerNetworkService; C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe [522688 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)

S4 Origin Client Service; C:Program Files (x86)OriginOriginClientService.exe [2098528 2017-08-23] (Electronic Arts, Inc. -> Electronic Arts)

S4 Origin Web Helper Service; C:Program Files (x86)OriginOriginWebHelperService.exe [2977640 2017-08-23] (Electronic Arts, Inc. -> Electronic Arts)

S4 OverwolfUpdater; C:Program Files (x86)OverwolfOverwolfUpdater.exe [2463064 2020-03-14] (Overwolf Ltd -> Overwolf LTD)

R2 PnkBstrA; C:WindowsSysWOW64PnkBstrA.exe [75136 2013-05-17] (Even Balance, Inc. -> )

S3 Te.Service; C:Program Files (x86)Windows Kits8.1TestingRuntimesTAEFWex.Services.exe [122368 2015-02-26] (Microsoft Corporation) [File not signed]

R2 TeamViewer; C:Program Files (x86)TeamViewerTeamViewer_Service.exe [13216272 2020-03-20] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

S3 WinDefend; C:Program FilesWindows Defendermpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

S3 wlidsvc; C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE [2292096 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)

R2 NVDisplay.ContainerLocalSystem; "C:Program FilesNVIDIA CorporationDisplay.NvContainerNVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:ProgramDataNVIDIANVDisplay.ContainerLocalSystem.log" -l 3 -d "C:Program FilesNVIDIA CorporationDisplay.NvContainerpluginsLocalSystem" -r -p 30000

R2 NvTelemetryContainer; "C:Program Files (x86)NVIDIA CorporationNvTelemetryNvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:ProgramDataNVIDIANvTelemetryContainer.log" -l 3 -d "C:Program Files (x86)NVIDIA CorporationNvTelemetryplugins" -r

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:WindowsSystem32DRIVERSathrx.sys [2755584 2011-07-19] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)

R0 avdevprot; C:WindowsSystem32DRIVERSavdevprot.sys [68152 2019-06-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

R2 avgntflt; C:WindowsSystem32DRIVERSavgntflt.sys [223744 2020-03-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

R1 avipbb; C:WindowsSystem32DRIVERSavipbb.sys [177376 2020-04-06] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

R1 avkmgr; C:WindowsSystem32DRIVERSavkmgr.sys [36072 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

R2 avnetflt; C:WindowsSystem32DRIVERSavnetflt.sys [78600 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

R0 avusbflt; C:WindowsSystem32Driversavusbflt.sys [35376 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

R1 dtsoftbus01; C:WindowsSystem32DRIVERSdtsoftbus01.sys [283064 2013-12-07] (Disc Soft Ltd -> Disc Soft Ltd)

R2 LdBoxDrv; C:Program Filesdnplayerext2LdBoxDrv.sys [319376 2019-12-18] (Shanghai Changzhi Network Technology Co., Ltd. -> Oracle Corporation)

R2 LdVBoxDrv; C:Program FilesldplayerboxLdVBoxDrv.sys [319376 2020-03-25] (Shanghai Changzhi Network Technology Co., Ltd. -> Oracle Corporation)

R0 MpFilter; C:WindowsSystem32DRIVERSMpFilter.sys [295000 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)

S3 MYFAULT; C:Windowssystem32driversmyfault.sys [25392 2018-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Sysinternals)

R3 NisDrv; C:WindowsSystem32DRIVERSNisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)

R3 nusb3hub; C:Windowssystem32driversnusb3hub.sys [82432 2011-02-10] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)

R3 nusb3xhc; C:Windowssystem32driversnusb3xhc.sys [181760 2011-02-10] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)

S3 NvStreamKms; C:Program FilesNVIDIA CorporationNvStreamSrvNvStreamKms.sys [31168 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)

R3 nvvad_WaveExtensible; C:WindowsSystem32driversnvvad64v.sys [59240 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)

R3 nvvhci; C:WindowsSystem32DRIVERSnvvhci.sys [58816 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)

R3 phantomtap; C:WindowsSystem32DRIVERSphantomtap.sys [35664 2020-03-18] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)

S3 rtux64w7; C:WindowsSystem32DRIVERSrtux64w7.sys [328448 2016-08-19] (Realtek Semiconductor Corp -> Realtek )

S4 secdrv; C:WindowsSysWow64Driverssecdrv.sys [11973 2017-06-06] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]

R0 sptd; C:WindowsSystem32Driverssptd.sys [381440 2013-12-07] (Disc Soft Ltd -> Duplex Secure Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-04-19 14:36 – 2020-04-19 14:36 – 000000000 ____D C:UsersDanieleDownloadsFRST-OlderVersion

2020-04-18 14:29 – 2020-04-18 14:29 – 000062792 _____ C:ProgramDataagent.uninstall.1587216527.bdinstall.v2.bin

2020-04-17 00:37 – 2020-04-17 00:46 – 000072692 _____ C:UsersDanieleDownloadsAddition.txt

2020-04-17 00:28 – 2020-04-19 14:41 – 000045553 _____ C:UsersDanieleDownloadsFRST.txt

2020-04-17 00:22 – 2020-04-19 14:40 – 000000000 ____D C:FRST

2020-04-17 00:21 – 2020-04-19 14:36 – 002281984 _____ (Farbar) C:UsersDanieleDownloadsFRST64.exe

2020-04-16 23:30 – 2020-04-16 23:30 – 000013738 _____ C:UsersDanieleDesktophijackthis2

2020-04-16 22:55 – 2020-04-18 14:29 – 000000000 ____D C:Program FilesBitdefender Agent

2020-04-16 22:55 – 2020-04-16 22:55 – 000102692 _____ C:ProgramDataagent.1587074131.bdinstall.v2.bin

2020-04-16 22:55 – 2020-04-16 22:55 – 000000000 ____D C:ProgramDataBitdefender Agent

2020-04-16 22:53 – 2020-04-16 22:53 – 010527368 _____ C:UsersDanieleDownloadsbitdefender_online.exe

2020-04-16 22:40 – 2020-04-16 22:40 – 000000000 ____D C:ProgramDataUbisoft

2020-04-16 22:11 – 2020-04-16 22:11 – 000388608 _____ (Trend Micro Inc.) C:UsersDanieleDownloadsHijackThis.exe

2020-04-15 17:17 – 2020-04-15 17:17 – 000000219 _____ C:UsersDanieleDesktopCounter-Strike Global Offensive.url

2020-04-10 00:18 – 2020-04-10 00:18 – 004342776 _____ (Avira Operations GmbH & Co. KG) C:UsersDanieleDownloadsavira_en_sptl1_1609235037-1586472637__phpws-spotlight-release (1).exe

2020-04-10 00:16 – 2020-04-10 00:16 – 000003292 _____ C:Windowssystem32TasksAvira_Antivirus_Systray

2020-04-10 00:15 – 2020-04-06 21:13 – 000177376 _____ (Avira Operations GmbH & Co. KG) C:Windowssystem32Driversavipbb.sys

2020-04-10 00:15 – 2020-03-27 12:48 – 000223744 _____ (Avira Operations GmbH & Co. KG) C:Windowssystem32Driversavgntflt.sys

2020-04-10 00:15 – 2019-06-07 15:09 – 000068152 _____ (Avira Operations GmbH & Co. KG) C:Windowssystem32Driversavdevprot.sys

2020-04-10 00:15 – 2019-03-20 19:50 – 000078600 _____ (Avira Operations GmbH & Co. KG) C:Windowssystem32Driversavnetflt.sys

2020-04-10 00:15 – 2019-03-20 19:50 – 000036072 _____ (Avira Operations GmbH & Co. KG) C:Windowssystem32Driversavkmgr.sys

2020-04-10 00:15 – 2019-03-20 19:50 – 000035376 _____ (Avira Operations GmbH & Co. KG) C:Windowssystem32Driversavusbflt.sys

2020-04-09 23:54 – 2020-04-09 23:55 – 000000000 ____D C:UsersPublicSpeedup Sessions

2020-04-09 23:54 – 2020-04-09 23:54 – 000003668 _____ C:Windowssystem32TasksAviraSystemSpeedupUpdate

2020-04-09 23:53 – 2020-04-15 08:51 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsAvira

2020-04-09 23:53 – 2020-04-09 23:53 – 000001192 _____ C:UsersPublicDesktopAvira.lnk

2020-04-09 23:53 – 2020-04-09 23:53 – 000001192 _____ C:ProgramDataDesktopAvira.lnk

2020-04-09 23:50 – 2020-04-09 23:50 – 004342776 _____ (Avira Operations GmbH & Co. KG) C:UsersDanieleDownloadsavira_en_sptl1_1609235037-1586472637__phpws-spotlight-release.exe

2020-04-09 23:08 – 2020-04-09 23:08 – 003318440 _____ (Dominik Reichl ) C:UsersDanieleDownloadsKeePass-2.44-Setup.exe

2020-04-03 01:24 – 2020-04-03 01:24 – 000000000 ____D C:UsersDanieleAppDataLocalLowObsidian Entertainment

2020-04-02 22:10 – 2020-04-02 22:10 – 000000222 _____ C:UsersDanieleDesktopPillars of Eternity.url

2020-03-30 19:29 – 2020-03-30 19:29 – 000076137 _____ C:UsersDanieleDownloadseContract.pdf

2020-03-26 17:50 – 2020-03-26 18:04 – 000000000 ____D C:UsersDanieleDesktopRee Accident Claim

2020-03-25 23:46 – 2020-04-04 11:49 – 000000000 ____D C:UsersDaniele.Ld2VirtualBox

2020-03-25 23:45 – 2020-03-25 23:45 – 000000671 _____ C:UsersDanieleDesktopLDMultiPlayer4.lnk

2020-03-25 23:45 – 2020-03-25 23:45 – 000000671 _____ C:UsersDanieleAppDataRoamingMicrosoftWindowsStart MenuLDMultiPlayer4.lnk

2020-03-25 23:45 – 2020-03-25 23:45 – 000000656 _____ C:UsersDanieleDesktopLDPlayer4.lnk

2020-03-25 23:45 – 2020-03-25 23:45 – 000000656 _____ C:UsersDanieleAppDataRoamingMicrosoftWindowsStart MenuLDPlayer4.lnk

2020-03-25 23:45 – 2020-03-25 23:45 – 000000000 ____D C:UsersDanieleAppDataRoamingMicrosoftWindowsStart MenuProgramsLDPlayer4

2020-03-25 23:44 – 2020-03-25 23:45 – 000000000 ____D C:Program Filesldplayerbox

2020-03-25 23:44 – 2020-03-25 23:44 – 000000000 ____D C:UsersDanieleDocumentsXuanZhi

2020-03-25 23:43 – 2020-03-25 23:43 – 000000000 ____D C:Program FilesMcAfee

2020-03-25 23:42 – 2020-03-25 23:42 – 000284010 _____ C:UsersDanieleAppDataRoamingm47_1N1I1F1S1T1I0M1F1Q2Y1I1P1B0C1F1Q1P.txt

2020-03-25 23:42 – 2020-03-25 23:42 – 000000000 ____D C:UsersDanieleDownloads2cep

2020-03-25 23:41 – 2020-03-25 23:46 – 000000000 ____D C:UsersDanieleAppDataRoamingXuanZhi

2020-03-25 23:41 – 2020-03-25 23:41 – 002931392 _____ (XUANZHI INTERNATIONAL CO., LIMITED) C:UsersDanieleDownloadsLDPlayer_ens_3020_ld.exe

2020-03-25 23:41 – 2020-03-25 23:41 – 002931392 _____ (XUANZHI INTERNATIONAL CO., LIMITED) C:UsersDanieleDownloadsLDPlayer_ens_3020_ld (1).exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-04-19 14:47 – 2014-02-28 19:48 – 000000000 ____D C:UsersDanieleAppDataLocalBattle.net

2020-04-19 14:28 – 2017-01-29 20:15 – 000000000 ____D C:UsersDanieleAppDataLocalLowMozilla

2020-04-19 14:27 – 2019-01-30 14:34 – 000000000 ____D C:UsersDanieleAppDataRoamingDiscord

2020-04-19 13:50 – 2018-10-22 17:50 – 000000911 _____ C:WindowsTasksEPSON XP-312 313 315 Series Update E25A4D64-F87D-4249-99D5-CFF2F8F8E6DF.job

2020-04-19 13:50 – 2018-10-22 17:50 – 000000911 _____ C:WindowsTasksEPSON XP-312 313 315 Series Update 6AFC5C38-E427-4C18-A613-15CA4120664F.job

2020-04-19 13:50 – 2018-10-22 17:50 – 000000725 _____ C:WindowsTasksEPSON XP-312 313 315 Series Invitation E25A4D64-F87D-4249-99D5-CFF2F8F8E6DF.job

2020-04-19 13:50 – 2018-10-22 17:50 – 000000725 _____ C:WindowsTasksEPSON XP-312 313 315 Series Invitation 6AFC5C38-E427-4C18-A613-15CA4120664F.job

2020-04-19 12:25 – 2018-07-01 20:59 – 000000000 ____D C:ProgramDataNVIDIA

2020-04-19 03:56 – 2009-07-14 05:45 – 000016976 ____H C:Windowssystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2020-04-19 03:56 – 2009-07-14 05:45 – 000016976 ____H C:Windowssystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2020-04-19 03:19 – 2018-03-26 22:41 – 000000000 ____D C:UsersDanieleAppDataRoamingHearthstoneDeckTracker

2020-04-18 20:55 – 2018-03-26 22:41 – 000002512 _____ C:UsersDanieleDesktopHearthstone Deck Tracker.lnk

2020-04-18 20:55 – 2018-03-26 22:41 – 000000000 ____D C:UsersDanieleAppDataLocalHearthstoneDeckTracker

2020-04-18 20:54 – 2018-03-26 22:41 – 000000000 ____D C:UsersDanieleAppDataLocalSquirrelTemp

2020-04-18 15:26 – 2014-02-28 19:47 – 000000000 ____D C:Program Files (x86)Battle.net

2020-04-18 14:22 – 2014-06-18 09:34 – 000000000 ____D C:Program Files (x86)TeamViewer

2020-04-18 14:21 – 2009-07-14 06:08 – 000000006 ____H C:WindowsTasksSA.DAT

2020-04-17 19:37 – 2017-05-31 22:40 – 000000000 ____D C:UsersRee

2020-04-17 13:30 – 2019-12-20 00:37 – 000000000 ____D C:WindowsSysWOW64NV

2020-04-17 13:30 – 2019-12-20 00:37 – 000000000 ____D C:Windowssystem32NV

2020-04-17 13:29 – 2017-09-12 00:30 – 000000000 ____D C:Program Files (x86)Mozilla Firefox

2020-04-17 13:29 – 2013-05-04 17:46 – 000000000 ____D C:Program Files (x86)Mozilla Maintenance Service

2020-04-17 13:22 – 2014-01-15 19:16 – 000000000 ____D C:Program Files (x86)Steam

2020-04-17 13:10 – 2017-12-17 16:51 – 000000000 ____D C:UsersDanieleAppDataLocalUbisoft Game Launcher

2020-04-16 22:37 – 2012-06-21 20:37 – 000000000 ___HD C:Program Files (x86)InstallShield Installation Information

2020-04-16 22:37 – 2009-07-14 06:32 – 000000000 ___RD C:ProgramDataMicrosoftWindowsStart MenuProgramsGames

2020-04-16 22:36 – 2013-05-04 20:18 – 000000000 ____D C:UsersDanieleAppDataRoaminguTorrent

2020-04-15 20:36 – 2013-05-04 18:11 – 000002226 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome.lnk

2020-04-10 00:17 – 2009-07-14 04:20 – 000000000 ____D C:Windowsinf

2020-04-10 00:15 – 2013-05-06 00:19 – 000000000 ____D C:ProgramDataAvira

2020-04-10 00:15 – 2013-05-06 00:19 – 000000000 ____D C:Program Files (x86)Avira

2020-04-10 00:13 – 2013-04-13 02:40 – 000743878 _____ C:Windowssystem32perfh010.dat

2020-04-10 00:13 – 2013-04-13 02:40 – 000148496 _____ C:Windowssystem32perfc010.dat

2020-04-10 00:13 – 2009-07-14 06:13 – 001662796 _____ C:Windowssystem32PerfStringBackup.INI

2020-04-10 00:04 – 2013-04-16 13:43 – 000000000 ____D C:UsersDaniele

2020-04-09 23:52 – 2014-08-20 13:02 – 000000000 ____D C:ProgramDataPackage Cache

2020-04-09 23:28 – 2018-01-28 01:56 – 000000000 ____D C:UsersDanieleAppDataRoamingKeePass

2020-04-09 23:10 – 2018-01-28 01:00 – 000001121 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsKeePass 2.lnk

2020-04-09 23:10 – 2018-01-28 01:00 – 000001109 _____ C:UsersDanieleDesktopKeePass 2.lnk

2020-04-09 23:10 – 2018-01-28 01:00 – 000000000 ____D C:Program Files (x86)KeePass Password Safe 2

2020-04-02 06:28 – 2018-03-29 14:27 – 000000000 ____D C:Program Files (x86)Overwolf

2020-04-02 00:49 – 2010-11-21 04:27 – 000744808 ____N (Microsoft Corporation) C:Windowssystem32MpSigStub.exe

2020-03-26 18:43 – 2019-12-18 20:22 – 000000000 ____D C:UsersDanieleAppDataRoamingChangZhi2

2020-03-26 17:50 – 2013-05-12 22:25 – 000000000 ____D C:UsersDanieleDesktopCompleanno Ree 2013

2020-03-26 17:49 – 2020-02-04 14:31 – 000000000 ____D C:UsersDanieleDesktopCittadinanza

2020-03-25 23:42 – 2013-05-06 19:11 – 000000000 ____D C:ProgramDataMcAfee

2020-03-25 23:34 – 2019-12-18 20:31 – 000000000 ____D C:UsersDaniele.LdVirtualBox

2020-03-25 13:00 – 2019-02-14 20:04 – 000000000 ____D C:UsersDanieleAppDataLocalBluestacks

2020-03-24 02:08 – 2013-05-15 17:30 – 000000000 ____D C:UsersDanieleAppDataRoamingSoftGrid Client

2020-03-21 02:29 – 2013-05-04 18:11 – 000003586 _____ C:Windowssystem32TasksGoogleUpdateTaskMachineUA

2020-03-21 02:29 – 2013-05-04 18:11 – 000003458 _____ C:Windowssystem32TasksGoogleUpdateTaskMachineCore

2020-03-20 08:46 – 2015-01-01 09:45 – 000004476 _____ C:Windowssystem32TasksAdobe Acrobat Update Task

2020-03-20 08:45 – 2015-12-16 22:13 – 000002441 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsAcrobat Reader DC.lnk

==================== Files in the root of some directories ========

2013-12-31 12:57 – 2013-12-31 12:58 – 000000093 _____ () C:UsersDanieleAppDataRoamingARCompanion.log

2019-12-18 20:31 – 2019-12-18 20:31 – 000000068 _____ () C:UsersDanieleAppDataRoamingchangzhi_leidian.data

2019-12-21 18:17 – 2019-12-21 18:17 – 000000068 _____ () C:UsersDanieleAppDataRoamingchangzhi_mplayer.data

2020-03-25 23:42 – 2020-03-25 23:42 – 000284010 _____ () C:UsersDanieleAppDataRoamingm47_1N1I1F1S1T1I0M1F1Q2Y1I1P1B0C1F1Q1P.txt

2017-07-11 22:13 – 2017-07-11 22:13 – 000014139 _____ () C:UsersDanieleAppDataLocalHWVendorDetection.log

2013-05-05 00:55 – 2019-12-27 13:15 – 000007615 _____ () C:UsersDanieleAppDataLocalresmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

LastRegBack: 2020-04-17 19:29

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-04-2020

Ran by Daniele (19-04-2020 14:50:00)

Running from C:UsersDanieleDownloads

Windows 7 Home Premium Service Pack 1 (X64) (2013-04-16 12:43:25)

Boot Mode: Normal

==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1536202438-368462837-3654654372-500 – Administrator – Disabled)

Daniele (S-1-5-21-1536202438-368462837-3654654372-1001 – Administrator – Enabled) => C:UsersDaniele

Guest (S-1-5-21-1536202438-368462837-3654654372-501 – Limited – Disabled)

HomeGroupUser$ (S-1-5-21-1536202438-368462837-3654654372-1003 – Limited – Enabled)

Ree (S-1-5-21-1536202438-368462837-3654654372-1005 – Limited – Enabled) => C:UsersRee

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled – Up to date) 8EAC8D5C-B3AA-95AA-3DF1-2845CDD09CBE

AV: Microsoft Security Essentials (Enabled – Up to date) 71A27EC9-3DA6-45FC-60A7-004F623C6189

AS: Microsoft Security Essentials (Enabled – Up to date) CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34

AS: Avira Antivirus (Enabled – Up to date) 35CD6CB8-9590-9A24-0741-1337B657D603

AS: Windows Defender (Disabled – Out of date) D68DDC3A-831F-4fae-9E44-DA132C1ACF46

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acer Backup Manager (HKLM-x32…InstallShield_0B61BBD5-DA3C-409A-8730-0C3DC3B0F270) (Version: 3.0.0.99 – NTI Corporation)

Acer Crystal Eye Webcam (HKLM-x32…1FB4998-33C4-4431-85ED-079E3EEFE75D) (Version: 1.0.1904 – CyberLink Corp.) Hidden

Acer Crystal Eye Webcam (HKLM-x32…InstallShield_01FB4998-33C4-4431-85ED-079E3EEFE75D) (Version: 1.0.1904 – CyberLink Corp.)

Acer ePower Management (HKLM-x32…3DB0448D-AD82-4923-B305-D001E521A964) (Version: 6.00.3008 – Acer Incorporated)

Acer eRecovery Management (HKLM-x32…7F811A54-5A09-4579-90E1-C93498E230D9) (Version: 5.00.3504 – Acer Incorporated)

Acer Games (HKLM-x32…WildTangent acer Master Uninstall) (Version: 1.0.2.5 – WildTangent)

Acer Registration (HKLM-x32…Acer Registration) (Version: 1.04.3504 – Acer Incorporated)

Acer ScreenSaver (HKLM-x32…Acer Screensaver) (Version: 1.1.0913.2011 – Acer Incorporated)

Acer Updater (HKLM-x32…EE171732-BEB4-4576-887D-CB62727F01CA) (Version: 1.02.3502 – Acer Incorporated)

Adobe Acrobat Reader DC – Italiano (HKLM-x32…AC76BA86-7AD7-1040-7B44-AC0F074E4100) (Version: 20.006.20042 – Adobe Systems Incorporated)

Adobe AIR (HKLM-x32…Adobe AIR) (Version: 2.7.1.19610 – Adobe Systems Incorporated)

Adobe Flash Player 29 ActiveX (HKLM-x32…Adobe Flash Player ActiveX) (Version: 29.0.0.140 – Adobe Systems Incorporated)

Adobe Flash Player 32 NPAPI (HKLM-x32…Adobe Flash Player NPAPI) (Version: 32.0.0.303 – Adobe)

Agatha Christie – Death on the Nile (HKLM-x32…WTA-5e746bf8-8dee-4fe9-9f1a-49235ad98c76) (Version: 2.2.0.98 – WildTangent) Hidden

Aggiornamenti NVIDIA 31.1.10.0 (HKLM…B2FE1952-0186-46C3-BAEC-A80AA35AC5B8_Display.Update) (Version: 31.1.10.0 – NVIDIA Corporation) Hidden

Application Verifier x64 External Package (HKLM…77F3D72C-465F-BD51-890E-CC3914B1365F) (Version: 8.100.26936 – Microsoft) Hidden

Aspera Connect 3.6.1.111228 (HKLM-x32…EC793CAC-7C41-4817-BA98-7E481A79F9CF) (Version: 3.6.1.111228 – © Copyright IBM Corp. 2014) Hidden

Aspera Connect 3.6.1.111228 (HKUS-1-5-21-1536202438-368462837-3654654372-1001…Aspera Connect 3.6.1.111228) (Version: 3.6.1.111228 – © Copyright IBM Corp. 2014)

Assassin's Creed IV Black Flag (HKLM-x32…Uplay Install 273) (Version:  – Ubisoft)

Avira (HKLM-x32…CAB70370-888E-4D62-B5D5-DA7982585C46) (Version: 1.2.145.25926 – Avira Operations GmbH & Co. KG) Hidden

Avira (HKLM-x32…e636e084-c7ab-4246-8ad2-aa1bb1cbedfd) (Version: 1.2.145.25926 – Avira Operations GmbH & Co. KG)

Avira Antivirus (HKLM-x32…Avira Antivirus) (Version: 15.0.2004.1828 – Avira Operations GmbH & Co. KG)

Avira Phantom VPN (HKLM-x32…Avira Phantom VPN) (Version: 2.32.2.34115 – Avira Operations GmbH & Co. KG)

Avira Software Updater (HKLM-x32…30947035-9248-4304-96CE-CB6B1D38CFD5) (Version: 2.0.6.30594 – Avira Operations GmbH & Co. KG)

Avira System Speedup (HKLM-x32…Avira System Speedup_is1) (Version: 6.4.1.10871 – Avira Operations GmbH & Co. KG)

Backup Manager V3 (HKLM-x32…B61BBD5-DA3C-409A-8730-0C3DC3B0F270) (Version: 3.0.0.99 – NTI Corporation) Hidden

Battle.net (HKLM-x32…Battle.net) (Version:  – Blizzard Entertainment)

Bejeweled 2 Deluxe (HKLM-x32…WTA-878366c0-7e0d-49fc-9060-e75a6dabe155) (Version: 2.2.0.95 – WildTangent) Hidden

Blue Jeans (HKLM-x32…6D19EE68-6672-48DB-A45A-5CCFA8021D92) (Version: 1.28.10 – Blue Jeans)

Broadcom Card Reader Driver Installer (HKLM…4710662C-8204-4334-A977-B1AC9E547819) (Version: 14.8.2.2 – Broadcom Corporation)

Broadcom NetLink Controller (HKLM…C91DCB72-F5BB-410D-A91A-314F5D1B4284) (Version: 14.8.4.1 – Broadcom Corporation)

Caesar 3 (HKLM-x32…Caesar 3) (Version:  – )

Chuzzle Deluxe (HKLM-x32…WTA-7f54354a-b7a2-4639-9a5c-f4b75efe2e90) (Version: 2.2.0.95 – WildTangent) Hidden

clear.fi (HKLM-x32…14C4C3B6-F1F4-401F-8C86-03E8E19AAC8C) (Version: 1.0.1517_36458 – CyberLink Corp.) Hidden

clear.fi (HKLM-x32…2637C347-9DAD-11D6-9EA2-00055D0CA761) (Version: 1.0.2024.00 – CyberLink Corp.) Hidden

clear.fi (HKLM-x32…B906C11A-D193-4143-9FA7-E2EE8A5A8F21) (Version: 9.0.8026 – CyberLink Corp.) Hidden

clear.fi (HKLM-x32…InstallShield_2637C347-9DAD-11D6-9EA2-00055D0CA761) (Version: 1.0.2024.00 – CyberLink Corp.)

clear.fi Client (HKLM-x32…43AAE145-83CF-4C96-9A5E-756CEFCE879F) (Version: 1.00.3500 – Acer Incorporated)

Crazy Chicken Kart 2 (HKLM-x32…WTA-111fa445-16e9-4867-bd6d-79c26bc446f5) (Version: 2.2.0.97 – WildTangent) Hidden

D3DX10 (HKLM-x32…E09C4DB7-630C-4F06-A631-8EA7239923AF) (Version: 15.4.2368.0902 – Microsoft) Hidden

DAEMON Tools Lite (HKLM-x32…DAEMON Tools Lite) (Version: 4.48.1.0347 – Disc Soft Ltd)

Diablo III (HKLM-x32…Diablo III) (Version:  – Blizzard Entertainment)

Discord (HKUS-1-5-21-1536202438-368462837-3654654372-1001…Discord) (Version: 0.0.306 – Discord Inc.)

Disinstalla EPSON SX100 Series Printer (HKLM…EPSON SX100 Series) (Version:  – SEIKO EPSON Corporation)

DisplayDriverAnalyzer (HKLM…B2FE1952-0186-46C3-BAEC-A80AA35AC5B8_DisplayDriverAnalyzer) (Version: 391.35 – NVIDIA Corporation) Hidden

Dolby Advanced Audio v2 (HKLM-x32…B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613) (Version: 7.2.7000.7 – Dolby Laboratories Inc)

Dragon Age II (HKLM-x32…F2E23139-3404-4E3C-9855-7724415D62A5) (Version: 1.04 – Electronic Arts, Inc.)

Dropbox (HKUS-1-5-21-1536202438-368462837-3654654372-1001…Dropbox) (Version: 3.0.5 – Dropbox, Inc.)

eBay Worldwide (HKLM-x32…D3E5A972-9A15-427D-AE78-8181A5FD943C) (Version: 2.2.0409 – OEM)

Epson Connect Printer Setup (HKLM-x32…D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C) (Version: 1.4.0 – Seiko Epson Corporation)

Epson Event Manager (HKLM-x32…9F205E94-9E42-4486-A92A-DF3F6CB85444) (Version: 3.10.0061 – Seiko Epson Corporation)

EPSON Remote Print Uninstall (HKLM…EPSON Remote Print) (Version:  – SEIKO EPSON Corporation)

EPSON Scan (HKLM-x32…EPSON Scanner) (Version:  – Seiko Epson Corporation)

Epson Software Updater (HKLM-x32…FD036A57-F81D-4865-AAF0-811558EA76AE) (Version: 4.5.1 – Seiko Epson Corporation)

EPSON XP-312 313 315 Series Printer Uninstall (HKLM…EPSON XP-312 313 315 Series) (Version:  – SEIKO EPSON Corporation)

EpsonNet Print (HKLM-x32…3E31400D-274E-4647-916C-2CACC3741799) (Version: 2.6.0 – SEIKO EPSON CORPORATION)

Evernote v. 4.5.1 (HKLM-x32…28921580-E4BB-11E0-9FD7-1CC1DEF07CBE) (Version: 4.5.1.5451 – Evernote Corp.)

FATE (HKLM-x32…WTA-d562914f-464e-442a-9b6b-eef07926c4b7) (Version: 2.2.0.97 – WildTangent) Hidden

Final Drive: Nitro (HKLM-x32…WTA-ba528cbd-abfc-43b4-b622-039073085d6c) (Version: 2.2.0.95 – WildTangent) Hidden

Fooz Kids (HKLM-x32…4C774C35-E0AF-72E1-136A-2BF666702268) (Version: 3.0.8 – FUHU, Inc.) Hidden

Fooz Kids (HKLM-x32…FoozKids) (Version: 3.0.8 – FUHU, Inc.)

Fooz Kids Platform (HKLM-x32…8D68CE08-9A14-4B7B-9857-3C646A2F34C7) (Version: 2.1 – FUHU, Inc.)

Fotogalerija Windows Live (HKLM-x32…E59969EA-3B5B-4B24-8B94-43842A7FBFE9) (Version: 15.4.3502.0922 – Microsoft Corporation) Hidden

Galeria de Fotografias do Windows Live (HKLM-x32…EC0B576-90F9-43C3-8FAD-A4902DF4B8F4) (Version: 15.4.3502.0922 – Microsoft Corporation) Hidden

Galería fotográfica de Windows Live (HKLM-x32…E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66) (Version: 15.4.3502.0922 – Microsoft Corporation) Hidden

Galeria fotogràfica del Windows Live (HKLM-x32…4736B0ED-F6A1-48EC-A1B7-C053027648F1) (Version: 15.4.3502.0922 – Microsoft Corporation) Hidden

Galeria fotografii usługi Windows Live (HKLM-x32…CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431) (Version: 15.4.3502.0922 – Microsoft Corporation) Hidden

Galerie de photos Windows Live (HKLM-x32…488F0347-C4A7-4374-91A7-30818BEDA710) (Version: 15.4.3502.0922 – Microsoft Corporation) Hidden

Galerie foto Windows Live (HKLM-x32…CB66242D-12B1-4494-82D2-6F53A7E024A3) (Version: 15.4.3502.0922 – Microsoft Corporation) Hidden

Google Chrome (HKLM-x32…Google Chrome) (Version: 81.0.4044.113 – Google LLC)

Google Update Helper (HKLM-x32…60EC980A-BDA2-4CB6-A427-B07A5498B4CA) (Version: 1.3.35.451 – Google LLC) Hidden

HearthArena Companion (HKUS-1-5-21-1536202438-368462837-3654654372-1001…Overwolf_eldaohcjmecjpkpdhhoiolhhaeapcldppbdgbnbc) (Version: 1.5.0.2 – Overwolf app)

Hearthstone (HKLM-x32…Hearthstone) (Version:  – Blizzard Entertainment)

Hearthstone Deck Tracker (HKUS-1-5-21-1536202438-368462837-3654654372-1001…HearthstoneDeckTracker) (Version: 1.10.7 – HearthSim)

HP USB Disk Storage Format Tool (HKLM-x32…E0DF90C-D0BA-4C89-9262-AD78D1A3DE51) (Version:  – )

Identity Card (HKLM-x32…Identity Card) (Version: 1.00.3501 – Acer Incorporated)

Insaniquarium Deluxe (HKLM-x32…WTA-1aadf450-ec73-41b5-b741-966d0737010a) (Version: 2.2.0.97 – WildTangent) Hidden

Intel® Control Center (HKLM-x32…F8A9085D-4C7A-41a9-8A77-C8998A96C421) (Version: 1.2.1.1007 – Intel Corporation)

Intel® Management Engine Components (HKLM-x32…65153EA5-8B6E-43B6-857B-C6E4FC25798A) (Version: 7.0.0.1144 – Intel Corporation)

Intel® Processor Graphics (HKLM-x32…F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA) (Version: 8.15.10.2342 – Intel Corporation)

Intel® Processor Identification Utility (HKLM-x32…A92A4DB0-CD37-42D1-BE1D-603D53C24328) (Version: 1.0.0.0 – Intel Corporation)

Intel® Rapid Storage Technology (HKLM-x32…3E29EE6C-963A-4aae-86C1-DC237C4A49FC) (Version: 10.5.0.1026 – Intel Corporation)

Intel® SDK for OpenCL – CPU Only Runtime Package (HKLM-x32…FCB3772C-B7D0-4933-B1A9-3707EBACC573) (Version: 2.0.0.37149 – Intel Corporation)

Java 8 Update 171 (HKLM-x32…26A24AE4-039D-4CA4-87B4-2F32180171F0) (Version: 8.0.1710.11 – Oracle Corporation)

Jewel Match 3 (HKLM-x32…WTA-63325e84-34c2-4ccd-b3ee-87abc401d44a) (Version: 2.2.0.97 – WildTangent) Hidden

Jewel Quest Solitaire (HKLM-x32…WTA-4d51be1b-2978-4973-ad15-8b42189f04f8) (Version: 2.2.0.95 – WildTangent) Hidden

John Deere Drive Green (HKLM-x32…WTA-91a805f7-4cee-4088-a326-afc28032536e) (Version: 2.2.0.95 – WildTangent) Hidden

Juniper Installer Service (HKLM-x32…93A64A36-C060-47B4-96DE-D405CC22F4C4) (Version: 7.4.28485 – Juniper Networks) Hidden

Juniper Installer Service 7.4 (HKLM-x32…Juniper Installer Service 7.4) (Version: 7.4.28485 – Juniper Networks, Inc.)

Juniper Networks Network Connect 7.1.8 (HKLM-x32…Juniper Network Connect 7.1.8) (Version: 7.1.8.20737 – Juniper Networks)

Juniper Networks Network Connect 7.3.0 (HKLM-x32…Juniper Network Connect 7.3.0) (Version: 7.3.0.24657 – Juniper Networks)

Juniper Networks Network Connect 7.4.0 (HKLM-x32…Juniper Network Connect 7.4.0) (Version: 7.4.0.30731 – Juniper Networks)

Juniper Networks, Inc. Setup Client (HKUS-1-5-21-1536202438-368462837-3654654372-1001…Juniper_Setup_Client) (Version: 7.4.10.45165 – Juniper Networks, Inc.)

Juniper Networks, Inc. Setup Client 64-bit Activex Control (HKLM…Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 – Juniper Networks, Inc.)

Juniper Networks, Inc. Setup Client Activex Control (HKLM-x32…Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 – Juniper Networks, Inc.)

Junk Mail filter update (HKLM-x32…1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4) (Version: 15.4.3502.0922 – Microsoft Corporation) Hidden

KeePass Password Safe 2.44 (HKLM-x32…KeePassPasswordSafe2_is1) (Version: 2.44 – Dominik Reichl)

Kits Configuration Installer (HKLM-x32…B74E65FD-CC47-41C5-4B89-791A3F61942D) (Version: 8.100.25984 – Microsoft) Hidden

Kodi (HKUS-1-5-21-1536202438-368462837-3654654372-1001…Kodi) (Version:  – XBMC-Foundation)

Launch Manager (HKLM-x32…LManager) (Version: 5.1.7 – Acer Inc.)

LDPlayer (HKLM-x32…LDPlayer4) (Version: 4.0 – XUANZHI INTERNATIONAL CO., LIMITED)

LINE (HKUS-1-5-21-1536202438-368462837-3654654372-1001…LINE) (Version: 5.21.3.2086 – LINE Corporation)

Manuali EPSON (HKLM-x32…84CECC1B-21EF-41B1-9A91-3E724E5D99D3) (Version: 1.53.0.0 – Seiko Epson Corporation)

McAfee WebAdvisor (HKLM-x32…35ED3F83-4BDC-4c44-8EC6-6A8301C7413A) (Version: 4.1.1.90 – McAfee, LLC.)

Mesh Runtime (HKLM-x32…8C6D6116-B724-4810-8F2D-D047E6B7D68E) (Version: 15.4.5722.2 – Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32…D1D37853-0004-3E36-A7AA-74F4EEA35F64) (Version: 4.5.50930 – Microsoft Corporation)

Microsoft .NET Framework 4.5.1 SDK (HKLM-x32…19A5926D-66E1-46FC-854D-163AA10A52D3) (Version: 4.5.51641 – Microsoft Corporation)

Microsoft .NET Framework 4.8 (HKLM…92FB6C44-E685-45AD-9B20-CADF4CABA132 – 1033) (Version: 4.8.03761 – Microsoft Corporation)

Microsoft .NET Framework 4.8 (Italiano) (HKLM…92FB6C44-E685-45AD-9B20-CADF4CABA132 – 1040) (Version: 4.8.03761 – Microsoft Corporation)

Microsoft Office 2010 (HKLM-x32…95140000-0070-0000-0000-0000000FF1CE) (Version: 14.0.4763.1000 – Microsoft Corporation)

Microsoft Office a portata di clic 2010 (HKLM-x32…Office14.Click2Run) (Version: 14.0.4763.1000 – Microsoft Corporation)

Microsoft Office Starter 2010 – Italiano (HKLM-x32…90140011-0066-0410-0000-0000000FF1CE) (Version: 14.0.5128.5002 – Microsoft Corporation)

Microsoft Security Essentials (HKLM…Microsoft Security Client) (Version: 4.10.209.0 – Microsoft Corporation)

Microsoft Silverlight (HKLM…89F4137D-6C26-4A84-BDB8-2E5A4BB71E00) (Version: 5.1.50918.0 – Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32…F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8) (Version: 3.1.0000 – Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32…710f4c1c-cc18-4c49-8cbf-51240c89a1a2) (Version: 8.0.61001 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.17 (HKLM…8220EEFE-38CD-377E-8595-13398D740ACE) (Version: 9.0.30729 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.6161 (HKLM…5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4) (Version: 9.0.30729.6161 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.17 (HKLM-x32…9A25302D-30C0-39D9-BD6F-21E6EC160475) (Version: 9.0.30729 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.4148 (HKLM-x32…1F1C2DFC-2D24-3E06-BCB8-725134ADF989) (Version: 9.0.30729.4148 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.6161 (HKLM-x32…9BE518E6-ECC6-35A9-88E4-87755C07200F) (Version: 9.0.30729.6161 – Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable – 10.0.40219 (HKLM…1D8E6291-B0D5-35EC-8441-6616F567A0F7) (Version: 10.0.40219 – Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable – 10.0.40219 (HKLM-x32…F0C3E5D1-1ADE-321E-8167-68EF0DE699A5) (Version: 10.0.40219 – Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) – 11.0.61030 (HKLM-x32…ca67548a-5ebe-413a-b50c-4b9ceb6d66c6) (Version: 11.0.61030.0 – Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) – 11.0.61030 (HKLM-x32…33d1fd90-4274-48a1-9bc1-97e33d9c2d6f) (Version: 11.0.61030.0 – Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) – 12.0.30501 (HKLM-x32…50d4fc8-5d48-4b8f-8972-47c82c46020f) (Version: 12.0.30501.0 – Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) – 12.0.30501 (HKLM-x32…f65db027-aff3-4070-886a-0d87064aabb1) (Version: 12.0.30501.0 – Microsoft Corporation)

Microsoft Visual C++ 2015 Redistributable (x64) – 14.0.24215 (HKLM-x32…d992c12e-cab2-426f-bde3-fb8c53950b0d) (Version: 14.0.24215.1 – Microsoft Corporation)

Microsoft Visual C++ 2015 Redistributable (x86) – 14.0.24215 (HKLM-x32…e2803110-78b3-4664-a479-3611a381656a) (Version: 14.0.24215.1 – Microsoft Corporation)

Monitoraggio della tecnologia Intel® Turbo Boost 2.0 (HKLM…B77EFA0B-9BD3-4122-9F9A-15A963B5EA24) (Version: 2.1.23.0 – Intel)

Mozilla Firefox 75.0 (x64 it) (HKLM…Mozilla Firefox 75.0 (x64 it)) (Version: 75.0 – Mozilla)

Mozilla Maintenance Service (HKLM-x32…MozillaMaintenanceService) (Version: 75.0.0.7398 – Mozilla)

MSI Development Tools (HKLM-x32…CF3A1CA6-5E5E-B4BD-6CF1-363056816CA2) (Version: 8.100.26898 – Microsoft Corporation) Hidden

MyEpson Portal (HKLM-x32…3361D415-BA35-4143-B301-661991BA6219) (Version: 1.1.2.2 – SEIKO EPSON CORPORATION) Hidden

MyEpson Portal (HKLM-x32…MyEpson Portal) (Version:  – SEIKO EPSON Corporation)

Mystery of Mortlake Mansion (HKLM-x32…WTA-fa5c5656-0bbe-4718-93c5-e01c9a8c326f) (Version: 2.2.0.98 – WildTangent) Hidden

newsXpresso (HKLM-x32…613C0AC5-3A67-4B94-8B13-9176AD83F5BF) (Version: 1.0.0.40 – esobi Inc.) Hidden

newsXpresso (HKLM-x32…InstallShield_613C0AC5-3A67-4B94-8B13-9176AD83F5BF) (Version: 1.0.0.40 – esobi Inc.)

Notepad++ (HKLM-x32…Notepad++) (Version: 6.6.8 – Notepad++ Team)

NTI Media Maker 9 (HKLM-x32…D3D5C4E8-040F-4C6F-8105-41D43CF94F44) (Version: 9.0.2.9002 – NTI Corporation) Hidden

NTI Media Maker 9 (HKLM-x32…InstallShield_D3D5C4E8-040F-4C6F-8105-41D43CF94F44) (Version: 9.0.2.9002 – NTI Corporation)

NVIDIA Driver grafico 391.35 (HKLM…B2FE1952-0186-46C3-BAEC-A80AA35AC5B8_Display.Driver) (Version: 391.35 – NVIDIA Corporation)

NVIDIA GeForce Experience 3.13.1.30 (HKLM…B2FE1952-0186-46C3-BAEC-A80AA35AC5B8_Display.GFExperience) (Version: 3.13.1.30 – NVIDIA Corporation)

NVIDIA PhysX System Software 9.17.0524 (HKLM…B2FE1952-0186-46C3-BAEC-A80AA35AC5B8_Display.PhysX) (Version: 9.17.0524 – NVIDIA Corporation)

Online Plug-in (HKLM-x32…9A0FE2C0-7A7E-444E-8BD4-087178A91865) (Version: 14.0.0.91 – Citrix Systems, Inc.) Hidden

Origin (HKLM-x32…Origin) (Version: 10.5.2.49155 – Electronic Arts, Inc.)

Overwolf (HKLM-x32…Overwolf) (Version: 0.143.0.24 – Overwolf Ltd.)

Pannello di controllo NVIDIA 391.35 (HKLM…B2FE1952-0186-46C3-BAEC-A80AA35AC5B8_Display.ControlPanel) (Version: 391.35 – NVIDIA Corporation) Hidden

Penguins! (HKLM-x32…WTA-f82d33cf-1bf0-4c54-85ca-769791349557) (Version: 2.2.0.95 – WildTangent) Hidden

Pidgin (HKLM-x32…Pidgin) (Version: 2.10.7 – )

Plants vs. Zombies – Game of the Year (HKLM-x32…WTA-fc291ad5-7412-47d4-8641-d23ea23ef2e0) (Version: 2.2.0.95 – WildTangent) Hidden

Poczta usługi Windows Live (HKLM-x32…64376910-1860-4CEF-8B34-AA5D205FC5F1) (Version: 15.4.3502.0922 – Microsoft Corporation) Hidden

Podstawowe programy Windows Live (HKLM-x32…7A9D47BA-6D50-4087-866F-0800D8B89383) (Version: 15.4.3502.0922 – Microsoft Corporation) Hidden

Polar Bowler (HKLM-x32…WTA-4f14c51e-af03-4658-92f9-0f759f61b306) (Version: 2.2.0.97 – WildTangent) Hidden

Pošta Windows Live (HKLM-x32…7BA19818-F717-4DFB-BC11-FAF17B2B8AEE) (Version: 15.4.3502.0922 – Microsoft Corporation) Hidden

PunkBuster Services (HKLM-x32…PunkBusterSvc) (Version: 0.991 – Even Balance, Inc.)

QuickTime (HKLM-x32…B67BAFBA-4C9F-48FA-9496-933E3B255044) (Version: 7.74.80.86 – Apple Inc.)

Raccolta foto di Windows Live (HKLM-x32…ED16B700-D91F-44B0-867C-7EB5253CA38D) (Version: 15.4.3502.0922 – Microsoft Corporation) Hidden

Realtek High Definition Audio Driver (HKLM-x32…F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC) (Version: 6.0.1.6438 – Realtek Semiconductor Corp.)

Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32…5442DAB8-7177-49E1-8B22-09A049EA5996) (Version: 2.0.34.0 – Renesas Electronics Corporation) Hidden

Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32…InstallShield_5442DAB8-7177-49E1-8B22-09A049EA5996) (Version: 2.0.34.0 – Renesas Electronics Corporation)

SDK Debuggers (HKLM-x32…9274C832-3D8A-A294-FDE8-8B9272357098) (Version: 8.100.26936 – Microsoft Corporation) Hidden

Shockwave (HKLM-x32…Shockwave) (Version:  – )

Sierra Utilities (HKLM-x32…Sierra Utilities) (Version:  – )

Skype Click to Call (HKLM-x32…873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B) (Version: 8.5.0.9167 – Microsoft Corporation)

Skype for Business Web App Plug-in (HKLM-x32…37C8167B-B653-4955-A6E8-EBB8DE937DDD) (Version: 15.8.20020.400 – Microsoft Corporation)

Skype versione 8.44 (HKLM-x32…Skype_is1) (Version: 8.44 – Skype Technologies S.A.)

Skype Web Plugin (HKLM-x32…DF6DC2FB-6783-4340-8B98-401CB656AD3A) (Version: 7.26.0.48 – Skype Technologies S.A.)

Slingo Deluxe (HKLM-x32…WTA-0317c6a7-06b3-4b13-8a10-9b264c639ed4) (Version: 2.2.0.95 – WildTangent) Hidden

Steam (HKLM-x32…Steam) (Version:  – Valve Corporation)

Supporto applicazioni Apple (HKLM-x32…5D09C772-ECB3-442B-9CC6-B4341C78FDC2) (Version: 2.3.4 – Apple Inc.)

Synaptics Pointing Device Driver (HKLM…SynTPDeinstKey) (Version: 15.1.6.0 – Synaptics Incorporated)

TeamSpeak 3 Client (HKLM…TeamSpeak 3 Client) (Version: 3.0.15 – TeamSpeak Systems GmbH)

TeamViewer (HKLM-x32…TeamViewer) (Version: 15.4.4445 – TeamViewer)

Torchlight (HKLM-x32…WTA-86f22e04-aba5-46a2-baee-2d2b15dcd07d) (Version: 2.2.0.97 – WildTangent) Hidden

TreeSize Free V4.2 (HKLM-x32…TreeSize Free_is1) (Version: 4.2 – JAM Software)

Unity Web Player (HKUS-1-5-21-1536202438-368462837-3654654372-1001…UnityWebPlayer) (Version: 5.0.1f1 – Unity Technologies ApS)

Update Installer for WildTangent Games App (HKLM-x32…2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2.WildTangent Games App) (Version:  – WildTangent) Hidden

Uplay (HKLM-x32…Uplay) (Version: 46.0 – Ubisoft)

Virtual Villagers 4 – The Tree of Life (HKLM-x32…WTA-2d8486f0-4bd6-4e7d-9791-27029e7c6472) (Version: 2.2.0.97 – WildTangent) Hidden

VLC media player (HKLM-x32…VLC media player) (Version: 3.0.8 – VideoLAN)

Vulkan Run Time Libraries 1.0.65.1 (HKLM…VulkanRT1.0.65.1) (Version: 1.0.65.1 – LunarG, Inc.) Hidden

Wedding Dash (HKLM-x32…WTA-e9518137-4e7b-4626-9f43-7daf4e91fd72) (Version: 2.2.0.95 – WildTangent) Hidden

Welcome Center (HKLM-x32…Acer Welcome Center) (Version: 1.02.3504 – Acer Incorporated)

WhoCrashed 5.54 (HKLM…WhoCrashed_is1) (Version:  – Resplendence Software Projects Sp.)

WildTangent Games App (HKLM-x32…70B446D1-E03B-4ab0-9B3C-0832142C9AA8.WildTangent Games App-acer) (Version: 4.0.10.25 – WildTangent) Hidden

Windows Live Essentials (HKLM-x32…WinLiveSuite) (Version: 15.4.3538.0513 – Microsoft Corporation)

Windows Software Development Kit for Windows 8.1 (HKLM-x32…ed3a6e6d-9661-4357-abe4-fcc03dc57a07) (Version: 8.100.26936 – Microsoft Corporation)

WinRAR 4.20 (32-bit) (HKLM-x32…WinRAR archiver) (Version: 4.20.0 – win.rar GmbH)

WPT Redistributables (HKLM-x32…64F3FB9A-9250-B2D6-00B4-50BE0358AEE8) (Version: 8.100.26936 – Microsoft) Hidden

WPTx64 (HKLM-x32…BFF81CB5-E8C7-4184-FBB4-74ADFBC6CCCB) (Version: 8.100.26936 – Microsoft) Hidden

Zuma Deluxe (HKLM-x32…WTA-744d629c-c549-4c3b-b820-4ba591229d4e) (Version: 2.2.0.95 – WildTangent) Hidden

Συλλογή φωτογραφιών του Windows Live (HKLM-x32…C00C2A91-6CB3-483F-80B3-2958E29468F1) (Version: 15.4.3502.0922 – Microsoft Corporation) Hidden

Основные компоненты Windows Live (HKLM-x32…E83DC314-C926-4214-AD58-147691D6FE9F) (Version: 15.4.3502.0922 – Microsoft Corporation) Hidden

Почта Windows Live (HKLM-x32…B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137) (Version: 15.4.3502.0922 – Корпорация Майкрософт) Hidden

Фотоальбом Windows Live (HKLM-x32…77F69CA1-E53D-4D77-8BA3-FA07606CC851) (Version: 15.4.3502.0922 – Microsoft Corporation) Hidden

Фотогалерия на Windows Live (HKLM-x32…4444F27C-B1A8-464E-9486-4C37BAB39A09) (Version: 15.4.3502.0922 – Microsoft Corporation) Hidden

גלריית התמונות של Windows Live (HKLM-x32…CE929F09-3853-4180-BD90-30764BFF7136) (Version: 15.4.3502.0922 – Microsoft Corporation) Hidden

بريد Windows Live (HKLM-x32…A4C4B29-5A9D-4910-A13C-B920D5758744) (Version: 15.4.3502.0922 – Microsoft Corporation) Hidden

معرض صور Windows Live (HKLM-x32…FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69) (Version: 15.4.3502.0922 – Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKUS-1-5-21-1536202438-368462837-3654654372-1001_ClassesCLSID05A3A96-BAC4-4B0A-94EA-C0CE100EA736localserver32 -> C:UsersDanieleAppDataRoamingDropboxbinDropbox.exe (Dropbox, Inc -> Dropbox, Inc.)

CustomCLSID: HKUS-1-5-21-1536202438-368462837-3654654372-1001_ClassesCLSID4A9E854-6F47-4F37-8A10-F896717F0329InprocServer32 -> C:UsersDanieleAppDataLocalProgramsAsperaAspera Connectlib3.6.1npasperaweb64_3.6.1.111228.dll (Aspera, Inc. -> Aspera, Inc. )

CustomCLSID: HKUS-1-5-21-1536202438-368462837-3654654372-1001_ClassesCLSID7ECF6F97-B4F3-4168-9835-F59C06D7875FInprocServer32 -> C:UsersDanieleAppDataLocalMicrosoftSkypeForBusinessPlugin15.8.20020.400GatewayActiveX-x64.dll (Microsoft Corporation -> Microsoft Corporation)

CustomCLSID: HKUS-1-5-21-1536202438-368462837-3654654372-1001_ClassesCLSIDAD17B774-7F87-4141-BB9C-2AEE3841DC4EInprocServer32 -> C:UsersDanieleAppDataLocalProgramsAsperaAspera Connectlib3.6.1npasperaweb64_3.6.1.111228.dll (Aspera, Inc. -> Aspera, Inc. )

CustomCLSID: HKUS-1-5-21-1536202438-368462837-3654654372-1001_ClassesCLSIDBB384F15-7676-403E-B797-1F9D935525A3InprocServer32 -> C:UsersDanieleAppDataLocalSkypePlugin7.26.0.48GatewayActiveX-x64.dll (Microsoft Corporation -> Skype Technologies S.A.)

CustomCLSID: HKUS-1-5-21-1536202438-368462837-3654654372-1001_ClassesCLSIDFB314ED9-A251-47B7-93E1-CDD82E34AF8BInprocServer32 -> C:UsersDanieleAppDataRoamingDropboxbinDropboxExt64.24.dll (Dropbox, Inc -> Dropbox, Inc.)

CustomCLSID: HKUS-1-5-21-1536202438-368462837-3654654372-1001_ClassesCLSIDFB314EDA-A251-47B7-93E1-CDD82E34AF8BInprocServer32 -> C:UsersDanieleAppDataRoamingDropboxbinDropboxExt64.24.dll (Dropbox, Inc -> Dropbox, Inc.)

CustomCLSID: HKUS-1-5-21-1536202438-368462837-3654654372-1001_ClassesCLSIDFB314EDB-A251-47B7-93E1-CDD82E34AF8BInprocServer32 -> C:UsersDanieleAppDataRoamingDropboxbinDropboxExt64.24.dll (Dropbox, Inc -> Dropbox, Inc.)

CustomCLSID: HKUS-1-5-21-1536202438-368462837-3654654372-1001_ClassesCLSIDFB314EDC-A251-47B7-93E1-CDD82E34AF8BInprocServer32 -> C:UsersDanieleAppDataRoamingDropboxbinDropboxExt64.24.dll (Dropbox, Inc -> Dropbox, Inc.)

CustomCLSID: HKUS-1-5-21-1536202438-368462837-3654654372-1001_ClassesCLSIDFB314EDD-A251-47B7-93E1-CDD82E34AF8BInprocServer32 -> C:UsersDanieleAppDataRoamingDropboxbinDropboxExt64.24.dll (Dropbox, Inc -> Dropbox, Inc.)

CustomCLSID: HKUS-1-5-21-1536202438-368462837-3654654372-1001_ClassesCLSIDFB314EDE-A251-47B7-93E1-CDD82E34AF8BInprocServer32 -> C:UsersDanieleAppDataRoamingDropboxbinDropboxExt64.24.dll (Dropbox, Inc -> Dropbox, Inc.)

CustomCLSID: HKUS-1-5-21-1536202438-368462837-3654654372-1001_ClassesCLSIDFB314EDF-A251-47B7-93E1-CDD82E34AF8BInprocServer32 -> C:UsersDanieleAppDataRoamingDropboxbinDropboxExt64.24.dll (Dropbox, Inc -> Dropbox, Inc.)

CustomCLSID: HKUS-1-5-21-1536202438-368462837-3654654372-1001_ClassesCLSIDFB314EE0-A251-47B7-93E1-CDD82E34AF8BInprocServer32 -> C:UsersDanieleAppDataRoamingDropboxbinDropboxExt64.24.dll (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [« DropboxExt1 »] -> FB314ED9-A251-47B7-93E1-CDD82E34AF8B => C:UsersDanieleAppDataRoamingDropboxbinDropboxExt64.24.dll [2015-01-09] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [« DropboxExt2 »] -> FB314EDA-A251-47B7-93E1-CDD82E34AF8B => C:UsersDanieleAppDataRoamingDropboxbinDropboxExt64.24.dll [2015-01-09] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [« DropboxExt3 »] -> FB314EDD-A251-47B7-93E1-CDD82E34AF8B => C:UsersDanieleAppDataRoamingDropboxbinDropboxExt64.24.dll [2015-01-09] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [« DropboxExt4 »] -> FB314EDE-A251-47B7-93E1-CDD82E34AF8B => C:UsersDanieleAppDataRoamingDropboxbinDropboxExt64.24.dll [2015-01-09] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [« DropboxExt5 »] -> FB314EDB-A251-47B7-93E1-CDD82E34AF8B => C:UsersDanieleAppDataRoamingDropboxbinDropboxExt64.24.dll [2015-01-09] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [« DropboxExt6 »] -> FB314EDF-A251-47B7-93E1-CDD82E34AF8B => C:UsersDanieleAppDataRoamingDropboxbinDropboxExt64.24.dll [2015-01-09] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [« DropboxExt7 »] -> FB314EDC-A251-47B7-93E1-CDD82E34AF8B => C:UsersDanieleAppDataRoamingDropboxbinDropboxExt64.24.dll [2015-01-09] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [« DropboxExt8 »] -> FB314EE0-A251-47B7-93E1-CDD82E34AF8B => C:UsersDanieleAppDataRoamingDropboxbinDropboxExt64.24.dll [2015-01-09] (Dropbox, Inc -> Dropbox, Inc.)

ContextMenuHandlers1: [ANotepad++64] -> B298D29A-A6ED-11DE-BA8C-A68E55D89593 => C:Program Files (x86)Notepad++NppShell_06.dll [2014-05-12] () [File not signed]

ContextMenuHandlers1: [EPP] -> 09A47860-11B0-4DA5-AFA5-26D86198A780 => C:Program FilesMicrosoft Security Clientshellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)

ContextMenuHandlers1: [Shell Extension for Malware scanning] -> 45AC2688-0253-4ED8-97DE-B5370FA7D48A => C:Program Files (x86)AviraAntivirusshlext64.dll [2020-04-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> 14cb2bd0-2375-3d10-9b5d-5e18865c8959 => C:Program Files (x86)AviraSystem SpeedupAvira.SystemSpeedup.UI.ShellExtension.DLL [2020-01-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

ContextMenuHandlers1: [WinRAR] -> B41DB860-64E4-11D2-9906-E49FADC173CA => C:Program Files (x86)WinRARrarext64.dll [2012-06-09] (Alexander Roshal) [File not signed]

ContextMenuHandlers1-x32: [WinRAR32] -> B41DB860-8EE4-11D2-9906-E49FADC173CA => C:Program Files (x86)WinRARrarext.dll [2012-06-09] (Alexander Roshal) [File not signed]

ContextMenuHandlers2: [EPP] -> 09A47860-11B0-4DA5-AFA5-26D86198A780 => C:Program FilesMicrosoft Security Clientshellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)

ContextMenuHandlers4: [EPP] -> 09A47860-11B0-4DA5-AFA5-26D86198A780 => C:Program FilesMicrosoft Security Clientshellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)

ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> 700866bb-c8e9-3e71-b359-abb28baed0e8 => C:Program Files (x86)AviraSystem SpeedupAvira.SystemSpeedup.UI.ShellExtension.DLL [2020-01-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

ContextMenuHandlers5: [igfxcui] -> 3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4 => C:Windowssystem32igfxpph.dll [2011-03-26] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)

ContextMenuHandlers5: [NvCplDesktopContext] -> 3D1975AF-48C6-4f8e-A182-BE0E08FA86A9 => C:Windowssystem32nvshext.dll [2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)

ContextMenuHandlers5: [SynGlwPad] -> 681C10CE-5E5D-463A-A270-771AA48E4C71 => C:WindowsSystem32SynGlwPadShlExt.dll [2010-07-29] (Synaptics Incorporated -> Synaptics Incorporated)

ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> 0cab5786-30e8-3185-9b3b-ccefbf1b8afe => C:Program Files (x86)AviraSystem SpeedupAvira.SystemSpeedup.UI.ShellExtension.DLL [2020-01-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

ContextMenuHandlers6: [Shell Extension for Malware scanning] -> 45AC2688-0253-4ED8-97DE-B5370FA7D48A => C:Program Files (x86)AviraAntivirusshlext64.dll [2020-04-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

ContextMenuHandlers6: [WinRAR] -> B41DB860-64E4-11D2-9906-E49FADC173CA => C:Program Files (x86)WinRARrarext64.dll [2012-06-09] (Alexander Roshal) [File not signed]

ContextMenuHandlers6-x32: [WinRAR32] -> B41DB860-8EE4-11D2-9906-E49FADC173CA => C:Program Files (x86)WinRARrarext.dll [2012-06-09] (Alexander Roshal) [File not signed]

ContextMenuHandlers1_S-1-5-21-1536202438-368462837-3654654372-1001: [DropboxExt] -> FB314ED9-A251-47B7-93E1-CDD82E34AF8B => C:UsersDanieleAppDataRoamingDropboxbinDropboxExt64.24.dll [2015-01-09] (Dropbox, Inc -> Dropbox, Inc.)

ContextMenuHandlers4_S-1-5-21-1536202438-368462837-3654654372-1001: [DropboxExt] -> FB314ED9-A251-47B7-93E1-CDD82E34AF8B => C:UsersDanieleAppDataRoamingDropboxbinDropboxExt64.24.dll [2015-01-09] (Dropbox, Inc -> Dropbox, Inc.)

ContextMenuHandlers5_S-1-5-21-1536202438-368462837-3654654372-1001: [DropboxExt] -> FB314ED9-A251-47B7-93E1-CDD82E34AF8B => C:UsersDanieleAppDataRoamingDropboxbinDropboxExt64.24.dll [2015-01-09] (Dropbox, Inc -> Dropbox, Inc.)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM…Drivers32: [msacm.l3acm] => C:WindowsSysWOW64l3codecp.acm [220672 2009-07-14] (Microsoft Windows -> Fraunhofer Institut Integrierte Schaltungen IIS)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription__FilterToConsumerBinding->CommandLineEventConsumer.Name="BVTConsumer"",Filter="__EventFilter.Name="BVTFilter"::

WMI:subscription__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA « Win32_Processor » AND TargetInstance.LoadPercentage > 99]

WMI:subscriptionCommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:toolskernrate]

==================== Loaded Modules (Whitelisted) =============

2020-04-18 15:24 – 2020-04-18 15:24 – 096130048 _____ () [File not signed] C:Program Files (x86)Battle.netBattle.net.11943libcef.dll

2020-04-18 15:24 – 2020-04-18 15:24 – 000117760 _____ () [File not signed] C:Program Files (x86)Battle.netBattle.net.11943libEGL.dll

2020-04-18 15:24 – 2020-04-18 15:24 – 004342784 _____ () [File not signed] C:Program Files (x86)Battle.netBattle.net.11943libGLESv2.dll

2019-03-28 00:48 – 2019-03-28 00:48 – 000115200 _____ (Microsoft Corporation) [File not signed] C:WindowsMicrosoft.NetassemblyGAC_32System.EnterpriseServicesv4.0_4.0.0.0__b03f5f7f11d50a3aSystem.EnterpriseServices.Wrapper.dll

2018-05-03 22:00 – 2018-05-03 22:00 – 001101824 _____ (Microsoft Corporation) [File not signed] C:WindowsWinSxSx86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8fMFC80.DLL

2018-05-03 22:00 – 2018-05-03 22:00 – 001093120 _____ (Microsoft Corporation) [File not signed] C:WindowsWinSxSx86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8fMFC80U.DLL

2018-05-03 22:00 – 2018-05-03 22:00 – 000061440 _____ (Microsoft Corporation) [File not signed] C:WindowsWinSxSx86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3MFC80ITA.DLL

2015-05-01 19:18 – 2012-11-12 15:15 – 000558592 _____ (SEIKO EPSON CORPORATION) [File not signed] C:WindowsSystem32enppmon.dll

2015-05-01 19:18 – 2012-10-22 17:19 – 000219648 _____ (SEIKO EPSON CORPORATION) [File not signed] C:WindowsSystem32enpres.dll

2020-04-18 15:24 – 2020-04-18 15:24 – 000760832 _____ (The Chromium Authors) [File not signed] C:Program Files (x86)Battle.netBattle.net.11943chrome_elf.dll

2020-04-18 15:23 – 2020-04-18 15:23 – 000047104 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.11943audioqtaudio_windows.dll

2020-04-18 15:24 – 2020-04-18 15:24 – 000026112 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.11943imageformatsqgif.dll

2020-04-18 15:24 – 2020-04-18 15:24 – 000027136 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.11943imageformatsqico.dll

2020-04-18 15:24 – 2020-04-18 15:24 – 000243712 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.11943imageformatsqjpeg.dll

2020-04-18 15:24 – 2020-04-18 15:24 – 000223744 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.11943imageformatsqmng.dll

2020-04-18 15:24 – 2020-04-18 15:24 – 000020992 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.11943imageformatsqsvg.dll

2020-04-18 15:24 – 2020-04-18 15:24 – 000332288 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.11943imageformatsqtiff.dll

2020-04-18 15:24 – 2020-04-18 15:24 – 001140224 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.11943platformsqwindows.dll

2020-04-18 15:24 – 2020-04-18 15:24 – 000041984 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.11943qmlQtGraphicalEffectsprivateqtgraphicaleffectsprivate.dll

2020-04-18 15:24 – 2020-04-18 15:24 – 000014848 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.11943qmlQtGraphicalEffectsqtgraphicaleffectsplugin.dll

2020-04-18 15:24 – 2020-04-18 15:24 – 000014848 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.11943qmlQtQmlModels.2modelsplugin.dll

2020-04-18 15:24 – 2020-04-18 15:24 – 000014848 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.11943qmlQtQuick.2qtquick2plugin.dll

2020-04-18 15:24 – 2020-04-18 15:24 – 000084480 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.11943qmlQtQuickControls.2qtquickcontrols2plugin.dll

2020-04-18 15:24 – 2020-04-18 15:24 – 000267776 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.11943qmlQtQuickControlsqtquickcontrolsplugin.dll

2020-04-18 15:24 – 2020-04-18 15:24 – 000071680 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.11943qmlQtQuickLayoutsqquicklayoutsplugin.dll

2020-04-18 15:24 – 2020-04-18 15:24 – 000211456 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.11943qmlQtQuickTemplates.2qtquicktemplates2plugin.dll

2020-04-18 15:24 – 2020-04-18 15:24 – 000014848 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.11943qmlQtQuickWindow.2windowplugin.dll

2020-04-18 15:24 – 2020-04-18 15:24 – 004943360 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.11943Qt5Core.dll

2020-04-18 15:24 – 2020-04-18 15:24 – 005022208 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.11943Qt5Gui.dll

2020-04-18 15:24 – 2020-04-18 15:24 – 000626176 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.11943Qt5Multimedia.dll

2020-04-18 15:24 – 2020-04-18 15:24 – 000877056 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.11943Qt5Network.dll

2020-04-18 15:24 – 2020-04-18 15:24 – 002908672 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.11943Qt5Qml.dll

2020-04-18 15:24 – 2020-04-18 15:24 – 003078656 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.11943Qt5Quick.dll

2020-04-18 15:24 – 2020-04-18 15:24 – 000096256 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.11943Qt5QuickControls2.dll

2020-04-18 15:24 – 2020-04-18 15:24 – 000681472 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.11943Qt5QuickTemplates2.dll

2020-04-18 15:24 – 2020-04-18 15:24 – 000259072 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.11943Qt5Svg.dll

2020-04-18 15:24 – 2020-04-18 15:24 – 004718080 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.11943Qt5Widgets.dll

2020-04-18 15:24 – 2020-04-18 15:24 – 000439296 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.11943Qt5WinExtras.dll

2020-04-18 15:25 – 2020-04-18 15:25 – 000159232 _____ (The Qt Company Ltd.) [File not signed] C:Program Files (x86)Battle.netBattle.net.11943Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKUS-1-5-21-1536202438-368462837-3654654372-1001…geforce.co.uk -> hxxps://www.geforce.co.uk

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 – 2009-06-10 22:00 – 000000824 _____ C:Windowssystem32driversetchosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLMSystemCurrentControlSetControlSession ManagerEnvironmentPath -> c:program files (x86)common filesoraclejavajavapath;c:programdataoraclejavajavapath;c:program filescommon filesmicrosoft sharedwindows live;c:program files (x86)common filesmicrosoft sharedwindows live;c:windowssystem32;c:windows;c:windowssystem32wbem;c:windowssystem32windowspowershellv1.0;c:program files (x86)windows liveshared;c:program files (x86)quicktimeqtsystem;c:program files (x86)windows kits8.1windows performance toolkit;c:program files (x86)intelopencl sdk2.0binx86;c:program files (x86)intelopencl sdk2.0binx64;c:program files (x86)intelopencl sdk2.0binx86;c:program files (x86)intelopencl sdk2.0binx64;C:Program Files (x86)NVIDIA CorporationPhysXCommon

HKUS-1-5-21-1536202438-368462837-3654654372-1001Control PanelDesktopWallpaper -> C:UsersDanieleAppDataRoamingMicrosoftWindowsThemesTranscodedWallpaper.jpg

DNS Servers: 194.168.4.100 – 194.168.8.100

HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIGServices: AdobeARMservice => 2

MSCONFIGServices: AdobeFlashPlayerUpdateSvc => 3

MSCONFIGServices: cphs => 3

MSCONFIGServices: DsiWMIService => 2

MSCONFIGServices: dsNcService => 2

MSCONFIGServices: ePowerSvc => 2

MSCONFIGServices: EpsonScanSvc => 2

MSCONFIGServices: EPSON_PM_RPCV4_06 => 2

MSCONFIGServices: FLEXnet Licensing Service => 3

MSCONFIGServices: GamesAppIntegrationService => 3

MSCONFIGServices: GamesAppService => 3

MSCONFIGServices: GREGService => 2

MSCONFIGServices: gupdate => 2

MSCONFIGServices: gupdatem => 3

MSCONFIGServices: IAStorDataMgrSvc => 2

MSCONFIGServices: ICCS => 3

MSCONFIGServices: JuniperAccessService => 2

MSCONFIGServices: Live Updater Service => 2

MSCONFIGServices: LMS => 2

MSCONFIGServices: MozillaMaintenance => 3

MSCONFIGServices: MyEpson Portal Service => 2

MSCONFIGServices: NTI IScheduleSvc => 2

MSCONFIGServices: NvContainerLocalSystem => 3

MSCONFIGServices: NvContainerNetworkService => 3

MSCONFIGServices: NVDisplay.ContainerLocalSystem => 2

MSCONFIGServices: NvTelemetryContainer => 2

MSCONFIGServices: Origin Client Service => 3

MSCONFIGServices: Origin Web Helper Service => 2

MSCONFIGServices: OverwolfUpdater => 3

MSCONFIGServices: SkypeUpdate => 2

MSCONFIGServices: Steam Client Service => 3

MSCONFIGServices: TeamViewer => 2

MSCONFIGServices: TurboBoost => 3

MSCONFIGServices: UNS => 2

MSCONFIGstartupreg: APSDaemon => "C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe"

MSCONFIGstartupreg: ArcadeMovieService => "C:Program Files (x86)Acerclear.fiMovieclear.fiMovieService.exe"

MSCONFIGstartupreg: BackupManagerTray => "C:Program Files (x86)NTIAcer Backup ManagerBackupManagerTray.exe" -h -k

MSCONFIGstartupreg: ConnectionCenter => "C:Program Files (x86)CitrixICA Clientconcentr.exe" /startup

MSCONFIGstartupreg: DAEMON Tools Lite => "C:Program Files (x86)DAEMON Tools LiteDTLite.exe" -autorun

MSCONFIGstartupreg: Dolby Advanced Audio v2 => "C:Dolby PCEE4pcee4.exe" -autostart

MSCONFIGstartupreg: EEventManager => "C:Program Files (x86)Epson SoftwareEvent ManagerEEventManager.exe"

MSCONFIGstartupreg: HotKeysCmds => "C:Windowssystem32hkcmd.exe"

MSCONFIGstartupreg: IgfxTray => "C:Windowssystem32igfxtray.exe"

MSCONFIGstartupreg: KeePass 2 PreLoad => "C:Program Files (x86)KeePass Password Safe 2KeePass.exe" –preload

MSCONFIGstartupreg: LManager => C:Program Files (x86)Launch ManagerLManager.exe

MSCONFIGstartupreg: mobilegeni daemon => C:Program Files (x86)MobogenieDaemonProcess.exe

MSCONFIGstartupreg: NUSB3MON => "C:Program Files (x86)Renesas ElectronicsUSB 3.0 Host Controller DriverApplicationnusb3mon.exe"

MSCONFIGstartupreg: OOTag => C:Program Files (x86)AcerOOBEOfferootag.exe

MSCONFIGstartupreg: Persistence => "C:Windowssystem32igfxpers.exe"

MSCONFIGstartupreg: Power Management => C:Program FilesAcerAcer ePower ManagementePowerTray.exe

MSCONFIGstartupreg: QuickTime Task => "C:Program Files (x86)QuickTimeQTTask.exe" -atboottime

MSCONFIGstartupreg: Redirector => "C:Program Files (x86)CitrixICA Clientredirector.exe" /startup

MSCONFIGstartupreg: RtHDVBg_Dolby => C:Program FilesRealtekAudioHDARAVBg64.exe /FORPCEE4

MSCONFIGstartupreg: RtHDVCpl => C:Program FilesRealtekAudioHDARAVCpl64.exe -s

MSCONFIGstartupreg: Search Protection => "C:UsersDanieleAppDataRoamingSearch ProtectionSP.EXE" /autostart

MSCONFIGstartupreg: Skype => "C:Program Files (x86)SkypePhoneSkype.exe" /minimized /regrun

MSCONFIGstartupreg: SunJavaUpdateSched => C:Program Files (x86)Common FilesJavaJava Updatejusched.exe

MSCONFIGstartupreg: SynTPEnh => %ProgramFiles%SynapticsSynTPSynTPEnh.exe

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [BB9D900C-0431-418E-8C0A-C231DDCD4601] => (Allow) C:Program Files (x86)Windows LiveContactswlcomm.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [32049F24-47B1-4DD3-8444-C00D6AD61B16] => (Allow) LPort=2869

FirewallRules: [F75F9F29-02E8-4A68-8A28-54916E467F3D] => (Allow) LPort=1900

FirewallRules: [C356995C-A188-4CAC-A71A-7AA95365C06B] => (Allow) C:Program Files (x86)Windows LiveMessengermsnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [F27A6AD3-BABD-4E5E-9C93-AE69FEE085E1] => (Allow) C:Program Files (x86)Windows LiveMeshMOE.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [BC8F2982-4766-4CA9-8568-4DD9325B8D8B] => (Allow) C:Program Files (x86)Acerclear.fiMVPclear.fi.exe (CyberLink -> Acer Incorporated)

FirewallRules: [D0884557-C872-4F28-B425-11EA38071BAA] => (Allow) C:Program Files (x86)Acerclear.fiMVPclear.fiAgent.exe (CyberLink -> CyberLink Corp.)

FirewallRules: [DED69C15-FD73-47F1-9AE7-AA1E07B1AA5F] => (Allow) C:Program Files (x86)Acerclear.fiMVPKernelCLMLCLMLSvc.exe (CyberLink -> CyberLink Corp.)

FirewallRules: [7053E4E1-5D04-4B5F-B765-30CC150AB5F0] => (Allow) C:Program Files (x86)Acerclear.fiMVPKernelDMRDMREngine.exe (CyberLink -> CyberLink)

FirewallRules: [CD57FF54-0544-444F-8A7C-F432B4AF1F13] => (Allow) C:Program Files (x86)Acerclear.fiMVPKernelDMRDMREngine.exe (CyberLink -> CyberLink)

FirewallRules: [E10AD824-55A4-4C5E-AFDC-3278CEC762AF] => (Block) C:Program Files (x86)Acerclear.fiMVPKernelDMRDMREngine.exe (CyberLink -> CyberLink)

FirewallRules: [A6B0B15B-42D5-4D85-B90A-F0312F1B958D] => (Allow) Conquer_v5721_P2P.exe No File

FirewallRules: [TCP Query User5AE4B2B1-9F23-4BE2-B1CB-D68B83804AB3D:giochidiablo iiidiablo iiidiablo iii.exe] => (Allow) D:giochidiablo iiidiablo iiidiablo iii.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)

FirewallRules: [UDP Query UserD67346DB-E26C-48B9-82CF-217414001078D:giochidiablo iiidiablo iiidiablo iii.exe] => (Allow) D:giochidiablo iiidiablo iiidiablo iii.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)

FirewallRules: [0A3A4784-CDE8-4892-BAB0-0DDA97B44F36] => (Allow) C:WindowsSysWOW64PnkBstrA.exe (Even Balance, Inc. -> )

FirewallRules: [EF78F40A-C8F9-45E4-91A3-FB22A2D9B090] => (Allow) C:WindowsSysWOW64PnkBstrA.exe (Even Balance, Inc. -> )

FirewallRules: [3A4F95A8-CD4C-461E-8981-11EB54AE03F9] => (Allow) C:WindowsSysWOW64PnkBstrB.exe (Even Balance, Inc. -> )

FirewallRules: [FEF7E85F-3029-4D61-8862-75BA9506CC73] => (Allow) C:WindowsSysWOW64PnkBstrB.exe (Even Balance, Inc. -> )

FirewallRules: [74DB4201-A73A-48B2-AA3A-148CF51349C0] => (Allow) C:Program Files (x86)Common FilesAppleApple Application SupportWebKit2WebProcess.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [F87F2B4A-34AD-488A-A071-7849FC87729E] => (Allow) C:UsersDanieleAppDataRoaminguTorrentuTorrent.exe No File

FirewallRules: [AB0C7AF1-9475-46B2-B111-A13144F9DDFD] => (Allow) C:UsersDanieleAppDataRoaminguTorrentuTorrent.exe No File

FirewallRules: [6EF13497-1121-43C7-97C4-E2ED9E9E244D] => (Allow) C:Program Files (x86)SteamSteam.exe (Valve -> Valve Corporation)

FirewallRules: [612ED1D8-238A-4C46-A5D8-9F246018E22C] => (Allow) C:Program Files (x86)SteamSteam.exe (Valve -> Valve Corporation)

FirewallRules: [44E21BC9-991E-4012-8574-7C0E44EC3586] => (Allow) C:Program Files (x86)Battle.netBattle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)

FirewallRules: [FECBDB91-560D-4666-8565-E4E38DDA498C] => (Allow) C:Program Files (x86)Battle.netBattle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)

FirewallRules: [A2A5A7DD-A5F7-4DE8-824D-B5DC0DF5E263] => (Allow) C:ProgramDataBattle.netAgentAgent.beta.2737Agent.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)

FirewallRules: [6E042EB7-3751-4658-B76C-F8D665685522] => (Allow) C:ProgramDataBattle.netAgentAgent.beta.2737Agent.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)

FirewallRules: [26535086-916B-4D18-8166-4D2AC4036B93] => (Allow) C:ProgramDataBattle.netAgentAgent.beta.2753Agent.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)

FirewallRules: [56CDE0D0-F4BD-41E6-99EC-9AD17421D43A] => (Allow) C:ProgramDataBattle.netAgentAgent.beta.2753Agent.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)

FirewallRules: [DFBCBBF2-C3D0-4D12-B7FB-BE8097FDD79A] => (Allow) C:UsersDanieleAppDataRoamingDropboxbinDropbox.exe (Dropbox, Inc -> Dropbox, Inc.)

FirewallRules: [51A92662-05B7-40E3-AC9B-4361F8756831] => (Allow) C:UsersDanieleAppDataRoamingDropboxbinDropbox.exe (Dropbox, Inc -> Dropbox, Inc.)

FirewallRules: [C20EF2D3-73B1-459D-A216-C18E161A05F1] => (Allow) C:Program Files (x86)TeamViewerTeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [CF196B10-406C-4903-BA69-031AFBF448F2] => (Allow) C:Program Files (x86)TeamViewerTeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [CB0FE2A1-EB29-4664-BEBA-B86716D7194F] => (Allow) C:Program Files (x86)TeamViewerTeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [22CE7CBF-D8FF-4D70-AAFE-28B08ED0B355] => (Allow) C:Program Files (x86)TeamViewerTeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [TCP Query User178CF2A2-0D4F-4104-9731-24DA106BAC23C:program files (x86)mozilla firefoxfirefox.exe] => (Block) C:program files (x86)mozilla firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [UDP Query User8B73733E-A519-4359-92DA-1F88A0CDFCE8C:program files (x86)mozilla firefoxfirefox.exe] => (Block) C:program files (x86)mozilla firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [TCP Query User68CA8A72-B440-4885-A5CB-5C3B7303437EC:program files (x86)kodikodi.exe] => (Allow) C:program files (x86)kodikodi.exe (XBMC-Foundation) [File not signed]

FirewallRules: [UDP Query User1F56C585-CDCB-435D-989C-3898A06D6B82C:program files (x86)kodikodi.exe] => (Allow) C:program files (x86)kodikodi.exe (XBMC-Foundation) [File not signed]

FirewallRules: [49ADE3C6-B596-4EEC-BF05-A44B6D162148] => (Allow) C:Program Files (x86)Steambinsteamwebhelper.exe (Valve -> Valve Corporation)

FirewallRules: [F29CF4BD-B1DF-4AAB-BFF1-78A2BF5998AE] => (Allow) C:Program Files (x86)Steambinsteamwebhelper.exe (Valve -> Valve Corporation)

FirewallRules: [6EBBDC91-6891-435A-906C-B0373AE1C0C8] => (Allow) C:Program Files (x86)SteamSteamAppscommonSoccer ManagerSoccer Manager.exe () [File not signed]

FirewallRules: [6CF1FE33-D73B-40A5-A924-ADC0D7D2AF5A] => (Allow) C:Program Files (x86)SteamSteamAppscommonSoccer ManagerSoccer Manager.exe () [File not signed]

FirewallRules: [TCP Query User9C70BED5-17C9-4370-9B0F-126357FA2B45C:usersdanieleappdatalocalskypepluginpluginhost.exe] => (Allow) C:usersdanieleappdatalocalskypepluginpluginhost.exe (Microsoft Corporation -> Skype Technologies S.A.)

FirewallRules: [UDP Query UserCE2FDCBA-9FE0-4053-A207-1322E0F9C691C:usersdanieleappdatalocalskypepluginpluginhost.exe] => (Allow) C:usersdanieleappdatalocalskypepluginpluginhost.exe (Microsoft Corporation -> Skype Technologies S.A.)

FirewallRules: [E4A4A8EA-DBCC-43D1-BD93-562C96AB0935] => (Allow) C:Program Files (x86)Mozilla Firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [D52DCD90-6B49-49C0-97EF-D987E1868BFA] => (Allow) C:Program Files (x86)Mozilla Firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [FCDE241B-E22A-4166-A8DC-48695BE935D6] => (Allow) C:Program Files (x86)Steambincefcef.win7steamwebhelper.exe No File

FirewallRules: [1DDA64DE-761F-40CC-9EA7-851DC33D0D83] => (Allow) C:Program Files (x86)Steambincefcef.win7steamwebhelper.exe No File

FirewallRules: [TCP Query UserB3EAE4A3-48B3-4441-87D3-093BFDF490CDC:usersreeappdatalocalblue jeansappbluejeans.exe] => (Allow) C:usersreeappdatalocalblue jeansappbluejeans.exe (Blue Jeans Network -> Blue Jeans)

FirewallRules: [UDP Query User87E5D06C-0B72-435E-9416-10CA4CDC044AC:usersreeappdatalocalblue jeansappbluejeans.exe] => (Allow) C:usersreeappdatalocalblue jeansappbluejeans.exe (Blue Jeans Network -> Blue Jeans)

FirewallRules: [TCP Query User9DF0C516-812D-4B45-829B-44126C8F1B20C:usersdanieleappdatalocalmicrosoftskypeforbusinessplugin15.8.20020.400pluginhost.exe] => (Allow) C:usersdanieleappdatalocalmicrosoftskypeforbusinessplugin15.8.20020.400pluginhost.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [UDP Query UserB72E6E6F-F7D0-4B79-815B-A8C55347E36FC:usersdanieleappdatalocalmicrosoftskypeforbusinessplugin15.8.20020.400pluginhost.exe] => (Allow) C:usersdanieleappdatalocalmicrosoftskypeforbusinessplugin15.8.20020.400pluginhost.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [TCP Query UserA0034E0B-97DD-46E8-823A-62E0703F0ADAC:usersreeappdatalocalblue jeansappbluejeans.exe] => (Block) C:usersreeappdatalocalblue jeansappbluejeans.exe (Blue Jeans Network -> Blue Jeans)

FirewallRules: [UDP Query User9ADD0A8D-6055-4CB1-BA9F-4020B6706570C:usersreeappdatalocalblue jeansappbluejeans.exe] => (Block) C:usersreeappdatalocalblue jeansappbluejeans.exe (Blue Jeans Network -> Blue Jeans)

FirewallRules: [09E47FEF-1759-43B4-9795-E9315C90A01D] => (Allow) C:Program Files (x86)Epson SoftwareEvent ManagerEEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)

FirewallRules: [9E3142C6-90FB-4855-8FF1-FCBE114EEF4D] => (Allow) C:Program Files (x86)Epson SoftwareEvent ManagerEEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)

FirewallRules: [9FB0505C-59D4-4113-91C5-9FBFAB217F6D] => (Allow) C:Program Files (x86)EPSON SoftwareECPrinterSetupENPApp.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)

FirewallRules: [3A64D786-1F89-4801-BD77-C585A80CBFB7] => (Allow) C:Program Files (x86)EPSON SoftwareECPrinterSetupENPApp.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)

FirewallRules: [TCP Query User74F6835B-AE6B-4AB9-8FCC-4459350C6570D:giochihearthstonehearthstone.exe] => (Block) D:giochihearthstonehearthstone.exe (Blizzard Entertainment, Inc. -> )

FirewallRules: [UDP Query User58AED474-9009-46A6-9923-0206B015380FD:giochihearthstonehearthstone.exe] => (Block) D:giochihearthstonehearthstone.exe (Blizzard Entertainment, Inc. -> )

FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%System32vpc.exe No File

FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%System32vpc.exe No File

FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%System32vpc.exe No File

FirewallRules: [2DBC1507-3D9F-4958-9F7E-83595D81F016] => (Allow) D:GiochiDOTA 2steamappscommonEador. Masters of the Broken Worldlauncher.exe () [File not signed]

FirewallRules: [B9026BBA-84DB-4400-8E1E-ABD5059117CD] => (Allow) D:GiochiDOTA 2steamappscommonEador. Masters of the Broken Worldlauncher.exe () [File not signed]

FirewallRules: [428E48D4-A2FC-4E38-93F0-D015DED2CEA0] => (Allow) D:GiochiDOTA 2steamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [74C303B6-F2E8-4BC6-853F-EFD5FBE1535B] => (Allow) D:GiochiDOTA 2steamappscommondota 2 betagamebinwin64dota2.exe (Valve -> )

FirewallRules: [8D39FFFC-D3F3-40B7-9A83-559EF34F746B] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [9C0BC1AD-D865-48A0-A410-D2A72E9067A0] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [E4732CBC-C606-4D23-B4BE-4EF941892D2A] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [3C1769FE-7F73-40CD-8694-9D94EB5A4C73] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [EDDA200D-3307-4268-BF74-2A6B8C5850FE] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [5AC4F2B2-78FE-4312-94CF-D9BD16700FE6] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [7FFE0A82-6CE9-4263-BCEA-12BA88FC5AD1] => (Allow) C:Program FilesBlueStacksHD-Player.exe No File

FirewallRules: [71D0935A-3DC4-46A8-B5EC-DC69E44DE995] => (Allow) C:Program Files (x86)MicrosoftSkype for DesktopSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [734F2907-15A9-4964-9A4B-6AF63CB588B4] => (Allow) C:Program Files (x86)MicrosoftSkype for DesktopSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [575D6C1F-8E4F-481C-AF65-601DDDA498A1] => (Allow) C:UsersDanieleAppDataLocalLINEbin5.18.2.1998LINE.exe No File

FirewallRules: [891ABF3F-4987-4BF6-894D-804B5BC60153] => (Allow) C:UsersDanieleAppDataLocalLINEbin5.18.2.1998LINE.exe No File

FirewallRules: [42FF3F30-8B2A-42B0-9BC0-F6C7BACF9258] => (Allow) C:UsersDanieleAppDataLocalLINEbin5.18.2.1998LineUpdater.exe No File

FirewallRules: [F38971E4-A0A7-44DB-8A1C-8450D8A685C3] => (Allow) C:UsersDanieleAppDataLocalLINEbin5.18.2.1998LineUpdater.exe No File

FirewallRules: [TCP Query UserCC8480C0-2941-4E9D-8A52-47822F0D9776D:giochidiablo iiidiablo iiix64diablo iii64.exe] => (Allow) D:giochidiablo iiidiablo iiix64diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)

FirewallRules: [UDP Query UserF6C4F938-A1A8-4668-AB2C-03AC5CE15700D:giochidiablo iiidiablo iiix64diablo iii64.exe] => (Allow) D:giochidiablo iiidiablo iiix64diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)

FirewallRules: [TCP Query User163F9996-F652-4769-9BAC-80C531683DA9C:program filesdnplayerext2ldboxheadless.exe] => (Allow) C:program filesdnplayerext2ldboxheadless.exe (Shanghai Changzhi Network Technology Co., Ltd. -> Oracle Corporation)

FirewallRules: [UDP Query User3343FBF2-B1FF-4C62-B5FF-D8C3A6E8EC98C:program filesdnplayerext2ldboxheadless.exe] => (Allow) C:program filesdnplayerext2ldboxheadless.exe (Shanghai Changzhi Network Technology Co., Ltd. -> Oracle Corporation)

FirewallRules: [6A971D92-619D-4131-AB0C-0BC7C492C4D5] => (Allow) C:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe (Valve -> Valve Corporation)

FirewallRules: [9947C36A-3F76-4596-90D5-7062A53E9C53] => (Allow) C:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe (Valve -> Valve Corporation)

FirewallRules: [TCP Query User71DD669E-F8F9-4657-9480-12045D0A9A65C:program filesldplayerboxldvboxheadless.exe] => (Allow) C:program filesldplayerboxldvboxheadless.exe (Shanghai Changzhi Network Technology Co., Ltd. -> Oracle Corporation)

FirewallRules: [UDP Query User5C9DDDCA-3F20-4505-8FE1-74593EBD6931C:program filesldplayerboxldvboxheadless.exe] => (Allow) C:program filesldplayerboxldvboxheadless.exe (Shanghai Changzhi Network Technology Co., Ltd. -> Oracle Corporation)

FirewallRules: [170B5594-146D-4B85-9BB4-3EF53938E732] => (Allow) C:Program Files (x86)TeamViewerTeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [37535782-EEB9-4AD5-82AB-95BDA7C0B007] => (Allow) C:Program Files (x86)TeamViewerTeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [F8CACE39-A536-471F-89EC-F6BA460694F0] => (Allow) C:Program Files (x86)TeamViewerTeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [472F5DAF-CF00-417C-AB83-604384991CE5] => (Allow) C:Program Files (x86)TeamViewerTeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [8070CE88-1B4C-434E-8495-B0F0C8C82972] => (Allow) C:Program Files (x86)Overwolf.143.0.24OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)

FirewallRules: [22DBF4E8-86F2-44C0-9BE2-40F28D8B56AF] => (Allow) C:Program Files (x86)Overwolf.143.0.24OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)

FirewallRules: [06240932-630C-46AA-8C14-877D0EA3938A] => (Allow) C:Program Files (x86)Overwolf.143.0.24OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)

FirewallRules: [CC3EB70E-EEAD-4622-8480-E3C7771BF25C] => (Allow) C:Program Files (x86)Overwolf.143.0.24OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)

FirewallRules: [E59453FF-C79A-4D0D-A485-D3FE8B274B54] => (Block) C:Program Files (x86)Overwolf.143.0.24OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)

FirewallRules: [0A829F94-700F-4835-8284-7B28614D717B] => (Block) C:Program Files (x86)Overwolf.143.0.24OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)

FirewallRules: [79FB848F-BBE9-42DA-8170-285A6C0060C8] => (Block) C:Program Files (x86)Overwolf.143.0.24OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)

FirewallRules: [456EF3E4-BE52-4A9A-8CA8-06554B75D800] => (Block) C:Program Files (x86)Overwolf.143.0.24OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)

FirewallRules: [B06D86D3-3848-4734-944F-5706BE664234] => (Block) C:Program Files (x86)Overwolf.143.0.24OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)

FirewallRules: [F0855DE7-46B2-4581-BFC1-2A4EB0D47355] => (Block) C:Program Files (x86)Overwolf.143.0.24OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)

FirewallRules: [8009BD78-17DA-44F1-95AA-5E9EC7724E77] => (Block) C:Program Files (x86)Overwolf.143.0.24OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)

FirewallRules: [73B5CCA2-1DFB-417E-88E2-0DAE1645F388] => (Block) C:Program Files (x86)Overwolf.143.0.24OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)

FirewallRules: [41C0109E-C969-40D1-AEDA-28C4B17EF631] => (Allow) D:GiochiDOTA 2steamappscommonPillars of EternityPillarsOfEternity.exe (Obsidian Entertainment) [File not signed]

FirewallRules: [0A52AC62-C826-437E-BCE1-C1902CBE00BE] => (Allow) D:GiochiDOTA 2steamappscommonPillars of EternityPillarsOfEternity.exe (Obsidian Entertainment) [File not signed]

FirewallRules: [374A4772-2595-4C7A-9E1D-A1692E687887] => (Allow) D:GiochiDOTA 2steamappscommonCounter-Strike Global Offensivecsgo.exe (Valve -> )

FirewallRules: [55E824ED-7014-48A7-8DAA-0C8717A6913C] => (Allow) D:GiochiDOTA 2steamappscommonCounter-Strike Global Offensivecsgo.exe (Valve -> )

FirewallRules: [E3CDA667-4963-4012-8775-68F6023DADD5] => (Allow) C:Program Files (x86)GoogleChromeApplicationchrome.exe (Google LLC -> Google LLC)

FirewallRules: [BB40FF31-6239-422E-8074-B6A9E2DC0D95] => (Block) C:Program Files (x86)AviraSoftwareUpdateravirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

FirewallRules: [0645C731-0335-4950-9427-213A6DA9E558] => (Allow) C:Program Files (x86)AviraSoftwareUpdateravirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

FirewallRules: [CDB7F1B2-0F67-4210-9A69-DF18B049D9CE] => (Allow) C:Program Files (x86)AviraSoftwareUpdateravirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

==================== Restore Points =========================

18-04-2020 04:24:53 Punto di controllo pianificato

18-04-2020 22:37:41 Windows Update

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:

==================

Error: (04/19/2020 02:59:14 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Nome dell'applicazione che ha generato l'errore: Avira.SystemSpeedup.Maintenance.exe, versione: 6.4.1.10871, timestamp: 0x5e32ea26

Nome del modulo che ha generato l'errore: clr.dll, versione: 4.8.4110.0, timestamp: 0x5de6da2a

Codice eccezione: 0xc0000409

Offset errore 0x0035a538

ID processo che ha generato l'errore: 0x28e4

Ora di avvio dell'applicazione che ha generato l'errore: 0x01d615ee12c7f9a8

Percorso dell'applicazione che ha generato l'errore: C:Program Files (x86)AviraSystem SpeedupAvira.SystemSpeedup.Maintenance.exe

Percorso del modulo che ha generato l'errore: C:WindowsMicrosoft.NETFrameworkv4.0.30319clr.dll

ID segnalazione: 5dd80d31-81e1-11ea-b4b9-1c7508f37aca

Error: (04/18/2020 02:22:40 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: Impossibile riattivare il filtro eventi con query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" nello spazio dei nomi "//./root/CIMV2". Errore 0x80041003. Impossibile recapitare gli eventi tramite questo filtro fino alla risoluzione del problema.

Error: (04/18/2020 02:22:32 PM) (Source: Avira Phantom VPN) (EventID: 0) (User: )

Description: Service cannot be started. Il processo di servizio non ha potuto connettersi al controller di servizio

Error: (04/18/2020 02:58:54 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Nome dell'applicazione che ha generato l'errore: Avira.SystemSpeedup.Maintenance.exe, versione: 6.4.1.10871, timestamp: 0x5e32ea26

Nome del modulo che ha generato l'errore: clr.dll, versione: 4.8.4110.0, timestamp: 0x5de6da2a

Codice eccezione: 0xc0000409

Offset errore 0x0035a538

ID processo che ha generato l'errore: 0x13cc

Ora di avvio dell'applicazione che ha generato l'errore: 0x01d61524e890fa87

Percorso dell'applicazione che ha generato l'errore: C:Program Files (x86)AviraSystem SpeedupAvira.SystemSpeedup.Maintenance.exe

Percorso del modulo che ha generato l'errore: C:WindowsMicrosoft.NETFrameworkv4.0.30319clr.dll

ID segnalazione: 27c684c1-8118-11ea-8822-1c7508f37aca

Error: (04/17/2020 01:32:33 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: Impossibile riattivare il filtro eventi con query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" nello spazio dei nomi "//./root/CIMV2". Errore 0x80041003. Impossibile recapitare gli eventi tramite questo filtro fino alla risoluzione del problema.

Error: (04/17/2020 02:59:07 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Nome dell'applicazione che ha generato l'errore: Avira.SystemSpeedup.Maintenance.exe, versione: 6.4.1.10871, timestamp: 0x5e32ea26

Nome del modulo che ha generato l'errore: clr.dll, versione: 4.8.4110.0, timestamp: 0x5de6da2a

Codice eccezione: 0xc0000409

Offset errore 0x0035a538

ID processo che ha generato l'errore: 0x18b0

Ora di avvio dell'applicazione che ha generato l'errore: 0x01d6145bbe2f4581

Percorso dell'applicazione che ha generato l'errore: C:Program Files (x86)AviraSystem SpeedupAvira.SystemSpeedup.Maintenance.exe

Percorso del modulo che ha generato l'errore: C:WindowsMicrosoft.NETFrameworkv4.0.30319clr.dll

ID segnalazione: 050dfbb3-804f-11ea-ad8b-1c7508f37aca

Error: (04/17/2020 12:36:53 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Nome dell'applicazione che ha generato l'errore: MsMpEng.exe, versione: 4.10.209.0, timestamp: 0x582a94a1

Nome del modulo che ha generato l'errore: mpengine.dll, versione: 1.1.16900.4, timestamp: 0x5e70249a

Codice eccezione: 0xc0000005

Offset errore 0x00000000001d00cf

ID processo che ha generato l'errore: 0xac

Ora di avvio dell'applicazione che ha generato l'errore: 0x01d60ec33667deaa

Percorso dell'applicazione che ha generato l'errore: C:Program FilesMicrosoft Security ClientMsMpEng.exe

Percorso del modulo che ha generato l'errore: C:ProgramDataMicrosoftMicrosoft AntimalwareDefinition UpdatesABFDE23F-10A0-40FD-89BB-EEAFDF90A038mpengine.dll

ID segnalazione: 2686ef91-803b-11ea-ad8b-1c7508f37aca

Error: (04/16/2020 10:25:52 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Il programma Explorer.EXE versione 6.1.7601.23537 non interagisce più con Windows ed è stato chiuso. Per vedere se sono disponibili ulteriori informazioni sul problema, verificare la cronologia del problema in Centro operativo nel Pannello di controllo.

ID processo: 804

Ora di avvio: 01d60ec34d82acc2

Ora di chiusura: 0

Percorso applicazione: C:WindowsExplorer.EXE

ID segnalazione: cb278b7b-8028-11ea-ad8b-1c7508f37aca

System errors:

=============

Error: (04/18/2020 02:23:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Il servizio Avira Phantom VPN è stato arrestato in modo imprevisto. Questo problema si è verificato 1 volta/e. Le seguenti azioni di correzione saranno eseguite tra 5000 millisecondi: Riavvia il servizio.

Error: (04/17/2020 12:40:19 AM) (Source: Microsoft Antimalware) (EventID: 3002) (User: )

Description: La funzionalità di protezione in tempo reale di Antimalware Microsoft ha rilevato un errore e non è riuscita.

Funzionalità: Network Inspection System

Codice errore: 0x80070002

Descrizione errore: Impossibile trovare il file specificato.

Motivo: Nel sistema mancano degli aggiornamenti necessari per l'esecuzione di Network Inspection System. Installare gli aggiornamenti necessari e riavviare il computer.

Error: (04/17/2020 12:38:27 AM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Il servizio Microsoft Antimalware Service è stato arrestato in modo imprevisto. Questo problema si è verificato 1 volta/e. Le seguenti azioni di correzione saranno eseguite tra 100 millisecondi: Esegui il programma di ripristino configurato.

Error: (04/17/2020 12:36:50 AM) (Source: Microsoft Antimalware) (EventID: 5008) (User: )

Description: Il motore Antimalware Microsoft è stato interrotto a causa di un errore imprevisto.

Tipo errore: Arresto anomalo

Codice eccezione: 0xc0000005

Risorsa: file:C:UsersDanieleDownloadsSample GESE Grade 5 Topic form_completed..pdf

Error: (04/16/2020 11:28:52 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)

Description: Ricevuto avviso di errore irreversibile: 40.

Error: (04/16/2020 11:28:52 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)

Description: Ricevuto avviso di errore irreversibile: 70.

Error: (04/16/2020 10:18:15 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)

Description: Ricevuto avviso di errore irreversibile: 40.

Error: (04/16/2020 10:18:15 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)

Description: Ricevuto avviso di errore irreversibile: 70.

Windows Defender:

===================================

Date: 2016-06-22 23:31:54.534

La description:

Windows Defender: errore durante il tentativo di caricare le firme. Verrà tentato di ripristinare un set di firme valido.

Firme tentate:Corrente

Codice errore:0x80070002

Descrizione errore:Impossibile trovare il file specificato.

Versione firma:0.0.0.0

Versione modulo:0.0.0.0

==================== Memory info ===========================

BIOS: Acer V1.07 03/02/2011

Motherboard: Acer JE50_HR

Processor: Intel® Core™ i5-2410M CPU @ 2.30GHz

Percentage of memory in use: 92%

Total physical RAM: 8043.86 MB

Available physical RAM: 633.23 MB

Total Virtual: 24426 MB

Available Virtual: 15554.41 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:290.05 GB) (Free:130.96 GB) NTFS

Drive d: (DATA) (Fixed) (Total:290.4 GB) (Free:143.46 GB) NTFS

Drive e: (Misc) (CDROM) (Total:0.69 GB) (Free:0.13 GB) UDF

Drive g: () (Removable) (Total:29.27 GB) (Free:1.17 GB) FAT32

?Volume283c1efb-a59f-11e2-b4d5-806e6f6e6963 (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

?Volume283c1efa-a59f-11e2-b4d5-806e6f6e6963 (PQSERVICE) (Fixed) (Total:15.62 GB) (Free:2.53 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================

Disk: 0 (MBR Code: Windows 7/8/10) (Size: 596.2 GB) (Disk ID: BD414BA4)

Partition 1: (Not Active) – (Size=15.6 GB) – (Type=27)

Partition 2: (Active) – (Size=100 MB) – (Type=07 NTFS)

Partition 3: (Not Active) – (Size=290.1 GB) – (Type=07 NTFS)

Partition 4: (Not Active) – (Size=290.4 GB) – (Type=07 NTFS)

==========================================================

Disk: 1 (Protective MBR) (Size: 29.3 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

Laisser un commentaire