Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-06-2020
- Ran by Alessio (12-06-2020 10:57:06)
- Running from C:\Users\Alessio\Desktop
- Windows 10 Home Version 1909 18363.900 (X64) (2019-07-08 05:46:10)
- Boot Mode: Normal
- ==========================================================
- ==================== Accounts: =============================
- Administrator (S-1-5-21-3292274139-1089434938-2624114850-500 - Administrator - Disabled)
- Alessio (S-1-5-21-3292274139-1089434938-2624114850-1002 - Administrator - Enabled) => C:\Users\Alessio
- DefaultAccount (S-1-5-21-3292274139-1089434938-2624114850-503 - Limited - Disabled)
- Guest (S-1-5-21-3292274139-1089434938-2624114850-501 - Limited - Disabled)
- WDAGUtilityAccount (S-1-5-21-3292274139-1089434938-2624114850-504 - Limited - Disabled)
- ==================== Security Center ========================
- (If an entry is included in the fixlist, it will be removed.)
- AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
- AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
- ==================== Installed Programs ======================
- (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
- µTorrent (HKU\S-1-5-21-3292274139-1089434938-2624114850-1002\...\uTorrent) (Version: 3.5.5.45672 - BitTorrent Inc.)
- Adobe Acrobat Reader DC - Italiano (HKLM-x32\...\{AC76BA86-7AD7-1040-7B44-AC0F074E4100}) (Version: 20.009.20067 - Adobe Systems Incorporated)
- Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.371 - Adobe)
- Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.5.205 - Adobe, Inc.)
- Aggiornamenti NVIDIA 38.0.5.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.5.0 - NVIDIA Corporation) Hidden
- Apple Mobile Device Support (HKLM\...\{C788AE25-3D4E-4D18-811B-3219F778487E}) (Version: 13.5.1.2 - Apple Inc.)
- Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
- Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
- Broadcom Bluetooth Drivers (HKLM\...\{0A1B4690-E176-4533-8058-939480AEE1D0}) (Version: 12.0.1.695 - Broadcom Corporation)
- Burraconline 4.53 (HKLM-x32\...\Burraconline) (Version: 4.53 - Drag & Air S.n.c.)
- CPUID HWMonitor 1.41 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.41 - CPUID, Inc.)
- D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
- Dacia Media Nav Evolution Toolbox (HKLM-x32\...\Dacia Media Nav Evolution Toolbox) (Version: - )
- DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 425.31 - NVIDIA Corporation) Hidden
- Driver Booster 7 (HKLM-x32\...\Driver Booster_is1) (Version: 7.5.0 - IObit)
- Epic Games Launcher (HKLM-x32\...\{50D1A809-ABAA-47DD-A19C-96B90970AF1E}) (Version: 1.1.144.0 - Epic Games, Inc.)
- Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
- Free Download Manager (HKLM\...\{43781dff-e0df-49ce-a6d2-47da96a485e7}}_is1) (Version: 5.1.38.7312 - FreeDownloadManager.ORG)
- Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.97 - Google LLC)
- Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
- Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
- HP Support Solutions Framework (HKLM-x32\...\{3BCFA6C8-4D79-4496-AE77-8FACC7961AC5}) (Version: 12.10.49.21 - Hewlett-Packard Company)
- HP Utility Center (HKLM\...\{AED1C141-3AFC-47FE-AE90-C820AA60B103}) (Version: 2.2.5 - Hewlett-Packard Company)
- HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
- IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6491.0 - IDT)
- iTunes (HKLM\...\{81D32D2F-1C41-4874-980D-FBFBC359977F}) (Version: 12.10.7.3 - Apple Inc.)
- Java 8 Update 241 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180241F0}) (Version: 8.0.2410.7 - Oracle Corporation)
- Java 8 Update 251 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180251F0}) (Version: 8.0.2510.8 - Oracle Corporation)
- Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
- Main Services (HKLM\...\{A4725543-FC1F-4AC5-A3CD-5B4F25901FA9}) (Version: 1.3.9 - System Native) Hidden <==== ATTENTION
- Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
- Microsoft Office Professional Plus 2019 - it-it (HKLM\...\ProPlus2019Volume - it-it) (Version: 16.0.10359.20023 - Microsoft Corporation)
- Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
- Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
- Microsoft SQL Server Compact 4.0 x64 ITA (HKLM\...\{3033DA3C-0B52-494E-AB30-08D5CD4EA2C3}) (Version: 4.0.8482.1 - Microsoft Corporation)
- Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
- Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
- Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
- Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
- Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
- Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
- Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
- Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
- Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
- Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
- Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
- Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
- Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
- Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
- Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
- Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
- Microsoft Visual Studio 2010 Tools per Office Runtime (x64) - Language Pack - ITA (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ITA) (Version: 10.0.50903 - Microsoft Corporation)
- Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
- Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
- Movie Maker (HKLM-x32\...\{3C5F91EF-5C0B-4D13-BCBE-0FC6FC3ED7F9}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
- Movie Maker (HKLM-x32\...\{45898170-E68C-4F02-AA35-C2186BF347A3}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
- Movie Maker (HKLM-x32\...\{7693587D-5D66-4208-ABEA-C370217D1D9B}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
- Mozilla Firefox 72.0.2 (x64 it) (HKLM\...\Mozilla Firefox 72.0.2 (x64 it)) (Version: 72.0.2 - Mozilla)
- Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 72.0.2.7321 - Mozilla)
- NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
- NVIDIA GeForce Experience 3.20.3.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.3.63 - NVIDIA Corporation)
- Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.10359.20023 - Microsoft Corporation) Hidden
- Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.10359.20023 - Microsoft Corporation) Hidden
- Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.10359.20023 - Microsoft Corporation) Hidden
- Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0410-0000-0000000FF1CE}) (Version: 16.0.10359.20023 - Microsoft Corporation) Hidden
- Pannello di controllo NVIDIA 425.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 425.31 - NVIDIA Corporation) Hidden
- PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2) (Version: - )
- Raccolta foto (HKLM-x32\...\{FA6BC7A5-85B3-4DC2-825C-D508E386151A}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
- Ralink Bluetooth Stack64 (HKLM\...\{8A2E2A41-B814-407E-2F96-4E433C42AB78}) (Version: 11.0.739.0 - Mediatek)
- Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.29.8105 - Mediatek)
- Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21239 - Realtek Semiconductor Corp.)
- Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.19.726.2013 - Realtek)
- Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7240 - Realtek Semiconductor Corp.)
- Revo Uninstaller 2.1.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.5 - VS Revo Group, Ltd.)
- Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.24.258 - Rockstar Games)
- Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.5.6 - Rockstar Games)
- Sid Meier's Civilization 6 (HKLM-x32\...\Sid Meier's Civilization 6_is1) (Version: - )
- Sky Go 8.3.0.0 (HKU\S-1-5-21-3292274139-1089434938-2624114850-1002\...\com.bskyb.skygoplayer_is1) (Version: 8.3.0.0 - Sky)
- Skype versione 8.55 (HKLM-x32\...\Skype_is1) (Version: 8.55 - Skype Technologies S.A.)
- Spotify (HKU\S-1-5-21-3292274139-1089434938-2624114850-1002\...\Spotify) (Version: 1.1.34.694.gac68a2b3 - Spotify AB)
- Supporto applicazioni Apple (32 bit) (HKLM-x32\...\{11C4575B-4B32-44D2-A097-D59A00BA60DE}) (Version: 8.5 - Apple Inc.)
- Supporto applicazioni Apple (64 bit) (HKLM\...\{D39B163A-9E12-442C-95E9-33FA5746AB21}) (Version: 8.5 - Apple Inc.)
- swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
- Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.5.10.69 - Synaptics Incorporated)
- The Sims 4 version final (HKLM-x32\...\The Sims 4_is1) (Version: final - The)
- Two Point Hospital (HKLM-x32\...\Two Point Hospital_is1) (Version: - )
- UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
- UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
- Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
- VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.10 - VideoLAN)
- Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
- Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
- Packages:
- =========
- Componente aggiuntivo motore dei supporti Foto -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-10-09] (Microsoft Corporation)
- Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2019-07-08] (Microsoft Corporation) [MS Ad]
- Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-19] (Microsoft Corporation) [MS Ad]
- Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-19] (Microsoft Corporation) [MS Ad]
- Microsoft News: le ultime notizie in tempo reale -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.40.21551.0_x64__8wekyb3d8bbwe [2020-06-09] (Microsoft Corporation)
- Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.5012.0_x64__8wekyb3d8bbwe [2020-05-04] (Microsoft Studios) [MS Ad]
- MSN Meteo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-30] (Microsoft Corporation) [MS Ad]
- MSN Salute & Benessere -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
- MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-30] (Microsoft Corporation) [MS Ad]
- YouCam for HP -> C:\Program Files\WindowsApps\CyberLinkCorp.hs.YouCamforHP_1.0.2.29632_x86__06qsbagp91rvg [2014-07-15] (CYBERLINKCOM CORP)
- ==================== Custom CLSID (Whitelisted): ==============
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- CustomCLSID: HKU\S-1-5-21-3292274139-1089434938-2624114850-1002_Classes\CLSID\{C591CFEA-E432-495d-A0BE-58E4CCD87B17}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
- ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
- ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
- ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
- ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
- ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
- ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
- ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
- ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
- ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
- ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
- ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
- ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
- ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
- ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
- ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
- ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
- ContextMenuHandlers1: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
- ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
- ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
- ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2015-07-25] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
- ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation)
- ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
- ContextMenuHandlers6: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
- ==================== Codecs (Whitelisted) ====================
- (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
- HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2014-09-26] (Electronic Arts -> On2.com)
- HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2014-09-26] (Electronic Arts -> On2.com)
- ==================== Shortcuts & WMI ========================
- ==================== Loaded Modules (Whitelisted) =============
- 2020-04-25 12:17 - 2019-01-30 21:58 - 000037376 _____ () [File not signed] C:\Program Files (x86)\Free Download Manager\WinDivert.dll
- 2020-04-25 12:17 - 2019-01-30 21:59 - 000436224 _____ (FreeDownloadManager.org) [File not signed] C:\Program Files (x86)\Free Download Manager\common.dll
- 2020-04-25 12:17 - 2019-01-30 22:01 - 005938176 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Free Download Manager\Qt5Core.dll
- 2020-04-25 12:17 - 2018-05-15 06:35 - 006345216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Free Download Manager\Qt5Gui.dll
- 2020-04-25 12:17 - 2018-05-15 06:35 - 001256960 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Free Download Manager\Qt5Network.dll
- 2020-04-25 12:17 - 2018-05-15 06:33 - 000207360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Free Download Manager\Qt5Sql.dll
- 2020-04-25 12:17 - 2018-05-15 06:38 - 005515264 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Free Download Manager\Qt5Widgets.dll
- ==================== Alternate Data Streams (Whitelisted) ========
- (If an entry is included in the fixlist, only the ADS will be removed.)
- AlternateDataStreams: C:\Users\Alessio\ntuser.ini:NTV [8494]
- AlternateDataStreams: C:\Users\Public\AppData:CSM [474]
- AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [470]
- ==================== Safe Mode (Whitelisted) ==================
- (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\67037927.sys => ""="Driver"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\67037927.sys => ""="Driver"
- ==================== Association (Whitelisted) =================
- ==================== Internet Explorer trusted/restricted ==========
- (If an entry is included in the fixlist, it will be removed from the registry.)
- IE trusted site: HKU\S-1-5-21-3292274139-1089434938-2624114850-1002\...\localhost -> localhost
- ==================== Hosts content: =========================
- (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
- 2013-08-22 15:25 - 2018-01-28 14:34 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
- 127.0.0.1 localhost
- 2017-05-02 14:53 - 2019-08-06 21:54 - 000000375 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
- ==================== Other Areas ===========================
- (Currently there is no automatic fix for this section.)
- HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
- HKU\S-1-5-21-3292274139-1089434938-2624114850-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Alessio\Desktop\15069.jpg
- DNS Servers: 192.168.1.254
- HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
- HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
- Windows Firewall is enabled.
- ==================== MSCONFIG/TASK MANAGER disabled items ==
- (If an entry is included in the fixlist, it will be removed.)
- MSCONFIG\Services: 0047241405163143mcinstcleanup => 2
- MSCONFIG\Services: 44a4172c7530014e51d5694d66408213 => 2
- MSCONFIG\Services: AdobeARMservice => 2
- MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
- MSCONFIG\Services: AGMService => 2
- MSCONFIG\Services: AGSService => 2
- MSCONFIG\Services: ApHidMonitorService => 2
- MSCONFIG\Services: Apple Mobile Device Service => 2
- MSCONFIG\Services: BEService => 3
- MSCONFIG\Services: Bonjour Service => 2
- MSCONFIG\Services: BstHdAndroidSvc => 3
- MSCONFIG\Services: BstHdLogRotatorSvc => 3
- MSCONFIG\Services: BstHdPlusAndroidSvc => 3
- MSCONFIG\Services: cphs => 3
- MSCONFIG\Services: Disc Soft Lite Bus Service => 3
- MSCONFIG\Services: EasyAntiCheat => 3
- MSCONFIG\Services: GoogleChromeElevationService => 3
- MSCONFIG\Services: gupdate => 2
- MSCONFIG\Services: gupdatem => 3
- MSCONFIG\Services: hpsrv => 2
- MSCONFIG\Services: HPSupportSolutionsFrameworkService => 2
- MSCONFIG\Services: igfxCUIService2.0.0.0 => 2
- MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3
- MSCONFIG\Services: Intel(R) TPM Provisioning Service => 2
- MSCONFIG\Services: iPod Service => 3
- MSCONFIG\Services: ManyCam Service => 2
- MSCONFIG\Services: MBAMService => 2
- MSCONFIG\Services: MozillaMaintenance => 3
- MSCONFIG\Services: SkypeUpdate => 2
- MSCONFIG\Services: sshd => 3
- MSCONFIG\Services: ss_conn_service => 2
- MSCONFIG\Services: STacSV => 2
- MSCONFIG\Services: SynTPEnhService => 2
- MSCONFIG\Services: valWBFPolicyService => 2
- HKLM\...\StartupApproved\StartupFolder: => "ISCTSystray.lnk"
- HKLM\...\StartupApproved\Run: => "IgfxTray"
- HKLM\...\StartupApproved\Run: => "HotKeysCmds"
- HKLM\...\StartupApproved\Run: => "Persistence"
- HKLM\...\StartupApproved\Run: => "SysTrayApp"
- HKLM\...\StartupApproved\Run: => "OPBHOBroker"
- HKLM\...\StartupApproved\Run: => "OPBHOBrokerDesktop"
- HKLM\...\StartupApproved\Run: => "SynTPEnh"
- HKLM\...\StartupApproved\Run: => "iTunesHelper"
- HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
- HKLM\...\StartupApproved\Run32: => "AccelerometerSysTrayApplet"
- HKLM\...\StartupApproved\Run32: => "HPMessageService"
- HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
- HKU\S-1-5-21-3292274139-1089434938-2624114850-1002\...\StartupApproved\Run: => "Facebook Update"
- HKU\S-1-5-21-3292274139-1089434938-2624114850-1002\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
- HKU\S-1-5-21-3292274139-1089434938-2624114850-1002\...\StartupApproved\Run: => "Skype"
- HKU\S-1-5-21-3292274139-1089434938-2624114850-1002\...\StartupApproved\Run: => "Steam"
- HKU\S-1-5-21-3292274139-1089434938-2624114850-1002\...\StartupApproved\Run: => "BlueStacks Agent"
- HKU\S-1-5-21-3292274139-1089434938-2624114850-1002\...\StartupApproved\Run: => "Spotify"
- HKU\S-1-5-21-3292274139-1089434938-2624114850-1002\...\StartupApproved\Run: => "Spotify Web Helper"
- HKU\S-1-5-21-3292274139-1089434938-2624114850-1002\...\StartupApproved\Run: => "EpicGamesLauncher"
- ==================== FirewallRules (Whitelisted) ================
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- FirewallRules: [{4345E658-BB64-4672-A93D-31F2F1DF2FF2}] => (Allow) LPort=1688
- FirewallRules: [UDP Query User{82D61F6D-3DBC-4255-8369-4AFE35F7919E}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
- FirewallRules: [TCP Query User{3155A86F-4E2D-4624-96C3-8E0EAC8D662B}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
- FirewallRules: [{251FE14C-C210-4A69-A225-04EB0896DDF6}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
- FirewallRules: [{563DB9A5-09B4-4878-A06B-5B123DDCE009}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
- FirewallRules: [{33175371-684D-40BC-9BF2-41CB37B18804}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
- FirewallRules: [{A1E83E58-C36E-465C-A845-42678DCA8112}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
- FirewallRules: [TCP Query User{450E960B-C4C2-4F5D-AD31-22DF37784C64}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
- FirewallRules: [UDP Query User{11D8F414-5B26-43FD-AF68-65F34604442D}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
- FirewallRules: [TCP Query User{BD2A3C4C-666E-4AF2-801A-AAF13012CD75}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
- FirewallRules: [UDP Query User{E6D6A7CD-2522-468A-921D-A775ECC6EE29}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
- FirewallRules: [TCP Query User{DFC7B1AE-EE91-4855-9C9C-F2546C6BFA98}C:\program files (x86)\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files (x86)\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
- FirewallRules: [UDP Query User{5ED221D3-114C-4C8C-8D9B-B72C65316B8C}C:\program files (x86)\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files (x86)\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
- FirewallRules: [TCP Query User{81AAB97B-42ED-4C59-90E4-C3776566EEBE}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
- FirewallRules: [UDP Query User{F4A453EE-B3F4-4BC4-852D-16BE092070A3}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
- FirewallRules: [TCP Query User{74567EDD-039F-4FDE-8531-9860381811A7}C:\users\alessio\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\alessio\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
- FirewallRules: [UDP Query User{EBDCE531-BB5D-49E0-849D-DE9194ED5E70}C:\users\alessio\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\alessio\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
- FirewallRules: [{D3BE481C-9205-4993-853D-80FC2672BC01}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
- FirewallRules: [TCP Query User{95F1C0C6-C0FD-4AB2-9932-60FC9F3D7618}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
- FirewallRules: [UDP Query User{062695FE-3CF1-4667-B47D-BE338E037C1F}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
- FirewallRules: [TCP Query User{054B204D-D8AC-4311-BF7C-0D0AD0AA6A60}C:\program files (x86)\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files (x86)\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
- FirewallRules: [UDP Query User{78BE7DFA-575D-4AD5-91BF-FC284C98CAD9}C:\program files (x86)\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files (x86)\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
- FirewallRules: [TCP Query User{4E18D49D-2FE2-4D8A-96CB-67CA43D056B8}C:\users\alessio\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\alessio\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
- FirewallRules: [UDP Query User{3277246E-15E6-410C-90FB-EBF3616F1D61}C:\users\alessio\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\alessio\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
- FirewallRules: [{2C34E4FA-F42A-414A-9809-8A4ED8E74271}] => (Allow) C:\Users\Alessio\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
- FirewallRules: [{3DC7EEA1-0637-4978-8F9B-0D94E287276A}] => (Allow) C:\Users\Alessio\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
- FirewallRules: [{9E61699F-D4BE-426F-AB0F-43EC66870782}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
- FirewallRules: [{A4343677-3EC7-41EC-8224-27A200D8E720}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
- FirewallRules: [TCP Query User{1F39056D-0E85-473A-9B0F-8A6CABBF189D}C:\program files (x86)\epic games\survivingmars\marsepic.exe] => (Allow) C:\program files (x86)\epic games\survivingmars\marsepic.exe (Haemimont Games AD -> Haemimont Games)
- FirewallRules: [UDP Query User{BD4FDECD-B963-4B33-8FF9-FF438014D70B}C:\program files (x86)\epic games\survivingmars\marsepic.exe] => (Allow) C:\program files (x86)\epic games\survivingmars\marsepic.exe (Haemimont Games AD -> Haemimont Games)
- FirewallRules: [{18A5CDB0-7301-47F7-858E-3C95F8B4B698}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
- FirewallRules: [{193A7863-6ACF-498D-B5E7-406C4CADDAFE}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
- FirewallRules: [{64F4F153-1B59-4013-A673-A6F34752D819}] => (Allow) C:\WINDOWS\SysWOW64\wscript.exe
- FirewallRules: [{4C0773FB-744E-4725-BCA5-21E86A67CB19}] => (Allow) C:\WINDOWS\SysWOW64\wscript.exe
- FirewallRules: [TCP Query User{3E9AA59C-6E6D-43B1-A36F-F4A6F193F8E9}C:\program files (x86)\the sims 4\game\bin\ts4_x64.exe] => (Allow) C:\program files (x86)\the sims 4\game\bin\ts4_x64.exe (Electronic Arts Inc.) [File not signed]
- FirewallRules: [UDP Query User{C4E6D753-7CF7-43F3-AA09-73CCE26E0D4A}C:\program files (x86)\the sims 4\game\bin\ts4_x64.exe] => (Allow) C:\program files (x86)\the sims 4\game\bin\ts4_x64.exe (Electronic Arts Inc.) [File not signed]
- FirewallRules: [TCP Query User{11C472AC-4735-4CAE-82D8-CC70A3359F24}C:\program files (x86)\the sims 4\game\bin\ts4_x64.exe] => (Allow) C:\program files (x86)\the sims 4\game\bin\ts4_x64.exe (Electronic Arts Inc.) [File not signed]
- FirewallRules: [UDP Query User{5DDB8891-E323-430E-8B54-C240D7398B6D}C:\program files (x86)\the sims 4\game\bin\ts4_x64.exe] => (Allow) C:\program files (x86)\the sims 4\game\bin\ts4_x64.exe (Electronic Arts Inc.) [File not signed]
- FirewallRules: [{1A0BE4C2-5DDD-4F06-B2AD-A82E7762C644}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
- FirewallRules: [{B0837D48-CD5F-4B1D-B7CA-9F8B938FC8FF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
- FirewallRules: [{8FB2CEF2-2325-48B7-967F-6132F0B1E524}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
- FirewallRules: [{D581A8CD-FD6B-4EA6-96C8-6DA8F103902A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
- FirewallRules: [{E076D06F-B9A5-45B7-9C02-BC5FBA9E8F63}] => (Allow) C:\Program Files (x86)\Free Download Manager\fdm.exe (FreeDownloadManager.org) [File not signed]
- FirewallRules: [{AD9F00DA-C68F-4B4A-B6F0-863E1EE347C5}] => (Allow) C:\Program Files (x86)\Free Download Manager\fdm.exe (FreeDownloadManager.org) [File not signed]
- FirewallRules: [{9C09D008-10FC-41A2-ADFE-3A03A7BEB72F}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
- FirewallRules: [TCP Query User{809A1441-8BE3-493E-A7D2-F9A1DAE2725F}C:\program files (x86)\epic games\gtav\gta5.exe] => (Allow) C:\program files (x86)\epic games\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
- FirewallRules: [UDP Query User{3D610DE8-9854-446D-AA40-17D6C5F8A464}C:\program files (x86)\epic games\gtav\gta5.exe] => (Allow) C:\program files (x86)\epic games\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
- FirewallRules: [{93265B44-C574-48C7-A30B-26452D34B47B}] => (Block) C:\program files (x86)\epic games\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
- FirewallRules: [{353AE326-6ADA-4C75-B3E4-43931B3C27B1}] => (Block) C:\program files (x86)\epic games\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
- FirewallRules: [{2B9D61D7-374A-4448-8B13-40574B617151}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
- ==================== Restore Points =========================
- 31-05-2020 15:32:35 Driver Booster : Audio Intel(R) per schermi
- 08-06-2020 19:58:23 Punto di controllo pianificato
- ==================== Faulty Device Manager Devices ============
- ==================== Event log errors: ========================
- Application errors:
- ==================
- Error: (06/12/2020 10:55:19 AM) (Source: ESENT) (EventID: 455) (User: )
- Description: svchost (28188,R,98) TILEREPOSITORYS-1-5-18: Si è verificato l'errore -1023 (0xfffffc01) durante l'apertura del file di log C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
- Error: (06/12/2020 10:35:11 AM) (Source: ESENT) (EventID: 455) (User: )
- Description: svchost (6552,R,98) TILEREPOSITORYS-1-5-18: Si è verificato l'errore -1023 (0xfffffc01) durante l'apertura del file di log C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
- Error: (06/11/2020 07:55:02 PM) (Source: ESENT) (EventID: 455) (User: )
- Description: svchost (25144,R,98) TILEREPOSITORYS-1-5-18: Si è verificato l'errore -1023 (0xfffffc01) durante l'apertura del file di log C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
- Error: (06/11/2020 06:58:41 PM) (Source: ESENT) (EventID: 455) (User: )
- Description: svchost (26420,R,98) TILEREPOSITORYS-1-5-18: Si è verificato l'errore -1023 (0xfffffc01) durante l'apertura del file di log C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
- Error: (06/11/2020 06:34:33 PM) (Source: ESENT) (EventID: 455) (User: )
- Description: svchost (4212,R,98) TILEREPOSITORYS-1-5-18: Si è verificato l'errore -1023 (0xfffffc01) durante l'apertura del file di log C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
- Error: (06/11/2020 06:17:33 PM) (Source: VSS) (EventID: 8193) (User: )
- Description: Errore del servizio Copia Shadow del volume: errore inatteso durante il richiamo della routine CoCreateInstance. hr = 0x8007045b, È in corso l'arresto del sistema.
- .
- Error: (06/11/2020 06:17:33 PM) (Source: VSS) (EventID: 13) (User: )
- Description: Informazioni del servizio Copia Shadow del volume: impossibile avviare il server COM con CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} denominato CEventSystem. [0x8007045b, È in corso l'arresto del sistema.
- ]
- Error: (06/11/2020 06:11:17 PM) (Source: ESENT) (EventID: 455) (User: )
- Description: svchost (10908,R,98) TILEREPOSITORYS-1-5-18: Si è verificato l'errore -1023 (0xfffffc01) durante l'apertura del file di log C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
- System errors:
- =============
- Error: (06/11/2020 03:55:04 PM) (Source: DCOM) (EventID: 10010) (User: PC-ALESSIO)
- Description: Il server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} non ha effettuato la registrazione con DCOM nel tempo richiesto.
- Error: (06/11/2020 03:55:04 PM) (Source: DCOM) (EventID: 10010) (User: PC-ALESSIO)
- Description: Il server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} non ha effettuato la registrazione con DCOM nel tempo richiesto.
- Error: (06/11/2020 03:55:04 PM) (Source: DCOM) (EventID: 10010) (User: PC-ALESSIO)
- Description: Il server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} non ha effettuato la registrazione con DCOM nel tempo richiesto.
- Error: (06/11/2020 03:55:04 PM) (Source: DCOM) (EventID: 10010) (User: PC-ALESSIO)
- Description: Il server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} non ha effettuato la registrazione con DCOM nel tempo richiesto.
- Error: (06/11/2020 03:55:04 PM) (Source: DCOM) (EventID: 10010) (User: PC-ALESSIO)
- Description: Il server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} non ha effettuato la registrazione con DCOM nel tempo richiesto.
- Error: (06/11/2020 03:55:04 PM) (Source: DCOM) (EventID: 10010) (User: PC-ALESSIO)
- Description: Il server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} non ha effettuato la registrazione con DCOM nel tempo richiesto.
- Error: (06/11/2020 03:55:04 PM) (Source: DCOM) (EventID: 10010) (User: PC-ALESSIO)
- Description: Il server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} non ha effettuato la registrazione con DCOM nel tempo richiesto.
- Error: (06/11/2020 03:55:04 PM) (Source: DCOM) (EventID: 10010) (User: PC-ALESSIO)
- Description: Il server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} non ha effettuato la registrazione con DCOM nel tempo richiesto.
- Windows Defender:
- ===================================
- Date: 2020-06-08 19:56:36.918
- Description:
- Windows Defender Antivirus: rilevato malware o altro software potenzialmente indesiderato.
- Ulteriori informazioni sono riportate di seguito:
- https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
- Nome: HackTool:Win32/AutoKMS
- ID: 2147685180
- Gravità: Alto
- Categoria: Strumento
- Percorso: rootcert:_648384A4DEE53D4C1C87E10D67CC99307CCC9C98
- Origine rilevamento: Sconosciuto
- Tipo rilevamento: Concreta
- Origine rilevamento: Sistema
- Utente: NT AUTHORITY\SYSTEM
- Nome processo: Unknown
- Versione intelligence sulla sicurezza: AV: 1.317.924.0, AS: 1.317.924.0, NIS: 1.317.924.0
- Versione motore: AM: 1.1.17100.2, NIS: 1.1.17100.2
- Date: 2020-06-08 12:33:06.584
- Description:
- Windows Defender Antivirus: analisi interrotta prima del completamento.
- ID analisi: {501EB73C-122A-49D7-A2DF-247A42598F37}
- Tipo analisi: Antimalware
- Parametri analisi: Analisi veloce
- Utente: NT AUTHORITY\SYSTEM
- Date: 2020-06-08 10:27:29.736
- Description:
- Windows Defender Antivirus: analisi interrotta prima del completamento.
- ID analisi: {A47A0A73-6837-4600-AB70-DC6859E1ED38}
- Tipo analisi: Antimalware
- Parametri analisi: Analisi veloce
- Utente: NT AUTHORITY\SYSTEM
- Date: 2020-06-07 11:53:25.565
- Description:
- Windows Defender Antivirus: analisi interrotta prima del completamento.
- ID analisi: {E9112750-9D68-4957-8F4F-D12D45E66B35}
- Tipo analisi: Antimalware
- Parametri analisi: Analisi veloce
- Utente: NT AUTHORITY\SYSTEM
- Date: 2020-06-06 19:23:28.793
- Description:
- Windows Defender Antivirus: analisi interrotta prima del completamento.
- ID analisi: {BC84D44D-23AE-421F-8665-A5C37FA859F2}
- Tipo analisi: Antimalware
- Parametri analisi: Analisi veloce
- Utente: NT AUTHORITY\SYSTEM
- Date: 2020-06-11 11:53:58.833
- Description:
- Windows Defender Antivirus: errore durante il tentativo di aggiornare l'intelligence sulla sicurezza.
- Nuova versione intelligence sulla sicurezza:
- Versione intelligence sulla sicurezza precedente: 1.317.1068.0
- Origine aggiornamento: Server Microsoft Update
- Tipo intelligence sulla sicurezza: Antivirus
- Tipo aggiornamento: Completo
- Utente: NT AUTHORITY\SYSTEM
- Versione motore corrente:
- Versione motore precedente: 1.1.17100.2
- Codice errore: 0x80240022
- Descrizione errore: Impossibile cercare gli aggiornamenti delle definizioni.
- Date: 2020-05-12 10:37:35.840
- Description:
- Windows Defender Antivirus: errore durante il tentativo di aggiornare l'intelligence sulla sicurezza.
- Nuova versione intelligence sulla sicurezza:
- Versione intelligence sulla sicurezza precedente: 1.315.487.0
- Origine aggiornamento: Server Microsoft Update
- Tipo intelligence sulla sicurezza: Antivirus
- Tipo aggiornamento: Completo
- Utente: NT AUTHORITY\SYSTEM
- Versione motore corrente:
- Versione motore precedente: 1.1.17000.7
- Codice errore: 0x80070102
- Descrizione errore: Tempo di attesa scaduto.
- CodeIntegrity:
- ===================================
- Date: 2020-06-11 11:42:30.699
- Description:
- Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender Antivirus Free\bdamsi\264642434163612704\antimalware_provider64.dll that did not meet the Microsoft signing level requirements.
- Date: 2020-06-11 11:42:30.683
- Description:
- Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender Antivirus Free\bdamsi\264642434163612704\antimalware_provider64.dll that did not meet the Microsoft signing level requirements.
- Date: 2020-06-11 11:42:30.664
- Description:
- Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender Antivirus Free\bdamsi\264642434163612704\antimalware_provider64.dll that did not meet the Microsoft signing level requirements.
- Date: 2020-06-11 11:42:30.646
- Description:
- Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender Antivirus Free\bdamsi\264642434163612704\antimalware_provider64.dll that did not meet the Microsoft signing level requirements.
- Date: 2020-06-11 11:42:30.633
- Description:
- Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender Antivirus Free\bdamsi\264642434163612704\antimalware_provider64.dll that did not meet the Microsoft signing level requirements.
- Date: 2020-06-11 11:42:30.616
- Description:
- Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender Antivirus Free\bdamsi\264642434163612704\antimalware_provider64.dll that did not meet the Microsoft signing level requirements.
- Date: 2020-06-11 10:53:12.043
- Description:
- Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender Antivirus Free\bdamsi\264642434163612704\antimalware_provider64.dll that did not meet the Windows signing level requirements.
- Date: 2020-06-11 10:53:12.037
- Description:
- Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bitdefender Antivirus Free\bdamsi\264642434163612704\antimalware_provider64.dll that did not meet the Windows signing level requirements.
- ==================== Memory info ===========================
- BIOS: Insyde F.53 03/05/2014
- Motherboard: Hewlett-Packard 1963
- Processor: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz
- Percentage of memory in use: 25%
- Total physical RAM: 12220.02 MB
- Available physical RAM: 9092.61 MB
- Total Virtual: 35772.02 MB
- Available Virtual: 32266.58 MB
- ==================== Drives ================================
- Drive c: (Windows) (Fixed) (Total:911.06 GB) (Free:414.06 GB) NTFS
- Drive d: (RECOVERY) (Fixed) (Total:18.69 GB) (Free:1.82 GB) NTFS ==>[system with boot components (obtained from drive)]
- \\?\Volume{f2d2bb88-8d03-4208-85cd-20ab38261eae}\ (WINRE) (Fixed) (Total:0.39 GB) (Free:0.11 GB) NTFS
- \\?\Volume{f83575ec-cddb-4341-af3c-1095e366cede}\ () (Fixed) (Total:0.98 GB) (Free:0.32 GB) NTFS
- \\?\Volume{23d1b3c9-f303-47be-aa0f-f8ee42097a2e}\ () (Fixed) (Total:0.25 GB) (Free:0.15 GB) FAT32
- ==================== MBR & Partition Table ====================
- ==========================================================
- Disk: 0 (Size: 931.5 GB) (Disk ID: 1E1F4777)
- Partition: GPT.
- ==================== End of Addition.txt =======================
Add Comment
Please, Sign In to add comment