nalex91

Thank you very much for your assistance and patience. Keep up with your good work, best regards, nalex91

Hello, I ran AdwCleaner and: # ------------------------------- # Malwarebytes AdwCleaner 8.0.8.0 # ------------------------------- # Build: 10-08-2020 # Database: 2020-09-29.1 (Local) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 12-12-2020 # Duration: 00:00:00 # OS: Windows 10 Pro # Cleaned: 1 # Failed: 0 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** No malicious folders cleaned. ***** [ Files ] ***** No malicious files cleaned. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks cleaned. ***** [ Registry ] ***** No malicious registry entries cleaned. ***** [ Chromium (and derivatives) ] ***** Deleted Amazon Assistant per Chrome - pbjikboenpfhbbejgkoklgkhjpfogcam ***** [ Chromium URLs ] ***** No malicious Chromium URLs cleaned. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ***** [ Hosts File Entries ] ***** No malicious hosts file entries cleaned. ***** [ Preinstalled Software ] ***** No Preinstalled Software cleaned. ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* AdwCleaner[S00].txt - [1961 octets] - [07/12/2020 22:52:47] AdwCleaner[C00].txt - [2039 octets] - [07/12/2020 22:54:02] AdwCleaner[S01].txt - [1585 octets] - [12/12/2020 20:34:22] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ########## I let it clean and reboot. Then I removed Amazon assistant from my chrome browser. I ran Adwcleaner again and no more issues were found. Then I ran Malwarebytes and: Defrag tool.txt It detected a defrag tool I installed this week. I had uninstalled it (not cleaned via Malwarebytes) and then did another scan with Malwarebytes. No issues were found.

Hello, Here's the continuation of the process: Fixlog.txt SophosVirusRemovalTool.log No issues detected by Sophos. Doubts and concerns: Where Could I have got that Roboot64.exe from? What are its malicious actions? Could it have affected my removable storage units where I store only data (images, videos, .pdf, microsoft office's files, music, iso files) ? Thanks, best regards, nalex91

Sorry for not replying man, I've been busy lately with work. I think I can continue the process this weekend. As soon as I got updates I'll inform you. Thanks for your worries.

Hello Kevin, this is the Malwarebytes' log after the cleaning process: Malwarebytes www.malwarebytes.com -Dettagli log- Data scansione: 07/12/20 Ora scansione: 22:40 File di log: e0b45354-38d4-11eb-a469-bc5ff4c7b967.json -Informazioni software- Versione: 3.7.1.2839 Versione componenti: 1.0.538 Aggiorna versione pacchetto: 1.0.19278 Licenza: Trial -Informazioni sistema- SO: Windows 10 (Build 18362.1198) CPU: x64 File system: NTFS Utente: CLAUDIO-PC\Claudio -Riepilogo scansione- Tipo di scansione: Ricerca elementi nocivi Scansione avviata da: Manuale Risultati: Completata Elementi analizzati: 287291 Minacce rilevate: 1 Minacce messe in quarantena: 1 Tempo impiegato: 2 min, 47 sec -Opzioni di scansione- Memoria: Attivata Esecuzioni automatiche: Attivata File system: Attivata Archivi compressi: Attivata Rootkit: Attivata Analisi euristica: Attivata PUP: Rilevare PUM: Rilevare -Dettagli scansione- Processo: 0 (Nessun elemento nocivo rilevato) Modulo: 0 (Nessun elemento nocivo rilevato) Chiave di registro: 0 (Nessun elemento nocivo rilevato) Valore di registro: 0 (Nessun elemento nocivo rilevato) Dati di registro: 0 (Nessun elemento nocivo rilevato) Flusso di dati: 0 (Nessun elemento nocivo rilevato) Cartella: 0 (Nessun elemento nocivo rilevato) File: 1 PUP.Optional.SysTweak, C:\WINDOWS\SYSTEM32\ROBOOT64.EXE, In quarantena, [831], [395666],1.0.19278 Settore fisico: 0 (Nessun elemento nocivo rilevato) WMI: 0 (Nessun elemento nocivo rilevato) (end) And this is the MB Adwcleaner's log after the cleaning process: # ------------------------------- # Malwarebytes AdwCleaner 8.0.8.0 # ------------------------------- # Build: 10-08-2020 # Database: 2020-09-29.1 (Local) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 12-07-2020 # Duration: 00:00:01 # OS: Windows 10 Pro # Cleaned: 6 # Failed: 0 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** No malicious folders cleaned. ***** [ Files ] ***** No malicious files cleaned. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks cleaned. ***** [ Registry ] ***** Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\mytransitguide.dl.myway.com Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\mytransitguide.dl.tb.ask.com Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\myway.com Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\ak.staticimgfarm.com Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\staticimgfarm.com ***** [ Chromium (and derivatives) ] ***** Deleted Amazon Assistant per Chrome - pbjikboenpfhbbejgkoklgkhjpfogcam ***** [ Chromium URLs ] ***** No malicious Chromium URLs cleaned. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ***** [ Hosts File Entries ] ***** No malicious hosts file entries cleaned. ***** [ Preinstalled Software ] ***** No Preinstalled Software cleaned. ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* AdwCleaner[S00].txt - [1961 octets] - [07/12/2020 22:52:47] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ########## This is the FRST.txt log: Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-12-2020 Ran by Claudio (administrator) on CLAUDIO-PC (07-12-2020 23:01:33) Running from C:\Users\Claudio\Desktop Loaded Profiles: Claudio Platform: Windows 10 Pro Version 1909 18363.1198 (X64) Language: Italiano (Italia) Default browser: Chrome Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Alexey Nicolaychuk -> ) C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe (Alexey Nicolaychuk -> ) C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe (Alexey Nicolaychuk -> ) C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe (DEVGURU CO LTD -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe (Even Balance, Inc. -> ) C:\WINDOWS\SysWOW64\PnkBstrA.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <17> (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation -> Intel Corporation) C:\WINDOWS\System32\IPROSetMonitor.exe (Microsoft Corporation -> Microsoft Corporation) C:\Users\Claudio\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe (Microsoft Corporation -> Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2> (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\oobe\UserOOBEBroker.exe (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\smartscreen.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe (MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2> (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3> (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3> (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe (Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe <2> ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe" HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2015-05-30] (Intel Corporation - Software and Firmware Products -> Intel Corporation) HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-1383695700-1847625372-2000665172-1000\...\Run: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe [1938296 2020-11-29] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-1383695700-1847625372-2000665172-1000\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3515120 2020-11-18] (Razer USA Ltd. -> Razer Inc.) HKU\S-1-5-21-1383695700-1847625372-2000665172-1000\...\Run: [BingWallpaperApp] => C:\Users\Claudio\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe [11466632 2020-11-25] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3515120 2020-11-18] (Razer USA Ltd. -> Razer Inc.) HKLM\...\Print\Monitors\Epson Inbox Language Monitor01: C:\Windows\system32\EP0SLM01.DLL [77824 2009-07-14] (SEIKO EPSON CORPORATION) [File not signed] HKLM\...\Print\Monitors\EPSON Stylus DX3800 Series 64MonitorBE: C:\Windows\system32\E_ILMACE.DLL [119808 2005-06-09] (SEIKO EPSON CORPORATION) [File not signed] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-03] (Google LLC -> Google LLC) HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> Startup: C:\Users\Claudio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AORUS ENGINE.lnk [2019-10-02] ShortcutTarget: AORUS ENGINE.lnk -> C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\autorun.exe () [File not signed] ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {06F6AACD-168C-4B7B-94FE-44B8E131E550} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe Task: {08F3C041-9E53-4B70-BDA0-3B997D89AC48} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.) Task: {160D503E-E9FA-4FBA-ABF9-7D72502368C5} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1} Task: {177135A1-30DF-4836-B671-73CB40D7C502} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61} Task: {1D9A63A9-9812-4639-B1F4-7DDFDF4B5A2E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {27350449-F381-43F1-8815-814D877074DF} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe Task: {2775053F-ACF9-4BC2-BC64-E27FB8218598} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {2EA3C404-CA4A-4B3A-92FA-BDC97D5B8A67} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe Task: {3A271176-EC3D-4D5B-AA46-71A04B3E8709} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-06-02] (Google LLC -> Google LLC) Task: {4179CED0-2361-44A2-928F-39AD91C6D4AE} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969} Task: {419D4FB3-A843-44E2-9A43-CC83AB708209} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe Task: {4318CE65-FEEB-43E4-9D38-30A96E4AC21C} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47c2-B62A-B7C4CED925CB} Task: {5129E4D4-29A8-438A-86E4-64AA8CDCC277} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {58082AB3-BA78-48C5-8DAD-D09D0F34E45A} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {5AA3FB5A-507F-46E7-BFDE-28BD2E2A6F64} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A} Task: {5C9AFD23-677C-428B-B3EE-323EDCDD7DBE} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {5D6F81FF-722A-480F-BA12-A8DCC0603E30} - System32\Tasks\{64473F41-CAF7-4FA3-B1BA-AEB27307F528} => C:\Program Files (x86)\Activision\Call of Duty 2\CoD2MP_s.exe Task: {612268EF-8865-4BEC-B013-CDBF6EDC6036} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {651E85E4-917C-4317-9CE1-BBC8CFF11F3D} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {6543C703-F5EA-49D3-8A37-E0A7803E4F00} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {6C41F7F9-55B8-4D87-8478-D8A94C4B6D93} - System32\Tasks\{60765B03-D9FB-4B2F-A439-E53B5C7F93AE} => C:\Windows\system32\pcalua.exe -a C:\Users\Claudio\Desktop\win64_15.36.36.5067.exe -d C:\Users\Claudio\Desktop Task: {6FF55896-69AD-4194-BC80-61DAB3D407EE} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {75A5FD65-8F40-4B2D-B495-E5FA9F6112C7} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {790BB4EF-4CFA-4B01-9E4A-827E481B609D} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316} Task: {7944A7BA-690B-4A84-A9EB-EA73446E9A5F} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {7C0D2135-19F4-4EC1-9D37-9BACD0E4D3CF} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {7F10FED8-EF67-42C0-B407-AC15368DCC01} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {8083652C-7E7F-46B1-A5A7-E4CC0485F2A8} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {89713696-5E84-48BC-ACC2-6DBA6FA7E544} - System32\Tasks\Launcher GIGABYTE AORUS GRAPHICS ENGINE => C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\AORUS.exe [32859056 2019-09-19] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGABYTE Technology Co.,Ltd.) Task: {951BC83D-F7BF-4598-BFE7-0245074E4A1A} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {9A561929-07B9-4C9F-B8CD-3E45A14374D6} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe Task: {A2810E51-90E3-455D-B2F9-064CCD9341C9} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe Task: {A33D788E-10E4-4F8C-A301-B54FEF8E7861} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E} Task: {A5A23EC8-771D-415A-ACE1-7DBA32AA5E57} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {A67150BA-DFB9-49CE-9C75-D41F4457C7CC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-09] (Adobe Inc. -> Adobe) Task: {A92F9290-D97C-4F3C-8766-86E34C3E7741} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40b4-8963-D3C761B18371} Task: {BBAB1716-2477-4AF9-8020-2D137D298CA4} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation) Task: {C076EA1F-8726-462B-AAC2-3101F0A96274} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log Task: {C12CC779-501B-4CC8-966D-0B62B438585A} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe Task: {C3C8B9C6-B5A8-493D-8F61-462C33AF924B} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe Task: {C829870A-99EF-4396-BA4D-1BB75878C3DC} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe Task: {D182975F-5151-4180-98E3-2249623B96B1} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation) Task: {DC3DC87E-633F-4A4B-93E3-0EB4D399B432} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files (x86)\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [2774904 2020-11-29] (Microsoft Corporation -> Microsoft Corporation) Task: {EDDEF513-2230-457D-ADE9-8DCD10D0352C} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [781808 2019-04-21] (MICRO-STAR INTERNATIONAL CO., LTD. -> ) Task: {EE2C0A1C-54BE-49DF-A184-0A70988D2874} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe Task: {FD08C0A5-8047-4630-BF1F-B18B7DFC6975} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-06-02] (Google LLC -> Google LLC) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{FFD8BCD1-0951-468A-89D6-75187FB836B9}: [DhcpNameServer] 192.168.0.1 Edge: ====== Edge DefaultProfile: Default Edge Profile: C:\Users\Claudio\AppData\Local\Microsoft\Edge\User Data\Default [2020-12-07] Edge HomePage: Default -> hxxp://www.google.com/ Edge Extension: (Amazon Assistant) - C:\Users\Claudio\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hkmnokmdbkkafgmpfhhiniclfnfpmogj [2020-09-25] Edge Extension: (All Video Downloader professional) - C:\Users\Claudio\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mbpnbnogejaolbhfpfgagldkeahefbhd [2020-08-15] Edge Extension: (AdBlock: il miglior ad-blocker di sempre) - C:\Users\Claudio\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog [2020-11-28] FireFox: ======== FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-11-19] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Claudio\AppData\Local\Google\Chrome\User Data\Default [2020-12-07] CHR HomePage: Default -> hxxp://www.google.com/ CHR Session Restore: Default -> is enabled. CHR Extension: (Presentazioni) - C:\Users\Claudio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13] CHR Extension: (Just Black) - C:\Users\Claudio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aghfnjkcakhmadgdomlmlhhaocbkloab [2020-08-01] CHR Extension: (Documenti) - C:\Users\Claudio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13] CHR Extension: (Google Drive) - C:\Users\Claudio\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24] CHR Extension: (TV) - C:\Users\Claudio\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2015-06-01] CHR Extension: (YouTube) - C:\Users\Claudio\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27] CHR Extension: (Google Search) - C:\Users\Claudio\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29] CHR Extension: (Adobe Acrobat) - C:\Users\Claudio\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-09-20] CHR Extension: (Video Downloader professional) - C:\Users\Claudio\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2020-07-24] CHR Extension: (Fogli) - C:\Users\Claudio\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13] CHR Extension: (Documenti Google offline) - C:\Users\Claudio\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-11] CHR Extension: (AdBlock: il miglior ad-blocker di sempre) - C:\Users\Claudio\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-11-28] CHR Extension: (World Time Buddy) - C:\Users\Claudio\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdhpjomiingppeefgnohkiapmnaeakoj [2015-06-01] CHR Extension: (Pagamenti Chrome Web Store) - C:\Users\Claudio\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04] CHR Extension: (Amazon Assistant per Chrome) - C:\Users\Claudio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2020-12-07] CHR Extension: (Gmail) - C:\Users\Claudio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22] CHR Extension: (Chrome Media Router) - C:\Users\Claudio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-28] CHR Profile: C:\Users\Claudio\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-04-01] CHR Profile: C:\Users\Claudio\AppData\Local\Google\Chrome\User Data\System Profile [2018-04-01] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.) S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-09] (Adobe Inc. -> Adobe) S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [249104 2016-07-17] (EasyAntiCheat Oy -> EasyAntiCheat Ltd) S3 FileSyncHelper; C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\FileSyncHelper.exe [2188664 2020-11-29] (Microsoft Corporation -> Microsoft Corporation) S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-10-19] (NVIDIA Corporation -> NVIDIA) S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes) S3 mracsvc; C:\Windows\System32\mracsvc.exe [21421728 2020-12-02] (Mail.Ru LLC -> LLC Mail.Ru) S3 OneDrive Updater Service; C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\OneDriveUpdaterService.exe [2553200 2020-11-29] (Microsoft Corporation -> Microsoft Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2523448 2020-12-05] (Electronic Arts, Inc. -> Electronic Arts) R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3478336 2020-12-05] (Electronic Arts, Inc. -> Electronic Arts) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2017-09-02] (Even Balance, Inc. -> ) R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [981080 2020-09-23] (Razer USA Ltd. -> Razer Inc.) R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [307800 2020-09-23] (Razer USA Ltd. -> Razer Inc.) R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [253776 2020-06-24] (Razer USA Ltd. -> Razer Inc) R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [294640 2020-11-17] (Razer USA Ltd. -> Razer Inc.) R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [533376 2020-09-23] (Razer USA Ltd. -> Razer Inc.) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6153048 2020-11-12] (Microsoft Windows Publisher -> Microsoft Corporation) R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU CO LTD -> DEVGURU Co., LTD.) S3 uncheater_bgl; C:\Program Files\Common Files\Uncheater\uncheater_bgl.exe [2097008 2020-04-12] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 AmdTools64; C:\WINDOWS\System32\drivers\AmdTools64.sys [58216 2018-03-23] (Advanced Micro Devices Inc. -> Advanced Micro Devices) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-09-09] (Microsoft Corporation) [File not signed] S3 cpuz148; C:\WINDOWS\temp\cpuz148\cpuz148_x64.sys [44648 2020-12-05] (CPUID S.A.R.L.U. -> CPUID) R1 EneIo; C:\Windows\system32\drivers\ene.sys [17624 2019-05-22] (Microsoft Windows Hardware Compatibility Publisher -> ) S3 gdrv2; C:\Windows\gdrv2.sys [32600 2019-10-01] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.) S3 HWiNFO_152; C:\Users\Claudio\AppData\Local\Temp\HWiNFO64A_152.SYS [63208 2020-11-28] (Martin Malik - REALiX -> REALiX(tm)) <==== ATTENTION S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) S3 mracdrv; C:\WINDOWS\System32\drivers\mracdrv1.sys [20658448 2020-12-02] (Mail.Ru LLC -> LLC Mail.Ru) R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2017-08-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> ) R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [51776 2020-02-17] (Razer USA Ltd. -> Razer Inc) R3 RzDev_005c; C:\WINDOWS\System32\drivers\RzDev_005c.sys [52496 2020-02-17] (Razer USA Ltd. -> Razer Inc) R3 RzDev_0C00; C:\WINDOWS\System32\drivers\RzDev_0C00.sys [52496 2020-02-17] (Razer USA Ltd. -> Razer Inc) R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-12-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [429296 2020-12-04] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-04] (Microsoft Windows -> Microsoft Corporation) U3 idsvc; no ImagePath ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) (Whitelisted) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2020-12-07 23:01 - 2020-12-07 23:01 - 000027368 _____ C:\Users\Claudio\Desktop\FRST.txt 2020-12-07 22:51 - 2020-12-07 22:54 - 000000000 ____D C:\AdwCleaner 2020-12-07 22:42 - 2020-12-07 22:42 - 008447152 _____ (Malwarebytes) C:\Users\Claudio\Desktop\adwcleaner_8.0.8.exe 2020-12-07 01:09 - 2020-12-07 23:01 - 000000000 ____D C:\FRST 2020-12-07 01:06 - 2020-12-07 01:06 - 002288640 _____ (Farbar) C:\Users\Claudio\Desktop\FRST64English.exe 2020-12-07 00:39 - 2020-12-07 00:39 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2020-12-07 00:21 - 2020-12-07 00:21 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2020-12-07 00:21 - 2020-12-07 00:21 - 000001912 _____ C:\ProgramData\Desktop\Malwarebytes.lnk 2020-12-07 00:21 - 2020-12-07 00:21 - 000000000 ____D C:\Users\Claudio\AppData\Local\mbamtray 2020-12-07 00:21 - 2020-12-07 00:21 - 000000000 ____D C:\Users\Claudio\AppData\Local\mbam 2020-12-07 00:21 - 2020-12-07 00:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2020-12-07 00:21 - 2019-02-01 11:20 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2020-12-06 02:09 - 2020-12-06 02:09 - 000000000 ____D C:\WINDOWS\LastGood.Tmp 2020-12-06 02:09 - 2020-11-23 15:40 - 001769688 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe 2020-12-06 02:09 - 2020-11-23 15:40 - 001769688 _____ C:\WINDOWS\system32\vulkaninfo.exe 2020-12-06 02:09 - 2020-11-23 15:40 - 001370328 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2020-12-06 02:09 - 2020-11-23 15:40 - 001370328 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2020-12-06 02:09 - 2020-11-23 15:40 - 001054944 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll 2020-12-06 02:09 - 2020-11-23 15:40 - 001054944 _____ C:\WINDOWS\system32\vulkan-1.dll 2020-12-06 02:09 - 2020-11-23 15:40 - 000917728 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll 2020-12-06 02:09 - 2020-11-23 15:40 - 000917728 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2020-12-06 02:09 - 2020-11-23 15:40 - 000456600 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2020-12-06 02:09 - 2020-11-23 15:40 - 000349936 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2020-12-06 02:09 - 2020-11-23 15:38 - 002096880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2020-12-06 02:09 - 2020-11-23 15:38 - 001585560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2020-12-06 02:09 - 2020-11-23 15:38 - 001507224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2020-12-06 02:09 - 2020-11-23 15:38 - 001159920 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2020-12-06 02:09 - 2020-11-23 15:38 - 000816368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll 2020-12-06 02:09 - 2020-11-23 15:38 - 000813464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2020-12-06 02:09 - 2020-11-23 15:38 - 000674712 _____ C:\WINDOWS\system32\nvofapi64.dll 2020-12-06 02:09 - 2020-11-23 15:38 - 000670616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll 2020-12-06 02:09 - 2020-11-23 15:38 - 000656112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2020-12-06 02:09 - 2020-11-23 15:38 - 000556440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2020-12-06 02:09 - 2020-11-23 15:38 - 000543128 _____ C:\WINDOWS\SysWOW64\nvofapi.dll 2020-12-06 02:09 - 2020-11-23 15:37 - 007706352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2020-12-06 02:09 - 2020-11-23 15:37 - 006860184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2020-12-06 02:09 - 2020-11-23 15:37 - 004175256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2020-12-06 02:09 - 2020-11-23 15:37 - 002508528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2020-12-06 02:09 - 2020-11-23 15:37 - 001733016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6445751.dll 2020-12-06 02:09 - 2020-11-23 15:37 - 001482992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6445751.dll 2020-12-06 02:09 - 2020-11-22 14:29 - 001682368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll 2020-12-06 02:09 - 2020-11-22 14:29 - 000222112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys 2020-12-06 02:09 - 2020-11-22 14:29 - 000038816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll 2020-12-05 22:42 - 2020-12-05 22:42 - 000000000 ____D C:\Users\Claudio\AppData\Local\cache 2020-12-05 18:19 - 2020-12-05 18:19 - 000000000 ____D C:\Program Files (x86)\Origin Games 2020-12-05 18:12 - 2020-12-05 18:12 - 000001066 _____ C:\Users\Public\Desktop\Origin.lnk 2020-12-05 18:12 - 2020-12-05 18:12 - 000001066 _____ C:\ProgramData\Desktop\Origin.lnk 2020-12-05 18:12 - 2020-12-05 18:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin 2020-12-05 18:12 - 2020-12-05 18:12 - 000000000 ____D C:\Program Files (x86)\Origin 2020-12-05 18:09 - 2020-12-05 18:22 - 000000000 ____D C:\Users\Claudio\AppData\Roaming\Origin 2020-12-05 18:09 - 2020-12-05 18:20 - 000000000 ____D C:\Users\Claudio\AppData\Local\Origin 2020-12-05 18:09 - 2020-12-05 18:09 - 000000000 ____D C:\Users\Claudio\.Origin 2020-12-03 17:44 - 2020-12-04 20:37 - 000853267 _____ C:\Users\Claudio\Desktop\Resoconto ore DICEMBRE 2020 di Nalesso Claudio.xlsx 2020-11-29 00:15 - 2020-11-30 16:22 - 000000000 ____D C:\Program Files (x86)\Microsoft OneDrive 2020-11-29 00:15 - 2020-11-29 00:15 - 000003206 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task 2020-11-29 00:15 - 2020-11-29 00:15 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2020-11-29 00:15 - 2020-11-29 00:15 - 000000000 ___RD C:\Users\Default\OneDrive 2020-11-29 00:15 - 2020-11-29 00:15 - 000000000 ___RD C:\Users\Default User\OneDrive 2020-11-29 00:12 - 2020-11-29 00:12 - 000000000 ____D C:\Users\Claudio\AppData\Local\OneDrive 2020-11-29 00:06 - 2020-11-29 00:06 - 000000000 ____D C:\Users\Claudio\Documents\MAXON 2020-11-28 15:09 - 2020-11-28 15:09 - 000000000 ____D C:\Users\Claudio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bing Wallpaper 2020-11-12 18:02 - 2020-11-12 18:02 - 000006977 _____ C:\Users\Claudio\Desktop\050A00920026614.pdf 2020-11-12 13:09 - 2020-11-12 13:09 - 001841152 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2020-11-12 13:09 - 2020-11-12 13:09 - 001101312 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll 2020-11-12 13:09 - 2020-11-12 13:09 - 000200704 _____ C:\WINDOWS\system32\IHDS.dll 2020-11-12 13:09 - 2020-11-12 13:09 - 000164864 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2020-11-12 13:09 - 2020-11-12 13:09 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin 2020-11-12 13:09 - 2020-11-12 13:09 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin 2020-11-12 13:09 - 2020-11-12 13:09 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin 2020-11-12 13:09 - 2020-11-12 13:09 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin 2020-11-12 13:09 - 2020-11-12 13:09 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin 2020-11-12 13:09 - 2020-11-12 13:09 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin 2020-11-12 13:09 - 2020-11-12 13:09 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin 2020-11-12 13:09 - 2020-11-12 13:09 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin 2020-11-12 13:09 - 2020-11-12 13:09 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin 2020-11-12 13:09 - 2020-11-12 13:09 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin 2020-11-12 13:09 - 2020-11-12 13:09 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin 2020-11-12 13:09 - 2020-11-12 13:09 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin 2020-11-11 14:22 - 2020-11-07 23:25 - 001731824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6445730.dll 2020-11-11 14:22 - 2020-11-07 23:25 - 001482992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6445730.dll 2020-11-07 01:52 - 2020-11-07 01:52 - 000000000 ___HD C:\$SysReset ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2020-12-07 23:00 - 2020-07-01 21:33 - 001973848 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2020-12-07 23:00 - 2019-03-19 13:33 - 000853308 _____ C:\WINDOWS\system32\perfh010.dat 2020-12-07 23:00 - 2019-03-19 13:33 - 000179750 _____ C:\WINDOWS\system32\perfc010.dat 2020-12-07 23:00 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF 2020-12-07 22:58 - 2019-10-01 17:33 - 000000000 ____D C:\ProgramData\NVIDIA 2020-12-07 22:57 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2020-12-07 22:54 - 2020-07-01 21:35 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2020-12-07 22:54 - 2019-03-19 05:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2020-12-07 22:44 - 2020-07-01 21:35 - 000003136 _____ C:\WINDOWS\system32\Tasks\MSIAfterburner 2020-12-07 22:44 - 2020-07-01 21:31 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2020-12-07 22:36 - 2018-12-04 17:54 - 000000000 ____D C:\Users\Claudio\AppData\Local\CrashDumps 2020-12-07 01:10 - 2015-05-30 21:03 - 001201032 _____ C:\WINDOWS\ntbtlog.txt 2020-12-07 00:21 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2020-12-07 00:21 - 2015-09-02 20:46 - 000000000 ____D C:\ProgramData\Malwarebytes 2020-12-06 23:39 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness 2020-12-06 02:10 - 2020-07-01 21:33 - 000000000 ____D C:\Users\Claudio 2020-12-06 02:10 - 2016-03-04 22:45 - 000000000 ____D C:\Program Files (x86)\Steam 2020-12-05 23:23 - 2020-03-25 15:29 - 000000000 ____D C:\Users\Claudio\AppData\Local\Battle.net 2020-12-05 23:23 - 2018-01-15 20:52 - 000000000 ____D C:\Users\Claudio\AppData\Roaming\discord 2020-12-05 22:43 - 2020-07-01 21:47 - 000000000 ____D C:\Users\Claudio\AppData\Local\D3DSCache 2020-12-05 22:03 - 2015-08-13 17:38 - 000000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server 2020-12-05 18:22 - 2015-12-20 23:46 - 000000000 ____D C:\ProgramData\Origin 2020-12-05 17:49 - 2020-07-20 17:32 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2020-12-05 17:49 - 2020-07-20 17:32 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2020-12-05 17:49 - 2020-07-20 17:32 - 000002276 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk 2020-12-04 20:42 - 2020-07-01 21:35 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2020-12-03 23:10 - 2020-07-01 21:35 - 000003670 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2020-12-03 23:10 - 2020-07-01 21:35 - 000003546 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2020-12-03 18:20 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps 2020-12-03 17:44 - 2020-06-02 18:39 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2020-12-03 17:44 - 2020-06-02 18:39 - 000002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2020-12-03 17:44 - 2020-06-02 18:39 - 000002258 _____ C:\ProgramData\Desktop\Google Chrome.lnk 2020-12-02 18:18 - 2020-06-09 18:08 - 020658448 _____ (LLC Mail.Ru) C:\WINDOWS\system32\Drivers\mracdrv1.sys 2020-12-02 18:18 - 2017-10-13 17:23 - 021421728 _____ (LLC Mail.Ru) C:\WINDOWS\system32\mracsvc.exe 2020-12-02 18:04 - 2015-08-19 20:42 - 000007607 _____ C:\Users\Claudio\AppData\Local\Resmon.ResmonCfg 2020-11-30 17:18 - 2020-07-20 17:32 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2020-11-30 17:18 - 2020-07-20 17:32 - 000003508 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2020-11-30 16:22 - 2020-07-01 21:44 - 000000000 ____D C:\ProgramData\Microsoft OneDrive 2020-11-30 15:55 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2020-11-29 22:04 - 2018-11-28 17:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer 2020-11-29 02:20 - 2020-07-01 21:45 - 000000000 ___RD C:\Users\Claudio\OneDrive 2020-11-29 00:12 - 2020-07-01 21:41 - 000000000 ____D C:\Users\Claudio\AppData\Local\Packages 2020-11-29 00:06 - 2020-07-05 17:47 - 000000000 ____D C:\Users\Claudio\AppData\Local\PlaceholderTileLogoFolder 2020-11-29 00:06 - 2020-07-01 21:57 - 000000000 ____D C:\ProgramData\Packages 2020-11-29 00:06 - 2015-12-19 20:16 - 000000000 ____D C:\Users\Claudio\AppData\Roaming\MAXON 2020-11-28 23:36 - 2017-07-13 18:03 - 000000000 ____D C:\Users\Claudio\AppData\Local\ElevatedDiagnostics 2020-11-28 17:14 - 2020-09-30 23:13 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2020-11-28 17:14 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp 2020-11-28 15:37 - 2020-07-01 21:35 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2020-11-28 15:37 - 2015-06-16 16:58 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2020-11-23 15:32 - 2019-10-04 15:51 - 007006712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2020-11-23 15:32 - 2019-10-04 15:51 - 005978008 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2020-11-22 14:29 - 2019-10-04 15:32 - 000058620 _____ C:\WINDOWS\system32\nvinfo.pb 2020-11-22 10:45 - 2019-12-08 00:28 - 005510968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2020-11-22 10:45 - 2019-12-08 00:28 - 002636264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll 2020-11-22 10:45 - 2019-12-08 00:28 - 001759032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll 2020-11-22 10:45 - 2019-12-08 00:28 - 000991032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll 2020-11-22 10:45 - 2019-12-08 00:28 - 000194360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll 2020-11-22 10:45 - 2019-12-08 00:28 - 000121144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll 2020-11-22 10:45 - 2019-12-08 00:28 - 000084456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll 2020-11-12 15:36 - 2020-07-01 21:41 - 000000000 __RHD C:\Users\Public\AccountPictures 2020-11-12 15:36 - 2020-07-01 21:41 - 000000000 ___RD C:\Users\Claudio\3D Objects 2020-11-12 15:35 - 2020-07-01 21:31 - 000348912 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2020-11-12 15:34 - 2019-03-19 13:35 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2020-11-12 15:34 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2020-11-12 15:34 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\TextInput 2020-11-12 15:34 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2020-11-12 15:34 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources 2020-11-12 15:34 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\setup 2020-11-12 15:34 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe 2020-11-12 15:34 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\migwiz 2020-11-12 15:34 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences 2020-11-12 15:34 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2020-11-12 15:34 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr 2020-11-12 13:15 - 2015-05-31 01:08 - 000000000 ____D C:\WINDOWS\system32\MRT 2020-11-12 13:12 - 2015-05-31 01:08 - 133736600 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2020-11-12 13:09 - 2020-07-01 21:34 - 002876928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2020-11-12 11:00 - 2020-09-30 23:13 - 000907064 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll 2020-11-12 10:59 - 2020-09-30 23:13 - 000436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll 2020-11-07 01:55 - 2020-07-01 21:41 - 000000000 ____D C:\Users\Claudio\AppData\Local\ConnectedDevicesPlatform 2020-11-07 01:54 - 2019-12-07 17:09 - 000000000 ___HD C:\$WINDOWS.~BT 2020-11-07 01:53 - 2020-07-02 19:17 - 000000000 ____D C:\Program Files\UNP 2020-11-07 01:53 - 2020-06-20 00:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Call of Duty Modern Warfare 2020-11-07 01:53 - 2020-03-25 15:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net 2020-11-07 01:53 - 2019-10-01 17:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2020-11-07 01:53 - 2019-10-01 17:33 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2020-11-07 01:53 - 2019-03-19 13:33 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep 2020-11-07 01:53 - 2019-03-19 05:52 - 000000000 __SHD C:\Program Files\Windows Sidebar 2020-11-07 01:53 - 2019-03-19 05:52 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar 2020-11-07 01:53 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files 2020-11-07 01:53 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2020-11-07 01:53 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\IME 2020-11-07 01:53 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase 2020-11-07 01:53 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\spool 2020-11-07 01:53 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\NDF 2020-11-07 01:53 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Macromed 2020-11-07 01:53 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\IME 2020-11-07 01:53 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ServiceState 2020-11-07 01:53 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\schemas 2020-11-07 01:53 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Registration 2020-11-07 01:53 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Help 2020-11-07 01:53 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2020-11-07 01:53 - 2018-11-28 17:56 - 000000000 ____D C:\Program Files (x86)\Razer 2020-11-07 01:53 - 2018-01-15 20:52 - 000000000 ____D C:\Users\Claudio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc 2020-11-07 01:53 - 2017-07-13 18:37 - 000000000 ____D C:\Users\Claudio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ultracopier 2020-11-07 01:53 - 2016-08-28 21:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2020-11-07 01:53 - 2016-05-15 17:53 - 000000000 ____D C:\WINDOWS\system32\appmgmt 2020-11-07 01:53 - 2016-03-04 22:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2020-11-07 01:53 - 2015-08-31 16:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alice 2020-11-07 01:53 - 2015-08-19 23:28 - 000000000 ____D C:\Users\Claudio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tixati 2020-11-07 01:53 - 2015-08-13 17:38 - 000000000 ____D C:\Users\Claudio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server 2020-11-07 01:53 - 2015-07-26 12:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON 2020-11-07 01:53 - 2015-07-17 18:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2020-11-07 01:53 - 2015-07-05 19:03 - 000000000 __SHD C:\WINDOWS\SysWOW64\AI_RecycleBin 2020-11-07 01:53 - 2015-06-21 21:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps 2020-11-07 01:53 - 2015-06-02 15:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2020-11-07 01:53 - 2015-06-02 15:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinCDEmu 2020-11-07 01:53 - 2015-05-31 18:27 - 000000000 ____D C:\Users\Claudio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2020-11-07 01:53 - 2015-05-30 21:55 - 000000000 ____D C:\Users\Claudio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2020-11-07 01:53 - 2015-05-30 21:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2020-11-07 01:53 - 2015-05-30 19:49 - 000000000 ____D C:\WINDOWS\SysWOW64\vbox 2020-11-07 01:53 - 2015-05-30 19:49 - 000000000 ____D C:\WINDOWS\system32\vbox 2020-11-07 01:53 - 2015-05-30 18:01 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel 2020-11-07 01:53 - 2015-05-30 12:09 - 000000000 ____D C:\Program Files\Intel 2020-11-07 01:53 - 2010-11-21 16:41 - 000000000 ____D C:\WINDOWS\ShellNew 2020-11-07 01:53 - 2009-07-14 06:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2020-11-07 01:53 - 2009-07-14 04:20 - 000000000 ____D C:\WINDOWS\system32\MsDtc 2020-11-07 01:40 - 2020-11-06 04:36 - 000008192 ___SH C:\DumpStack.log.tmp 2020-11-07 01:36 - 2020-07-01 20:52 - 000000000 ___DC C:\WINDOWS\Panther 2020-11-07 01:35 - 2020-07-01 21:35 - 000064773 _____ C:\WINDOWS\diagwrn.xml 2020-11-07 01:35 - 2020-07-01 21:35 - 000064773 _____ C:\WINDOWS\diagerr.xml ==================== Files in the root of some directories ======== 2015-10-05 18:15 - 2015-10-05 18:15 - 000000095 _____ () C:\Users\Claudio\AppData\Local\fusioncache.dat 2015-08-19 20:42 - 2020-12-02 18:04 - 000007607 _____ () C:\Users\Claudio\AppData\Local\Resmon.ResmonCfg ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ======================== This is the Addition.txt log: Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-12-2020 Ran by Claudio (07-12-2020 23:02:38) Running from C:\Users\Claudio\Desktop Windows 10 Pro Version 1909 18363.1198 (X64) (2020-07-01 20:36:05) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1383695700-1847625372-2000665172-500 - Administrator - Disabled) ASPNET (S-1-5-21-1383695700-1847625372-2000665172-1004 - Limited - Enabled) Claudio (S-1-5-21-1383695700-1847625372-2000665172-1000 - Administrator - Enabled) => C:\Users\Claudio DefaultAccount (S-1-5-21-1383695700-1847625372-2000665172-503 - Limited - Disabled) Guest (S-1-5-21-1383695700-1847625372-2000665172-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1383695700-1847625372-2000665172-1002 - Limited - Enabled) WDAGUtilityAccount (S-1-5-21-1383695700-1847625372-2000665172-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Acrobat Reader DC - Italiano (HKLM-x32\...\{AC76BA86-7AD7-1040-7B44-AC0F074E4100}) (Version: 20.013.20066 - Adobe Systems Incorporated) Aggiornamenti NVIDIA 38.0.5.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.5.0 - NVIDIA Corporation) Hidden AORUS ENGINE (HKLM-x32\...\AORUS ENGINE_is1) (Version: 1.7.3.0 - GIGABYTE Technology Co.,Inc.) Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.4.1.000 - Asmedia Technology) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Battlefield 1 (HKLM-x32\...\Battlefield 1_is1) (Version: - ) Battlefield™ V (HKLM-x32\...\{e26b382f-e945-4f70-9318-121b683f1d61}) (Version: 1.0.59.24655 - Electronic Arts) Bing Wallpaper (HKLM-x32\...\{799980CA-D5C6-49C0-95F4-8CA8C48ACBE7}) (Version: 1.0.7.9 - Microsoft Corporation) Black Mesa (HKLM-x32\...\Black Mesa_is1) (Version: - ) Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version: - Blizzard Entertainment) Call of Duty(R) - World at War(TM) 1.2 Patch (HKLM-x32\...\InstallShield_{2BF0AE92-C3BC-4112-9066-1546342B1FAE}) (Version: - ) Hidden Call of Duty(R) - World at War(TM) 1.4 Patch (HKLM-x32\...\InstallShield_{9F01A67B-7D67-482F-9D4F-D5980A440FD4}) (Version: - ) Hidden Call of Duty(R) - World at War(TM) 1.5 Patch (HKLM-x32\...\InstallShield_{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}) (Version: - ) Hidden Call of Duty(R) - World at War(TM) 1.6 Patch (HKLM-x32\...\InstallShield_{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}) (Version: - ) Hidden Call of Duty(R) - World at War(TM) 1.7 Patch (HKLM-x32\...\InstallShield_{750C87B8-AF19-4C3C-B791-50D9C83AE572}) (Version: - ) Hidden Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (HKLM-x32\...\InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}) (Version: - ) Hidden Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (HKLM-x32\...\InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}) (Version: - ) Hidden Call of Duty: Infinite Warfare Update v20161118 (HKLM\...\Y2FsbG9mZHV0eWluZmluaXRld2FyZmFyZQ_is1) (Version: 1 - ) Call of Duty: WWII (HKLM\...\Y2FsbG9mZHV0eXd3aWk_is1) (Version: 1 - ) CPUID CPU-Z OC Formula 1.88 (HKLM\...\CPUID CPU-Z OC Formula_is1) (Version: 1.88 - CPUID, Inc.) CPUID HWMonitor 1.19 (HKLM\...\CPUID HWMonitor_is1) (Version: - ) Discord (HKU\S-1-5-21-1383695700-1847625372-2000665172-1000\...\Discord) (Version: 0.0.308 - Discord Inc.) ENE IO Driver (HKLM-x32\...\{D0512FFD-6194-4D2E-967E-25B82A3322FF}) (Version: 2.0.8 - ENE TECHNOLOGY INC.) Hidden ENE RGB HAL (HKLM\...\{87316426-A33E-41E9-942B-968E928A9A47}) (Version: 1.00.10 - Ene Tech.) Hidden ENE RGB HAL (HKLM-x32\...\{9f93601b-15ea-4e69-8d7c-dfa0f29ae04e}) (Version: 1.00.10 - Ene Tech.) Hidden ENE_EHD_M2_HAL (HKLM\...\{1CD178C9-BB49-4E59-9DA6-3C152E2A9844}) (Version: 1.00.01 - ENE TECHNOLOGY INC.) Hidden ENE_EHD_M2_HAL (HKLM-x32\...\{fe81cfd3-9db4-409d-b0f9-26707d1423c6}) (Version: 1.00.01 - ENE TECHNOLOGY INC.) Hidden Etron USB3.0 Host Controller (HKLM-x32\...\{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.118 - Etron Technology) Hidden Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.118 - Etron Technology) Fraps (HKLM-x32\...\Fraps) (Version: - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.88 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden Grand Theft Auto V Update v1.36 (HKLM-x32\...\R3JhbmRUaGVmdEF1dG9W_is1) (Version: 1 - ) GRAPHISOFT BIMx Desktop Viewer (HKLM\...\BIMx Viewer 23.0 GEN FULL R1 1) (Version: 2019.2.2328.0 - GRAPHISOFT SE) ImagXpress (HKLM-x32\...\{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}) (Version: 7.0.74.0 - Nero AG) Hidden Installazione Guidata Alice ADSL (HKLM-x32\...\{DDC5AF8D-A320-4A8C-805D-9063C6352127}) (Version: - ) Intel(R) Network Connections 18.5.54.0 (HKLM\...\PROSetDX) (Version: 18.5.54.0 - Intel) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation) Malwarebytes versione 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes) Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.55 - Microsoft Corporation) Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - ) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft OneDrive (HKLM-x32\...\OneDriveSetup.exe) (Version: 20.169.0823.0008 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{14297226-E0A0-3781-8911-E9D529552663}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{F03CB3EF-DC16-35CE-B3C1-C68EA09E5E97}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{51adbf11-493f-431c-a862-967a0fae2944}) (Version: 12.0.21005.1 - Корпорация Майкрософт) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{2af972c7-13b0-4978-92a8-fee26a4fb4e9}) (Version: 12.0.21005.1 - Корпорация Майкрософт) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation) MSI Afterburner 4.6.1 (HKLM-x32\...\Afterburner) (Version: 4.6.1 - MSI Co., LTD) NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden NVIDIA Driver audio HD 1.3.38.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.35 - NVIDIA Corporation) NVIDIA Driver grafico 457.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 457.51 - NVIDIA Corporation) NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation) NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation) NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation) NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Origin (HKLM-x32\...\Origin) (Version: 10.5.89.45622 - Electronic Arts, Inc.) Pannello di controllo NVIDIA 457.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 457.51 - NVIDIA Corporation) Hidden Patriot Viper M2 SSD RGB (HKLM\...\{0886A906-0625-4A43-930D-AA92F6665AF4}) (Version: 1.00.00 - Patriot Memory) Hidden Patriot Viper M2 SSD RGB (HKLM-x32\...\{0edb50a3-501b-40f9-b197-0d143fdef576}) (Version: 1.00.00 - Patriot Memory) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.) Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.5.1130.111812 - Razer Inc.) RGB Fusion (HKLM-x32\...\{FFA8F1FA-3C2C-4A94-AC0B-0DF47272C25F}) (Version: 3.19.0917.1 - GIGABYTE) RivaTuner Statistics Server 7.1.0 (HKLM-x32\...\RTSS) (Version: 7.1.0 - Unwinder) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.0.5 - Rockstar Games) Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.) Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung) SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - ) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Tixati (HKLM-x32\...\tixati) (Version: - ) Ultracopier 1.2.3.6 (HKLM-x32\...\Ultracopier) (Version: 1.2.3.6 - Ultracopier) VC_CRT_x64 (HKLM\...\{54F2237F-018C-483B-8884-9FC0D88840C3}) (Version: 1.02.0000 - Intel Corporation) Hidden VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN) Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.51.0 (HKLM\...\VulkanRT1.0.51.0) (Version: 1.0.51.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.54.0 (HKLM\...\VulkanRT1.0.54.0) (Version: 1.0.54.0 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.54.0 (HKLM\...\VulkanRT1.0.54.0-2) (Version: 1.0.54.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden Warface My.Com (HKU\S-1-5-21-1383695700-1847625372-2000665172-1000\...\Warface My.Com) (Version: 1.48 - My.com B.V.) WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 3.6 - Bazis) WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) Packages: ========= Amazon Prime Video for Windows -> C:\Program Files\WindowsApps\AmazonVideo.PrimeVideo_1.0.39.0_x64__pwbj9vvecjh7j [2020-12-03] (Amazon Development Centre (London) Ltd) Componente aggiuntivo motore dei supporti Foto -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-11-28] (Microsoft Corporation) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-07-04] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-07-04] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-10-24] (Microsoft Studios) [MS Ad] ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1383695700-1847625372-2000665172-1000_Classes\CLSID\{47E6DCAF-41F8-441C-BD0E-A50D5FE6C4D1}\localserver32 -> C:\Users\Claudio\AppData\Local\Microsoft\OneDrive\20.169.0823.0008\MicrosoftListSync.exe => No File CustomCLSID: HKU\S-1-5-21-1383695700-1847625372-2000665172-1000_Classes\CLSID\{917E8742-AA3B-7318-FA12-10485FB322A2}\localserver32 -> C:\Users\Claudio\AppData\Local\Microsoft\OneDrive\20.169.0823.0008\MicrosoftListSync.exe => No File ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-11-29] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-11-29] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-11-29] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-11-29] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-11-29] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-11-29] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-11-29] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-11-29] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-11-29] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-11-29] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-11-29] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-11-29] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-11-29] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-11-29] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-11-29] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers1: [WinCDEmu] -> {D0E37FD2-F675-426F-B09A-2CF37BA46FD5} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2011-08-08] (SysProgs.org) [File not signed] ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-28] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-28] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2011-08-08] (SysProgs.org) [File not signed] ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-11-29] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\20.169.0823.0008\amd64\FileSyncShell64.dll [2020-11-29] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-11-22] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-28] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-28] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed] HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [71680 2013-02-26] (Beepa P/L) [File not signed] HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed] HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [65536 2013-02-26] (Beepa P/L) [File not signed] HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [180224 2010-08-03] () [File not signed] ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\":: WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99] WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate] ==================== Loaded Modules (Whitelisted) ============= 2019-04-21 09:33 - 2019-04-21 09:33 - 000232448 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTCore.dll 2019-04-21 09:32 - 2019-04-21 09:32 - 000057344 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTFC.dll 2019-04-21 09:33 - 2019-04-21 09:33 - 000649216 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTHAL.dll 2019-04-21 09:32 - 2019-04-21 09:32 - 000074240 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTMUI.dll 2019-04-21 09:33 - 2019-04-21 09:33 - 000367104 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTUI.dll 2018-03-15 10:31 - 2018-03-15 10:31 - 000055808 _____ () [File not signed] C:\Program Files (x86)\RivaTuner Statistics Server\RTFC.dll 2018-03-15 10:31 - 2018-03-15 10:31 - 000072704 _____ () [File not signed] C:\Program Files (x86)\RivaTuner Statistics Server\RTMUI.dll 2018-03-15 10:31 - 2018-03-15 10:31 - 000353792 _____ () [File not signed] C:\Program Files (x86)\RivaTuner Statistics Server\RTUI.dll 2013-08-07 13:24 - 2013-08-07 13:24 - 000286720 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll 2015-05-30 18:01 - 2015-05-30 18:00 - 000073728 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll 2013-08-07 13:24 - 2013-08-07 13:24 - 000514048 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll 2019-05-09 17:20 - 2005-06-09 00:02 - 000119808 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\E_ILMACE.DLL 2009-07-14 02:20 - 2009-07-14 02:40 - 000077824 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\EP0SLM01.DLL 2011-06-04 21:14 - 2011-08-08 19:11 - 000202752 _____ (SysProgs.org) [File not signed] C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll 2020-12-05 18:12 - 2020-12-05 18:12 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll 2020-12-05 18:12 - 2020-12-05 18:12 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll 2020-12-05 18:12 - 2020-12-05 18:12 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll 2020-12-05 18:12 - 2020-12-05 18:12 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll 2020-12-05 18:12 - 2020-12-05 18:12 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll 2020-12-05 18:12 - 2020-12-05 18:12 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll 2020-12-05 18:12 - 2020-12-05 18:12 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll 2020-12-05 18:12 - 2020-12-05 18:12 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll 2020-12-05 18:12 - 2020-12-05 18:12 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll 2020-11-29 22:04 - 2020-09-23 01:27 - 000050976 _____ (WDKTestCert jenkins,132209371768038986 -> Razer Inc) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\15320C00-00FF-FFFF-0000-81B2410B8000.mod 2020-11-29 22:04 - 2020-09-23 01:27 - 000090400 _____ (WDKTestCert jenkins,132209371768038986 -> Razer Inc.) [File not signed] C:\Program Files (x86)\Razer Chroma SDK\bin\1532005C-00FF-FFFF-0000-813B1AB02000.mod ==================== Alternate Data Streams (Whitelisted) ======== ==================== Safe Mode (Whitelisted) ================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ========== DownloadDir: C:\Users\Claudio\Desktop BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation) DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:34 - 2020-07-01 19:50 - 000000912 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\AMD\ATI.ACE\Core-Static;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Users\Claudio\AppData\Local\Microsoft\WindowsApps HKU\S-1-5-21-1383695700-1847625372-2000665172-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Claudio\AppData\Local\Microsoft\BingWallpaperApp\WPImages\20201207.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (If an entry is included in the fixlist, it will be removed.) MSCONFIG\startupfolder: C:^Users^Claudio^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Moongamers Patch Switcher.lnk => C:\Windows\pss\Moongamers Patch Switcher.lnk.Startup MSCONFIG\startupreg: Raptr => "C:\Program Files (x86)\Raptr\raptrstub.exe" --startup HKLM\...\StartupApproved\Run32: => "BCSSync" HKU\S-1-5-21-1383695700-1847625372-2000665172-1000\...\StartupApproved\Run: => "OneDrive" ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [UDP Query User{7F3AD67F-C069-4152-90AE-5E04B6ABF300}G:\pc games\call of duty modern warfare\modernwarfare.exe] => (Allow) G:\pc games\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision) FirewallRules: [TCP Query User{3685C690-8CAC-4421-9E13-F14337C35DAC}G:\pc games\call of duty modern warfare\modernwarfare.exe] => (Allow) G:\pc games\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision) FirewallRules: [UDP Query User{79C101AF-5CB7-4F47-B31E-1D35364EC854}C:\program files (x86)\steam\steamapps\common\warface\13_2000076\bin64release\game.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\warface\13_2000076\bin64release\game.exe (warface -> Crytek GmbH) FirewallRules: [TCP Query User{44AB2B73-04A6-4D0F-B6B8-80DCF3515F98}C:\program files (x86)\steam\steamapps\common\warface\13_2000076\bin64release\game.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\warface\13_2000076\bin64release\game.exe (warface -> Crytek GmbH) FirewallRules: [UDP Query User{A596901D-E854-48B7-8B03-CC830B497EA5}F:\programmi\sierra\swat 4\contentexpansion\system\swat4x.exe] => (Allow) F:\programmi\sierra\swat 4\contentexpansion\system\swat4x.exe => No File FirewallRules: [TCP Query User{B7EA6995-5892-4B0F-9C92-90740F0D78FD}F:\programmi\sierra\swat 4\contentexpansion\system\swat4x.exe] => (Allow) F:\programmi\sierra\swat 4\contentexpansion\system\swat4x.exe => No File FirewallRules: [UDP Query User{98804F61-BF4D-45F7-85AA-24185F0EA689}C:\program files (x86)\steam\steamapps\common\warface\gamecenter\gamecenter.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\warface\gamecenter\gamecenter.exe (Mail.Ru LLC -> ) FirewallRules: [TCP Query User{9CA6A7D2-9931-47FD-A663-CF84E7E05071}C:\program files (x86)\steam\steamapps\common\warface\gamecenter\gamecenter.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\warface\gamecenter\gamecenter.exe (Mail.Ru LLC -> ) FirewallRules: [UDP Query User{D6EF555E-BD8D-4714-9D73-1D30A255FA1A}G:\pc games\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) G:\pc games\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe => No File FirewallRules: [TCP Query User{F2D68FF0-8C8F-4A6B-8695-F96027117299}G:\pc games\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe] => (Allow) G:\pc games\pubglite\client\shadowtrackerextra\binaries\win64\pubglite-win64-shipping.exe => No File FirewallRules: [{E380B37A-3DC3-40A4-B5AC-29C52F8B5F0F}] => (Allow) G:\PC Games\SteamLibrary\steamapps\common\Source SDK Base 2007\hl2.exe => No File FirewallRules: [{0FDA60A3-00F2-4D7F-A1A2-2C75ECBCA2D6}] => (Allow) G:\PC Games\SteamLibrary\steamapps\common\Source SDK Base 2007\hl2.exe => No File FirewallRules: [{A6D69026-F6EB-406F-8250-059F7E75F268}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\Warface\Bin32Release\Game.exe => No File FirewallRules: [{59369DEF-DDA8-40F2-B766-29BB23E3D3A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\Warface\Bin32Release\Game.exe => No File FirewallRules: [{728CAFC0-CB93-41A1-B675-F977C29A698E}] => (Allow) G:\PC Games\bfv.exe => No File FirewallRules: [{2C42487D-DC0A-4A9E-817A-300A2F4E0713}] => (Allow) G:\PC Games\bfv.exe => No File FirewallRules: [{3543B233-B815-4F3E-94E0-1AA0DE191A0B}] => (Allow) G:\PC Games\bfvTrial.exe => No File FirewallRules: [{1201EC12-516C-49A5-A254-F2CABFC9CF11}] => (Allow) G:\PC Games\bfvTrial.exe => No File FirewallRules: [UDP Query User{99CDFD73-E3C7-4A29-8978-CE97BD9F89C4}C:\program files (x86)\steam\steamapps\common\warface\warface\bin64release\game.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\warface\warface\bin64release\game.exe => No File FirewallRules: [TCP Query User{3EE91818-48E5-46A1-AF25-EAE42377C6C8}C:\program files (x86)\steam\steamapps\common\warface\warface\bin64release\game.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\warface\warface\bin64release\game.exe => No File FirewallRules: [{2FBAAAE6-3667-4578-84F7-378F68993B36}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{3936FBFA-D4B1-4582-B20B-73E11627F06A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [UDP Query User{9B5DD3B6-E7D0-47F7-A254-08DDAA3EAF4F}C:\program files (x86)\steam\steamapps\common\warface\gamecenter\gamecenter.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\warface\gamecenter\gamecenter.exe (Mail.Ru LLC -> ) FirewallRules: [TCP Query User{C46E9B3B-B595-4B28-9518-4AB9F1D1A44F}C:\program files (x86)\steam\steamapps\common\warface\gamecenter\gamecenter.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\warface\gamecenter\gamecenter.exe (Mail.Ru LLC -> ) FirewallRules: [{838597BB-4DEA-4640-87D6-532D91B1E7B1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{8FEAAC08-BA7D-40FA-9298-CE4D769B1254}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [UDP Query User{550AC600-C432-4276-9016-D9B4A2647705}C:\users\claudio\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\claudio\appdata\local\gamecenter\gamecenter.exe => No File FirewallRules: [TCP Query User{89E63931-8643-48DE-B927-8A17257AD465}C:\users\claudio\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\claudio\appdata\local\gamecenter\gamecenter.exe => No File FirewallRules: [UDP Query User{0857DBD5-0D9A-43F8-AF0A-F2A7C78CBACA}C:\program files (x86)\steam\steamapps\common\warface\mycomgames\gamecenter.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\warface\mycomgames\gamecenter.exe (Mail.Ru, LLC -> ) FirewallRules: [TCP Query User{A67DBCDF-2E11-44EE-B837-AA1435036B4C}C:\program files (x86)\steam\steamapps\common\warface\mycomgames\gamecenter.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\warface\mycomgames\gamecenter.exe (Mail.Ru, LLC -> ) FirewallRules: [UDP Query User{FA467AAC-B28C-4936-B426-4760C2981A08}G:\pc games\call of duty infinite warfare\iw7_ship.exe] => (Allow) G:\pc games\call of duty infinite warfare\iw7_ship.exe (Activision Publishing -> Activision) FirewallRules: [TCP Query User{F853801F-E1A7-4587-99A0-A76229541E48}G:\pc games\call of duty infinite warfare\iw7_ship.exe] => (Allow) G:\pc games\call of duty infinite warfare\iw7_ship.exe (Activision Publishing -> Activision) FirewallRules: [UDP Query User{405D19E6-D6E2-42E4-BE4F-0D2B98FDA3B9}G:\pc games\call of duty infinite warfare\iw7_ship.exe] => (Allow) G:\pc games\call of duty infinite warfare\iw7_ship.exe (Activision Publishing -> Activision) FirewallRules: [TCP Query User{F258D646-44A5-45EF-B415-7D2F01C40573}G:\pc games\call of duty infinite warfare\iw7_ship.exe] => (Allow) G:\pc games\call of duty infinite warfare\iw7_ship.exe (Activision Publishing -> Activision) FirewallRules: [UDP Query User{542CE3F8-F2B7-4D9E-A0B2-2990F61B5ADD}G:\pc games\battlefield 1\bf1.exe] => (Allow) G:\pc games\battlefield 1\bf1.exe (EA Digital Illusions CE AB) [File not signed] FirewallRules: [TCP Query User{81EA9F55-67B7-4B56-AD88-20AF0DB944D1}G:\pc games\battlefield 1\bf1.exe] => (Allow) G:\pc games\battlefield 1\bf1.exe (EA Digital Illusions CE AB) [File not signed] FirewallRules: [UDP Query User{480F27E8-0B33-48A9-BB92-09D91A712BE0}C:\program files (x86)\steam\steamapps\common\warface\mycomgames\mycomgames.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\warface\mycomgames\mycomgames.exe (Mail.Ru, LLC -> ) FirewallRules: [TCP Query User{048B567A-CEEB-4003-8AD2-F24B9FC11C9E}C:\program files (x86)\steam\steamapps\common\warface\mycomgames\mycomgames.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\warface\mycomgames\mycomgames.exe (Mail.Ru, LLC -> ) FirewallRules: [{F59AA3C5-E92B-444E-8A8E-6B01881709D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\Warface\Bin32Release\Game.exe => No File FirewallRules: [{78F3A1BA-A53F-472A-BC89-52C226828132}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\Warface\Bin32Release\Game.exe => No File FirewallRules: [{FE961EE3-E991-49E7-8762-F8699EA21671}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> ) FirewallRules: [{F5BD70BC-DE58-4449-998D-06B05E3ABC27}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> ) FirewallRules: [{CDAFBDB2-7EBF-44EB-99F3-9FC42BDF37E9}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> ) FirewallRules: [{EDDC1245-9656-4D78-AF60-D89EDFC5CE16}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> ) FirewallRules: [UDP Query User{F8E60D6C-6D2A-40A8-B037-89280D5257DC}C:\users\claudio\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\claudio\appdata\local\mycomgames\mycomgames.exe => No File FirewallRules: [TCP Query User{B8E6669E-74A0-4D9B-AC03-FD3DA1CEEE1F}C:\users\claudio\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\claudio\appdata\local\mycomgames\mycomgames.exe => No File FirewallRules: [{36092DC3-D223-4292-BD9C-0B44C4213AB9}] => (Allow) C:\Program Files (x86)\Grand Theft Auto V\GTA5.exe (Rockstar Games) [File not signed] FirewallRules: [{D4E4E972-21FF-4A48-B553-7CAA59D9E55F}] => (Allow) C:\Program Files (x86)\Grand Theft Auto V\GTA5.exe (Rockstar Games) [File not signed] FirewallRules: [{5C47997D-75E6-45A8-B2F4-DE92238DEE64}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe => No File FirewallRules: [{3E797524-9E32-4477-88AB-AEF4A3A7884B}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe => No File FirewallRules: [{678E79EF-3842-499A-9C43-AFC6A16C0278}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\WarfaceMycomSteamLoader.exe (Mail.Ru LLC -> ) FirewallRules: [{1EEC753F-54C9-441C-8EB8-AB193789E8D4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\WarfaceMycomSteamLoader.exe (Mail.Ru LLC -> ) FirewallRules: [UDP Query User{7D1D1039-5003-4A55-A98B-A6D5CDF3847B}C:\users\claudio\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\claudio\appdata\local\mycomgames\mycomgames.exe => No File FirewallRules: [TCP Query User{A83D3400-8BFA-4715-9C90-EC72D8C062A6}C:\users\claudio\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\claudio\appdata\local\mycomgames\mycomgames.exe => No File FirewallRules: [{91EA3725-6F0B-4E22-BE77-5583E5B2D6CB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\live\gflauncher.exe => No File FirewallRules: [{2CED271A-E6C4-469A-A1C0-711439DB2E41}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\live\gflauncher.exe => No File FirewallRules: [{C6BE77D3-3629-4781-B3BE-7F8A747A46FC}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File FirewallRules: [{221BFA43-2177-4C70-BA9C-464FE3FE1535}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File FirewallRules: [UDP Query User{495662A4-6F25-4C2A-8170-D53BF51569D7}C:\program files (x86)\activision\call of duty modern warfare remastered\h1_sp64_ship.exe] => (Block) C:\program files (x86)\activision\call of duty modern warfare remastered\h1_sp64_ship.exe => No File FirewallRules: [TCP Query User{870B8C7B-96B9-4871-B0C0-BEEACF870A92}C:\program files (x86)\activision\call of duty modern warfare remastered\h1_sp64_ship.exe] => (Block) C:\program files (x86)\activision\call of duty modern warfare remastered\h1_sp64_ship.exe => No File FirewallRules: [UDP Query User{3B3B1FD7-3FD7-4912-801C-1C520F10914B}C:\program files (x86)\activision\call of duty modern warfare remastered\h1_sp64_ship.exe] => (Block) C:\program files (x86)\activision\call of duty modern warfare remastered\h1_sp64_ship.exe => No File FirewallRules: [TCP Query User{F69ACFBF-44D0-4440-8E42-F9671E8A122E}C:\program files (x86)\activision\call of duty modern warfare remastered\h1_sp64_ship.exe] => (Block) C:\program files (x86)\activision\call of duty modern warfare remastered\h1_sp64_ship.exe => No File FirewallRules: [{D6F2BE44-96F9-4630-9D7F-1A85E12E14B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\live\nw.exe => No File FirewallRules: [{92535385-5D20-4E5F-826A-B20AC33C6FDA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\live\nw.exe => No File FirewallRules: [{01A2B7F0-8B8E-4179-96D0-4DE6483F2CD1}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe => No File FirewallRules: [{56A0FD02-96EC-4D98-B5A9-80C6923537E5}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe => No File FirewallRules: [{7E9C06DC-D811-4736-9866-CBBEAA7F2123}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe => No File FirewallRules: [{663476C7-F9F8-49D2-BE67-04F249748FB3}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe => No File FirewallRules: [UDP Query User{BC56D461-AFA9-4A86-BE76-50ED87A89BCD}C:\program files (x86)\activision\call of duty black ops iii\blackops3.exe] => (Block) C:\program files (x86)\activision\call of duty black ops iii\blackops3.exe => No File FirewallRules: [TCP Query User{108D921A-7947-41B7-AE67-1FB6BDE3E271}C:\program files (x86)\activision\call of duty black ops iii\blackops3.exe] => (Block) C:\program files (x86)\activision\call of duty black ops iii\blackops3.exe => No File FirewallRules: [UDP Query User{86896568-78F9-4DB4-BBF8-99A168873C19}C:\program files (x86)\activision\call of duty black ops iii\blackops3.exe] => (Block) C:\program files (x86)\activision\call of duty black ops iii\blackops3.exe => No File FirewallRules: [TCP Query User{8CD46721-AB89-421A-BD58-C129952DDFFB}C:\program files (x86)\activision\call of duty black ops iii\blackops3.exe] => (Block) C:\program files (x86)\activision\call of duty black ops iii\blackops3.exe => No File FirewallRules: [{EA3322B8-6295-44D9-A593-73D04C5A7949}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SKILL\Binaries\Win32\sf2.exe => No File FirewallRules: [{3C2B4969-DA8E-4E02-BFEB-FD895A8B4754}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SKILL\Binaries\Win32\sf2.exe => No File FirewallRules: [UDP Query User{A28BAD43-A077-451C-9853-4D05235984B6}C:\program files (x86)\activision\call of duty - world at war\codwaw lanfixed.exe] => (Allow) C:\program files (x86)\activision\call of duty - world at war\codwaw lanfixed.exe => No File FirewallRules: [TCP Query User{5CCC3226-202D-487C-91F0-DF0227502776}C:\program files (x86)\activision\call of duty - world at war\codwaw lanfixed.exe] => (Allow) C:\program files (x86)\activision\call of duty - world at war\codwaw lanfixed.exe => No File FirewallRules: [{832DDACA-F675-4197-8BC9-705AF89E8926}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty - World at War\CoD 5 1.7 Privat Client Patch.exe => No File FirewallRules: [{A6FA5ECE-6862-44B0-AEB0-656D50855107}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty - World at War\CoD 5 1.7 Privat Client Patch.exe => No File FirewallRules: [{C3EDA4EB-70E4-4732-8863-0F3DED95C81E}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty - World at War\CoD 5 1.7 Privat Client Patch.exe => No File FirewallRules: [{088DB75A-E968-4961-B23D-0B969E3C5AE2}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty - World at War\CoD 5 1.7 Privat Client Patch.exe => No File FirewallRules: [UDP Query User{30A5FE32-9FDA-4D60-ADD4-B58768A1F1E1}C:\program files (x86)\activision\call of duty black ops 2\t6sp.exe] => (Block) C:\program files (x86)\activision\call of duty black ops 2\t6sp.exe => No File FirewallRules: [TCP Query User{E6039E56-EC2D-4F27-B848-FA0455F4A503}C:\program files (x86)\activision\call of duty black ops 2\t6sp.exe] => (Block) C:\program files (x86)\activision\call of duty black ops 2\t6sp.exe => No File FirewallRules: [UDP Query User{E21DE62A-5191-42A6-A9AB-F42358F90E37}C:\program files (x86)\farming simulator 15\x64\farmingsimulator2015game.exe] => (Block) C:\program files (x86)\farming simulator 15\x64\farmingsimulator2015game.exe => No File FirewallRules: [TCP Query User{36BB2951-5D0D-4037-B558-9EAD5B893145}C:\program files (x86)\farming simulator 15\x64\farmingsimulator2015game.exe] => (Block) C:\program files (x86)\farming simulator 15\x64\farmingsimulator2015game.exe => No File FirewallRules: [UDP Query User{F59A9F82-2B03-45F0-AD26-17797D70C040}C:\program files\tixati\tixati\tixati.exe] => (Allow) C:\program files\tixati\tixati\tixati.exe (Tixati Software Inc. -> Tixati Software Inc.) FirewallRules: [TCP Query User{9F6DBCEE-FB23-4DEF-AD38-7765D60868D3}C:\program files\tixati\tixati\tixati.exe] => (Allow) C:\program files\tixati\tixati\tixati.exe (Tixati Software Inc. -> Tixati Software Inc.) FirewallRules: [UDP Query User{FF29D624-8CEE-42D0-9198-2B3A0641E96F}C:\program files (x86)\activision\call of duty black ops 1\blackops.exe] => (Block) C:\program files (x86)\activision\call of duty black ops 1\blackops.exe => No File FirewallRules: [TCP Query User{BD86D1C9-43C1-473E-B5AE-884A27EE009B}C:\program files (x86)\activision\call of duty black ops 1\blackops.exe] => (Block) C:\program files (x86)\activision\call of duty black ops 1\blackops.exe => No File FirewallRules: [UDP Query User{15C2A671-31D3-4518-9857-2822A0AC5936}C:\program files (x86)\activision\call of duty black ops 1\blackops.exe] => (Block) C:\program files (x86)\activision\call of duty black ops 1\blackops.exe => No File FirewallRules: [TCP Query User{AFBDCD63-E4D1-4F45-A948-02F47C31517C}C:\program files (x86)\activision\call of duty black ops 1\blackops.exe] => (Block) C:\program files (x86)\activision\call of duty black ops 1\blackops.exe => No File FirewallRules: [{76C46F22-293A-488E-97C1-51F27CCD172E}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe => No File FirewallRules: [{8597B547-CBA6-4EA6-86AD-DAB6F3113438}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe => No File FirewallRules: [{556EFD8B-9021-4BCB-A190-CE2BDBEB46A8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{A6AEC18C-E51D-4D29-9D6D-DCB062DFB56D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [UDP Query User{A3251756-CDD2-4D7F-94D6-132D2EDA9C97}C:\users\claudio\desktop\asd\bin32\crysis3.exe] => (Block) C:\users\claudio\desktop\asd\bin32\crysis3.exe => No File FirewallRules: [TCP Query User{15928312-EC69-4D01-B112-C1B99370B421}C:\users\claudio\desktop\asd\bin32\crysis3.exe] => (Block) C:\users\claudio\desktop\asd\bin32\crysis3.exe => No File FirewallRules: [{5C21AD36-0EA4-4F43-92F8-BF1310C1F3EE}] => (Block) %USERPROFILE%\Desktop\asd\Bin32\Crysis3.exe => No File FirewallRules: [UDP Query User{D9883A42-18EF-47B2-8707-B06D67AC5047}C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe] => (Allow) C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe => No File FirewallRules: [TCP Query User{194D8A1E-983B-4E7A-8330-DA9C85AE2734}C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe] => (Allow) C:\program files (x86)\activision\call of duty 2\cod2mp_s.exe => No File FirewallRules: [{C4CED3E4-0E9B-490B-87EB-C4B0B588258D}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe => No File FirewallRules: [{67C58939-DB0A-4147-9047-D58869CFFE1F}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe => No File FirewallRules: [{E7B2E7D4-3C2F-43F6-B884-50E1B99D6440}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe => No File FirewallRules: [{1CEED03A-D046-495F-9437-3674A1D60FAD}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe => No File FirewallRules: [UDP Query User{3F3BA617-0495-4980-9FCB-8FDAB34EFABA}C:\program files\tixati\tixati.exe] => (Allow) C:\program files\tixati\tixati.exe (Tixati Software Inc. -> Tixati Software Inc.) [File not signed] FirewallRules: [TCP Query User{5D68E376-E4DC-4412-B39F-41735A9D5753}C:\program files\tixati\tixati.exe] => (Allow) C:\program files\tixati\tixati.exe (Tixati Software Inc. -> Tixati Software Inc.) [File not signed] FirewallRules: [UDP Query User{BE5308FD-DC2A-4BA5-BFFD-30DD83B3F7AB}C:\program files (x86)\activision\call of duty - world at war\codwaw.exe] => (Allow) C:\program files (x86)\activision\call of duty - world at war\codwaw.exe => No File FirewallRules: [TCP Query User{2EF79F95-ADA3-40D7-95CD-CE013CE74D32}C:\program files (x86)\activision\call of duty - world at war\codwaw.exe] => (Allow) C:\program files (x86)\activision\call of duty - world at war\codwaw.exe => No File FirewallRules: [UDP Query User{8F2E4779-F7DE-48C7-BED3-23DA88302CFF}C:\program files\tixati\tixati.exe] => (Allow) C:\program files\tixati\tixati.exe (Tixati Software Inc. -> Tixati Software Inc.) [File not signed] FirewallRules: [TCP Query User{C466D57A-8FBD-4DA0-A241-F5F482AA8968}C:\program files\tixati\tixati.exe] => (Allow) C:\program files\tixati\tixati.exe (Tixati Software Inc. -> Tixati Software Inc.) [File not signed] FirewallRules: [{F880E3F4-4D85-4FA3-9CE9-D8E50FA3DF53}] => (Allow) C:\Program Files (x86)\Grand Theft Auto V\PlayGTAV.exe => No File FirewallRules: [{C13F5897-0610-4DCF-BD9B-C373665143A7}] => (Allow) C:\Program Files (x86)\Grand Theft Auto V\PlayGTAV.exe => No File FirewallRules: [{DB56F530-B1D4-48EE-A6F3-181070BC4219}] => (Allow) C:\Program Files (x86)\Grand Theft Auto V\PlayGTAV.exe => No File FirewallRules: [{0C36616E-EEDD-4091-90B2-5445AB478CA6}] => (Allow) C:\Program Files (x86)\Grand Theft Auto V\PlayGTAV.exe => No File FirewallRules: [{23369249-D802-49D2-8AD2-FEF5D464213A}] => (Allow) C:\Program Files (x86)\Grand Theft Auto V\GTAVLauncher.exe (Rockstar Games) [File not signed] FirewallRules: [{16EF0CD7-A62F-4BDC-848D-EDCFF860D64D}] => (Allow) C:\Program Files (x86)\Grand Theft Auto V\GTAVLauncher.exe (Rockstar Games) [File not signed] FirewallRules: [{358534EB-6EF4-4541-ADDF-346EF420602E}] => (Allow) C:\Program Files (x86)\Grand Theft Auto V\GTAVLauncher.exe (Rockstar Games) [File not signed] FirewallRules: [{BAAF1C94-5CFE-4EBE-A4B7-61C86325F2FF}] => (Allow) C:\Program Files (x86)\Grand Theft Auto V\GTAVLauncher.exe (Rockstar Games) [File not signed] FirewallRules: [{0D7F1FD8-F31E-409F-AD21-3442E5956092}] => (Allow) C:\Program Files (x86)\Grand Theft Auto V\GTA5.exe (Rockstar Games) [File not signed] FirewallRules: [{A5E9C405-FB91-4C32-ACBD-7FCE0CAF5E73}] => (Allow) C:\Program Files (x86)\Grand Theft Auto V\GTA5.exe (Rockstar Games) [File not signed] FirewallRules: [{9869E130-9F9E-4776-89DE-132C0FB165B6}] => (Allow) C:\Program Files (x86)\Grand Theft Auto V\GTA5.exe (Rockstar Games) [File not signed] FirewallRules: [{4834E711-4FE5-422D-811D-A464AF386388}] => (Allow) C:\Program Files (x86)\Grand Theft Auto V\GTA5.exe (Rockstar Games) [File not signed] FirewallRules: [{3B86E401-6C59-4422-B63F-7595E8EBF5FF}] => (Allow) C:\Program Files (x86)\Grand Theft Auto V\Launcher.exe => No File FirewallRules: [{6A36CD1F-0804-4561-BB14-845BF6A99B01}] => (Allow) C:\Program Files (x86)\Grand Theft Auto V\Launcher.exe => No File FirewallRules: [{12762E6A-C28A-42DB-881E-39EBD172F05B}] => (Allow) C:\Program Files (x86)\Grand Theft Auto V\Launcher.exe => No File FirewallRules: [{CD091F94-FE8A-4326-A1A7-DB8E446741F8}] => (Allow) C:\Program Files (x86)\Grand Theft Auto V\Launcher.exe => No File FirewallRules: [{C28D56D2-C328-45F3-8B6D-CAAC17C0CF9F}] => (Block) C:\program files (x86)\electronic arts\crytek\crysis\bin64\crysis64.exe => No File FirewallRules: [{4A38AF68-32D8-4F02-AF72-8B2A0413691F}] => (Block) C:\program files (x86)\electronic arts\crytek\crysis\bin64\crysis64.exe => No File FirewallRules: [UDP Query User{E15F50A3-FD16-49C1-B15C-F15A3592F800}C:\program files (x86)\electronic arts\crytek\crysis\bin64\crysis64.exe] => (Allow) C:\program files (x86)\electronic arts\crytek\crysis\bin64\crysis64.exe => No File FirewallRules: [TCP Query User{03AC8097-E36D-4F51-A468-BF01F5430588}C:\program files (x86)\electronic arts\crytek\crysis\bin64\crysis64.exe] => (Allow) C:\program files (x86)\electronic arts\crytek\crysis\bin64\crysis64.exe => No File FirewallRules: [UDP Query User{2EC086F9-0438-4880-82D3-A7DB8540646A}F:\programmi\sierra\swat 4\contentexpansion\system\swat4xdedicatedserver.exe] => (Allow) F:\programmi\sierra\swat 4\contentexpansion\system\swat4xdedicatedserver.exe => No File FirewallRules: [TCP Query User{89E226DE-5E5C-4D0E-BFAD-F7D4B2F367A3}F:\programmi\sierra\swat 4\contentexpansion\system\swat4xdedicatedserver.exe] => (Allow) F:\programmi\sierra\swat 4\contentexpansion\system\swat4xdedicatedserver.exe => No File FirewallRules: [{109389EE-C65D-4A72-947F-32DAB12E54CD}] => (Allow) C:\Program Files\Echobit\Evolve\EvolveClient.exe => No File FirewallRules: [{53CC238D-7F5A-4EE5-9237-53EE81D06A0B}] => (Allow) C:\Program Files\Echobit\Evolve\EvoSvc.exe => No File FirewallRules: [UDP Query User{3DB6BEB5-9B6F-4AFD-924E-95FDD589B37C}C:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe] => (Block) C:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe => No File FirewallRules: [TCP Query User{BB1E3215-FD64-489F-AFF6-29F321E7A89D}C:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe] => (Block) C:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe => No File FirewallRules: [UDP Query User{79F92AD1-F147-4FF9-9BAA-6FFCF4D948A0}C:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe] => (Allow) C:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe => No File FirewallRules: [TCP Query User{2F93E85D-36A9-498E-A2C6-7D0E6E73D2A3}C:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe] => (Allow) C:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe => No File FirewallRules: [{2AA02014-A47F-45F9-9FA2-6A2CC424EF59}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin64\CrysisDedicatedServer.exe => No File FirewallRules: [{A591DE29-508E-4E2E-B675-F0D88E3E1C45}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin64\CrysisDedicatedServer.exe => No File FirewallRules: [{67E75086-02FE-4AC3-8A04-E61F1665D123}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin64\Crysis.exe => No File FirewallRules: [{9E6EF7A6-559D-45FB-B36C-1D42D54D4345}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin64\Crysis.exe => No File FirewallRules: [{92BD0BFB-D4CE-4BA1-B216-41C609990964}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe => No File FirewallRules: [{A31DB357-8804-4992-9336-D51437541398}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe => No File FirewallRules: [{6B667074-46EA-455D-A612-0FAB36348D69}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe => No File FirewallRules: [{342D0A55-7400-4EAD-AA00-5055D851BB45}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe => No File FirewallRules: [UDP Query User{80A1C5BE-C09F-4D41-8DB5-8DA95388B878}C:\program files (x86)\r.g. mechanics\battlefield 4\bf4.exe] => (Block) C:\program files (x86)\r.g. mechanics\battlefield 4\bf4.exe => No File FirewallRules: [TCP Query User{F00FE32D-ABA8-4F25-9EE0-C5F90ABDD379}C:\program files (x86)\r.g. mechanics\battlefield 4\bf4.exe] => (Block) C:\program files (x86)\r.g. mechanics\battlefield 4\bf4.exe => No File FirewallRules: [UDP Query User{C9F698A8-5BE1-45C5-9E20-D6640F9A34AD}C:\program files (x86)\r.g. mechanics\battlefield 4\bf4_x86.exe] => (Block) C:\program files (x86)\r.g. mechanics\battlefield 4\bf4_x86.exe => No File FirewallRules: [TCP Query User{2E8515F6-E2DD-4EC9-BE2A-9A6F431E98D2}C:\program files (x86)\r.g. mechanics\battlefield 4\bf4_x86.exe] => (Block) C:\program files (x86)\r.g. mechanics\battlefield 4\bf4_x86.exe => No File FirewallRules: [UDP Query User{523B93C9-DDA7-420C-97D1-25B40D068D05}C:\users\claudio\desktop\assetto corsa\acs.exe] => (Block) C:\users\claudio\desktop\assetto corsa\acs.exe => No File FirewallRules: [TCP Query User{A323FF39-290B-4851-9180-F00FD9AD9727}C:\users\claudio\desktop\assetto corsa\acs.exe] => (Block) C:\users\claudio\desktop\assetto corsa\acs.exe => No File FirewallRules: [{46F77384-3C7D-425E-97B7-352C43E5334C}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe => No File FirewallRules: [{B02A4359-82A0-4FE7-9B14-7320DC3C88C2}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe => No File FirewallRules: [TCP Query User{6B4E34E5-2F04-4988-A3E6-FC77535A67FE}G:\pc games\call of duty black ops cold war beta\blackopscoldwar.exe] => (Allow) G:\pc games\call of duty black ops cold war beta\blackopscoldwar.exe (Activision Publishing Inc -> Activision Publishing, Inc.) FirewallRules: [UDP Query User{96518166-B18B-487A-A447-783344C26F97}G:\pc games\call of duty black ops cold war beta\blackopscoldwar.exe] => (Allow) G:\pc games\call of duty black ops cold war beta\blackopscoldwar.exe (Activision Publishing Inc -> Activision Publishing, Inc.) FirewallRules: [{9FCB1BE6-21F9-433B-8EE8-0E41BB77A86F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{5267F819-AB54-4485-859D-A4020EE124B9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{F23F0E1B-D4ED-44F5-89CF-C9931498C5E8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{F396336B-258E-4577-AA08-F76B7031B3C2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{8E881D62-7214-49E0-A6DF-2C54BCF189A3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{4DE5356D-D503-49A1-8A71-0B997ADCC911}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{B1BE1883-C695-439F-81F3-1B8D3F226947}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{14072449-F476-47A8-9200-728B458564A1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [TCP Query User{B04D7069-7EB9-456C-A03B-3F09CCB51B08}C:\program files (x86)\steam\steamapps\common\warface\13_2000076\bin64release\gamedx11.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\warface\13_2000076\bin64release\gamedx11.exe (warface -> Crytek GmbH) FirewallRules: [UDP Query User{859274A0-FC46-4882-8573-0D32CB7DB729}C:\program files (x86)\steam\steamapps\common\warface\13_2000076\bin64release\gamedx11.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\warface\13_2000076\bin64release\gamedx11.exe (warface -> Crytek GmbH) FirewallRules: [{AEC893D4-ADC8-43B6-8BA4-B22957C0785A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) ==================== Restore Points ========================= 18-11-2020 18:52:20 Windows Update 28-11-2020 15:19:10 Punto di controllo pianificato ==================== Faulty Device Manager Devices ============ Name: Dispositivo PCI Description: Dispositivo PCI Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ======================== Application errors: ================== Error: (12/07/2020 10:53:40 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (5920,R,98) TILEREPOSITORYS-1-5-18: Si è verificato l'errore -1023 (0xfffffc01) durante l'apertura del file di log C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (12/07/2020 10:43:07 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (6024,R,98) TILEREPOSITORYS-1-5-18: Si è verificato l'errore -1023 (0xfffffc01) durante l'apertura del file di log C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (12/07/2020 10:36:03 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Nome dell'applicazione che ha generato l'errore: WinStore.App.exe, versione: 12011.1001.1.0, timestamp: 0x5fa0879b Nome del modulo che ha generato l'errore: twinapi.appcore.dll, versione: 10.0.18362.1171, timestamp: 0x3e66f34f Codice eccezione: 0xc0000005 Offset errore 0x000000000003a860 ID processo che ha generato l'errore: 0x316c Ora di avvio dell'applicazione che ha generato l'errore: 0x01d6cce0f6915917 Percorso dell'applicazione che ha generato l'errore: C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe Percorso del modulo che ha generato l'errore: C:\WINDOWS\SYSTEM32\twinapi.appcore.dll ID segnalazione: 8f5efdd9-65f9-4538-a8f8-712ef126751f Nome completo pacchetto che ha generato l'errore: Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe ID applicazione relativo al pacchetto che ha generato l'errore: App Error: (12/07/2020 12:27:30 AM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (12128,R,98) TILEREPOSITORYS-1-5-18: Si è verificato l'errore -1023 (0xfffffc01) durante l'apertura del file di log C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (12/06/2020 11:44:50 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (9672,R,98) TILEREPOSITORYS-1-5-18: Si è verificato l'errore -1023 (0xfffffc01) durante l'apertura del file di log C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (12/06/2020 12:42:06 AM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (2716,R,98) TILEREPOSITORYS-1-5-18: Si è verificato l'errore -1023 (0xfffffc01) durante l'apertura del file di log C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (12/06/2020 12:05:57 AM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (14688,R,98) TILEREPOSITORYS-1-5-18: Si è verificato l'errore -1023 (0xfffffc01) durante l'apertura del file di log C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (12/05/2020 11:49:06 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (15208,R,98) TILEREPOSITORYS-1-5-18: Si è verificato l'errore -1023 (0xfffffc01) durante l'apertura del file di log C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. System errors: ============= Error: (12/07/2020 10:56:01 PM) (Source: DCOM) (EventID: 10010) (User: CLAUDIO-PC) Description: Il server Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca non ha effettuato la registrazione con DCOM nel tempo richiesto. Error: (12/07/2020 10:54:30 PM) (Source: Service Control Manager) (EventID: 7043) (User: ) Description: Il servizio Malwarebytes Service non è stato arrestato correttamente dopo la ricezione di un controllo di pre-arresto del sistema. Error: (12/07/2020 10:54:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Arresto imprevista del servizio Razer Synapse Service. Questo evento si è già verificato 1 volta(e). Error: (12/07/2020 10:54:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Arresto imprevista del servizio Razer Game Manager. Questo evento si è già verificato 1 volta(e). Error: (12/07/2020 10:54:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Arresto imprevista del servizio Origin Web Helper Service. Questo evento si è già verificato 1 volta(e). Error: (12/07/2020 10:54:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Arresto imprevista del servizio Razer Central Service. Questo evento si è già verificato 1 volta(e). Error: (12/07/2020 10:54:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Arresto imprevista del servizio SAMSUNG Mobile Connectivity Service. Questo evento si è già verificato 1 volta(e). Error: (12/07/2020 10:54:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Il servizio NVIDIA LocalSystem Container è stato arrestato in modo imprevisto. Questo problema si è verificato 1 volta/e. Le seguenti azioni di correzione saranno eseguite tra 6000 millisecondi: Riavvia il servizio. Windows Defender: =================================== Date: 2020-12-03 19:51:41.416 Description: Windows Defender Antivirus: analisi interrotta prima del completamento. ID analisi: {8C2CCD25-272A-4F14-9F72-3B46242AAD35} Tipo analisi: Antimalware Parametri analisi: Analisi veloce Utente: NT AUTHORITY\SYSTEM Date: 2020-12-02 19:26:02.585 Description: Windows Defender Antivirus: analisi interrotta prima del completamento. ID analisi: {BE6D4A0C-9AAC-4645-A307-797645F6A79C} Tipo analisi: Antimalware Parametri analisi: Analisi veloce Utente: NT AUTHORITY\SERVIZIO DI RETE Date: 2020-11-30 22:13:53.609 Description: Windows Defender Antivirus: analisi interrotta prima del completamento. ID analisi: {FD925E88-E53A-4E22-A9C5-DFC5B94FF0E8} Tipo analisi: Antimalware Parametri analisi: Analisi veloce Utente: NT AUTHORITY\SYSTEM Date: 2020-11-29 20:51:00.415 Description: Windows Defender Antivirus: analisi interrotta prima del completamento. ID analisi: {27208E55-43AA-41CC-875C-DE30FC47369D} Tipo analisi: Antimalware Parametri analisi: Analisi veloce Utente: NT AUTHORITY\SYSTEM Date: 2020-11-28 15:13:19.514 Description: Windows Defender Antivirus: analisi interrotta prima del completamento. ID analisi: {B9C7B697-3C92-4F2C-9649-3C518DA72532} Tipo analisi: Antimalware Parametri analisi: Analisi veloce Utente: NT AUTHORITY\SYSTEM Date: 2020-12-04 20:42:40.826 Description: Windows Defender Antivirus: errore durante il tentativo di aggiornare l'intelligence sulla sicurezza. Nuova versione intelligence sulla sicurezza: 1.327.2074.0 Versione intelligence sulla sicurezza precedente: 1.327.1999.0 Origine aggiornamento: Utente Tipo intelligence sulla sicurezza: Antispyware Tipo aggiornamento: Delta Utente: NT AUTHORITY\SYSTEM Versione motore corrente: 1.1.17600.5 Versione motore precedente: 1.1.17600.5 Codice errore: 0x80509004 Descrizione errore: Problema imprevisto. Installare tutti gli aggiornamenti disponibili, quindi provare di nuovo ad avviare il programma. Per informazioni sull'installazione degli aggiornamenti, consultare Guida e supporto tecnico. Date: 2020-12-04 20:42:40.826 Description: Windows Defender Antivirus: errore durante il tentativo di aggiornare l'intelligence sulla sicurezza. Nuova versione intelligence sulla sicurezza: 1.327.2074.0 Versione intelligence sulla sicurezza precedente: 1.327.1999.0 Origine aggiornamento: Utente Tipo intelligence sulla sicurezza: Antivirus Tipo aggiornamento: Delta Utente: NT AUTHORITY\SYSTEM Versione motore corrente: 1.1.17600.5 Versione motore precedente: 1.1.17600.5 Codice errore: 0x80509004 Descrizione errore: Problema imprevisto. Installare tutti gli aggiornamenti disponibili, quindi provare di nuovo ad avviare il programma. Per informazioni sull'installazione degli aggiornamenti, consultare Guida e supporto tecnico. Date: 2020-11-11 11:40:43.327 Description: Windows Defender Antivirus: errore durante il tentativo di aggiornare l'intelligence sulla sicurezza. Nuova versione intelligence sulla sicurezza: Versione intelligence sulla sicurezza precedente: 1.327.571.0 Origine aggiornamento: Microsoft Malware Protection Center Tipo intelligence sulla sicurezza: Antivirus Tipo aggiornamento: Completo Utente: NT AUTHORITY\SERVIZIO DI RETE Versione motore corrente: Versione motore precedente: 1.1.17600.5 Codice errore: 0x80072ee2 Descrizione errore: Timeout dell'operazione Date: 2020-11-11 11:40:43.324 Description: Windows Defender Antivirus: errore durante il tentativo di aggiornare l'intelligence sulla sicurezza. Nuova versione intelligence sulla sicurezza: Versione intelligence sulla sicurezza precedente: 1.327.571.0 Origine aggiornamento: Microsoft Malware Protection Center Tipo intelligence sulla sicurezza: Antispyware Tipo aggiornamento: Completo Utente: NT AUTHORITY\SERVIZIO DI RETE Versione motore corrente: Versione motore precedente: 1.1.17600.5 Codice errore: 0x80072ee2 Descrizione errore: Timeout dell'operazione Date: 2020-11-11 11:40:43.322 Description: Windows Defender Antivirus: errore durante il tentativo di aggiornare l'intelligence sulla sicurezza. Nuova versione intelligence sulla sicurezza: Versione intelligence sulla sicurezza precedente: 1.327.571.0 Origine aggiornamento: Microsoft Malware Protection Center Tipo intelligence sulla sicurezza: Antivirus Tipo aggiornamento: Completo Utente: NT AUTHORITY\SERVIZIO DI RETE Versione motore corrente: Versione motore precedente: 1.1.17600.5 Codice errore: 0x80072ee2 Descrizione errore: Timeout dell'operazione CodeIntegrity: =================================== Date: 2020-12-07 22:37:11.402 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2020-12-07 22:37:11.383 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2020-12-07 00:21:27.038 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\BrowserSDKDLL.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2020-12-07 00:21:26.552 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\Actions.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2020-11-29 20:52:55.061 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\WINDOWS\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements. Date: 2020-11-29 20:52:55.015 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\WINDOWS\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements. Date: 2020-11-29 20:52:54.941 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\WINDOWS\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements. Date: 2020-11-29 20:52:54.527 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\WINDOWS\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements. ==================== Memory info =========================== BIOS: American Megatrends Inc. P2.10 07/17/2014 Motherboard: ASRock Z87 OC Formula Processor: Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz Percentage of memory in use: 35% Total physical RAM: 12214.55 MB Available physical RAM: 7938.93 MB Total Virtual: 24502.55 MB Available Virtual: 18333.33 MB ==================== Drives ================================ Drive 😄 () (Fixed) (Total:232.23 GB) (Free:54.65 GB) NTFS Drive g: (SSD Programmi) (Fixed) (Total:465.63 GB) (Free:96.71 GB) NTFS \\?\Volume{2939ab8e-06b6-11e5-9a21-806e6f6e6963}\ (Riservato per il sistema) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS \\?\Volume{fce61318-0000-0000-0000-30153a000000}\ () (Fixed) (Total:0.55 GB) (Free:0.08 GB) NTFS ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: FCE61318) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=232.2 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=566 MB) - (Type=27) ========================================================== Disk: 1 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000) Partition: GPT. ==================== End of Addition.txt ======================= I hope everything is correct. I'm pending for new instructions and/or good news. Best regards, thanks in advance, nalex91

Good morning, what should I do with Roboot64.exe file? Is it dangerous or safe for my pc? As you requested, I'll attach 3 .txt files to the topic for you to analyze: FRST.txt Log Malwarebytes December 2020.txt Addition.txt Thanks in advance, regards, nalex91