Jump to content

MBAM blocked site i've never visited.


Go to solution Solved by kevinf80,

Recommended Posts

Hello.

A couple of days ago, MBAM blocked an outgoing connection, more specifically a url which is... a local newspaper in Rome, flagging it as trojan. I've had a pc reset a month ago and i've barely installed anything, i've also been using both MBAM premium and Windows Defender (I also ran a scan with Adwcleaner to be sure). I got no threats as results by all of them. The attempt occured only once and has not happened since.

I suppose this was an AD on a site i was visiting and the IP they are using has also been used by Trojans. But the notification appeared 30,40 seconds after i've visited some newspapers sites with my adblock turned off. This slightly worried me because i've had notifications appear instantly after visiting a site with flagged ads, but receiving it after a while has never happened to me. Could it be that a scan was going on and MBAM waited the end to tell me they've blocked something ? I find it hard to have a RAT or anything else really, wouldn't a RAT attempt multiple connections ? Feel like i'm overthinking it tbh. Still, i would prefer receiving some advice. I'm pasting the info regarding the block, my system is in italian so i tried to do a little bit of translation, hopefully it's understandable. Thanks a lot.

Malwarebytes
www.malwarebytes.com

-Log Details-
Date: 07/03/21
Time: 02:12
Log File: 200cfb5c-7ee2-11eb-a291-309c23835076.json

-Software Info-
Versione: 4.3.0.98
Versione componenti: 1.0.1173
Aggiorna versione pacchetto: 1.0.37851
Licenza: Premium

-System Info-
SO: Windows 10 (Build 19041.804)
CPU: x64
File system: NTFS
Utente: System

-Blocked site Info-
Sito web nocivo: 1
, C:\Program Files\Google\Chrome\Application\chrome.exe, Bloccato, -1, -1, 0.0.0, , 

-Site info-
Type: Trojan
Dominio: www.ilcorrieredellacitta.com
Indirizzo IP: 176.9.16.214
Porta: 443
Type: Outgoing
File: C:\Program Files\Google\Chrome\Application\chrome.exe

(end)

Link to post
Share on other sites

Hello Nicholas123 and welcome to Malwarebytes,

Continue with the following:

Open Malwarebytes, select > small cog wheel top right hand corner, that will open "settings" from there select "Security" tab.

Scroll down to "Scan Options" ensure Scan for Rootkits and Scan within Archives are both on....

Clsoe out the settings window, this will take you back to "DashBoard" select the Blue "Scan Now" tab......

When the scan completes quarantine any found entries...

To get the log from Malwarebytes do the following:
 
  • Click on the Detection History tab > from main interface.
  • Then click on "History" that will open to a historical list
  • Double click on the Scan log which shows the Date and time of the scan just performed.
  • Click Export > From export you have two options:
    Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your reply
    Text file (*.txt) - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply

     
  • Please use "Copy to Clipboard, then Right click to your reply > select "Paste" that will copy the log to your reply…


Next,

Download AdwCleaner by Malwarebytes onto your Desktop.

Or from this Mirror
 
  • Right-click on AdwCleaner.exe and select http://i.imgur.com/Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users)
  • Accept the EULA (I accept), then click on Scan
  • Let the scan complete. Once it's done, make sure that every item listed in the different tabs is checked and click on the Quarantine button. This will kill all the active processes
  • Once the cleaning process is complete, AdwCleaner will ask to restart your computer, do it
  • After the restart, a log will open when logging in. Please copy/paste the content of that log in your next reply


Next,

Download Farbar Recovery Scan Tool and save it to your desktop.

Alternative download option: http://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

If your security alerts to FRST either, accept the alert or turn your security off to allow FRST to run. It is not malicious or infected in any way...

Be aware FRST must be run from an account with Administrator status... Right click on FRST and rename FRSTEnglish if English is not your primary language
 
  • Double-click to run it. When the tool opens click Yes to disclaimer.(Windows 8/10 users will be prompted about Windows SmartScreen protection - click More information and Run.)
  • Make sure Addition.txt is checkmarked under "Optional scans"
    user posted image
     
  • Press Scan button to run the tool....
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The tool will also make a log named (Addition.txt) Please attach that log to your reply.


Let me see those logs in your reply...

Thank you,

Kevin....
Link to post
Share on other sites

Hello Kevin, thanks for the help!

Adwcleaner didn't find anything so i didn't need to quarantine, hope that's what you meant.

I'm sorry if the MBAM scan and parts of addition are in italian, hopefully it's somewhat understandable. 

Malwarebytes
www.malwarebytes.com

-Dettagli log-
Data scansione: 08/03/21
Ora scansione: 21:05
File di log: 9bcf2540-8049-11eb-8fc1-309c23835076.json

-Informazioni software-
Versione: 4.3.0.98
Versione componenti: 1.0.1173
Aggiorna versione pacchetto: 1.0.37885
Licenza: Premium

-Informazioni sistema-
SO: Windows 10 (Build 19042.804)
CPU: x64
File system: NTFS
Utente: Maxine\Utente

-Riepilogo scansione-
Tipo di scansione: Ricerca elementi nocivi
Scansione avviata da: Manuale
Risultati: Completata
Elementi analizzati: 275635
Minacce rilevate: 0
Minacce messe in quarantena: 0
Tempo impiegato: 1 min, 19 sec

-Opzioni di scansione-
Memoria: Attivata
Esecuzioni automatiche: Attivata
File system: Attivata
Archivi compressi: Attivata
Rootkit: Attivata
Analisi euristica: Attivata
PUP: Rilevare
PUM: Rilevare

-Dettagli scansione-
Processo: 0
(Nessun elemento nocivo rilevato)

Modulo: 0
(Nessun elemento nocivo rilevato)

Chiave di registro: 0
(Nessun elemento nocivo rilevato)

Valore di registro: 0
(Nessun elemento nocivo rilevato)

Dati di registro: 0
(Nessun elemento nocivo rilevato)

Flusso di dati: 0
(Nessun elemento nocivo rilevato)

Cartella: 0
(Nessun elemento nocivo rilevato)

File: 0
(Nessun elemento nocivo rilevato)

Settore fisico: 0
(Nessun elemento nocivo rilevato)

WMI: 0
(Nessun elemento nocivo rilevato)


(end)

# -------------------------------
# Malwarebytes AdwCleaner 8.1.0.0
# -------------------------------
# Build:    02-15-2021
# Database: 2021-03-08.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    03-08-2021
# Duration: 00:00:10
# OS:       Windows 10 Pro
# Scanned:  4916
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


AdwCleaner[S00].txt - [1404 octets] - [07/03/2021 02:17:55]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-02-2021
Ran by Utente (administrator) on MAXINE (Micro-Star International Co., Ltd. MS-7B61) (08-03-2021 21:11:12)
Running from C:\Users\Utente\Desktop
Loaded Profiles: Utente
Platform: Windows 10 Pro Version 20H2 19042.804 (X64) Language: Italiano (Italia)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Dashlane USA, Inc. -> Dashlane, Inc.) C:\Users\Utente\AppData\Roaming\Dashlane\Dashlane.exe
(Dashlane USA, Inc. -> Dashlane, Inc.) C:\Users\Utente\AppData\Roaming\Dashlane\DashlanePlugin.exe
(Discord Inc. -> Discord Inc.) C:\Users\Utente\AppData\Local\Discord\app-0.0.309\Discord.exe <6>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <12>
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_1e5aa28740c131d2\RstMwService.exe
(Intel(R) Software Development Products -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_62a0e7f4cd3e6c99\aesm_service.exe
(Intel(R) Trust Services -> Intel(R) Corporation) C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\SocketHeciServer.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Privacy\MBVPNService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Privacy\MBVpnTunnelService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Privacy\UI\MBPrivacy.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Utente\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2101.10.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20688.0_x64__8wekyb3d8bbwe\HxAccounts.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20688.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20688.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowsstore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.3-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.3-0\NisSrv.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(NZXT, Inc. -> ) C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\rust-cam\dist\native\target\release\cam_helper.exe <2>
(NZXT, Inc. -> ) C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\rust-cam\dist\native\target\release\service.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_d87c47469b47c3f9\RtkAudUService64.exe <2>
(Skutta, Kristjan -> ) D:\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) D:\Steam\steam.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_d87c47469b47c3f9\RtkAudUService64.exe [1201448 2020-10-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-12-09] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-3491294169-2899776833-3606377185-1001\...\Run: [Malwarebytes Privacy] => C:\Program Files\Malwarebytes\Privacy\UI\mbprivacy.exe [354672 2021-02-18] (Malwarebytes Inc -> Malwarebytes)
HKU\S-1-5-21-3491294169-2899776833-3606377185-1001\...\Run: [Discord] => C:\Users\Utente\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3491294169-2899776833-3606377185-1001\...\Run: [WallpaperEngine] => D:\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe [2769000 2021-03-05] (Skutta, Kristjan -> )
HKLM\...\Print\Monitors\HP CD11 Status Monitor: C:\WINDOWS\system32\hpinkstsCD11LM.dll [391992 2019-03-15] (HP Inc -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\89.0.4389.82\Installer\chrmstp.exe [2021-03-07] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01651F97-BCCF-4E68-A8BD-FCD08A0CBBD5} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {195A968D-5209-4481-8DF1-129AB2FEAEB0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MpCmdRun.exe [566376 2021-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1F45D5E3-19B0-4FBB-8635-A23D722D516E} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2D2BD5BA-D660-48FA-9446-DDDC92E4F4E7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-07] (Google LLC -> Google LLC)
Task: {3AE4D3E7-367B-415C-B717-AC73CA7CFD4D} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3CCDD99A-6403-4247-941C-9CED4FDF704E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-07] (Google LLC -> Google LLC)
Task: {3FFD3E72-A138-43EF-BF2E-9B541914FBCC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MpCmdRun.exe [566376 2021-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4C04CD48-90C0-492B-A6ED-2039C8ECDD66} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {5FAC629A-A27B-4C8C-8B99-708B23EEBB90} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MpCmdRun.exe [566376 2021-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {62B2A0E1-0898-4D28-A951-B8C26C0DC932} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9A9EE32E-FD08-4055-8364-5874CD5104C0} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9FACDB33-D008-4203-9DF6-B57362E0587E} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {B160659A-B432-4C62-9CA6-D5B36280E337} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B3797AB4-EDDE-4B3D-8AAC-CEA0AFD758DD} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302128 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CB417688-93C5-46A9-BD38-082F65284F9E} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646896 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CF3B527C-ECE8-471C-9762-14D19906120D} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {DFE40FAB-65D5-45EF-B820-1B501CF8BB04} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MpCmdRun.exe [566376 2021-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{a1c649d7-8186-4ea9-c6fa-88ec630da128}: [NameServer] 10.64.0.1
Tcpip\..\Interfaces\{c00bc3aa-08b7-42a0-9e00-c422b6488747}: [DhcpNameServer] 192.168.178.1

Edge: 
=======
Edge Profile: C:\Users\Utente\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-08]

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.281.2 -> C:\Program Files\Java\jre1.8.0_281\bin\dtplugin\npDeployJava1.dll [2021-02-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.281.2 -> C:\Program Files\Java\jre1.8.0_281\bin\plugin2\npjp2.dll [2021-02-16] (Oracle America, Inc. -> Oracle Corporation)

Chrome: 
=======
CHR Profile: C:\Users\Utente\AppData\Local\Google\Chrome\User Data\Default [2021-03-08]
CHR HomePage: Default -> hxxp://www.youtube.com/?hl=it&gl=IT
CHR DefaultSearchURL: Default -> hxxps://s.ytimg.com/yts/img/favicon-vfl8qSV2F.ico
CHR Extension: (Presentazioni) - C:\Users\Utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-02-07]
CHR Extension: (YouTube) - C:\Users\Utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\adnlfjpnmidfimlkaohpidplnoimahfh [2021-02-07]
CHR Extension: (BetterTTV) - C:\Users\Utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2021-02-07]
CHR Extension: (Documenti) - C:\Users\Utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-02-07]
CHR Extension: (Google Drive) - C:\Users\Utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-02-07]
CHR Extension: (YouTube) - C:\Users\Utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-02-07]
CHR Extension: (Spotify - Music for every moment) - C:\Users\Utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgieh [2021-02-07]
CHR Extension: (SoundCloud) - C:\Users\Utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\cogncpmnihfpagflekafgfhbjahhjgee [2021-02-07]
CHR Extension: (BlockSite - Rimani concentrato e controlla il tuo tempo) - C:\Users\Utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimnmioipafcokbfikbljfdeojpcgbh [2021-02-23]
CHR Extension: (Fogli) - C:\Users\Utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-02-07]
CHR Extension: (Documenti Google offline) - C:\Users\Utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-02-24]
CHR Extension: (AdBlock: il miglior ad-blocker di sempre) - C:\Users\Utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-02-26]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-02-25]
CHR Extension: (App) - C:\Users\Utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgnggepjiihbfdbedefdhcffnmhcahbm [2021-02-07]
CHR Extension: (Google Avvisi email) - C:\Users\Utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2021-02-07]
CHR Extension: (Pagamenti Chrome Web Store) - C:\Users\Utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-07]
CHR Extension: (Gmail) - C:\Users\Utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-02-07]
CHR Extension: (Chrome Media Router) - C:\Users\Utente\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-07]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 CAMService; C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\rust-cam\dist\native\target\release\service.exe [533640 2021-02-17] (NZXT, Inc. -> )
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [410864 2021-01-25] (NVIDIA Corporation -> NVIDIA)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-02-25] (Malwarebytes Inc -> Malwarebytes)
R2 MBVpnService; C:\Program Files\Malwarebytes\Privacy\MBVpnService.exe [3272496 2021-02-18] (Malwarebytes Inc -> Malwarebytes)
R3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Privacy\MBVpnTunnelService.exe [2235824 2021-02-18] (Malwarebytes Inc -> Malwarebytes)
R2 RtkAudioUniversalService; C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_d87c47469b47c3f9\RtkAudUService64.exe [1201448 2020-10-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5198064 2021-01-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\NisSrv.exe [2483624 2021-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MsMpEng.exe [128392 2021-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 CMUSBDAC; C:\WINDOWS\system32\DRIVERS\CMUSBDAC.sys [3792904 2020-09-21] (Microsoft Windows Hardware Compatibility Publisher -> C-MEDIA)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2021-02-25] (Malwarebytes Corporation -> Malwarebytes)
S3 FTSER2K; C:\WINDOWS\system32\drivers\ftser2k.sys [79872 2018-09-24] (Microsoft Windows Hardware Compatibility Publisher -> FTDI Ltd.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220616 2021-02-25] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-02-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198248 2021-02-25] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-02-25] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-02-25] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [142416 2021-02-25] (Malwarebytes Inc -> Malwarebytes)
R3 mbtun; C:\WINDOWS\system32\DRIVERS\mbtun.sys [86680 2021-02-18] (Malwarebytes Inc -> Malwarebytes)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [24000 2019-09-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
S3 ssudcdf; C:\WINDOWS\System32\drivers\ssudcdf.sys [36608 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssuddmgr; C:\WINDOWS\System32\drivers\ssuddmgr.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudobex; C:\WINDOWS\System32\drivers\ssudobex.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64912 2019-08-13] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated)
S3 ssudrmnet; C:\WINDOWS\System32\drivers\ssudrmnet.sys [70400 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
S3 ssudserd; C:\WINDOWS\System32\drivers\ssudserd.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ss_conn_usb_driver; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver.sys [43648 2017-01-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 VirtualHID; C:\WINDOWS\System32\drivers\VirtualHID.sys [26768 2020-02-05] (Voyetra Turtle Beach, Inc. -> TurtleBeach)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49544 2021-03-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [420088 2021-03-06] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72952 2021-03-06] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-08 21:11 - 2021-03-08 21:11 - 000020198 _____ C:\Users\Utente\Desktop\FRST.txt
2021-03-08 21:11 - 2021-03-08 21:10 - 002301440 _____ (Farbar) C:\Users\Utente\Desktop\FRST64.exe
2021-03-08 21:10 - 2021-03-08 21:10 - 002301440 _____ (Farbar) C:\Users\Utente\Downloads\FRST64.exe
2021-03-08 21:07 - 2021-03-08 21:09 - 000002881 _____ C:\Users\Utente\Desktop\Scan.txt
2021-03-08 19:25 - 2021-03-08 19:25 - 000037114 _____ C:\Users\Utente\Downloads\bonificoSct_08_03_2021_19_25_43.pdf
2021-03-07 17:56 - 2021-03-07 17:56 - 000036788 _____ C:\Users\Utente\Downloads\bonificoSct_07_03_2021_17_56_10.pdf
2021-03-07 17:53 - 2021-03-07 17:53 - 000036790 _____ C:\Users\Utente\Downloads\bonificoSct_07_03_2021_17_53_00.pdf
2021-03-07 02:17 - 2021-03-07 02:17 - 008463216 _____ (Malwarebytes) C:\Users\Utente\Downloads\adwcleaner_8.1 (1).exe
2021-03-07 02:17 - 2021-03-07 02:17 - 000000000 ____D C:\AdwCleaner
2021-03-07 02:14 - 2021-03-07 02:14 - 008463216 _____ (Malwarebytes) C:\Users\Utente\Downloads\adwcleaner_8.1.exe
2021-03-04 20:21 - 2021-03-04 20:22 - 205718227 _____ C:\Users\Utente\Downloads\5953 - Professor Layton and the Spectre's Call (E).zip
2021-03-04 19:41 - 2021-03-04 19:41 - 001447178 _____ (Igor Pavlov) C:\Users\Utente\Downloads\7z1900-x64 (1).exe
2021-03-04 19:41 - 2021-03-04 19:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2021-03-04 19:41 - 2021-03-04 19:41 - 000000000 ____D C:\Program Files\7-Zip
2021-03-04 19:33 - 2021-03-04 19:33 - 001868290 _____ C:\Users\Utente\Downloads\desmume-0.9.11-win64.zip
2021-03-03 15:54 - 2021-03-03 15:54 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2021-03-03 15:53 - 2021-02-24 13:53 - 001855208 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-03-03 15:53 - 2021-02-24 13:53 - 001855208 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-03-03 15:53 - 2021-02-24 13:53 - 001452336 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-03-03 15:53 - 2021-02-24 13:53 - 001435880 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-03-03 15:53 - 2021-02-24 13:53 - 001435880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-03-03 15:53 - 2021-02-24 13:53 - 001191728 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-03-03 15:53 - 2021-02-24 13:53 - 001094888 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-03-03 15:53 - 2021-02-24 13:53 - 001094888 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-03-03 15:53 - 2021-02-24 13:53 - 000948968 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-03-03 15:53 - 2021-02-24 13:53 - 000948968 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-03-03 15:53 - 2021-02-24 13:51 - 000678704 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-03-03 15:53 - 2021-02-24 13:51 - 000546096 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-03-03 15:53 - 2021-02-24 13:50 - 002102576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-03-03 15:53 - 2021-02-24 13:50 - 001587504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-03-03 15:53 - 2021-02-24 13:50 - 001511192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-03-03 15:53 - 2021-02-24 13:50 - 001163544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-03-03 15:53 - 2021-02-24 13:50 - 000811824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-03-03 15:53 - 2021-02-24 13:50 - 000671512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-03-03 15:53 - 2021-02-24 13:50 - 000556816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-03-03 15:53 - 2021-02-24 13:49 - 008260880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-03-03 15:53 - 2021-02-24 13:49 - 007391512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-03-03 15:53 - 2021-02-24 13:49 - 004610320 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-03-03 15:53 - 2021-02-24 13:49 - 002729776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-03-03 15:53 - 2021-02-24 13:49 - 001730864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6446172.dll
2021-03-03 15:53 - 2021-02-24 13:49 - 001490200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6446172.dll
2021-02-26 19:45 - 2021-02-26 19:45 - 000036675 _____ C:\Users\Utente\Downloads\bonificoSct_26_02_2021_19_44_58.pdf
2021-02-25 21:36 - 2021-02-25 21:36 - 000392426 _____ C:\Users\Utente\Downloads\wnetwatcher.zip
2021-02-25 20:12 - 2021-02-25 20:12 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-02-25 20:12 - 2021-02-25 20:12 - 000220616 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-02-25 20:12 - 2021-02-25 20:12 - 000198248 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-02-25 20:12 - 2021-02-25 20:12 - 000142416 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-02-25 20:12 - 2021-02-25 20:12 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-02-25 20:12 - 2021-02-25 20:12 - 000002043 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-02-25 20:12 - 2021-02-25 20:12 - 000000000 ____D C:\Users\Utente\AppData\Local\mbam
2021-02-25 20:11 - 2021-02-25 20:11 - 002040904 _____ (Malwarebytes) C:\Users\Utente\Downloads\MBSetup-0009996.0009996-consumer (1).exe
2021-02-25 20:11 - 2021-02-25 20:11 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-02-25 20:11 - 2021-02-25 20:11 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-02-25 20:06 - 2021-03-08 21:11 - 000000000 ____D C:\FRST
2021-02-25 20:01 - 2021-02-25 20:01 - 000000000 ____D C:\ProgramData\mb3migration
2021-02-25 20:00 - 2021-02-25 20:00 - 002301440 _____ (Farbar) C:\Users\Utente\Downloads\FRSTEnglish.exe
2021-02-25 19:25 - 2021-02-25 19:25 - 011636936 _____ C:\Users\Utente\Downloads\mb-support-1.8.3.885.exe
2021-02-25 01:01 - 2021-03-06 18:45 - 000000842 _____ C:\Users\Utente\Desktop\Minecraft Server - collegamento.lnk
2021-02-23 05:17 - 2021-02-23 05:17 - 000002377 _____ C:\Users\Utente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CacheMonkey.lnk
2021-02-22 17:08 - 2021-02-22 17:08 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-02-21 18:05 - 2021-03-08 17:48 - 000000000 ____D C:\Users\Utente\AppData\Roaming\NZXT CAM
2021-02-21 18:05 - 2021-02-21 18:05 - 000001806 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NZXT CAM.lnk
2021-02-21 18:05 - 2021-02-21 18:05 - 000000000 ____D C:\Users\Utente\AppData\Local\nzxt cam-updater
2021-02-21 18:05 - 2021-02-21 18:05 - 000000000 ____D C:\Program Files\NZXT CAM
2021-02-21 18:04 - 2021-02-21 18:04 - 001478312 _____ C:\Users\Utente\Downloads\NZXT-CAM-Setup.exe
2021-02-20 18:34 - 2021-02-20 18:35 - 028721862 _____ C:\Users\Utente\Downloads\twilightforest-1.12.2-3.11.1021-universal.jar
2021-02-20 18:34 - 2021-02-20 18:34 - 000653210 _____ C:\Users\Utente\Downloads\jei_1.12.2-4.16.1.302.jar
2021-02-18 04:00 - 2021-02-18 04:00 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-02-18 04:00 - 2021-02-18 04:00 - 000000000 ____D C:\Program Files (x86)\SquareEnix
2021-02-18 02:43 - 2021-03-08 16:57 - 000000000 ____D C:\ProgramData\Riot Games
2021-02-18 02:43 - 2021-02-18 02:55 - 000000000 ____D C:\Users\Utente\AppData\Local\Riot Games
2021-02-18 02:42 - 2021-02-18 02:43 - 069423360 _____ (Riot Games, Inc.) C:\Users\Utente\Downloads\Install League of Legends euw.exe
2021-02-18 02:21 - 2021-02-18 02:21 - 000086680 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbtun.sys
2021-02-18 02:21 - 2021-02-18 02:21 - 000000000 ____D C:\Program Files\MBTunnel
2021-02-17 23:17 - 2021-02-17 23:17 - 002669107 _____ C:\Users\Utente\Downloads\OptiFine_1.12.2_HD_U_G5.jar
2021-02-17 23:14 - 2021-02-17 23:15 - 004995270 _____ C:\Users\Utente\Downloads\forge-1.12.2-14.23.5.2847-installer.jar
2021-02-17 23:12 - 2021-02-17 23:19 - 478703526 _____ C:\Users\Utente\Downloads\PixelmonGenerations-1.12.2-8.3.0.jar
2021-02-17 19:50 - 2021-02-17 19:50 - 004077054 _____ C:\Users\Utente\Downloads\Notes_210217_190549.pdf
2021-02-17 19:32 - 2021-02-17 19:32 - 028198952 _____ (SQUARE ENIX CO., LTD.) C:\Users\Utente\Downloads\ffxivsetup.exe
2021-02-17 18:11 - 2021-02-17 18:11 - 000007600 _____ C:\Users\Utente\AppData\Local\Resmon.ResmonCfg
2021-02-17 03:31 - 2021-02-17 03:31 - 1289256905 _____ C:\WINDOWS\MEMORY.DMP
2021-02-17 03:31 - 2021-02-17 03:31 - 002109620 _____ C:\WINDOWS\Minidump\021721-7406-01.dmp
2021-02-17 03:31 - 2021-02-17 03:31 - 000000000 ____D C:\WINDOWS\Minidump
2021-02-17 00:41 - 2021-02-17 00:41 - 118460410 _____ C:\Users\Utente\Downloads\ThePixelmonOST.zip
2021-02-17 00:40 - 2021-02-17 00:41 - 006990968 _____ C:\Users\Utente\Downloads\journeymap-1.12.2-5.7.1.jar
2021-02-17 00:40 - 2021-02-17 00:40 - 004696621 _____ C:\Users\Utente\Downloads\BiomesOPlenty-1.12.2-7.0.1.2441-universal.jar
2021-02-17 00:12 - 2021-02-24 00:56 - 000000000 ____D C:\Minecraft Server
2021-02-17 00:03 - 2021-02-17 00:03 - 008192342 _____ C:\Users\Utente\Downloads\The+Pixelmon+Modpack-8.1.2.zip
2021-02-16 23:50 - 2021-02-16 23:54 - 455675808 _____ C:\Users\Utente\Downloads\Pixelmon-1.12.2-8.1.2-universal.jar
2021-02-16 23:34 - 2021-02-16 23:34 - 000192168 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2021-02-16 23:34 - 2021-02-16 23:34 - 000000000 ____D C:\Users\Utente\AppData\Roaming\Sun
2021-02-16 23:33 - 2021-02-16 23:33 - 083548808 _____ (Oracle Corporation) C:\Users\Utente\Downloads\jre-8u281-windows-x64.exe
2021-02-16 23:33 - 2021-02-16 23:33 - 000000000 ____D C:\ProgramData\Oracle
2021-02-16 23:33 - 2021-02-16 23:33 - 000000000 ____D C:\Program Files\Java
2021-02-16 22:52 - 2021-03-08 03:17 - 000000000 ____D C:\Users\Utente\AppData\Roaming\.minecraft
2021-02-16 22:52 - 2021-02-16 22:53 - 000000000 ____D C:\Program Files (x86)\Minecraft Launcher
2021-02-16 22:52 - 2021-02-16 22:52 - 002666496 _____ C:\Users\Utente\Downloads\MinecraftInstaller.msi
2021-02-15 21:46 - 2021-02-15 21:51 - 000000000 ____D C:\Users\Utente\AppData\Roaming\DarkSoulsIII
2021-02-14 22:23 - 2021-02-14 22:23 - 000000000 ____D C:\Users\Utente\AppData\Roaming\NVIDIA
2021-02-12 17:45 - 2021-02-12 17:45 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-02-12 17:45 - 2021-02-12 17:45 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-02-12 17:45 - 2021-02-12 17:45 - 001314112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-02-12 17:45 - 2021-02-12 17:45 - 000231232 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-02-12 17:45 - 2021-02-12 17:45 - 000010892 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-02-12 03:50 - 2021-03-01 19:47 - 000000000 ____D C:\Users\Utente\AppData\Local\Spotify
2021-02-12 03:50 - 2021-02-12 03:50 - 000001851 _____ C:\Users\Utente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2021-02-12 03:49 - 2021-03-01 19:45 - 000000000 ____D C:\Users\Utente\AppData\Roaming\Spotify
2021-02-12 03:49 - 2021-02-12 03:49 - 000891344 _____ (Spotify Ltd) C:\Users\Utente\Downloads\SpotifySetup.exe
2021-02-10 21:54 - 2021-02-17 20:45 - 000000000 ____D C:\Users\Utente\AppData\Local\CrashDumps
2021-02-10 01:01 - 2021-02-10 01:01 - 000000000 ____D C:\Users\Utente\AppData\Local\GOG.com
2021-02-10 01:01 - 2021-02-10 01:01 - 000000000 ____D C:\Program Files (x86)\Microsoft XNA
2021-02-09 02:46 - 2021-02-10 02:27 - 000000000 ____D C:\Users\Utente\AppData\Roaming\StardewValley
2021-02-08 03:44 - 2021-02-08 03:44 - 000000000 ____D C:\Users\Utente\AppData\Local\PeerDistRepub
2021-02-07 23:58 - 2021-02-07 23:58 - 000000000 ____D C:\Users\Utente\Documents\NBGI
2021-02-07 23:58 - 2021-02-07 23:58 - 000000000 ____D C:\Users\Utente\Documents\FromSoftware
2021-02-07 23:58 - 2021-02-07 23:58 - 000000000 ____D C:\Users\Utente\AppData\Local\FromSoftware
2021-02-07 18:55 - 2021-03-08 18:30 - 000000000 ____D C:\Users\Utente\AppData\Local\D3DSCache
2021-02-07 18:25 - 2021-03-04 00:07 - 000000000 ____D C:\Users\Utente\AppData\Local\NVIDIA
2021-02-07 18:25 - 2021-02-19 01:34 - 000000000 ____D C:\ProgramData\Package Cache
2021-02-07 18:25 - 2021-02-16 02:31 - 000000000 ____D C:\Users\Utente\AppData\Local\NVIDIA Corporation
2021-02-07 18:25 - 2021-02-07 18:25 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-07 18:25 - 2021-02-07 18:25 - 000004106 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-07 18:25 - 2021-02-07 18:25 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-07 18:25 - 2021-02-07 18:25 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-07 18:25 - 2021-02-07 18:25 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-07 18:25 - 2021-02-07 18:25 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-07 18:25 - 2021-02-07 18:25 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-07 18:25 - 2021-02-07 18:25 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-07 18:25 - 2021-02-07 18:25 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-07 18:25 - 2021-02-07 18:25 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-07 18:25 - 2021-01-27 12:17 - 002797808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2021-02-07 18:25 - 2021-01-27 12:17 - 002154224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2021-02-07 18:25 - 2021-01-27 12:17 - 001295088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2021-02-07 18:25 - 2021-01-25 04:38 - 000070896 _____ C:\WINDOWS\system32\FvSDK_x64.dll
2021-02-07 18:25 - 2021-01-25 04:38 - 000059632 _____ C:\WINDOWS\SysWOW64\FvSDK_x86.dll
2021-02-07 18:25 - 2020-12-02 07:48 - 000169272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2021-02-07 18:25 - 2020-12-02 07:48 - 000145208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2021-02-07 17:51 - 2021-02-12 17:41 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-02-07 16:36 - 2021-02-07 18:19 - 127203936 _____ (NVIDIA Corporation New) C:\Users\Utente\Downloads\GeForce_Experience_v3.21.0.36.exe
2021-02-07 16:33 - 2021-03-02 16:17 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2021-02-07 16:23 - 2021-02-07 16:23 - 000000000 ____D C:\Users\Utente\Downloads\MSIAfterburnerSetup
2021-02-07 16:17 - 2021-02-07 16:17 - 050449037 _____ C:\Users\Utente\Downloads\MSIAfterburnerSetup.zip
2021-02-07 16:09 - 2021-02-07 16:09 - 000000000 ____D C:\Users\Utente\AppData\Roaming\DarkSoulsII
2021-02-07 15:58 - 2021-02-07 15:59 - 000000000 ____D C:\Users\Utente\AppData\Local\Steam
2021-02-07 15:58 - 2021-02-07 15:58 - 000000000 ____D C:\Users\Utente\AppData\Local\CEF
2021-02-07 15:53 - 2021-02-07 15:53 - 000000000 ____D C:\Users\Utente\AppData\Local\OneDrive
2021-02-07 15:49 - 2021-03-08 21:10 - 000000000 ____D C:\Users\Utente\AppData\Roaming\discord
2021-02-07 15:49 - 2021-02-07 15:49 - 000000000 ____D C:\Users\Utente\AppData\Local\SquirrelTemp
2021-02-07 15:49 - 2021-02-07 15:49 - 000000000 ____D C:\Users\Utente\AppData\Local\Discord
2021-02-07 15:48 - 2021-02-18 02:21 - 000002350 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Privacy (VPN).lnk
2021-02-07 15:48 - 2021-02-07 15:48 - 001260720 _____ (Malwarebytes) C:\Users\Utente\Downloads\MBPrivacySetup.exe
2021-02-07 15:46 - 2021-02-25 20:01 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-02-07 15:46 - 2021-02-07 15:46 - 068822328 _____ (Discord Inc.) C:\Users\Utente\Downloads\DiscordSetup.exe
2021-02-07 15:45 - 2021-02-25 20:01 - 000000000 ____D C:\Program Files\Malwarebytes
2021-02-07 15:45 - 2021-02-07 15:45 - 002040904 _____ (Malwarebytes) C:\Users\Utente\Downloads\MBSetup-0009996.0009996-consumer.exe
2021-02-07 15:42 - 2021-02-07 15:42 - 000001789 _____ C:\Users\Utente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dashlane.lnk
2021-02-07 15:42 - 2021-02-07 15:42 - 000000000 ____D C:\Program Files (x86)\Dashlane
2021-02-07 15:41 - 2021-02-10 21:55 - 000000000 ____D C:\Users\Utente\AppData\Roaming\Dashlane
2021-02-07 15:41 - 2021-02-07 15:41 - 000825336 _____ (Dashlane Inc.) C:\Users\Utente\Downloads\DashlaneInst.exe
2021-02-07 15:27 - 2021-03-07 02:16 - 000002255 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-02-07 15:27 - 2021-02-07 15:27 - 000003670 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-07 15:27 - 2021-02-07 15:27 - 000003546 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-02-07 15:27 - 2021-02-07 15:27 - 000000000 ____D C:\Program Files\Google
2021-02-07 15:26 - 2021-02-07 15:30 - 000000000 ____D C:\Users\Utente\AppData\Local\Google
2021-02-07 15:26 - 2021-02-07 15:26 - 001304160 _____ (Google LLC) C:\Users\Utente\Downloads\ChromeSetup.exe
2021-02-07 15:26 - 2021-02-07 15:26 - 000000000 ____D C:\Program Files (x86)\Google
2021-02-07 15:23 - 2021-02-07 15:23 - 000000000 ____D C:\Users\Utente\AppData\Local\Comms
2021-02-07 04:01 - 2021-02-07 04:01 - 000000000 ____D C:\Users\Utente\AppData\Local\PlaceholderTileLogoFolder
2021-02-07 04:00 - 2021-02-23 18:54 - 000003364 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3491294169-2899776833-3606377185-1001
2021-02-07 04:00 - 2021-02-07 04:00 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2021-02-07 03:59 - 2021-03-04 16:03 - 000000000 ____D C:\Users\Utente\AppData\Local\Packages
2021-02-07 03:59 - 2021-02-07 15:25 - 000000000 ____D C:\ProgramData\Packages
2021-02-07 03:59 - 2021-02-07 15:23 - 000000000 ____D C:\Users\Utente\AppData\Local\ConnectedDevicesPlatform
2021-02-07 03:59 - 2021-02-07 03:59 - 000000020 ___SH C:\Users\Utente\ntuser.ini
2021-02-07 03:59 - 2021-02-07 03:59 - 000000000 ____D C:\Users\Utente\AppData\Roaming\Adobe
2021-02-07 03:59 - 2021-02-07 03:59 - 000000000 ____D C:\Users\Utente\AppData\Local\VirtualStore
2021-02-07 03:59 - 2021-02-07 03:59 - 000000000 ____D C:\Users\Utente\AppData\Local\Publishers
2021-02-07 03:35 - 2021-03-06 02:46 - 001755900 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-02-07 03:31 - 2021-02-07 03:31 - 000000000 _SHDL C:\Users\Default\AppData\Local\Dati applicazioni
2021-02-07 03:31 - 2021-02-07 03:31 - 000000000 _SHDL C:\Users\Default\AppData\Local\Cronologia
2021-02-07 03:31 - 2021-02-07 03:31 - 000000000 _SHDL C:\Users\Default User
2021-02-07 03:31 - 2021-02-07 03:31 - 000000000 _SHDL C:\Users\All Users
2021-02-07 03:31 - 2021-02-07 03:31 - 000000000 _SHDL C:\ProgramData\Modelli
2021-02-07 03:31 - 2021-02-07 03:31 - 000000000 _SHDL C:\ProgramData\Menu Avvio
2021-02-07 03:31 - 2021-02-07 03:31 - 000000000 _SHDL C:\ProgramData\Documenti
2021-02-07 03:31 - 2021-02-07 03:31 - 000000000 _SHDL C:\ProgramData\Dati applicazioni
2021-02-07 03:31 - 2021-02-07 03:31 - 000000000 _SHDL C:\Program Files\File comuni
2021-02-07 03:29 - 2021-02-07 03:29 - 000003840 _____ C:\WINDOWS\system32\Tasks\Intel PTT EK Recertification
2021-02-07 03:26 - 2021-03-06 04:41 - 000000000 ____D C:\Users\Utente
2021-02-07 03:26 - 2021-02-23 18:54 - 000002438 _____ C:\Users\Utente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-02-07 03:26 - 2021-02-07 03:26 - 000000000 _SHDL C:\Users\Utente\Risorse di stampa
2021-02-07 03:26 - 2021-02-07 03:26 - 000000000 _SHDL C:\Users\Utente\Risorse di rete
2021-02-07 03:26 - 2021-02-07 03:26 - 000000000 _SHDL C:\Users\Utente\Recenti
2021-02-07 03:26 - 2021-02-07 03:26 - 000000000 _SHDL C:\Users\Utente\Modelli
2021-02-07 03:26 - 2021-02-07 03:26 - 000000000 _SHDL C:\Users\Utente\Menu Avvio
2021-02-07 03:26 - 2021-02-07 03:26 - 000000000 _SHDL C:\Users\Utente\Impostazioni locali
2021-02-07 03:26 - 2021-02-07 03:26 - 000000000 _SHDL C:\Users\Utente\Documents\Video
2021-02-07 03:26 - 2021-02-07 03:26 - 000000000 _SHDL C:\Users\Utente\Documents\Musica
2021-02-07 03:26 - 2021-02-07 03:26 - 000000000 _SHDL C:\Users\Utente\Documents\Immagini
2021-02-07 03:26 - 2021-02-07 03:26 - 000000000 _SHDL C:\Users\Utente\Documenti
2021-02-07 03:26 - 2021-02-07 03:26 - 000000000 _SHDL C:\Users\Utente\Dati applicazioni
2021-02-07 03:26 - 2021-02-07 03:26 - 000000000 _SHDL C:\Users\Utente\AppData\Roaming\Microsoft\Windows\Start Menu\Programmi
2021-02-07 03:26 - 2021-02-07 03:26 - 000000000 _SHDL C:\Users\Utente\AppData\Local\Dati applicazioni
2021-02-07 03:26 - 2021-02-07 03:26 - 000000000 _SHDL C:\Users\Utente\AppData\Local\Cronologia
2021-02-07 03:25 - 2021-03-06 02:26 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-02-07 03:25 - 2021-03-05 02:12 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-02-07 03:25 - 2021-03-05 02:12 - 000003508 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-02-07 03:24 - 2021-03-08 16:20 - 000000000 ____D C:\ProgramData\NVIDIA
2021-02-07 03:24 - 2021-03-06 02:28 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-02-07 03:24 - 2021-03-06 02:17 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-02-07 03:24 - 2021-02-23 22:53 - 005627248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2021-02-07 03:24 - 2021-02-23 22:53 - 002635632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2021-02-07 03:24 - 2021-02-23 22:53 - 001758064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2021-02-07 03:24 - 2021-02-23 22:53 - 000990064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2021-02-07 03:24 - 2021-02-23 22:53 - 000120176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2021-02-07 03:24 - 2021-02-23 22:53 - 000082288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2021-02-07 03:24 - 2021-02-07 21:53 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-02-07 03:24 - 2021-02-07 18:53 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-02-07 03:24 - 2021-02-07 18:53 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-02-07 03:24 - 2021-02-07 03:24 - 000000000 ____H C:\ProgramData\DP45977C.lfl
2021-02-07 03:24 - 2021-02-07 03:24 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2021-02-07 03:24 - 2021-02-07 03:24 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2021-02-07 03:24 - 2021-02-07 03:24 - 000000000 ____D C:\WINDOWS\system32\DAX3
2021-02-07 03:24 - 2021-02-07 03:24 - 000000000 ____D C:\WINDOWS\system32\DAX2
2021-02-07 03:24 - 2021-02-07 03:24 - 000000000 ____D C:\ProgramData\Intel
2021-02-07 03:24 - 2021-02-07 03:24 - 000000000 ____D C:\Program Files\Realtek
2021-02-07 03:24 - 2021-02-07 03:24 - 000000000 _____ C:\WINDOWS\system32\fpfftResultsFile.txt
2021-02-07 03:24 - 2021-02-02 23:30 - 009491917 _____ C:\WINDOWS\system32\nvcoproc.bin
2021-02-07 03:24 - 2021-01-12 10:07 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2021-02-07 03:23 - 2021-03-08 20:52 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-02-07 03:23 - 2021-02-13 05:15 - 000259280 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-02-07 03:22 - 2021-02-07 03:34 - 000000000 ____D C:\WINDOWS\Panther
2021-02-07 03:21 - 2021-02-09 19:10 - 000000000 ____D C:\Windows.old
2021-02-07 03:20 - 2021-02-07 03:21 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2021-02-07 03:19 - 2021-02-07 03:34 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2021-02-07 03:19 - 2021-02-07 03:19 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2021-02-07 03:19 - 2021-02-07 03:19 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2021-02-07 03:19 - 2021-02-07 03:19 - 000000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
2021-02-07 03:19 - 2021-02-07 03:19 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2021-02-07 03:19 - 2021-02-07 03:19 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2021-02-07 03:19 - 2021-02-07 03:19 - 000000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2021-02-07 03:19 - 2021-02-07 03:19 - 000000000 ____D C:\WINDOWS\Setup
2021-02-07 03:19 - 2021-02-07 03:19 - 000000000 ____D C:\WINDOWS\OCR
2021-02-07 03:19 - 2021-02-07 03:19 - 000000000 ____D C:\WINDOWS\addins
2021-02-07 03:19 - 2021-02-07 03:19 - 000000000 ____D C:\ProgramData\ssh
2021-02-07 03:19 - 2021-02-07 03:19 - 000000000 ____D C:\Program Files\Reference Assemblies
2021-02-07 03:19 - 2021-02-07 03:19 - 000000000 ____D C:\Program Files\MSBuild
2021-02-07 03:19 - 2021-02-07 03:19 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2021-02-07 03:19 - 2021-02-07 03:19 - 000000000 ____D C:\Program Files (x86)\MSBuild
2021-02-07 03:18 - 2021-03-06 02:46 - 000779836 _____ C:\WINDOWS\system32\perfh010.dat
2021-02-07 03:18 - 2021-03-06 02:46 - 000146144 _____ C:\WINDOWS\system32\perfc010.dat
2021-02-07 03:18 - 2021-02-07 03:18 - 000341166 _____ C:\WINDOWS\system32\perfi010.dat
2021-02-07 03:18 - 2021-02-07 03:18 - 000039860 _____ C:\WINDOWS\system32\perfd010.dat
2021-02-07 03:18 - 2021-02-07 03:18 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2021-02-07 03:18 - 2021-02-07 03:18 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2021-02-07 03:18 - 2021-02-07 03:18 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep
2021-02-07 03:18 - 2021-02-07 03:18 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2021-02-07 03:18 - 2021-02-07 03:18 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2021-02-07 03:18 - 2021-02-07 03:18 - 000000000 ____D C:\WINDOWS\SysWOW64\it
2021-02-07 03:18 - 2021-02-07 03:18 - 000000000 ____D C:\WINDOWS\SysWOW64\0409
2021-02-07 03:18 - 2021-02-07 03:18 - 000000000 ____D C:\WINDOWS\system32\winrm
2021-02-07 03:18 - 2021-02-07 03:18 - 000000000 ____D C:\WINDOWS\system32\WCN
2021-02-07 03:18 - 2021-02-07 03:18 - 000000000 ____D C:\WINDOWS\system32\slmgr
2021-02-07 03:18 - 2021-02-07 03:18 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2021-02-07 03:18 - 2021-02-07 03:18 - 000000000 ____D C:\WINDOWS\system32\it
2021-02-07 03:18 - 2021-02-07 03:18 - 000000000 ____D C:\WINDOWS\system32\0409
2021-02-07 03:18 - 2021-02-07 03:18 - 000000000 ____D C:\WINDOWS\DigitalLocker
2021-02-07 03:17 - 2021-03-08 21:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-02-07 03:17 - 2021-03-08 18:30 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-02-07 03:17 - 2021-03-06 02:26 - 000000000 ___HD C:\Program Files\WindowsApps
2021-02-07 03:17 - 2021-02-25 20:11 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-02-07 03:17 - 2021-02-25 20:01 - 000000000 ___RD C:\Program Files (x86)
2021-02-07 03:17 - 2021-02-13 05:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-02-07 03:17 - 2021-02-13 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-02-07 03:17 - 2021-02-13 05:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-02-07 03:17 - 2021-02-13 05:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-02-07 03:17 - 2021-02-13 05:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-02-07 03:17 - 2021-02-13 05:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-02-07 03:17 - 2021-02-13 05:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-02-07 03:17 - 2021-02-13 05:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-07 03:17 - 2021-02-08 03:19 - 000000000 ____D C:\WINDOWS\appcompat
2021-02-07 03:17 - 2021-02-07 16:08 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-02-07 03:17 - 2021-02-07 15:24 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-02-07 03:17 - 2021-02-07 15:24 - 000000000 ____D C:\WINDOWS\ServiceState
2021-02-07 03:17 - 2021-02-07 15:24 - 000000000 ____D C:\Program Files\Windows Defender
2021-02-07 03:17 - 2021-02-07 03:34 - 000000000 ____D C:\WINDOWS\system32\spool
2021-02-07 03:17 - 2021-02-07 03:34 - 000000000 ____D C:\ProgramData\USOPrivate
2021-02-07 03:17 - 2021-02-07 03:31 - 000000000 ____D C:\Program Files\Windows NT
2021-02-07 03:17 - 2021-02-07 03:23 - 000000000 ____D C:\WINDOWS\system32\config\TxR
2021-02-07 03:17 - 2021-02-07 03:22 - 000000000 ____D C:\WINDOWS\Containers
2021-02-07 03:17 - 2021-02-07 03:21 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2021-02-07 03:17 - 2021-02-07 03:21 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-02-07 03:17 - 2021-02-07 03:21 - 000000000 ____D C:\WINDOWS\CSC
2021-02-07 03:17 - 2021-02-07 03:19 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2021-02-07 03:17 - 2021-02-07 03:19 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-02-07 03:17 - 2021-02-07 03:19 - 000000000 ____D C:\WINDOWS\system32\setup
2021-02-07 03:17 - 2021-02-07 03:19 - 000000000 ____D C:\WINDOWS\system32\MUI
2021-02-07 03:17 - 2021-02-07 03:18 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-02-07 03:17 - 2021-02-07 03:18 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-02-07 03:17 - 2021-02-07 03:18 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-02-07 03:17 - 2021-02-07 03:18 - 000000000 ___SD C:\WINDOWS\system32\dsc
2021-02-07 03:17 - 2021-02-07 03:18 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-02-07 03:17 - 2021-02-07 03:18 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-02-07 03:17 - 2021-02-07 03:18 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-02-07 03:17 - 2021-02-07 03:18 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-02-07 03:17 - 2021-02-07 03:18 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-02-07 03:17 - 2021-02-07 03:18 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-02-07 03:17 - 2021-02-07 03:18 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-02-07 03:17 - 2021-02-07 03:18 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-02-07 03:17 - 2021-02-07 03:18 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-02-07 03:17 - 2021-02-07 03:18 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-02-07 03:17 - 2021-02-07 03:18 - 000000000 ____D C:\WINDOWS\system32\Com
2021-02-07 03:17 - 2021-02-07 03:18 - 000000000 ____D C:\WINDOWS\IME
2021-02-07 03:17 - 2021-02-07 03:18 - 000000000 ____D C:\WINDOWS\Help
2021-02-07 03:17 - 2021-02-07 03:18 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-02-07 03:17 - 2021-02-07 03:18 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-02-07 03:17 - 2021-02-07 03:18 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-02-07 03:17 - 2021-02-07 03:18 - 000000000 ____D C:\Program Files (x86)\Windows NT
2021-02-07 03:17 - 2021-02-07 03:18 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 __SHD C:\WINDOWS\BitLockerDiscoveryVolumeContents
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 __SHD C:\Program Files\Windows Sidebar
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 __RSD C:\WINDOWS\Media
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ___SD C:\WINDOWS\SysWOW64\Nui
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ___SD C:\WINDOWS\system32\Nui
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ___SD C:\WINDOWS\system32\Configuration
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ___SD C:\WINDOWS\system32\AppV
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ___RD C:\WINDOWS\Offline Web Pages
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ___HD C:\WINDOWS\LanguageOverlayCache
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\Web
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\WaaS
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\Vss
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\tracing
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\TAPI
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\SysWOW64\SMI
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\SysWOW64\ras
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\SysWOW64\NDF
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\SysWOW64\Msdtc
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\SysWOW64\Ipmi
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\SysWOW64\icsxml
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\SysWOW64\Bthprops
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\SysWOW64\AppLocker
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\SystemApps
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\system32\winevt
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\system32\ti-et
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\system32\ta-lk
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\system32\ta-in
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\system32\si-lk
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\system32\ras
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\system32\ProximityToast
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\system32\PointOfService
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\system32\osa-Osge-001
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\system32\my-mm
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\system32\Ipmi
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\system32\IME
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\system32\icsxml
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\system32\ias
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\system32\Hydrogen
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\system32\GroupPolicyUsers
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\system32\GroupPolicy
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\system32\ff-Adlm-SN
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\system32\DriverState
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\system32\downlevel
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\system32\DDFs
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\system32\ContainerSettingsProviders
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\system32\config\systemprofile
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\system32\config\RegBack
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\system32\config\Journal
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\system32\Bthprops
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\system32\AppLocker
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\system32\am-et
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\System
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\SKB
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\security
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\schemas
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\SchCache
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\Resources
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\rescache
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\RemotePackages
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\Registration
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\Provisioning
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\PLA
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\Performance
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\ModemLogs
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\L2Schemas
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\InputMethod
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\IdentityCRL
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\Globalization
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\GameBarPresenceWriter
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\Cursors
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\Branding
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\ProgramData\WindowsHolographicDevices
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\ProgramData\USOShared
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\Program Files\Windows Security
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\Program Files\Windows Portable Devices
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\Program Files\ModifiableWindowsApps
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\Program Files\Common Files\Services
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
2021-02-07 03:17 - 2021-02-07 03:17 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2021-02-07 03:17 - 2021-02-07 03:16 - 000215943 _____ C:\WINDOWS\SysWOW64\dssec.dat
2021-02-07 03:17 - 2021-02-07 03:16 - 000215943 _____ C:\WINDOWS\system32\dssec.dat
2021-02-07 03:17 - 2021-02-07 03:16 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2021-02-07 03:17 - 2021-02-07 03:16 - 000017635 _____ C:\WINDOWS\system32\Drivers\etc\services
2021-02-07 03:17 - 2021-02-07 03:16 - 000003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam
2021-02-07 03:17 - 2021-02-07 03:16 - 000003103 _____ C:\WINDOWS\SysWOW64\mmc.exe.config
2021-02-07 03:17 - 2021-02-07 03:16 - 000003103 _____ C:\WINDOWS\system32\mmc.exe.config
2021-02-07 03:17 - 2021-02-07 03:16 - 000001358 _____ C:\WINDOWS\system32\Drivers\etc\protocol
2021-02-07 03:17 - 2021-02-07 03:16 - 000000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
2021-02-07 03:17 - 2021-02-07 03:16 - 000000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT
2021-02-07 03:17 - 2021-02-07 03:16 - 000000741 _____ C:\WINDOWS\system32\NOISE.DAT
2021-02-07 03:17 - 2021-02-07 03:16 - 000000407 _____ C:\WINDOWS\system32\Drivers\etc\networks
2021-02-07 03:17 - 2021-02-07 03:16 - 000000219 _____ C:\WINDOWS\system.ini
2021-02-07 03:17 - 2021-02-07 03:16 - 000000092 _____ C:\WINDOWS\win.ini
2021-02-07 03:16 - 2021-03-06 02:46 - 000000000 ____D C:\WINDOWS\INF
2021-02-07 03:14 - 2021-03-06 02:17 - 076546048 _____ C:\WINDOWS\system32\config\SOFTWARE
2021-02-07 03:14 - 2021-02-20 04:25 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-02-07 03:14 - 2021-02-20 02:54 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-02-07 03:14 - 2021-02-17 03:31 - 002097152 _____ C:\WINDOWS\system32\config\DEFAULT
2021-02-07 03:14 - 2021-02-13 05:15 - 014942208 _____ C:\WINDOWS\system32\config\SYSTEM
2021-02-07 03:14 - 2021-02-13 05:15 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-02-07 03:14 - 2021-02-13 05:15 - 000032768 _____ C:\WINDOWS\system32\config\SECURITY
2021-02-07 03:14 - 2021-02-13 05:14 - 000131072 _____ C:\WINDOWS\system32\config\SAM
2021-02-07 03:14 - 2021-02-13 05:14 - 000000000 ____D C:\WINDOWS\servicing
2021-02-07 03:14 - 2021-02-07 03:17 - 000000000 ____D C:\WINDOWS\system32\SMI
2021-02-06 16:33 - 2021-02-06 16:33 - 000036684 _____ C:\Users\Utente\Downloads\bonificoSct_06_02_2021_16_33_25.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-08 16:17 - 2018-03-23 19:15 - 000000000 ___RD C:\Users\Utente\OneDrive
2021-03-06 02:17 - 2020-09-21 13:50 - 000008192 ___SH C:\DumpStack.log.tmp
2021-02-24 13:50 - 2020-12-09 17:26 - 000655664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-02-24 13:42 - 2020-12-09 17:26 - 007117744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-02-24 13:42 - 2020-12-09 17:26 - 006072896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-02-24 02:51 - 2020-12-09 17:26 - 000061257 _____ C:\WINDOWS\system32\nvinfo.pb
2021-02-18 04:00 - 2019-04-18 03:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SQUARE ENIX
2021-02-18 02:44 - 2018-04-19 23:13 - 000000000 ____D C:\Riot Games
2021-02-18 02:43 - 2019-10-18 19:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
2021-02-16 23:34 - 2018-03-23 20:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2021-02-16 22:52 - 2019-07-25 01:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft Launcher
2021-02-11 18:22 - 2018-04-19 23:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2021-02-10 17:12 - 2019-02-09 18:14 - 000000000 ___HD C:\adobeTemp
2021-02-07 18:25 - 2018-05-14 13:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2021-02-07 16:33 - 2018-06-18 13:39 - 000000000 ____D C:\Users\Utente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2021-02-07 15:52 - 2020-05-03 03:36 - 000000000 ____D C:\Users\Utente\Documents\Files
2021-02-07 15:51 - 2019-04-28 02:07 - 000000000 ____D C:\Users\Utente\Documents\Cleaning Programs
2021-02-07 15:49 - 2018-03-24 20:50 - 000000000 ____D C:\Users\Utente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2021-02-07 03:59 - 2018-03-23 19:13 - 000000000 ___RD C:\Users\Utente\3D Objects
2021-02-07 03:30 - 2018-06-18 13:40 - 000000000 ____D C:\Users\Utente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2021-02-07 03:30 - 2018-06-08 18:29 - 000000000 ____D C:\Users\Utente\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2021-02-07 03:21 - 2020-12-07 16:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 7.2
2021-02-07 03:21 - 2020-08-14 19:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GShade
2021-02-07 03:21 - 2019-05-22 14:03 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tavoletta Wacom
2021-02-07 03:21 - 2018-03-25 14:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2021-02-07 03:21 - 2018-03-25 10:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2021-02-07 03:21 - 2018-03-23 20:26 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 6.0
2021-02-07 03:21 - 2018-03-23 20:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 2017
2021-02-07 03:21 - 2018-03-23 20:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2021-02-07 03:21 - 2018-03-23 20:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safe In Cloud
2021-02-07 03:21 - 2018-03-23 20:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2021-02-07 03:21 - 2018-03-23 20:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2021-02-07 03:21 - 2018-03-23 19:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
2021-02-07 02:46 - 2018-03-25 14:50 - 000000000 ____D C:\Users\Utente\Documents\.txt files
2021-02-07 02:06 - 2021-01-21 17:34 - 000000000 ____D C:\Users\Utente\Documents\Fatture Pagate

==================== Files in the root of some directories ========

2021-02-17 18:11 - 2021-02-17 18:11 - 000007600 _____ () C:\Users\Utente\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-02-2021
Ran by Utente (08-03-2021 21:12:15)
Running from C:\Users\Utente\Desktop
Windows 10 Pro Version 20H2 19042.804 (X64) (2021-02-07 02:34:26)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3491294169-2899776833-3606377185-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3491294169-2899776833-3606377185-503 - Limited - Disabled)
Guest (S-1-5-21-3491294169-2899776833-3606377185-501 - Limited - Disabled)
Utente (S-1-5-21-3491294169-2899776833-3606377185-1001 - Administrator - Enabled) => C:\Users\Utente
WDAGUtilityAccount (S-1-5-21-3491294169-2899776833-3606377185-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Aggiornamenti NVIDIA 38.0.6.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.6.0 - NVIDIA Corporation) Hidden
CacheMonkey 1.0.7 (HKU\S-1-5-21-3491294169-2899776833-3606377185-1001\...\f6b5091c-a34d-5b57-8d96-ee63f82ea7c3) (Version: 1.0.7 - Jamie Pine)
Dashlane (HKU\S-1-5-21-3491294169-2899776833-3606377185-1001\...\Dashlane) (Version: 6.2105.0.43225 - Dashlane, Inc.)
Discord (HKU\S-1-5-21-3491294169-2899776833-3606377185-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
FINAL FANTASY XIV ONLINE (HKLM-x32\...\{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}) (Version: 1.0.0000 - SQUARE ENIX CO., LTD.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 89.0.4389.82 - Google LLC)
Java 8 Update 281 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180281F0}) (Version: 8.0.2810.9 - Oracle Corporation)
League of Legends (HKU\S-1-5-21-3491294169-2899776833-3606377185-1001\...\Riot Game league_of_legends.live) (Version:  - Riot Games, Inc)
Malwarebytes Privacy version 2.7.0.532 (HKLM\...\{934873BE-C9BC-4F19-B698-9B3E3F8FF07F}_is1) (Version: 2.7.0.532 - Malwarebytes)
Malwarebytes Privacy VPN Tunnel Driver (HKLM\...\{FEE4A372-663C-47A0-BD08-A6C34320DC52}) (Version: 1.0.0.0 - Malwarebytes)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.45 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.63 - )
Microsoft OneDrive (HKU\S-1-5-21-3491294169-2899776833-3606377185-1001\...\OneDriveSetup.exe) (Version: 21.016.0124.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{836613A9-879F-427F-8522-52B357801273}) (Version: 1.0.0.0 - Mojang)
MSI Afterburner 4.6.2 (HKLM-x32\...\Afterburner) (Version: 4.6.2 - MSI Co., LTD)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA Driver audio HD 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA Driver grafico 461.72 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 461.72 - NVIDIA Corporation)
NVIDIA FrameView SDK 1.1.4923.29548709 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29548709 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.21.0.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.21.0.36 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NVIDIA USBC Driver 1.46.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.46.831.832 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
NZXT CAM 4.20.0 (HKLM\...\ac0666ae-ee66-5310-ac01-9d6348133b2d) (Version: 4.20.0 - NZXT, Inc.)
Pannello di controllo NVIDIA 461.72 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 461.72 - NVIDIA Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8746.1 - Realtek Semiconductor Corp.)
Spotify (HKU\S-1-5-21-3491294169-2899776833-3606377185-1001\...\Spotify) (Version: 1.1.52.687.gf5565fe5 - Spotify AB)

Packages:
=========
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-02-07] (Microsoft Studios) [MS Ad]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.19.234.0_x64__dt26b99r8h8gj [2021-02-07] (Realtek Semiconductor Corp)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-02-25] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2021-02-23] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-02-25] (Malwarebytes Corporation -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2021-03-04 19:41 - 2019-02-21 17:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2021-02-07 15:48 - 2021-02-18 02:20 - 000007168 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Program Files\Malwarebytes\Privacy\UI\Microsoft.Win32.Primitives.dll
2021-02-07 15:48 - 2021-02-18 02:20 - 000033280 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Program Files\Malwarebytes\Privacy\UI\Microsoft.Win32.Registry.dll
2021-02-07 15:48 - 2021-02-18 02:20 - 000039936 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Program Files\Malwarebytes\Privacy\UI\Microsoft.Win32.SystemEvents.dll
2021-02-07 15:48 - 2021-02-18 02:20 - 000038400 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Program Files\Malwarebytes\Privacy\UI\mscorlib.dll
2021-02-07 15:48 - 2021-02-18 02:20 - 000065536 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Program Files\Malwarebytes\Privacy\UI\netstandard.dll
2021-02-07 15:48 - 2021-02-18 02:20 - 003405824 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Program Files\Malwarebytes\Privacy\UI\PresentationCore.dll
2021-02-07 15:48 - 2021-02-18 02:20 - 000241664 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Program Files\Malwarebytes\Privacy\UI\PresentationFramework.Aero2.dll
2021-02-07 15:48 - 2021-02-18 02:20 - 005783552 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Program Files\Malwarebytes\Privacy\UI\PresentationFramework.dll
2021-02-07 15:48 - 2021-02-18 02:20 - 000007680 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Program Files\Malwarebytes\Privacy\UI\PresentationFramework-SystemData.dll
2021-02-07 15:48 - 2021-02-18 02:20 - 000007680 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Program Files\Malwarebytes\Privacy\UI\PresentationFramework-SystemXml.dll
2021-02-07 15:48 - 2021-02-18 02:20 - 000034304 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Program Files\Malwarebytes\Privacy\UI\System.Collections.NonGeneric.dll
2021-02-07 15:48 - 2021-02-18 02:20 - 000031744 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Program Files\Malwarebytes\Privacy\UI\System.Collections.Specialized.dll
2021-02-07 15:48 - 2021-02-18 02:20 - 000005120 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Program Files\Malwarebytes\Privacy\UI\System.ComponentModel.dll
2021-02-07 15:48 - 2021-02-18 02:20 - 000013824 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Program Files\Malwarebytes\Privacy\UI\System.ComponentModel.EventBasedAsync.dll
2021-02-07 15:48 - 2021-02-18 02:20 - 000020992 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Program Files\Malwarebytes\Privacy\UI\System.ComponentModel.Primitives.dll
2021-02-07 15:48 - 2021-02-18 02:20 - 000258560 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Program Files\Malwarebytes\Privacy\UI\System.ComponentModel.TypeConverter.dll
2021-02-07 15:48 - 2021-02-18 02:20 - 000365056 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Program Files\Malwarebytes\Privacy\UI\System.Configuration.ConfigurationManager.dll
2021-02-07 15:48 - 2021-02-18 02:20 - 000949248 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Program Files\Malwarebytes\Privacy\UI\System.Data.Common.dll
2021-02-07 15:48 - 2021-02-18 02:20 - 000104960 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Program Files\Malwarebytes\Privacy\UI\System.Diagnostics.Process.dll
2021-02-07 15:48 - 2021-02-18 02:20 - 000403456 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Program Files\Malwarebytes\Privacy\UI\System.Drawing.Common.dll
2021-02-07 15:48 - 2021-02-18 02:20 - 000047104 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Program Files\Malwarebytes\Privacy\UI\System.Drawing.Primitives.dll
2021-02-07 15:48 - 2021-02-18 02:20 - 000085504 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Program Files\Malwarebytes\Privacy\UI\System.IO.FileSystem.dll
2021-02-07 15:48 - 2021-02-18 02:20 - 000108032 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Program Files\Malwarebytes\Privacy\UI\System.IO.Packaging.dll
2021-02-07 15:48 - 2021-02-18 02:20 - 000053760 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Program Files\Malwarebytes\Privacy\UI\System.IO.Pipes.dll
2021-02-07 15:48 - 2021-02-18 02:20 - 000126976 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Program Files\Malwarebytes\Privacy\UI\System.Linq.dll
2021-02-07 15:48 - 2021-02-18 02:20 - 000540672 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Program Files\Malwarebytes\Privacy\UI\System.Linq.Expressions.dll
2021-02-07 15:48 - 2021-02-18 02:20 - 000079360 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Program Files\Malwarebytes\Privacy\UI\System.Net.Primitives.dll
2021-02-07 15:48 - 2021-02-18 02:20 - 000129536 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Program Files\Malwarebytes\Privacy\UI\System.Net.Requests.dll
2021-02-07 15:48 - 2021-02-18 02:20 - 000056832 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Program Files\Malwarebytes\Privacy\UI\System.Net.WebClient.dll
2021-02-07 15:48 - 2021-02-18 02:20 - 000025600 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Program Files\Malwarebytes\Privacy\UI\System.Net.WebHeaderCollection.dll
2021-02-07 15:48 - 2021-02-18 02:20 - 000034816 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Program Files\Malwarebytes\Privacy\UI\System.ObjectModel.dll
2021-02-07 15:48 - 2021-02-18 02:20 - 003053568 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Program Files\Malwarebytes\Privacy\UI\System.Private.Xml.dll
2021-02-07 15:48 - 2021-02-18 02:20 - 000006144 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Program Files\Malwarebytes\Privacy\UI\System.Runtime.CompilerServices.VisualC.dll
2021-02-07 15:48 - 2021-02-18 02:20 - 000062464 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Program Files\Malwarebytes\Privacy\UI\System.Runtime.Numerics.dll
2021-02-07 15:48 - 2021-02-18 02:20 - 000010240 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Program Files\Malwarebytes\Privacy\UI\System.Runtime.Serialization.Primitives.dll
2021-02-07 15:48 - 2021-02-18 02:20 - 000078336 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Program Files\Malwarebytes\Privacy\UI\System.Security.AccessControl.dll
2021-02-07 15:48 - 2021-02-18 02:20 - 000038400 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Program Files\Malwarebytes\Privacy\UI\System.Security.Claims.dll
2021-02-07 15:48 - 2021-02-18 02:20 - 000224768 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Program Files\Malwarebytes\Privacy\UI\System.Security.Cryptography.Algorithms.dll
2021-02-07 15:48 - 2021-02-18 02:20 - 000059904 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Program Files\Malwarebytes\Privacy\UI\System.Security.Principal.Windows.dll
2021-02-07 15:48 - 2021-02-18 02:20 - 000136192 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Program Files\Malwarebytes\Privacy\UI\System.Text.RegularExpressions.dll
2021-02-07 15:48 - 2021-02-18 02:20 - 000733696 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Program Files\Malwarebytes\Privacy\UI\System.Windows.Controls.Ribbon.dll
2021-02-07 15:48 - 2021-02-18 02:20 - 000046080 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Program Files\Malwarebytes\Privacy\UI\System.Windows.Extensions.dll
2021-02-07 15:48 - 2021-02-18 02:20 - 006714880 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Program Files\Malwarebytes\Privacy\UI\System.Windows.Forms.dll
2021-02-07 15:48 - 2021-02-18 02:20 - 000564224 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Program Files\Malwarebytes\Privacy\UI\System.Xaml.dll
2021-02-07 15:48 - 2021-02-18 02:20 - 000032256 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Program Files\Malwarebytes\Privacy\UI\UIAutomationProvider.dll
2021-02-07 15:48 - 2021-02-18 02:20 - 000200192 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Program Files\Malwarebytes\Privacy\UI\UIAutomationTypes.dll
2021-02-07 15:48 - 2021-02-18 02:20 - 001046016 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Program Files\Malwarebytes\Privacy\UI\WindowsBase.dll
2021-02-07 15:48 - 2021-02-18 02:20 - 000085504 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Program Files\Malwarebytes\Privacy\UI\WindowsFormsIntegration.dll
2021-02-07 15:48 - 2021-02-18 02:20 - 000683008 _____ (Newtonsoft) [File not signed] [File is in use] C:\Program Files\Malwarebytes\Privacy\UI\Newtonsoft.Json.dll
2021-02-07 15:48 - 2021-02-18 02:20 - 000126976 _____ (Serilog Contributors) [File not signed] [File is in use] C:\Program Files\Malwarebytes\Privacy\UI\Serilog.dll
2021-02-07 15:48 - 2021-02-18 02:20 - 000027648 _____ (Serilog Contributors) [File not signed] [File is in use] C:\Program Files\Malwarebytes\Privacy\UI\Serilog.Sinks.File.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBVpnService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBVpnService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_281\bin\ssv.dll [2021-02-16] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_281\bin\jp2ssv.dll [2021-02-16] (Oracle America, Inc. -> Oracle Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2021-02-07 03:17 - 2021-02-07 03:16 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common
HKU\S-1-5-21-3491294169-2899776833-3606377185-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Utente\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\blade-runner-2049-logo-5k-hn.jpg
DNS Servers: 10.64.0.1 - 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{A0F6E4B5-44E3-4E73-A68E-5EAC577A7EC3}] => (Allow) D:\Steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{D9E7CDE0-C69A-4B2D-839D-495B5C022D57}] => (Allow) D:\Steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{8B54552F-6B0E-4E75-8D8A-3C39C178869F}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{66A62071-C3FE-4296-8310-D78B95F2B141}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{4F32C9BA-9F8C-49CB-9408-0B460E55BF75}] => (Allow) D:\Steam\steamapps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe => No File
FirewallRules: [{89BDE6E8-DB99-48CC-883B-F585FD1F838C}] => (Allow) D:\Steam\steamapps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe => No File
FirewallRules: [{DB9F3090-0393-475A-9DF1-FF8487E22ACB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C78F5462-CA0C-4340-B322-6E29D0AF5E21}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4B850B99-F1BB-400A-8BF1-8C8663A281DD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3A1CDD6C-7042-4374-9394-B737DA1653AA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A41A48C6-7B86-43C1-96C5-D36E080CFEBA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{908F113C-6A17-4F18-8878-D1C12D53F8C2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6A0EBDC2-D24F-4645-8B56-103E8E30029A}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> )
FirewallRules: [{529E2D57-43A4-45A2-AF8F-E5E87E54E685}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\launcher.exe (Skutta, Kristjan -> )
FirewallRules: [{2AD8D222-480B-48D6-B304-4EE29E8DBBF4}] => (Allow) D:\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [File not signed]
FirewallRules: [{FB139BCB-72B8-45D6-A508-AB636CD6F2AA}] => (Allow) D:\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [File not signed]
FirewallRules: [TCP Query User{C9965FC6-350B-4BD9-85A9-AD68CAB48182}C:\users\utente\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\utente\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{843CBAA3-78F6-4C02-8A0C-7AAEF5A1A56E}C:\users\utente\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\utente\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6B4BBE79-21C5-4FCA-BB80-02D3D751D954}] => (Block) C:\users\utente\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A2AAF531-194E-48EF-8F83-3B454B7B252B}] => (Block) C:\users\utente\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CE797BE2-2CC5-4186-B42A-A1CEBAD83286}] => (Allow) D:\Steam\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe (FromSoftware,Inc. -> BANDAI NAMCO Entertainment Inc.)
FirewallRules: [{A913FE86-1049-466D-8A0F-4B1343E9B100}] => (Allow) D:\Steam\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe (FromSoftware,Inc. -> BANDAI NAMCO Entertainment Inc.)
FirewallRules: [{6ED66AB2-BAB4-44AA-A4B8-D3059B99B3F2}] => (Allow) D:\Steam\steamapps\common\Ori DE\oriDE.exe () [File not signed]
FirewallRules: [{7C794F21-E166-4E38-96E6-8C006795F297}] => (Allow) D:\Steam\steamapps\common\Ori DE\oriDE.exe () [File not signed]
FirewallRules: [TCP Query User{959461CC-C824-4173-BF14-811E32922B3A}C:\program files (x86)\common files\oracle\java\javapath_target_289891734\java.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_289891734\java.exe
FirewallRules: [UDP Query User{6B8C4AB2-A49D-4640-8BDF-A18282C09688}C:\program files (x86)\common files\oracle\java\javapath_target_289891734\java.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_289891734\java.exe
FirewallRules: [TCP Query User{8E47B34E-B6F6-473E-B53B-1CD8555FCBFE}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [UDP Query User{B6EF4AEF-C585-419B-B986-EF5F347D2C26}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [{9F99BF2B-A1CE-4526-8AA7-7FE3906638FE}] => (Allow) C:\Program Files (x86)\Minecraft Launcher\MinecraftLauncher.exe (Mojang AB -> Mojang)
FirewallRules: [{630E34CB-9FFC-44B6-AAD7-91F9562A758C}] => (Allow) C:\Program Files (x86)\Minecraft Launcher\MinecraftLauncher.exe (Mojang AB -> Mojang)
FirewallRules: [{32B317FC-C283-43CA-9766-5B013D82708E}] => (Allow) C:\Program Files (x86)\Minecraft Launcher\MinecraftLauncher.exe (Mojang AB -> Mojang)
FirewallRules: [{371553C9-D618-41B6-8095-E9BA331C6E38}] => (Allow) C:\Program Files (x86)\Minecraft Launcher\MinecraftLauncher.exe (Mojang AB -> Mojang)
FirewallRules: [{976A62AE-3084-4F33-B9C8-3EA6B6D99714}] => (Allow) LPort=25565
FirewallRules: [{F122B397-6D83-4486-931E-BBBF6A435A7C}] => (Allow) LPort=25565
FirewallRules: [{52DAFF12-0F9F-4911-B5B8-EBA2F4454205}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{D22F0172-EEFA-4657-9BEA-27ACC525C678}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{67A190B8-A7F1-4851-ADE3-186A9855BDB5}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [{7EDBE42C-EBDA-4D1A-8E6D-BDB8941F29AE}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe (SQUARE ENIX CO., LTD. -> SQUARE ENIX CO., LTD.)
FirewallRules: [TCP Query User{82F9F08E-7B84-4C15-9747-3CD182C58DB5}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{33127C86-C1E4-4040-8F9C-31972AE376D1}C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [{3ADBC292-DB70-4DC8-992C-03079EE3C484}] => (Allow) D:\Steam\steamapps\common\tModLoader\tModLoader.exe (Re-Logic) [File not signed]
FirewallRules: [{16DA9261-A32A-4B6B-B0B3-8728B0F2D637}] => (Allow) D:\Steam\steamapps\common\tModLoader\tModLoader.exe (Re-Logic) [File not signed]
FirewallRules: [{242D3320-C2D3-435E-A33A-4EE990B416CB}] => (Allow) D:\Steam\steamapps\common\Gunfire Reborn\Gunfire Reborn.exe (广州多益网络股份有限公司 -> )
FirewallRules: [{94C4149C-D99B-4258-82DC-F954CD0BF3E8}] => (Allow) D:\Steam\steamapps\common\Gunfire Reborn\Gunfire Reborn.exe (广州多益网络股份有限公司 -> )
FirewallRules: [{0EBC6363-F2EC-4A14-8A9E-528CE1E0CF69}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [{7B4BF75A-AA93-4A44-81F4-CC42682A28CE}] => (Allow) D:\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe (Skutta, Kristjan -> )
FirewallRules: [{A6C8697F-387D-4B1D-AA67-33720EEF27DC}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{814F9AD0-4718-4445-8D1F-65C675D486D7}] => (Allow) D:\Steam\steamapps\common\Phasmophobia\Phasmophobia.exe () [File not signed]
FirewallRules: [{77CB47F9-B3EE-4754-A11C-515816F33E49}] => (Allow) D:\Steam\steamapps\common\Phasmophobia\Phasmophobia.exe () [File not signed]

==================== Restore Points =========================

20-02-2021 04:25:19 Programma di installazione dei moduli di Windows
02-03-2021 01:06:09 Punto di controllo pianificato

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/08/2021 06:32:14 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Il motore di ottimizzazione archiviazione non ha potuto completare riottimizzazione in Dati (D:) per il motivo seguente: L'operazione richiesta non è supportata dall'hardware di supporto del volume. (0x8900002A)

Error: (03/08/2021 02:35:33 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Il programma javaw.exe versione 8.0.51.16 non interagisce più con Windows ed è stato chiuso. Per vedere se sono disponibili ulteriori informazioni sul problema, verificare la cronologia del problema in Sicurezza e manutenzione nel Pannello di controllo.

ID processo: 1770

Ora di avvio: 01d713b60f92ec98

Ora di chiusura: 32

Percorso applicazione: C:\Program Files (x86)\Minecraft Launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe

ID segnalazione: da47f7b3-ff43-44e6-ab79-64b126599d79

Nome completo pacchetto che ha generato l'errore: 

ID applicazione relativo al pacchetto che ha generato l'errore: 

Tipo interruzione: Unknown

Error: (03/07/2021 01:20:46 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Il programma javaw.exe versione 8.0.51.16 non interagisce più con Windows ed è stato chiuso. Per vedere se sono disponibili ulteriori informazioni sul problema, verificare la cronologia del problema in Sicurezza e manutenzione nel Pannello di controllo.

ID processo: 3d58

Ora di avvio: 01d712e175ee85ff

Ora di chiusura: 9

Percorso applicazione: C:\Program Files (x86)\Minecraft Launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe

ID segnalazione: c94fa411-a410-447d-b9ff-4ae489715e16

Nome completo pacchetto che ha generato l'errore: 

ID applicazione relativo al pacchetto che ha generato l'errore: 

Tipo interruzione: Unknown

Error: (03/06/2021 03:53:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome dell'applicazione che ha generato l'errore: mbamtray.exe, versione: 4.0.0.897, timestamp: 0x6019d411
Nome del modulo che ha generato l'errore: Qt5Core.dll, versione: 5.14.1.0, timestamp: 0x5f84e8d4
Codice eccezione: 0xc0000005
Offset errore 0x0000000000219dc5
ID processo che ha generato l'errore: 0x30d4
Ora di avvio dell'applicazione che ha generato l'errore: 0x01d7128fc7fc3787
Percorso dell'applicazione che ha generato l'errore: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Percorso del modulo che ha generato l'errore: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
ID segnalazione: 8692bdcb-3938-4704-b1dc-52aa04fea66b
Nome completo pacchetto che ha generato l'errore: 
ID applicazione relativo al pacchetto che ha generato l'errore:

Error: (03/04/2021 01:49:52 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Il programma javaw.exe versione 8.0.51.16 non interagisce più con Windows ed è stato chiuso. Per vedere se sono disponibili ulteriori informazioni sul problema, verificare la cronologia del problema in Sicurezza e manutenzione nel Pannello di controllo.

ID processo: 15a8

Ora di avvio: 01d7108e309abdf6

Ora di chiusura: 4

Percorso applicazione: C:\Program Files (x86)\Minecraft Launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe

ID segnalazione: 235dee8b-4d5a-4964-9f64-f626edc874d9

Nome completo pacchetto che ha generato l'errore: 

ID applicazione relativo al pacchetto che ha generato l'errore: 

Tipo interruzione: Unknown

Error: (03/03/2021 09:12:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome dell'applicazione che ha generato l'errore: mbamtray.exe, versione: 4.0.0.897, timestamp: 0x6019d411
Nome del modulo che ha generato l'errore: Qt5Core.dll, versione: 5.14.1.0, timestamp: 0x5f84e8d4
Codice eccezione: 0xc0000005
Offset errore 0x0000000000219dc5
ID processo che ha generato l'errore: 0x2988
Ora di avvio dell'applicazione che ha generato l'errore: 0x01d71064441ae55b
Percorso dell'applicazione che ha generato l'errore: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Percorso del modulo che ha generato l'errore: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
ID segnalazione: b433cacc-9692-4312-b3ca-b4988c2075e0
Nome completo pacchetto che ha generato l'errore: 
ID applicazione relativo al pacchetto che ha generato l'errore:

Error: (03/03/2021 03:02:45 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Il programma javaw.exe versione 8.0.51.16 non interagisce più con Windows ed è stato chiuso. Per vedere se sono disponibili ulteriori informazioni sul problema, verificare la cronologia del problema in Sicurezza e manutenzione nel Pannello di controllo.

ID processo: 16a4

Ora di avvio: 01d70fc4eaa1fbc7

Ora di chiusura: 8

Percorso applicazione: C:\Program Files (x86)\Minecraft Launcher\runtime\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe

ID segnalazione: 4f587a81-764d-4725-a495-0a4c699796ff

Nome completo pacchetto che ha generato l'errore: 

ID applicazione relativo al pacchetto che ha generato l'errore: 

Tipo interruzione: Unknown

Error: (03/01/2021 08:34:10 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Il motore di ottimizzazione archiviazione non ha potuto completare riottimizzazione in Dati (D:) per il motivo seguente: L'operazione richiesta non è supportata dall'hardware di supporto del volume. (0x8900002A)


System errors:
=============
Error: (03/06/2021 02:17:46 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Precedente arresto del sistema inatteso a 01:53:13 su ‎06/‎03/‎2021.

Error: (03/05/2021 07:34:47 PM) (Source: DCOM) (EventID: 10010) (User: MAXINE)
Description: Il server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} non ha effettuato la registrazione con DCOM nel tempo richiesto.

Error: (03/05/2021 07:34:47 PM) (Source: DCOM) (EventID: 10010) (User: MAXINE)
Description: Il server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} non ha effettuato la registrazione con DCOM nel tempo richiesto.

Error: (03/05/2021 07:34:45 PM) (Source: DCOM) (EventID: 10010) (User: MAXINE)
Description: Il server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} non ha effettuato la registrazione con DCOM nel tempo richiesto.

Error: (03/04/2021 04:05:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Il servizio Intel® SGX AESM è stato arrestato in modo imprevisto. Questo problema si è verificato 1 volta/e. Le seguenti azioni di correzione saranno eseguite tra 3000 millisecondi: Riavvia il servizio.

Error: (03/04/2021 04:05:43 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Servizio Intel® SGX AESM terminato con l'errore: 
Errore non specificato.

Error: (03/03/2021 03:54:47 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Il servizio NVIDIA LocalSystem Container è stato arrestato in modo imprevisto. Questo problema si è verificato 1 volta/e. Le seguenti azioni di correzione saranno eseguite tra 6000 millisecondi: Riavvia il servizio.

Error: (03/03/2021 03:54:47 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Servizio NVIDIA LocalSystem Container terminato con l'errore: 
Un comando eseguibile generico ha restituito un risultato indicante un errore.


Windows Defender:
================
Date: 2021-03-08 18:30:04
Description: 
Microsoft Defender Antivirus: analisi interrotta prima del completamento.
ID analisi: {5D8D3A1C-523B-46FC-8074-923DC023704D}
Tipo analisi: Antimalware
Parametri analisi: Analisi veloce
Utente: NT AUTHORITY\SYSTEM

Date: 2021-03-08 00:05:45
Description: 
Microsoft Defender Antivirus: analisi interrotta prima del completamento.
ID analisi: {92BB4BF7-1CA3-47CA-AEA4-E67744E0267F}
Tipo analisi: Antimalware
Parametri analisi: Analisi veloce
Utente: NT AUTHORITY\SYSTEM

Date: 2021-03-04 17:17:44
Description: 
Microsoft Defender Antivirus: analisi interrotta prima del completamento.
ID analisi: {4697D7E1-4278-4500-9B9A-F7CA42194224}
Tipo analisi: Antimalware
Parametri analisi: Analisi veloce
Utente: NT AUTHORITY\SYSTEM

Date: 2021-03-03 18:15:14
Description: 
Microsoft Defender Antivirus: analisi interrotta prima del completamento.
ID analisi: {C8963E06-6CB3-4A35-A3D6-8C6143E7DBF3}
Tipo analisi: Antimalware
Parametri analisi: Analisi veloce
Utente: NT AUTHORITY\SYSTEM

Date: 2021-03-02 17:00:27
Description: 
Microsoft Defender Antivirus: analisi interrotta prima del completamento.
ID analisi: {71E0DC14-6CC3-4BB0-B138-802D6BF09026}
Tipo analisi: Antimalware
Parametri analisi: Analisi veloce
Utente: NT AUTHORITY\SYSTEM

==================== Memory info =========================== 

BIOS: American Megatrends Inc. 1.20 12/20/2017
Motherboard: Micro-Star International Co., Ltd. Z370 GAMING PLUS (MS-7B61)
Processor: Intel(R) Core(TM) i5-8600K CPU @ 3.60GHz
Percentage of memory in use: 39%
Total physical RAM: 16308.56 MB
Available physical RAM: 9795.61 MB
Total Virtual: 35652.05 MB
Available Virtual: 24719.7 MB

==================== Drives ================================

Drive c: (WindowsSSD) (Fixed) (Total:209 GB) (Free:63.22 GB) NTFS
Drive d: (Dati) (Fixed) (Total:931.39 GB) (Free:677.99 GB) NTFS

\\?\Volume{7cb63587-ee74-4635-8058-ac68f401e584}\ () (Fixed) (Total:0.49 GB) (Free:0.04 GB) NTFS
\\?\Volume{aeefd62f-2ab3-4928-8db6-39cf0b4b8883}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 232.9 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

Link to post
Share on other sites

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Please review the following for Tips to help protect from infection

Thank you

 

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.