• Fai una domanda
    Vedi gli ultimi post
    NOTIZIE TECNICHE appassionati di computer e utenti esperti.
    Fai una domanda e fornisci supporto.
    richiede solo un minuto.
  • Forum
  • Software
  • Rimozione di virus e malware
  • Post di oggi

risolto PRODOTTO ~ 1.EXE: che cos'è e come posso rimuoverlo?

  • Avvia discussione malsaurus
  • Data d'inizio
M

malsaurus

Membro TS
  • #1
Se stai leggendo questo, grazie per aver dedicato del tempo alla disperazione. Non so cosa sia, una specie di virus cavallo di Troia per quanto ne so? Ho provato a utilizzare Microsoft Security Essentials per un po 'e a disinstallare questo tipo di aggiornamento, ma ancora qui mi dà fastidio e per qualche motivo non riesco a trovare il file di posizione sul mio computer. Indipendentemente da ciò, se non va bene per il mio laptop, come posso disinstallarlo e come farlo rapidamente (senza scaricare nulla se possibile). Grazie per esserti preso il tempo di leggere.

Allegati

  • SUPERVirus.PNG
    SUPERVirus.PNG
    310,3 KB Visualizzazioni: 0
arma

arma

Malware Exterminator
  • #2
Benvenuto a bordo


Completa tutti i passaggi elencati qui: /community/topics/updated-4-step-viruses-spyware-malware-removal-preliminary-instructions.58138/
Assicurati che tutti i log siano INCOLLATI. Se alcuni log superano il limite di 50.000 caratteri per la pubblicazione, suddividilo tra più risposte.
I registri aggiunti non vengono esaminati.

Si prega di seguire le regole seguenti:
  • Leggi tutte le mie istruzioni con molta attenzione. I tuoi errori durante il processo di pulizia possono avere conseguenze molto gravi, come un computer non avviabile.
  • Se sei bloccato o non sei sicuro di un passaggio specifico, chiedi sempre prima di fare qualsiasi altra cosa.
  • Evita di applicare strumenti, correzioni o modifiche al tuo computer diversi da quelli che raccomando.
  • Non eseguire mai più di una scansione alla volta.
  • Continua ad aggiornarmi riguardo al tuo comportamento buono o cattivo del computer.
  • Dopo che il processo di pulizia è iniziato, dovrebbe essere completato. Anche se il tuo computer sembra funzionare meglio, potrebbe essere infetto. Ti farò sicuramente sapere dopo che il computer sarà completamente pulito.
  • Se lasci l'argomento nel mezzo di una pulizia senza spiegazione, potresti non essere idoneo per ulteriore assistenza sul forum per la rimozione del malware.
  • Se non hai risposto entro 5 giorni, chiudo gli argomenti. Se hai bisogno di più tempo, fammelo sapere. Se ho chiuso il thread e devo riavviare, inviami un messaggio di PM.
M

malsaurus

Membro TS
  • #3
Perfetto ma cosa e cosa devo fare?
arma

arma

Malware Exterminator
  • #4
Devi fare esattamente quello che ho detto nella mia risposta precedente.
Probabilmente rileggilo attentamente.
M

malsaurus

Membro TS
  • #5
Spiacenti, FRST64.exe scaricherà e fornirà i log il prima possibile. È difficile con questi avvisi che chiedono di apportare modifiche, poiché penso che sia un virus.
arma

arma

Malware Exterminator
  • #6
OK.
M

malsaurus

Membro TS
  • #7
Risultato della scansione Farbar Recovery Scan Tool (FRST) (x64) Versione: 08.11.2018
Gestito da Tom (ATTENZIONE: l'utente non è amministratore) su TOMDELL (10-11-2018 10:51:51)
Esegui da C: \ Users \ Tom \ Downloads
Profili installati: jl e Tom (profili correnti: jl e Tom)
Piattaforma: Windows 7 Professional Service Pack 1 (X64) Lingua: inglese (USA)
Internet Explorer Ver.11 (browser predefinito: FF)
Modalità di avvio: normale
Tutorial sullo strumento di scansione di ripristino Farbar: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processi (autorizzati) =================

(Se viene aggiunta una voce all'elenco delle correzioni, il processo viene chiuso. Il file non viene spostato.)

Impossibile accedere al processo -> smss.exe
Impossibile accedere al processo -> csrss.exe
Impossibile accedere al processo -> wininit.exe
Impossibile accedere al processo -> csrss.exe
Impossibile accedere al processo -> services.exe
Impossibile accedere al processo -> lsass.exe
Impossibile accedere al processo -> lsm.exe
Impossibile accedere al processo -> winlogon.exe
Impossibile accedere al processo -> svchost.exe
Impossibile accedere al processo -> svchost.exe
Impossibile accedere al processo -> MsMpEng.exe
Impossibile accedere al processo -> svchost.exe
Impossibile accedere al processo -> svchost.exe
Impossibile accedere al processo -> svchost.exe
Impossibile accedere al processo -> svchost.exe
Impossibile accedere al processo -> svchost.exe
Impossibile accedere al processo -> RtkAudioService64.exe
Impossibile accedere al processo -> RAVBg64.exe
Impossibile accedere al processo -> RAVBg64.exe
Impossibile accedere al processo -> svchost.exe
Impossibile accedere al processo -> WLTRYSVC.EXE
Impossibile accedere al processo -> BCMWLTRY.EXE
Impossibile accedere al processo -> spoolsv.exe
Impossibile accedere al processo -> svchost.exe
Impossibile accedere al processo -> armsvc.exe
Impossibile accedere al processo -> AERTSr64.exe
Impossibile accedere al processo -> btwdins.exe
Impossibile accedere al processo -> svchost.exe
Impossibile accedere al processo -> ijplmsvc.exe
Impossibile accedere al processo -> HeciServer.exe
Impossibile accedere al processo -> svchost.exe
Impossibile accedere al processo -> TeamViewer_Service.exe
Impossibile accedere al processo -> svchost.exe
Impossibile accedere al processo -> NisSrv.exe
(Realtek Semiconductor) C: \ Programmi \ Realtek \ Audio \ HDA \ RtkNGUI64.exe
(Realtek Semiconductor) C: \ Programmi \ Realtek \ Audio \ HDA \ RAVBg64.exe
(Realtek Semiconductor) C: \ Programmi \ Realtek \ Audio \ HDA \ RAVBg64.exe
(Synaptics Incorporated) C: \ Program Dosyaları \ Synaptics \ SynTP \ SynTPEnh.exe
(Dell Inc.) C: \ Programmi \ Dell \ DW WLAN Card \ WLTRAY.EXE
(Intel Corporation) C: \ Windows \ System32 \ igfxtray.exe
(Intel Corporation) C: \ Windows \ System32 \ hkcmd.exe
(Intel Corporation) C: \ Windows \ System32 \ igfxsrvc.exe
(Intel Corporation) C: \ Windows \ System32 \ igfxpers.exe
(Dell Inc.) C: \ Program Dosyaları \ Dell \ QuickSet \ quickset.exe
Impossibile accedere al processo -> WmiPrvSE.exe
(Microsoft Corporation) C: \ Programmi \ Microsoft Security Client \ msseces.exe
(iMesh Inc) C: \ Users \ Tom \ AppData \ Local \ Music Toolbar \ Datamngr \ sysctrl.exe
(iMesh Inc) C: \ Users \ Tom \ AppData \ Local \ Music Toolbar \ Datamngr \ x64 \ sysctrl.exe
Impossibile accedere al processo -> SearchIndexer.exe
(Synaptics Incorporated) C: \ Program Dosyaları \ Synaptics \ SynTP \ SynTPHelper.exe
(iMesh Inc) C: \ Users \ Tom \ AppData \ Local \ Music Toolbar \ Datamngr \ DatamngrCoordinator.exe
() C: \ Users \ Tom \ AppData \ Local \ WSE_Astromenda \ BRS \ brs.exe
(iMesh Inc) C: \ Users \ Tom \ AppData \ Local \ Music Toolbar \ Datamngr \ DatamngrCoordinator.exe
(Broadcom Corporation.) C: \ Programmi \ WIDCOMM \ Bluetooth Software \ BTTray.exe
(Intel Corporation) C: \ Programmi (x86) \ Intel \ Intel (R) USB 3.0 eXtensible Host Controller Driver \ Application \ iusb3mon.exe
(Creative Technology Ltd) C: \ Program Dosyaları (x86) \ Dell Webcam \ Dell Webcam Central \ WebcamDell2.exe
(CANON INC.) C: \ Program Dosyaları (x86) \ Canon \ Quick Menu \ CNQMMAIN.EXE
(Microsoft Corporation) C: \ Windows \ SysWOW64 \ rundll32.exe
(Broadcom Corporation.) C: \ Programmi \ WIDCOMM \ Bluetooth Software \ BTStackServer.exe
(Intel Corporation) C: \ Program Files \ Intel \ Intel (R) Rapid Storage Technology \ IAStorIcon.exe
(Microsoft Corporation) C: \ Windows \ splwow64.exe
Impossibile accedere al processo -> svchost.exe
(CANON INC.) C: \ Programmi (x86) \ Canon \ Quick Menu \ CNQMUPDT.EXE
(CANON INC.) C: \ Program Dosyaları (x86) \ Canon \ Quick Menu \ CNQMSWCS.EXE
Impossibile accedere al processo -> IAStorDataMgrSvc.exe
Impossibile accedere al processo -> Jhi_service.exe
Impossibile accedere al processo -> LMS.exe
Impossibile accedere al processo -> SftService.exe
Impossibile accedere al processo -> wmpnetwk.exe
Impossibile accedere al processo -> svchost.exe
Impossibile accedere al processo -> SeaPort.EXE
(Valve Corporation) C: \ Programmi (x86) \ Steam \ Steam.exe
(Valve Corporation) C: \ Program Dosyaları (x86) \ Steam \ bin \ cef \ cef.win7x64 \ steamwebhelper.exe
Impossibile accedere al processo -> SteamService.exe
(Valve Corporation) C: \ Program Dosyaları (x86) \ Steam \ bin \ cef \ cef.win7x64 \ steamwebhelper.exe
(Valve Corporation) C: \ Program Dosyaları (x86) \ Steam \ bin \ cef \ cef.win7x64 \ steamwebhelper.exe
(Valve Corporation) C: \ Program Dosyaları (x86) \ Steam \ bin \ cef \ cef.win7x64 \ steamwebhelper.exe
Impossibile accedere al processo -> rundll32.exe
Impossibile accedere al processo -> VSSVC.exe
Impossibile accedere al processo -> svchost.exe
Impossibile accedere al processo -> OSPPSVC.EXE
Impossibile accedere al processo -> dllhost.exe
(Adobe Systems Incorporated) C: \ Windows \ System32 \ Macromed \ Flash \ FlashUtil64_31_0_0_122_ActiveX.exe
(Oracle Corporation) C: \ Programmi (x86) \ Common Files \ Java \ Java Update \ jusched.exe
(Valve Corporation) C: \ Program Dosyaları (x86) \ Steam \ bin \ cef \ cef.win7x64 \ steamwebhelper.exe
Impossibile accedere al processo -> svchost.exe
Impossibile accedere al processo -> DbxSvc.exe
(Dropbox, Inc.) C: \ Program Dosyaları (x86) \ Dropbox \ Client \ Dropbox.exe
(Dropbox, Inc.) C: \ Program Dosyaları (x86) \ Dropbox \ Client \ Dropbox.exe
(Dropbox, Inc.) C: \ Program Dosyaları (x86) \ Dropbox \ Client \ Dropbox.exe
(Microsoft Corporation) C: \ Programmi \ Internet Explorer \ iexplore.exe
(Google) C: \ Users \ Tom \ AppData \ Local \ Google \ Google Talk Plugin \ googletalkplugin.exe
(Adobe Systems Incorporated) C: \ Program Dosyaları (x86) \ Adobe \ Reader 11.0 \ Reader \ AcroRd32.exe
(Adobe Systems Incorporated) C: \ Program Dosyaları (x86) \ Adobe \ Reader 11.0 \ Reader \ AcroRd32.exe
Impossibile accedere al processo -> wlanext.exe
Impossibile accedere al processo -> conhost.exe
Impossibile accedere al processo -> TrustedInstaller.exe
Impossibile accedere al processo -> SearchProtocolHost.exe
Impossibile accedere al processo -> SearchFilterHost.exe
Impossibile accedere al processo -> svchost.exe

==================== Registrazione (whitelist) ======================== == =

(Se una voce viene aggiunta all'elenco delle correzioni, l'elemento del registro viene ripristinato al valore predefinito o rimosso. Il file non viene spostato.)

HKLM \ ... \ Run: [RTHDVCPL] => C: \ Program Files \ Realtek \ Audio \ HDA \ RtkNGUI64.exe [7202520 2013-08-20] (Realtek Semiconductor)
HKLM \ ... \ Run: [RtHDVBg] => C: \ Program Files \ Realtek \ Audio \ HDA \ RAVBg64.exe [1321688 2013-08-08] (Realtek Semiconductor)
HKLM \ ... \ Run: [RtHDVBg_PushButton] => C: \ Program Files \ Realtek \ Audio \ HDA \ RAVBg64.exe [1321688 2013-08-08] (Realtek Semiconductor)
HKLM \ ... \ Run: [SynTPEnh] => C: \ Program Dosyaları \ Synaptics \ SynTP \ SynTPEnh.exe [2780400 2013-09-14] (Synaptics Incorporated)
HKLM \ ... \ Run: [Broadcom Wireless Manager user interface] => C: \ Program Files \ Dell \ DW WLAN Card \ WLTRAY.exe [8921600 2013-10-23] (Dell Inc.)
HKLM \ ... \ Run: [QuickSet] => c: \ Program Files \ Dell \ QuickSet \ QuickSet.exe [5774664 2013-09-11] (Dell Inc.)
HKLM \ ... \ Run: [IAStorIcon] => C: \ Program Files \ Intel \ Intel (R) Rapid Storage Technology \ IAStorIcon.exe [287592 2013-08-31] (Intel Corporation)
HKLM \ ... \ Run: [MSC] => c: \ Programmi \ Microsoft Security Client \ msseces.exe [1353680 2016-11-14] (Microsoft Corporation)
HKLM \ ... \ Çalıştır: [Logitech Download Assistant] => C: \ Windows \ system32 \ rundll32.exe C: \ Windows \ System32 \ LogiLDA.dll, LogiFetch
HKLM-x32 \ ... \ Run: [USB3MON] => C: \ Program Files (x86) \ Intel \ Intel (R) USB 3.0 extensible Host Controller Driver \ Application \ iusb3mon.exe [292848 2013-09-05 ] (Intel Foundation)
HKLM-x32 \ ... \ Run: [Dell Webcam Central] => C: \ Programmi (x86) \ Dell Webcam \ Dell Webcam Central \ WebcamDell2.exe [577024 2012-03-07] (Creative Technology Ltd)
HKLM-x32 \ ... \ Run: [CanonQuickMenu] => C: \ Programmi (x86) \ Canon \ Quick Menu \ CNQMMAIN.EXE [1279120 2012-09-27] (CANON INC.)
HKLM-x32 \ ... \ Run: [RazerCortex] => C: \ Program Dosyaları (x86) \ Razer \ Razer Cortex \ RazerCortex.exe -autorun
HKLM-x32 \ ... \ Run: [Dropbox] => C: \ Programmi (x86) \ Dropbox \ Client \ Dropbox.exe [3785536 2018-11-06] (Dropbox, Inc.)
HKLM-x32 \ ... \ RunOnce: [GrpConv] => grpconv -o
Winlogon \ Notify \ igfxcui: C: \ Windows \ System32 \ igfxdev.dll (Intel Corporation)
HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 \ ... \ Run: [sysctrl] => C: \ Users \ Tom \ AppData \ Local \ Music Toolbar \ Datamngr \ sysctrl.exe [ 70168 2014-06-25) (iMesh Inc)
HKU \ S-1-5-21-2528572-1064671646-1800406956-1001 \ ... \ Run: [sysctrl64] => C: \ Users \ Tom \ AppData \ Local \ Music Toolbar \ Datamngr \ x64 \ sysctrl. exe [82456 2014-06-25] (iMesh Inc)
HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 \ ... \ Run: [sysctrlc] => C: \ Users \ Tom \ AppData \ Local \ Music Toolbar \ Datamngr \ DatamngrCoordinator.exe [ 3823128 2014-06-25] (iMesh Inc)
HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 \ ... \ Run: [BRS] => C: \ Users \ Tom \ AppData \ Local \ WSE_Astromenda \ BRS \ brs.exe [1173504 2014 -08-08] ()
HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 \ ... \ Run: [Google Update] => C: \ Users \ Tom \ AppData \ Local \ Google \ Update \ 1.3.33.17 \ GoogleUpdateCore .exe [601680 2018-05-19] (Google Inc.)
HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 \ ... \ Run: [GoogleChromeAutoLaunch_5189939A0645355218FFECE1F1491836] => C: \ Users \ Tom \ AppData \ Local \ Chromium \ Application \ chrome.exe [663552 2015 -06-28] (autori di Chrome)
HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 \ ... \ Run: [Steam] => C: \ Program Files (x86) \ Steam \ steam.exe [3208992 2018-10-11 ] (Valve Corporation)
HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 \ ... \ Run: [World of Tanks] => "C: \ Games \ World_of_Tanks \ WargamingGameUpdater.exe"
HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 \ ... \ Run: [KakaoTalk] => "C: \ Programmi (x86) \ Cocoa \ KakaoTalk \ KakaoTalk.exe" -bystartup
HKU \ S-1-5-18 \ ... \ RunOnce: [JavaInstallRetry] => RUNONCE = 1 SPONSOR = 0
Lsa: [Pacchetti di notifica] scecli c: \ Program Files \ WIDCOMM \ Bluetooth Software \ BtwProximityCP.dll
Avvio: C: \ ProgramData \ Microsoft \ Windows \ Start Menu \ Programs \ Startup \ Bluetooth.lnk [2014-03-14]
ShortcutTarget: Bluetooth.lnk -> C: \ Programmi \ WIDCOMM \ Bluetooth Software \ BTTray.exe (Broadcom Corporation.)
GroupPolicy: Restriction - Chrome <==== DİKKAT
GroupPolicy \ User: Restriction? <==== DİKKAT
GroupPolicyUsers \ S-1-5-21-252852572-1064671646-1800406956-1001 \ Utente: Limitazione <==== DİKKAT
CHR HKLM \ SOFTWARE \ Policies \ Google: restrizione <==== DİKKAT

==================== Internet (autorizzato) =====================

(Se un elemento è incluso nell'elenco delle correzioni, se è un elemento del registro, viene rimosso o ripristinato all'impostazione predefinita.)

Tcpip \ Parameters: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip \ .. \ Interfaces \ {D501FE14-C8C6-42EF-90C4-FD36AA6C8729}: [DhcpNameServer] 192.168.8.1 192.168.8.1

Internet Explorer:
==================
HKLM \ Software \ Microsoft \ Internet Explorer \ Main, pagina iniziale = hxxp: //go.microsoft.com/fwlink/? LinkID = 617911 & ResetID = 131130558221447530 & GUID = DBCFEA2E-669E-4FEF-ADAA-0257FE0762CC
HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 \ Software \ Microsoft \ Internet Explorer \ Main, pagina iniziale = hxxp: //go.microsoft.com/fwlink/? LinkID = 617911 e ResetID = 131802431285607286 & GUID = DBCFEA2E -669E-4FEF-ADAA-0257FE0762CC
HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = hxxp: //dell13.msn.com/? Pc = DCJB
URLSearchHook: [S-1-5-21-252852572-1064671646-1800406956-1000] ATTENZIONE => Manca URLSearchHook predefinito
Ambiti di ricerca: HKLM -> DefaultScope {747A2953-1CA8-48AC-B80F-BB0DB9E62138} URL = hxxp: //www.bing.com/search?q={SearchTerms} formu = MSSEDF vedi pc = MSSE
Ambiti di ricerca: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Ambiti di ricerca: HKLM -> {747A2953-1CA8-48AC-B80F-BB0DB9E62138} URL = hxxp: //www.bing.com/search?q={SearchTerms} formu = MSSEDF vedi pc = MSSE
Ambiti di ricerca: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Ambiti di ricerca: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 -> DefaultScope {747A2953-1CA8-48AC-B80F-BB0DB9E62138} URL = hxxp: //www.bing.com/search?q={SearchTerms} formu = MSSEDF vedi pc = MSSE
SearchScopes: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 -> OldSearch URL = hxxp: //searchinterneat-a.akamaihd.net/s denk = U0EeE1xZE1oZB1ZEfQleBFpCGAYQbV0AAF9cFVcQchRaUVtBDA1BIVtcVFhFRVAQcB9aFQQTSEcFME0FCFwEURNNfWtdEkwdVUZrNVs = & q = {} searchTerms
Ambiti di ricerca: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 -> {1b31c9d2-7135-442b-bb93-7c002172adc6) URL = hxxp: //www.bing.com/search?q={SearchTerms} formu = MSSEDF vedi pc = MSSE
Ambiti di ricerca: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 -> {295E555F-A5F0-42ED-917A-617F365F50E9} URL = hxxp: //search.yahoo.com/yhs/search? Hspart = DDC e hsimp = YHS-ddc_bd e tip = bl-a-dd__alt__ddc_dss_bd_com e p = {searchTerms}
Arama Kapsamları: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = hxxp: //rocket-find.com/results.php? F = 4 già q = {} searchTerms a = rckt_frmr_14_26_ff sono già cD = 2XzuyEtN2Y1L1Qzu0E0C0FyE0B0Bzz0DtB0FzyyByC0C0DtAtN0D0Tzu0SzytCtDtN1L2XzutBtFtBtCtFzztFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyB0Azz0E0F0E0C0DtGtCyDyEtBtG0B0AzzyBtGtDyC0E0DtGtDtA0EtDzz0AyByE0AyE0DyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCyEzz0AyB0ByCtAtGzz0A0D0EtGyB0AtByCtG0A0B0FzytGtA0E0Azy0CtBtAzytA0EzzyE2Q ve CR = 1.797.486,999 mila già IR =
Ambiti di ricerca: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 -> {747A2953-1CA8-48AC-B80F-BB0DB9E62138} URL = hxxp: //www.bing.com/search?q={SearchTerms} formu = MSSEDF vedi pc = MSSE
Ambiti di ricerca: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp: //rocket-find.com/results.php? F = 4 e q = {} searchTerms a = rckt_frmr_14_26_ff e cd = 2xzuyetn2y1l1qzu0e0c0fye0b0bzz0dtb0fzyybyc0c0dtatn0d0tzu0szytctdtn1l2xzutbtftbtctftctctftdtn1l1czutcyetbzytdyd1v1ttn1l1g1b1v1n2y1l1qzu2std0bta0ayd0ctdyetg0aybybtatgzzyd0b0ctgyctc0e0ftgtc0btatd0f0bye0a0e0f0byd2qtn1m1f1b2z1v1n2y1l1qzu2stcyezz0ayb0byctatgzz0a0d0etgyb0atbyctg0a0b0fzytgta0e0azy0ctbtazyta0ezzye2q e IR e CR = 1.712.688,768 mila =
Ambiti di ricerca: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 -> {80c554b9-c7f8-4a21-9471-06d606da78a2) URL = hxxp: //www.bing.com/search?q={SearchTerms} formu = MSSEDF vedi pc = MSSE
Ambiti di ricerca: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2000} URL = hxxp: //dts.search.ask.com/sr? Src = IEB e GCT = ds & appid = & systemId = & v = a15946-1205 & apn_uid = 4431050210474885 & apn_dtid = IME001 e o = APN10653 e apn_ptnrs = AGE e q = {searchTerms}
Ambiti di ricerca: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2001} URL = hxxp: //dts.search.ask.com/sr? Src = IEB & GCT = ds & appid = 1066 & systemId = 1 & v = n13124-409 & apn_uid = 9434405932554208 & apn_dtid = IME001 & o = APN10653 & apn_ptnrs = AGE & q = {searchTerms}
Ambiti di ricerca: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 -> {a62abdee-78a2-4ddb-9355-1c334abd6e43) URL = hxxp: //searchinterneat-a.akamaihd.net/s? Eq = U0EeE1xZE1oZB1ZEfQleBFpCGAYQbV0AAF9cFVcQchRaUVtBDA1BIVtcVFhFRVAQcB9aFQQTSEcFME0FCFwEURNNfWtdEkwdVUZrNVs = ricerca q
Ambiti di ricerca: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 -> {f7bb050c-e116-44da-89c2-6f2b68c54836) URL = hxxp: //www.bing.com/search?q={SearchTerms} formu = MSSEDF vedi pc = MSSE
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C: \ Program Dosyaları \ Canon \ Easy-WebPrint EX \ ewpexbho.dll [2014-07-07] (CANON INC. )
BHO: Gestore della cache dei documenti di Office -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C: \ Program Files \ Microsoft Office \ Office14 \ URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C: \ Program Dosyaları (x86) \ Canon \ Easy-WebPrint EX \ ewpexbho.dll [07/07/2014 ] (CANON INC.)
BHO-x32: Java (tm) Plug-in SSV Helper -> (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) -> C: \ Programmi (x86) \ Java \ jre7 \ bin \ ssv.dll (2014-08-11 ] (Oracle Corporation)
BHO-x32: gestore della cache dei documenti di Office -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C: \ Program Files (x86) \ Microsoft Office \ Office14 \ URLREDIR.DLL [2013-03-06] (Microsoft Corporation )
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C: \ Programmi (x86) \ Microsoft \ BingBar \ 7.1.362.0 \ BingExt.dll [2012-02-13] ( Azienda Microsoft.)
BHO-x32: Java (tm) Plugin 2 SSV Helper -> (DBC80044-A445-435b-BC74-9C25C1C588A9) -> C: \ Programmi (x86) \ Java \ jre7 \ bin \ jp2ssv.dll (2014-08- 11) (Oracle Corporation)
Barra degli strumenti: HKLM - Canon Easy WebPrint EX - (759D9886-0C6F-4498-BAB6-4A5F47C6C72F) - C: \ Programmi \ Canon \ Easy-WebPrint EX \ ewpexhlp.dll [07/07/2014] (CANON INC.)
Barra degli strumenti: HKLM-x32 - Canon Easy-WebPrint EX - (759D9886-0C6F-4498-BAB6-4A5F47C6C72F) - C: \ Programmi (x86) \ Canon \ Easy-WebPrint EX \ ewpexhlp.dll (07/07/2014 ] (CANON INC.)
Barra degli strumenti: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C: \ Programmi (x86) \ Microsoft \ BingBar \ 7.1.362.0 \ BingExt.dll [2012-02-13] ( Microsoft Corporation.)
Barra degli strumenti: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 -> Canon Easy-WebPrint EX - (759D9886-0C6F-4498-BAB6-4A5F47C6C72F) - C: \ Program Files \ Canon \ Easy- WebPrint EX \ ewpexhlp.dll [07/07/2014] (CANON INC.)
Gestore: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Nessun file

FireFox:
========
Percorso profilo FF: C: \ Users \ Tom \ AppData \ Roaming \ Mozilla \ Firefox \ Profiles \ 6mnczrhu.default-1509552401858 [2018-11-10]
FF Ana Sayfası: Mozilla \ Firefox \ Profiles \ 6mnczrhu.default-1509552401858 -> hxxps: //id.search.yahoo.com/yhs/web? Hspart = Elm & hsimp = YHS-001 & type = hdr_s_17_44_orgnl & param1 = 1 & param2 = f% 26% 3D% 3DFirefox% 26cc% 3Did% 26pa% 3Dhodor% 26cd% 3D2XzuyEtN2Y1L1Qzu0E0C0FyE0B0Bzz0DtB0FzyyByC0C0DtAtN0D0Tzu0StBtCtAyEtN1L2XzutAtFtAtBtFtCtFyCyDtN1L1Czu1M1Q1CtAtBtFtAtFtDtN1L1G1B1V1N2Y1L1Qzu2StB0BtC0EtD0F0EtAtGyB0AtC0CtG0CtAtByEtGyCzy0AtBtGtC0ByCzzyEzyzyyE0A0DtD0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0E0D0F0A0FtA0CzytGzy0EyDyCtGyE0CyDyEtGzztCtDtDtGyEzytC0DtCtD0E0FyByBtAyE2QtN0A0LzuyEtN0D0T0S1P1RzutCyDtDzyzzyEtDtBtCyB% 26cr% 3D1609883092% 26a% 3Dhdr_s_17_44_orgnl% 26os_ver% 3D6.1% 26os% 3DWindows% 2B7% 2BProfessional
Plugin di ricerca FF: C: \ Users \ Tom \ AppData \ Roaming \ Mozilla \ Firefox \ Profiles \ 6mnczrhu.default-1509552401858 \ searchplugins \ yhs.xml [2018-01-25]
FF HKLM-x32 \ ... \ Thunderbird \ Extensions: [msktbird@mcafee.com] - C: \ Program Files \ McAfee \ MSK => non trovato
Plugin FF: @ adobe.com / FlashPlayer -> C: \ Windows \ system32 \ Macromed \ Flash \ NPSWF64_31_0_0_122.dll [2018-10-10] ()
Plugin FF: @ microsoft.com / GENUINE -> disabilitato [Nessun file]
Plugin FF: @ Microsoft.com / NpCtrl, versione = 1.0 -> c: \ Program Files \ Microsoft Silverlight \ 5.1.50907.0 \ npctrl.dll [2017-05-03] (Microsoft Corporation)
Plugin FF: @ microsoft.com / OfficeAuthz, versione = 14.0 -> C: \ PROGRA ~ 1 \ MICROS ~ 1 \ Office14 \ NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Eklentisi-x32: @ adobe.com / FlashPlayer -> C: \ Windows \ SysWOW64 \ Macromed \ Flash \ NPSWF32_31_0_0_122.dll [2018-10-10] ()
FF Plugin-x32: @ canon.com / EPPEX -> C: \ Programmi (x86) \ Canon \ My Image Garden \ AddOn \ CIG \ npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @ intel-webapi.intel.com / Intel WebAPI ipt; versione = 3.5.29 -> C: \ Program Files (x86) \ Intel \ Intel (R) Management Engine Components \ IPT \ npIntelWebAPIIPT.dll [2013-06-01] (Intel Corporation)
FF Plugin-x32: @ intel-webapi.intel.com / Intel WebAPI updater -> C: \ Program Files (x86) \ Intel \ Intel (R) Management Engine Components \ IPT \ npIntelWebAPIUpdater.dll [2013-06-01] (Intel Foundation)
FF Plugin-x32: @ java.com / DTPlugin, versione = 10.67.2 -> C: \ Program Files (x86) \ Java \ jre7 \ bin \ dtplugin \ npDeployJava1.dll [2014-08-11] (Oracle Corporation)
FF Plugin-x32: @ java.com / JavaPlugin, versione = 10.67.2 -> C: \ Program Files (x86) \ Java \ jre7 \ bin \ plugin2 \ npjp2.dll [2014-08-11] (Oracle Corporation)
FF Plugin-x32: @ microsoft.com / GENUINE -> disabilitato [Nessun file]
FF Plugin-x32: @ Microsoft.com / NpCtrl, versione = 1.0 -> c: \ Program Files (x86) \ Microsoft Silverlight \ 5.1.50907.0 \ npctrl.dll [2017-05-03] (Microsoft Corporation)
FF Plugin-x32: @ microsoft.com / OfficeAuthz, versione = 14.0 -> C: \ PROGRA ~ 2 \ MICROS ~ 1 \ Office14 \ NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @ microsoft.com / SharePoint, versione = 14.0 -> C: \ PROGRA ~ 2 \ MICROS ~ 1 \ Office14 \ NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @ videolan.org / vlc, versione = 2.2.8 -> C: \ Program Files (x86) \ VideoLAN \ VLC \ npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C: \ Programmi (x86) \ Adobe \ Reader 11.0 \ Reader \ AIR \ nppdf32.dll [2017-11-01] (Adobe Systems Inc.)
FF Plugin HKU \ S-1-5-21-252852572-1064671646-1800406956-1001: @ talk.google.com / GoogleTalkPlugin -> C: \ Users \ Tom \ AppData \ Roaming \ Mozilla \ plugins \ npgoogletalk.dll [2015 -12-08] (Google)
FF Plugin HKU \ S-1-5-21-252852572-1064671646-1800406956-1001: @ talk.google.com / O1DPlugin -> C: \ Users \ Tom \ AppData \ Roaming \ Mozilla \ plugins \ npo1d.dll [2015 -12-08] (Google)
Plugin FF HKU \ S-1-5-21-252852572-1064671646-1800406956-1001: @ tools.google.com / Google Update; versione = 3 -> C: \ Users \ Tom \ AppData \ Local \ Google \ Update \ 1.3.33.17 \ npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
Plugin FF HKU \ S-1-5-21-252852572-1064671646-1800406956-1001: @ tools.google.com / Google Update; versione = 9 -> C: \ Users \ Tom \ AppData \ Local \ Google \ Update \ 1.3.33.17 \ npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin Program Files / Appdata: C: \ Users \ Tom \ AppData \ Roaming \ mozilla \ plugins \ npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles / Appdata: C: \ Users \ Tom \ AppData \ Roaming \ mozilla \ plugins \ npo1d.dll [2015-12-08] (Google)

==================== Servizi (autorizzati) ====================

(Se una voce viene aggiunta all'elenco delle correzioni, viene rimossa dal registro. Il file non verrà spostato a meno che non sia elencato separatamente).

S2 dbupdat; C: \ Program Dosyaları (x86) \ Dropbox \ Update \ DropboxUpdate.exe [143144 2018-11-09] (Dropbox, Inc.)
S3 dbupdatem; C: \ Program Dosyaları (x86) \ Dropbox \ Update \ DropboxUpdate.exe [143144 2018-11-09] (Dropbox, Inc.)
R2 DbxSvc; C: \ Windows \ system32 \ DbxSvc.exe [51024 2018-11-06] (Dropbox, Inc.)
R2 è IAStorDataMgrSvc; C: \ Programmi \ Intel \ Intel (R) Rapid Storage Technology \ IAStorDataMgrSvc.exe [15720 2013-08-31] (Intel Corporation)
R2 IJPLMSVC; C: \ Programmi (x86) \ Canon \ IJPLM \ IJPLMSVC.EXE [140936 2013-05-15] ()
Interfaccia del servizio di licenza di autorizzazione Intel® R2; c: \ Program Files \ Intel \ iCLS Client \ HeciServer.exe [733696 2013-05-12] (Intel (R) Corporation) [File non firmato]
Interfaccia TCP IP del servizio di licenza in primo piano S3 Intel (R); c: \ Programmi \ Intel \ iCLS Client \ SocketHeciServer.exe [822232 2013-05-12] (Intel (R) Corporation)
R2 jhi_service; C: \ Programmi (x86) \ Intel \ Intel (R) Management Engine Components \ DAL \ jhi_service.exe [169432 2013-06-01] (Intel Corporation)
R2 lmhostları; C: \ Windows \ system32 \ svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 lmhostları; C: \ Windows \ SysWOW64 \ svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 MsMpSvc; c: \ Program Dosyaları \ Microsoft Security Client \ MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
R3 NisSrv; c: \ Programmi \ Microsoft Security Client \ NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
R2 NlaSvc; C: \ Windows \ System32 \ svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 NlaSvc; C: \ Windows \ SysWOW64 \ svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 nsi; C: \ Windows \ system32 \ svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 nsi; C: \ Windows \ SysWOW64 \ svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 RtkAudioService; C: \ Programmi \ Realtek \ Audio \ HDA \ RtkAudioService64.exe [246488 2013-06-19] (Realtek Semiconductor)
R2 SftService; C: \ Programmi (x86) \ Dell Backup and Recovery \ SftService.exe [1915920 2013-11-22] (SoftThinks SAS)
S3 WinDefend; C: \ Programmi \ Windows Defender \ mpsvc.dll [1011712 2014-03-14] (Microsoft Corporation)
R2 è wltrysvc; C: \ Programmi \ Dell \ DW Scheda WLAN \ bcmwltry.exe [6170624 2013-10-23] (Dell Inc.) [File non firmato]

===================== Driver (autorizzati) ======================

(Se una voce viene aggiunta all'elenco delle correzioni, viene rimossa dal registro. Il file non verrà spostato a meno che non sia elencato separatamente).

R0 iaStorF; C: \ Windows \ System32 \ drivers \ iaStorF.sys [28008 2013-08-29] (Intel Corporation)
R3 MEIx64; C: \ Windows \ System32 \ DRIVERS \ TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R0 MpFiltre; C: \ Windows \ System32 \ DRIVERS \ MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
R3 NisDrv; C: \ Windows \ System32 \ DRIVERS \ NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
S3 PCDSRVC {D3412D80-CF3B4A27-06020200} _0; c: \ program dosyaları \ dell \ pcdsrvc_x64.pkms [25584 2013-08-10] (PC-Doctor, Inc.)
S3 SmbDrv; C: \ Windows \ system32 \ drivers \ Smb_driver_AMDASF.sys [30448 2013-09-14] (Synaptics Incorporated)
R3 SmbDrvl; C: \ Windows \ System32 \ DRIVERS \ Smb_driver_Intel.sys [34544 2013-09-14] (Synaptics Incorporated)
S1 mmaennbv; \ ?? \ C: \ Windows \ system32 \ drivers \ mmaennbv.sys [X]
S1 MpKs19b5e44a7; \ ?? \ c: \ ProgramData \ Microsoft \ Microsoft Anti-Malware \ Definition Updates \ {06717DA4-6C54-415D-AA4E-217CE011D206} \ MpKsl9b5e44a7.sys [X]
S1 niatpksbo; \ ?? \ C: \ Windows \ system32 \ drivers \ niatpxbo.sys [X]
S3 OATool; \ ?? \ C: \ Users \ ADMINI ~ 1 \ AppData \ Local \ Temp \ OAToolx64.sys [X] <==== DİKKAT
S1 spaltjok; \ ?? \ C: \ Windows \ system32 \ drivers \ spaltjok.sys [X]
S1 szftsrbn; \ ?? \ C: \ Windows \ system32 \ drivers \ szftsrbn.sys [X]

==================== NetSvcs (Whitelist) ===================

(Se una voce viene aggiunta all'elenco delle correzioni, viene rimossa dal registro. Il file non verrà spostato a meno che non sia elencato separatamente).


==================== File e cartelle creati in un mese ========

(Se una voce viene aggiunta all'elenco delle correzioni, il file / cartella verrà spostato.)

Errore (1) durante la lettura del file: "C: \ Users \ Tom \ Downloads \ Titanfall Rap, JT Machinima, THK e Borderline Disaster -"
10/11/2018 10:51 - 10/11/2018 10:54 - 000025461 _____ C: \ Users \ Tom \ Downloads \ FRST.txt
10/11/2018 10:47 - 10/11/2018 10:47 - 000000000 ____D C: \ Users \ Tom \ Downloads \ FRST-OlderVersion
10/11/2018 10:46 - 10/11/2018 10:51 - 000000000 ____D C: \ FRST
10/11/2018 10:45 - 10/11/2018 10:51 - 002415616 _____ (Farbar) C: \ Users \ Tom \ Downloads \ FRST64.exe
2018-11-09 18:08 - 2018-11-09 18:08 - 000000000 ____D C: \ ProgramData \ Microsoft \ Windows \ Menu Start \ Programmi \ Dropbox
09-11-2018 18:05 - 09-11-2018 18:05 - 000000000 ____D C: \ Users \ jl \ AppData \ Roaming \ Dropbox
2018-11-09 18:03 - 2018-11-10 10:08 - 000000900 _____ C: \ Windows \ Tasks \ DropboxUpdateTaskMachineUA.job
09-11-2018 18:03 - 09-11-2018 18:08 - 000000896 _____ C: \ Windows \ Tasks \ DropboxUpdateTaskMachineCore.job
09-11-2018 18:02 - 09-11-2018 18:09 - 000000000 ____D C: \ Programmi (x86) \ Dropbox
09-11-2018 17:44 - 09-11-2018 18:14 - 000000000 ____D C: \ Users \ Tom \ AppData \ Local \ Dropbox
09-11-2018 17:44 - 09-11-2018 18:02 - 000696608 _____ (Dropbox, Inc.) C: \ Users \ Tom \ Downloads \ DropboxInstaller.exe
09-11-2018 17:44 - 09-11-2018 17:44 - 000000000 ____D C: \ ProgramData \ Dropbox
06/11/2018 20:06 - 06/11/2018 20:06 - 000051024 _____ (Dropbox, Inc.) C: \ Windows \ system32 \ DbxSvc.exe
06/11/2018 20:06 - 06/11/2018 20:06 - 000047768 _____ (Dropbox, Inc.) C: \ Windows \ system32 \ Sürücüler \ dbx-dev.sys
06/11/2018 20:06 - 06/11/2018 20:06 - 000047768 _____ (Dropbox, Inc.) C: \ Windows \ system32 \ Sürücüler \ dbx-canary.sys
06/11/2018 20:06 - 06/11/2018 20:06 - 000045640 _____ (Dropbox, Inc.) C: \ Windows \ system32 \ Sürücüler \ dbx-stable.sys
12-10-2018 11:49 - 12-10-2018 11:49 - 000000020 _____ C: \ Users \ Tom \ Desktop \ SOUL.txt

==================== File e cartelle modificati per un mese ========

(Se una voce viene aggiunta all'elenco delle correzioni, il file / cartella verrà spostato.)

10/11/2018 10:42 - 05/11/2017 07:06 - 000000266 _____ C: \ Windows \ Tasks \ {58F8473A-A6D6-EB55-AF4D-772F0358E8D9} .job
10/11/2018 10:42 - 04/09/2015 18:04 - 000000000 ____D C: \ Kullanıcılar \ Tom \ AppData \ Local \ {357E0322-11D6-6F9A-7C4E-4A725826B6EA}
10/11/2018 10:24 - 14/07/2016 00:03 - 000000266 _____ C: \ Windows \ Tasks \ {1B7B29A5-081A-DBB0-79E4-101AD15B16AA} .job
10/11/2018 09:03 - 18/09/2016 09:25 - 000000266 _____ C: \ Windows \ Tasks \ {4B63B3D9-A905-B81E-883E-3B544CC01479} .job
10/11/2018 09:03 - 29/03/2016 20:03 - 000000262 _____ C: \ Windows \ Tasks \ Update_Task.job
10/11/2018 07:46 - 14/07/2009 10:20 - 000000000 ____D C: \ Windows \ system32 \ NDF
10/11/2018 05:26 - 19/11/2016 05:51 - 000000000 ____D C: \ Users \ Tom \ AppData \ LocalLow \ Mozilla
10/11/2018 05:26 - 15/07/2014 19:08 - 000000000 ____D C: \ ProgramData \ Datamngr
10/11/2018 05:11 - 25/01/2018 06:40 - 000000000 ____D C: \ Users \ Tom \ AppData \ Local \ Direc
09-11-2018 19:42 - 16-04-2014 10:12 - 000000000 ____D C: \ Programmi (x86) \ Servizio di manutenzione Mozilla
09-11-2018 19:41 - 04-12-2017 05:08 - 000000000 ____D C: \ Programmi (x86) \ Mozilla Firefox
09/11/2018 19:39 - 20/05/2014 17:23 - 000000000 ____D C: \ Users \ Tom \ AppData \ Local \ Unity
09/11/2018 19:37 - 29/06/2014 10:30 - 000000000 ____D C: \ Users \ Tom \ AppData \ Local \ Rocket
09-11-2018 17:39 - 16-04-2017 16:55 - 000000000 ____D C: \ Users \ Tom \ AppData \ Roaming \ Microsoft \ Windows \ Start Menu \ Programmi \ Steam
2018-11-09 15:10 - 2009-07-14 11:45 - 000030704 ____H C: \ Windows \ system32 \ 7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
09/11/2018 15:10 - 14/07/2009 11:45 - 000030704 ____H C: \ Windows \ system32 \ 7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
16-10-2018 04:48 - 21/11/2010 10:27 - 000559880 ____N (Microsoft Corporation) C: \ Windows \ system32 \ MpSigStub.exe
12/10/2018 16:33 - 06/11/2016 21:35 - 000000000 ____D C: \ Users \ Tom \ AppData \ Local \ CrossCode
12-10-2018 14:24 - 16-04-2017 12:44 - 000000000 ____D C: \ Programmi (x86) \ Steam
12-10-2018 07:20 - 14-03-2014 09:25 - 000000000 ____D C: \ Programmi (x86) \ Dell Backup and Recovery
2018-10-12 07:17 - 2009-07-14 12:08 - 000000006 ____H C: \ Windows \ Tasks \ SA.DAT
11-10-2018 18:50 - 14-07-2009 10:20 - 000000000 ____D C: \ Windows \ rescache
11-10-2018 08:43 - 16-04-2014 06:09 - 000000000 ____D C: \ Users \ jl
2018-10-11 03:51 - 2009-07-14 12:13 - 000783606 _____ C: \ Windows \ system32 \ PerfStringBackup.INI
2018-10-11 03:51 - 2009-07-14 10:20 - 000000000 ____D C: \ Windows \ inf
2018-10-11 03:44 - 2009-07-14 11:45 - 000342728 _____ C: \ Windows \ system32 \ FNTCACHE.DAT
11-10-2018 03:19 - 16-04-2014 06:42 - 000000000 ____D C: \ Windows \ system32 \ MRT
11-10-2018 03:13 - 16-04-2014 06:42 - 136745976 ____C (Microsoft Corporation) C: \ Windows \ system32 \ MRT.exe
11-10-2018 03:08 - 10-02-2011 21:33 - 000767916 _____ C: \ Windows \ SysWOW64 \ PerfStringBackup.INI

==================== File nella radice di alcune directory =======

12/03/2015 19:07 - 11/01/2015 19:07 - 000000032 ____R () C: \ ProgramData \ hash.dat
21-10-2016 18:39 - 21-10-2016 18:39 - 003187734 _____ () C: \ Users \ Tom \ AppData \ Roaming \ sb195.dat
13-12-2016 08:55 - 13-12-2016 08:55 - 003634196 _____ () C: \ Users \ Tom \ AppData \ Roaming \ sb476.dat
31/07/2014 08:47 - 09/09/2018 18:42 - 000000503 _____ () C: \ Users \ Tom \ AppData \ Roaming \ WB.CFG
02/12/2014 06:39 - 18/12/2014 00:39 - 000000001 _____ () C: \ Users \ Tom \ AppData \ Local \ DSI.DAT
02/12/2014 06:39 - 02/12/2014 06:39 - 000022528 _____ () C: \ Users \ Tom \ AppData \ Local \ dsisetup1488231282.exe
18/12/2014 00:39 - 18/12/2014 00:39 - 000022528 _____ () C: \ Users \ Tom \ AppData \ Local \ dsisetup3359250182.exe
25-03-2018 21:59 - 25-03-2018 21:59 - 000040960 _____ () C: \ Users \ Tom \ AppData \ Local \ Web Data
25-03-2018 21:59 - 25-03-2018 21:59 - 000000512 _____ () C: \ Users \ Tom \ AppData \ Local \ Web Data log
2017-12-13 02:46 - 2018-01-09 03:11 - 000000068 _____ () C: \ Users \ Tom \ AppData \ Local \ xdt9m2fvbr

File da spostare o eliminare:
====================
C: \ Windows \ Görevler \ {1B7B29A5-081A-DBB0-79E4-101AD15B16AA} .job
C: \ Windows \ Görevler \ {4B63B3D9-A905-B81E-883E-3B544CC01479} .job
C: \ Windows \ Tasks \ {58F8473A-A6D6-EB55-AF4D-772F0358E8D9} .job


Alcuni file in TEMP:
====================
22/05/2014 08:55 - 22/05/2014 08:55 - 002936832 _____ () C: \ Users \ Tom \ AppData \ Local \ Temp \ ffmpeg16.exe
29/05/2014 13:56 - 29/05/2014 13:57 - 017938608 _____ (Adobe Systems Incorporated) C: \ Users \ Tom \ AppData \ Local \ Temp \ fp_pl_pfs_installer-1.exe
24/05/2014 11:53 - 24/05/2014 11:54 - 017938608 _____ (Adobe Systems Incorporated) C: \ Users \ Tom \ AppData \ Local \ Temp \ fp_pl_pfs_installer.exe
16/05/2016 18:00 - 16/05/2016 18:01 - 000000000 _____ () C: \ Users \ Tom \ AppData \ Local \ Temp \ GUR280F.exe
23/01/2015 19:03 - 21/01/2015 06:32 - 002124520 _____ () C: \ Users \ Tom \ AppData \ Local \ Temp \ Helper.DLL
12/03/2015 19:08 - 12/03/2015 19:08 - 000058368 ____N () C: \ Users \ Tom \ AppData \ Local \ Temp \ jshortcut-3012483557483484761.dll
12/03/2015 19:40 - 12/03/2015 19:40 - 000058368 ____N () C: \ Users \ Tom \ AppData \ Local \ Temp \ jshortcut-7151043099465511510.dll
18/06/2013 23:53 - 18/06/2013 23:53 - 000865424 ____N (CANON INC.) C: \ Users \ Tom \ AppData \ Local \ Temp \ MSETUP4.EXE
11/04/2015 19:04 - 23/03/2015 07:33 - 001792744 _____ () C: \ Users \ Tom \ AppData \ Local \ Temp \ MusicAppHelper.DLL
10-03-2018 20:08 - 10-03-2018 20:08 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180310130822301.dll
10-03-2018 20:08 - 10-03-2018 20:08 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180310130823619.dll
10-03-2018 20:08 - 10-03-2018 20:08 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180310130824152.dll
10-03-2018 20:08 - 10-03-2018 20:08 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180310130824917.dll
10-03-2018 20:08 - 10-03-2018 20:08 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180310130832216.dll
10-03-2018 20:08 - 10-03-2018 20:08 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180310130835050.dll
10-03-2018 20:08 - 10-03-2018 20:08 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180310130851423.dll
11-03-2018 20:09 - 11-03-2018 20:09 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180311130926198.dll
2018-03-14 07:14 - 2018-03-14 07:14 - 001857024 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180314001435848.dll
15-03-2018 10:15 - 15-03-2018 10:15 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180315031541953.dll
15-03-2018 13:17 - 15-03-2018 13:17 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180315061702218.dll
2018-03-15 20:32 - 2018-03-15 20:32 - 001857024 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180315133218571.dll
16-03-2018 20:24 - 16-03-2018 20:24 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180316132440582.dll
2018-03-18 07:44 - 2018-03-18 07:44 - 001857024 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180318004447094.dll
2018-03-18 20:09 - 2018-03-18 20:09 - 001857024 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180318130924025.dll
21-03-2018 07:16 - 21-03-2018 07:16 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180321001604795.dll
21-03-2018 20:09 - 21-03-2018 20:09 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180321130925214.dll
22-03-2018 20:09 - 22-03-2018 20:09 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180322130924714.dll
2018-03-23 ​​20:09 - 2018-03-23 ​​20:09 - 001857024 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180323130924452.dll
24-03-2018 06:42 - 24-03-2018 06:42 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180323234211738.dll
24-03-2018 20:09 - 24-03-2018 20:09 - 001857024 _____ (Software Opera)
M

malsaurus

Membro TS
  • #8
C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180324130923461.dll
25-03-2018 10:03 - 25-03-2018 10:03 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180325030314080.dll
25-03-2018 10:53 - 25-03-2018 10:53 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180325035300424.dll
25-03-2018 12:03 - 25-03-2018 12:03 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180325050354224.dll
25-03-2018 20:09 - 25-03-2018 20:09 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180325130923968.dll
2018-03-26 20:09 - 2018-03-26 20:09 - 001857024 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180326130924703.dll
2018-03-27 20:09 - 2018-03-27 20:09 - 001857024 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180327130924106.dll
2018-03-28 20:27 - 2018-03-28 20:27 - 001857024 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180328132717552.dll
30-03-2018 10:42 - 30-03-2018 10:42 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180330034228662.dll
01-04-2018 13:44 - 01-04-2018 13:44 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180401064436791.dll
01-04-2018 15:08 - 01-04-2018 15:08 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180401080822166.dll
01-04-2018 20:09 - 01-04-2018 20:09 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180401130923017.dll
01-04-2018 20:17 - 01-04-2018 20:17 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180401131740502.dll
01-04-2018 20:17 - 01-04-2018 20:17 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180401131740656.dll
01-04-2018 20:17 - 01-04-2018 20:17 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180401131740791.dll
01-04-2018 20:17 - 01-04-2018 20:17 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180401131740894.dll
01-04-2018 20:17 - 01-04-2018 20:17 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180401131743947.dll
01-04-2018 20:17 - 01-04-2018 20:17 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180401131744097.dll
01-04-2018 20:17 - 01-04-2018 20:17 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180401131746304.dll
02-04-2018 08:27 - 02-04-2018 08:27 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180402012709675.dll
02-04-2018 20:17 - 02-04-2018 20:17 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180402131757707.dll
03-04-2018 07:25 - 03-04-2018 07:25 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180403002518959.dll
2018-04-03 10:09 - 2018-04-03 10:09 - 001876992 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180403030929327.dll
03-04-2018 20:18 - 03-04-2018 20:18 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180403131800132.dll
03-04-2018 20:34 - 03-04-2018 20:34 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180403133404920.dll
03-04-2018 20:43 - 03-04-2018 20:43 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180403134330427.dll
03-04-2018 20:57 - 03-04-2018 20:57 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180403135749671.dll
04-04-2018 09:52 - 04-04-2018 09:52 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180404025254232.dll
04-04-2018 12:57 - 04-04-2018 12:57 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180404055706841.dll
04-04-2018 13:26 - 04-04-2018 13:26 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180404062609230.dll
04-04-2018 14:22 - 04-04-2018 14:22 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180404072202784.dll
04-04-2018 15:27 - 04-04-2018 15:27 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180404082704587.dll
04-04-2018 20:17 - 04-04-2018 20:17 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180404131758871.dll
05-04-2018 20:17 - 05-04-2018 20:17 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180405131757452.dll
06-04-2018 08:32 - 06-04-2018 08:32 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180406013230995.dll
06-04-2018 08:41 - 06-04-2018 08:41 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180406014114698.dll
06-04-2018 09:49 - 06-04-2018 09:49 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180406024955766.dll
06-04-2018 10:24 - 06-04-2018 10:24 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180406032408588.dll
06-04-2018 12:55 - 06-04-2018 12:55 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180406055544648.dll
06-04-2018 16:12 - 06-04-2018 16:12 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180406091226749.dll
06-04-2018 20:18 - 06-04-2018 20:18 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180406131817058.dll
08-04-2018 10:18 - 08-04-2018 10:18 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180408031842534.dll
08-04-2018 13:00 - 08-04-2018 13:00 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180408060008326.dll
08-04-2018 21:48 - 08-04-2018 21:48 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180408144823767.dll
09-04-2018 20:17 - 09-04-2018 20:17 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180409131757781.dll
10-04-2018 20:07 - 10-04-2018 20:07 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180410130749447.dll
10-04-2018 20:17 - 10-04-2018 20:17 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180410131756831.dll
11-04-2018 20:17 - 11-04-2018 20:17 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180411131757785.dll
12-04-2018 20:18 - 12-04-2018 20:18 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180412131800701.dll
2018-04-13 09:35 - 2018-04-13 09:35 - 001876992 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180413023510806.dll
2018-04-13 20:17 - 2018-04-13 20:17 - 001876992 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180413131758814.dll
2018-04-14 13:33 - 2018-04-14 13:33 - 001876992 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180414063341001.dll
2018-04-14 20:17 - 2018-04-14 20:17 - 001876992 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180414131757035.dll
15-04-2018 10:40 - 15-04-2018 10:40 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180415034011422.dll
16-04-2018 11:28 - 16-04-2018 11:28 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180416042840055.dll
16-04-2018 11:30 - 16-04-2018 11:30 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180416043027562.dll
16-04-2018 11:30 - 16-04-2018 11:30 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180416043027760.dll
16-04-2018 11:30 - 16-04-2018 11:30 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180416043028264.dll
16-04-2018 11:30 - 16-04-2018 11:30 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180416043028576.dll
16-04-2018 11:30 - 16-04-2018 11:30 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180416043030541.dll
16-04-2018 11:30 - 16-04-2018 11:30 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180416043030662.dll
16-04-2018 11:30 - 16-04-2018 11:30 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180416043033561.dll
16-04-2018 21:56 - 16-04-2018 21:56 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180416145651595.dll
2018-04-17 11:30 - 2018-04-17 11:30 - 001876480 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180417043044605.dll
19-04-2018 19:17 - 19-04-2018 19:17 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180419121751055.dll
21-04-2018 22:06 - 21-04-2018 22:06 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180421150601262.dll
21-04-2018 22:10 - 21-04-2018 22:10 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180421151056879.dll
22-04-2018 11:35 - 22-04-2018 11:36 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180422043556502.dll
24-04-2018 18:52 - 24-04-2018 18:52 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180424115249153.dll
25-04-2018 11:30 - 25-04-2018 11:30 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180425043044222.dll
2018-04-27 06:28 - 2018-04-27 06:28 - 001876480 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180426232851539.dll
27-04-2018 16:35 - 27-04-2018 16:35 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180427093543465.dll
29-04-2018 13:45 - 29-04-2018 13:45 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180429064526831.dll
30-04-2018 19:56 - 30-04-2018 19:56 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180430125656533.dll
2018-04-30 20:34 - 2018-04-30 20:34 - 001876480 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180430133452682.dll
01/05/2018 11:30 - 01/05/2018 11:30 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180501043043811.dll
02/05/2018 11:30 - 02/05/2018 11:30 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180502043044900.dll
03/05/2018 19:13 - 03/05/2018 19:13 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180503121347084.dll
2018-05-04 14:06 - 2018-05-04 14:06 - 001876480 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180504070639579.dll
06/05/2018 11:30 - 06/05/2018 11:30 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180506043043856.dll
06/05/2018 11:31 - 06/05/2018 11:31 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180506043144039.dll
06/05/2018 11:31 - 06/05/2018 11:31 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180506043144356.dll
06/05/2018 11:31 - 06/05/2018 11:31 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180506043144547.dll
06/05/2018 11:31 - 06/05/2018 11:31 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180506043144637.dll
06/05/2018 11:31 - 06/05/2018 11:31 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180506043146347.dll
06/05/2018 11:31 - 06/05/2018 11:31 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180506043146786.dll
06/05/2018 11:31 - 06/05/2018 11:31 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180506043150052.dll
07/05/2018 11:32 - 07/05/2018 11:32 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180507043205156.dll
08/05/2018 19:29 - 08/05/2018 19:29 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180508122912386.dll
09/05/2018 22:52 - 09/05/2018 22:52 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180509155237351.dll
10/05/2018 12:26 - 10/05/2018 12:26 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180510052642465.dll
2018-05-12 00:06 - 2018-05-12 00:06 - 001876480 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180511170608518.dll
12/05/2018 14:19 - 12/05/2018 14:19 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180512071903492.dll
2018-05-13 09:04 - 2018-05-13 09:04 - 001876480 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180513020441684.dll
13/05/2018 12:44 - 13/05/2018 12:44 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180513054444780.dll
15/05/2018 15:50 - 15/05/2018 15:50 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180515085051153.dll
16/05/2018 18:11 - 16/05/2018 18:11 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180516111113256.dll
2018-05-17 13:30 - 2018-05-17 13:30 - 001876480 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180517063048169.dll
2018-05-18 06:04 - 2018-05-18 06:04 - 001876480 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180517230403367.dll
2018-05-19 20:11 - 2018-05-19 20:11 - 001876480 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180519131135448.dll
21/05/2018 16:26 - 21/05/2018 16:26 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180521092620739.dll
24/05/2018 20:04 - 24/05/2018 20:04 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180524130434676.dll
24/05/2018 20:07 - 24/05/2018 20:07 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180524130758830.dll
25/05/2018 18:49 - 25/05/2018 18:49 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180525114936143.dll
27/05/2018 11:29 - 27/05/2018 11:29 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180527042936482.dll
27/05/2018 11:32 - 27/05/2018 11:32 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180527043203417.dll
29/05/2018 12:41 - 29/05/2018 12:41 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180529054151671.dll
10-03-2018 20:05 - 10-03-2018 20:05 - 001853440 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_201831057556.dll
04-03-2018 17:07 - 04-03-2018 17:07 - 001853440 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_201834729734.dll
2018-03-04 17:07 - 2018-03-04 17:07 - 001853440 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_201834729926.dll
04-03-2018 17:07 - 04-03-2018 17:07 - 001853440 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_201834730165.dll
2018-03-04 17:07 - 2018-03-04 17:07 - 001853440 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_201834730337.dll
04-03-2018 17:07 - 04-03-2018 17:07 - 001853440 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_201834732431.dll
2018-03-04 17:07 - 2018-03-04 17:07 - 001853440 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_201834732978.dll
2018-03-04 17:07 - 2018-03-04 17:07 - 001853440 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_201834737307.dll
05-03-2018 17:23 - 05-03-2018 17:23 - 001853440 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_2018352315820.dll
06-03-2018 17:07 - 06-03-2018 17:07 - 001853440 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_201836753120.dll
07-03-2018 17:07 - 07-03-2018 17:07 - 001853440 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_201837752761.dll
09-03-2018 17:07 - 09-03-2018 17:07 - 001853440 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_201839754241.dll
2015-04-09 18:08 - 2017-10-25 17:05 - 058881488 _____ (Skype Technologies S.A.) C: \ Users \ Tom \ AppData \ Local \ Temp \ SkypeSetup.exe
26/06/2014 10:41 - 26/06/2014 11:08 - 028436968 _____ () C: \ Users \ Tom \ AppData \ Local \ Temp \ Softonic_EN_1-5-11_TR-Production_10_CleanRelease.exe
26/06/2014 10:39 - 26/06/2014 11:20 - 028436968 _____ () C: \ Users \ Tom \ AppData \ Local \ Temp \ Softonic_EN_1-5-11_TR-Production_10_CleanRelease [1] .exe
26/06/2014 11:26 - 26/06/2014 11:29 - 028436968 _____ () C: \ Users \ Tom \ AppData \ Local \ Temp \ Softonic_EN_1-5-11_TR-Production_10_CleanRelease [2] .exe

==================== Bamital e volsnap ====================

(Non esiste una correzione automatica per i file che non superano la convalida.)

C: \ Windows \ system32 \ winlogon.exe => Il file è firmato digitalmente
C: \ Windows \ system32 \ wininit.exe => Il file è firmato digitalmente
C: \ Windows \ SysWOW64 \ wininit.exe => File firmato digitalmente
C: \ Windows \ explorer.exe => Il file è firmato digitalmente
C: \ Windows \ SysWOW64 \ explorer.exe => File firmato digitalmente
C: \ Windows \ system32 \ svchost.exe => Il file è firmato digitalmente
C: \ Windows \ SysWOW64 \ svchost.exe => File firmato digitalmente
C: \ Windows \ system32 \ services.exe => Il file è firmato digitalmente
C: \ Windows \ system32 \ User32.dll => Il file è firmato digitalmente
C: \ Windows \ SysWOW64 \ User32.dll => File firmato digitalmente
C: \ Windows \ system32 \ userinit.exe => Il file è firmato digitalmente
C: \ Windows \ SysWOW64 \ userinit.exe => File firmato digitalmente
C: \ Windows \ system32 \ rpcss.dll => Il file è firmato digitalmente
C: \ Windows \ system32 \ dnsapi.dll => Il file è firmato digitalmente
C: \ Windows \ SysWOW64 \ dnsapi.dll => File firmato digitalmente
C: \ Windows \ system32 \ Drivers \ volsnap.sys => File con firma digitale


ATTENZIONE: ==> Impossibile accedere a BCD. L'utente non è un amministratore

==================== FRST.txt sonu ========================= = ==
M

malsaurus

Membro TS
  • #9
Risultato della scansione aggiuntiva di Farbar Recovery Scan Tool (x64) Versione: 08.11.2018
Gestito da Tom (10-11-2018 10:55:36)
Esegui da C: \ Users \ Tom \ Downloads
Windows 7 Professional Service Pack 1 (X64) (2014-04-15 23:08:59)
Modalità di avvio: normale
==========================================================


==================== Account: ============================ =

Manager (S-1-5-21-252852572-1064671646-1800406956-500 - Manager - Disabilitato)
Ospite (S-1-5-21-252852572-1064671646-1800406956-501 - Limitato - Disabilitato)
Gruppo HomeUtente $ (S-1-5-21-252852572-1064671646-1800406956-1003 - Limitato - Attivo)
jl (S-1-5-21-252852572-1064671646-1800406956-1000 - Amministratore - Attivo) => C: \ Users \ jl
Tom (S-1-5-21-252852572-1064671646-1800406956-1001 - Limitato - Attivo) => C: \ Users \ Tom

==================== Centro sicurezza PC ========================

(Se una voce viene aggiunta all'elenco delle correzioni, verrà rimossa.)

AV: Microsoft Security Essentials (Attivo - Attuale) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Attivo - Attuale) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (disabilitato - corrente) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programmi installati ======================

(Solo i programmi adware con il flag "Nascosto" possono essere aggiunti all'elenco delle correzioni per mostrarli. I programmi adware devono essere rimossi manualmente.)

Adobe Flash Player 31 ActiveX (HKLM-x32 \ ... \ Adobe Flash Player ActiveX) (Sürüm: 31.0.0.122 - Adobe Systems Incorporated)
Adobe Flash Player 31 NPAPI (HKLM-x32 \ ... \ Adobe Flash Player NPAPI) (Sürüm: 31.0.0.122 - Adobe Systems Incorporated)
Adobe Reader XI MUI (HKLM-x32 \ ... \ {AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Sürüm: 11.0.00 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.23) (HKLM-x32 \ ... \ {AC76BA86-7AD7-1033-7B44-AB0000000001}) (Sürüm: 11.0.23 - Adobe Systems Incorporated)
Advanced Sound FX Engine (HKLM-x32 \ ... \ Advanced Sound FX Engine) (Versione: 1.12.05 - Creative Technology Ltd)
Bing Bar (HKLM-x32 \ ... \ (16793295-2366-40F7-A045-A3E42A81365E)) (Versione: 7.1.362.0 - Microsoft Corporation)
Canon Easy-WebPrint EX (HKLM-x32 \ ... \ Easy-WebPrint EX) (Sürüm: 1.5.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32 \ ... \ Canon_IJ_Scan_Utility) (Versione: - Canon Inc.)
Canon Inkjet Printer / Scanner / Fax Extended Survey Program (HKLM-x32 \ ... \ CANONIJPLM100) (Versione: 4.1.0 - Canon Inc.)
MP Drivers Canon MX390 series (HKLM \ ... \ (1199FAD5-9546-44f3-81CF-FFDB8040B7BF) _Canon_MX390_series) (Versione: 1.00 - Canon Inc.)
Canon MX390 series Display Manual (HKLM-x32 \ ... \ Canon MX390 series Display Manual) (Versione: 7.6.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32 \ ... \ Canon My Image Garden) (Sürüm: 1.1.2 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32 \ ... \ Canon My Image Garden Design Files) (Versione: 1.0.1 - Canon Inc.)
My Canon Printer (HKLM-x32 \ ... \ CanonMyPrinter) (Versione: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32 \ ... \ CanonQuickMenu) (Versione: 2.1.0 - Canon Inc.)
Canon Speed ​​Dial Utility (HKLM-x32 \ ... \ Speed ​​Dial Utility) (Versione: 1.3.0 - Canon Inc.)
Chrome (HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 \ ... \ Chromium) (Versione: 45.0.2444.0 - Chrome)
Modulo Cisco EAP-FAST (HKLM-x32 \ ... \ (64BF0187-F3D2-498B-99EA-163AF9AE6EC9)) (Versione: 2.2.14 - Cisco Systems, Inc.) Nascosto
Modulo Cisco LEAP (HKLM-x32 \ ... \ (51C7AD07-C3F6-4635-8E8A-231306D810FE)) (Versione: 1.0.19 - Cisco Systems, Inc.) Nascosto
Modulo Cisco PEAP (HKLM-x32 \ ... \ (ED5776D5-59B4-46B7-AF81-5F2D94D7C640)) (Versione: 1.1.6 - Cisco Systems, Inc.) Nascosto
Dell Backup & Recovery - Software di supporto (HKLM-x32 \ ... \ (A9668246-FB70-4103-A1E3-66C9BC2EFB49)) (Versione: 1.6.2.0 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32 \ ... \ (0ED7EE95-6A97-47AA-AD73-152C08A15B04)) (Versione: 1.6.2.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32 \ ... \ (693A23FB-F28B-4F7A-A720-4C1263F97F43)) (Versione: 3.1.1002.0 - Prodotti Dell, LP)
Dell Edoc Viewer (HKLM \ ... \ {8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Sürüm: 1.0.0 - Dell Inc)
Dell Touchpad (HKLM \ ... \ SynTPDeinstKey) (Versione: 17.0.14.0 - Synaptics Incorporated)
Dell Webcam Central (HKLM-x32 \ ... \ Dell Webcam Central) (Sürüm: 2.01.15 - Creative Technology Ltd)
Dropbox (HKLM-x32 \ ... \ Dropbox) (Sürüm: 61.4.95 - Dropbox, Inc.)
Assistente aggiornamento Dropbox (HKLM-x32 \ ... \ (099218A5-A723-43DC-8DB5-6173656A1E94)) (Versione: 1.3.141.1 - Dropbox, Inc.) Nascosto
DSC / AA Factory Setup Program (HKLM \ ... \ (F7A70D00-F283-45C8-B163-49EC365D7E27)) (Versione: 3.4.6299.48 - PC-Doctor, Inc.) Riservato
DW WLAN Card Utility (HKLM \ ... \ DW WLAN Card Utility) (Versione: 6.30.223.99 - Dell Inc.)
Componente aggiuntivo di Google Talk (HKLM-x32 \ ... \ (F9B579C2-D854-300A-BE62-A09EB9D722E4)) (Versione: 5.41.3.0 - Google)
Intel (R) Management Engine Components (HKLM-x32 \ ... \ (65153EA5-8B6E-43B6-857B-C6E4FC25798A)) (Versione: 9.5.3.1520 - Intel Corporation)
Intel (R) Processor Graphics (HKLM-x32 \ ... \ (F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA)) (Versione: 10.18.10.3345 - Intel Corporation)
Intel (R) Rapid Storage Technology (HKLM \ ... \ (409CB30E-E457-4008-9B1A-ED1B9EA21140)) (Versione: 12.8.2.1000 - Intel Corporation)
Driver controller host espandibile USB 3.0 Intel (R) (HKLM-x32 \ ... \ (240C3DDD-C5E9-4029-9DF7-95650D040CF2)) (Versione: 2.5.1.28 - Intel Corporation)
Java 7 Update 67 (HKLM-x32 \ ... \ (26A24AE4-039D-4CA4-87B4-2F03217067FF)) (Versione: 7.0.670 - Oracle)
Microsoft .NET Framework 4.7.2 (HKLM \ ... \ {92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Sürüm: 4.7.03062 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32 \ ... \ Office14.SingleImage) (Versione: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM \ ... \ Microsoft Security Client) (Sürüm: 4.10.209.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM \ ... \ {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Sürüm: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C ++ 2005 Redistributable (x64) (HKLM \ ... \ (071c9b48-7c32-4621-a0ac-3f809523288f)) (Versione: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C ++ 2005 Redistributable (x64) (HKLM \ ... \ (ad8a2fa1-06e7-4b0d-927d-6e54b3d31028)) (Versione: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C ++ 2008 Redistributable - x64 9.0.30729.17 (HKLM \ ... \ (8220EEFE-38CD-377E-8595-13398D740ACE)) (Versione: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C ++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM \ ... \ (5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4)) (Versione: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C ++ 2010 x64 Redistributable - 10.0.40219 (HKLM \ ... \ (1D8E6291-B0D5-35EC-8441-6616F567A0F7)) (Versione: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C ++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32 \ ... \ (F0C3E5D1-1ADE-321E-8167-68EF0DE699A5)) (Versione: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C ++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32 \ ... \ (050d4fc8-5d48-4b8f-8972-47c82c46020f)) (Versione: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C ++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32 \ ... \ (f65db027-aff3-4070-886a-0d87064aabb1)) (Versione: 12.0.30501.0 - Microsoft Corporation)
Strumenti di Microsoft Visual Studio 2010 per Office Runtime (x64) (HKLM \ ... \ Microsoft Visual Studio 2010 Tools per Office Runtime (x64)) (Versione: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 63.0.1 (x64 tr-ABD) (HKLM \ ... \ Mozilla Firefox 63.0.1 (x64 tr-ABD)) (Sürüm: 63.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32 \ ... \ MozillaMaintenanceService) (Versione: 63.0.1.6877 - Mozilla)
Music Toolbar (HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 \ ... \ Music Toolbar) (Versione: 5.0.0.13124 - iMesh Inc) <==== DİKKAT
My Dell (HKLM \ ... \ PC-Doctor per Windows) (Versione: 3.4.6299.48 - PC-Doctor, Inc.)
Project64 1.6 (HKLM-x32 \ ... \ (9559F7CA-5E34-4237-A2D9-D856464AD727)) (Versione: 1.6 - Project64)
Quickset64 (HKLM \ ... \ {87CF757E-C1F1-4D22-865C-00C6950B5258}) (Sürüm: 10.16.002 - Dell Inc.)
Driver audio ad alta definizione Realtek (HKLM-x32 \ ... \ (F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Versione: 6.0.1.7023 - Realtek Semiconductor Corp.)
Cerca nel Web (Yahoo) (HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 \ ... \ (95ED7D2D-C56D-ACAD-74ED-DC2DA46D0FAD)) (Versione: -) <=== = DİKKAT
Service Pack 2 per Microsoft Office 2010 (KB2687455) versione a 32 bit (HKLM-x32 \ ... \ {90140000-003D-0000-0000-0000000FF1CE) _Office14.SingleImage_ (DE28B448-32E8-4E8F-84F0-A52B21A49B5B) : - Microsoft)
Runtime per C x64 condiviso (HKLM \ ... \ (EF79C448-6946-4D71-8134-03407888C054)) (Versione: 10.0.0 - McAfee)
Steam (HKLM-x32 \ ... \ Steam) (Sürüm: 2.10.91.91 - Valve Corporation)
TeamViewer 9 (HKLM-x32 \ ... \ TeamViewer 9) (Versione: 9.0.27614 - TeamViewer)
VLC media player (HKLM-x32 \ ... \ VLC media player) (Versione: 2.2.8 - VideoLAN)
Software Bluetooth WIDCOMM (HKLM \ ... \ (A1439D4F-FD46-47F2-A1D3-FEE097C29A09)) (Versione: 6.5.1.4700 - Broadcom Corporation)
WSE Rocket (HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 \ ... \ WSE Rocket) (Versione: - WSE Rocket) <==== DİKKAT
WSE_Astromenda (HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 \ ... \ WSE_Astromenda) (Versione: - WSE_Astromenda) <==== DİKKAT

==================== CLSID personalizzato (White List): ======================= = ==

(Se una voce viene aggiunta all'elenco delle correzioni, viene rimossa dal registro. Il file non verrà spostato a meno che non sia elencato separatamente).

ShellIconOverlayIdentifiers: [DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc. )
ShellIconOverlayIdentifiers: [DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc. )
ShellIconOverlayIdentifiers: [DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc. )
ShellIconOverlayIdentifiers: [DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc. )
ShellIconOverlayIdentifiers: [DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc. )
ShellIconOverlayIdentifiers: [DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc. )
ShellIconOverlayIdentifiers: [DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc. )
ShellIconOverlayIdentifiers: [DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc. )
ShellIconOverlayIdentifiers: [DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc. )
ShellIconOverlayIdentifiers: [DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc. )
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C: \ Windows \ System32 \ mscoree.dll [2010-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C: \ Windows \ System32 \ mscoree.dll [2010-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, COME.)
ShellIconOverlayIdentifiers-x32: [DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, COME.)
ShellIconOverlayIdentifiers-x32: [DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, COME.)
ShellIconOverlayIdentifiers-x32: [DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, COME.)
ShellIconOverlayIdentifiers-x32: [DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, COME.)
ShellIconOverlayIdentifiers-x32: [DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, COME.)
ShellIconOverlayIdentifiers-x32: [DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, COME.)
ShellIconOverlayIdentifiers-x32: [DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, COME.)
ShellIconOverlayIdentifiers-x32: [DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, COME.)
ShellIconOverlayIdentifiers-x32: [DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, COME.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc. )
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c: \ Program Files \ Microsoft Security Client \ shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c: \ Program Files \ Microsoft Security Client \ shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc. )
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c: \ Program Files \ Microsoft Security Client \ shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc. )
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C: \ Windows \ system32 \ igfxpph.dll [2013-10-29] (Intel Corporation)

==================== Attività pianificate (Whitelist) =============

(Se una voce viene aggiunta all'elenco delle correzioni, viene rimossa dal registro. Il file non verrà spostato a meno che non sia elencato separatamente).


(Se viene aggiunta una voce all'elenco delle correzioni, il file dell'attività (.job) verrà spostato. Il file eseguito dall'attività non verrà spostato.)

Attività: C: \ Windows \ Tasks \ DropboxUpdateTaskMachineCore.job => <==== DİKKAT
Attività: C: \ Windows \ Tasks \ DropboxUpdateTaskMachineUA.job => <==== DİKKAT
Attività: C: \ Windows \ Tasks \ Update_Task.job => C: \ Users \ Tom \ AppData \ Local \ {A81F9 ~ 1 \ UNINST ~ 1.EXE
Attività: C: \ Windows \ Tasks \ {1B7B29A5-081A-DBB0-79E4-101AD15B16AA} .job => C: \ Users \ Tom \ AppData \ Roaming \ {4CE77 ~ 1 \ PRODUC ~ 1.EXE <==== DİKKAT
Attività: C: \ Windows \ Tasks \ {4B63B3D9-A905-B81E-883E-3B544CC01479} .job => C: \ Users \ Tom \ AppData \ Roaming \ {4CE77 ~ 1 \ PRODUC ~ 1.EXE <==== DİKKAT
Attività: C: \ Windows \ Tasks \ {58F8473A-A6D6-EB55-AF4D-772F0358E8D9} .job => C: \ Users \ Tom \ AppData \ Roaming \ PIKEME ~ 1 \ SYNCVE ~ 1.EXE <==== DİKKAT

==================== Scorciatoie e WMI ========================

(Le voci possono essere elencate per il ripristino o la rimozione.)

WMI: subscription \ __ FilterToConsumerBinding-> CommandLineEventConsumer.Name = \ "BVTConsumer \" "Filter =" __ EventFilter.Name = \ "BVTFilter \":
WMI: iscrizione \ __ EventFilter-> BVTFilter:
WMI: subscription \ CommandLineEventConsumer-> BVTConsumer:

==================== Moduli installati (whitelist) ==============

15/07/2014 19:08 - 25/06/2014 21:24 - 000743960 _____ () C: \ Users \ Tom \ AppData \ Local \ Music Toolbar \ Datamngr \ x64 \ apcrtldr.dll
08/08/2014 13:38 - 08/08/2014 13:38 - 001173504 _____ () C: \ Users \ Tom \ AppData \ Local \ WSE_Astromenda \ BRS \ brs.exe
01/09/2018 09:09 - 10/10/2018 11:17 - 001056032 _____ () C: \ Programmi (x86) \ Steam \ bin \ cef \ cef.win7x64 \ SDL2.dll
01/09/2018 09:09 - 23/09/2018 07:00 - 102804768 _____ () C: \ Programmi (x86) \ Steam \ bin \ cef \ cef.win7x64 \ libcef.dll
01/09/2018 09:09 - 23/09/2018 07:00 - 004866336 _____ () C: \ Programmi (x86) \ Steam \ bin \ cef \ cef.win7x64 \ libglesv2.dll
01/09/2018 09:09 - 23/09/2018 07:00 - 000116000 _____ () C: \ Programmi (x86) \ Steam \ bin \ cef \ cef.win7x64 \ libegl.dll

==================== Flussi di dati alternativi (whitelist) =========

(Se viene aggiunta una voce all'elenco delle correzioni, verrà rimosso solo l'ADS.)


==================== Modalità provvisoria (White List) ===================

(Se una voce viene aggiunta all'elenco delle correzioni, viene rimossa dal registro. "AlternateShell" viene ripristinato.)

HKLM \ SYSTEM \ CurrentControlSet \ Control \ SafeBoot \ Minimal \ mcpltsvc => "" = ""
HKLM \ SYSTEM \ CurrentControlSet \ Control \ SafeBoot \ Network \ mcpltsvc => "" = ""

==================== Association (White List) ===============

(Se viene aggiunta una voce all'elenco delle correzioni, l'elemento del registro verrà ripristinato al valore predefinito o rimosso.)


==================== Internet Explorer è attendibile / limitato ===============

(Se una voce viene aggiunta all'elenco delle correzioni, verrà rimossa dal registro.)


==================== Contenuto ospitato: =========================== ====

(Se necessario, la direttiva Hosts: può essere aggiunta all'elenco delle correzioni per reimpostare gli host.)

2009-07-14 09:34 - 2016-10-30 20:27 - 000000824 _____ C: \ Windows \ system32 \ Drivers \ etc \ hosts


==================== Altre aree ============================

(Al momento non esiste una correzione automatica per questa sezione.)

HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 \ Pannello di controllo \ Desktop \ Wallpaper -> C: \ Users \ Tom \ AppData \ Roaming \ Microsoft \ Internet Explorer \ Internet Explorer Wallpaper.bmp
Server DNS: 192.168.8.1
HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Policies \ System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall è abilitato.

==================== MSCONFIG / TASK MANAGER elementi disabilitati ==

Se una voce viene aggiunta all'elenco delle correzioni, viene rimossa.


==================== Regole del firewall (lista bianca) ===============

(Se una voce viene aggiunta all'elenco delle correzioni, viene rimossa dal registro. Il file non verrà spostato a meno che non sia elencato separatamente).

FirewallRules: [SPPSVC-In-TCP] => (İzin Ver)% SystemRoot% \ system32 \ sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (İzin Ver)% SystemRoot% \ system32 \ sppsvc.exe
Regole firewall: [(9CF7717F-2010-4253-AA16-19FE8EA4BF73}] => (Consenti) C: \ Program Files \ Common Files \ mcafee \ platform \ McSvcHost \ McSvHost.exe
Regole firewall: [(0329C6F4-9488-4E86-B17F-652092300CAE}] => (Consenti) C: \ Programmi \ File comuni \ mcafee \ platform \ McSvcHost \ McSvHost.exe
Regole firewall: [(C369BE56-42BB-4198-8F6A-DEE8959B9CAA}] => (Consenti) C: \ Programmi (x86) \ TeamViewer \ Version9 \ TeamViewer.exe
Regole del firewall: [{93423788-362C-4F4A-B6BB-51CEDCE1C385}] => (Consenti) C: \ Programmi (x86) \ TeamViewer \ Version9 \ TeamViewer.exe
Regole del firewall: [(6ECCA7FB-75BD-4713-80B1-2FFC52216413}] => (Consenti) C: \ Programmi (x86) \ TeamViewer \ Version9 \ TeamViewer_Service.exe
Regole firewall: [{B2DEE43C-9749-46D5-86D4-E1AD3BD0A8FA}] => (Consenti) C: \ Programmi (x86) \ TeamViewer \ Version9 \ TeamViewer_Service.exe
Regole firewall: [Utente query TCP {CA65F636-2E2F-4F5B-AD2A-B490809EBBAC} C: \ programmi (x86) \ java \ jre7 \ bin \ javaw.exe] => (Blocca) C: \ file di programma (x86 ) \ java \ jre7 \ bin \ javaw.exe
Regole firewall: [Utente query UDP {27CA3358-D5E8-4834-8D76-FCC84D4BA9DD} C: \ programmi (x86) \ java \ jre7 \ bin \ javaw.exe] => (Blocca) C: \ file di programma (x86 ) \ java \ jre7 \ bin \ javaw.exe
Regole del firewall: [TCP Query User {140A36C7-FE07-4F1D-8D04-8C47C4E25BB8} C: \ programmi (x86) \ java \ jre7 \ bin \ javaw.exe] => (Blocca) C: \ file di programma (x86 ) \ java \ jre7 \ bin \ javaw.exe
Regole firewall: [Utente query UDP {40EE594F-8D7A-42A9-B720-F2E09FA6FE21} C: \ file di programma (x86) \ java \ jre7 \ bin \ javaw.exe] => (Blocca) C: \ file di programma (x86 ) \ java \ jre7 \ bin \ javaw.exe
Regole firewall: [TCP Query User {A4BBE909-B388-423E-B16C-F9181DD98C95} C: \ program files (x86) \ mozilla firefox \ plugin-container.exe] => (Block) C: \ program files (x86) \ mozilla fire \ plugin -Container.exe
Regole del firewall: [Utente query UDP {FF29D758-A94E-4D27-88F6-46C07B2FC0C9} C: \ program files (x86) \ mozilla firefox \ plugin-container.exe] => (Block) C: \ program files (x86) \ mozilla fire \ plugin -Container.exe
Regole del firewall: [Utente query TCP {ABC85B0D-21C7-4F04-A0E9-73CBCC9579FB} C: \ users \ tom \ Downloads \ sanicball_v0.6_win \ sanicball_v0.6_win \ sanicball_v0.6.exe] => (Blocca) C: \ utenti \ tom \ download \ sanicball_v0.6_win \ sanicball_v0.6_win \ sanicball_v0.6.exe
Regole del firewall: [Utente query UDP {691260CF-C60C-4A72-B467-8BCCEDD8BEAC} C: \ users \ tom \ Downloads \ sanicball_v0.6_win \ sanicball_v0.6_win \ sanicball_v0.6.exe] => (Blocca) C: \ utenti \ tom \ download \ sanicball_v0.6_win \ sanicball_v0.6_win \ sanicball_v0.6.exe
Regole firewall: [TCP Query User {C12BA0B1-7FCE-4E94-A94A-C433F43CF2F4} C: \ users \ tom \ Downloads \ sanicball_v0.6_win \ sanicball_v0.6_win \ sanicball_v0.6.exe] => (Blocca) C: \ utenti \ tom \ download \ sanicball_v0.6_win \ sanicball_v0.6_win \ sanicball_v0.6.exe
Regole del firewall: [Utente query UDP {B123AE5C-E5E9-4E4F-A9ED-DC7122223EE9} C: \ users \ tom \ Downloads \ sanicball_v0.6_win \ sanicball_v0.6_win \ sanicball_v0.6.exe] => (Blocca) C: \ utenti \ tom \ download \ sanicball_v0.6_win \ sanicball_v0.6_win \ sanicball_v0.6.exe
Regole del firewall: [{9544AA84-BBBF-4862-87FD-D3EDE71B46AB}] => (Consenti) C: \ Programmi (x86) \ Mozilla Firefox \ firefox.exe
Regole del firewall: [{1D98D9AC-6662-4161-8560-57553E4BE5FA}] => (Consenti) C: \ Programmi (x86) \ Mozilla Firefox \ firefox.exe
Regole firewall: [TCP Query User {4A551C88-8E94-4AEA-86D4-267D9DCDBC71} C: \ program files (x86) \ mozilla firefox \ firefox.exe] => (Block) C: \ program files (x86) \ mozilla firefox \ firefox.exe
Regole del firewall: [Utente query UDP {AB5C3F76-1AC0-48EE-BA23-369B3EC6D64B} C: \ program files (x86) \ mozilla firefox \ firefox.exe] => (Block) C: \ program files (x86) \ mozilla firefox \ firefox.exe
Regole firewall: [{966AB22D-A81F-4D4D-9B0A-1FE4A48AED24}] => (Consenti) C: \ Programmi (x86) \ Steam \ Steam.exe
Regole firewall: [{31266E60-E0DA-43B2-A2F7-E0C1F637A585}] => (Consenti) C: \ Programmi (x86) \ Steam \ Steam.exe
Regole firewall: [{899C566A-4E1F-4723-B29F-F3AD6219AB9A}] => (Consenti) C: \ Programmi (x86) \ Steam \ bin \ steamwebhelper.exe
Regole del firewall: [{BDEDD58A-9786-4CB6-9379-401115664500}] => (Consenti) C: \ Programmi (x86) \ Steam \ bin \ steamwebhelper.exe
Regole del firewall: [(13F8CCDA-DA71-4C55-A80A-A8F6A8A7A873}] => (Consenti) C: \ Programmi (x86) \ Steam \ steamapps \ common \ Warframe \ Warframe.exe
Regole firewall: [{0811523A-E7EE-41FA-AFAD-5A8407487C80}] => (Consenti) C: \ Programmi (x86) \ Steam \ steamapps \ common \ Warframe \ Warframe.x64.exe
Regole del firewall: [{F466C83D-B9B2-4B4A-A6AB-8D26EEB3448A}] => (Consenti) C: \ Programmi (x86) \ Steam \ steamapps \ common \ Warframe \ Warframe.exe
Regole del firewall: [{E8D1FA73-CD16-4BE8-874D-EEE4E22A0C0D}] => (Consenti) C: \ Programmi (x86) \ Steam \ steamapps \ common \ Warframe \ Warframe.x64.exe
Regole del firewall: [{07B8C7E7-7C24-4730-84F1-41ACDAFA8D9B}] => (Consenti) C: \ Programmi (x86) \ Steam \ steamapps \ common \ Warframe \ Tools \ Launcher.exe
Regole del firewall: [{4561772C-C6C0-4F89-8BAF-2E22F7E9DA59}] => (Consenti) C: \ Programmi (x86) \ Steam \ steamapps \ common \ Warframe \ Tools \ RemoteCrashSender.exe
Regole del firewall: [{DBE9FD3D-CDA6-4452-88FF-BB3799E15712}] => (Consenti) C: \ Programmi (x86) \ Steam \ steamapps \ common \ Warframe \ Warframe.exe
Regole firewall: [{61EA9457-CAE8-4C9A-8516-DC2A8CE9CC3E}] => (Consenti) C: \ Programmi (x86) \ Steam \ steamapps \ common \ Warframe \ Warframe.x64.exe
Regole firewall: [{116E7F9E-32CB-451C-9A0C-C9325E6FEF06}] => (Consenti) C: \ Programmi (x86) \ Steam \ steamapps \ common \ Warframe \ Warframe.exe
Regole del firewall: [{A5AFE814-6B45-442C-8E8B-340EFBDC709D}] => (Consenti) C: \ Programmi (x86) \ Steam \ steamapps \ common \ Warframe \ Warframe.x64.exe
Regole del firewall: [{75C5F4F6-4BD8-4DB9-8F51-D55D109A7770}] => (Consenti) C: \ Programmi (x86) \ Steam \ steamapps \ common \ Warframe \ Tools \ Launcher.exe
Regole del firewall: [{124EBD45-35A6-4247-9FD1-81027B60141D}] => (Consenti) C: \ Programmi (x86) \ Steam \ steamapps \ common \ Warframe \ Tools \ RemoteCrashSender.exe
Regole del firewall: [{21F7ECEB-4D4E-46E2-A628-9D1509B5526B}] => (Consenti) C: \ Programmi (x86) \ Mozilla Firefox \ firefox.exe
Regole del firewall: [{991CBD67-A939-4295-A1DE-457D84DDDA63}] => (Consenti) C: \ Programmi (x86) \ Mozilla Firefox \ firefox.exe
Regole del firewall: [(39F36880-57B5-4BA7-A8A8-9E6D9DC816F1)] => (Consenti) C: \ Programmi (x86) \ Steam \ bin \ cef \ cef.win7 \ steamwebhelper.exe
Regole firewall: [(759ABF36-1380-4746-BEE2-FA13F62EA111}] => (Consenti) C: \ Programmi (x86) \ Steam \ bin \ cef \ cef.win7 \ steamwebhelper.exe
Regole firewall: [(3A6369EA-B508-45CA-8B02-4441B9227327}] => (Consenti) C: \ Programmi (x86) \ Steam \ steamapps \ common \ Factorio Demo \ bin \ x64 \ factorio.exe
Regole firewall: [(6AB3B199-CF3B-487D-851D-6732F7D69F8D}] => (Consenti) C: \ Programmi (x86) \ Steam \ steamapps \ common \ Factorio Demo \ bin \ x64 \ factorio.exe
Regole firewall: [{3CEAAC27-3312-43C7-B3B2-B2404B3FF48B}] => (Consenti) C: \ Games \ World_of_Tanks \ worldoftanks.exe
Regole firewall: [{CE6AC79A-DE61-4A2F-AD07-4AD1C325CAF2}] => (Consenti) C: \ Games \ World_of_Tanks \ worldoftanks.exe
Regole del firewall: [{7BD6D826-12F5-4C3D-BEEA-B61760F2A720}] => (Consenti) C: \ Games \ World_of_Tanks \ WoTLauncher.exe
Regole del firewall: [{438363F6-44B4-4BB6-9E56-33B1CEE4BADC}] => (Consenti) C: \ Games \ World_of_Tanks \ WoTLauncher.exe
Regole firewall: [Utente query TCP {407E310C-BF9E-43FB-A431-8E93C7D582AE} C: \ programdata \ wargaming.net \ gamecenter \ wgc.exe] => (Consenti) C: \ programdata \ wargaming.net \ gamecenter \ wgc. EXE
Regole firewall: [Utente query UDP {B8B68F0E-1EFA-4E01-A7A7-53810ACFED05} C: \ programdata \ wargaming.net \ gamecenter \ wgc.exe] => (Consenti) C: \ programdata \ wargaming.net \ gamecenter \ wgc. EXE
Regole firewall: [{C68529EF-3E1F-49DA-99F2-B2A8AF5DC1D7}] => (Consenti) C: \ Games \ World_of_Tanks \ worldoftanks.exe
Regole firewall: [{E6223ECF-FB37-404E-AAD2-66D98A2B8E42}] => (Consenti) C: \ Games \ World_of_Tanks \ worldoftanks.exe
Regole firewall: [{D5FD7E3B-40F3-445C-AD9E-141E0B863133}] => (Consenti) C: \ Games \ World_of_Tanks \ WoTLauncher.exe
Regole del firewall: [{CADA0BC2-A443-43B3-B488-B95197FE6284}] => (Consenti) C: \ Games \ World_of_Tanks \ WoTLauncher.exe
Regole firewall: [{6C44A193-369E-4449-980C-87F2C854501D}] => (Consenti) C: \ Games \ World_of_Tanks \ worldoftanks.exe
Regole firewall: [{D059686E-9117-4959-A9E8-329735FF8C11}] => (Consenti) C: \ Games \ World_of_Tanks \ worldoftanks.exe
Regole firewall: [{89C680E3-75B7-4046-8E80-AA558A7F84DE}] => (Consenti) C: \ Games \ World_of_Tanks \ WoTLauncher.exe
Regole firewall: [{E0675414-597D-4CC4-A006-C814CE302696}] => (Consenti) C: \ Games \ World_of_Tanks \ WoTLauncher.exe
Regole firewall: [{88577415-100B-486A-9692-DAE1A77A3B19}] => (Consenti) C: \ Games \ World_of_Tanks \ worldoftanks.exe
Regole del firewall: [{F59CEC88-3787-4796-A17D-92C9C03EB721}] => (Consenti) C: \ Games \ World_of_Tanks \ worldoftanks.exe
Regole firewall: [{79A57D12-5B41-40EA-AD13-6BE4EAC6EED6}] => (Consenti) C: \ Games \ World_of_Tanks \ WoTLauncher.exe
Regole firewall: [{422F3BA7-BD30-4601-A022-4FF9CC9244CF}] => (Consenti) C: \ Games \ World_of_Tanks \ WoTLauncher.exe
Regole firewall: [{85D4BC88-B380-4851-9F07-3FB3A371656A}] => (Consenti) C: \ Games \ World_of_Tanks \ WoTLauncher.exe
Regole firewall: [{30317279-5100-4A1F-9908-044DA05D3E03}] => (Consenti) C: \ Games \ World_of_Tanks \ WoTLauncher.exe
Regole firewall: [{05307826-6799-437B-AF8B-95212F52E1CE}] => (Consenti) C: \ Games \ World_of_Tanks \ worldoftanks.exe
Regole firewall: [{36CAB5CE-4E65-47A0-8355-2B4B3023424E}] => (Consenti) C: \ Games \ World_of_Tanks \ worldoftanks.exe
Regole firewall: [{0B5A8CA5-F85C-4D34-855E-0B7B51486247}] => (Consenti) C: \ Games \ World_of_Tanks \ worldoftanks.exe
Regole firewall: [{A4228451-0672-47C2-9A0F-38550D85EAEC}] => (Consenti) C: \ Games \ World_of_Tanks \ worldoftanks.exe
Regole firewall: [{80DB1D4A-2045-4A58-933E-A7263E56994A}] => (Consenti) C: \ Games \ World_of_Tanks \ WoTLauncher.exe
Regole firewall: [(9F700929-D218-40C0-B5F0-E68516163DCA}] => (Consenti) C: \ Games \ World_of_Tanks \ WoTLauncher.exe
Regole firewall: [TCP Query User {79F3AA94-CAD1-4DFB-B30A-0058EA5B15F5} C: \ program files (x86) \ cocoa \ kakaotalk \ kakaotalk.exe] => (Block) C: \ program files (x86) \ cacao \ kakaotalk \ kakaotalk.exe
Regole firewall: [Utente query UDP {1B9E6C43-69DE-49DA-A9D1-7EDF3506F32B} C: \ file di programma (x86) \ cocoa \ kakaotalk \ kakaotalk.exe] => (Blocca) C: \ file di programma (x86) \ cacao \ kakaotalk \ kakaotalk.exe
Regole del firewall: [{C27E4CED-FA85-4370-AB48-87FBDAAB0C49}] => (Consenti) C: \ Programmi (x86) \ Steam \ bin \ cef \ cef.win7x64 \ steamwebhelper.exe
Regole del firewall: [{9290E379-E4D9-4725-ADFC-CA7498735732}] => (Consenti) C: \ Programmi (x86) \ Steam \ bin \ cef \ cef.win7x64 \ steamwebhelper.exe
Regole firewall: [{97BA10B5-8CC3-4EFC-9080-337BECF5CAAF}] => (Consenti) C: \ Windows \ SysWOW64 \ PnkBstrA.exe
Regole firewall: [{70B1E7C2-08F8-4219-ADFC-9A792B97DDBA}] => (Consenti) C: \ Windows \ SysWOW64 \ PnkBstrA.exe
Regole firewall: [{1644AF7B-40F5-4EB0-BDBF-DB9F4DAE59B0}] => (Consenti) C: \ Windows \ SysWOW64 \ PnkBstrB.exe
Regole firewall: [{B50B0672-109F-45CA-9BE9-D1F0526AE257}] => (Consenti) C: \ Windows \ SysWOW64 \ PnkBstrB.exe
Regole firewall: [(6CDCD51A-C31D-4714-9752-BF3BFE1A7613}] => (Consenti) C: \ Programmi (x86) \ Dropbox \ Client \ Dropbox.exe

==================== Punti di ripristino =========================

AVVISO: Ripristino configurazione di sistema è disabilitato
Controllare il servizio "winmgmt" o riparare WMI.


==================== Dispositivi di gestione dispositivi difettosi =============

Nome: MpKsl9b5e44a7
Descrizione: MpKsl9b5e44a7
Direttiva di classe: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Produttore:
Servizio: MpKsl9b5e44a7
Problema: questo dispositivo non esiste, non funziona correttamente o non ha tutti i driver installati. (Codice 24)
Soluzione: il dispositivo non è installato correttamente. Il problema potrebbe essere un errore hardware o potrebbe essere necessario un nuovo driver.
I dispositivi rimangono in questo stato se sono pronti per la rimozione.
Questo errore scompare dopo aver rimosso il dispositivo. Rimuovere il dispositivo e questo errore dovrebbe essere risolto.


==================== Errori del registro eventi: =========================

Errori dell'applicazione:
==================
Errore: (11/09/2018 05:56:41 PM) (Origine: errore dell'applicazione) (EventID: 1000) (Utente :)
Descrizione: nome dell'applicazione non corretto: WLANExt.exe, versione: 6.1.7600.16385, data e ora: 0x4a5bcc33
Nome del modulo che ha generato l'errore: FunDisc.dll_unloaded, versione: 0.0.0.0, timestamp: 0x4a5bdf11
Codice eccezione: 0xc0000005
Offset errore: 0x000007fef9272664
ID processo errato: 0x1238
Ora di inizio dell'applicazione difettosa: 0x01d47818a52422ae
Percorso dell'applicazione che ha generato l'errore: C: \ Windows \ system32 \ WLANExt.exe
Percorso del modulo difettoso: FunDisc.dll
ID rapporto: 22e34cb7-e40e-11e8-ab34-342387de9750

Errore: (12.12.2018 07:18:03) (Origine: WinMgmt) (EventID: 10) (Utente :)
Descrizione: il codice evento "SELECT * FROM __InstanceModificationEvent ENTRO 60 WHERE TargetInstance ISA" Win32_Processor "AND TargetInstance.LoadPerundred> 99" non può essere riattivato nello spazio dei nomi "//./root/CIMV2" a causa dell'errore 0x80041003. Gli eventi non possono essere inoltrati tramite questo filtro finché il problema non viene risolto.

Errore: (11.11.2018 11:06:13) (Origine: Errore dell'applicazione) (EventID: 1000) (Utente :)
Descrizione: nome dell'applicazione non corretto: Pokemon.exe, versione: 1.0.0.0, timestamp: 0x539d91b0
Nome del modulo che ha generato l'errore: KERNELBASE.dll, versione: 6.1.7601.24260, timestamp: 0x5b946d85
Codice eccezione: 0xe0434352
Offset errore: 0x0000c54f
ID processo che ha generato l'errore: 0x16d0
Ora di inizio dell'applicazione difettosa: 0x01d46117bf92f333
Percorso dell'applicazione che ha generato l'errore: C: \ Users \ Tom \ Downloads \ Pokemon \ Pokemon.exe
Percorso del modulo difettoso: C: \ Windows \ syswow64 \ KERNELBASE.dll
ID rapporto: fde2fc11-cd0a-11e8-af2f-342387de9750

Errore: (11.11.2018 11:06:12) (Origine: .NET Runtime) (EventID: 1026) (Utente :)
Descrizione: Application: Pokemon.exe
Versione Framework: v4.0.30319
Descrizione: il processo è stato interrotto a causa di un'eccezione non gestita.
Informazioni sull'eccezione: System.IO.FileNotFoundException
Main.Program.Main (System.String []) 'de

Errore: (11.11.2018 08:41:31) (Origine: Errore dell'applicazione) (EventID: 1000) (Utente :)
Descrizione: nome dell'applicazione non corretto: Pokemon.exe, versione: 1.0.0.0, timestamp: 0x539d91b0
Nome del modulo che ha generato l'errore: KERNELBASE.dll, versione: 6.1.7601.24260, timestamp: 0x5b946d85
Codice eccezione: 0xe0434352
Offset errore: 0x0000c54f
ID processo difettoso: 0x9cc
Ora di inizio dell'applicazione difettosa: 0x01d46103891c4173
Percorso dell'applicazione che ha generato l'errore: C: \ Users \ Tom \ Downloads \ Pokemon \ Pokemon.exe
Percorso del modulo difettoso: C: \ Windows \ syswow64 \ KERNELBASE.dll
ID rapporto: c6d31553-ccf6-11e8-af2f-342387de9750

Errore: (11.11.2018 08:41:31) (Origine: .NET Runtime) (EventID: 1026) (Utente :)
Descrizione: Application: Pokemon.exe
Versione Framework: v4.0.30319
Descrizione: il processo è stato interrotto a causa di un'eccezione non gestita.
Informazioni sull'eccezione: System.IO.FileNotFoundException
Main.Program.Main (System.String []) 'de

Errore: (11.11.2018 08:41:16) (Origine: Errore dell'applicazione) (EventID: 1000) (Utente :)
Descrizione: nome dell'applicazione non corretto: Pokemon.exe, versione: 1.0.0.0, timestamp: 0x539d91b0
Nome del modulo che ha generato l'errore: KERNELBASE.dll, versione: 6.1.7601.24260, timestamp: 0x5b946d85
Codice eccezione: 0xe0434352
Offset errore: 0x0000c54f
ID processo che ha generato l'errore: 0x1660
Ora di inizio dell'applicazione difettosa: 0x01d461037f7fa29c
Percorso dell'applicazione che ha generato l'errore: C: \ Users \ Tom \ Downloads \ Pokemon \ Pokemon.exe
Percorso del modulo difettoso: C: \ Windows \ syswow64 \ KERNELBASE.dll
ID rapporto: bda53f7b-ccf6-11e8-af2f-342387de9750

Errore: (11.11.2018 08:41:15) (Origine: .NET Runtime) (EventID: 1026) (Utente :)
Descrizione: Application: Pokemon.exe
Versione Framework: v4.0.30319
Descrizione: il processo è stato interrotto a causa di un'eccezione non gestita.
Informazioni sull'eccezione: System.IO.FileNotFoundException
Main.Program.Main (System.String []) 'de


Errori di sistema:
=============
Errore: (11/10/2018 10:05:51) (Origine: Gestione controllo servizi) (ID evento: 7011) (Utente :)
Descrizione: Timeout (30000 millisecondi) raggiunto durante l'attesa di una risposta di transazione dal servizio TeamViewer9.

Errore: (11/10/2018 07:21:37) (Origine: Gestione controllo servizi) (ID evento: 7011) (Utente :)
Descrizione: è stato raggiunto un timeout (30000 millisecondi) durante l'attesa di una risposta di transazione dal servizio EFS.

Errore: (11/10/2018 06:19:52) (Origine: DCOM) (EventID: 10016) (Utente: TomDell)
Descrizione: le impostazioni di autorizzazione specifiche dell'applicazione non consentono l'attivazione locale per l'applicazione server COM con CLSID
B77C4C36-0154-4C52 {-AB49-FAA03837E47F}
e APPID
{EA022610-0748-4C24-B229-6C507EBDFDBB}
Ottieni l'indirizzo di TomHell \ Tom SID (S-1-5-21-252852572-1064671646-1800406956-1001) da LocalHost (utilizzando LRPC). Questa autorizzazione di sicurezza può essere modificata utilizzando lo strumento di amministrazione di Servizi componenti.

Errore: (11/10/2018 05:43:13 AM) (Origine: DCOM) (EventID: 10016) (Utente: TomDell)
Descrizione: le impostazioni di autorizzazione specifiche dell'applicazione non consentono l'attivazione locale per l'applicazione server COM con CLSID
{B77C4C36-0154-4C52-AB49-FAA03837E47F}
e APPID
{EA022610-0748-4C24-B229-6C507EBDFDBB}
Ottieni l'indirizzo di TomHell \ Tom SID (S-1-5-21-252852572-1064671646-1800406956-1001) da LocalHost (utilizzando LRPC). Questa autorizzazione di sicurezza può essere modificata utilizzando lo strumento di amministrazione di Servizi componenti.

Errore: (11/09/2018 07:54:30) (Origine: DCOM) (EventID: 10010) (Utente :)
Descrizione: il server {ED1D0FDF-4414-470A-A56D-CFB68623FC58} non si è registrato con DCOM entro il periodo di timeout richiesto.

Errore: (11/09/2018 06:08:15 PM) (Origine: Gestione controllo servizi) (ID evento: 7000) (Utente :)
Descrizione: il servizio DbxSvc non è stato avviato a causa del seguente errore:
Il sistema non trova il file specificato.

Errore: (11.09.2018 05:56:47 PM) (Fonte: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (Utente: NT AUTHORITY)
Descrizione: il modulo di estensibilità WLAN si è arrestato in modo imprevisto.

Percorso del modulo: C: \ Windows \ System32 \ bcmihvsrv64.dll

Errore: (11/09/2018 02:50:08 PM) (Origine: Gestione controllo servizi) (ID evento: 7011) (Utente :)
Descrizione: è stato raggiunto un timeout (30000 millisecondi) durante l'attesa di una risposta di transazione dal servizio lmhosts.


==================== Informazioni sulla memoria ===========================

Processore: CPU Intel (R) Core (TM) i5-4200U a 1,60 GHz
Percentuale di memoria utilizzata: 78%
RAM fisica totale: 3984,36 MB
RAM fisica disponibile: 864,02 MB
Totale virtuale: 7966,86 MB
Virtuale disponibile: 2676,28 MB

==================== Driver ============================= ===

Unità c: (sistema operativo) (fisso) (totale: 447,47 GB) (gratuito: 323,2 GB) NTFS

\? \ Volume (85aa1dd8-ab1b-11e3-ad87-806e6f6e6963) \ (RECOVERY) (fisso) (totale: 18,25 GB) (gratuito: 8,74 GB) NTFS

==================== MBR e tabella delle divisioni ==================

==================== Fine di Addition.txt ========================= = ==
arma

arma

Malware Exterminator
  • #10
Secondo il diario:
Ran da Tom (ATTENZIONE: l'utente non è un amministratore)
È necessario eseguire nuovamente la scansione FRST dall'account amministratore.
M

malsaurus

Membro TS
  • #11
Bene.
M

malsaurus

Membro TS
  • #12
Risultato della scansione Farbar Recovery Scan Tool (FRST) (x64) Versione: 08.11.2018
Tom (manager) ha funzionato su TOMDELL (10-11-2018 12:01:49)
Esegui da C: \ Users \ Tom \ Downloads
Profili installati: Tom (profili disponibili: jl e Tom)
Piattaforma: Windows 7 Professional Service Pack 1 (X64) Lingua: inglese (USA)
Internet Explorer Ver.11 (browser predefinito: FF)
Modalità di avvio: normale
Tutorial sullo strumento di scansione di ripristino Farbar: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processi (autorizzati) =================

(Se viene aggiunta una voce all'elenco delle correzioni, il processo viene chiuso. Il file non viene spostato.)

(Microsoft Corporation) C: \ Program Dosyaları \ Microsoft Security Client \ MsMpEng.exe
(Realtek Semiconductor) C: \ Programmi \ Realtek \ Audio \ HDA \ RtkAudioService64.exe
(Realtek Semiconductor) C: \ Programmi \ Realtek \ Audio \ HDA \ RAVBg64.exe
(Realtek Semiconductor) C: \ Programmi \ Realtek \ Audio \ HDA \ RAVBg64.exe
(Dell Inc.) C: \ Programmi \ Dell \ DW WLAN Card \ WLTRYSVC.EXE
(Microsoft Corporation) C: \ Windows \ System32 \ wlanext.exe
(Dell Inc.) C: \ Programmi \ Dell \ DW WLAN Card \ BCMWLTRY.EXE
(Andrea Electronics Corporation) C: \ Program Dosyaları \ Realtek \ Audio \ HDA \ AERTSr64.exe
(Microsoft Corporation.) C: \ Programmi (x86) \ Microsoft \ BingBar \ 7.1.362.0 \ BBSvc.EXE
(Broadcom Corporation.) C: \ Program Dosyaları \ WIDCOMM \ Bluetooth Software \ btwdins.exe
(Dropbox, Inc.) C: \ Windows \ System32 \ DbxSvc.exe
() C: \ Programmi (x86) \ Canon \ IJPLM \ ijplmsvc.exe
(Intel (R) Corporation) C: \ Program Files \ Intel \ iCLS Client \ HeciServer.exe
(TeamViewer GmbH) C: \ Program Dosyaları (x86) \ TeamViewer \ Version9 \ TeamViewer_Service.exe
(Microsoft Corporation) C: \ Programmi \ Microsoft Security Client \ NisSrv.exe
(Realtek Semiconductor) C: \ Programmi \ Realtek \ Audio \ HDA \ RtkNGUI64.exe
(Realtek Semiconductor) C: \ Programmi \ Realtek \ Audio \ HDA \ RAVBg64.exe
(Realtek Semiconductor) C: \ Programmi \ Realtek \ Audio \ HDA \ RAVBg64.exe
(Synaptics Incorporated) C: \ Program Dosyaları \ Synaptics \ SynTP \ SynTPEnh.exe
(Dell Inc.) C: \ Programmi \ Dell \ DW WLAN Card \ WLTRAY.EXE
(Intel Corporation) C: \ Windows \ System32 \ igfxtray.exe
(Intel Corporation) C: \ Windows \ System32 \ hkcmd.exe
(Intel Corporation) C: \ Windows \ System32 \ igfxsrvc.exe
(Intel Corporation) C: \ Windows \ System32 \ igfxpers.exe
(Dell Inc.) C: \ Program Dosyaları \ Dell \ QuickSet \ quickset.exe
(Microsoft Corporation) C: \ Programmi \ Microsoft Security Client \ msseces.exe
(iMesh Inc) C: \ Users \ Tom \ AppData \ Local \ Music Toolbar \ Datamngr \ sysctrl.exe
(iMesh Inc) C: \ Users \ Tom \ AppData \ Local \ Music Toolbar \ Datamngr \ x64 \ sysctrl.exe
(Synaptics Incorporated) C: \ Program Dosyaları \ Synaptics \ SynTP \ SynTPHelper.exe
(iMesh Inc) C: \ Users \ Tom \ AppData \ Local \ Music Toolbar \ Datamngr \ DatamngrCoordinator.exe
() C: \ Users \ Tom \ AppData \ Local \ WSE_Astromenda \ BRS \ brs.exe
(iMesh Inc) C: \ Users \ Tom \ AppData \ Local \ Music Toolbar \ Datamngr \ DatamngrCoordinator.exe
(Broadcom Corporation.) C: \ Programmi \ WIDCOMM \ Bluetooth Software \ BTTray.exe
(Microsoft Corporation) C: \ Windows \ SysWOW64 \ rundll32.exe
(Broadcom Corporation.) C: \ Programmi \ WIDCOMM \ Bluetooth Software \ BTStackServer.exe
(Microsoft Corporation) C: \ Programmi \ Internet Explorer \ iexplore.exe
(Valve Corporation) C: \ Programmi (x86) \ Steam \ Steam.exe
(Intel Corporation) C: \ Program Files \ Intel \ Intel (R) Rapid Storage Technology \ IAStorIcon.exe
(Intel Corporation) C: \ Programmi \ Intel \ Intel (R) Rapid Storage Technology \ IAStorDataMgrSvc.exe
(Intel Corporation) C: \ Programmi (x86) \ Intel \ Intel (R) Management Engine Components \ DAL \ Jhi_service.exe
(Intel Corporation) C: \ Programmi (x86) \ Intel \ Intel (R) Management Engine Components \ LMS \ LMS.exe
(SoftThinks SAS) C: \ Programmi (x86) \ Dell Backup and Recovery \ SftService.exe
(Microsoft Corporation) C: \ Windows \ System32 \ CompatTelRunner.exe
(Valve Corporation) C: \ Program Dosyaları (x86) \ Steam \ bin \ cef \ cef.win7x64 \ steamwebhelper.exe
(Microsoft Corporation) C: \ Windows \ System32 \ CompatTelRunner.exe
(Valve Corporation) C: \ Program Dosyaları (x86) \ Steam \ bin \ cef \ cef.win7x64 \ steamwebhelper.exe
(Valve Corporation) C: \ Program Dosyaları (x86) \ Steam \ bin \ cef \ cef.win7x64 \ steamwebhelper.exe
(Intel Corporation) C: \ Programmi (x86) \ Intel \ Intel (R) USB 3.0 eXtensible Host Controller Driver \ Application \ iusb3mon.exe
(Creative Technology Ltd) C: \ Program Dosyaları (x86) \ Dell Webcam \ Dell Webcam Central \ WebcamDell2.exe
(Valve Corporation) C: \ Programmi (x86) \ File comuni \ Steam \ SteamService.exe
(CANON INC.) C: \ Program Dosyaları (x86) \ Canon \ Quick Menu \ CNQMMAIN.EXE
(Dropbox, Inc.) C: \ Program Dosyaları (x86) \ Dropbox \ Client \ Dropbox.exe
(Adobe Systems Incorporated) C: \ Windows \ System32 \ Macromed \ Flash \ FlashUtil64_31_0_0_122_ActiveX.exe
(Dropbox, Inc.) C: \ Program Dosyaları (x86) \ Dropbox \ Client \ Dropbox.exe
(Dropbox, Inc.) C: \ Program Dosyaları (x86) \ Dropbox \ Client \ Dropbox.exe
(Microsoft Corporation) C: \ Windows \ splwow64.exe
(CANON INC.) C: \ Programmi (x86) \ Canon \ Quick Menu \ CNQMUPDT.EXE
(CANON INC.) C: \ Program Dosyaları (x86) \ Canon \ Quick Menu \ CNQMSWCS.EXE
(Microsoft Corporation) C: \ Windows \ System32 \ sdclt.exe
(Microsoft Corporation) C: \ Windows \ System32 \ dllhost.exe

==================== Registrazione (whitelist) ======================== == =

(Se una voce viene aggiunta all'elenco delle correzioni, l'elemento del registro viene ripristinato al valore predefinito o rimosso. Il file non viene spostato.)

HKLM \ ... \ Run: [RTHDVCPL] => C: \ Program Files \ Realtek \ Audio \ HDA \ RtkNGUI64.exe [7202520 2013-08-20] (Realtek Semiconductor)
HKLM \ ... \ Run: [RtHDVBg] => C: \ Program Files \ Realtek \ Audio \ HDA \ RAVBg64.exe [1321688 2013-08-08] (Realtek Semiconductor)
HKLM \ ... \ Run: [RtHDVBg_PushButton] => C: \ Program Files \ Realtek \ Audio \ HDA \ RAVBg64.exe [1321688 2013-08-08] (Realtek Semiconductor)
HKLM \ ... \ Run: [SynTPEnh] => C: \ Program Dosyaları \ Synaptics \ SynTP \ SynTPEnh.exe [2780400 2013-09-14] (Synaptics Incorporated)
HKLM \ ... \ Run: [Broadcom Wireless Manager user interface] => C: \ Program Files \ Dell \ DW WLAN Card \ WLTRAY.exe [8921600 2013-10-23] (Dell Inc.)
HKLM \ ... \ Run: [QuickSet] => c: \ Program Files \ Dell \ QuickSet \ QuickSet.exe [5774664 2013-09-11] (Dell Inc.)
HKLM \ ... \ Run: [IAStorIcon] => C: \ Program Files \ Intel \ Intel (R) Rapid Storage Technology \ IAStorIcon.exe [287592 2013-08-31] (Intel Corporation)
HKLM \ ... \ Run: [MSC] => c: \ Programmi \ Microsoft Security Client \ msseces.exe [1353680 2016-11-14] (Microsoft Corporation)
HKLM \ ... \ Çalıştır: [Logitech Download Assistant] => C: \ Windows \ system32 \ rundll32.exe C: \ Windows \ System32 \ LogiLDA.dll, LogiFetch
HKLM-x32 \ ... \ Run: [USB3MON] => C: \ Program Files (x86) \ Intel \ Intel (R) USB 3.0 extensible Host Controller Driver \ Application \ iusb3mon.exe [292848 2013-09-05 ] (Intel Foundation)
HKLM-x32 \ ... \ Run: [Dell Webcam Central] => C: \ Programmi (x86) \ Dell Webcam \ Dell Webcam Central \ WebcamDell2.exe [577024 2012-03-07] (Creative Technology Ltd)
HKLM-x32 \ ... \ Run: [CanonQuickMenu] => C: \ Programmi (x86) \ Canon \ Quick Menu \ CNQMMAIN.EXE [1279120 2012-09-27] (CANON INC.)
HKLM-x32 \ ... \ Run: [RazerCortex] => C: \ Program Dosyaları (x86) \ Razer \ Razer Cortex \ RazerCortex.exe -autorun
HKLM-x32 \ ... \ Run: [Dropbox] => C: \ Programmi (x86) \ Dropbox \ Client \ Dropbox.exe [3785536 2018-11-06] (Dropbox, Inc.)
Winlogon \ Notify \ igfxcui: C: \ Windows \ system32 \ igfxdev.dll (Intel Corporation)
HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 \ ... \ Run: [sysctrl] => C: \ Users \ Tom \ AppData \ Local \ Music Toolbar \ Datamngr \ sysctrl.exe [ 70168 2014-06-25) (iMesh Inc)
HKU \ S-1-5-21-2528572-1064671646-1800406956-1001 \ ... \ Run: [sysctrl64] => C: \ Users \ Tom \ AppData \ Local \ Music Toolbar \ Datamngr \ x64 \ sysctrl. exe [82456 2014-06-25] (iMesh Inc)
HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 \ ... \ Run: [sysctrlc] => C: \ Users \ Tom \ AppData \ Local \ Music Toolbar \ Datamngr \ DatamngrCoordinator.exe [ 3823128 2014-06-25] (iMesh Inc)
HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 \ ... \ Run: [BRS] => C: \ Users \ Tom \ AppData \ Local \ WSE_Astromenda \ BRS \ brs.exe [1173504 2014 -08-08] ()
HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 \ ... \ Run: [Google Update] => C: \ Users \ Tom \ AppData \ Local \ Google \ Update \ 1.3.33.17 \ GoogleUpdateCore .exe [601680 2018-05-19] (Google Inc.)
HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 \ ... \ Run: [GoogleChromeAutoLaunch_5189939A0645355218FFECE1F1491836] => C: \ Users \ Tom \ AppData \ Local \ Chromium \ Application \ chrome.exe [663552 2015 -06-28] (autori di Chrome)
HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 \ ... \ Run: [Steam] => C: \ Programmi (x86) \ Steam \ steam.exe [3131680 2018-11-09 ] (Valve Corporation)
HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 \ ... \ Run: [World of Tanks] => "C: \ Games \ World_of_Tanks \ WargamingGameUpdater.exe"
HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 \ ... \ Run: [KakaoTalk] => "C: \ Programmi (x86) \ Cocoa \ KakaoTalk \ KakaoTalk.exe" -bystartup
HKU \ S-1-5-18 \ ... \ RunOnce: [JavaInstallRetry] => RUNONCE = 1 SPONSOR = 0
Lsa: [Pacchetti di notifica] scecli c: \ Program Files \ WIDCOMM \ Bluetooth Software \ BtwProximityCP.dll
Avvio: C: \ ProgramData \ Microsoft \ Windows \ Start Menu \ Programs \ Startup \ Bluetooth.lnk [2014-03-14]
ShortcutTarget: Bluetooth.lnk -> C: \ Programmi \ WIDCOMM \ Bluetooth Software \ BTTray.exe (Broadcom Corporation.)
GroupPolicy: Restriction - Chrome <==== DİKKAT
GroupPolicy \ User: Restriction? <==== DİKKAT
GroupPolicyUsers \ S-1-5-21-252852572-1064671646-1800406956-1001 \ Utente: Limitazione <==== DİKKAT
CHR HKLM \ SOFTWARE \ Policies \ Google: restrizione <==== DİKKAT

==================== Internet (autorizzato) =====================

(Se un elemento è incluso nell'elenco delle correzioni, se è un elemento del registro, viene rimosso o ripristinato all'impostazione predefinita.)

Tcpip \ Parameters: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip \ .. \ Interfaces \ {D501FE14-C8C6-42EF-90C4-FD36AA6C8729}: [DhcpNameServer] 192.168.8.1 192.168.8.1

Internet Explorer:
==================
HKLM \ Software \ Microsoft \ Internet Explorer \ Main, pagina iniziale = hxxp: //go.microsoft.com/fwlink/? LinkID = 617911 & ResetID = 131130558221447530 & GUID = DBCFEA2E-669E-4FEF-ADAA-0257FE0762CC
HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 \ Software \ Microsoft \ Internet Explorer \ Main, pagina iniziale = hxxp: //go.microsoft.com/fwlink/? LinkID = 617911 e ResetID = 131802431285607286 & GUID = DBCFEA2E -669E-4FEF-ADAA-0257FE0762CC
HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = hxxp: //dell13.msn.com/? Pc = DCJB
Ambiti di ricerca: HKLM -> DefaultScope {747A2953-1CA8-48AC-B80F-BB0DB9E62138} URL = hxxp: //www.bing.com/search?q={SearchTerms} formu = MSSEDF vedi pc = MSSE
Ambiti di ricerca: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Ambiti di ricerca: HKLM -> {747A2953-1CA8-48AC-B80F-BB0DB9E62138} URL = hxxp: //www.bing.com/search?q={SearchTerms} formu = MSSEDF vedi pc = MSSE
Ambiti di ricerca: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Ambiti di ricerca: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 -> DefaultScope {747A2953-1CA8-48AC-B80F-BB0DB9E62138} URL = hxxp: //www.bing.com/search?q={SearchTerms} formu = MSSEDF vedi pc = MSSE
SearchScopes: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 -> OldSearch URL = hxxp: //searchinterneat-a.akamaihd.net/s denk = U0EeE1xZE1oZB1ZEfQleBFpCGAYQbV0AAF9cFVcQchRaUVtBDA1BIVtcVFhFRVAQcB9aFQQTSEcFME0FCFwEURNNfWtdEkwdVUZrNVs = & q = {} searchTerms
Ambiti di ricerca: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 -> {1b31c9d2-7135-442b-bb93-7c002172adc6) URL = hxxp: //www.bing.com/search?q={SearchTerms} formu = MSSEDF vedi pc = MSSE
Ambiti di ricerca: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 -> {295E555F-A5F0-42ED-917A-617F365F50E9} URL = hxxp: //search.yahoo.com/yhs/search? Hspart = DDC e hsimp = YHS-ddc_bd e tip = bl-a-dd__alt__ddc_dss_bd_com e p = {searchTerms}
Arama Kapsamları: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = hxxp: //rocket-find.com/results.php? F = 4 già q = {} searchTerms a = rckt_frmr_14_26_ff sono già cD = 2XzuyEtN2Y1L1Qzu0E0C0FyE0B0Bzz0DtB0FzyyByC0C0DtAtN0D0Tzu0SzytCtDtN1L2XzutBtFtBtCtFzztFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyB0Azz0E0F0E0C0DtGtCyDyEtBtG0B0AzzyBtGtDyC0E0DtGtDtA0EtDzz0AyByE0AyE0DyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCyEzz0AyB0ByCtAtGzz0A0D0EtGyB0AtByCtG0A0B0FzytGtA0E0Azy0CtBtAzytA0EzzyE2Q ve CR = 1.797.486,999 mila già IR =
Ambiti di ricerca: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 -> {747A2953-1CA8-48AC-B80F-BB0DB9E62138} URL = hxxp: //www.bing.com/search?q={SearchTerms} formu = MSSEDF vedi pc = MSSE
Ambiti di ricerca: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp: //rocket-find.com/results.php? F = 4 e q = {} searchTerms a = rckt_frmr_14_26_ff e cd = 2xzuyetn2y1l1qzu0e0c0fye0b0bzz0dtb0fzyybyc0c0dtatn0d0tzu0szytctdtn1l2xzutbtftbtctftctctftdtn1l1czutcyetbzytdyd1v1ttn1l1g1b1v1n2y1l1qzu2std0bta0ayd0ctdyetg0aybybtatgzzyd0b0ctgyctc0e0ftgtc0btatd0f0bye0a0e0f0byd2qtn1m1f1b2z1v1n2y1l1qzu2stcyezz0ayb0byctatgzz0a0d0etgyb0atbyctg0a0b0fzytgta0e0azy0ctbtazyta0ezzye2q e IR e CR = 1.712.688,768 mila =
Ambiti di ricerca: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 -> {80c554b9-c7f8-4a21-9471-06d606da78a2) URL = hxxp: //www.bing.com/search?q={SearchTerms} formu = MSSEDF vedi pc = MSSE
Ambiti di ricerca: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2000} URL = hxxp: //dts.search.ask.com/sr? Src = IEB e GCT = ds & appid = & systemId = & v = a15946-1205 & apn_uid = 4431050210474885 & apn_dtid = IME001 e o = APN10653 e apn_ptnrs = AGE e q = {searchTerms}
Ambiti di ricerca: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2001} URL = hxxp: //dts.search.ask.com/sr? Src = IEB & GCT = ds & appid = 1066 & systemId = 1 & v = n13124-409 & apn_uid = 9434405932554208 & apn_dtid = IME001 & o = APN10653 & apn_ptnrs = AGE & q = {searchTerms}
Ambiti di ricerca: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 -> {a62abdee-78a2-4ddb-9355-1c334abd6e43) URL = hxxp: //searchinterneat-a.akamaihd.net/s? Eq = U0EeE1xZE1oZB1ZEfQleBFpCGAYQbV0AAF9cFVcQchRaUVtBDA1BIVtcVFhFRVAQcB9aFQQTSEcFME0FCFwEURNNfWtdEkwdVUZrNVs = ricerca q
Ambiti di ricerca: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 -> {f7bb050c-e116-44da-89c2-6f2b68c54836) URL = hxxp: //www.bing.com/search?q={SearchTerms} formu = MSSEDF vedi pc = MSSE
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C: \ Program Dosyaları \ Canon \ Easy-WebPrint EX \ ewpexbho.dll [2014-07-07] (CANON INC. )
BHO: Gestore della cache dei documenti di Office -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C: \ Program Files \ Microsoft Office \ Office14 \ URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C: \ Program Dosyaları (x86) \ Canon \ Easy-WebPrint EX \ ewpexbho.dll [07/07/2014 ] (CANON INC.)
BHO-x32: Java (tm) Plug-in SSV Helper -> (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) -> C: \ Programmi (x86) \ Java \ jre7 \ bin \ ssv.dll (2014-08-11 ] (Oracle Corporation)
BHO-x32: gestore della cache dei documenti di Office -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C: \ Program Files (x86) \ Microsoft Office \ Office14 \ URLREDIR.DLL [2013-03-06] (Microsoft Corporation )
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C: \ Programmi (x86) \ Microsoft \ BingBar \ 7.1.362.0 \ BingExt.dll [2012-02-13] ( Azienda Microsoft.)
BHO-x32: Java (tm) Plugin 2 SSV Helper -> (DBC80044-A445-435b-BC74-9C25C1C588A9) -> C: \ Programmi (x86) \ Java \ jre7 \ bin \ jp2ssv.dll (2014-08- 11) (Oracle Corporation)
Barra degli strumenti: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C: \ Programmi \ Canon \ Easy-WebPrint EX \ ewpexhlp.dll [07/07/2014] (CANON INC. )
Barra degli strumenti: HKLM-x32 - Canon Easy-WebPrint EX - (759D9886-0C6F-4498-BAB6-4A5F47C6C72F) - C: \ Programmi (x86) \ Canon \ Easy-WebPrint EX \ ewpexhlp.dll (07/07/2014 ] (CANON INC.)
Barra degli strumenti: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C: \ Programmi (x86) \ Microsoft \ BingBar \ 7.1.362.0 \ BingExt.dll [2012-02-13] ( Microsoft Corporation.)
Barra degli strumenti: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 -> Canon Easy-WebPrint EX - (759D9886-0C6F-4498-BAB6-4A5F47C6C72F) - C: \ Program Files \ Canon \ Easy- WebPrint EX \ ewpexhlp.dll [07/07/2014] (CANON INC.)
Gestore: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Nessun file

FireFox:
========
Percorso profilo FF: C: \ Users \ Tom \ AppData \ Roaming \ Mozilla \ Firefox \ Profiles \ 6mnczrhu.default-1509552401858 [2018-11-10]
FF Ana Sayfası: Mozilla \ Firefox \ Profiles \ 6mnczrhu.default-1509552401858 -> hxxps: //id.search.yahoo.com/yhs/web? Hspart = Elm & hsimp = YHS-001 & type = hdr_s_17_44_orgnl & param1 = 1 & param2 =% f% 3D% 3DFirefox% 26cc% 3Did% 26pa% 3Dhodor% 26cd% 3D2XzuyEtN2Y1L1Qzu0E0C0FyE0B0Bzz0DtB0FzyyByC0C0DtAtN0D0Tzu0StBtCtAyEtN1L2XzutAtFtAtBtFtCtFyCyDtN1L1Czu1M1Q1CtAtBtFtAtFtDtN1L1G1B1V1N2Y1L1Qzu2StB0BtC0EtD0F0EtAtGyB0AtC0CtG0CtAtByEtGyCzy0AtBtGtC0ByCzzyEzyzyyE0A0DtD0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0E0D0F0A0FtA0CzytGzy0EyDyCtGyE0CyDyEtGzztCtDtDtGyEzytC0DtCtD0E0FyByBtAyE2QtN0A0LzuyEtN0D0T0S1P1RzutCyDtDzyzzyEtDtBtCyB% 26cr% 3D1609883092% 26a% 3Dhdr_s_17_44_orgnl% 26os_ver% 3D6 .1% 26os% 3DWindows% 2B7% 2BProfessional
Plugin di ricerca FF: C: \ Users \ Tom \ AppData \ Roaming \ Mozilla \ Firefox \ Profiles \ 6mnczrhu.default-1509552401858 \ searchplugins \ yhs.xml [2018-01-25]
FF HKLM-x32 \ ... \ Thunderbird \ Extensions: [msktbird@mcafee.com] - C: \ Program Files \ McAfee \ MSK => non trovato
Plugin FF: @ adobe.com / FlashPlayer -> C: \ Windows \ system32 \ Macromed \ Flash \ NPSWF64_31_0_0_122.dll [2018-10-10] ()
Plugin FF: @ microsoft.com / GENUINE -> disabilitato [Nessun file]
Plugin FF: @ Microsoft.com / NpCtrl, versione = 1.0 -> c: \ Program Files \ Microsoft Silverlight \ 5.1.50907.0 \ npctrl.dll [2017-05-03] (Microsoft Corporation)
Plugin FF: @ microsoft.com / OfficeAuthz, versione = 14.0 -> C: \ PROGRA ~ 1 \ MICROS ~ 1 \ Office14 \ NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Eklentisi-x32: @ adobe.com / FlashPlayer -> C: \ Windows \ SysWOW64 \ Macromed \ Flash \ NPSWF32_31_0_0_122.dll [2018-10-10] ()
FF Plugin-x32: @ canon.com / EPPEX -> C: \ Programmi (x86) \ Canon \ My Image Garden \ AddOn \ CIG \ npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @ intel-webapi.intel.com / Intel WebAPI ipt; versione = 3.5.29 -> C: \ Program Files (x86) \ Intel \ Intel (R) Management Engine Components \ IPT \ npIntelWebAPIIPT.dll [2013-06-01] (Intel Corporation)
FF Plugin-x32: @ intel-webapi.intel.com / Intel WebAPI updater -> C: \ Program Files (x86) \ Intel \ Intel (R) Management Engine Components \ IPT \ npIntelWebAPIUpdater.dll [2013-06-01] (Intel Foundation)
FF Plugin-x32: @ java.com / DTPlugin, versione = 10.67.2 -> C: \ Program Files (x86) \ Java \ jre7 \ bin \ dtplugin \ npDeployJava1.dll [2014-08-11] (Oracle Corporation)
FF Plugin-x32: @ java.com / JavaPlugin, versione = 10.67.2 -> C: \ Program Files (x86) \ Java \ jre7 \ bin \ plugin2 \ npjp2.dll [2014-08-11] (Oracle Corporation)
FF Plugin-x32: @ microsoft.com / GENUINE -> disabilitato [Nessun file]
FF Plugin-x32: @ Microsoft.com / NpCtrl, versione = 1.0 -> c: \ Program Files (x86) \ Microsoft Silverlight \ 5.1.50907.0 \ npctrl.dll [2017-05-03] (Microsoft Corporation)
FF Plugin-x32: @ microsoft.com / OfficeAuthz, versione = 14.0 -> C: \ PROGRA ~ 2 \ MICROS ~ 1 \ Office14 \ NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @ microsoft.com / SharePoint, versione = 14.0 -> C: \ PROGRA ~ 2 \ MICROS ~ 1 \ Office14 \ NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @ videolan.org / vlc, versione = 2.2.8 -> C: \ Program Files (x86) \ VideoLAN \ VLC \ npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C: \ Programmi (x86) \ Adobe \ Reader 11.0 \ Reader \ AIR \ nppdf32.dll [2017-11-01] (Adobe Systems Inc.)
FF Plugin HKU \ S-1-5-21-252852572-1064671646-1800406956-1001: @ talk.google.com / GoogleTalkPlugin -> C: \ Users \ Tom \ AppData \ Roaming \ Mozilla \ plugins \ npgoogletalk.dll [2015 -12-08] (Google)
FF Plugin HKU \ S-1-5-21-252852572-1064671646-1800406956-1001: @ talk.google.com / O1DPlugin -> C: \ Users \ Tom \ AppData \ Roaming \ Mozilla \ plugins \ npo1d.dll [2015 -12-08] (Google)
Plugin FF HKU \ S-1-5-21-252852572-1064671646-1800406956-1001: @ tools.google.com / Google Update; versione = 3 -> C: \ Users \ Tom \ AppData \ Local \ Google \ Update \ 1.3.33.17 \ npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
Plugin FF HKU \ S-1-5-21-252852572-1064671646-1800406956-1001: @ tools.google.com / Google Update; versione = 9 -> C: \ Users \ Tom \ AppData \ Local \ Google \ Update \ 1.3.33.17 \ npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin Program Files / Appdata: C: \ Users \ Tom \ AppData \ Roaming \ mozilla \ plugins \ npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles / Appdata: C: \ Users \ Tom \ AppData \ Roaming \ mozilla \ plugins \ npo1d.dll [2015-12-08] (Google)

==================== Servizi (autorizzati) ====================

(Se una voce viene aggiunta all'elenco delle correzioni, viene rimossa dal registro. Il file non verrà spostato a meno che non sia elencato separatamente).

S2 dbupdat; C: \ Program Dosyaları (x86) \ Dropbox \ Update \ DropboxUpdate.exe [143144 2018-11-09] (Dropbox, Inc.)
S3 dbupdatem; C: \ Program Dosyaları (x86) \ Dropbox \ Update \ DropboxUpdate.exe [143144 2018-11-09] (Dropbox, Inc.)
R2 DbxSvc; C: \ Windows \ system32 \ DbxSvc.exe [51024 2018-11-06] (Dropbox, Inc.)
R2 è IAStorDataMgrSvc; C: \ Programmi \ Intel \ Intel (R) Rapid Storage Technology \ IAStorDataMgrSvc.exe [15720 2013-08-31] (Intel Corporation)
R2 IJPLMSVC; C: \ Programmi (x86) \ Canon \ IJPLM \ IJPLMSVC.EXE [140936 2013-05-15] ()
Interfaccia del servizio di licenza di autorizzazione Intel® R2; c: \ Program Files \ Intel \ iCLS Client \ HeciServer.exe [733696 2013-05-12] (Intel (R) Corporation) [File non firmato]
Interfaccia TCP IP del servizio di licenza in primo piano S3 Intel (R); c: \ Programmi \ Intel \ iCLS Client \ SocketHeciServer.exe [822232 2013-05-12] (Intel (R) Corporation)
R2 jhi_service; C: \ Programmi (x86) \ Intel \ Intel (R) Management Engine Components \ DAL \ jhi_service.exe [169432 2013-06-01] (Intel Corporation)
R2 MsMpSvc; c: \ Program Dosyaları \ Microsoft Security Client \ MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
R3 NisSrv; c: \ Programmi \ Microsoft Security Client \ NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
R2 RtkAudioService; C: \ Programmi \ Realtek \ Audio \ HDA \ RtkAudioService64.exe [246488 2013-06-19] (Realtek Semiconductor)
R2 SftService; C: \ Programmi (x86) \ Dell Backup and Recovery \ SftService.exe [1915920 2013-11-22] (SoftThinks SAS)
S3 WinDefend; C: \ Programmi \ Windows Defender \ mpsvc.dll [1011712 2014-03-14] (Microsoft Corporation)
R2 è wltrysvc; C: \ Programmi \ Dell \ DW Scheda WLAN \ bcmwltry.exe [6170624 2013-10-23] (Dell Inc.) [File non firmato]

===================== Driver (autorizzati) ======================

(Se una voce viene aggiunta all'elenco delle correzioni, viene rimossa dal registro. Il file non verrà spostato a meno che non sia elencato separatamente).

R0 iaStorF; C: \ Windows \ System32 \ drivers \ iaStorF.sys [28008 2013-08-29] (Intel Corporation)
R3 MEIx64; C: \ Windows \ System32 \ DRIVERS \ TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R0 MpFiltre; C: \ Windows \ System32 \ DRIVERS \ MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
R3 NisDrv; C: \ Windows \ System32 \ DRIVERS \ NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
S3 PCDSRVC {D3412D80-CF3B4A27-06020200} _0; c: \ program dosyaları \ dell \ pcdsrvc_x64.pkms [25584 2013-08-10] (PC-Doctor, Inc.)
S3 SmbDrv; C: \ Windows \ system32 \ drivers \ Smb_driver_AMDASF.sys [30448 2013-09-14] (Synaptics Incorporated)
R3 SmbDrvl; C: \ Windows \ System32 \ DRIVERS \ Smb_driver_Intel.sys [34544 2013-09-14] (Synaptics Incorporated)
S1 mmaennbv; \ ?? \ C: \ Windows \ system32 \ drivers \ mmaennbv.sys [X]
S1 MpKs19b5e44a7; \ ?? \ c: \ ProgramData \ Microsoft \ Microsoft Anti-Malware \ Definition Updates \ {06717DA4-6C54-415D-AA4E-217CE011D206} \ MpKsl9b5e44a7.sys [X]
S1 niatpksbo; \ ?? \ C: \ Windows \ system32 \ drivers \ niatpxbo.sys [X]
S3 OATool; \ ?? \ C: \ Users \ ADMINI ~ 1 \ AppData \ Local \ Temp \ OAToolx64.sys [X] <==== DİKKAT
S1 spaltjok; \ ?? \ C: \ Windows \ system32 \ drivers \ spaltjok.sys [X]
S1 szftsrbn; \ ?? \ C: \ Windows \ system32 \ drivers \ szftsrbn.sys [X]

==================== NetSvcs (White List) ==================

(Se una voce viene aggiunta all'elenco delle correzioni, viene rimossa dal registro. Il file non verrà spostato a meno che non sia elencato separatamente).


==================== File e cartelle creati in un mese ========

(Se una voce viene aggiunta all'elenco delle correzioni, il file / cartella verrà spostato.)

Errore (1) durante la lettura del file: "C: \ Users \ Tom \ Downloads \ Titanfall Rap, JT Machinima, THK e Borderline Disaster -"
10/11/2018 12:04 - 10/11/2018 12:05 - 000000000 ___RD C: \ Users \ Tom \ Dropbox
10/11/2018 12:04 - 10/11/2018 12:04 - 000001228 _____ C: \ Users \ Tom \ Desktop \ Dropbox.lnk
10/11/2018 10:55 - 10/11/2018 10:57 - 000036871 _____ C: \ Users \ Tom \ Downloads \ Addition.txt
10/11/2018 10:51 - 10/11/2018 12:07 - 000023561 _____ C: \ Users \ Tom \ Downloads \ FRST.txt
10/11/2018 10:47 - 10/11/2018 10:47 - 000000000 ____D C: \ Users \ Tom \ Downloads \ FRST-OlderVersion
10/11/2018 10:46 - 10/11/2018 12:01 - 000000000 ____D C: \ FRST
10/11/2018 10:45 - 10/11/2018 12:01 - 002415616 _____ (Farbar) C: \ Users \ Tom \ Downloads \ FRST64.exe
2018-11-09 18:08 - 2018-11-09 18:08 - 000000000 ____D C: \ ProgramData \ Microsoft \ Windows \ Menu Start \ Programmi \ Dropbox
09-11-2018 18:05 - 09-11-2018 18:05 - 000000000 ____D C: \ Users \ jl \ AppData \ Roaming \ Dropbox
09/11/2018 18:03 - 10/11/2018 11:55 - 000000896 _____ C: \ Windows \ Tasks \ DropboxUpdateTaskMachineCore.job
2018-11-09 18:03 - 2018-11-10 11:08 - 000000900 _____ C: \ Windows \ Tasks \ DropboxUpdateTaskMachineUA.job
09-11-2018 18:03 - 09-11-2018 18:03 - 000003896 _____ C: \ Windows \ System32 \ Tasks \ DropboxUpdateTaskMachineUA
09-11-2018 18:03 - 09-11-2018 18:03 - 000003644 _____ C: \ Windows \ System32 \ Tasks \ DropboxUpdateTaskMachineCore
09-11-2018 18:02 - 09-11-2018 18:09 - 000000000 ____D C: \ Programmi (x86) \ Dropbox
09-11-2018 17:44 - 10-11-2018 12:04 - 000000000 ____D C: \ Users \ Tom \ AppData \ Local \ Dropbox
09-11-2018 17:44 - 10-11-2018 11:52 - 000000000 ____D C: \ Users \ jl \ AppData \ Local \ Dropbox
09-11-2018 17:44 - 09-11-2018 18:02 - 000696608 _____ (Dropbox, Inc.) C: \ Users \ Tom \ Downloads \ DropboxInstaller.exe
09-11-2018 17:44 - 09-11-2018 17:44 - 000000000 ____D C: \ ProgramData \ Dropbox
06/11/2018 20:06 - 06/11/2018 20:06 - 000051024 _____ (Dropbox, Inc.) C: \ Windows \ system32 \ DbxSvc.exe
06/11/2018 20:06 - 06/11/2018 20:06 - 000047768 _____ (Dropbox, Inc.) C: \ Windows \ system32 \ Sürücüler \ dbx-dev.sys
06/11/2018 20:06 - 06/11/2018 20:06 - 000047768 _____ (Dropbox, Inc.) C: \ Windows \ system32 \ Sürücüler \ dbx-canary.sys
06/11/2018 20:06 - 06/11/2018 20:06 - 000045640 _____ (Dropbox, Inc.) C: \ Windows \ system32 \ Sürücüler \ dbx-stable.sys
12-10-2018 11:49 - 12-10-2018 11:49 - 000000020 _____ C: \ Users \ Tom \ Desktop \ SOUL.txt

==================== File e cartelle modificati per un mese ========

(Se una voce viene aggiunta all'elenco delle correzioni, il file / cartella verrà spostato.)

10/11/2018 12:06 - 14/07/2009 11:45 - 000030704 ____H C: \ Windows \ system32 \ 7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
10/11/2018 12:06 - 14/07/2009 11:45 - 000030704 ____H C: \ Windows \ system32 \ 7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
10/11/2018 12:05 - 18/09/2016 09:25 - 000000266 _____ C: \ Windows \ Tasks \ {4B63B3D9-A905-B81E-883E-3B544CC01479} .job
10/11/2018 12:04 - 16/04/2014 14:17 - 000000000 ____D C: \ Users \ Tom
10/11/2018 12:03 - 29/03/2016 20:03 - 000000262 _____ C: \ Windows \ Tasks \ Update_Task.job
10/11/2018 12:03 - 14/03/2014 09:25 - 000000000 ____D C: \ Programmi (x86) \ Dell Backup and Recovery
10/11/2018 11:59 - 16/04/2017 12:44 - 000000000 ____D C: \ Programmi (x86) \ Steam
10/11/2018 11:56 - 15/07/2014 19:08 - 000000000 ____D C: \ ProgramData \ Datamngr
10/11/2018 11:55 - 16/04/2014 14:17 - 000003956 __RSH C: \ Users \ Tom \ ntuser.pol
10/11/2018 11:54 - 04/12/2017 05:08 - 000000000 ____D C: \ Programmi (x86) \ Mozilla Firefox
10/11/2018 11:54 - 16-04-2014 10:12 - 000000000 ____D C: \ Programmi (x86) \ Servizio di manutenzione Mozilla
10/11/2018 11:54 - 14/07/2009 12:08 - 000000006 ____H C: \ Windows \ Tasks \ SA.DAT
10/11/2018 11:44 - 16/04/2014 06:14 - 000086072 _____ C: \ Users \ jl \ AppData \ Local \ GDIPFONTCACHEV1.DAT
10/11/2018 11:42 - 05/11/2017 07:06 - 000000266 _____ C: \ Windows \ Tasks \ {58F8473A-A6D6-EB55-AF4D-772F0358E8D9} .job
10/11/2018 11:23 - 14/07/2016 00:03 - 000000266 _____ C: \ Windows \ Tasks \ {1B7B29A5-081A-DBB0-79E4-101AD15B16AA} .job
10/11/2018 10:42 - 04/09/2015 18:04 - 000000000 ____D C: \ Kullanıcılar \ Tom \ AppData \ Local \ {357E0322-11D6-6F9A-7C4E-4A725826B6EA}
10/11/2018 07:46 - 14/07/2009 10:20 - 000000000 ____D C: \ Windows \ system32 \ NDF
10/11/2018 05:26 - 19/11/2016 05:51 - 000000000 ____D C: \ Users \ Tom \ AppData \ LocalLow \ Mozilla
10/11/2018 05:11 - 25/01/2018 06:40 - 000000000 ____D C: \ Users \ Tom \ AppData \ Local \ Direc
09/11/2018 19:39 - 20/05/2014 17:23 - 000000000 ____D C: \ Users \ Tom \ AppData \ Local \ Unity
09/11/2018 19:37 - 29/06/2014 10:30 - 000000000 ____D C: \ Users \ Tom \ AppData \ Local \ Rocket
09-11-2018 17:39 - 16-04-2017 16:55 - 000000000 ____D C: \ Users \ Tom \ AppData \ Roaming \ Microsoft \ Windows \ Start Menu \ Programmi \ Steam
16-10-2018 04:48 - 21/11/2010 10:27 - 000559880 ____N (Microsoft Corporation) C: \ Windows \ system32 \ MpSigStub.exe
12/10/2018 16:33 - 06/11/2016 21:35 - 000000000 ____D C: \ Users \ Tom \ AppData \ Local \ CrossCode
11-10-2018 18:50 - 14-07-2009 10:20 - 000000000 ____D C: \ Windows \ rescache
11-10-2018 08:43 - 16-04-2014 06:09 - 000000000 ____D C: \ Users \ jl
2018-10-11 03:51 - 2009-07-14 12:13 - 000783606 _____ C: \ Windows \ system32 \ PerfStringBackup.INI
2018-10-11 03:51 - 2009-07-14 10:20 - 000000000 ____D C: \ Windows \ inf
2018-10-11 03:44 - 2009-07-14 11:45 - 000342728 _____ C: \ Windows \ system32 \ FNTCACHE.DAT
11-10-2018 03:19 - 16-04-2014 06:42 - 000000000 ____D C: \ Windows \ system32 \ MRT
11-10-2018 03:13 - 16-04-2014 06:42 - 136745976 ____C (Microsoft Corporation) C: \ Windows \ system32 \ MRT.exe
11-10-2018 03:08 - 10-02-2011 21:33 - 000767916 _____ C: \ Windows \ SysWOW64 \ PerfStringBackup.INI

==================== File nella radice di alcune directory =======

12/03/2015 19:07 - 11/01/2015 19:07 - 000000032 ____R () C: \ ProgramData \ hash.dat
21-10-2016 18:39 - 21-10-2016 18:39 - 003187734 _____ () C: \ Users \ Tom \ AppData \ Roaming \ sb195.dat
13-12-2016 08:55 - 13-12-2016 08:55 - 003634196 _____ () C: \ Users \ Tom \ AppData \ Roaming \ sb476.dat
31/07/2014 08:47 - 09/09/2018 18:42 - 000000503 _____ () C: \ Users \ Tom \ AppData \ Roaming \ WB.CFG
02/12/2014 06:39 - 18/12/2014 00:39 - 000000001 _____ () C: \ Users \ Tom \ AppData \ Local \ DSI.DAT
02/12/2014 06:39 - 02/12/2014 06:39 - 000022528 _____ () C: \ Users \ Tom \ AppData \ Local \ dsisetup1488231282.exe
18/12/2014 00:39 - 18/12/2014 00:39 - 000022528 _____ () C: \ Users \ Tom \ AppData \ Local \ dsisetup3359250182.exe
25-03-2018 21:59 - 25-03-2018 21:59 - 000040960 _____ () C: \ Users \ Tom \ AppData \ Local \ Web Data
25-03-2018 21:59 - 25-03-2018 21:59 - 000000512 _____ () C: \ Users \ Tom \ AppData \ Local \ Web Data log
2017-12-13 02:46 - 2018-01-09 03:11 - 000000068 _____ () C: \ Users \ Tom \ AppData \ Local \ xdt9m2fvbr

File da spostare o eliminare:
====================
C: \ Windows \ Görevler \ {1B7B29A5-081A-DBB0-79E4-101AD15B16AA} .job
C: \ Windows \ Görevler \ {4B63B3D9-A905-B81E-883E-3B544CC01479} .job
C: \ Windows \ Tasks \ {58F8473A-A6D6-EB55-AF4D-772F0358E8D9} .job


Alcuni file in TEMP:
====================
25/06/2015 07:53 - 25/06/2015 07:53 - 000026936 _____ (TuneUp Software) C: \ Users \ jl \ AppData \ Local \ Temp \ DseShExt-x64.dll
25/06/2015 07:53 - 25/06/2015 07:53 - 000028984 _____ (TuneUp Software) C: \ Users \ jl \ AppData \ Local \ Temp \ DseShExt-x86.dll
18/06/2013 23:53 - 18/06/2013 23:53 - 000865424 ____N (CANON INC.) C: \ Users \ jl \ AppData \ Local \ Temp \ MSETUP4.EXE
2011-03-14 19:31 - 2011-03-14 19:31 - 000149352 ____R (Microsoft Corporation) C: \ Users \ jl \ AppData \ Local \ Temp \ ose00000.exe
25/06/2015 07:53 - 25/06/2015 07:53 - 000032568 _____ (TuneUp Software) C: \ Users \ jl \ AppData \ Local \ Temp \ SDShelEx-win32.dll
25/06/2015 07:53 - 25/06/2015 07:53 - 000032056 _____ (TuneUp Software) C: \ Users \ jl \ AppData \ Local \ Temp \ SDShelEx-x64.dll
22/05/2014 08:55 - 22/05/2014 08:55 - 002936832 _____ () C: \ Users \ Tom \ AppData \ Local \ Temp \ ffmpeg16.exe
29/05/2014 13:56 - 29/05/2014 13:57 - 017938608 _____ (Adobe Systems Incorporated) C: \ Users \ Tom \ AppData \ Local \ Temp \ fp_pl_pfs_installer-1.exe
24/05/2014 11:53 - 24/05/2014 11:54 - 017938608 _____ (Adobe Systems Incorporated) C: \ Users \ Tom \ AppData \ Local \ Temp \ fp_pl_pfs_installer.exe
16/05/2016 18:00 - 16/05/2016 18:01 - 000000000 _____ () C: \ Users \ Tom \ AppData \ Local \ Temp \ GUR280F.exe
23/01/2015 19:03 - 21/01/2015 06:32 - 002124520 _____ () C: \ Users \ Tom \ AppData \ Local \ Temp \ Helper.DLL
12/03/2015 19:08 - 12/03/2015 19:08 - 000058368 ____N () C: \ Users \ Tom \ AppData \ Local \ Temp \ jshortcut-3012483557483484761.dll
12/03/2015 19:40 - 12/03/2015 19:40 - 000058368 ____N () C: \ Users \ Tom \ AppData \ Local \ Temp \ jshortcut-7151043099465511510.dll
18/06/2013 23:53 - 18/06/2013 23:53 - 000865424 ____N (CANON INC.) C: \ Users \ Tom \ AppData \ Local \ Temp \ MSETUP4.EXE
11/04/2015 19:04 - 23/03/2015 07:33 - 001792744 _____ () C: \ Users \ Tom \ AppData \ Local \ Temp \ MusicAppHelper.DLL
10-03-2018 20:08 - 10-03-2018 20:08 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180310130822301.dll
10-03-2018 20:08 - 10-03-2018 20:08 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180310130823619.dll
10-03-2018 20:08 - 10-03-2018 20:08 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180310130824152.dll
10-03-2018 20:08 - 10-03-2018 20:08 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180310130824917.dll
10-03-2018 20:08 - 10-03-2018 20:08 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180310130832216.dll
10-03-2018 20:08 - 10-03-2018 20:08 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180310130835050.dll
10-03-2018 20:08 - 10-03-2018 20:08 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180310130851423.dll
11-03-2018 20:09 - 11-03-2018 20:09 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180311130926198.dll
2018-03-14 07:14 - 2018-03-14 07:14 - 001857024 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180314001435848.dll
15-03-2018 10:15 - 15-03-2018 10:15 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180315031541953.dll
15-03-2018 13:17 - 15-03-2018 13:17 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180315061702218.dll
2018-03-15 20:32 - 2018-03-15 20:32 - 001857024 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180315133218571.dll
16-03-2018 20:24 - 16-03-2018 20:24 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180316132440582.dll
2018-03-18 07:44 - 2018-03-18 07:44 - 001857024 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180318004447094.dll
2018-03-18 20:09 - 2018-03-18 20:09 - 001857024 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180318130924025.dll
21-03-2018 07:16 - 21-03-2018 07:16 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180321001604795.dll
21-03-2018 20:09 - 21-03-2018 20:09 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180321130925214.dll
22-03-2018 20:09 - 22-03-2018 20:09 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180322130924714.dll
2018-03-23 ​​20:09 - 2018-03-23 ​​20:09 - 001857024 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180323130924452.dll
24-03-2018 06:42 - 24-03-2018 06:42 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180323234211738.dll
24-03-2018 20:09 - 24-03-2018 20:09 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180324130923461.dll
25-03-2018 10:03 - 25-03-2018 10:03 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180325030314080.dll
25-03-2018 10:53 - 25-03-2018 10:53 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180325035300424.dll
25-03-2018 12:03 - 25-03-2018 12:03 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180325050354224.dll
25-03-2018 20:09 - 25-03-2018 20:09 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180325130923968.dll
2018-03-26 20:09 - 2018-03-26 20:09 - 001857024 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180326130924703.dll
2018-03-27 20:09 - 2018-03-27 20:09 - 001857024 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180327130924106.dll
2018-03-28 20:27 - 2018-03-28 20:27 - 001857024 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180328132717552.dll
30-03-2018 10:42 - 30-03-2018 10:42 - 001857024 _____ (Software Opera)
M

malsaurus

Membro TS
  • #13
C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180330034228662.dll
01-04-2018 13:44 - 01-04-2018 13:44 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180401064436791.dll
01-04-2018 15:08 - 01-04-2018 15:08 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180401080822166.dll
01-04-2018 20:09 - 01-04-2018 20:09 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180401130923017.dll
01-04-2018 20:17 - 01-04-2018 20:17 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180401131740502.dll
01-04-2018 20:17 - 01-04-2018 20:17 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180401131740656.dll
01-04-2018 20:17 - 01-04-2018 20:17 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180401131740791.dll
01-04-2018 20:17 - 01-04-2018 20:17 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180401131740894.dll
01-04-2018 20:17 - 01-04-2018 20:17 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180401131743947.dll
01-04-2018 20:17 - 01-04-2018 20:17 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180401131744097.dll
01-04-2018 20:17 - 01-04-2018 20:17 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180401131746304.dll
02-04-2018 08:27 - 02-04-2018 08:27 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180402012709675.dll
02-04-2018 20:17 - 02-04-2018 20:17 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180402131757707.dll
03-04-2018 07:25 - 03-04-2018 07:25 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180403002518959.dll
2018-04-03 10:09 - 2018-04-03 10:09 - 001876992 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180403030929327.dll
03-04-2018 20:18 - 03-04-2018 20:18 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180403131800132.dll
03-04-2018 20:34 - 03-04-2018 20:34 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180403133404920.dll
03-04-2018 20:43 - 03-04-2018 20:43 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180403134330427.dll
03-04-2018 20:57 - 03-04-2018 20:57 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180403135749671.dll
04-04-2018 09:52 - 04-04-2018 09:52 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180404025254232.dll
04-04-2018 12:57 - 04-04-2018 12:57 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180404055706841.dll
04-04-2018 13:26 - 04-04-2018 13:26 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180404062609230.dll
04-04-2018 14:22 - 04-04-2018 14:22 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180404072202784.dll
04-04-2018 15:27 - 04-04-2018 15:27 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180404082704587.dll
04-04-2018 20:17 - 04-04-2018 20:17 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180404131758871.dll
05-04-2018 20:17 - 05-04-2018 20:17 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180405131757452.dll
06-04-2018 08:32 - 06-04-2018 08:32 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180406013230995.dll
06-04-2018 08:41 - 06-04-2018 08:41 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180406014114698.dll
06-04-2018 09:49 - 06-04-2018 09:49 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180406024955766.dll
06-04-2018 10:24 - 06-04-2018 10:24 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180406032408588.dll
06-04-2018 12:55 - 06-04-2018 12:55 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180406055544648.dll
06-04-2018 16:12 - 06-04-2018 16:12 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180406091226749.dll
06-04-2018 20:18 - 06-04-2018 20:18 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180406131817058.dll
08-04-2018 10:18 - 08-04-2018 10:18 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180408031842534.dll
08-04-2018 13:00 - 08-04-2018 13:00 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180408060008326.dll
08-04-2018 21:48 - 08-04-2018 21:48 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180408144823767.dll
09-04-2018 20:17 - 09-04-2018 20:17 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180409131757781.dll
10-04-2018 20:07 - 10-04-2018 20:07 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180410130749447.dll
10-04-2018 20:17 - 10-04-2018 20:17 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180410131756831.dll
11-04-2018 20:17 - 11-04-2018 20:17 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180411131757785.dll
12-04-2018 20:18 - 12-04-2018 20:18 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180412131800701.dll
2018-04-13 09:35 - 2018-04-13 09:35 - 001876992 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180413023510806.dll
2018-04-13 20:17 - 2018-04-13 20:17 - 001876992 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180413131758814.dll
2018-04-14 13:33 - 2018-04-14 13:33 - 001876992 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180414063341001.dll
2018-04-14 20:17 - 2018-04-14 20:17 - 001876992 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180414131757035.dll
15-04-2018 10:40 - 15-04-2018 10:40 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180415034011422.dll
16-04-2018 11:28 - 16-04-2018 11:28 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180416042840055.dll
16-04-2018 11:30 - 16-04-2018 11:30 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180416043027562.dll
16-04-2018 11:30 - 16-04-2018 11:30 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180416043027760.dll
16-04-2018 11:30 - 16-04-2018 11:30 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180416043028264.dll
16-04-2018 11:30 - 16-04-2018 11:30 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180416043028576.dll
16-04-2018 11:30 - 16-04-2018 11:30 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180416043030541.dll
16-04-2018 11:30 - 16-04-2018 11:30 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180416043030662.dll
16-04-2018 11:30 - 16-04-2018 11:30 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180416043033561.dll
16-04-2018 21:56 - 16-04-2018 21:56 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180416145651595.dll
2018-04-17 11:30 - 2018-04-17 11:30 - 001876480 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180417043044605.dll
19-04-2018 19:17 - 19-04-2018 19:17 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180419121751055.dll
21-04-2018 22:06 - 21-04-2018 22:06 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180421150601262.dll
21-04-2018 22:10 - 21-04-2018 22:10 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180421151056879.dll
22-04-2018 11:35 - 22-04-2018 11:36 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180422043556502.dll
24-04-2018 18:52 - 24-04-2018 18:52 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180424115249153.dll
25-04-2018 11:30 - 25-04-2018 11:30 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180425043044222.dll
2018-04-27 06:28 - 2018-04-27 06:28 - 001876480 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180426232851539.dll
27-04-2018 16:35 - 27-04-2018 16:35 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180427093543465.dll
29-04-2018 13:45 - 29-04-2018 13:45 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180429064526831.dll
30-04-2018 19:56 - 30-04-2018 19:56 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180430125656533.dll
2018-04-30 20:34 - 2018-04-30 20:34 - 001876480 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180430133452682.dll
01/05/2018 11:30 - 01/05/2018 11:30 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180501043043811.dll
02/05/2018 11:30 - 02/05/2018 11:30 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180502043044900.dll
03/05/2018 19:13 - 03/05/2018 19:13 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180503121347084.dll
2018-05-04 14:06 - 2018-05-04 14:06 - 001876480 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180504070639579.dll
06/05/2018 11:30 - 06/05/2018 11:30 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180506043043856.dll
06/05/2018 11:31 - 06/05/2018 11:31 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180506043144039.dll
06/05/2018 11:31 - 06/05/2018 11:31 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180506043144356.dll
06/05/2018 11:31 - 06/05/2018 11:31 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180506043144547.dll
06/05/2018 11:31 - 06/05/2018 11:31 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180506043144637.dll
06/05/2018 11:31 - 06/05/2018 11:31 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180506043146347.dll
06/05/2018 11:31 - 06/05/2018 11:31 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180506043146786.dll
06/05/2018 11:31 - 06/05/2018 11:31 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180506043150052.dll
07/05/2018 11:32 - 07/05/2018 11:32 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180507043205156.dll
08/05/2018 19:29 - 08/05/2018 19:29 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180508122912386.dll
09/05/2018 22:52 - 09/05/2018 22:52 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180509155237351.dll
10/05/2018 12:26 - 10/05/2018 12:26 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180510052642465.dll
2018-05-12 00:06 - 2018-05-12 00:06 - 001876480 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180511170608518.dll
12/05/2018 14:19 - 12/05/2018 14:19 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180512071903492.dll
2018-05-13 09:04 - 2018-05-13 09:04 - 001876480 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180513020441684.dll
13/05/2018 12:44 - 13/05/2018 12:44 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180513054444780.dll
15/05/2018 15:50 - 15/05/2018 15:50 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180515085051153.dll
16/05/2018 18:11 - 16/05/2018 18:11 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180516111113256.dll
2018-05-17 13:30 - 2018-05-17 13:30 - 001876480 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180517063048169.dll
2018-05-18 06:04 - 2018-05-18 06:04 - 001876480 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180517230403367.dll
2018-05-19 20:11 - 2018-05-19 20:11 - 001876480 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180519131135448.dll
21/05/2018 16:26 - 21/05/2018 16:26 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180521092620739.dll
24/05/2018 20:04 - 24/05/2018 20:04 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180524130434676.dll
24/05/2018 20:07 - 24/05/2018 20:07 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180524130758830.dll
25/05/2018 18:49 - 25/05/2018 18:49 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180525114936143.dll
27/05/2018 11:29 - 27/05/2018 11:29 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180527042936482.dll
27/05/2018 11:32 - 27/05/2018 11:32 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180527043203417.dll
29/05/2018 12:41 - 29/05/2018 12:41 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180529054151671.dll
10-03-2018 20:05 - 10-03-2018 20:05 - 001853440 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_201831057556.dll
04-03-2018 17:07 - 04-03-2018 17:07 - 001853440 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_201834729734.dll
2018-03-04 17:07 - 2018-03-04 17:07 - 001853440 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_201834729926.dll
04-03-2018 17:07 - 04-03-2018 17:07 - 001853440 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_201834730165.dll
2018-03-04 17:07 - 2018-03-04 17:07 - 001853440 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_201834730337.dll
04-03-2018 17:07 - 04-03-2018 17:07 - 001853440 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_201834732431.dll
2018-03-04 17:07 - 2018-03-04 17:07 - 001853440 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_201834732978.dll
2018-03-04 17:07 - 2018-03-04 17:07 - 001853440 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_201834737307.dll
05-03-2018 17:23 - 05-03-2018 17:23 - 001853440 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_2018352315820.dll
06-03-2018 17:07 - 06-03-2018 17:07 - 001853440 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_201836753120.dll
07-03-2018 17:07 - 07-03-2018 17:07 - 001853440 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_201837752761.dll
09-03-2018 17:07 - 09-03-2018 17:07 - 001853440 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_201839754241.dll
2015-04-09 18:08 - 2017-10-25 17:05 - 058881488 _____ (Skype Technologies S.A.) C: \ Users \ Tom \ AppData \ Local \ Temp \ SkypeSetup.exe
26/06/2014 10:41 - 26/06/2014 11:08 - 028436968 _____ () C: \ Users \ Tom \ AppData \ Local \ Temp \ Softonic_EN_1-5-11_TR-Production_10_CleanRelease.exe
26/06/2014 10:39 - 26/06/2014 11:20 - 028436968 _____ () C: \ Users \ Tom \ AppData \ Local \ Temp \ Softonic_EN_1-5-11_TR-Production_10_CleanRelease [1] .exe
26/06/2014 11:26 - 26/06/2014 11:29 - 028436968 _____ () C: \ Users \ Tom \ AppData \ Local \ Temp \ Softonic_EN_1-5-11_TR-Production_10_CleanRelease [2] .exe

==================== Bamital e volsnap ====================

(Non esiste una correzione automatica per i file che non superano la convalida.)

C: \ Windows \ system32 \ winlogon.exe => Il file è firmato digitalmente
C: \ Windows \ system32 \ wininit.exe => Il file è firmato digitalmente
C: \ Windows \ SysWOW64 \ wininit.exe => File firmato digitalmente
C: \ Windows \ explorer.exe => Il file è firmato digitalmente
C: \ Windows \ SysWOW64 \ explorer.exe => File firmato digitalmente
C: \ Windows \ system32 \ svchost.exe => Il file è firmato digitalmente
C: \ Windows \ SysWOW64 \ svchost.exe => File firmato digitalmente
C: \ Windows \ system32 \ services.exe => Il file è firmato digitalmente
C: \ Windows \ system32 \ User32.dll => Il file è firmato digitalmente
C: \ Windows \ SysWOW64 \ User32.dll => File firmato digitalmente
C: \ Windows \ system32 \ userinit.exe => Il file è firmato digitalmente
C: \ Windows \ SysWOW64 \ userinit.exe => File firmato digitalmente
C: \ Windows \ system32 \ rpcss.dll => Il file è firmato digitalmente
C: \ Windows \ system32 \ dnsapi.dll => Il file è firmato digitalmente
C: \ Windows \ SysWOW64 \ dnsapi.dll => File firmato digitalmente
C: \ Windows \ system32 \ Drivers \ volsnap.sys => File con firma digitale

Informazioni più recenti: 2018-11-09 17:00

==================== FRST.txt sonu ========================= = ==
M

malsaurus

Membro TS
  • #14
Non è possibile pubblicare allegati, il sito pensa che io sia spam.
M

malsaurus

Membro TS
  • #15
Risultato della scansione Farbar Recovery Scan Tool (FRST) (x64) Versione: 08.11.2018
Tom (manager) ha corso a TOMDELL (10-11-2018 12:20:06)
Esegui da C: \ Users \ Tom \ Downloads
Profili installati: Tom (profili disponibili: jl e Tom)
Piattaforma: Windows 7 Professional Service Pack 1 (X64) Lingua: inglese (USA)
Internet Explorer Ver.11 (browser predefinito: FF)
Modalità di avvio: normale
Tutorial sullo strumento di scansione di ripristino Farbar: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processi (Whitelist) ===============

(Se viene aggiunta una voce all'elenco delle correzioni, il processo viene chiuso. Il file non viene spostato.)

(Microsoft Corporation) C: \ Program Dosyaları \ Microsoft Security Client \ MsMpEng.exe
(Realtek Semiconductor) C: \ Programmi \ Realtek \ Audio \ HDA \ RtkAudioService64.exe
(Realtek Semiconductor) C: \ Programmi \ Realtek \ Audio \ HDA \ RAVBg64.exe
(Realtek Semiconductor) C: \ Programmi \ Realtek \ Audio \ HDA \ RAVBg64.exe
(Dell Inc.) C: \ Programmi \ Dell \ DW WLAN Card \ WLTRYSVC.EXE
(Microsoft Corporation) C: \ Windows \ System32 \ wlanext.exe
(Dell Inc.) C: \ Programmi \ Dell \ DW WLAN Card \ BCMWLTRY.EXE
(Andrea Electronics Corporation) C: \ Program Dosyaları \ Realtek \ Audio \ HDA \ AERTSr64.exe
(Broadcom Corporation.) C: \ Program Dosyaları \ WIDCOMM \ Bluetooth Software \ btwdins.exe
(Dropbox, Inc.) C: \ Windows \ System32 \ DbxSvc.exe
() C: \ Programmi (x86) \ Canon \ IJPLM \ ijplmsvc.exe
(Intel (R) Corporation) C: \ Program Files \ Intel \ iCLS Client \ HeciServer.exe
(TeamViewer GmbH) C: \ Program Dosyaları (x86) \ TeamViewer \ Version9 \ TeamViewer_Service.exe
(Microsoft Corporation) C: \ Programmi \ Microsoft Security Client \ NisSrv.exe
(Realtek Semiconductor) C: \ Programmi \ Realtek \ Audio \ HDA \ RtkNGUI64.exe
(Realtek Semiconductor) C: \ Programmi \ Realtek \ Audio \ HDA \ RAVBg64.exe
(Realtek Semiconductor) C: \ Programmi \ Realtek \ Audio \ HDA \ RAVBg64.exe
(Synaptics Incorporated) C: \ Program Dosyaları \ Synaptics \ SynTP \ SynTPEnh.exe
(Dell Inc.) C: \ Programmi \ Dell \ DW WLAN Card \ WLTRAY.EXE
(Intel Corporation) C: \ Windows \ System32 \ igfxtray.exe
(Intel Corporation) C: \ Windows \ System32 \ hkcmd.exe
(Intel Corporation) C: \ Windows \ System32 \ igfxsrvc.exe
(Intel Corporation) C: \ Windows \ System32 \ igfxpers.exe
(Dell Inc.) C: \ Program Dosyaları \ Dell \ QuickSet \ quickset.exe
(Microsoft Corporation) C: \ Programmi \ Microsoft Security Client \ msseces.exe
(iMesh Inc) C: \ Users \ Tom \ AppData \ Local \ Music Toolbar \ Datamngr \ sysctrl.exe
(iMesh Inc) C: \ Users \ Tom \ AppData \ Local \ Music Toolbar \ Datamngr \ x64 \ sysctrl.exe
(Synaptics Incorporated) C: \ Program Dosyaları \ Synaptics \ SynTP \ SynTPHelper.exe
(iMesh Inc) C: \ Users \ Tom \ AppData \ Local \ Music Toolbar \ Datamngr \ DatamngrCoordinator.exe
() C: \ Users \ Tom \ AppData \ Local \ WSE_Astromenda \ BRS \ brs.exe
(iMesh Inc) C: \ Users \ Tom \ AppData \ Local \ Music Toolbar \ Datamngr \ DatamngrCoordinator.exe
(Broadcom Corporation.) C: \ Programmi \ WIDCOMM \ Bluetooth Software \ BTTray.exe
(Microsoft Corporation) C: \ Windows \ SysWOW64 \ rundll32.exe
(Broadcom Corporation.) C: \ Programmi \ WIDCOMM \ Bluetooth Software \ BTStackServer.exe
(Microsoft Corporation) C: \ Programmi \ Internet Explorer \ iexplore.exe
(Valve Corporation) C: \ Programmi (x86) \ Steam \ Steam.exe
(Intel Corporation) C: \ Program Files \ Intel \ Intel (R) Rapid Storage Technology \ IAStorIcon.exe
(Intel Corporation) C: \ Programmi \ Intel \ Intel (R) Rapid Storage Technology \ IAStorDataMgrSvc.exe
(Intel Corporation) C: \ Programmi (x86) \ Intel \ Intel (R) Management Engine Components \ DAL \ Jhi_service.exe
(Intel Corporation) C: \ Programmi (x86) \ Intel \ Intel (R) Management Engine Components \ LMS \ LMS.exe
(SoftThinks SAS) C: \ Programmi (x86) \ Dell Backup and Recovery \ SftService.exe
(Valve Corporation) C: \ Program Dosyaları (x86) \ Steam \ bin \ cef \ cef.win7x64 \ steamwebhelper.exe
(Valve Corporation) C: \ Program Dosyaları (x86) \ Steam \ bin \ cef \ cef.win7x64 \ steamwebhelper.exe
(Valve Corporation) C: \ Program Dosyaları (x86) \ Steam \ bin \ cef \ cef.win7x64 \ steamwebhelper.exe
(Intel Corporation) C: \ Programmi (x86) \ Intel \ Intel (R) USB 3.0 eXtensible Host Controller Driver \ Application \ iusb3mon.exe
(Creative Technology Ltd) C: \ Program Dosyaları (x86) \ Dell Webcam \ Dell Webcam Central \ WebcamDell2.exe
(Valve Corporation) C: \ Programmi (x86) \ File comuni \ Steam \ SteamService.exe
(CANON INC.) C: \ Program Dosyaları (x86) \ Canon \ Quick Menu \ CNQMMAIN.EXE
(Dropbox, Inc.) C: \ Program Dosyaları (x86) \ Dropbox \ Client \ Dropbox.exe
(Adobe Systems Incorporated) C: \ Windows \ System32 \ Macromed \ Flash \ FlashUtil64_31_0_0_122_ActiveX.exe
(Dropbox, Inc.) C: \ Program Dosyaları (x86) \ Dropbox \ Client \ Dropbox.exe
(Dropbox, Inc.) C: \ Program Dosyaları (x86) \ Dropbox \ Client \ Dropbox.exe
(Microsoft Corporation) C: \ Windows \ splwow64.exe
(CANON INC.) C: \ Programmi (x86) \ Canon \ Quick Menu \ CNQMUPDT.EXE
(CANON INC.) C: \ Program Dosyaları (x86) \ Canon \ Quick Menu \ CNQMSWCS.EXE
(SoftThinks - Dell) C: \ Programmi (x86) \ Dell Backup and Recovery \ Toaster.exe
() C: \ Programmi (x86) \ Dell Backup and Recovery \ Components \ Shell \ DBRCrawler.exe
(Microsoft Corporation.) C: \ Programmi (x86) \ Microsoft \ BingBar \ 7.1.362.0 \ SeaPort.EXE
(Microsoft Corporation) C: \ Windows \ System32 \ MsSpellCheckingFacility.exe
(SoftThinks - Dell) C: \ Programmi (x86) \ Dell Backup and Recovery \ Dbr.exe

==================== Registrazione (whitelist) ======================== == =

(Se una voce viene aggiunta all'elenco delle correzioni, l'elemento del registro viene ripristinato al valore predefinito o rimosso. Il file non viene spostato.)

HKLM \ ... \ Run: [RTHDVCPL] => C: \ Program Files \ Realtek \ Audio \ HDA \ RtkNGUI64.exe [7202520 2013-08-20] (Realtek Semiconductor)
HKLM \ ... \ Run: [RtHDVBg] => C: \ Program Files \ Realtek \ Audio \ HDA \ RAVBg64.exe [1321688 2013-08-08] (Realtek Semiconductor)
HKLM \ ... \ Run: [RtHDVBg_PushButton] => C: \ Program Files \ Realtek \ Audio \ HDA \ RAVBg64.exe [1321688 2013-08-08] (Realtek Semiconductor)
HKLM \ ... \ Run: [SynTPEnh] => C: \ Program Dosyaları \ Synaptics \ SynTP \ SynTPEnh.exe [2780400 2013-09-14] (Synaptics Incorporated)
HKLM \ ... \ Run: [Broadcom Wireless Manager user interface] => C: \ Program Files \ Dell \ DW WLAN Card \ WLTRAY.exe [8921600 2013-10-23] (Dell Inc.)
HKLM \ ... \ Run: [QuickSet] => c: \ Program Files \ Dell \ QuickSet \ QuickSet.exe [5774664 2013-09-11] (Dell Inc.)
HKLM \ ... \ Run: [IAStorIcon] => C: \ Program Files \ Intel \ Intel (R) Rapid Storage Technology \ IAStorIcon.exe [287592 2013-08-31] (Intel Corporation)
HKLM \ ... \ Run: [MSC] => c: \ Programmi \ Microsoft Security Client \ msseces.exe [1353680 2016-11-14] (Microsoft Corporation)
HKLM \ ... \ Çalıştır: [Logitech Download Assistant] => C: \ Windows \ system32 \ rundll32.exe C: \ Windows \ System32 \ LogiLDA.dll, LogiFetch
HKLM-x32 \ ... \ Run: [USB3MON] => C: \ Program Files (x86) \ Intel \ Intel (R) USB 3.0 extensible Host Controller Driver \ Application \ iusb3mon.exe [292848 2013-09-05 ] (Intel Foundation)
HKLM-x32 \ ... \ Run: [Dell Webcam Central] => C: \ Programmi (x86) \ Dell Webcam \ Dell Webcam Central \ WebcamDell2.exe [577024 2012-03-07] (Creative Technology Ltd)
HKLM-x32 \ ... \ Run: [CanonQuickMenu] => C: \ Programmi (x86) \ Canon \ Quick Menu \ CNQMMAIN.EXE [1279120 2012-09-27] (CANON INC.)
HKLM-x32 \ ... \ Run: [RazerCortex] => C: \ Program Dosyaları (x86) \ Razer \ Razer Cortex \ RazerCortex.exe -autorun
HKLM-x32 \ ... \ Run: [Dropbox] => C: \ Programmi (x86) \ Dropbox \ Client \ Dropbox.exe [3785536 2018-11-06] (Dropbox, Inc.)
Winlogon \ Notify \ igfxcui: C: \ Windows \ system32 \ igfxdev.dll (Intel Corporation)
HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 \ ... \ Run: [sysctrl] => C: \ Users \ Tom \ AppData \ Local \ Music Toolbar \ Datamngr \ sysctrl.exe [ 70168 2014-06-25) (iMesh Inc)
HKU \ S-1-5-21-2528572-1064671646-1800406956-1001 \ ... \ Run: [sysctrl64] => C: \ Users \ Tom \ AppData \ Local \ Music Toolbar \ Datamngr \ x64 \ sysctrl. exe [82456 2014-06-25] (iMesh Inc)
HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 \ ... \ Run: [sysctrlc] => C: \ Users \ Tom \ AppData \ Local \ Music Toolbar \ Datamngr \ DatamngrCoordinator.exe [ 3823128 2014-06-25] (iMesh Inc)
HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 \ ... \ Run: [BRS] => C: \ Users \ Tom \ AppData \ Local \ WSE_Astromenda \ BRS \ brs.exe [1173504 2014 -08-08] ()
HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 \ ... \ Run: [Google Update] => C: \ Users \ Tom \ AppData \ Local \ Google \ Update \ 1.3.33.17 \ GoogleUpdateCore .exe [601680 2018-05-19] (Google Inc.)
HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 \ ... \ Run: [GoogleChromeAutoLaunch_5189939A0645355218FFECE1F1491836] => C: \ Users \ Tom \ AppData \ Local \ Chromium \ Application \ chrome.exe [663552 2015 -06-28] (autori di Chrome)
HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 \ ... \ Run: [Steam] => C: \ Programmi (x86) \ Steam \ steam.exe [3131680 2018-11-09 ] (Valve Corporation)
HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 \ ... \ Run: [World of Tanks] => "C: \ Games \ World_of_Tanks \ WargamingGameUpdater.exe"
HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 \ ... \ Run: [KakaoTalk] => "C: \ Programmi (x86) \ Cocoa \ KakaoTalk \ KakaoTalk.exe" -bystartup
HKU \ S-1-5-18 \ ... \ RunOnce: [JavaInstallRetry] => RUNONCE = 1 SPONSOR = 0
Lsa: [Pacchetti di notifica] scecli c: \ Program Files \ WIDCOMM \ Bluetooth Software \ BtwProximityCP.dll
Avvio: C: \ ProgramData \ Microsoft \ Windows \ Start Menu \ Programs \ Startup \ Bluetooth.lnk [2014-03-14]
ShortcutTarget: Bluetooth.lnk -> C: \ Programmi \ WIDCOMM \ Bluetooth Software \ BTTray.exe (Broadcom Corporation.)
GroupPolicy: Restriction - Chrome <==== DİKKAT
GroupPolicy \ User: Restriction? <==== DİKKAT
GroupPolicyUsers \ S-1-5-21-252852572-1064671646-1800406956-1001 \ Utente: Limitazione <==== DİKKAT
CHR HKLM \ SOFTWARE \ Policies \ Google: restrizione <==== DİKKAT

==================== Internet (autorizzato) =====================

(Se un elemento è incluso nell'elenco delle correzioni, se è un elemento del registro, viene rimosso o ripristinato all'impostazione predefinita.)

Tcpip \ Parameters: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip \ .. \ Interfaces \ {D501FE14-C8C6-42EF-90C4-FD36AA6C8729}: [DhcpNameServer] 192.168.8.1 192.168.8.1

Internet Explorer:
==================
HKLM \ Software \ Microsoft \ Internet Explorer \ Main, pagina iniziale = hxxp: //go.microsoft.com/fwlink/? LinkID = 617911 & ResetID = 131130558221447530 & GUID = DBCFEA2E-669E-4FEF-ADAA-0257FE0762CC
HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 \ Software \ Microsoft \ Internet Explorer \ Main, pagina iniziale = hxxp: //go.microsoft.com/fwlink/? LinkID = 617911 e ResetID = 131802431285607286 & GUID = DBCFEA2E -669E-4FEF-ADAA-0257FE0762CC
HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = hxxp: //dell13.msn.com/? Pc = DCJB
Ambiti di ricerca: HKLM -> DefaultScope {747A2953-1CA8-48AC-B80F-BB0DB9E62138} URL = hxxp: //www.bing.com/search?q={SearchTerms} formu = MSSEDF vedi pc = MSSE
Ambiti di ricerca: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Ambiti di ricerca: HKLM -> {747A2953-1CA8-48AC-B80F-BB0DB9E62138} URL = hxxp: //www.bing.com/search?q={SearchTerms} formu = MSSEDF vedi pc = MSSE
Ambiti di ricerca: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Ambiti di ricerca: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 -> DefaultScope {747A2953-1CA8-48AC-B80F-BB0DB9E62138} URL = hxxp: //www.bing.com/search?q={SearchTerms} formu = MSSEDF vedi pc = MSSE
SearchScopes: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 -> OldSearch URL = hxxp: //searchinterneat-a.akamaihd.net/s denk = U0EeE1xZE1oZB1ZEfQleBFpCGAYQbV0AAF9cFVcQchRaUVtBDA1BIVtcVFhFRVAQcB9aFQQTSEcFME0FCFwEURNNfWtdEkwdVUZrNVs = & q = {} searchTerms
Ambiti di ricerca: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 -> {1b31c9d2-7135-442b-bb93-7c002172adc6) URL = hxxp: //www.bing.com/search?q={SearchTerms} formu = MSSEDF vedi pc = MSSE
Ambiti di ricerca: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 -> {295E555F-A5F0-42ED-917A-617F365F50E9} URL = hxxp: //search.yahoo.com/yhs/search? Hspart = DDC e hsimp = YHS-ddc_bd e tip = bl-a-dd__alt__ddc_dss_bd_com e p = {searchTerms}
Arama Kapsamları: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = hxxp: //rocket-find.com/results.php? F = 4 già q = {} searchTerms a = rckt_frmr_14_26_ff sono già cD = 2XzuyEtN2Y1L1Qzu0E0C0FyE0B0Bzz0DtB0FzyyByC0C0DtAtN0D0Tzu0SzytCtDtN1L2XzutBtFtBtCtFzztFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyB0Azz0E0F0E0C0DtGtCyDyEtBtG0B0AzzyBtGtDyC0E0DtGtDtA0EtDzz0AyByE0AyE0DyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCyEzz0AyB0ByCtAtGzz0A0D0EtGyB0AtByCtG0A0B0FzytGtA0E0Azy0CtBtAzytA0EzzyE2Q ve CR = 1.797.486,999 mila già IR =
Ambiti di ricerca: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 -> {747A2953-1CA8-48AC-B80F-BB0DB9E62138} URL = hxxp: //www.bing.com/search?q={SearchTerms} formu = MSSEDF vedi pc = MSSE
Ambiti di ricerca: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp: //rocket-find.com/results.php? F = 4 e q = {} searchTerms a = rckt_frmr_14_26_ff e cd = 2xzuyetn2y1l1qzu0e0c0fye0b0bzz0dtb0fzyybyc0c0dtatn0d0tzu0szytctdtn1l2xzutbtftbtctftctctftdtn1l1czutcyetbzytdyd1v1ttn1l1g1b1v1n2y1l1qzu2std0bta0ayd0ctdyetg0aybybtatgzzyd0b0ctgyctc0e0ftgtc0btatd0f0bye0a0e0f0byd2qtn1m1f1b2z1v1n2y1l1qzu2stcyezz0ayb0byctatgzz0a0d0etgyb0atbyctg0a0b0fzytgta0e0azy0ctbtazyta0ezzye2q e IR e CR = 1.712.688,768 mila =
Ambiti di ricerca: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 -> {80c554b9-c7f8-4a21-9471-06d606da78a2) URL = hxxp: //www.bing.com/search?q={SearchTerms} formu = MSSEDF vedi pc = MSSE
Ambiti di ricerca: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2000} URL = hxxp: //dts.search.ask.com/sr? Src = IEB e GCT = ds & appid = & systemId = & v = a15946-1205 & apn_uid = 4431050210474885 & apn_dtid = IME001 e o = APN10653 e apn_ptnrs = AGE e q = {searchTerms}
Ambiti di ricerca: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2001} URL = hxxp: //dts.search.ask.com/sr? Src = IEB & GCT = ds & appid = 1066 & systemId = 1 & v = n13124-409 & apn_uid = 9434405932554208 & apn_dtid = IME001 & o = APN10653 & apn_ptnrs = AGE & q = {searchTerms}
Ambiti di ricerca: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 -> {a62abdee-78a2-4ddb-9355-1c334abd6e43) URL = hxxp: //searchinterneat-a.akamaihd.net/s? Eq = U0EeE1xZE1oZB1ZEfQleBFpCGAYQbV0AAF9cFVcQchRaUVtBDA1BIVtcVFhFRVAQcB9aFQQTSEcFME0FCFwEURNNfWtdEkwdVUZrNVs = ricerca q
Ambiti di ricerca: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 -> {f7bb050c-e116-44da-89c2-6f2b68c54836) URL = hxxp: //www.bing.com/search?q={SearchTerms} formu = MSSEDF vedi pc = MSSE
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C: \ Program Dosyaları \ Canon \ Easy-WebPrint EX \ ewpexbho.dll [2014-07-07] (CANON INC. )
BHO: Gestore della cache dei documenti di Office -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C: \ Program Files \ Microsoft Office \ Office14 \ URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C: \ Program Dosyaları (x86) \ Canon \ Easy-WebPrint EX \ ewpexbho.dll [07/07/2014 ] (CANON INC.)
BHO-x32: Java (tm) Plug-in SSV Helper -> (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) -> C: \ Programmi (x86) \ Java \ jre7 \ bin \ ssv.dll (2014-08-11 ] (Oracle Corporation)
BHO-x32: gestore della cache dei documenti di Office -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C: \ Program Files (x86) \ Microsoft Office \ Office14 \ URLREDIR.DLL [2013-03-06] (Microsoft Corporation )
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C: \ Programmi (x86) \ Microsoft \ BingBar \ 7.1.362.0 \ BingExt.dll [2012-02-13] ( Azienda Microsoft.)
BHO-x32: Java (tm) Plugin 2 SSV Helper -> (DBC80044-A445-435b-BC74-9C25C1C588A9) -> C: \ Programmi (x86) \ Java \ jre7 \ bin \ jp2ssv.dll (2014-08- 11) (Oracle Corporation)
Barra degli strumenti: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C: \ Programmi \ Canon \ Easy-WebPrint EX \ ewpexhlp.dll [07/07/2014] (CANON INC. )
Barra degli strumenti: HKLM-x32 - Canon Easy-WebPrint EX - (759D9886-0C6F-4498-BAB6-4A5F47C6C72F) - C: \ Programmi (x86) \ Canon \ Easy-WebPrint EX \ ewpexhlp.dll (07/07/2014 ] (CANON INC.)
Barra degli strumenti: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C: \ Programmi (x86) \ Microsoft \ BingBar \ 7.1.362.0 \ BingExt.dll [2012-02-13] ( Microsoft Corporation.)
Barra degli strumenti: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 -> Canon Easy-WebPrint EX - (759D9886-0C6F-4498-BAB6-4A5F47C6C72F) - C: \ Program Files \ Canon \ Easy- WebPrint EX \ ewpexhlp.dll [07/07/2014] (CANON INC.)
Gestore: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Nessun file

FireFox:
========
Percorso profilo FF: C: \ Users \ Tom \ AppData \ Roaming \ Mozilla \ Firefox \ Profiles \ 6mnczrhu.default-1509552401858 [2018-11-10]
FF Ana Sayfası: Mozilla \ Firefox \ Profiles \ 6mnczrhu.default-1509552401858 -> hxxps: //id.search.yahoo.com/yhs/web? Hspart = Elm & hsimp = YHS-001 & type = hdr_s_17_44_orgnl & param1 = 1 & param2 =% f% 3D% 3DFirefox% 26cc% 3Did% 26pa% 3Dhodor% 26cd% 3D2XzuyEtN2Y1L1Qzu0E0C0FyE0B0Bzz0DtB0FzyyByC0C0DtAtN0D0Tzu0StBtCtAyEtN1L2XzutAtFtAtBtFtCtFyCyDtN1L1Czu1M1Q1CtAtBtFtAtFtDtN1L1G1B1V1N2Y1L1Qzu2StB0BtC0EtD0F0EtAtGyB0AtC0CtG0CtAtByEtGyCzy0AtBtGtC0ByCzzyEzyzyyE0A0DtD0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0E0D0F0A0FtA0CzytGzy0EyDyCtGyE0CyDyEtGzztCtDtDtGyEzytC0DtCtD0E0FyByBtAyE2QtN0A0LzuyEtN0D0T0S1P1RzutCyDtDzyzzyEtDtBtCyB% 26cr% 3D1609883092% 26a% 3Dhdr_s_17_44_orgnl% 26os_ver% 3D6 .1% 26os% 3DWindows% 2B7% 2BProfessional
Plugin di ricerca FF: C: \ Users \ Tom \ AppData \ Roaming \ Mozilla \ Firefox \ Profiles \ 6mnczrhu.default-1509552401858 \ searchplugins \ yhs.xml [2018-01-25]
FF HKLM-x32 \ ... \ Thunderbird \ Extensions: [msktbird@mcafee.com] - C: \ Program Files \ McAfee \ MSK => non trovato
Plugin FF: @ adobe.com / FlashPlayer -> C: \ Windows \ system32 \ Macromed \ Flash \ NPSWF64_31_0_0_122.dll [2018-10-10] ()
Plugin FF: @ microsoft.com / GENUINE -> disabilitato [Nessun file]
Plugin FF: @ Microsoft.com / NpCtrl, versione = 1.0 -> c: \ Program Files \ Microsoft Silverlight \ 5.1.50907.0 \ npctrl.dll [2017-05-03] (Microsoft Corporation)
Plugin FF: @ microsoft.com / OfficeAuthz, versione = 14.0 -> C: \ PROGRA ~ 1 \ MICROS ~ 1 \ Office14 \ NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Eklentisi-x32: @ adobe.com / FlashPlayer -> C: \ Windows \ SysWOW64 \ Macromed \ Flash \ NPSWF32_31_0_0_122.dll [2018-10-10] ()
FF Plugin-x32: @ canon.com / EPPEX -> C: \ Programmi (x86) \ Canon \ My Image Garden \ AddOn \ CIG \ npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @ intel-webapi.intel.com / Intel WebAPI ipt; versione = 3.5.29 -> C: \ Program Files (x86) \ Intel \ Intel (R) Management Engine Components \ IPT \ npIntelWebAPIIPT.dll [2013-06-01] (Intel Corporation)
FF Plugin-x32: @ intel-webapi.intel.com / Intel WebAPI updater -> C: \ Program Files (x86) \ Intel \ Intel (R) Management Engine Components \ IPT \ npIntelWebAPIUpdater.dll [2013-06-01] (Intel Foundation)
FF Plugin-x32: @ java.com / DTPlugin, versione = 10.67.2 -> C: \ Program Files (x86) \ Java \ jre7 \ bin \ dtplugin \ npDeployJava1.dll [2014-08-11] (Oracle Corporation)
FF Plugin-x32: @ java.com / JavaPlugin, versione = 10.67.2 -> C: \ Program Files (x86) \ Java \ jre7 \ bin \ plugin2 \ npjp2.dll [2014-08-11] (Oracle Corporation)
FF Plugin-x32: @ microsoft.com / GENUINE -> disabilitato [Nessun file]
FF Plugin-x32: @ Microsoft.com / NpCtrl, versione = 1.0 -> c: \ Program Files (x86) \ Microsoft Silverlight \ 5.1.50907.0 \ npctrl.dll [2017-05-03] (Microsoft Corporation)
FF Plugin-x32: @ microsoft.com / OfficeAuthz, versione = 14.0 -> C: \ PROGRA ~ 2 \ MICROS ~ 1 \ Office14 \ NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @ microsoft.com / SharePoint, versione = 14.0 -> C: \ PROGRA ~ 2 \ MICROS ~ 1 \ Office14 \ NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @ videolan.org / vlc, versione = 2.2.8 -> C: \ Program Files (x86) \ VideoLAN \ VLC \ npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C: \ Programmi (x86) \ Adobe \ Reader 11.0 \ Reader \ AIR \ nppdf32.dll [2017-11-01] (Adobe Systems Inc.)
FF Plugin HKU \ S-1-5-21-252852572-1064671646-1800406956-1001: @ talk.google.com / GoogleTalkPlugin -> C: \ Users \ Tom \ AppData \ Roaming \ Mozilla \ plugins \ npgoogletalk.dll [2015 -12-08] (Google)
FF Plugin HKU \ S-1-5-21-252852572-1064671646-1800406956-1001: @ talk.google.com / O1DPlugin -> C: \ Users \ Tom \ AppData \ Roaming \ Mozilla \ plugins \ npo1d.dll [2015 -12-08] (Google)
Plugin FF HKU \ S-1-5-21-252852572-1064671646-1800406956-1001: @ tools.google.com / Google Update; versione = 3 -> C: \ Users \ Tom \ AppData \ Local \ Google \ Update \ 1.3.33.17 \ npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
Plugin FF HKU \ S-1-5-21-252852572-1064671646-1800406956-1001: @ tools.google.com / Google Update; versione = 9 -> C: \ Users \ Tom \ AppData \ Local \ Google \ Update \ 1.3.33.17 \ npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin Program Files / Appdata: C: \ Users \ Tom \ AppData \ Roaming \ mozilla \ plugins \ npgoogletalk.dll [2015-12-08] (Google)
File di programma plug-in FF / Appdata: C: \ Users \ Tom \ AppData \ Roaming \ mozilla \ plugins \ npo1d.dll [2015-12-08] (Google)

==================== Servizi (autorizzati) ====================

(Se una voce viene aggiunta all'elenco delle correzioni, viene rimossa dal registro. Il file non verrà spostato a meno che non sia elencato separatamente).

S2 dbupdat; C: \ Program Dosyaları (x86) \ Dropbox \ Update \ DropboxUpdate.exe [143144 2018-11-09] (Dropbox, Inc.)
S3 dbupdatem; C: \ Program Dosyaları (x86) \ Dropbox \ Update \ DropboxUpdate.exe [143144 2018-11-09] (Dropbox, Inc.)
R2 DbxSvc; C: \ Windows \ system32 \ DbxSvc.exe [51024 2018-11-06] (Dropbox, Inc.)
R2 è IAStorDataMgrSvc; C: \ Programmi \ Intel \ Intel (R) Rapid Storage Technology \ IAStorDataMgrSvc.exe [15720 2013-08-31] (Intel Corporation)
R2 IJPLMSVC; C: \ Programmi (x86) \ Canon \ IJPLM \ IJPLMSVC.EXE [140936 2013-05-15] ()
Interfaccia del servizio di licenza di autorizzazione Intel® R2; c: \ Program Files \ Intel \ iCLS Client \ HeciServer.exe [733696 2013-05-12] (Intel (R) Corporation) [File non firmato]
Interfaccia TCP IP del servizio di licenza in primo piano S3 Intel (R); c: \ Programmi \ Intel \ iCLS Client \ SocketHeciServer.exe [822232 2013-05-12] (Intel (R) Corporation)
R2 jhi_service; C: \ Programmi (x86) \ Intel \ Intel (R) Management Engine Components \ DAL \ jhi_service.exe [169432 2013-06-01] (Intel Corporation)
R2 MsMpSvc; c: \ Program Dosyaları \ Microsoft Security Client \ MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
R3 NisSrv; c: \ Programmi \ Microsoft Security Client \ NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
R2 RtkAudioService; C: \ Programmi \ Realtek \ Audio \ HDA \ RtkAudioService64.exe [246488 2013-06-19] (Realtek Semiconductor)
R2 SftService; C: \ Programmi (x86) \ Dell Backup and Recovery \ SftService.exe [1915920 2013-11-22] (SoftThinks SAS)
S3 WinDefend; C: \ Programmi \ Windows Defender \ mpsvc.dll [1011712 2014-03-14] (Microsoft Corporation)
R2 è wltrysvc; C: \ Programmi \ Dell \ DW Scheda WLAN \ bcmwltry.exe [6170624 2013-10-23] (Dell Inc.) [File non firmato]

===================== Driver (autorizzati) ======================

(Se una voce viene aggiunta all'elenco delle correzioni, viene rimossa dal registro. Il file non verrà spostato a meno che non sia elencato separatamente).

R0 iaStorF; C: \ Windows \ System32 \ drivers \ iaStorF.sys [28008 2013-08-29] (Intel Corporation)
R3 MEIx64; C: \ Windows \ System32 \ DRIVERS \ TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R0 MpFiltre; C: \ Windows \ System32 \ DRIVERS \ MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
R3 NisDrv; C: \ Windows \ System32 \ DRIVERS \ NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
S3 PCDSRVC {D3412D80-CF3B4A27-06020200} _0; c: \ program dosyaları \ dell \ pcdsrvc_x64.pkms [25584 2013-08-10] (PC-Doctor, Inc.)
S3 SmbDrv; C: \ Windows \ system32 \ drivers \ Smb_driver_AMDASF.sys [30448 2013-09-14] (Synaptics Incorporated)
R3 SmbDrvl; C: \ Windows \ System32 \ DRIVERS \ Smb_driver_Intel.sys [34544 2013-09-14] (Synaptics Incorporated)
S1 mmaennbv; \ ?? \ C: \ Windows \ system32 \ drivers \ mmaennbv.sys [X]
S1 MpKs19b5e44a7; \ ?? \ c: \ ProgramData \ Microsoft \ Microsoft Anti-Malware \ Definition Updates \ {06717DA4-6C54-415D-AA4E-217CE011D206} \ MpKsl9b5e44a7.sys [X]
S1 niatpksbo; \ ?? \ C: \ Windows \ system32 \ drivers \ niatpxbo.sys [X]
S3 OATool; \ ?? \ C: \ Users \ ADMINI ~ 1 \ AppData \ Local \ Temp \ OAToolx64.sys [X] <==== DİKKAT
S1 spaltjok; \ ?? \ C: \ Windows \ system32 \ drivers \ spaltjok.sys [X]
S1 szftsrbn; \ ?? \ C: \ Windows \ system32 \ drivers \ szftsrbn.sys [X]

==================== NetSvcs (Whitelist) ===================

(Se una voce viene aggiunta all'elenco delle correzioni, viene rimossa dal registro. Il file non verrà spostato a meno che non sia elencato separatamente).


==================== File e cartelle creati in un mese ========

(Se una voce viene aggiunta all'elenco delle correzioni, il file / cartella verrà spostato.)

Errore (1) durante la lettura del file: "C: \ Users \ Tom \ Downloads \ Titanfall Rap, JT Machinima, THK e Borderline Disaster -"
10/11/2018 12:04 - 10/11/2018 12:05 - 000000000 ___RD C: \ Users \ Tom \ Dropbox
10/11/2018 12:04 - 10/11/2018 12:04 - 000001228 _____ C: \ Users \ Tom \ Desktop \ Dropbox.lnk
10/11/2018 10:55 - 10/11/2018 12:10 - 000056434 _____ C: \ Users \ Tom \ Downloads \ Addition.txt
10/11/2018 10:51 - 10/11/2018 12:20 - 000023636 _____ C: \ Users \ Tom \ Downloads \ FRST.txt
10/11/2018 10:47 - 10/11/2018 10:47 - 000000000 ____D C: \ Users \ Tom \ Downloads \ FRST-OlderVersion
10/11/2018 10:46 - 10/11/2018 12:20 - 000000000 ____D C: \ FRST
10/11/2018 10:45 - 10/11/2018 12:01 - 002415616 _____ (Farbar) C: \ Users \ Tom \ Downloads \ FRST64.exe
2018-11-09 18:08 - 2018-11-09 18:08 - 000000000 ____D C: \ ProgramData \ Microsoft \ Windows \ Menu Start \ Programmi \ Dropbox
09-11-2018 18:05 - 09-11-2018 18:05 - 000000000 ____D C: \ Users \ jl \ AppData \ Roaming \ Dropbox
2018-11-09 18:03 - 2018-11-10 12:08 - 000000900 _____ C: \ Windows \ Tasks \ DropboxUpdateTaskMachineUA.job
09/11/2018 18:03 - 10/11/2018 11:55 - 000000896 _____ C: \ Windows \ Tasks \ DropboxUpdateTaskMachineCore.job
09-11-2018 18:03 - 09-11-2018 18:03 - 000003896 _____ C: \ Windows \ System32 \ Tasks \ DropboxUpdateTaskMachineUA
09-11-2018 18:03 - 09-11-2018 18:03 - 000003644 _____ C: \ Windows \ System32 \ Tasks \ DropboxUpdateTaskMachineCore
09-11-2018 18:02 - 09-11-2018 18:09 - 000000000 ____D C: \ Programmi (x86) \ Dropbox
09-11-2018 17:44 - 10-11-2018 12:04 - 000000000 ____D C: \ Users \ Tom \ AppData \ Local \ Dropbox
09-11-2018 17:44 - 10-11-2018 11:52 - 000000000 ____D C: \ Users \ jl \ AppData \ Local \ Dropbox
09-11-2018 17:44 - 09-11-2018 18:02 - 000696608 _____ (Dropbox, Inc.) C: \ Users \ Tom \ Downloads \ DropboxInstaller.exe
09-11-2018 17:44 - 09-11-2018 17:44 - 000000000 ____D C: \ ProgramData \ Dropbox
06/11/2018 20:06 - 06/11/2018 20:06 - 000051024 _____ (Dropbox, Inc.) C: \ Windows \ system32 \ DbxSvc.exe
06/11/2018 20:06 - 06/11/2018 20:06 - 000047768 _____ (Dropbox, Inc.) C: \ Windows \ system32 \ Sürücüler \ dbx-dev.sys
06/11/2018 20:06 - 06/11/2018 20:06 - 000047768 _____ (Dropbox, Inc.) C: \ Windows \ system32 \ Sürücüler \ dbx-canary.sys
06/11/2018 20:06 - 06/11/2018 20:06 - 000045640 _____ (Dropbox, Inc.) C: \ Windows \ system32 \ Sürücüler \ dbx-stable.sys
12-10-2018 11:49 - 12-10-2018 11:49 - 000000020 _____ C: \ Users \ Tom \ Desktop \ SOUL.txt

==================== File e cartelle modificati per un mese ========

(Se una voce viene aggiunta all'elenco delle correzioni, il file / cartella verrà spostato.)
M

malsaurus

Membro TS
  • #16
10/11/2018 12:18 - 14/03/2014 09:25 - 000000000 ____D C: \ Programmi (x86) \ Dell Backup and Recovery
10/11/2018 12:06 - 14/07/2009 11:45 - 000030704 ____H C: \ Windows \ system32 \ 7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
10/11/2018 12:06 - 14/07/2009 11:45 - 000030704 ____H C: \ Windows \ system32 \ 7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
10/11/2018 12:05 - 18/09/2016 09:25 - 000000266 _____ C: \ Windows \ Tasks \ {4B63B3D9-A905-B81E-883E-3B544CC01479} .job
10/11/2018 12:04 - 16/04/2014 14:17 - 000000000 ____D C: \ Users \ Tom
10/11/2018 12:03 - 29/03/2016 20:03 - 000000262 _____ C: \ Windows \ Tasks \ Update_Task.job
10/11/2018 11:59 - 16/04/2017 12:44 - 000000000 ____D C: \ Programmi (x86) \ Steam
10/11/2018 11:56 - 15/07/2014 19:08 - 000000000 ____D C: \ ProgramData \ Datamngr
10/11/2018 11:55 - 16/04/2014 14:17 - 000003956 __RSH C: \ Users \ Tom \ ntuser.pol
10/11/2018 11:54 - 04/12/2017 05:08 - 000000000 ____D C: \ Programmi (x86) \ Mozilla Firefox
10/11/2018 11:54 - 16-04-2014 10:12 - 000000000 ____D C: \ Programmi (x86) \ Servizio di manutenzione Mozilla
10/11/2018 11:54 - 14/07/2009 12:08 - 000000006 ____H C: \ Windows \ Tasks \ SA.DAT
10/11/2018 11:44 - 16/04/2014 06:14 - 000086072 _____ C: \ Users \ jl \ AppData \ Local \ GDIPFONTCACHEV1.DAT
10/11/2018 11:42 - 05/11/2017 07:06 - 000000266 _____ C: \ Windows \ Tasks \ {58F8473A-A6D6-EB55-AF4D-772F0358E8D9} .job
10/11/2018 11:23 - 14/07/2016 00:03 - 000000266 _____ C: \ Windows \ Tasks \ {1B7B29A5-081A-DBB0-79E4-101AD15B16AA} .job
10/11/2018 10:42 - 04/09/2015 18:04 - 000000000 ____D C: \ Kullanıcılar \ Tom \ AppData \ Local \ {357E0322-11D6-6F9A-7C4E-4A725826B6EA}
10/11/2018 07:46 - 14/07/2009 10:20 - 000000000 ____D C: \ Windows \ system32 \ NDF
10/11/2018 05:26 - 19/11/2016 05:51 - 000000000 ____D C: \ Users \ Tom \ AppData \ LocalLow \ Mozilla
10/11/2018 05:11 - 25/01/2018 06:40 - 000000000 ____D C: \ Users \ Tom \ AppData \ Local \ Direc
09/11/2018 19:39 - 20/05/2014 17:23 - 000000000 ____D C: \ Users \ Tom \ AppData \ Local \ Unity
09/11/2018 19:37 - 29/06/2014 10:30 - 000000000 ____D C: \ Users \ Tom \ AppData \ Local \ Rocket
09-11-2018 17:39 - 16-04-2017 16:55 - 000000000 ____D C: \ Users \ Tom \ AppData \ Roaming \ Microsoft \ Windows \ Start Menu \ Programmi \ Steam
16-10-2018 04:48 - 21/11/2010 10:27 - 000559880 ____N (Microsoft Corporation) C: \ Windows \ system32 \ MpSigStub.exe
12/10/2018 16:33 - 06/11/2016 21:35 - 000000000 ____D C: \ Users \ Tom \ AppData \ Local \ CrossCode
11-10-2018 18:50 - 14-07-2009 10:20 - 000000000 ____D C: \ Windows \ rescache
11-10-2018 08:43 - 16-04-2014 06:09 - 000000000 ____D C: \ Users \ jl
2018-10-11 03:51 - 2009-07-14 12:13 - 000783606 _____ C: \ Windows \ system32 \ PerfStringBackup.INI
2018-10-11 03:51 - 2009-07-14 10:20 - 000000000 ____D C: \ Windows \ inf
2018-10-11 03:44 - 2009-07-14 11:45 - 000342728 _____ C: \ Windows \ system32 \ FNTCACHE.DAT
11-10-2018 03:19 - 16-04-2014 06:42 - 000000000 ____D C: \ Windows \ system32 \ MRT
11-10-2018 03:13 - 16-04-2014 06:42 - 136745976 ____C (Microsoft Corporation) C: \ Windows \ system32 \ MRT.exe
11-10-2018 03:08 - 10-02-2011 21:33 - 000767916 _____ C: \ Windows \ SysWOW64 \ PerfStringBackup.INI

==================== File nella radice di alcune directory =======

12/03/2015 19:07 - 11/01/2015 19:07 - 000000032 ____R () C: \ ProgramData \ hash.dat
21-10-2016 18:39 - 21-10-2016 18:39 - 003187734 _____ () C: \ Users \ Tom \ AppData \ Roaming \ sb195.dat
13-12-2016 08:55 - 13-12-2016 08:55 - 003634196 _____ () C: \ Users \ Tom \ AppData \ Roaming \ sb476.dat
31/07/2014 08:47 - 09/09/2018 18:42 - 000000503 _____ () C: \ Users \ Tom \ AppData \ Roaming \ WB.CFG
02/12/2014 06:39 - 18/12/2014 00:39 - 000000001 _____ () C: \ Users \ Tom \ AppData \ Local \ DSI.DAT
02/12/2014 06:39 - 02/12/2014 06:39 - 000022528 _____ () C: \ Users \ Tom \ AppData \ Local \ dsisetup1488231282.exe
18/12/2014 00:39 - 18/12/2014 00:39 - 000022528 _____ () C: \ Users \ Tom \ AppData \ Local \ dsisetup3359250182.exe
25-03-2018 21:59 - 25-03-2018 21:59 - 000040960 _____ () C: \ Users \ Tom \ AppData \ Local \ Web Data
25-03-2018 21:59 - 25-03-2018 21:59 - 000000512 _____ () C: \ Users \ Tom \ AppData \ Local \ Web Data log
2017-12-13 02:46 - 2018-01-09 03:11 - 000000068 _____ () C: \ Users \ Tom \ AppData \ Local \ xdt9m2fvbr

File da spostare o eliminare:
====================
C: \ Windows \ Görevler \ {1B7B29A5-081A-DBB0-79E4-101AD15B16AA} .job
C: \ Windows \ Görevler \ {4B63B3D9-A905-B81E-883E-3B544CC01479} .job
C: \ Windows \ Tasks \ {58F8473A-A6D6-EB55-AF4D-772F0358E8D9} .job


Alcuni file in TEMP:
====================
25/06/2015 07:53 - 25/06/2015 07:53 - 000026936 _____ (TuneUp Software) C: \ Users \ jl \ AppData \ Local \ Temp \ DseShExt-x64.dll
25/06/2015 07:53 - 25/06/2015 07:53 - 000028984 _____ (TuneUp Software) C: \ Users \ jl \ AppData \ Local \ Temp \ DseShExt-x86.dll
18/06/2013 23:53 - 18/06/2013 23:53 - 000865424 ____N (CANON INC.) C: \ Users \ jl \ AppData \ Local \ Temp \ MSETUP4.EXE
2011-03-14 19:31 - 2011-03-14 19:31 - 000149352 ____R (Microsoft Corporation) C: \ Users \ jl \ AppData \ Local \ Temp \ ose00000.exe
25/06/2015 07:53 - 25/06/2015 07:53 - 000032568 _____ (TuneUp Software) C: \ Users \ jl \ AppData \ Local \ Temp \ SDShelEx-win32.dll
25/06/2015 07:53 - 25/06/2015 07:53 - 000032056 _____ (TuneUp Software) C: \ Users \ jl \ AppData \ Local \ Temp \ SDShelEx-x64.dll
22/05/2014 08:55 - 22/05/2014 08:55 - 002936832 _____ () C: \ Users \ Tom \ AppData \ Local \ Temp \ ffmpeg16.exe
29/05/2014 13:56 - 29/05/2014 13:57 - 017938608 _____ (Adobe Systems Incorporated) C: \ Users \ Tom \ AppData \ Local \ Temp \ fp_pl_pfs_installer-1.exe
24/05/2014 11:53 - 24/05/2014 11:54 - 017938608 _____ (Adobe Systems Incorporated) C: \ Users \ Tom \ AppData \ Local \ Temp \ fp_pl_pfs_installer.exe
16/05/2016 18:00 - 16/05/2016 18:01 - 000000000 _____ () C: \ Users \ Tom \ AppData \ Local \ Temp \ GUR280F.exe
23/01/2015 19:03 - 21/01/2015 06:32 - 002124520 _____ () C: \ Users \ Tom \ AppData \ Local \ Temp \ Helper.DLL
12/03/2015 19:08 - 12/03/2015 19:08 - 000058368 ____N () C: \ Users \ Tom \ AppData \ Local \ Temp \ jshortcut-3012483557483484761.dll
12/03/2015 19:40 - 12/03/2015 19:40 - 000058368 ____N () C: \ Users \ Tom \ AppData \ Local \ Temp \ jshortcut-7151043099465511510.dll
18/06/2013 23:53 - 18/06/2013 23:53 - 000865424 ____N (CANON INC.) C: \ Users \ Tom \ AppData \ Local \ Temp \ MSETUP4.EXE
11/04/2015 19:04 - 23/03/2015 07:33 - 001792744 _____ () C: \ Users \ Tom \ AppData \ Local \ Temp \ MusicAppHelper.DLL
10-03-2018 20:08 - 10-03-2018 20:08 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180310130822301.dll
10-03-2018 20:08 - 10-03-2018 20:08 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180310130823619.dll
10-03-2018 20:08 - 10-03-2018 20:08 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180310130824152.dll
10-03-2018 20:08 - 10-03-2018 20:08 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180310130824917.dll
10-03-2018 20:08 - 10-03-2018 20:08 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180310130832216.dll
10-03-2018 20:08 - 10-03-2018 20:08 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180310130835050.dll
10-03-2018 20:08 - 10-03-2018 20:08 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180310130851423.dll
11-03-2018 20:09 - 11-03-2018 20:09 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180311130926198.dll
2018-03-14 07:14 - 2018-03-14 07:14 - 001857024 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180314001435848.dll
15-03-2018 10:15 - 15-03-2018 10:15 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180315031541953.dll
15-03-2018 13:17 - 15-03-2018 13:17 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180315061702218.dll
2018-03-15 20:32 - 2018-03-15 20:32 - 001857024 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180315133218571.dll
16-03-2018 20:24 - 16-03-2018 20:24 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180316132440582.dll
2018-03-18 07:44 - 2018-03-18 07:44 - 001857024 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180318004447094.dll
2018-03-18 20:09 - 2018-03-18 20:09 - 001857024 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180318130924025.dll
21-03-2018 07:16 - 21-03-2018 07:16 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180321001604795.dll
21-03-2018 20:09 - 21-03-2018 20:09 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180321130925214.dll
22-03-2018 20:09 - 22-03-2018 20:09 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180322130924714.dll
2018-03-23 ​​20:09 - 2018-03-23 ​​20:09 - 001857024 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180323130924452.dll
24-03-2018 06:42 - 24-03-2018 06:42 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180323234211738.dll
24-03-2018 20:09 - 24-03-2018 20:09 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180324130923461.dll
25-03-2018 10:03 - 25-03-2018 10:03 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180325030314080.dll
25-03-2018 10:53 - 25-03-2018 10:53 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180325035300424.dll
25-03-2018 12:03 - 25-03-2018 12:03 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180325050354224.dll
25-03-2018 20:09 - 25-03-2018 20:09 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180325130923968.dll
2018-03-26 20:09 - 2018-03-26 20:09 - 001857024 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180326130924703.dll
2018-03-27 20:09 - 2018-03-27 20:09 - 001857024 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180327130924106.dll
2018-03-28 20:27 - 2018-03-28 20:27 - 001857024 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180328132717552.dll
30-03-2018 10:42 - 30-03-2018 10:42 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180330034228662.dll
01-04-2018 13:44 - 01-04-2018 13:44 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180401064436791.dll
01-04-2018 15:08 - 01-04-2018 15:08 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180401080822166.dll
01-04-2018 20:09 - 01-04-2018 20:09 - 001857024 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180401130923017.dll
01-04-2018 20:17 - 01-04-2018 20:17 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180401131740502.dll
01-04-2018 20:17 - 01-04-2018 20:17 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180401131740656.dll
01-04-2018 20:17 - 01-04-2018 20:17 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180401131740791.dll
01-04-2018 20:17 - 01-04-2018 20:17 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180401131740894.dll
01-04-2018 20:17 - 01-04-2018 20:17 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180401131743947.dll
01-04-2018 20:17 - 01-04-2018 20:17 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180401131744097.dll
01-04-2018 20:17 - 01-04-2018 20:17 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180401131746304.dll
02-04-2018 08:27 - 02-04-2018 08:27 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180402012709675.dll
02-04-2018 20:17 - 02-04-2018 20:17 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180402131757707.dll
03-04-2018 07:25 - 03-04-2018 07:25 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180403002518959.dll
2018-04-03 10:09 - 2018-04-03 10:09 - 001876992 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180403030929327.dll
03-04-2018 20:18 - 03-04-2018 20:18 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180403131800132.dll
03-04-2018 20:34 - 03-04-2018 20:34 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180403133404920.dll
03-04-2018 20:43 - 03-04-2018 20:43 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180403134330427.dll
03-04-2018 20:57 - 03-04-2018 20:57 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180403135749671.dll
04-04-2018 09:52 - 04-04-2018 09:52 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180404025254232.dll
04-04-2018 12:57 - 04-04-2018 12:57 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180404055706841.dll
04-04-2018 13:26 - 04-04-2018 13:26 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180404062609230.dll
04-04-2018 14:22 - 04-04-2018 14:22 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180404072202784.dll
04-04-2018 15:27 - 04-04-2018 15:27 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180404082704587.dll
04-04-2018 20:17 - 04-04-2018 20:17 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180404131758871.dll
05-04-2018 20:17 - 05-04-2018 20:17 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180405131757452.dll
06-04-2018 08:32 - 06-04-2018 08:32 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180406013230995.dll
06-04-2018 08:41 - 06-04-2018 08:41 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180406014114698.dll
06-04-2018 09:49 - 06-04-2018 09:49 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180406024955766.dll
06-04-2018 10:24 - 06-04-2018 10:24 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180406032408588.dll
06-04-2018 12:55 - 06-04-2018 12:55 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180406055544648.dll
06-04-2018 16:12 - 06-04-2018 16:12 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180406091226749.dll
06-04-2018 20:18 - 06-04-2018 20:18 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180406131817058.dll
08-04-2018 10:18 - 08-04-2018 10:18 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180408031842534.dll
08-04-2018 13:00 - 08-04-2018 13:00 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180408060008326.dll
08-04-2018 21:48 - 08-04-2018 21:48 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180408144823767.dll
09-04-2018 20:17 - 09-04-2018 20:17 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180409131757781.dll
10-04-2018 20:07 - 10-04-2018 20:07 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180410130749447.dll
10-04-2018 20:17 - 10-04-2018 20:17 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180410131756831.dll
11-04-2018 20:17 - 11-04-2018 20:17 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180411131757785.dll
12-04-2018 20:18 - 12-04-2018 20:18 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180412131800701.dll
2018-04-13 09:35 - 2018-04-13 09:35 - 001876992 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180413023510806.dll
2018-04-13 20:17 - 2018-04-13 20:17 - 001876992 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180413131758814.dll
2018-04-14 13:33 - 2018-04-14 13:33 - 001876992 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180414063341001.dll
2018-04-14 20:17 - 2018-04-14 20:17 - 001876992 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180414131757035.dll
15-04-2018 10:40 - 15-04-2018 10:40 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180415034011422.dll
16-04-2018 11:28 - 16-04-2018 11:28 - 001876992 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180416042840055.dll
16-04-2018 11:30 - 16-04-2018 11:30 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180416043027562.dll
16-04-2018 11:30 - 16-04-2018 11:30 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180416043027760.dll
16-04-2018 11:30 - 16-04-2018 11:30 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180416043028264.dll
16-04-2018 11:30 - 16-04-2018 11:30 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180416043028576.dll
16-04-2018 11:30 - 16-04-2018 11:30 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180416043030541.dll
16-04-2018 11:30 - 16-04-2018 11:30 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180416043030662.dll
16-04-2018 11:30 - 16-04-2018 11:30 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180416043033561.dll
16-04-2018 21:56 - 16-04-2018 21:56 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180416145651595.dll
2018-04-17 11:30 - 2018-04-17 11:30 - 001876480 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180417043044605.dll
19-04-2018 19:17 - 19-04-2018 19:17 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180419121751055.dll
21-04-2018 22:06 - 21-04-2018 22:06 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180421150601262.dll
21-04-2018 22:10 - 21-04-2018 22:10 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180421151056879.dll
22-04-2018 11:35 - 22-04-2018 11:36 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180422043556502.dll
24-04-2018 18:52 - 24-04-2018 18:52 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180424115249153.dll
25-04-2018 11:30 - 25-04-2018 11:30 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180425043044222.dll
2018-04-27 06:28 - 2018-04-27 06:28 - 001876480 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180426232851539.dll
27-04-2018 16:35 - 27-04-2018 16:35 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180427093543465.dll
29-04-2018 13:45 - 29-04-2018 13:45 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180429064526831.dll
30-04-2018 19:56 - 30-04-2018 19:56 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180430125656533.dll
2018-04-30 20:34 - 2018-04-30 20:34 - 001876480 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180430133452682.dll
01/05/2018 11:30 - 01/05/2018 11:30 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180501043043811.dll
02/05/2018 11:30 - 02/05/2018 11:30 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180502043044900.dll
03/05/2018 19:13 - 03/05/2018 19:13 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180503121347084.dll
2018-05-04 14:06 - 2018-05-04 14:06 - 001876480 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180504070639579.dll
06/05/2018 11:30 - 06/05/2018 11:30 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180506043043856.dll
06/05/2018 11:31 - 06/05/2018 11:31 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180506043144039.dll
06/05/2018 11:31 - 06/05/2018 11:31 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180506043144356.dll
06/05/2018 11:31 - 06/05/2018 11:31 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180506043144547.dll
06/05/2018 11:31 - 06/05/2018 11:31 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180506043144637.dll
06/05/2018 11:31 - 06/05/2018 11:31 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180506043146347.dll
06/05/2018 11:31 - 06/05/2018 11:31 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180506043146786.dll
06/05/2018 11:31 - 06/05/2018 11:31 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180506043150052.dll
07/05/2018 11:32 - 07/05/2018 11:32 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180507043205156.dll
08/05/2018 19:29 - 08/05/2018 19:29 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180508122912386.dll
09/05/2018 22:52 - 09/05/2018 22:52 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180509155237351.dll
10/05/2018 12:26 - 10/05/2018 12:26 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180510052642465.dll
2018-05-12 00:06 - 2018-05-12 00:06 - 001876480 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180511170608518.dll
12/05/2018 14:19 - 12/05/2018 14:19 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180512071903492.dll
2018-05-13 09:04 - 2018-05-13 09:04 - 001876480 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180513020441684.dll
13/05/2018 12:44 - 13/05/2018 12:44 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180513054444780.dll
15/05/2018 15:50 - 15/05/2018 15:50 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180515085051153.dll
16/05/2018 18:11 - 16/05/2018 18:11 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180516111113256.dll
2018-05-17 13:30 - 2018-05-17 13:30 - 001876480 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180517063048169.dll
2018-05-18 06:04 - 2018-05-18 06:04 - 001876480 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180517230403367.dll
2018-05-19 20:11 - 2018-05-19 20:11 - 001876480 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180519131135448.dll
21/05/2018 16:26 - 21/05/2018 16:26 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180521092620739.dll
24/05/2018 20:04 - 24/05/2018 20:04 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180524130434676.dll
24/05/2018 20:07 - 24/05/2018 20:07 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180524130758830.dll
25/05/2018 18:49 - 25/05/2018 18:49 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180525114936143.dll
27/05/2018 11:29 - 27/05/2018 11:29 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180527042936482.dll
27/05/2018 11:32 - 27/05/2018 11:32 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180527043203417.dll
29/05/2018 12:41 - 29/05/2018 12:41 - 001876480 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_180529054151671.dll
10-03-2018 20:05 - 10-03-2018 20:05 - 001853440 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_201831057556.dll
04-03-2018 17:07 - 04-03-2018 17:07 - 001853440 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_201834729734.dll
2018-03-04 17:07 - 2018-03-04 17:07 - 001853440 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_201834729926.dll
04-03-2018 17:07 - 04-03-2018 17:07 - 001853440 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_201834730165.dll
2018-03-04 17:07 - 2018-03-04 17:07 - 001853440 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_201834730337.dll
04-03-2018 17:07 - 04-03-2018 17:07 - 001853440 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_201834732431.dll
2018-03-04 17:07 - 2018-03-04 17:07 - 001853440 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_201834732978.dll
2018-03-04 17:07 - 2018-03-04 17:07 - 001853440 _____ (Opera Software) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_201834737307.dll
05-03-2018 17:23 - 05-03-2018 17:23 - 001853440 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_2018352315820.dll
06-03-2018 17:07 - 06-03-2018 17:07 - 001853440 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_201836753120.dll
07-03-2018 17:07 - 07-03-2018 17:07 - 001853440 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_201837752761.dll
09-03-2018 17:07 - 09-03-2018 17:07 - 001853440 _____ (Software Opera) C: \ Users \ Tom \ AppData \ Local \ Temp \ Opera_installer_201839754241.dll
2015-04-09 18:08 - 2017-10-25 17:05 - 058881488 _____ (Skype Technologies S.A.) C: \ Users \ Tom \ AppData \ Local \ Temp \ SkypeSetup.exe
26/06/2014 10:41 - 26/06/2014 11:08 - 028436968 _____ () C: \ Users \ Tom \ AppData \ Local \ Temp \ Softonic_EN_1-5-11_TR-Production_10_CleanRelease.exe
26/06/2014 10:39 - 26/06/2014 11:20 - 028436968 _____ () C: \ Users \ Tom \ AppData \ Local \ Temp \ Softonic_EN_1-5-11_TR-Production_10_CleanRelease [1] .exe
26/06/2014 11:26 - 26/06/2014 11:29 - 028436968 _____ () C: \ Users \ Tom \ AppData \ Local \ Temp \ Softonic_EN_1-5-11_TR-Production_10_CleanRelease [2] .exe

==================== Bamital e volsnap ====================

(Non esiste una correzione automatica per i file che non superano la convalida.)

C: \ Windows \ system32 \ winlogon.exe => Il file è firmato digitalmente
C: \ Windows \ system32 \ wininit.exe => Il file è firmato digitalmente
C: \ Windows \ SysWOW64 \ wininit.exe => File firmato digitalmente
C: \ Windows \ explorer.exe => Il file è firmato digitalmente
C: \ Windows \ SysWOW64 \ explorer.exe => File firmato digitalmente
C: \ Windows \ system32 \ svchost.exe => Il file è firmato digitalmente
C: \ Windows \ SysWOW64 \ svchost.exe => File firmato digitalmente
C: \ Windows \ system32 \ services.exe => Il file è firmato digitalmente
C: \ Windows \ system32 \ User32.dll => Il file è firmato digitalmente
C: \ Windows \ SysWOW64 \ User32.dll => File firmato digitalmente
C: \ Windows \ system32 \ userinit.exe => Il file è firmato digitalmente
C: \ Windows \ SysWOW64 \ userinit.exe => File firmato digitalmente
C: \ Windows \ system32 \ rpcss.dll => Il file è firmato digitalmente
C: \ Windows \ system32 \ dnsapi.dll => Il file è firmato digitalmente
C: \ Windows \ SysWOW64 \ dnsapi.dll => File firmato digitalmente
C: \ Windows \ system32 \ Drivers \ volsnap.sys => File con firma digitale

Informazioni più recenti: 2018-11-09 17:00

==================== FRST.txt sonu ========================= = ==
M

malsaurus

Membro TS
  • #17
Risultato della scansione aggiuntiva di Farbar Recovery Scan Tool (x64) Versione: 08.11.2018
Gestito da Tom (10-11-2018 12:20:41)
Esegui da C: \ Users \ Tom \ Downloads
Windows 7 Professional Service Pack 1 (X64) (2014-04-15 23:08:59)
Modalità di avvio: normale
==========================================================


==================== Account: ============================ =

Manager (S-1-5-21-252852572-1064671646-1800406956-500 - Manager - Disabilitato)
Ospite (S-1-5-21-252852572-1064671646-1800406956-501 - Limitato - Disabilitato)
Gruppo HomeUtente $ (S-1-5-21-252852572-1064671646-1800406956-1003 - Limitato - Attivo)
jl (S-1-5-21-252852572-1064671646-1800406956-1000 - Amministratore - Attivo) => C: \ Users \ jl
Tom (S-1-5-21-252852572-1064671646-1800406956-1001 - Amministratore - Attivo) => C: \ Users \ Tom

==================== Centro sicurezza PC ========================

(Se una voce viene aggiunta all'elenco delle correzioni, verrà rimossa.)

AV: Microsoft Security Essentials (Attivo - Attuale) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Attivo - Attuale) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (disabilitato - corrente) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programmi installati ======================

(Solo i programmi adware con il flag "Nascosto" possono essere aggiunti all'elenco delle correzioni per mostrarli. I programmi adware devono essere rimossi manualmente.)

Adobe Flash Player 31 ActiveX (HKLM-x32 \ ... \ Adobe Flash Player ActiveX) (Sürüm: 31.0.0.122 - Adobe Systems Incorporated)
Adobe Flash Player 31 NPAPI (HKLM-x32 \ ... \ Adobe Flash Player NPAPI) (Sürüm: 31.0.0.122 - Adobe Systems Incorporated)
Adobe Reader XI MUI (HKLM-x32 \ ... \ {AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Sürüm: 11.0.00 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.23) (HKLM-x32 \ ... \ {AC76BA86-7AD7-1033-7B44-AB0000000001}) (Sürüm: 11.0.23 - Adobe Systems Incorporated)
Advanced Sound FX Engine (HKLM-x32 \ ... \ Advanced Sound FX Engine) (Versione: 1.12.05 - Creative Technology Ltd)
Bing Bar (HKLM-x32 \ ... \ (16793295-2366-40F7-A045-A3E42A81365E)) (Versione: 7.1.362.0 - Microsoft Corporation)
Canon Easy-WebPrint EX (HKLM-x32 \ ... \ Easy-WebPrint EX) (Sürüm: 1.5.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32 \ ... \ Canon_IJ_Scan_Utility) (Versione: - Canon Inc.)
Canon Inkjet Printer / Scanner / Fax Extended Survey Program (HKLM-x32 \ ... \ CANONIJPLM100) (Versione: 4.1.0 - Canon Inc.)
MP Drivers Canon MX390 series (HKLM \ ... \ (1199FAD5-9546-44f3-81CF-FFDB8040B7BF) _Canon_MX390_series) (Versione: 1.00 - Canon Inc.)
Canon MX390 series Display Manual (HKLM-x32 \ ... \ Canon MX390 series Display Manual) (Versione: 7.6.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32 \ ... \ Canon My Image Garden) (Sürüm: 1.1.2 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32 \ ... \ Canon My Image Garden Design Files) (Versione: 1.0.1 - Canon Inc.)
My Canon Printer (HKLM-x32 \ ... \ CanonMyPrinter) (Versione: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32 \ ... \ CanonQuickMenu) (Versione: 2.1.0 - Canon Inc.)
Canon Speed ​​Dial Utility (HKLM-x32 \ ... \ Speed ​​Dial Utility) (Versione: 1.3.0 - Canon Inc.)
Chrome (HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 \ ... \ Chromium) (Versione: 45.0.2444.0 - Chrome)
Modulo Cisco EAP-FAST (HKLM-x32 \ ... \ (64BF0187-F3D2-498B-99EA-163AF9AE6EC9)) (Versione: 2.2.14 - Cisco Systems, Inc.) Nascosto
Modulo Cisco LEAP (HKLM-x32 \ ... \ (51C7AD07-C3F6-4635-8E8A-231306D810FE)) (Versione: 1.0.19 - Cisco Systems, Inc.) Nascosto
Modulo Cisco PEAP (HKLM-x32 \ ... \ (ED5776D5-59B4-46B7-AF81-5F2D94D7C640)) (Versione: 1.1.6 - Cisco Systems, Inc.) Nascosto
Dell Backup & Recovery - Software di supporto (HKLM-x32 \ ... \ (A9668246-FB70-4103-A1E3-66C9BC2EFB49)) (Versione: 1.6.2.0 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32 \ ... \ (0ED7EE95-6A97-47AA-AD73-152C08A15B04)) (Versione: 1.6.2.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32 \ ... \ (693A23FB-F28B-4F7A-A720-4C1263F97F43)) (Versione: 3.1.1002.0 - Prodotti Dell, LP)
Dell Edoc Viewer (HKLM \ ... \ {8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Sürüm: 1.0.0 - Dell Inc)
Dell Touchpad (HKLM \ ... \ SynTPDeinstKey) (Versione: 17.0.14.0 - Synaptics Incorporated)
Dell Webcam Central (HKLM-x32 \ ... \ Dell Webcam Central) (Sürüm: 2.01.15 - Creative Technology Ltd)
Dropbox (HKLM-x32 \ ... \ Dropbox) (Sürüm: 61.4.95 - Dropbox, Inc.)
Assistente aggiornamento Dropbox (HKLM-x32 \ ... \ (099218A5-A723-43DC-8DB5-6173656A1E94)) (Versione: 1.3.141.1 - Dropbox, Inc.) Nascosto
DSC / AA Factory Setup Program (HKLM \ ... \ (F7A70D00-F283-45C8-B163-49EC365D7E27)) (Versione: 3.4.6299.48 - PC-Doctor, Inc.) Riservato
DW WLAN Card Utility (HKLM \ ... \ DW WLAN Card Utility) (Versione: 6.30.223.99 - Dell Inc.)
Componente aggiuntivo di Google Talk (HKLM-x32 \ ... \ (F9B579C2-D854-300A-BE62-A09EB9D722E4)) (Versione: 5.41.3.0 - Google)
Intel (R) Management Engine Components (HKLM-x32 \ ... \ (65153EA5-8B6E-43B6-857B-C6E4FC25798A)) (Versione: 9.5.3.1520 - Intel Corporation)
Intel (R) Processor Graphics (HKLM-x32 \ ... \ (F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA)) (Versione: 10.18.10.3345 - Intel Corporation)
Intel (R) Rapid Storage Technology (HKLM \ ... \ (409CB30E-E457-4008-9B1A-ED1B9EA21140)) (Versione: 12.8.2.1000 - Intel Corporation)
Driver controller host espandibile USB 3.0 Intel (R) (HKLM-x32 \ ... \ (240C3DDD-C5E9-4029-9DF7-95650D040CF2)) (Versione: 2.5.1.28 - Intel Corporation)
Java 7 Update 67 (HKLM-x32 \ ... \ (26A24AE4-039D-4CA4-87B4-2F03217067FF)) (Versione: 7.0.670 - Oracle)
Microsoft .NET Framework 4.7.2 (HKLM \ ... \ {92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Sürüm: 4.7.03062 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32 \ ... \ Office14.SingleImage) (Versione: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM \ ... \ Microsoft Security Client) (Sürüm: 4.10.209.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM \ ... \ {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Sürüm: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C ++ 2005 Redistributable (x64) (HKLM \ ... \ (071c9b48-7c32-4621-a0ac-3f809523288f)) (Versione: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C ++ 2005 Redistributable (x64) (HKLM \ ... \ (ad8a2fa1-06e7-4b0d-927d-6e54b3d31028)) (Versione: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C ++ 2008 Redistributable - x64 9.0.30729.17 (HKLM \ ... \ (8220EEFE-38CD-377E-8595-13398D740ACE)) (Versione: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C ++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM \ ... \ (5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4)) (Versione: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C ++ 2010 x64 Redistributable - 10.0.40219 (HKLM \ ... \ (1D8E6291-B0D5-35EC-8441-6616F567A0F7)) (Versione: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C ++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32 \ ... \ (F0C3E5D1-1ADE-321E-8167-68EF0DE699A5)) (Versione: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C ++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32 \ ... \ (050d4fc8-5d48-4b8f-8972-47c82c46020f)) (Versione: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C ++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32 \ ... \ (f65db027-aff3-4070-886a-0d87064aabb1)) (Versione: 12.0.30501.0 - Microsoft Corporation)
Strumenti di Microsoft Visual Studio 2010 per Office Runtime (x64) (HKLM \ ... \ Microsoft Visual Studio 2010 Tools per Office Runtime (x64)) (Versione: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 63.0.1 (x64 tr-ABD) (HKLM \ ... \ Mozilla Firefox 63.0.1 (x64 tr-ABD)) (Sürüm: 63.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32 \ ... \ MozillaMaintenanceService) (Versione: 63.0.1.6877 - Mozilla)
Music Toolbar (HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 \ ... \ Music Toolbar) (Versione: 5.0.0.13124 - iMesh Inc) <==== DİKKAT
My Dell (HKLM \ ... \ PC-Doctor per Windows) (Versione: 3.4.6299.48 - PC-Doctor, Inc.)
Project64 1.6 (HKLM-x32 \ ... \ (9559F7CA-5E34-4237-A2D9-D856464AD727)) (Versione: 1.6 - Project64)
Quickset64 (HKLM \ ... \ {87CF757E-C1F1-4D22-865C-00C6950B5258}) (Sürüm: 10.16.002 - Dell Inc.)
Driver audio ad alta definizione Realtek (HKLM-x32 \ ... \ (F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Versione: 6.0.1.7023 - Realtek Semiconductor Corp.)
Cerca nel Web (Yahoo) (HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 \ ... \ (95ED7D2D-C56D-ACAD-74ED-DC2DA46D0FAD)) (Versione: -) <=== = DİKKAT
Service Pack 2 per Microsoft Office 2010 (KB2687455) versione a 32 bit (HKLM-x32 \ ... \ {90140000-003D-0000-0000-0000000FF1CE) _Office14.SingleImage_ (DE28B448-32E8-4E8F-84F0-A52B21A49B5B) : - Microsoft)
Runtime per C x64 condiviso (HKLM \ ... \ (EF79C448-6946-4D71-8134-03407888C054)) (Versione: 10.0.0 - McAfee)
Steam (HKLM-x32 \ ... \ Steam) (Sürüm: 2.10.91.91 - Valve Corporation)
TeamViewer 9 (HKLM-x32 \ ... \ TeamViewer 9) (Versione: 9.0.27614 - TeamViewer)
VLC media player (HKLM-x32 \ ... \ VLC media player) (Versione: 2.2.8 - VideoLAN)
Software Bluetooth WIDCOMM (HKLM \ ... \ (A1439D4F-FD46-47F2-A1D3-FEE097C29A09)) (Versione: 6.5.1.4700 - Broadcom Corporation)
WSE Rocket (HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 \ ... \ WSE Rocket) (Versione: - WSE Rocket) <==== DİKKAT
WSE_Astromenda (HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 \ ... \ WSE_Astromenda) (Versione: - WSE_Astromenda) <==== DİKKAT

==================== CLSID personalizzato (White List): ======================= = ==

(Se una voce viene aggiunta all'elenco delle correzioni, viene rimossa dal registro. Il file non verrà spostato a meno che non sia elencato separatamente).

CustomCLSID: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001_Classes \ CLSID \ (0F22A205-CFB0-4679-8499-A6F44A80A208) \ InprocServer32 -> C: \ Users \ Tom \ AppData \ Local \ Google \ Aggiorna \ 1.3.25.5 \ psuser_64.dll => Nessun file
CustomCLSID: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001_Classes \ CLSID \ (1423F872-3F7F-4E57-B621-8B1A9D49B448) \ InprocServer32 -> C: \ Users \ Tom \ AppData \ Local \ Google Update \ 1.3.27.5 \ psuser_64.dll => Nessun file
CustomCLSID: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001_Classes \ CLSID \ {144DF3B2-2402-47AE-9583-5A045929A8D4) \ InprocServer32 -> C: \ Users \ Tom \ AppData \ Local \ Google \ Aggiorna \ 1.3.33.5 \ psuser_64.dll => Nessun file
CustomCLSID: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001_Classes \ CLSID \ (474597C5-AB09-49d6-A4D5-2E8D7341384E) \ InprocServer32 -> C: \ Users \ Tom \ AppData \ Local \ Music Vehicle Bar \ Datamngr \ x64 \ IEBHO.dll (iMesh Inc)
CustomCLSID: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001_Classes \ CLSID \ (590C4387-5EBD-4D46-8A84-CD0BA2EF2856) \ InprocServer32 -> C: \ Users \ Tom \ AppData \ Local \ Google \ Aggiorna \ 1.3.30.3 \ psuser_64.dll => Nessun file
CustomCLSID: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001_Classes \ CLSID \ {59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4) \ InprocServer32 -> C: \ Users \ Tom \ AppData \ Local \ Google \ Aggiorna \ 1.3.31.5 \ psuser_64.dll => Nessun file
CustomCLSID: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001_Classes \ CLSID \ (5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E) \ InprocServer32 -> C: \ Users \ Tom \ AppData \ Local \ Google \ Aggiorna \ 1.3.28.1 \ psuser_64.dll => Nessun file
CustomCLSID: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001_Classes \ CLSID \ (78550997-5DEF-4A8A-BAF9-D5774E87AC98) \ InprocServer32 -> C: \ Users \ Tom \ AppData \ Local \ Google \ Aggiorna \ 1.3.28.13 \ psuser_64.dll => Nessun file
CustomCLSID: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001_Classes \ CLSID \ (793EE463-1304-471C-ADF1-68C2FFB01247) \ InprocServer32 -> C: \ Users \ Tom \ AppData \ Local \ Google \ Aggiorna \ 1.3.29.5 \ psuser_64.dll => Nessun file
CustomCLSID: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001_Classes \ CLSID \ (8C46158B-D978-483C-A312-16EE5013BE04) \ InprocServer32 -> C: \ Users \ Tom \ AppData \ Local \ Google \ Aggiorna \ 1.3.33.3 \ psuser_64.dll => Nessun file
CustomCLSID: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001_Classes \ CLSID \ {90B3DFBF-AF6A-4EA0-8899-F332194690F8) \ InprocServer32 -> C: \ Users \ Tom \ AppData \ Local \ Google \ Aggiorna \ 1.3.24.15 \ psuser_64.dll => Nessun file
CustomCLSID: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001_Classes \ CLSID \ {91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8) \ InprocServer32 -> C: \ Users \ Tom \ AppData \ Local \ Google \ Aggiorna \ 1.3.33.7 \ psuser_64.dll => Nessun file
ÖzelCLSID: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001_Classes \ CLSID \ {950F80EF-32C2-47dd-9C35-9576E21EE66E} \ InprocServer32 -> C: \ Kullanıcılar \ Tom \ AppData \ Local \ Music Araç Çubuğu \ Datamngr \ x64 \ IEBHO.dll (iMesh Inc)
CustomCLSID: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001_Classes \ CLSID \ {C3BC25C0-FCD3-4F01-AFDD-41373F017C9A} \ InprocServer32 -> C: \ Users \ Tom \ AppData \ Local \ Google \ Aggiorna \ 1.3.26.9 \ psuser_64.dll => Nessun file
CustomCLSID: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001_Classes \ CLSID \ (CB492AF1-2CEF-4E58-BE47-471C77D0C8BA) \ InprocServer32 -> C: \ Users \ Tom \ AppData \ Local \ Google \ Aggiorna \ 1.3.32.7 \ psuser_64.dll => Nessun file
CustomCLSID: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001_Classes \ CLSID \ {CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2) \ InprocServer32 -> C: \ Users \ Tom \ AppData \ Local \ Google \ Google Update \ 1.3.29.1 \ psuser_64.dll => Nessun file
CustomCLSID: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001_Classes \ CLSID \ {D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9} \ InprocServer32 -> C: \ Users \ Tom \ AppData \ Local \ Google \ Aggiorna \ 1.3.25.11 \ psuser_64.dll => Nessun file
CustomCLSID: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001_Classes \ CLSID \ {D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF} \ InprocServer32 -> C: \ Users \ Tom \ AppData \ Local \ Google \ Aggiorna \ 1.3.28.15 \ psuser_64.dll => Nessun file
CustomCLSID: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001_Classes \ CLSID \ (E8CF3E55-F919-49D9-ABC0-948E6CB34B9F) \ InprocServer32 -> C: \ Users \ Tom \ AppData \ Local \ Google Aggiorna \ 1.3.33.17 \ psuser_64.dll (Google Inc.)
CustomCLSID: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001_Classes \ CLSID \ {EA724FD3-844D-43A9-A8C9-A5BC35FC20E4} \ InprocServer32 -> C: \ Users \ Tom \ AppData \ Local \ Google \ Aggiorna \ 1.3.33.17 \ psuser_64.dll (Google Inc.)
ShellIconOverlayIdentifiers: [DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc. )
ShellIconOverlayIdentifiers: [DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc. )
ShellIconOverlayIdentifiers: [DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc. )
ShellIconOverlayIdentifiers: [DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc. )
ShellIconOverlayIdentifiers: [DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc. )
ShellIconOverlayIdentifiers: [DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc. )
ShellIconOverlayIdentifiers: [DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc. )
ShellIconOverlayIdentifiers: [DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc. )
ShellIconOverlayIdentifiers: [DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc. )
ShellIconOverlayIdentifiers: [DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc. )
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C: \ Windows \ system32 \ mscoree.dll [2010-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C: \ Windows \ system32 \ mscoree.dll [2010-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, COME.)
ShellIconOverlayIdentifiers-x32: [DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, COME.)
ShellIconOverlayIdentifiers-x32: [DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, COME.)
ShellIconOverlayIdentifiers-x32: [DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, COME.)
ShellIconOverlayIdentifiers-x32: [DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, COME.)
ShellIconOverlayIdentifiers-x32: [DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, COME.)
ShellIconOverlayIdentifiers-x32: [DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, COME.)
ShellIconOverlayIdentifiers-x32: [DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, COME.)
ShellIconOverlayIdentifiers-x32: [DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, COME.)
ShellIconOverlayIdentifiers-x32: [DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, COME.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc. )
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c: \ Program Files \ Microsoft Security Client \ shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c: \ Program Files \ Microsoft Security Client \ shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc. )
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c: \ Program Files \ Microsoft Security Client \ shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc. )
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C: \ Windows \ system32 \ igfxpph.dll [2013-10-29] (Intel Corporation)

==================== Attività pianificate (Whitelist) =============

(Se una voce viene aggiunta all'elenco delle correzioni, viene rimossa dal registro. Il file non verrà spostato a meno che non sia elencato separatamente).

Görev: {02AB6F9B-82CE-4409-8678-75AA34EC0973} - System32 \ Tasks \ {58F8473A-A6D6-EB55-AF4D-772F0358E8D9} => C: \ Kullanıcılar \ Tom \ SYNData \ Roaming \ PIKEME ~ 1 \. EXE <==== DİKKAT
Attività: {0E6B3003-951A-435A-A939-BCDEF564D473} - System32 \ Tasks \ Java Update Scheduler => C: \ Program Files (x86) \ Common Files \ Java \ Java Update \ jusched.exe [2014-07-25] (Oracle Corporation)
Görev: {17886A65-77F3-4EEC-BD1A-87D3D3458CA0} - System32 \ Tasks \ PCDEventLauncherTask => C: \ Program Dosyaları \ Dell'im \ sessionchecker.exe [2013-08-22] (PC-Doctor, Inc.)
Attività: {2D486324-0478-4AE1-9F79-D2A0BFCF14C7} - System32 \ Tasks \ Adobe Acrobat Update Task => C: \ Program Files (x86) \ Common Files \ Adobe \ ARM \ 1.0 \ AdobeARM.exe (2018-08- 14) (Adobe Systems Incorporated)
Görev: {39704C63-3C1D-4176-9E07-8F397BEB84DB} - System32 \ Tasks \ Update_Task => C: \ Kullanıcılar \ Tom \ AppData \ Local \ {A81F9 ~ 1 \ UNINST ~ 1.EXE
Görev: {3D8376FB-8793-4225-8A71-BC9FC779BF7E} - System32 \ Tasks \ DropboxUpdateTaskMachineCore => C: \ Program Dosyaları (x86) \ Dropbox \ Update \ DropboxUpdate.exe [2018-11-09] (Dropbox, Inc.)
Görev: {47CDA36C-65C2-475C-A144-98F5C43A7050} - System32 \ Tasks \ {082BE67B-F24C-41EE-B5EB-5404A560143B} => "C: \ Program Dosyaları \ Internet Explorer \ iexplore.exe" hxxp: // ui .skype.com / ui / 0 / 7.28.80.101 / tr / Discendinstall? page = tsProgressBar
Görev: {4B68C9F8-FDBE-4BE7-80CF-9FDB716CF3AE} - System32 \ Tasks \ Adobe Flash Player NPAPI Notifier => C: \ Windows \ SysWOW64 \ Macromed \ Flash \ FlashUtil32_31_0_0_122_Plugin.exe [2018-10] )
Görev: {5CF5DDD9-228D-470E-AED6-7AB4E149A93E} - System32 \ Tasks \ GoogleUpdateTaskUserS-1-5-21-252852572-1064671646-1800406956-1001UA => C: \ Kullanıcılar \ Tom \ AppData \ Local \ Google \ Update GoogleUpdate.exe [2015-08-29] (Google Inc.)
Görev: {61C6DC98-FDBF-4CA4-9ECF-60616D9A4860} - System32 \ Tasks \ {4B63B3D9-A905-B81E-883E-3B544CC01479} => C: \ Kullanıcılar \ Tom \ AppData \ Roaming \ {4CE .77 ~ 1 \ PRODUC. EXE [2013-04-20] () <==== DİKKAT
Görev: {75C5217E-5C4A-4046-8DD6-04415D196FA5} - System32 \ Tasks \ DropboxUpdateTaskMachineUA => C: \ Program Dosyaları (x86) \ Dropbox \ Update \ DropboxUpdate.exe [2018-11-09] (Dropbox, Inc.)
Görev: {7EDADB3B-6ABD-4C79-8031-64F8032981B1} - System32 \ Tasks \ SystemToolsDailyTest => uaclauncher.exe
Görev: {92AC19ED-D99B-4E3A-9547-E2F2BE1CAC36} - System32 \ Tasks \ {1B7B29A5-081A-DBB0-79E4-101AD15B16AA} => C: \ Kullanıcılar \ Tom \ AppData \ Roaming \ {4CE 177 .EXE [2013-04-20] () <==== DİKKAT
Attività: {92FF0488-6419-4AAA-97B0-0440FE25C508} - \ TomBuckeroosCoprologyV2 -> Nessun file <==== DİKKAT
Görev: {A0F206CD-B876-4358-9974-9D1045714D22} - System32 \ Tasks \ Adobe Flash Player Güncelleyici => C: \ Windows \ SysWOW64 \ Macromed \ Flash \ FlashPlayerUpdateService.exe [2018-10-10] (Adobe Systems Incorporated)
Görev: {BFECFC0B-D18C-4346-B46C-B5A5B9552C03} - System32 \ Tasks \ PCDoctorBackgroundMonitorTask => C: \ Program Dosyaları \ Dell'im \ uaclauncher.exe [2013-08-22] (PC-Doctor, Inc.)
Görev: {C92613EA-527A-4A46-BC55-10944A4BBB82} - System32 \ Tasks \ {2854433C-02E7-46A0-A7C9-D5FC3A79EB74} => "c: \ program dosyaları (x86) \ mozilla firefox \ fire.exe" hxxp: //ui.skype.com/ui/0/6.14.0.104/en/abandoninstall?source=lightinstaller&page=tsInstall
Attività: {D6251BC2-85C0-49C8-85B9-BD0411C524F2} - System32 \ Tasks \ Microsoft \ Microsoft Anti-Malware \ Microsoft Anti-Malware Scheduled Scan => c: \ Program Files \ Microsoft Security Client \ MpCmdRun.exe [2016-11 -14) (azienda Microsoft)
Görev: {E0AA19FA-FC2A-450F-9E46-F52CAC741C2C} - System32 \ Tasks \ RumbleTwistingsV2 => rundll32.exe SophisticsClomp.dll, ana 7 1 <==== DİKKAT
Görev: {FC301D41-C78C-4BF2-BF31-7F60DCFE22DE} - System32 \ Tasks \ GoogleUpdateTaskUserS-1-5-21-252852572-1064671646-1800406956-1001Core => C: \ Kullanıcılar \ Tom \ AppData \ Local \ Google \ Update \ GoogleUpdate.exe [2015-08-29] (Google Inc.)

(Se viene aggiunta una voce all'elenco delle correzioni, il file dell'attività (.job) verrà spostato. Il file eseguito dall'attività non verrà spostato.)

Attività: C: \ Windows \ Tasks \ DropboxUpdateTaskMachineCore.job => C: \ Program Files (x86) \ Dropbox \ Update \ DropboxUpdate.exe
Attività: C: \ Windows \ Tasks \ DropboxUpdateTaskMachineUA.job => C: \ Programmi (x86) \ Dropbox \ Update \ DropboxUpdate.exe
Attività: C: \ Windows \ Tasks \ Update_Task.job => C: \ Users \ Tom \ AppData \ Local \ {A81F9 ~ 1 \ UNINST ~ 1.EXE
Attività: C: \ Windows \ Tasks \ {1B7B29A5-081A-DBB0-79E4-101AD15B16AA} .job => C: \ Users \ Tom \ AppData \ Roaming \ {4CE77 ~ 1 \ PRODUC ~ 1.EXE <==== DİKKAT
Attività: C: \ Windows \ Tasks \ {4B63B3D9-A905-B81E-883E-3B544CC01479} .job => C: \ Users \ Tom \ AppData \ Roaming \ {4CE77 ~ 1 \ PRODUC ~ 1.EXE <==== DİKKAT
Attività: C: \ Windows \ Tasks \ {58F8473A-A6D6-EB55-AF4D-772F0358E8D9} .job => C: \ Users \ Tom \ AppData \ Roaming \ PIKEME ~ 1 \ SYNCVE ~ 1.EXE <==== DİKKAT

==================== Scorciatoie e WMI ========================

(Le voci possono essere elencate per il ripristino o la rimozione.)

WMI: subscription \ __ FilterToConsumerBinding-> CommandLineEventConsumer.Name = \ "BVTConsumer \" "Filter =" __ EventFilter.Name = \ "BVTFilter \":
WMI: iscrizione \ __ EventFilter-> BVTFilter:
WMI: subscription \ CommandLineEventConsumer-> BVTConsumer:

==================== Moduli installati (whitelist) ==============

2014-08-14 19:38 - 2013-05-15 01:50 - 000140936 _____ () C: \ Programmi (x86) \ Canon \ IJPLM \ IJPLMSVC.EXE
15/07/2014 19:08 - 25/06/2014 21:24 - 000743960 _____ () C: \ Users \ Tom \ AppData \ Local \ Music Toolbar \ Datamngr \ x64 \ apcrtldr.dll
08/08/2014 13:38 - 08/08/2014 13:38 - 001173504 _____ () C: \ Users \ Tom \ AppData \ Local \ WSE_Astromenda \ BRS \ brs.exe
2018-09-01 09:09 - 2018-10-31 01:06 - 001057056 _____ () C: \ Programmi (x86) \ Steam \ bin \ cef \ cef.win7x64 \ SDL2.dll
01/09/2018 09:09 - 23/09/2018 07:00 - 102804768 _____ () C: \ Programmi (x86) \ Steam \ bin \ cef \ cef.win7x64 \ libcef.dll
01/09/2018 09:09 - 23/09/2018 07:00 - 004866336 _____ () C: \ Programmi (x86) \ Steam \ bin \ cef \ cef.win7x64 \ libglesv2.dll
01/09/2018 09:09 - 23/09/2018 07:00 - 000116000 _____ () C: \ Programmi (x86) \ Steam \ bin \ cef \ cef.win7x64 \ libegl.dll
14/03/2014 09:25 - 22/11/2013 05:22 - 000484880 _____ () C: \ Programmi (x86) \ Dell Backup & Recovery \ Components \ Shell \ DBRCrawler.exe
15/07/2014 19:08 - 25/06/2014 21:24 - 000548888 _____ () C: \ Users \ Tom \ AppData \ Local \ Music Toolbar \ Datamngr \ apcrtldr.dll
2017-04-16 13:14 - 2018-10-31 01:06 - 000879904 _____ () C: \ Programmi (x86) \ Steam \ SDL2.dll
2017-04-16 13:14 - 2016-09-01 08:02 - 004969248 _____ () C: \ Programmi (x86) \ Steam \ v8.dll
16-04-2017 13:14 - 01/09/2016 08:02 - 001563936 _____ () C: \ Programmi (x86) \ Steam \ icui18n.dll
16/04/2017 13:14 - 01/09/2016 08:02 - 001195296 _____ () C: \ Programmi (x86) \ Steam \ icuuc.dll
2017-04-16 13:14 - 2018-11-09 02:02 - 002649376 _____ () C: \ Programmi (x86) \ Steam \ video.dll
15-12-2017 09:45 - 20-12-2017 08:43 - 005137696 _____ () C: \ Programmi (x86) \ Steam \ libavcodec-57.dll
15-12-2017 09:45 - 20-12-2017 08:43 - 000847136 _____ () C: \ Programmi (x86) \ Steam \ libavutil-55.dll
15-12-2017 09:45 - 20-12-2017 08:43 - 000695584 _____ () C: \ Programmi (x86) \ Steam \ libavformat-57.dll
15-12-2017 09:45 - 20-12-2017 08:43 - 000351520 _____ () C: \ Programmi (x86) \ Steam \ libavresample-3.dll
15-12-2017 09:45 - 20-12-2017 08:43 - 000783648 _____ () C: \ Programmi (x86) \ Steam \ libswscale-4.dll
16-04-2017 13:14 - 09-11-2018 02:02 - 001028384 _____ () C: \ Programmi (x86) \ Steam \ bin \ chromehtml.DLL
2017-04-16 13:14 - 2016-07-05 05:17 - 000266560 _____ () C: \ Programmi (x86) \ Steam \ openvr_api.dll
2014-03-14 09:11 - 2013-06-01 19:31 - 001199576 _____ () C: \ Programmi (x86) \ Intel \ Intel (R) Management Engine Components \ LMS \ ACE.dll
09/11/2018 18:07 - 06/11/2018 20:06 - 001141064 _____ () C: \ Program Dosyaları (x86) \ Dropbox \ Client \ dropbox_watchdog.dll
09/11/2018 18:07 - 06/11/2018 20:06 - 002103112 _____ () C: \ Program Dosyaları (x86) \ Dropbox \ Client \ dropbox_crashpad.dll
09-11-2018 18:07 - 06-11-2018 20:09 - 000023376 _____ () C: \ Program Dosyaları (x86) \ Dropbox \ Client \ tornado.speedups.cp35-win32.pyd
09-11-2018 18:07 - 06-11-2018 20:08 - 000025456 _____ () C: \ Program Dosyaları (x86) \ Dropbox \ Client \ cryptography.hazmat.bindings._constant_time.cp35-win32.pyd
09/11/2018 18:07 - 06/11/2018 20:06 - 000142312 _____ () C: \ Programmi (x86) \ Dropbox \ Client \ _cffi_backend.cp35-win32.pyd
09-11-2018 18:07 - 06-11-2018 20:08 - 001953640 _____ () C: \ Program Dosyaları (x86) \ Dropbox \ Client \ cryptography.hazmat.bindings._openssl.cp35-win32.pyd
09-11-2018 18:07 - 06-11-2018 20:08 - 000025960 _____ () C: \ Program Dosyaları (x86) \ Dropbox \ Client \ cryptography.hazmat.bindings._padding.cp35-win32.pyd
09/11/2018 18:07 - 06/11/2018 20:06 - 000118232 _____ () C: \ Programmi (x86) \ Dropbox \ Client \ pywintypes35.dll
09/11/2018 18:07 - 06/11/2018 20:06 - 000109024 _____ () C: \ Programmi (x86) \ Dropbox \ Client \ win32api.cp35-win32.pyd
09/11/2018 18:07 - 06/11/2018 20:08 - 000083784 _____ () C: \ Program Dosyaları (x86) \ Dropbox \ Client \ fastpath.cp35-win32.pyd
09/11/2018 18:07 - 06/11/2018 20:06 - 000418776 _____ () C: \ Programmi (x86) \ Dropbox \ Client \ pythoncom35.dll
2018-11-09 18:07 - 2018-11-06 20:08 - 000074072 _____ () C: \ Programmi (x86) \ Dropbox \ Client \ psutil._psutil_windows.cp35-win32.pyd
09/11/2018 18:07 - 06/11/2018 20:06 - 000027616 _____ () C: \ Programmi (x86) \ Dropbox \ Client \ win32event.cp35-win32.pyd
09/11/2018 18:07 - 06/11/2018 20:06 - 000049128 _____ () C: \ Program Dosyaları (x86) \ Dropbox \ Client \ win32process.cp35-win32.pyd
09/11/2018 18:07 - 06/11/2018 20:06 - 000026600 _____ () C: \ Programmi (x86) \ Dropbox \ Client \ win32clipboard.cp35-win32.pyd
09/11/2018 18:07 - 06/11/2018 20:06 - 000131552 _____ () C: \ Programmi (x86) \ Dropbox \ Client \ win32file.cp35-win32.pyd
09/11/2018 18:07 - 06/11/2018 20:06 - 000182752 _____ () C: \ Programmi (x86) \ Dropbox \ Client \ win32gui.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:06 - 000027616 _____ () C: \ Programmi (x86) \ Dropbox \ Client \ win32pipe.cp35-win32.pyd
09/11/2018 18:07 - 06/11/2018 20:06 - 000119272 _____ () C: \ Program Dosyaları (x86) \ Dropbox \ Client \ win32security.cp35-win32.pyd
09/11/2018 18:07 - 06/11/2018 20:09 - 000401752 _____ () C: \ Program Dosyaları (x86) \ Dropbox \ Client \ win32com.shell.shell.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:06 - 000028640 _____ () C: \ Programmi (x86) \ Dropbox \ Client \ win32job.cp35-win32.pyd
09-11-2018 18:07 - 06-11-2018 20:09 - 000034664 _____ () C: \ Program Dosyaları (x86) \ Dropbox \ Client \ winffi.kernel32.compiled._winffi_kernel32.cp35-win32.pyd
09-11-2018 18:07 - 06-11-2018 20:09 - 000061792 _____ () C: \ Program Dosyaları (x86) \ Dropbox \ Client \ winshell.compiled._winshell.cp35-win32.pyd
09/11/2018 18:07 - 06/11/2018 20:06 - 000023520 _____ () C: \ Programmi (x86) \ Dropbox \ Client \ mmapfile.cp35-win32.pyd
09/11/2018 18:07 - 06/11/2018 20:06 - 000053736 _____ () C: \ Programmi (x86) \ Dropbox \ Client \ win32service.cp35-win32.pyd
09/11/2018 18:07 - 06/11/2018 20:06 - 000065504 _____ () C: \ Programmi (x86) \ Dropbox \ Client \ win32evtlog.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:08 - 000025944 _____ () C: \ Program Dosyaları (x86) \ Dropbox \ Client \ cpuid.compiled._cpuid.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:09 - 000068968 _____ ()
M

malsaurus

Membro TS
  • #18
(Secondo tentativo di installazione aggiuntivo)
M

malsaurus

Membro TS
  • #19
Risultato della scansione aggiuntiva di Farbar Recovery Scan Tool (x64) Versione: 08.11.2018
Gestito da Tom (10-11-2018 12:20:41)
Esegui da C: \ Users \ Tom \ Downloads
Windows 7 Professional Service Pack 1 (X64) (2014-04-15 23:08:59)
Modalità di avvio: normale
==========================================================


==================== Account: ============================ =

Manager (S-1-5-21-252852572-1064671646-1800406956-500 - Manager - Disabilitato)
Ospite (S-1-5-21-252852572-1064671646-1800406956-501 - Limitato - Disabilitato)
Gruppo HomeUtente $ (S-1-5-21-252852572-1064671646-1800406956-1003 - Limitato - Attivo)
jl (S-1-5-21-252852572-1064671646-1800406956-1000 - Amministratore - Attivo) => C: \ Users \ jl
Tom (S-1-5-21-252852572-1064671646-1800406956-1001 - Amministratore - Attivo) => C: \ Users \ Tom

==================== Centro sicurezza PC ========================

(Se una voce viene aggiunta all'elenco delle correzioni, verrà rimossa.)

AV: Microsoft Security Essentials (Attivo - Attuale) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Attivo - Attuale) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (disabilitato - corrente) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programmi installati ======================

(Solo i programmi adware con il flag "Nascosto" possono essere aggiunti all'elenco delle correzioni per mostrarli. I programmi adware devono essere rimossi manualmente.)

Adobe Flash Player 31 ActiveX (HKLM-x32 \ ... \ Adobe Flash Player ActiveX) (Sürüm: 31.0.0.122 - Adobe Systems Incorporated)
Adobe Flash Player 31 NPAPI (HKLM-x32 \ ... \ Adobe Flash Player NPAPI) (Sürüm: 31.0.0.122 - Adobe Systems Incorporated)
Adobe Reader XI MUI (HKLM-x32 \ ... \ {AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Sürüm: 11.0.00 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.23) (HKLM-x32 \ ... \ {AC76BA86-7AD7-1033-7B44-AB0000000001}) (Sürüm: 11.0.23 - Adobe Systems Incorporated)
Advanced Sound FX Engine (HKLM-x32 \ ... \ Advanced Sound FX Engine) (Versione: 1.12.05 - Creative Technology Ltd)
Bing Bar (HKLM-x32 \ ... \ (16793295-2366-40F7-A045-A3E42A81365E)) (Versione: 7.1.362.0 - Microsoft Corporation)
Canon Easy-WebPrint EX (HKLM-x32 \ ... \ Easy-WebPrint EX) (Sürüm: 1.5.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32 \ ... \ Canon_IJ_Scan_Utility) (Versione: - Canon Inc.)
Canon Inkjet Printer / Scanner / Fax Extended Survey Program (HKLM-x32 \ ... \ CANONIJPLM100) (Versione: 4.1.0 - Canon Inc.)
MP Drivers Canon MX390 series (HKLM \ ... \ (1199FAD5-9546-44f3-81CF-FFDB8040B7BF) _Canon_MX390_series) (Versione: 1.00 - Canon Inc.)
Canon MX390 series Display Manual (HKLM-x32 \ ... \ Canon MX390 series Display Manual) (Versione: 7.6.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32 \ ... \ Canon My Image Garden) (Sürüm: 1.1.2 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32 \ ... \ Canon My Image Garden Design Files) (Versione: 1.0.1 - Canon Inc.)
My Canon Printer (HKLM-x32 \ ... \ CanonMyPrinter) (Versione: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32 \ ... \ CanonQuickMenu) (Versione: 2.1.0 - Canon Inc.)
Canon Speed ​​Dial Utility (HKLM-x32 \ ... \ Speed ​​Dial Utility) (Versione: 1.3.0 - Canon Inc.)
Chrome (HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 \ ... \ Chromium) (Versione: 45.0.2444.0 - Chrome)
Modulo Cisco EAP-FAST (HKLM-x32 \ ... \ (64BF0187-F3D2-498B-99EA-163AF9AE6EC9)) (Versione: 2.2.14 - Cisco Systems, Inc.) Nascosto
Modulo Cisco LEAP (HKLM-x32 \ ... \ (51C7AD07-C3F6-4635-8E8A-231306D810FE)) (Versione: 1.0.19 - Cisco Systems, Inc.) Nascosto
Modulo Cisco PEAP (HKLM-x32 \ ... \ (ED5776D5-59B4-46B7-AF81-5F2D94D7C640)) (Versione: 1.1.6 - Cisco Systems, Inc.) Nascosto
Dell Backup & Recovery - Software di supporto (HKLM-x32 \ ... \ (A9668246-FB70-4103-A1E3-66C9BC2EFB49)) (Versione: 1.6.2.0 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32 \ ... \ (0ED7EE95-6A97-47AA-AD73-152C08A15B04)) (Versione: 1.6.2.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32 \ ... \ (693A23FB-F28B-4F7A-A720-4C1263F97F43)) (Versione: 3.1.1002.0 - Prodotti Dell, LP)
Dell Edoc Viewer (HKLM \ ... \ {8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Sürüm: 1.0.0 - Dell Inc)
Dell Touchpad (HKLM \ ... \ SynTPDeinstKey) (Versione: 17.0.14.0 - Synaptics Incorporated)
Dell Webcam Central (HKLM-x32 \ ... \ Dell Webcam Central) (Sürüm: 2.01.15 - Creative Technology Ltd)
Dropbox (HKLM-x32 \ ... \ Dropbox) (Sürüm: 61.4.95 - Dropbox, Inc.)
Assistente aggiornamento Dropbox (HKLM-x32 \ ... \ (099218A5-A723-43DC-8DB5-6173656A1E94)) (Versione: 1.3.141.1 - Dropbox, Inc.) Nascosto
DSC / AA Factory Setup Program (HKLM \ ... \ (F7A70D00-F283-45C8-B163-49EC365D7E27)) (Versione: 3.4.6299.48 - PC-Doctor, Inc.) Riservato
DW WLAN Card Utility (HKLM \ ... \ DW WLAN Card Utility) (Versione: 6.30.223.99 - Dell Inc.)
Componente aggiuntivo di Google Talk (HKLM-x32 \ ... \ (F9B579C2-D854-300A-BE62-A09EB9D722E4)) (Versione: 5.41.3.0 - Google)
Intel (R) Management Engine Components (HKLM-x32 \ ... \ (65153EA5-8B6E-43B6-857B-C6E4FC25798A)) (Versione: 9.5.3.1520 - Intel Corporation)
Intel (R) Processor Graphics (HKLM-x32 \ ... \ (F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA)) (Versione: 10.18.10.3345 - Intel Corporation)
Intel (R) Rapid Storage Technology (HKLM \ ... \ (409CB30E-E457-4008-9B1A-ED1B9EA21140)) (Versione: 12.8.2.1000 - Intel Corporation)
Driver controller host espandibile USB 3.0 Intel (R) (HKLM-x32 \ ... \ (240C3DDD-C5E9-4029-9DF7-95650D040CF2)) (Versione: 2.5.1.28 - Intel Corporation)
Java 7 Update 67 (HKLM-x32 \ ... \ (26A24AE4-039D-4CA4-87B4-2F03217067FF)) (Versione: 7.0.670 - Oracle)
Microsoft .NET Framework 4.7.2 (HKLM \ ... \ {92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Sürüm: 4.7.03062 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32 \ ... \ Office14.SingleImage) (Versione: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM \ ... \ Microsoft Security Client) (Sürüm: 4.10.209.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM \ ... \ {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Sürüm: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C ++ 2005 Redistributable (x64) (HKLM \ ... \ (071c9b48-7c32-4621-a0ac-3f809523288f)) (Versione: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C ++ 2005 Redistributable (x64) (HKLM \ ... \ (ad8a2fa1-06e7-4b0d-927d-6e54b3d31028)) (Versione: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C ++ 2008 Redistributable - x64 9.0.30729.17 (HKLM \ ... \ (8220EEFE-38CD-377E-8595-13398D740ACE)) (Versione: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C ++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM \ ... \ (5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4)) (Versione: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C ++ 2010 x64 Redistributable - 10.0.40219 (HKLM \ ... \ (1D8E6291-B0D5-35EC-8441-6616F567A0F7)) (Versione: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C ++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32 \ ... \ (F0C3E5D1-1ADE-321E-8167-68EF0DE699A5)) (Versione: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C ++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32 \ ... \ (050d4fc8-5d48-4b8f-8972-47c82c46020f)) (Versione: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C ++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32 \ ... \ (f65db027-aff3-4070-886a-0d87064aabb1)) (Versione: 12.0.30501.0 - Microsoft Corporation)
Strumenti di Microsoft Visual Studio 2010 per Office Runtime (x64) (HKLM \ ... \ Microsoft Visual Studio 2010 Tools per Office Runtime (x64)) (Versione: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 63.0.1 (x64 tr-ABD) (HKLM \ ... \ Mozilla Firefox 63.0.1 (x64 tr-ABD)) (Sürüm: 63.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32 \ ... \ MozillaMaintenanceService) (Versione: 63.0.1.6877 - Mozilla)
Music Toolbar (HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 \ ... \ Music Toolbar) (Versione: 5.0.0.13124 - iMesh Inc) <==== DİKKAT
My Dell (HKLM \ ... \ PC-Doctor per Windows) (Versione: 3.4.6299.48 - PC-Doctor, Inc.)
Project64 1.6 (HKLM-x32 \ ... \ (9559F7CA-5E34-4237-A2D9-D856464AD727)) (Versione: 1.6 - Project64)
Quickset64 (HKLM \ ... \ {87CF757E-C1F1-4D22-865C-00C6950B5258}) (Sürüm: 10.16.002 - Dell Inc.)
Driver audio ad alta definizione Realtek (HKLM-x32 \ ... \ (F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Versione: 6.0.1.7023 - Realtek Semiconductor Corp.)
Cerca nel Web (Yahoo) (HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 \ ... \ (95ED7D2D-C56D-ACAD-74ED-DC2DA46D0FAD)) (Versione: -) <=== = DİKKAT
Service Pack 2 per Microsoft Office 2010 (KB2687455) versione a 32 bit (HKLM-x32 \ ... \ {90140000-003D-0000-0000-0000000FF1CE) _Office14.SingleImage_ (DE28B448-32E8-4E8F-84F0-A52B21A49B5B) : - Microsoft)
Runtime per C x64 condiviso (HKLM \ ... \ (EF79C448-6946-4D71-8134-03407888C054)) (Versione: 10.0.0 - McAfee)
Steam (HKLM-x32 \ ... \ Steam) (Sürüm: 2.10.91.91 - Valve Corporation)
TeamViewer 9 (HKLM-x32 \ ... \ TeamViewer 9) (Versione: 9.0.27614 - TeamViewer)
VLC media player (HKLM-x32 \ ... \ VLC media player) (Versione: 2.2.8 - VideoLAN)
Software Bluetooth WIDCOMM (HKLM \ ... \ (A1439D4F-FD46-47F2-A1D3-FEE097C29A09)) (Versione: 6.5.1.4700 - Broadcom Corporation)
WSE Rocket (HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 \ ... \ WSE Rocket) (Versione: - WSE Rocket) <==== DİKKAT
WSE_Astromenda (HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 \ ... \ WSE_Astromenda) (Versione: - WSE_Astromenda) <==== DİKKAT

==================== CLSID personalizzato (White List): ======================= = ==

(Se una voce viene aggiunta all'elenco delle correzioni, viene rimossa dal registro. Il file non verrà spostato a meno che non sia elencato separatamente).

CustomCLSID: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001_Classes \ CLSID \ (0F22A205-CFB0-4679-8499-A6F44A80A208) \ InprocServer32 -> C: \ Users \ Tom \ AppData \ Local \ Google \ Aggiorna \ 1.3.25.5 \ psuser_64.dll => Nessun file
CustomCLSID: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001_Classes \ CLSID \ (1423F872-3F7F-4E57-B621-8B1A9D49B448) \ InprocServer32 -> C: \ Users \ Tom \ AppData \ Local \ Google Update \ 1.3.27.5 \ psuser_64.dll => Nessun file
CustomCLSID: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001_Classes \ CLSID \ {144DF3B2-2402-47AE-9583-5A045929A8D4) \ InprocServer32 -> C: \ Users \ Tom \ AppData \ Local \ Google \ Aggiorna \ 1.3.33.5 \ psuser_64.dll => Nessun file
CustomCLSID: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001_Classes \ CLSID \ (474597C5-AB09-49d6-A4D5-2E8D7341384E) \ InprocServer32 -> C: \ Users \ Tom \ AppData \ Local \ Music Vehicle Bar \ Datamngr \ x64 \ IEBHO.dll (iMesh Inc)
CustomCLSID: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001_Classes \ CLSID \ (590C4387-5EBD-4D46-8A84-CD0BA2EF2856) \ InprocServer32 -> C: \ Users \ Tom \ AppData \ Local \ Google \ Aggiorna \ 1.3.30.3 \ psuser_64.dll => Nessun file
CustomCLSID: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001_Classes \ CLSID \ {59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4) \ InprocServer32 -> C: \ Users \ Tom \ AppData \ Local \ Google \ Aggiorna \ 1.3.31.5 \ psuser_64.dll => Nessun file
CustomCLSID: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001_Classes \ CLSID \ (5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E) \ InprocServer32 -> C: \ Users \ Tom \ AppData \ Local \ Google \ Aggiorna \ 1.3.28.1 \ psuser_64.dll => Nessun file
CustomCLSID: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001_Classes \ CLSID \ (78550997-5DEF-4A8A-BAF9-D5774E87AC98) \ InprocServer32 -> C: \ Users \ Tom \ AppData \ Local \ Google \ Aggiorna \ 1.3.28.13 \ psuser_64.dll => Nessun file
CustomCLSID: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001_Classes \ CLSID \ (793EE463-1304-471C-ADF1-68C2FFB01247) \ InprocServer32 -> C: \ Users \ Tom \ AppData \ Local \ Google \ Aggiorna \ 1.3.29.5 \ psuser_64.dll => Nessun file
CustomCLSID: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001_Classes \ CLSID \ (8C46158B-D978-483C-A312-16EE5013BE04) \ InprocServer32 -> C: \ Users \ Tom \ AppData \ Local \ Google \ Aggiorna \ 1.3.33.3 \ psuser_64.dll => Nessun file
CustomCLSID: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001_Classes \ CLSID \ {90B3DFBF-AF6A-4EA0-8899-F332194690F8) \ InprocServer32 -> C: \ Users \ Tom \ AppData \ Local \ Google \ Aggiorna \ 1.3.24.15 \ psuser_64.dll => Nessun file
CustomCLSID: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001_Classes \ CLSID \ {91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8) \ InprocServer32 -> C: \ Users \ Tom \ AppData \ Local \ Google \ Aggiorna \ 1.3.33.7 \ psuser_64.dll => Nessun file
ÖzelCLSID: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001_Classes \ CLSID \ {950F80EF-32C2-47dd-9C35-9576E21EE66E} \ InprocServer32 -> C: \ Kullanıcılar \ Tom \ AppData \ Local \ Music Araç Çubuğu \ Datamngr \ x64 \ IEBHO.dll (iMesh Inc)
CustomCLSID: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001_Classes \ CLSID \ {C3BC25C0-FCD3-4F01-AFDD-41373F017C9A} \ InprocServer32 -> C: \ Users \ Tom \ AppData \ Local \ Google \ Aggiorna \ 1.3.26.9 \ psuser_64.dll => Nessun file
CustomCLSID: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001_Classes \ CLSID \ (CB492AF1-2CEF-4E58-BE47-471C77D0C8BA) \ InprocServer32 -> C: \ Users \ Tom \ AppData \ Local \ Google \ Aggiorna \ 1.3.32.7 \ psuser_64.dll => Nessun file
CustomCLSID: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001_Classes \ CLSID \ {CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2) \ InprocServer32 -> C: \ Users \ Tom \ AppData \ Local \ Google \ Google Update \ 1.3.29.1 \ psuser_64.dll => Nessun file
CustomCLSID: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001_Classes \ CLSID \ {D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9} \ InprocServer32 -> C: \ Users \ Tom \ AppData \ Local \ Google \ Aggiorna \ 1.3.25.11 \ psuser_64.dll => Nessun file
CustomCLSID: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001_Classes \ CLSID \ {D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF} \ InprocServer32 -> C: \ Users \ Tom \ AppData \ Local \ Google \ Aggiorna \ 1.3.28.15 \ psuser_64.dll => Nessun file
CustomCLSID: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001_Classes \ CLSID \ (E8CF3E55-F919-49D9-ABC0-948E6CB34B9F) \ InprocServer32 -> C: \ Users \ Tom \ AppData \ Local \ Google Aggiorna \ 1.3.33.17 \ psuser_64.dll (Google Inc.)
CustomCLSID: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001_Classes \ CLSID \ {EA724FD3-844D-43A9-A8C9-A5BC35FC20E4} \ InprocServer32 -> C: \ Users \ Tom \ AppData \ Local \ Google \ Aggiorna \ 1.3.33.17 \ psuser_64.dll (Google Inc.)
ShellIconOverlayIdentifiers: [DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc. )
ShellIconOverlayIdentifiers: [DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc. )
ShellIconOverlayIdentifiers: [DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc. )
ShellIconOverlayIdentifiers: [DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc. )
ShellIconOverlayIdentifiers: [DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc. )
ShellIconOverlayIdentifiers: [DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc. )
ShellIconOverlayIdentifiers: [DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc. )
ShellIconOverlayIdentifiers: [DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc. )
ShellIconOverlayIdentifiers: [DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc. )
ShellIconOverlayIdentifiers: [DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc. )
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C: \ Windows \ system32 \ mscoree.dll [2010-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C: \ Windows \ system32 \ mscoree.dll [2010-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, COME.)
ShellIconOverlayIdentifiers-x32: [DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, COME.)
ShellIconOverlayIdentifiers-x32: [DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, COME.)
ShellIconOverlayIdentifiers-x32: [DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, COME.)
ShellIconOverlayIdentifiers-x32: [DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, COME.)
ShellIconOverlayIdentifiers-x32: [DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, COME.)
ShellIconOverlayIdentifiers-x32: [DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, COME.)
ShellIconOverlayIdentifiers-x32: [DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, COME.)
ShellIconOverlayIdentifiers-x32: [DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, COME.)
ShellIconOverlayIdentifiers-x32: [DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, COME.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc. )
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c: \ Program Files \ Microsoft Security Client \ shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c: \ Program Files \ Microsoft Security Client \ shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc. )
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c: \ Program Files \ Microsoft Security Client \ shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc. )
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C: \ Windows \ system32 \ igfxpph.dll [2013-10-29] (Intel Corporation)

==================== Attività pianificate (Whitelist) =============

(Se una voce viene aggiunta all'elenco delle correzioni, viene rimossa dal registro. Il file non verrà spostato a meno che non sia elencato separatamente).

Görev: {02AB6F9B-82CE-4409-8678-75AA34EC0973} - System32 \ Tasks \ {58F8473A-A6D6-EB55-AF4D-772F0358E8D9} => C: \ Kullanıcılar \ Tom \ SYNData \ Roaming \ PIKEME ~ 1 \. EXE <==== DİKKAT
Attività: {0E6B3003-951A-435A-A939-BCDEF564D473} - System32 \ Tasks \ Java Update Scheduler => C: \ Program Files (x86) \ Common Files \ Java \ Java Update \ jusched.exe [2014-07-25] (Oracle Corporation)
Görev: {17886A65-77F3-4EEC-BD1A-87D3D3458CA0} - System32 \ Tasks \ PCDEventLauncherTask => C: \ Program Dosyaları \ Dell'im \ sessionchecker.exe [2013-08-22] (PC-Doctor, Inc.)
Attività: {2D486324-0478-4AE1-9F79-D2A0BFCF14C7} - System32 \ Tasks \ Adobe Acrobat Update Task => C: \ Program Files (x86) \ Common Files \ Adobe \ ARM \ 1.0 \ AdobeARM.exe (2018-08- 14) (Adobe Systems Incorporated)
Görev: {39704C63-3C1D-4176-9E07-8F397BEB84DB} - System32 \ Tasks \ Update_Task => C: \ Kullanıcılar \ Tom \ AppData \ Local \ {A81F9 ~ 1 \ UNINST ~ 1.EXE
Görev: {3D8376FB-8793-4225-8A71-BC9FC779BF7E} - System32 \ Tasks \ DropboxUpdateTaskMachineCore => C: \ Program Dosyaları (x86) \ Dropbox \ Update \ DropboxUpdate.exe [2018-11-09] (Dropbox, Inc.)
Görev: {47CDA36C-65C2-475C-A144-98F5C43A7050} - System32 \ Tasks \ {082BE67B-F24C-41EE-B5EB-5404A560143B} => "C: \ Program Dosyaları \ Internet Explorer \ iexplore.exe" hxxp: // ui .skype.com / ui / 0 / 7.28.80.101 / tr / Discendinstall? page = tsProgressBar
Görev: {4B68C9F8-FDBE-4BE7-80CF-9FDB716CF3AE} - System32 \ Tasks \ Adobe Flash Player NPAPI Notifier => C: \ Windows \ SysWOW64 \ Macromed \ Flash \ FlashUtil32_31_0_0_122_Plugin.exe [2018-10] )
Görev: {5CF5DDD9-228D-470E-AED6-7AB4E149A93E} - System32 \ Tasks \ GoogleUpdateTaskUserS-1-5-21-252852572-1064671646-1800406956-1001UA => C: \ Kullanıcılar \ Tom \ AppData \ Local \ Google \ Update GoogleUpdate.exe [2015-08-29] (Google Inc.)
Görev: {61C6DC98-FDBF-4CA4-9ECF-60616D9A4860} - System32 \ Tasks \ {4B63B3D9-A905-B81E-883E-3B544CC01479} => C: \ Kullanıcılar \ Tom \ AppData \ Roaming \ {4CE .77 ~ 1 \ PRODUC. EXE [2013-04-20] () <==== DİKKAT
Görev: {75C5217E-5C4A-4046-8DD6-04415D196FA5} - System32 \ Tasks \ DropboxUpdateTaskMachineUA => C: \ Program Dosyaları (x86) \ Dropbox \ Update \ DropboxUpdate.exe [2018-11-09] (Dropbox, Inc.)
Görev: {7EDADB3B-6ABD-4C79-8031-64F8032981B1} - System32 \ Tasks \ SystemToolsDailyTest => uaclauncher.exe
Görev: {92AC19ED-D99B-4E3A-9547-E2F2BE1CAC36} - System32 \ Tasks \ {1B7B29A5-081A-DBB0-79E4-101AD15B16AA} => C: \ Kullanıcılar \ Tom \ AppData \ Roaming \ {~ 177 .EXE [2013-04-20] () <==== DİKKAT
Attività: {92FF0488-6419-4AAA-97B0-0440FE25C508} - \ TomBuckeroosCoprologyV2 -> Nessun file <==== DİKKAT
Görev: {A0F206CD-B876-4358-9974-9D1045714D22} - System32 \ Tasks \ Adobe Flash Player Güncelleyici => C: \ Windows \ SysWOW64 \ Macromed \ Flash \ FlashPlayerUpdateService.exe [2018-10-10] (Adobe Systems Incorporated)
Görev: {BFECFC0B-D18C-4346-B46C-B5A5B9552C03} - System32 \ Tasks \ PCDoctorBackgroundMonitorTask => C: \ Program Dosyaları \ Dell'im \ uaclauncher.exe [2013-08-22] (PC-Doctor, Inc.)
Görev: {C92613EA-527A-4A46-BC55-10944A4BBB82} - System32 \ Tasks \ {2854433C-02E7-46A0-A7C9-D5FC3A79EB74} => "c: \ program dosyaları (x86) \ mozilla firefox \ fire.exe" hxxp: //ui.skype.com/ui/0/6.14.0.104/en/abandoninstall?source=lightinstaller&page=tsInstall
Attività: {D6251BC2-85C0-49C8-85B9-BD0411C524F2} - System32 \ Tasks \ Microsoft \ Microsoft Anti-Malware \ Microsoft Anti-Malware Scheduled Scan => c: \ Program Files \ Microsoft Security Client \ MpCmdRun.exe [2016-11 -14) (azienda Microsoft)
Görev: {E0AA19FA-FC2A-450F-9E46-F52CAC741C2C} - System32 \ Tasks \ RumbleTwistingsV2 => rundll32.exe SophisticsClomp.dll, ana 7 1 <==== DİKKAT
Görev: {FC301D41-C78C-4BF2-BF31-7F60DCFE22DE} - System32 \ Tasks \ GoogleUpdateTaskUserS-1-5-21-252852572-1064671646-1800406956-1001Core => C: \ Kullanıcılar \ Tom \ AppData \ Local \ Google \ Update \ GoogleUpdate.exe [2015-08-29] (Google Inc.)

(Se viene aggiunta una voce all'elenco delle correzioni, il file dell'attività (.job) verrà spostato. Il file eseguito dall'attività non verrà spostato.)

Attività: C: \ Windows \ Tasks \ DropboxUpdateTaskMachineCore.job => C: \ Program Files (x86) \ Dropbox \ Update \ DropboxUpdate.exe
Attività: C: \ Windows \ Tasks \ DropboxUpdateTaskMachineUA.job => C: \ Programmi (x86) \ Dropbox \ Update \ DropboxUpdate.exe
Attività: C: \ Windows \ Tasks \ Update_Task.job => C: \ Users \ Tom \ AppData \ Local \ {A81F9 ~ 1 \ UNINST ~ 1.EXE
Attività: C: \ Windows \ Tasks \ {1B7B29A5-081A-DBB0-79E4-101AD15B16AA} .job => C: \ Users \ Tom \ AppData \ Roaming \ {4CE77 ~ 1 \ PRODUC ~ 1.EXE <==== DİKKAT
Attività: C: \ Windows \ Tasks \ {4B63B3D9-A905-B81E-883E-3B544CC01479} .job => C: \ Users \ Tom \ AppData \ Roaming \ {4CE77 ~ 1 \ PRODUC ~ 1.EXE <==== DİKKAT
Attività: C: \ Windows \ Tasks \ {58F8473A-A6D6-EB55-AF4D-772F0358E8D9} .job => C: \ Users \ Tom \ AppData \ Roaming \ PIKEME ~ 1 \ SYNCVE ~ 1.EXE <==== DİKKAT

==================== Scorciatoie e WMI ========================

(Le voci possono essere elencate per il ripristino o la rimozione.)

WMI: subscription \ __ FilterToConsumerBinding-> CommandLineEventConsumer.Name = \ "BVTConsumer \" "Filter =" __ EventFilter.Name = \ "BVTFilter \":
WMI: iscrizione \ __ EventFilter-> BVTFilter:
WMI: subscription \ CommandLineEventConsumer-> BVTConsumer:

==================== Moduli installati (whitelist) ==============

2014-08-14 19:38 - 2013-05-15 01:50 - 000140936 _____ () C: \ Programmi (x86) \ Canon \ IJPLM \ IJPLMSVC.EXE
15/07/2014 19:08 - 25/06/2014 21:24 - 000743960 _____ () C: \ Users \ Tom \ AppData \ Local \ Music Toolbar \ Datamngr \ x64 \ apcrtldr.dll
08/08/2014 13:38 - 08/08/2014 13:38 - 001173504 _____ () C: \ Users \ Tom \ AppData \ Local \ WSE_Astromenda \ BRS \ brs.exe
2018-09-01 09:09 - 2018-10-31 01:06 - 001057056 _____ () C: \ Programmi (x86) \ Steam \ bin \ cef \ cef.win7x64 \ SDL2.dll
01/09/2018 09:09 - 23/09/2018 07:00 - 102804768 _____ () C: \ Programmi (x86) \ Steam \ bin \ cef \ cef.win7x64 \ libcef.dll
01/09/2018 09:09 - 23/09/2018 07:00 - 004866336 _____ () C: \ Programmi (x86) \ Steam \ bin \ cef \ cef.win7x64 \ libglesv2.dll
01/09/2018 09:09 - 23/09/2018 07:00 - 000116000 _____ () C: \ Programmi (x86) \ Steam \ bin \ cef \ cef.win7x64 \ libegl.dll
14/03/2014 09:25 - 22/11/2013 05:22 - 000484880 _____ () C: \ Programmi (x86) \ Dell Backup & Recovery \ Components \ Shell \ DBRCrawler.exe
15/07/2014 19:08 - 25/06/2014 21:24 - 000548888 _____ () C: \ Users \ Tom \ AppData \ Local \ Music Toolbar \ Datamngr \ apcrtldr.dll
2017-04-16 13:14 - 2018-10-31 01:06 - 000879904 _____ () C: \ Programmi (x86) \ Steam \ SDL2.dll
2017-04-16 13:14 - 2016-09-01 08:02 - 004969248 _____ () C: \ Programmi (x86) \ Steam \ v8.dll
16-04-2017 13:14 - 01/09/2016 08:02 - 001563936 _____ () C: \ Programmi (x86) \ Steam \ icui18n.dll
16/04/2017 13:14 - 01/09/2016 08:02 - 001195296 _____ () C: \ Programmi (x86) \ Steam \ icuuc.dll
2017-04-16 13:14 - 2018-11-09 02:02 - 002649376 _____ () C: \ Programmi (x86) \ Steam \ video.dll
15-12-2017 09:45 - 20-12-2017 08:43 - 005137696 _____ () C: \ Programmi (x86) \ Steam \ libavcodec-57.dll
15-12-2017 09:45 - 20-12-2017 08:43 - 000847136 _____ () C: \ Programmi (x86) \ Steam \ libavutil-55.dll
15-12-2017 09:45 - 20-12-2017 08:43 - 000695584 _____ () C: \ Programmi (x86) \ Steam \ libavformat-57.dll
15-12-2017 09:45 - 20-12-2017 08:43 - 000351520 _____ () C: \ Programmi (x86) \ Steam \ libavresample-3.dll
15-12-2017 09:45 - 20-12-2017 08:43 - 000783648 _____ () C: \ Programmi (x86) \ Steam \ libswscale-4.dll
16-04-2017 13:14 - 09-11-2018 02:02 - 001028384 _____ () C: \ Programmi (x86) \ Steam \ bin \ chromehtml.DLL
2017-04-16 13:14 - 2016-07-05 05:17 - 000266560 _____ () C: \ Programmi (x86) \ Steam \ openvr_api.dll
2014-03-14 09:11 - 2013-06-01 19:31 - 001199576 _____ () C: \ Programmi (x86) \ Intel \ Intel (R) Management Engine Components \ LMS \ ACE.dll
09/11/2018 18:07 - 06/11/2018 20:06 - 001141064 _____ () C: \ Program Dosyaları (x86) \ Dropbox \ Client \ dropbox_watchdog.dll
09/11/2018 18:07 - 06/11/2018 20:06 - 002103112 _____ () C: \ Program Dosyaları (x86) \ Dropbox \ Client \ dropbox_crashpad.dll
09-11-2018 18:07 - 06-11-2018 20:09 - 000023376 _____ () C: \ Program Dosyaları (x86) \ Dropbox \ Client \ tornado.speedups.cp35-win32.pyd
09-11-2018 18:07 - 06-11-2018 20:08 - 000025456 _____ () C: \ Program Dosyaları (x86) \ Dropbox \ Client \ cryptography.hazmat.bindings._constant_time.cp35-win32.pyd
09/11/2018 18:07 - 06/11/2018 20:06 - 000142312 _____ () C: \ Programmi (x86) \ Dropbox \ Client \ _cffi_backend.cp35-win32.pyd
09-11-2018 18:07 - 06-11-2018 20:08 - 001953640 _____ () C: \ Program Dosyaları (x86) \ Dropbox \ Client \ cryptography.hazmat.bindings._openssl.cp35-win32.pyd
09-11-2018 18:07 - 06-11-2018 20:08 - 000025960 _____ () C: \ Program Dosyaları (x86) \ Dropbox \ Client \ cryptography.hazmat.bindings._padding.cp35-win32.pyd
09/11/2018 18:07 - 06/11/2018 20:06 - 000118232 _____ () C: \ Programmi (x86) \ Dropbox \ Client \ pywintypes35.dll
09/11/2018 18:07 - 06/11/2018 20:06 - 000109024 _____ () C: \ Programmi (x86) \ Dropbox \ Client \ win32api.cp35-win32.pyd
09/11/2018 18:07 - 06/11/2018 20:08 - 000083784 _____ () C: \ Program Dosyaları (x86) \ Dropbox \ Client \ fastpath.cp35-win32.pyd
09/11/2018 18:07 - 06/11/2018 20:06 - 000418776 _____ () C: \ Programmi (x86) \ Dropbox \ Client \ pythoncom35.dll
2018-11-09 18:07 - 2018-11-06 20:08 - 000074072 _____ () C: \ Programmi (x86) \ Dropbox \ Client \ psutil._psutil_windows.cp35-win32.pyd
09/11/2018 18:07 - 06/11/2018 20:06 - 000027616 _____ () C: \ Programmi (x86) \ Dropbox \ Client \ win32event.cp35-win32.pyd
09/11/2018 18:07 - 06/11/2018 20:06 - 000049128 _____ () C: \ Program Dosyaları (x86) \ Dropbox \ Client \ win32process.cp35-win32.pyd
09/11/2018 18:07 - 06/11/2018 20:06 - 000026600 _____ () C: \ Programmi (x86) \ Dropbox \ Client \ win32clipboard.cp35-win32.pyd
09/11/2018 18:07 - 06/11/2018 20:06 - 000131552 _____ () C: \ Programmi (x86) \ Dropbox \ Client \ win32file.cp35-win32.pyd
09/11/2018 18:07 - 06/11/2018 20:06 - 000182752 _____ () C: \ Programmi (x86) \ Dropbox \ Client \ win32gui.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:06 - 000027616 _____ () C: \ Programmi (x86) \ Dropbox \ Client \ win32pipe.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:06 - 000119272 _____ ()
M

malsaurus

Membro TS
  • #20
(Terzo tentativo di installazione di inserimento)
M

malsaurus

Membro TS
  • #21
Risultato della scansione aggiuntiva di Farbar Recovery Scan Tool (x64) Versione: 08.11.2018
Gestito da Tom (10-11-2018 12:20:41)
Esegui da C: \ Users \ Tom \ Downloads
Windows 7 Professional Service Pack 1 (X64) (2014-04-15 23:08:59)
Modalità di avvio: normale
==========================================================


==================== Account: ============================ =

Manager (S-1-5-21-252852572-1064671646-1800406956-500 - Manager - Disabilitato)
Ospite (S-1-5-21-252852572-1064671646-1800406956-501 - Limitato - Disabilitato)
Gruppo HomeUtente $ (S-1-5-21-252852572-1064671646-1800406956-1003 - Limitato - Attivo)
jl (S-1-5-21-252852572-1064671646-1800406956-1000 - Amministratore - Attivo) => C: \ Users \ jl
Tom (S-1-5-21-252852572-1064671646-1800406956-1001 - Amministratore - Attivo) => C: \ Users \ Tom

==================== Centro sicurezza PC ========================

(Se una voce viene aggiunta all'elenco delle correzioni, verrà rimossa.)

AV: Microsoft Security Essentials (Attivo - Attuale) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Attivo - Attuale) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (disabilitato - corrente) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Programmi installati ======================

(Solo i programmi adware con il flag "Nascosto" possono essere aggiunti all'elenco delle correzioni per mostrarli. I programmi adware devono essere rimossi manualmente.)

Adobe Flash Player 31 ActiveX (HKLM-x32 \ ... \ Adobe Flash Player ActiveX) (Sürüm: 31.0.0.122 - Adobe Systems Incorporated)
Adobe Flash Player 31 NPAPI (HKLM-x32 \ ... \ Adobe Flash Player NPAPI) (Sürüm: 31.0.0.122 - Adobe Systems Incorporated)
Adobe Reader XI MUI (HKLM-x32 \ ... \ {AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Sürüm: 11.0.00 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.23) (HKLM-x32 \ ... \ {AC76BA86-7AD7-1033-7B44-AB0000000001}) (Sürüm: 11.0.23 - Adobe Systems Incorporated)
Advanced Sound FX Engine (HKLM-x32 \ ... \ Advanced Sound FX Engine) (Versione: 1.12.05 - Creative Technology Ltd)
Bing Bar (HKLM-x32 \ ... \ (16793295-2366-40F7-A045-A3E42A81365E)) (Versione: 7.1.362.0 - Microsoft Corporation)
Canon Easy-WebPrint EX (HKLM-x32 \ ... \ Easy-WebPrint EX) (Sürüm: 1.5.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32 \ ... \ Canon_IJ_Scan_Utility) (Versione: - Canon Inc.)
Canon Inkjet Printer / Scanner / Fax Extended Survey Program (HKLM-x32 \ ... \ CANONIJPLM100) (Versione: 4.1.0 - Canon Inc.)
MP Drivers Canon MX390 series (HKLM \ ... \ (1199FAD5-9546-44f3-81CF-FFDB8040B7BF) _Canon_MX390_series) (Versione: 1.00 - Canon Inc.)
Canon MX390 series Display Manual (HKLM-x32 \ ... \ Canon MX390 series Display Manual) (Versione: 7.6.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32 \ ... \ Canon My Image Garden) (Sürüm: 1.1.2 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32 \ ... \ Canon My Image Garden Design Files) (Versione: 1.0.1 - Canon Inc.)
My Canon Printer (HKLM-x32 \ ... \ CanonMyPrinter) (Versione: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32 \ ... \ CanonQuickMenu) (Versione: 2.1.0 - Canon Inc.)
Canon Speed ​​Dial Utility (HKLM-x32 \ ... \ Speed ​​Dial Utility) (Versione: 1.3.0 - Canon Inc.)
Chrome (HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 \ ... \ Chromium) (Versione: 45.0.2444.0 - Chrome)
Modulo Cisco EAP-FAST (HKLM-x32 \ ... \ (64BF0187-F3D2-498B-99EA-163AF9AE6EC9)) (Versione: 2.2.14 - Cisco Systems, Inc.) Nascosto
Modulo Cisco LEAP (HKLM-x32 \ ... \ (51C7AD07-C3F6-4635-8E8A-231306D810FE)) (Versione: 1.0.19 - Cisco Systems, Inc.) Nascosto
Modulo Cisco PEAP (HKLM-x32 \ ... \ (ED5776D5-59B4-46B7-AF81-5F2D94D7C640)) (Versione: 1.1.6 - Cisco Systems, Inc.) Nascosto
Dell Backup & Recovery - Software di supporto (HKLM-x32 \ ... \ (A9668246-FB70-4103-A1E3-66C9BC2EFB49)) (Versione: 1.6.2.0 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32 \ ... \ (0ED7EE95-6A97-47AA-AD73-152C08A15B04)) (Versione: 1.6.2.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32 \ ... \ (693A23FB-F28B-4F7A-A720-4C1263F97F43)) (Versione: 3.1.1002.0 - Prodotti Dell, LP)
Dell Edoc Viewer (HKLM \ ... \ {8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Sürüm: 1.0.0 - Dell Inc)
Dell Touchpad (HKLM \ ... \ SynTPDeinstKey) (Versione: 17.0.14.0 - Synaptics Incorporated)
Dell Webcam Central (HKLM-x32 \ ... \ Dell Webcam Central) (Sürüm: 2.01.15 - Creative Technology Ltd)
Dropbox (HKLM-x32 \ ... \ Dropbox) (Sürüm: 61.4.95 - Dropbox, Inc.)
Assistente aggiornamento Dropbox (HKLM-x32 \ ... \ (099218A5-A723-43DC-8DB5-6173656A1E94)) (Versione: 1.3.141.1 - Dropbox, Inc.) Nascosto
DSC / AA Factory Setup Program (HKLM \ ... \ (F7A70D00-F283-45C8-B163-49EC365D7E27)) (Versione: 3.4.6299.48 - PC-Doctor, Inc.) Riservato
DW WLAN Card Utility (HKLM \ ... \ DW WLAN Card Utility) (Versione: 6.30.223.99 - Dell Inc.)
Componente aggiuntivo di Google Talk (HKLM-x32 \ ... \ (F9B579C2-D854-300A-BE62-A09EB9D722E4)) (Versione: 5.41.3.0 - Google)
Intel (R) Management Engine Components (HKLM-x32 \ ... \ (65153EA5-8B6E-43B6-857B-C6E4FC25798A)) (Versione: 9.5.3.1520 - Intel Corporation)
Intel (R) Processor Graphics (HKLM-x32 \ ... \ (F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA)) (Versione: 10.18.10.3345 - Intel Corporation)
Intel (R) Rapid Storage Technology (HKLM \ ... \ (409CB30E-E457-4008-9B1A-ED1B9EA21140)) (Versione: 12.8.2.1000 - Intel Corporation)
Driver controller host espandibile USB 3.0 Intel (R) (HKLM-x32 \ ... \ (240C3DDD-C5E9-4029-9DF7-95650D040CF2)) (Versione: 2.5.1.28 - Intel Corporation)
Java 7 Update 67 (HKLM-x32 \ ... \ (26A24AE4-039D-4CA4-87B4-2F03217067FF)) (Versione: 7.0.670 - Oracle)
Microsoft .NET Framework 4.7.2 (HKLM \ ... \ {92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Sürüm: 4.7.03062 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32 \ ... \ Office14.SingleImage) (Versione: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM \ ... \ Microsoft Security Client) (Sürüm: 4.10.209.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM \ ... \ {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Sürüm: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C ++ 2005 Redistributable (x64) (HKLM \ ... \ (071c9b48-7c32-4621-a0ac-3f809523288f)) (Versione: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C ++ 2005 Redistributable (x64) (HKLM \ ... \ (ad8a2fa1-06e7-4b0d-927d-6e54b3d31028)) (Versione: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C ++ 2008 Redistributable - x64 9.0.30729.17 (HKLM \ ... \ (8220EEFE-38CD-377E-8595-13398D740ACE)) (Versione: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C ++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM \ ... \ (5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4)) (Versione: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C ++ 2010 x64 Redistributable - 10.0.40219 (HKLM \ ... \ (1D8E6291-B0D5-35EC-8441-6616F567A0F7)) (Versione: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C ++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32 \ ... \ (F0C3E5D1-1ADE-321E-8167-68EF0DE699A5)) (Versione: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C ++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32 \ ... \ (050d4fc8-5d48-4b8f-8972-47c82c46020f)) (Versione: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C ++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32 \ ... \ (f65db027-aff3-4070-886a-0d87064aabb1)) (Versione: 12.0.30501.0 - Microsoft Corporation)
Strumenti di Microsoft Visual Studio 2010 per Office Runtime (x64) (HKLM \ ... \ Microsoft Visual Studio 2010 Tools per Office Runtime (x64)) (Versione: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 63.0.1 (x64 tr-ABD) (HKLM \ ... \ Mozilla Firefox 63.0.1 (x64 tr-ABD)) (Sürüm: 63.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32 \ ... \ MozillaMaintenanceService) (Versione: 63.0.1.6877 - Mozilla)
Music Toolbar (HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 \ ... \ Music Toolbar) (Versione: 5.0.0.13124 - iMesh Inc) <==== DİKKAT
My Dell (HKLM \ ... \ PC-Doctor per Windows) (Versione: 3.4.6299.48 - PC-Doctor, Inc.)
Project64 1.6 (HKLM-x32 \ ... \ (9559F7CA-5E34-4237-A2D9-D856464AD727)) (Versione: 1.6 - Project64)
Quickset64 (HKLM \ ... \ {87CF757E-C1F1-4D22-865C-00C6950B5258}) (Sürüm: 10.16.002 - Dell Inc.)
Driver audio ad alta definizione Realtek (HKLM-x32 \ ... \ (F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Versione: 6.0.1.7023 - Realtek Semiconductor Corp.)
Cerca nel Web (Yahoo) (HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 \ ... \ (95ED7D2D-C56D-ACAD-74ED-DC2DA46D0FAD)) (Versione: -) <=== = DİKKAT
Service Pack 2 per Microsoft Office 2010 (KB2687455) versione a 32 bit (HKLM-x32 \ ... \ {90140000-003D-0000-0000-0000000FF1CE) _Office14.SingleImage_ (DE28B448-32E8-4E8F-84F0-A52B21A49B5B) : - Microsoft)
Runtime per C x64 condiviso (HKLM \ ... \ (EF79C448-6946-4D71-8134-03407888C054)) (Versione: 10.0.0 - McAfee)
Steam (HKLM-x32 \ ... \ Steam) (Sürüm: 2.10.91.91 - Valve Corporation)
TeamViewer 9 (HKLM-x32 \ ... \ TeamViewer 9) (Versione: 9.0.27614 - TeamViewer)
VLC media player (HKLM-x32 \ ... \ VLC media player) (Versione: 2.2.8 - VideoLAN)
Software Bluetooth WIDCOMM (HKLM \ ... \ (A1439D4F-FD46-47F2-A1D3-FEE097C29A09)) (Versione: 6.5.1.4700 - Broadcom Corporation)
WSE Rocket (HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 \ ... \ WSE Rocket) (Versione: - WSE Rocket) <==== DİKKAT
WSE_Astromenda (HKU \ S-1-5-21-252852572-1064671646-1800406956-1001 \ ... \ WSE_Astromenda) (Versione: - WSE_Astromenda) <==== DİKKAT

==================== CLSID personalizzato (White List): ======================= = ==

(Se una voce viene aggiunta all'elenco delle correzioni, viene rimossa dal registro. Il file non verrà spostato a meno che non sia elencato separatamente).

CustomCLSID: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001_Classes \ CLSID \ (0F22A205-CFB0-4679-8499-A6F44A80A208) \ InprocServer32 -> C: \ Users \ Tom \ AppData \ Local \ Google \ Aggiorna \ 1.3.25.5 \ psuser_64.dll => Nessun file
CustomCLSID: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001_Classes \ CLSID \ (1423F872-3F7F-4E57-B621-8B1A9D49B448) \ InprocServer32 -> C: \ Users \ Tom \ AppData \ Local \ Google Update \ 1.3.27.5 \ psuser_64.dll => Nessun file
CustomCLSID: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001_Classes \ CLSID \ {144DF3B2-2402-47AE-9583-5A045929A8D4) \ InprocServer32 -> C: \ Users \ Tom \ AppData \ Local \ Google \ Aggiorna \ 1.3.33.5 \ psuser_64.dll => Nessun file
CustomCLSID: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001_Classes \ CLSID \ (474597C5-AB09-49d6-A4D5-2E8D7341384E) \ InprocServer32 -> C: \ Users \ Tom \ AppData \ Local \ Music Vehicle Bar \ Datamngr \ x64 \ IEBHO.dll (iMesh Inc)
CustomCLSID: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001_Classes \ CLSID \ (590C4387-5EBD-4D46-8A84-CD0BA2EF2856) \ InprocServer32 -> C: \ Users \ Tom \ AppData \ Local \ Google \ Aggiorna \ 1.3.30.3 \ psuser_64.dll => Nessun file
CustomCLSID: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001_Classes \ CLSID \ {59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4) \ InprocServer32 -> C: \ Users \ Tom \ AppData \ Local \ Google \ Aggiorna \ 1.3.31.5 \ psuser_64.dll => Nessun file
CustomCLSID: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001_Classes \ CLSID \ (5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E) \ InprocServer32 -> C: \ Users \ Tom \ AppData \ Local \ Google \ Aggiorna \ 1.3.28.1 \ psuser_64.dll => Nessun file
CustomCLSID: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001_Classes \ CLSID \ (78550997-5DEF-4A8A-BAF9-D5774E87AC98) \ InprocServer32 -> C: \ Users \ Tom \ AppData \ Local \ Google \ Aggiorna \ 1.3.28.13 \ psuser_64.dll => Nessun file
CustomCLSID: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001_Classes \ CLSID \ (793EE463-1304-471C-ADF1-68C2FFB01247) \ InprocServer32 -> C: \ Users \ Tom \ AppData \ Local \ Google \ Aggiorna \ 1.3.29.5 \ psuser_64.dll => Nessun file
CustomCLSID: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001_Classes \ CLSID \ (8C46158B-D978-483C-A312-16EE5013BE04) \ InprocServer32 -> C: \ Users \ Tom \ AppData \ Local \ Google \ Aggiorna \ 1.3.33.3 \ psuser_64.dll => Nessun file
CustomCLSID: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001_Classes \ CLSID \ {90B3DFBF-AF6A-4EA0-8899-F332194690F8) \ InprocServer32 -> C: \ Users \ Tom \ AppData \ Local \ Google \ Aggiorna \ 1.3.24.15 \ psuser_64.dll => Nessun file
CustomCLSID: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001_Classes \ CLSID \ {91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8) \ InprocServer32 -> C: \ Users \ Tom \ AppData \ Local \ Google \ Aggiorna \ 1.3.33.7 \ psuser_64.dll => Nessun file
ÖzelCLSID: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001_Classes \ CLSID \ {950F80EF-32C2-47dd-9C35-9576E21EE66E} \ InprocServer32 -> C: \ Kullanıcılar \ Tom \ AppData \ Local \ Music Araç Çubuğu \ Datamngr \ x64 \ IEBHO.dll (iMesh Inc)
CustomCLSID: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001_Classes \ CLSID \ {C3BC25C0-FCD3-4F01-AFDD-41373F017C9A} \ InprocServer32 -> C: \ Users \ Tom \ AppData \ Local \ Google \ Aggiorna \ 1.3.26.9 \ psuser_64.dll => Nessun file
CustomCLSID: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001_Classes \ CLSID \ (CB492AF1-2CEF-4E58-BE47-471C77D0C8BA) \ InprocServer32 -> C: \ Users \ Tom \ AppData \ Local \ Google \ Aggiorna \ 1.3.32.7 \ psuser_64.dll => Nessun file
CustomCLSID: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001_Classes \ CLSID \ {CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2) \ InprocServer32 -> C: \ Users \ Tom \ AppData \ Local \ Google \ Google Update \ 1.3.29.1 \ psuser_64.dll => Nessun file
CustomCLSID: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001_Classes \ CLSID \ {D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9} \ InprocServer32 -> C: \ Users \ Tom \ AppData \ Local \ Google \ Aggiorna \ 1.3.25.11 \ psuser_64.dll => Nessun file
CustomCLSID: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001_Classes \ CLSID \ {D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF} \ InprocServer32 -> C: \ Users \ Tom \ AppData \ Local \ Google \ Aggiorna \ 1.3.28.15 \ psuser_64.dll => Nessun file
CustomCLSID: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001_Classes \ CLSID \ (E8CF3E55-F919-49D9-ABC0-948E6CB34B9F) \ InprocServer32 -> C: \ Users \ Tom \ AppData \ Local \ Google Aggiorna \ 1.3.33.17 \ psuser_64.dll (Google Inc.)
CustomCLSID: HKU \ S-1-5-21-252852572-1064671646-1800406956-1001_Classes \ CLSID \ {EA724FD3-844D-43A9-A8C9-A5BC35FC20E4} \ InprocServer32 -> C: \ Users \ Tom \ AppData \ Local \ Google \ Aggiorna \ 1.3.33.17 \ psuser_64.dll (Google Inc.)
ShellIconOverlayIdentifiers: [DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc. )
ShellIconOverlayIdentifiers: [DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc. )
ShellIconOverlayIdentifiers: [DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc. )
ShellIconOverlayIdentifiers: [DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc. )
ShellIconOverlayIdentifiers: [DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc. )
ShellIconOverlayIdentifiers: [DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc. )
ShellIconOverlayIdentifiers: [DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc. )
ShellIconOverlayIdentifiers: [DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc. )
ShellIconOverlayIdentifiers: [DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc. )
ShellIconOverlayIdentifiers: [DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc. )
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C: \ Windows \ system32 \ mscoree.dll [2010-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C: \ Windows \ system32 \ mscoree.dll [2010-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, COME.)
ShellIconOverlayIdentifiers-x32: [DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, COME.)
ShellIconOverlayIdentifiers-x32: [DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, COME.)
ShellIconOverlayIdentifiers-x32: [DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, COME.)
ShellIconOverlayIdentifiers-x32: [DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, COME.)
ShellIconOverlayIdentifiers-x32: [DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, COME.)
ShellIconOverlayIdentifiers-x32: [DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, COME.)
ShellIconOverlayIdentifiers-x32: [DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, COME.)
ShellIconOverlayIdentifiers-x32: [DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, COME.)
ShellIconOverlayIdentifiers-x32: [DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, COME.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc. )
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c: \ Program Files \ Microsoft Security Client \ shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c: \ Program Files \ Microsoft Security Client \ shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc. )
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c: \ Program Files \ Microsoft Security Client \ shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C: \ Program Dosyaları (x86) \ Dropbox \ Client \ DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc. )
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C: \ Windows \ system32 \ igfxpph.dll [2013-10-29] (Intel Corporation)

==================== Attività pianificate (Whitelist) =============

(Se una voce viene aggiunta all'elenco delle correzioni, viene rimossa dal registro. Il file non verrà spostato a meno che non sia elencato separatamente).

Görev: {02AB6F9B-82CE-4409-8678-75AA34EC0973} - System32 \ Tasks \ {58F8473A-A6D6-EB55-AF4D-772F0358E8D9} => C: \ Kullanıcılar \ Tom \ SYNData \ Roaming \ PIKEME ~ 1 \. EXE <==== DİKKAT
Attività: {0E6B3003-951A-435A-A939-BCDEF564D473} - System32 \ Tasks \ Java Update Scheduler => C: \ Program Files (x86) \ Common Files \ Java \ Java Update \ jusched.exe [2014-07-25] (Oracle Corporation)
Görev: {17886A65-77F3-4EEC-BD1A-87D3D3458CA0} - System32 \ Tasks \ PCDEventLauncherTask => C: \ Program Dosyaları \ Dell'im \ sessionchecker.exe [2013-08-22] (PC-Doctor, Inc.)
Attività: {2D486324-0478-4AE1-9F79-D2A0BFCF14C7} - System32 \ Tasks \ Adobe Acrobat Update Task => C: \ Program Files (x86) \ Common Files \ Adobe \ ARM \ 1.0 \ AdobeARM.exe (2018-08- 14) (Adobe Systems Incorporated)
Görev: {39704C63-3C1D-4176-9E07-8F397BEB84DB} - System32 \ Tasks \ Update_Task => C: \ Kullanıcılar \ Tom \ AppData \ Local \ {A81F9 ~ 1 \ UNINST ~ 1.EXE
Görev: {3D8376FB-8793-4225-8A71-BC9FC779BF7E} - System32 \ Tasks \ DropboxUpdateTaskMachineCore => C: \ Program Dosyaları (x86) \ Dropbox \ Update \ DropboxUpdate.exe [2018-11-09] (Dropbox, Inc.)
Görev: {47CDA36C-65C2-475C-A144-98F5C43A7050} - System32 \ Tasks \ {082BE67B-F24C-41EE-B5EB-5404A560143B} => "C: \ Program Dosyaları \ Internet Explorer \ iexplore.exe" hxxp: // ui .skype.com / ui / 0 / 7.28.80.101 / tr / Discendinstall? page = tsProgressBar
Görev: {4B68C9F8-FDBE-4BE7-80CF-9FDB716CF3AE} - System32 \ Tasks \ Adobe Flash Player NPAPI Notifier => C: \ Windows \ SysWOW64 \ Macromed \ Flash \ FlashUtil32_31_0_0_122_Plugin.exe [2018-10] )
Görev: {5CF5DDD9-228D-470E-AED6-7AB4E149A93E} - System32 \ Tasks \ GoogleUpdateTaskUserS-1-5-21-252852572-1064671646-1800406956-1001UA => C: \ Kullanıcılar \ Tom \ AppData \ Local \ Google \ Update GoogleUpdate.exe [2015-08-29] (Google Inc.)
Görev: {61C6DC98-FDBF-4CA4-9ECF-60616D9A4860} - System32 \ Tasks \ {4B63B3D9-A905-B81E-883E-3B544CC01479} => C: \ Kullanıcılar \ Tom \ AppData \ Roaming \ {4CE .77 ~ 1 \ PRODUC. EXE [2013-04-20] () <==== DİKKAT
Görev: {75C5217E-5C4A-4046-8DD6-04415D196FA5} - System32 \ Tasks \ DropboxUpdateTaskMachineUA => C: \ Program Dosyaları (x86) \ Dropbox \ Update \ DropboxUpdate.exe [2018-11-09] (Dropbox, Inc.)
Görev: {7EDADB3B-6ABD-4C79-8031-64F8032981B1} - System32 \ Tasks \ SystemToolsDailyTest => uaclauncher.exe
Görev: {92AC19ED-D99B-4E3A-9547-E2F2BE1CAC36} - System32 \ Tasks \ {1B7B29A5-081A-DBB0-79E4-101AD15B16AA} => C: \ Kullanıcılar \ Tom \ AppData \ Roaming \ {4CE 177 .EXE [2013-04-20] () <==== DİKKAT
Attività: {92FF0488-6419-4AAA-97B0-0440FE25C508} - \ TomBuckeroosCoprologyV2 -> Nessun file <==== DİKKAT
Görev: {A0F206CD-B876-4358-9974-9D1045714D22} - System32 \ Tasks \ Adobe Flash Player Güncelleyici => C: \ Windows \ SysWOW64 \ Macromed \ Flash \ FlashPlayerUpdateService.exe [2018-10-10] (Adobe Systems Incorporated)
Görev: {BFECFC0B-D18C-4346-B46C-B5A5B9552C03} - System32 \ Tasks \ PCDoctorBackgroundMonitorTask => C: \ Program Dosyaları \ Dell'im \ uaclauncher.exe [2013-08-22] (PC-Doctor, Inc.)
Görev: {C92613EA-527A-4A46-BC55-10944A4BBB82} - System32 \ Tasks \ {2854433C-02E7-46A0-A7C9-D5FC3A79EB74} => "c: \ program dosyaları (x86) \ mozilla firefox \ fire.exe" hxxp: //ui.skype.com/ui/0/6.14.0.104/en/abandoninstall?source=lightinstaller&page=tsInstall
Attività: {D6251BC2-85C0-49C8-85B9-BD0411C524F2} - System32 \ Tasks \ Microsoft \ Microsoft Anti-Malware \ Microsoft Anti-Malware Scheduled Scan => c: \ Program Files \ Microsoft Security Client \ MpCmdRun.exe [2016-11 -14) (azienda Microsoft)
Görev: {E0AA19FA-FC2A-450F-9E46-F52CAC741C2C} - System32 \ Tasks \ RumbleTwistingsV2 => rundll32.exe SophisticsClomp.dll, ana 7 1 <==== DİKKAT
Görev: {FC301D41-C78C-4BF2-BF31-7F60DCFE22DE} - System32 \ Tasks \ GoogleUpdateTaskUserS-1-5-21-252852572-1064671646-1800406956-1001Core => C: \ Kullanıcılar \ Tom \ AppData \ Local \ Google \ Update \ GoogleUpdate.exe [2015-08-29] (Google Inc.)

(Se viene aggiunta una voce all'elenco delle correzioni, il file dell'attività (.job) verrà spostato. Il file eseguito dall'attività non verrà spostato.)

Attività: C: \ Windows \ Tasks \ DropboxUpdateTaskMachineCore.job => C: \ Program Files (x86) \ Dropbox \ Update \ DropboxUpdate.exe
Attività: C: \ Windows \ Tasks \ DropboxUpdateTaskMachineUA.job => C: \ Programmi (x86) \ Dropbox \ Update \ DropboxUpdate.exe
Attività: C: \ Windows \ Tasks \ Update_Task.job => C: \ Users \ Tom \ AppData \ Local \ {A81F9 ~ 1 \ UNINST ~ 1.EXE
Attività: C: \ Windows \ Tasks \ {1B7B29A5-081A-DBB0-79E4-101AD15B16AA} .job => C: \ Users \ Tom \ AppData \ Roaming \ {4CE77 ~ 1 \ PRODUC ~ 1.EXE <==== DİKKAT
Attività: C: \ Windows \ Tasks \ {4B63B3D9-A905-B81E-883E-3B544CC01479} .job => C: \ Users \ Tom \ AppData \ Roaming \ {4CE77 ~ 1 \ PRODUC ~ 1.EXE <==== DİKKAT
Attività: C: \ Windows \ Tasks \ {58F8473A-A6D6-EB55-AF4D-772F0358E8D9} .job => C: \ Users \ Tom \ AppData \ Roaming \ PIKEME ~ 1 \ SYNCVE ~ 1.EXE <==== DİKKAT

==================== Scorciatoie e WMI ========================

(Le voci possono essere elencate per il ripristino o la rimozione.)

WMI: subscription \ __ FilterToConsumerBinding-> CommandLineEventConsumer.Name = \ "BVTConsumer \" "Filter =" __ EventFilter.Name = \ "BVTFilter \":
WMI: iscrizione \ __ EventFilter-> BVTFilter:
WMI: subscription \ CommandLineEventConsumer-> BVTConsumer:

==================== Moduli installati (whitelist) ==============

2014-08-14 19:38 - 2013-05-15 01:50 - 000140936 _____ () C: \ Programmi (x86) \ Canon \ IJPLM \ IJPLMSVC.EXE
15/07/2014 19:08 - 25/06/2014 21:24 - 000743960 _____ () C: \ Users \ Tom \ AppData \ Local \ Music Toolbar \ Datamngr \ x64 \ apcrtldr.dll
08/08/2014 13:38 - 08/08/2014 13:38 - 001173504 _____ () C: \ Users \ Tom \ AppData \ Local \ WSE_Astromenda \ BRS \ brs.exe
2018-09-01 09:09 - 2018-10-31 01:06 - 001057056 _____ () C: \ Programmi (x86) \ Steam \ bin \ cef \ cef.win7x64 \ SDL2.dll
01/09/2018 09:09 - 23/09/2018 07:00 - 102804768 _____ () C: \ Programmi (x86) \ Steam \ bin \ cef \ cef.win7x64 \ libcef.dll
01/09/2018 09:09 - 23/09/2018 07:00 - 004866336 _____ () C: \ Programmi (x86) \ Steam \ bin \ cef \ cef.win7x64 \ libglesv2.dll
01/09/2018 09:09 - 23/09/2018 07:00 - 000116000 _____ () C: \ Programmi (x86) \ Steam \ bin \ cef \ cef.win7x64 \ libegl.dll
14/03/2014 09:25 - 22/11/2013 05:22 - 000484880 _____ () C: \ Programmi (x86) \ Dell Backup & Recovery \ Components \ Shell \ DBRCrawler.exe
15/07/2014 19:08 - 25/06/2014 21:24 - 000548888 _____ () C: \ Users \ Tom \ AppData \ Local \ Music Toolbar \ Datamngr \ apcrtldr.dll
2017-04-16 13:14 - 2018-10-31 01:06 - 000879904 _____ () C: \ Programmi (x86) \ Steam \ SDL2.dll
2017-04-16 13:14 - 2016-09-01 08:02 - 004969248 _____ () C: \ Programmi (x86) \ Steam \ v8.dll
16-04-2017 13:14 - 01/09/2016 08:02 - 001563936 _____ () C: \ Programmi (x86) \ Steam \ icui18n.dll
2017-04-16 13:14 - 2016-09-01 08:02 - 001195296 _____ () C: \ Programmi (x86) \ Steam \ icuuc.dll
2017-04-16 13:14 - 2018-11-09 02:02 - 002649376 _____ () C: \ Programmi (x86) \ Steam \ video.dll
15-12-2017 09:45 - 20-12-2017 08:43 - 005137696 _____ () C: \ Programmi (x86) \ Steam \ libavcodec-57.dll
15-12-2017 09:45 - 20-12-2017 08:43 - 000847136 _____ () C: \ Programmi (x86) \ Steam \ libavutil-55.dll
15-12-2017 09:45 - 20-12-2017 08:43 - 000695584 _____ () C: \ Programmi (x86) \ Steam \ libavformat-57.dll
15-12-2017 09:45 - 20-12-2017 08:43 - 000351520 _____ () C: \ Programmi (x86) \ Steam \ libavresample-3.dll
15-12-2017 09:45 - 20-12-2017 08:43 - 000783648 _____ () C: \ Programmi (x86) \ Steam \ libswscale-4.dll
16-04-2017 13:14 - 09-11-2018 02:02 - 001028384 _____ () C: \ Programmi (x86) \ Steam \ bin \ chromehtml.DLL
2017-04-16 13:14 - 2016-07-05 05:17 - 000266560 _____ () C: \ Programmi (x86) \ Steam \ openvr_api.dll
2014-03-14 09:11 - 2013-06-01 19:31 - 001199576 _____ () C: \ Programmi (x86) \ Intel \ Intel (R) Management Engine Components \ LMS \ ACE.dll
09/11/2018 18:07 - 06/11/2018 20:06 - 001141064 _____ () C: \ Program Dosyaları (x86) \ Dropbox \ Client \ dropbox_watchdog.dll
09/11/2018 18:07 - 06/11/2018 20:06 - 002103112 _____ () C: \ Program Dosyaları (x86) \ Dropbox \ Client \ dropbox_crashpad.dll
09-11-2018 18:07 - 06-11-2018 20:09 - 000023376 _____ () C: \ Program Dosyaları (x86) \ Dropbox \ Client \ tornado.speedups.cp35-win32.pyd
09-11-2018 18:07 - 06-11-2018 20:08 - 000025456 _____ () C: \ Program Dosyaları (x86) \ Dropbox \ Client \ cryptography.hazmat.bindings._constant_time.cp35-win32.pyd
09/11/2018 18:07 - 06/11/2018 20:06 - 000142312 _____ () C: \ Programmi (x86) \ Dropbox \ Client \ _cffi_backend.cp35-win32.pyd
09-11-2018 18:07 - 06-11-2018 20:08 - 001953640 _____ () C: \ Program Dosyaları (x86) \ Dropbox \ Client \ cryptography.hazmat.bindings._openssl.cp35-win32.pyd
09-11-2018 18:07 - 06-11-2018 20:08 - 000025960 _____ () C: \ Program Dosyaları (x86) \ Dropbox \ Client \ cryptography.hazmat.bindings._padding.cp35-win32.pyd
09/11/2018 18:07 - 06/11/2018 20:06 - 000118232 _____ () C: \ Programmi (x86) \ Dropbox \ Client \ pywintypes35.dll
09/11/2018 18:07 - 06/11/2018 20:06 - 000109024 _____ () C: \ Programmi (x86) \ Dropbox \ Client \ win32api.cp35-win32.pyd
09/11/2018 18:07 - 06/11/2018 20:08 - 000083784 _____ () C: \ Program Dosyaları (x86) \ Dropbox \ Client \ fastpath.cp35-win32.pyd
09/11/2018 18:07 - 06/11/2018 20:06 - 000418776 _____ () C: \ Programmi (x86) \ Dropbox \ Client \ pythoncom35.dll
2018-11-09 18:07 - 2018-11-06 20:08 - 000074072 _____ () C: \ Programmi (x86) \ Dropbox \ Client \ psutil._psutil_windows.cp35-win32.pyd
09/11/2018 18:07 - 06/11/2018 20:06 - 000027616 _____ () C: \ Programmi (x86) \ Dropbox \ Client \ win32event.cp35-win32.pyd
09/11/2018 18:07 - 06/11/2018 20:06 - 000049128 _____ () C: \ Program Dosyaları (x86) \ Dropbox \ Client \ win32process.cp35-win32.pyd
09/11/2018 18:07 - 06/11/2018 20:06 - 000026600 _____ () C: \ Programmi (x86) \ Dropbox \ Client \ win32clipboard.cp35-win32.pyd
09/11/2018 18:07 - 06/11/2018 20:06 - 000131552 _____ () C: \ Programmi (x86) \ Dropbox \ Client \ win32file.cp35-win32.pyd
09/11/2018 18:07 - 06/11/2018 20:06 - 000182752 _____ () C: \ Programmi (x86) \ Dropbox \ Client \ win32gui.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:06 - 000027616 _____ () C: \ Programmi (x86) \ Dropbox \ Client \ win32pipe.cp35-win32.pyd
09/11/2018 18:07 - 06/11/2018 20:06 - 000119272 _____ () C: \ Program Dosyaları (x86) \ Dropbox \ Client \ win32security.cp35-win32.pyd
09/11/2018 18:07 - 06/11/2018 20:09 - 000401752 _____ () C: \ Program Dosyaları (x86) \ Dropbox \ Client \ win32com.shell.shell.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:06 - 000028640 _____ () C: \ Programmi (x86) \ Dropbox \ Client \ win32job.cp35-win32.pyd
09-11-2018 18:07 - 06-11-2018 20:09 - 000034664 _____ () C: \ Program Dosyaları (x86) \ Dropbox \ Client \ winffi.kernel32.compiled._winffi_kernel32.cp35-win32.pyd
09-11-2018 18:07 - 06-11-2018 20:09 - 000061792 _____ () C: \ Program Dosyaları (x86) \ Dropbox \ Client \ winshell.compiled._winshell.cp35-win32.pyd
09/11/2018 18:07 - 06/11/2018 20:06 - 000023520 _____ () C: \ Programmi (x86) \ Dropbox \ Client \ mmapfile.cp35-win32.pyd
09/11/2018 18:07 - 06/11/2018 20:06 - 000053736 _____ () C: \ Programmi (x86) \ Dropbox \ Client \ win32service.cp35-win32.pyd
09/11/2018 18:07 - 06/11/2018 20:06 - 000065504 _____ () C: \ Programmi (x86) \ Dropbox \ Client \ win32evtlog.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:08 - 000025944 _____ () C: \ Program Dosyaları (x86) \ Dropbox \ Client \ cpuid.compiled._cpuid.cp35-win32.pyd
09-11-2018 18:07 - 06-11-2018 20:09 - 000068968 _____ () C: \ Program Dosyaları (x86) \ Dropbox \ Client \ winenumhandles.compiled._WinEnumHandles.cp35-win32.pyd
09-11-2018 18:07 - 06-11-2018 20:09 - 000028520 _____ () C: \ Program Dosyaları (x86) \ Dropbox \ Client \ winscreenshot.compiled._CaptureScreenshot.cp35-win32.pyd
09-11-2018 18:07 - 06-11-2018 20:08 - 000027488 _____ () C: \ Program Dosyaları (x86) \ Dropbox \ Client \ crashpad.compiled._Crashpad.cp35-win32.pyd
09/11/2018 18:07 - 06/11/2018 20:06 - 000032224 _____ () C: \ Programmi (x86) \ Dropbox \ Client \ win32ts.cp35-win32.pyd
09/11/2018 18:07 - 06/11/2018 20:08 - 000156504 _____ () C: \ Program Files (x86) \ Dropbox \ Client \ PyQt5.QtWebEngineWidgets.cp35-win32.pyd
09/11/2018 18:07 - 06/11/2018 20:09 - 000092488 _____ () C: \ Programmi (x86) \ Dropbox \ Client \ sip.cp35-win32.pyd
09-11-2018 18:07 - 06-11-2018 20:08 - 001778000 _____ () C: \ Program Dosyaları (x86) \ Dropbox \ Client \ PyQt5.QtCore.cp35-win32.pyd
09-11-2018 18:07 - 06-11-2018 20:08 - 000518992 _____ () C: \ Programmi (x86) \ Dropbox \ Client \ PyQt5.QtNetwork.cp35-win32.pyd
09/11/2018 18:07 - 06/11/2018 20:08 - 000052056 _____ () C: \ Programmi (x86) \ Dropbox \ Client \ PyQt5.QtWebEngineCore.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:08 - 001929552 _____ () C: \ Programmi (x86) \ Dropbox \ Client \ PyQt5.QtGui.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:08 - 003821392 _____ () C: \ Programmi (x86) \ Dropbox \ Client \ PyQt5.QtWidgets.cp35-win32.pyd
09-11-2018 18:07 - 06-11-2018 20:08 - 000044888 _____ () C: \ Programmi (x86) \ Dropbox \ Client \ PyQt5.QtWebChannel.cp35-win32.pyd
09/11/2018 18:07 - 06/11/2018 20:08 - 000132944 _____ () C: \ Programmi (x86) \ Dropbox \ Client \ PyQt5.QtWebKit.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:08 - 000218456 _____ () C: \ Programmi (x86) \ Dropbox \ Client \ PyQt5.QtWebKitWidgets.cp35-win32.pyd
09/11/2018 18:07 - 06/11/2018 20:08 - 000205656 _____ () C: \ Program Dosyaları (x86) \ Dropbox \ Client \ PyQt5.QtPrintSupport.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:06 - 000061408 _____ () C: \ Programmi (x86) \ Dropbox \ Client \ win32print.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:09 - 000051552 _____ () C: \ Program Dosyaları (x86) \ Dropbox \ Client \ winrpcserver.compiled._RPCServer.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:06 - 000027624 _____ () C: \ Program Dosyaları (x86) \ Dropbox \ Client \ win32profile.cp35-win32.pyd
2018-11-09 18:07 - 2018-11-06 20:09 - 000033632 _____ ()
M

malsaurus

Membro TS
  • #22
(Anche se ho perseveranza, non mi permette di pubblicare la seconda metà).
M

malsaurus

Membro TS
  • #23
(Posso inviare file)?
arma

arma

Malware Exterminator
  • #24
In futuro, se si verifica un problema con la pubblicazione giornaliera, aggiungilo.
Eseguiremo di nuovo FRST, quindi non preoccuparti per ora.

Per adesso...

Disinstallare i seguenti programmi indesiderati:

Barra degli strumenti musicale
Web'de Arama (Yahoo!)
WSE Rocket
WSE_Astromenda


Scarica RogueKiller Salvalo sul desktop utilizzando uno dei collegamenti seguenti:

Collegamento 1
Collegamento 2
  • Chiudi tutti i programmi in esecuzione
  • Fare doppio clic sul download setup.exe installa il programma.
  • Clic Inizia scansione pulsante.
  • Fare clic su un altro Inizia scansione pulsante.
  • Attendi finché non viene visualizzata la casella di stato Scansione completata
  • Clic Rimuovi i selezionati.
  • Attendi finché non viene visualizzata la casella di stato Elimina completato.
  • Clic Avviso Copia il contenuto del Blocco note e incollalo nella tua prossima risposta.
  • RKreport.txt Può anche essere trovato sul tuo desktop.
  • Se vengono generati più registri, salvare tutti i registri.
Si prega di scaricare Malwarebytes sul desktop.
  • Doppio click Configurazione simile a MB3 per il consumatore {versione} .exe e segui le istruzioni per installare il programma.
  • Quindi fare clic su finire.
  • Dopo che il programma è stato completamente aggiornato, Scannerizza ora al di sopra di Pannello di controllo. O Scansione delle minacce -e scansione Menù.
  • Se è disponibile un altro aggiornamento delle definizioni, verrà applicato prima del resto della procedura di screening.
  • Quando la scansione è completa, tutte le minacce selezionato e fare clic Rimuovi i selezionati.
  • Riavvia il tuo computer quando richiesto.
  • Il registro della scansione è disponibile in Cronologia -> Registri dell'applicazione. Pubblica il contenuto nella tua prossima risposta.
Si prega di scaricare AdwCleaner Salva con xplode e salva sul desktop.
  • Fare doppio clic su di esso AdwCleaner.exe per eseguire lo strumento.
    Visualizza/Windows 7/8/10 gli utenti fanno clic con il tasto destro e Esegui come amministratore
  • Lo strumento inizierà ad aggiornare il database, se necessario.
  • Clic scansione pulsante.
  • AdwCleaner inizierà ... sii paziente poiché il completamento della scansione potrebbe richiedere del tempo.
  • Al termine della scansione File di registro pulsante.
  • Si aprirà una finestra con l'elenco dei log delle tue scansioni.
  • Clic Scheda Scansione.
  • Fare doppio clic sulla scansione più recente che sarà in cima alla lista .... apparirà il registro.
  • Rivedi i risultati ... vedi nota sotto
  • Dopo aver esaminato il diario, Pulito pulsante.
  • stampa OK Quando viene richiesto di chiudere tutti i programmi e seguire le istruzioni sullo schermo.
  • stampa OK Ancora una volta per consentire ad AdwCleaner di riavviare il computer e completare la disinstallazione.
  • Dopo aver riavviato un rapporto sul file di registro (AdwCleaner [CX] txt) si aprirà automaticamente ( X rappresenta il report più recente).
  • Avvia AdwareClearer per aprire un registro di pulizia, File di registro Fare clic sul pulsante, quindi sulla scheda Pulizia e fare doppio clic sul registro nella parte superiore dell'elenco.
  • Copia e incolla il contenuto di AdwCleaner [CX] .txt nella tua prossima risposta.
  • Una copia di tutti i file di registro viene salvata nella cartella C: \ AdwCleaner.
-- NonIl contenuto del file di registro di AdwCleaner può creare confusione. Se il nome o la voce di un programma che conosci e conosci non verrà rimosso, non preoccuparti. Se vedi una voce che desideri mantenere, torna ad AdwCleaner Prima della pulizia... tutti gli elementi rilevati sono elencati (e contrassegnati) in ciascuna scheda. Fare clic e deselezionare gli elementi che si desidera conservare.
M

malsaurus

Membro TS
  • #25
RogueKiller Malware Protection V13.0.8.0 (x64) (6 novembre 2018) (gratuito) di Adlice Software
posta:
Sito web : https://adlice.com/download/roguekiller/
Sistema operativo: Windows 7 (6.1.7601 Service Pack 1) 64 bit
Avvio: modalità normale
Utente: Tom [Admin]
Iniziato da: C: \ Programmi \ RogueKiller \ RogueKiller64.exe
Modalità: scansione standard, eliminazione - Data: 2018/11/11 08:04:51 (durata: 01:11:15)
Tasti: -refid 3

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Sil ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤
[PUP.Gen1 (Potenzialmente dannoso)] sysctrl.exe [iMesh Inc.] -% localappdata% \ Music Toolbar \ Datamngr \ sysctrl.exe -> Killed [Tree]
[PUP.Gen1 (Potenziale dannoso)] sysctrl.exe [iMesh Inc.] -% localappdata% \ Music Toolbar \ Datamngr \ x64 \ sysctrl.exe -> Killed [Tree]
[PUP.Gen1 (Potenzialmente dannoso)] DatamngrCoordinator.exe [iMesh Inc.] -% localappdata% \ Music Toolbar \ Datamngr \ DatamngrCoordinator.exe -> Killed [Tree]
[PUP.Gen1 (Potenzialmente dannoso)] DatamngrCoordinator.exe [iMesh Inc.] -% localappdata% \ Music Toolbar \ Datamngr \ DatamngrCoordinator.exe ->
[PUP.Gen1 (Potenzialmente dannoso)] apcrtldr.dll [iMesh Inc.] -% localappdata% \ Music Toolbar \ Datamngr \ x64 \ apcrtldr.dll -> Scaricato
[PUP.Gen1 (Potenzialmente dannoso)] apcrtldr.dll [iMesh Inc.] -% localappdata% \ Music Toolbar \ Datamngr \ apcrtldr.dll -> Scaricato
[Suspect.Path (Potentially Malicious)] C: \ Windows \ Tasks \ Update_Task.job - C: \ Users \ Tom \ AppData \ Local \ (A81F9 ~ 1 \ UNINST ~ 1.EXE (/ Control) -> Eliminato
[Suspect.Path (Potentially Malicious)] C: \ Windows \ Tasks \ (58F8473A-A6D6-EB55-AF4D-772F0358E8D9) .job - C: \ Users \ Tom \ AppData \ Roaming \ PIKEME ~ 1 \ SYNCVE ~ 1 EXE (/ Control) -> Eliminato
[Hj.Name | Suspicious.Path (Malicious)] \ RumbleTwistingsV2 - rundll32.exe (SophisticsClomp.dll, main 7 1) -> Eliminato
[Suspect.Path (Potentially Malicious)] \ Update_Task - C: \ Users \ Tom \ AppData \ Local \ (A81F9 ~ 1 \ UNINST ~ 1.EXE (/ Check) -> ERROR [80070002]
[Hj.Shortcut (dannoso)] \ {082BE67B-F24C-41EE-B5EB-5404A560143B} - "C: \ Program Files \ Internet Explorer \ iexplore.exe" (http://ui.skype.com/ui/0/7.28.80.101/en/abandoninstall?page=tsProgressBar) -> Eliminato
[Suspect.Road | VT.Unknown (Potenzialmente dannoso)] C: \ Windows \ Tasks \ (4B63B3D9-A905-B81E-883E-3B544CC01479) .job - C: \ Users \ Tom \ AppData \ Roaming \ (4CE77 ~ 1 \ PRODUC ~ 1 .EXE (/ Check) -> Eliminato
[Hj.Shortcut (Malicious)] \ {2854433C-02E7-46A0-A7C9-D5FC3A79EB74} - "c: \ program files (x86) \ mozilla firefox \ firefox.exe" (http://ui.skype.com/ui/0/6.14.0.104/en/abandoninstall?source=lightinstaller&page=tsInstall) -> Eliminato
[Suspect.Path (Potentially Malicious)] \ (58F8473A-A6D6-EB55-AF4D-772F0358E8D9) - C: \ Users \ Tom \ AppData \ Roaming \ PIKEME ~ 1 \ SYNCVE ~ 1.EXE (/ Check) - > ERRORE [80070002]
[Suspect.Road | VT.Unknown (Potenzialmente dannoso)] \ (1B7B29A5-081A-DBB0-79E4-101AD15B16AA} - C: \ Users \ Tom \ AppData \ Roaming \ (4CE77 ~ 1 \ PRODUC ~ 1.EXE (/ Check) -> Eliminato
[Suspect.Road | VT.Unknown (Potenzialmente dannoso)] C: \ Windows \ Tasks \ (1B7B29A5-081A-DBB0-79E4-101AD15B16AA) .job - C: \ Users \ Tom \ AppData \ Roaming \ (4CE77 ~ 1 \ PRODUC ~ 1 .EXE (/ Check) -> ERRORE [80070002]
[PUP.Gen0 (Potenzialmente dannoso)] HKEY_CLASSES_ROOT \ CLSID \ (474597C5-AB09-49d6-A4D5-2E8D7341384E) - -> Eliminato
[PUP.Gen0 (Potenzialmente dannoso)] HKEY_CLASSES_ROOT \ CLSID \ (950F80EF-32C2-47dd-9C35-9576E21EE66E) - -> Eliminato
[PUP.BearShare | PUP.Gen1 (Potenzialmente dannoso)] HKEY_LOCAL_MACHINE \ Software \ Datamngr - -> Eliminato
[PUP.Gen1 (Potenzialmente dannoso)] HKEY_USERS \ S-1-5-21-252852572-1064671646-1800406956-1001 \ Software \ BrotherSoft - -> Eliminato
[PUP.BearShare | PUP.Gen1 (Potenzialmente dannoso)] HKEY_USERS \ S-1-5-21-252852572-1064671646-1800406956-1001 \ Software \ Datamngr - -> Eliminato
[PUP.Gen1 (Potenzialmente dannoso)] HKEY_USERS \ S-1-5-21-252852572-1064671646-1800406956-1001 \ Software \ ForumerIT - -> Eliminato
[PUP.Gen1 (Potenzialmente dannoso)] HKEY_USERS \ S-1-5-21-252852572-1064671646-1800406956-1001 \ Software \ InstallCore - -> Eliminato
[PUP.Gen1 (Potenzialmente dannoso)] HKEY_USERS \ S-1-5-21-252852572-1064671646-1800406956-1001 \ Software \ Rocket Browser - -> Eliminato
[PUP.Gen1 (Potenzialmente dannoso)] HKEY_USERS \ S-1-5-21-252852572-1064671646-1800406956-1001 \ Software \ RocketUpdater - -> Eliminato
[PUP.Gen1 (Potenzialmente dannoso)] HKEY_USERS \ S-1-5-21-252852572-1064671646-1800406956-1001 \ Software \ Softonic - -> Eliminato
[PUP.Gen1 (Potenzialmente dannoso)] HKEY_USERS \ S-1-5-21-252852572-1064671646-1800406956-1001 \ Software \ UpdateStar - -> Eliminato
[PUP.Gen1 (Potenzialmente dannoso)] HKEY_USERS \ S-1-5-21-252852572-1064671646-1800406956-1001 \ Software \ wincy - -> Eliminato
[PUP.Gen1 (Potenzialmente dannoso)] HKEY_USERS \ S-1-5-21-252852572-1064671646-1800406956-1001 \ Software \ WSE_Astromenda - -> Eliminato
[PUP.Gen1 (Potenzialmente dannoso)] HKEY_USERS \ S-1-5-21-252852572-1064671646-1800406956-1001 \ Software \ yahooprovidedsearch - -> Eliminato
[PUP.Gen1 (Potenzialmente dannoso)] HKEY_USERS \ S-1-5-21-252852572-1064671646-1800406956-1001 \ Software \ BrotherSoft - -> Eliminato
[PUP.BearShare | PUP.Gen1 (Potenzialmente dannoso)] HKEY_USERS \ S-1-5-21-252852572-1064671646-1800406956-1001 \ Software \ Datamngr - -> Eliminato
[PUP.Gen1 (Potenzialmente dannoso)] HKEY_USERS \ S-1-5-21-252852572-1064671646-1800406956-1001 \ Software \ ForumerIT - -> Eliminato
[PUP.Gen1 (Potenzialmente dannoso)] HKEY_USERS \ S-1-5-21-252852572-1064671646-1800406956-1001 \ Software \ InstallCore - -> Eliminato
[PUP.Gen1 (Potenzialmente dannoso)] HKEY_USERS \ S-1-5-21-252852572-1064671646-1800406956-1001 \ Software \ Rocket Browser - -> Eliminato
[PUP.Gen1 (Potenzialmente dannoso)] HKEY_USERS \ S-1-5-21-252852572-1064671646-1800406956-1001 \ Software \ RocketUpdater - -> Eliminato
[PUP.Gen1 (Potenzialmente dannoso)] HKEY_USERS \ S-1-5-21-252852572-1064671646-1800406956-1001 \ Software \ Softonic - -> Eliminato
[PUP.Gen1 (Potenzialmente dannoso)] HKEY_USERS \ S-1-5-21-252852572-1064671646-1800406956-1001 \ Software \ UpdateStar - -> Eliminato
[PUP.Gen1 (Potenzialmente dannoso)] HKEY_USERS \ S-1-5-21-252852572-1064671646-1800406956-1001 \ Software \ wincy - -> Eliminato
[PUP.Gen1 (Potenzialmente dannoso)] HKEY_USERS \ S-1-5-21-252852572-1064671646-1800406956-1001 \ Software \ WSE_Astromenda - -> Eliminato
[PUP.Gen1 (Potenzialmente dannoso)] HKEY_USERS \ S-1-5-21-252852572-1064671646-1800406956-1001 \ Software \ yahooprovidedsearch - -> Eliminato
[Percorso sospetto (potenzialmente dannoso)] HKEY_LOCAL_MACHINE \ System \ ControlSet001 \ Services \ MpKsl9b5e44a7 - [% programdata% \ Microsoft \ Microsoft] -> Eliminato
[Suspect.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE \ System \ ControlSet001 \ Services \ OATool - [% SystemDrive% \ Users \ ADMINI ~ 1 \ AppData \ Local \ Temp \ OAToolx64.sys] -> Eliminato
[Estensione non valida (dannosa)] HKEY_LOCAL_MACHINE \ System \ ControlSet001 \ Services \ PCDSRVC (D3412D80-CF3B4A27-06020200) _0 - [% ProgramFiles% \ My Dell \ pcdsrvc_x64.pkms] -> Eliminato
[Percorso sospetto (potenzialmente dannoso)] HKEY_LOCAL_MACHINE \ System \ ControlSet002 \ Services \ MpKsl9b5e44a7 - [% programdata% \ Microsoft \ Microsoft] -> Eliminato
[Suspect.Path (Potentially Malicious)] HKEY_LOCAL_MACHINE \ System \ ControlSet002 \ Services \ OATool - [% SystemDrive% \ Users \ ADMINI ~ 1 \ AppData \ Local \ Temp \ OAToolx64.sys] -> Eliminato
[Estensione non valida (dannosa)] HKEY_LOCAL_MACHINE \ System \ ControlSet002 \ Services \ PCDSRVC (D3412D80-CF3B4A27-06020200) _0 - [% ProgramFiles% \ My Dell \ pcdsrvc_x64.pkms] -> Eliminato
[PUM.StartMenu (potenzialmente dannoso)] HKEY_USERS \ S-1-5-21-252852572-1064671646-1800406956-1001 \ Software \ Microsoft \ Windows \ CurrentVersion \ Explorer \ Advanced | Start_ShowMyGames - -> Modificato (1)
[PUM.StartMenu (potenzialmente dannoso)] HKEY_USERS \ S-1-5-21-252852572-1064671646-1800406956-1001 \ Software \ Microsoft \ Windows \ CurrentVersion \ Explorer \ Advanced | Start_ShowMyGames - -> Modificato (1)
[PUP.Gen1 (Potentially Malicious)] Music Toolbar -% _Tom_appdata% \ Music Toolbar -> Eliminato
[PUP.Gen1 (potenzialmente dannoso)] RocketUpdater -% _Tom_appdata% \ RocketUpdater -> Eliminato
[PUP.Gen1 (Potenzialmente dannoso)] WSE_Astromenda -% _Tom_appdata% \ WSE_Astromenda -> Eliminato
[PUP.Gen1 (Potenzialmente dannoso)] iMesh -% localappdata% \ iMesh -> Eliminato
[PUP.Gen1 (Potentially Malicious)] Music Toolbar -% localappdata% \ Music Toolbar -> Rimosso al riavvio [91]
[PUP.Gen1 (Potentially Malicious)] Rocket -% localappdata% \ Rocket -> Eliminato
[PUP.Gen1 (Potenzialmente dannoso)] iMesh -% localappdata% \ iMesh -> Rimosso al riavvio [2]
[PUP.Gen1 (Potenzialmente dannoso)] Music Toolbar -% localappdata% \ Music Toolbar -> Rimosso al riavvio [91]
[PUP.Gen1 (Potentially Malicious)] Rocket -% localappdata% \ Rocket -> Rimosso al riavvio [2]
[PUP.Gen1 (Potentially Malicious)] Music Toolbar -% _Tom_appdata% \ Music Toolbar -> Rimosso al riavvio [2]
[PUP.Gen1 (Potentially Malicious)] RocketUpdater -% _Tom_appdata% \ RocketUpdater -> Rimosso al riavvio [2]
[PUP.Gen1 (Potenzialmente dannoso)] WSE_Astromenda -% _Tom_appdata% \ WSE_Astromenda -> Rimosso al riavvio [2]
[PUM.SearchEngine (Potentially Malicious)] browser.search.defaultenginename - YHS -> Eliminato
[PUM.SearchEngine (Potentially Malicious)] browser.search.selectedEngine - YHS -> Eliminato

ultimi post

  • Nobina
    L'interfaccia desktop classica di YouTube andrà bene il mese prossimo
  • G
    La nuova cerniera Razr di Motorola si è "rotta" dopo 27.000 test di resistenza
  • Sikloid Torus
    Problema con lo schermo
  • N
    Apple ha lanciato silenziosamente un programma di riparazione interna per iPhone
  • Steve
    Recensione AMD Threadripper 3990X: Absolute Madness!
  • VitalyT
    Il veicolo R2 di Nuro ha ottenuto la prima esenzione legale dall'NHTSA per una società privata ...
  • K
    Come realizzare un semplice gioco di ruolo?
  • Morris Small
    Il cane da guardia francese multa $ 27 milioni per Apple che rallenta i vecchi iPhone