Additional scan result of Farbar Recovery Scan Tool (x64) Version: 8.02.2019
Ran by Gianluca (09-02-2019 16:00:44)
Running from C:\Users\Gianluca\Desktop
Windows 10 Home Version 1809 17763.253 (X64) (2018-11-14 17:42:32)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3053400165-3691748969-558033575-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3053400165-3691748969-558033575-503 - Limited - Disabled)
Gianluca (S-1-5-21-3053400165-3691748969-558033575-1001 - Administrator - Enabled) => C:\Users\Gianluca
Guest (S-1-5-21-3053400165-3691748969-558033575-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3053400165-3691748969-558033575-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Free (Enabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
AS: Kaspersky Free (Enabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: COMODO Firewall (Enabled) {3083CA8D-8618-5BD3-8A5F-9667D5C8267D}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
. . (HKLM\...\{3D383E25-72E7-4F09-AA1C-9ADE6A2EF42F}) (Version: 7.1 - Intel) Hidden
. . . (HKLM-x32\...\{0C9A6167-6560-4085-9C35-EDB1AE105328}) (Version: 3.2.0.9 - Intel) Hidden
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
AIMP (HKLM-x32\...\AIMP) (Version: v4.51.2084, 01.12.2018 - AIMP DevTeam)
Alien Skin Xenofex 2.0 (HKLM-x32\...\Xenofex2) (Version: - )
All PDF Converter Pro (HKLM-x32\...\{B8036B88-4488-4260-A1DA-283A9B2D8D20}) (Version: 4.2.2.1 - PDFConverters)
Assistente aggiornamento Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22589 - Microsoft Corporation)
aTube Catcher versione 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
COMODO Firewall (HKLM\...\{B8984934-ED63-43B4-B1CF-B3928B55F05D}) (Version: 11.0.0.6744 - COMODO Security Solutions Inc.) Hidden
COMODO Firewall (HKLM\...\COMODO Internet Security) (Version: 11.0.0.6744 - COMODO Security Solutions Inc.)
EaseUS Todo Backup Free 11.5 (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 11.5 - CHENGDU YIWO Tech Development Co., Ltd)
FILEminimizer Pictures (HKLM-x32\...\FILEminimizer Pictures_is1) (Version: - balesio AG)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.96 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
GPAC (remove only) (HKLM-x32\...\GPAC) (Version: - )
Inkscape 0.92.3 (HKLM-x32\...\Inkscape) (Version: 0.92.3 - Inkscape Project)
Intel(R) Computing Improvement Program (HKLM\...\{699E6891-25C3-443A-9B8E-80C74F0172C8}) (Version: 2.1.03413 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4885 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{4d839fe1-a8d3-4edc-b0ca-844394309856}) (Version: 3.2.0.9 - Intel)
Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.3.447691.139 - Comodo)
IObit Unlocker (HKLM-x32\...\IObit Unlocker_is1) (Version: 1.1.2 - IObit)
Kaspersky Free (HKLM-x32\...\{5AAE61FF-858E-453E-B8F3-944618149975}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden
Kaspersky Free (HKLM-x32\...\InstallWIX_{5AAE61FF-858E-453E-B8F3-944618149975}) (Version: 18.0.0.405 - Kaspersky Lab)
KeePass Password Safe 2.41 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.41 - Dominik Reichl)
Kingston SSD Manager version 1.1.0.5 (HKLM-x32\...\{9A5DD901-0B98-4F2B-9421-B5975014184F}_is1) (Version: 1.1.0.5 - Kingston Digital, Inc)
Kingston SSD Toolbox (C:\Program Files (x86)\Kingston SSD Toolbox) (HKLM-x32\...\Kingston SSD Toolbox) (Version: 1.0.0.0 - Kingston)
LibreOffice 6.0 Help Pack (Italian) (HKLM\...\{ADDE04D8-1E80-4447-98AA-EC264859DCD6}) (Version: 6.0.3.2 - The Document Foundation)
LibreOffice 6.1.3.2 (HKLM\...\{70F02214-8FF6-48DF-AF3E-7D1A5F7A6BAC}) (Version: 6.1.3.2 - The Document Foundation)
LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.9 - Thibaut Lauziere)
Malwarebytes versione 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
Microsoft Office Professional Plus 2019 - en-us (HKLM\...\ProPlus2019Retail - en-us) (Version: 16.0.11231.20130 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - it-it (HKLM\...\ProPlus2019Retail - it-it) (Version: 16.0.11231.20130 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3053400165-3691748969-558033575-1001\...\OneDriveSetup.exe) (Version: 18.240.1202.0004 - Microsoft Corporation)
Microsoft Project Professional 2019 - en-us (HKLM\...\ProjectPro2019Retail - en-us) (Version: 16.0.11231.20130 - Microsoft Corporation)
Microsoft Project Professional 2019 - it-it (HKLM\...\ProjectPro2019Retail - it-it) (Version: 16.0.11231.20130 - Microsoft Corporation)
Microsoft Visio Professional 2019 - en-us (HKLM\...\VisioPro2019Retail - en-us) (Version: 16.0.11231.20130 - Microsoft Corporation)
Microsoft Visio Professional 2019 - it-it (HKLM\...\VisioPro2019Retail - it-it) (Version: 16.0.11231.20130 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27012 (HKLM-x32\...\{427ada59-85e7-4bc8-b8d5-ebf59db60423}) (Version: 14.16.27012.6 - Microsoft Corporation)
Mozilla Firefox 64.0.2 (x64 it) (HKLM\...\Mozilla Firefox 64.0.2 (x64 it)) (Version: 64.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.1 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11231.20130 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11231.20130 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.11231.20130 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0410-1000-0000000FF1CE}) (Version: 16.0.11231.20130 - Microsoft Corporation) Hidden
Opera Stable 57.0.3098.116 (HKLM-x32\...\Opera 57.0.3098.116) (Version: 57.0.3098.116 - Opera Software)
Pacchetto driver Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.)
qBittorrent 4.1.5 (HKLM-x32\...\qBittorrent) (Version: 4.1.5 - The qBittorrent project)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.1.2 - Krzysztof Kowalczyk)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.4.3.38 - Synaptics Incorporated)
TOSHIBA Audio Enhancement (HKLM\...\{1515F5E3-29EA-4CD1-A981-032D88880F09}) (Version: 2.0.18.6 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{72EFCFA8-3923-451D-AF52-7CE9D87BC2A1}) (Version: 3.0.0.6406 - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{B507386D-1F61-4E55-B05B-F56ACB0086B3}) (Version: 5.02.02.6400 - Toshiba Client Solutions Co., Ltd.)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.01.0002 - Toshiba Corporation)
TOSHIBA System Settings (HKLM\...\{B040D5C9-C9AA-430A-A44E-696656012E61}) (Version: 3.0.6.6401 - Toshiba Corporation)
TOSHIBA Web Camera Application (HKLM-x32\...\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}) (Version: 2.0.3.35 - TOSHIBA Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{91684B6D-153D-4C12-B6B1-59F7496BE44A}) (Version: 2.50.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
Vegas Pro 9.0 (HKLM-x32\...\{DC785DB7-D389-48C3-B146-96FE99BF4E2B}) (Version: 9.0.563 - Sony)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Resource Kit Tools - SubInAcl.exe (HKLM-x32\...\{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}) (Version: 5.2.3790.1164 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.74.0.150 - Zemana Ltd.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3053400165-3691748969-558033575-1001_Classes\CLSID\{3D3B1846-CC43-42AE-BFF9-D914083C2BA3}\InprocServer32 -> C:\Program Files\SumatraPDF\PdfPreview.dll ()
CustomCLSID: HKU\S-1-5-21-3053400165-3691748969-558033575-1001_Classes\CLSID\{55808EA8-81FE-43c6-AAE8-1D8149F941D3}\InprocServer32 -> C:\Program Files\SumatraPDF\PdfFilter.dll ()
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2019-02-09] (Zemana Ltd. -> )
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2018-12-17] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers1: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 18.0.0\x64\ShellEx.dll [2018-11-08] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers1: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2018-10-22] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd)
ContextMenuHandlers1: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2015-07-15] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2018-12-17] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers2: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 18.0.0\x64\ShellEx.dll [2018-11-08] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers2: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2018-10-22] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd)
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers4: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 18.0.0\x64\ShellEx.dll [2018-11-08] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers4: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => C:\Program Files (x86)\EaseUS\Todo Backup\bin\x64\ImageSh.dll [2018-10-22] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co.,Ltd)
ContextMenuHandlers4: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2015-07-15] (IObit Information Technology -> IObit)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2018-01-02] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2019-02-09] (Zemana Ltd. -> )
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2018-12-17] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers6: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 18.0.0\x64\ShellEx.dll [2018-11-08] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers6: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2015-07-15] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-26] (win.rar GmbH -> Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {28DDD338-0862-4797-A36E-4FD235C8A354} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2018-12-17] (Comodo Security Solutions, Inc. -> COMODO)
Task: {2EEDA5D0-3FFC-4A56-93A3-8AFF20EC9B94} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2019-01-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {30EC6995-3906-460B-92BC-0AF9543CF310} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {39D51EC7-FAAF-48E1-AEEC-62F3076453C3} - System32\Tasks\
AdobeAAMUpdater-1.0-MicrosoftAccount-gurugls@hotmail.it => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
Task: {3F18B0FD-CD5F-4C1E-84EF-FC09E5098A2D} - System32\Tasks\Uninstaller_SkipUac_Gianluca => C:\Prog USB\Utility PC\Disinstallatori e file\IObitUninstallerPortable\App\uninstaller\IObitUninstaler.exe [2015-08-24] (IObit Information Technology -> IObit)
Task: {4227ECC9-F3E3-4E98-BF22-F53DE87D9087} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-02-09] (Google Inc -> Google Inc.)
Task: {42BD345C-7B21-41E5-A941-E03392A43254} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2018-12-17] (Comodo Security Solutions, Inc. -> COMODO)
Task: {49AE1068-ADD7-40F5-A162-C9196218677B} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [2018-12-17] (Comodo Security Solutions, Inc. -> COMODO)
Task: {52FA9EB6-B4F4-4471-800C-A256E893DB97} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {590A80B0-DDDB-4915-BBE9-DB731FEFCD45} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {5937EE06-6EB3-4F69-9AA3-A389ABEAC40D} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2019-02-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {652DBAD8-019D-4E24-B193-9BE2B6E5A153} - System32\Tasks\S-1-5-21-3053400165-3691748969-558033575-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2018-09-15] (Microsoft Windows -> Microsoft Corporation)
Task: {9153137E-B689-4A13-B72D-A9A7A0D6B08B} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2018-12-17] (Comodo Security Solutions, Inc. -> COMODO)
Task: {9870D1A0-3275-4894-A586-6961DA35023B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [2019-02-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {A1FC6030-BAB1-4174-88FD-02B971F6945B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-02-09] (Google Inc -> Google Inc.)
Task: {A56D491F-1921-45F8-BE44-FAD5F8155D3D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [2019-02-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {AAE48835-D8E2-421A-AD25-FEA43AC27437} - System32\Tasks\Opera scheduled Autoupdate 1502913746 => C:\Program Files\Opera\launcher.exe [2019-01-09] (Opera Software AS -> Opera Software)
Task: {B4056D3C-2803-4513-88DE-023205719C17} - System32\Tasks\Driver Booster SkipUAC (Gianluca) => C:\Program Files (x86)\IObit\Driver Booster\4.5.0\DriverBooster.exe
Task: {D2F5B76A-B8AF-4026-8D83-B77BDD1979D7} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2019-02-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {D7B74A0A-8C24-4B17-820C-94C1DDB06926} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2018-12-17] (Comodo Security Solutions, Inc. -> COMODO)
Task: {D8E8BFB7-C5A5-4CC2-81DD-99D2C694D4E4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2019-02-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {DBA85BC7-2444-4DA7-A9F0-C3E46B3E21BB} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {E0819C0B-16B9-4719-8946-CC59FEE4C7A3} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2018-12-17] (Comodo Security Solutions, Inc. -> COMODO)
Task: {EBB8A2E7-CE9F-4922-B316-5FF639EEBE86} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {F57E429F-98A1-456C-8A58-9DBC06AD7FD0} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2018-12-17] (Comodo Security Solutions, Inc. -> COMODO)
Task: {F98A9C26-5DC8-45A5-BB97-303EDE215078} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2019-01-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {FD7E4B41-C363-41EB-AA66-75475C76FE7E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2019-02-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {FDC13528-82BC-4E2F-B0E4-FEF19E143F47} - System32\Tasks\Kingston SSD Toolbox => C:\Program Files (x86)\Kingston SSD Toolbox\Kingston SSD Toolbox.exe [2017-12-28] (Flexera Software) [File not signed] <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Gianluca.job => C:\Prog USB\Utility PC\Disinstallatori e file\IObitUninstallerPortable\App\uninstaller\IObitUninstaler.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Gianluca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Document Manager\Buy Document Manager on online.lnk -> hxxp:
Shortcut: C:\Users\Gianluca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Document Manager\Document Manager on the web.lnk -> hxxp:
==================== Loaded Modules (Whitelisted) ==============
2018-09-15 08:28 - 2018-09-15 08:28 - 000834088 _____ () C:\Windows\System32\InputHost.dll
2018-01-09 00:17 - 2018-12-17 11:58 - 000246464 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdcomps.dll
2018-01-09 00:17 - 2018-12-17 11:59 - 000159424 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdwrhlp.dll
2018-01-09 00:16 - 2018-12-17 11:57 - 000107200 _____ () C:\Program Files\COMODO\COMODO Internet Security\cavwpps.dll
2018-09-15 08:28 - 2018-09-15 08:28 - 000474624 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-12-20 14:05 - 2018-12-20 14:05 - 002801152 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2019-02-09 12:59 - 2019-02-09 12:59 - 000155504 _____ () C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll
2018-01-11 01:25 - 2018-01-11 01:25 - 000182544 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
2018-11-08 14:04 - 2018-10-22 14:18 - 000270480 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
2018-09-15 08:28 - 2018-09-15 08:28 - 001740288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2019-01-05 00:23 - 2019-01-05 00:23 - 002834944 _____ () C:\Program Files\WindowsApps\Microsoft.People_10.1811.3343.0_x64__8wekyb3d8bbwe\People.BackgroundTasks.dll
2019-01-05 00:23 - 2019-01-05 00:23 - 000120320 _____ () C:\Program Files\WindowsApps\Microsoft.People_10.1811.3343.0_x64__8wekyb3d8bbwe\PeopleUtilRT.dll
2019-01-05 00:23 - 2019-01-05 00:23 - 009032704 _____ () C:\Program Files\WindowsApps\Microsoft.People_10.1811.3343.0_x64__8wekyb3d8bbwe\Microsoft.People.NativeComponents.dll
2019-01-30 09:35 - 2019-01-30 09:36 - 000182272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2018-11-08 14:02 - 2018-11-08 14:02 - 004389888 _____ () C:\Program Files\WindowsApps\Microsoft.OneConnect_5.1809.2571.0_x64__8wekyb3d8bbwe\OneConnect.dll
2019-02-09 14:57 - 2019-02-06 03:00 - 005186032 _____ () C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.96\libglesv2.dll
2019-02-09 14:57 - 2019-02-06 03:00 - 000117232 _____ () C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.96\libegl.dll
2018-11-08 13:53 - 2018-11-08 13:56 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2019-01-30 09:35 - 2019-01-30 09:35 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2019-01-10 23:11 - 2019-01-10 23:12 - 005172224 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.20094.0_x64__8wekyb3d8bbwe\YourPhone.exe
2019-01-10 23:11 - 2019-01-10 23:11 - 002172928 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.20094.0_x64__8wekyb3d8bbwe\YourPhone.AppCore.dll
2019-01-10 23:11 - 2019-01-10 23:11 - 001795584 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.20094.0_x64__8wekyb3d8bbwe\PhoneContentDataStore.dll
2019-01-10 23:11 - 2019-01-10 23:11 - 001004032 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.20094.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2019-01-10 23:11 - 2019-01-10 23:11 - 002907136 _____ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.20094.0_x64__8wekyb3d8bbwe\PhoneCommunicationAppService.dll
2018-11-08 14:04 - 2018-10-10 11:01 - 000109712 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CodeLog.dll
2018-11-08 14:04 - 2018-10-22 14:16 - 000019600 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CompressFile.dll
2018-11-08 14:04 - 2016-03-07 18:08 - 001291264 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\libxml2.dll
2018-11-08 14:04 - 2004-10-05 03:08 - 000055808 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\zlib1.dll
2018-11-08 14:04 - 2018-10-22 14:16 - 000024720 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CmcTbProxy.dll
2018-11-08 14:04 - 2018-10-22 14:16 - 000188560 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCPipeCenter.dll
2018-11-08 14:04 - 2018-10-22 14:16 - 000195728 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCAdapt.dll
2018-11-08 14:04 - 2018-10-22 14:16 - 000163472 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCAdapt_RTTO.dll
2018-11-08 14:04 - 2018-10-22 14:18 - 000055952 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBInfo.dll
2018-11-08 14:04 - 2018-10-22 14:16 - 000018064 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCNetTokenProxy.dll
2018-11-08 14:04 - 2018-10-22 14:16 - 000058000 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActivationOnline.dll
2018-11-08 14:04 - 2018-10-22 14:17 - 000704144 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EuActiveOnline.dll
2018-11-08 14:04 - 2018-10-22 14:17 - 000487568 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EULicenseDLL.DLL
2018-11-08 14:04 - 2018-10-22 14:17 - 000021648 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\fsclog.dll
2018-11-08 14:04 - 2018-10-22 14:16 - 000264336 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AuthorizedMng.dll
2018-11-08 14:04 - 2018-10-22 14:16 - 000112272 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CalcScheduleTime.dll
2018-11-08 14:04 - 2018-10-22 14:17 - 000085648 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\logsys.dll
2018-11-08 14:04 - 2018-10-22 14:16 - 000032912 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DiskSearchImg.dll
2018-11-08 14:04 - 2018-10-22 14:17 - 000070800 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\MountImg.dll
2018-11-08 14:04 - 2018-10-22 14:17 - 000169616 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ImgFile.dll
2018-11-08 14:04 - 2018-10-22 14:16 - 000539280 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DsImgFile.dll
2018-11-08 14:04 - 2018-10-22 14:17 - 000078480 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FatLib.dll
2018-11-08 14:04 - 2018-10-22 14:18 - 000318608 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSUtil.dll
2018-11-08 14:04 - 2018-10-22 14:18 - 000211088 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSLib.dll
2018-11-08 14:04 - 2018-10-22 14:16 - 000026256 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CallbackOperator.dll
2018-11-08 14:04 - 2018-10-22 14:16 - 000074384 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CheckImg.dll
2018-11-08 14:04 - 2018-10-22 14:18 - 000141968 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\vhdvmdk.dll
2018-11-08 14:04 - 2018-10-22 14:16 - 000089232 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\BootDriver.dll
2018-11-08 14:04 - 2018-10-22 14:17 - 002458768 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExImage.dll
2018-11-08 14:04 - 2018-10-22 14:16 - 000266384 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBackupSize.dll
2018-11-08 14:04 - 2018-10-22 14:17 - 000162960 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumDisk.dll
2018-11-08 14:04 - 2018-10-22 14:16 - 000029328 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DeviceAdapter.dll
2018-11-08 14:04 - 2018-10-22 14:17 - 000131216 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FileStorage.dll
2018-11-08 14:04 - 2018-10-22 14:17 - 000026768 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\GetDriverInfo.dll
2018-11-08 14:04 - 2018-10-22 14:16 - 000024720 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CorrectMbr.dll
2018-11-08 14:04 - 2018-10-22 14:17 - 000034448 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumTapeDevice.dll
2018-11-08 14:04 - 2018-10-22 14:18 - 000054416 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbTapeBrowse.dll
2018-11-08 14:04 - 2018-10-22 14:18 - 000066192 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\RegLib.dll
2018-11-08 14:04 - 2018-10-22 14:16 - 000026768 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AccountManager.dll
2018-11-08 14:04 - 2018-10-22 14:17 - 000072848 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NasOperator.dll
2018-11-08 14:04 - 2018-10-22 14:16 - 000292496 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBrowser.dll
2018-11-08 14:04 - 2018-10-22 14:16 - 000078992 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CloudOperator.dll
2018-11-08 14:04 - 2018-10-22 14:16 - 000021648 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActiveOnline.dll
2018-11-08 14:04 - 2018-10-22 14:18 - 000138384 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\VMConfig.dll
2018-11-08 14:04 - 2018-10-22 14:18 - 000075408 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\SqlExBrowser.dll
2018-11-08 14:04 - 2018-10-22 14:18 - 000585872 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\SqlSMOCPlusPlus.dll
2018-11-08 14:04 - 2018-10-22 14:17 - 000119952 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FileSearch.dll
2018-11-08 14:04 - 2018-10-22 14:18 - 000045200 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbDataSwap.dll
2018-11-08 14:04 - 2018-10-22 14:16 - 000367760 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DeviceManager.dll
2018-11-08 14:04 - 2018-10-22 14:16 - 000142992 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\Device.dll
2018-11-08 14:04 - 2018-10-22 14:18 - 000149136 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\Partition.dll
2018-11-08 14:04 - 2018-10-22 14:17 - 000052368 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FileSystemAnalyser.dll
2018-11-08 14:04 - 2018-10-22 14:17 - 000064144 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FATFileSystemAnalyser.dll
2018-11-08 14:04 - 2018-10-22 14:16 - 000091792 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\Common.dll
2018-11-08 14:04 - 2018-10-22 14:17 - 000058512 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSFileSystemAnalyser.dll
2018-02-09 18:25 - 2018-02-09 18:25 - 000836968 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 18.0.0\kpcengine.2.3.dll
2018-11-08 14:04 - 2018-10-22 14:18 - 000220304 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\SmartBackup.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com ->
www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com ->
www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com ->
www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com ->
www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com ->
www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com ->
www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com ->
www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com ->
www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com ->
www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info ->
www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com ->
www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com ->
www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com ->
www.123simsen.com
There are 7936 more sites.
IE restricted site: HKU\S-1-5-21-3053400165-3691748969-558033575-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3053400165-3691748969-558033575-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3053400165-3691748969-558033575-1001\...\008k.com ->
www.008k.com
IE restricted site: HKU\S-1-5-21-3053400165-3691748969-558033575-1001\...\00hq.com ->
www.00hq.com
IE restricted site: HKU\S-1-5-21-3053400165-3691748969-558033575-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3053400165-3691748969-558033575-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3053400165-3691748969-558033575-1001\...\0scan.com ->
www.0scan.com
IE restricted site: HKU\S-1-5-21-3053400165-3691748969-558033575-1001\...\1-2005-search.com ->
www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3053400165-3691748969-558033575-1001\...\1-domains-registrations.com ->
www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3053400165-3691748969-558033575-1001\...\1000gratisproben.com ->
www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3053400165-3691748969-558033575-1001\...\1001namen.com ->
www.1001namen.com
IE restricted site: HKU\S-1-5-21-3053400165-3691748969-558033575-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3053400165-3691748969-558033575-1001\...\100sexlinks.com ->
www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3053400165-3691748969-558033575-1001\...\10sek.com ->
www.10sek.com
IE restricted site: HKU\S-1-5-21-3053400165-3691748969-558033575-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3053400165-3691748969-558033575-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3053400165-3691748969-558033575-1001\...\123fporn.info ->
www.123fporn.info
IE restricted site: HKU\S-1-5-21-3053400165-3691748969-558033575-1001\...\123haustiereundmehr.com ->
www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3053400165-3691748969-558033575-1001\...\123moviedownload.com ->
www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3053400165-3691748969-558033575-1001\...\123simsen.com ->
www.123simsen.com
There are 7936 more sites.
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-03-18 22:03 - 2019-02-08 15:56 - 000454512 ____R C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1
www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1
www.008k.com
127.0.0.1 008k.com
127.0.0.1
www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1
www.032439.com
127.0.0.1 032439.com
127.0.0.1
www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1
www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1
www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1
www.100888290cs.com
127.0.0.1
www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1
www.10sek.com
127.0.0.1
www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1
www.123fporn.info
127.0.0.1
www.123haustiereundmehr.com
127.0.0.1 123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1
www.123moviedownload.com
There are 15600 more lines.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Kingston SSD Toolbox;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Users\Gianluca\AppData\Local\Microsoft\WindowsApps;C:\adb;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3053400165-3691748969-558033575-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Gianluca\Pictures\Sfondi vari\Blue_Dandelion_by_Jaorizabal.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "DSATray"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{2A72ABF0-C14C-4693-8BB9-93FF530E0D15}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F8DD6909-203F-4AA4-828E-08A4674A08B9}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E9271E8C-9820-4BF1-ADCD-92EC2F6663B0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F22AB73D-42B0-4DED-A2C5-A8D4AE91A515}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> )
FirewallRules: [{563EBE1C-7A92-41EF-9CAE-4D6E3EA8BCEE}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> )
FirewallRules: [{3D4A1DCA-BFA0-41AA-A154-34A4BB0A73BF}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
FirewallRules: [{0A0353ED-70CB-4A2C-896A-8B3CF75F1896}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
FirewallRules: [{E2890CAB-7131-4A4A-8E4B-045D3EFE5701}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
FirewallRules: [{30DD5D7B-EEC3-4589-AB08-0FF7351F16D3}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
FirewallRules: [{70EF5BB0-8A7A-480C-A937-54E78AC14E81}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{5CCA20F1-DE38-481F-849C-BDCF5B441014}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0EC7F39C-8998-4D8F-8950-A500A9B9A352}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> )
FirewallRules: [{59A6B044-886B-4AAD-8049-B3095623B504}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (CHENGDU YIWO Tech Development Co., Ltd. -> )
FirewallRules: [{DFCDFCFB-8C50-499D-BA4B-A1A133FB908B}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{3D341521-6AF6-4AF0-8A2C-A3BB11C24CEB}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{60A5ABD7-FE06-40C5-8DA0-B99388ABBFC2}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{EA9E44A4-FEAD-4140-861E-B63655A04E4F}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) Software Development Products -> )
FirewallRules: [{85691FBC-79E6-4A34-B11A-B7D901D227D4}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0BCA28ED-2A57-4466-91F9-46C155D62E92}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6A2A5532-3B41-47D4-BEE1-8A9E3996824F}] => (Allow) C:\Program Files\Opera\57.0.3098.106\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{9E973590-5280-42A1-87B1-6FA00B7FC68E}] => (Allow) C:\Program Files\Opera\57.0.3098.116\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{B775B95E-DBC0-438F-ACD0-727B60BCCAE6}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe ()
FirewallRules: [{FFB3E0A6-FD02-484B-A76F-8BEF2F976951}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe ()
FirewallRules: [{01A54502-A484-4778-8D7F-FCF6CC37945F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
==================== Restore Points =========================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/09/2019 03:58:51 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Il Centro sicurezza PC non è riuscito a convalidare il chiamante con errore %1.
Error: (02/09/2019 03:58:50 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Errore durante l'aggiornamento dello stato in SECURITY_PRODUCT_STATE_OFF.
Error: (02/09/2019 03:55:25 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Il programma explorer.exe versione 10.0.17763.107 non interagisce più con Windows ed è stato chiuso. Per vedere se sono disponibili ulteriori informazioni sul problema, verificare la cronologia del problema in Sicurezza e manutenzione nel Pannello di controllo.
ID processo: f5c
Ora di avvio: 01d4c07e37cf5536
Ora di chiusura: 4294967295
Percorso applicazione: C:\Windows\explorer.exe
ID segnalazione: 4387ba86-0114-4945-aa14-9ef88529b4d6
Nome completo pacchetto che ha generato l'errore:
ID applicazione relativo al pacchetto che ha generato l'errore:
Tipo interruzione: Unknown
Error: (02/09/2019 03:47:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome dell'applicazione che ha generato l'errore: opera.exe, versione: 57.0.3098.116, timestamp: 0x5c342e50
Nome del modulo che ha generato l'errore: ntdll.dll, versione: 10.0.17763.194, timestamp: 0xe8b54827
Codice eccezione: 0xc0000374
Offset errore 0x00000000000faf49
ID processo che ha generato l'errore: 0x1a88
Ora di avvio dell'applicazione che ha generato l'errore: 0x01d4c0865e571985
Percorso dell'applicazione che ha generato l'errore: C:\Program Files\Opera\57.0.3098.116\opera.exe
Percorso del modulo che ha generato l'errore: C:\WINDOWS\SYSTEM32\ntdll.dll
ID segnalazione: efff7b11-c9cd-4dfe-8e18-1a1ecf9e8b0c
Nome completo pacchetto che ha generato l'errore:
ID applicazione relativo al pacchetto che ha generato l'errore:
Error: (02/09/2019 02:51:22 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Errore durante l'aggiornamento dello stato in SECURITY_PRODUCT_STATE_OFF.
Error: (02/09/2019 02:51:22 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Il Centro sicurezza PC non è riuscito a convalidare il chiamante con errore %1.
Error: (02/09/2019 12:53:33 PM) (Source: Intel(R) SUR QC SAM) (EventID: 3) (User: )
Description: Traceback (most recent call last):
File "win32serviceutil.py", line 835, in SvcRun
File "updtr/service.py", line 238, in SvcDoRun
File "updtr/service.py", line 263, in run
File "updtr/core/entities/win_certs_store_bundle.py", line 41, in get_filename_for_windows_ca_bundle
File "updtr/core/entities/win_certs_store_bundle.py", line 33, in _create_bundle_from_win_store
IOError: (2, 'No such file or directory', 'C:\\ProgramData\\Intel\\SUR\\QUEENCREEK\\Updater\\AppData\\root_ca_certs.pem')
Error: (02/09/2019 12:50:43 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Il Centro sicurezza PC non è riuscito a convalidare il chiamante con errore %1.
System errors:
=============
Error: (02/09/2019 03:57:18 PM) (Source: DCOM) (EventID: 10016) (User: GLS-NOTEBOOK)
Description: Le impostazioni delle autorizzazioni impostazioni specifiche dell'applicazione non concedono l'autorizzazione di Attivazione in Locale per l'applicazione server COM con CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
e APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
all'utente GLS-NOTEBOOK\SID Gianluca (S-1-5-21-3053400165-3691748969-558033575-1001) dall'indirizzo LocalHost (tramite LRPC) in esecuzione nel SID del contenitore di applicazioni Non disponibile (Non disponibile). Per modificare tale autorizzazione di sicurezza, è possibile utilizzare lo strumento amministrativo Servizi componenti.
Error: (02/09/2019 03:56:25 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Servizio MessagingService_2692c terminato con l'errore:
Dispositivo non pronto.
Error: (02/09/2019 03:51:25 PM) (Source: DCOM) (EventID: 10016) (User: GLS-NOTEBOOK)
Description: Le impostazioni delle autorizzazioni impostazioni specifiche dell'applicazione non concedono l'autorizzazione di Attivazione in Locale per l'applicazione server COM con CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
e APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
all'utente GLS-NOTEBOOK\SID Gianluca (S-1-5-21-3053400165-3691748969-558033575-1001) dall'indirizzo LocalHost (tramite LRPC) in esecuzione nel SID del contenitore di applicazioni Non disponibile (Non disponibile). Per modificare tale autorizzazione di sicurezza, è possibile utilizzare lo strumento amministrativo Servizi componenti.
Error: (02/09/2019 03:47:35 PM) (Source: DCOM) (EventID: 10016) (User: GLS-NOTEBOOK)
Description: Le impostazioni delle autorizzazioni impostazioni specifiche dell'applicazione non concedono l'autorizzazione di Attivazione in Locale per l'applicazione server COM con CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
e APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
all'utente GLS-NOTEBOOK\SID Gianluca (S-1-5-21-3053400165-3691748969-558033575-1001) dall'indirizzo LocalHost (tramite LRPC) in esecuzione nel SID del contenitore di applicazioni Non disponibile (Non disponibile). Per modificare tale autorizzazione di sicurezza, è possibile utilizzare lo strumento amministrativo Servizi componenti.
Error: (02/09/2019 03:47:25 PM) (Source: DCOM) (EventID: 10016) (User: GLS-NOTEBOOK)
Description: Le impostazioni delle autorizzazioni impostazioni specifiche dell'applicazione non concedono l'autorizzazione di Attivazione in Locale per l'applicazione server COM con CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
e APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
all'utente GLS-NOTEBOOK\SID Gianluca (S-1-5-21-3053400165-3691748969-558033575-1001) dall'indirizzo LocalHost (tramite LRPC) in esecuzione nel SID del contenitore di applicazioni Non disponibile (Non disponibile). Per modificare tale autorizzazione di sicurezza, è possibile utilizzare lo strumento amministrativo Servizi componenti.
Error: (02/09/2019 02:57:32 PM) (Source: DCOM) (EventID: 10016) (User: GLS-NOTEBOOK)
Description: Le impostazioni delle autorizzazioni impostazioni specifiche dell'applicazione non concedono l'autorizzazione di Attivazione in Locale per l'applicazione server COM con CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
e APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
all'utente GLS-NOTEBOOK\SID Gianluca (S-1-5-21-3053400165-3691748969-558033575-1001) dall'indirizzo LocalHost (tramite LRPC) in esecuzione nel SID del contenitore di applicazioni Non disponibile (Non disponibile). Per modificare tale autorizzazione di sicurezza, è possibile utilizzare lo strumento amministrativo Servizi componenti.
Error: (02/09/2019 02:55:25 PM) (Source: DCOM) (EventID: 10016) (User: GLS-NOTEBOOK)
Description: Le impostazioni delle autorizzazioni impostazioni specifiche dell'applicazione non concedono l'autorizzazione di Attivazione in Locale per l'applicazione server COM con CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
e APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
all'utente GLS-NOTEBOOK\SID Gianluca (S-1-5-21-3053400165-3691748969-558033575-1001) dall'indirizzo LocalHost (tramite LRPC) in esecuzione nel SID del contenitore di applicazioni Non disponibile (Non disponibile). Per modificare tale autorizzazione di sicurezza, è possibile utilizzare lo strumento amministrativo Servizi componenti.
Error: (02/09/2019 02:51:47 PM) (Source: DCOM) (EventID: 10016) (User: GLS-NOTEBOOK)
Description: Le impostazioni delle autorizzazioni impostazioni specifiche dell'applicazione non concedono l'autorizzazione di Attivazione in Locale per l'applicazione server COM con CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
e APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
all'utente GLS-NOTEBOOK\SID Gianluca (S-1-5-21-3053400165-3691748969-558033575-1001) dall'indirizzo LocalHost (tramite LRPC) in esecuzione nel SID del contenitore di applicazioni Non disponibile (Non disponibile). Per modificare tale autorizzazione di sicurezza, è possibile utilizzare lo strumento amministrativo Servizi componenti.
CodeIntegrity:
===================================
Date: 2019-02-09 15:59:40.583
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-02-09 15:59:39.234
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-02-09 15:58:49.991
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-02-09 15:58:47.417
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
Date: 2019-02-09 15:57:05.555
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-02-09 15:56:45.079
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-02-09 15:56:36.605
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Free 18.0.0\avp.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-02-09 15:56:36.550
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel(R) Celeron(R) CPU 1005M @ 1.90GHz
Percentage of memory in use: 63%
Total physical RAM: 3971.35 MB
Available physical RAM: 1450.23 MB
Total Virtual: 4419.35 MB
Available Virtual: 1723.68 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:110.34 GB) (Free:65.91 GB) NTFS
\\?\Volume{cd13a483-0000-0000-0000-100000000000}\ (Riservato per il sistema) (Fixed) (Total:0.49 GB) (Free:0.46 GB) NTFS
\\?\Volume{cd13a483-0000-0000-0000-40b51b000000}\ () (Fixed) (Total:0.96 GB) (Free:0.38 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: CD13A483)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=110.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=979 MB) - (Type=27)
==================== End of Addition.txt ============================