View Single Post
  #7  
Old August 18th, 2019, 03:55 PM
alphaorg alphaorg is offline
New Member
 
Join Date: Aug 2019
Posts: 8
Additon.txt log:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-08-2019
Ran by a1005 (18-08-2019 16:34:41)
Running from C:\Users\a1005\Downloads
Windows 10 Home Version 1903 18362.295 (X64) (2019-08-15 17:33:22)
Boot Mode: Normal
================================================== ========


==================== Accounts: =============================

a1005 (S-1-5-21-2231841772-903031472-3598770431-1001 - Administrator - Enabled) => C:\Users\a1005
Administrator (S-1-5-21-2231841772-903031472-3598770431-500 - Administrator - Disabled)
Ale (S-1-5-21-2231841772-903031472-3598770431-1003 - Administrator - Enabled) => C:\Users\Ale
DefaultAccount (S-1-5-21-2231841772-903031472-3598770431-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-2231841772-903031472-3598770431-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-2231841772-903031472-3598770431-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2231841772-903031472-3598770431-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: Kaspersky Free (Enabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
AS: Kaspersky Free (Enabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Accordion (HKLM-x32\...\Accordion) (Version: 1.03 - Bill Farmer)
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.9 - Adobe Systems Incorporated)
Aggiornamenti NVIDIA 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Amazon Kindle (HKU\S-1-5-21-2231841772-903031472-3598770431-1001\...\Amazon Kindle) (Version: 1.25.1.52064 - Amazon)
AmpliTube 4 version 4.0.2 (HKLM\...\{21B0C8E0-7EB7-4832-B764-20A7DAE86E02}_is1) (Version: 4.0.2 - IK Multimedia)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.18 - ASUS)
BitTorrent (HKU\S-1-5-21-2231841772-903031472-3598770431-1001\...\BitTorrent) (Version: 7.10.5.45272 - BitTorrent Inc.)
Broken Sword 5 - the Serpent's Curse Episode 2 (HKLM-x32\...\QnJva2VuU3dvcmQ1dGhlU2VycGVudHNDdXJzZQ==_i s1) (Version: 1 - )
calibre (HKLM-x32\...\{6EB8794A-DAF6-4722-90B2-68D1459A9615}) (Version: 2.75.1 - Kovid Goyal)
Custom Shop version 1.7.0 (HKLM-x32\...\{21BAD046-50EC-49E2-BE7B-F9729704F2C3}_is1) (Version: 1.7.0 - IK Multimedia)
EditPad Lite 7.6.4 (HKLM\...\EditPad Lite) (Version: 7.6.4 - Just Great Software)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.0.1.1049 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 76.0.3809.100 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
GPRO Analyzer (HKLM-x32\...\{470EA45D-2C05-4434-95D3-6152E9340266}_is1) (Version: - GPRO Analyzer)
Graphviz (HKLM-x32\...\{884CF059-9A11-4DF7-A2A7-17EFE90B9278}) (Version: 2.38 - AT&T Research Labs.)
Guitar and Bass (HKLM-x32\...\Guitar and Bass_is1) (Version: 1.2.2 - G.F. Software)
HandBrake 1.0.7 (HKLM-x32\...\HandBrake) (Version: 1.0.7 - )
IK Multimedia Authorization Manager version 1.0.16 (HKLM\...\{85BC0DCB-69E5-4279-AA25-F108EF896588}_is1) (Version: 1.0.16 - IK Multimedia)
InstantPhotoSketch 2.0 (HKLM-x32\...\{5A76F86F-C0E5-4755-BD6C-4FC627F17033}_is1) (Version: - CPSSoftware)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4358 - Intel Corporation)
Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
Jubler subtitle editor (HKLM\...\Jubler) (Version: 5.1 - www.jubler.org)
Kaspersky Free (HKLM-x32\...\{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab) Hidden
Kaspersky Free (HKLM-x32\...\InstallWIX_{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab)
Kaspersky Secure Connection (HKLM-x32\...\{F10AA188-7166-430E-8810-FEAB2AD73DE3}) (Version: 19.0.0.1088 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F10AA188-7166-430E-8810-FEAB2AD73DE3}) (Version: 19.0.0.1088 - Kaspersky Lab)
KB Piano 2.5.1 (HKLM-x32\...\KB Piano_is1) (Version: - )
launcher_HTML_DW2 versione 1.0 (HKLM-x32\...\{BAE76B11-100A-48DE-9DA7-856A5382AC3D}_is1) (Version: 1.0 - Directa SIM)
LibreOffice 5.2.6.2 (HKLM\...\{2B69F1E6-C4D6-44A2-AFAD-4BD0571D254E}) (Version: 5.2.6.2 - The Document Foundation)
Malwarebytes versione 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Microsoft OneDrive (HKU\S-1-5-21-2231841772-903031472-3598770431-1001\...\OneDriveSetup.exe) (Version: 19.123.0624.0005 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Midori 0.5.11 (HKLM-x32\...\Midori) (Version: 0.5.11 - Christian Dywan)
MKVToolNix 29.0.0 (64-bit) (HKLM-x32\...\MKVToolNix) (Version: 29.0.0 - Moritz Bunkus)
MP3MyMP3 4.2 (HKLM-x32\...\MP3MyMP3_is1) (Version: - Bruce McArthur)
Multi Trade System Plus (HKLM-x32\...\Multi Trade System Plus) (Version: 3.0.6211.12199 - UNICASIM S.p.A. & Stefano Martino)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
paint.net (HKLM\...\{E637E0EF-6EB3-44C4-97B8-6F9EA444D649}) (Version: 4.1.5 - dotPDN LLC)
Pannello di controllo NVIDIA 388.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.57 - NVIDIA Corporation) Hidden
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.322.3 - Tracker Software Products Ltd)
Pro Cycling Manager 2018 (HKLM\...\SKIDROW - Pro Cycling Manager 2018) (Version: - SKIDROW)
Pro Cycling Manager 2018 Account Setup (HKLM-x32\...\Pro Cycling Manager 2018_is1) (Version: - )
Pro Evolution Soccer 2017 (HKLM-x32\...\{A3C10274-808C-4ADC-A13D-D94911180B58}_is1) (Version: - KONAMI)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
SampleTank 3 version 3.6.6 (HKLM\...\{4A5CE684-33A5-4EE6-AB22-4B92D92D37D8}_is1) (Version: 3.6.6 - IK Multimedia)
Samsung Kies (HKLM-x32\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.23.0 - SAMSUNG Electronics Co., Ltd.)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Typora version 0.9.64 (HKLM\...\{37771A20-7167-44C0-B322-FD3E54C56156}_is1) (Version: 0.9.64 - typora.io)
Up Pro (Verified) version 1.4.16.1 (HKLM-x32\...\{716D2234-E822-4AB0-874A-1DD7F75047DB}_is1) (Version: 1.4.16.1 - Up Pro (Verified))
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
uTox (HKU\S-1-5-21-2231841772-903031472-3598770431-1001\...\uTox) (Version: - )
Visual Trader in C:\VTrader (HKLM-x32\...\vt.exe_{2C257605-53FA-436D-8BCC-3C8C26AD2461}) (Version: Versione 5.5 - Traderlink Srl)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.3 - VideoLAN)
VMware Player (HKLM\...\{646FD2AF-74E5-462C-82EE-1860DD252BF6}) (Version: 12.5.1 - VMware, Inc.)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
WhatsApp (HKU\S-1-5-21-2231841772-903031472-3598770431-1001\...\WhatsApp) (Version: 0.2.7315 - WhatsApp)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

Packages:
=========
Adobe Reader Touch -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobeRe ader_3.1.8.7675_x86__ynb6jyjzte8ga [2017-01-05] (Adobe Systems Incorporated)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_5.8.4. 0_x86__kgqvnymyfvs32 [2019-08-15] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.14 5.301.0_x86__kgqvnymyfvs32 [2019-08-15] (king.com)
Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_4.2 .1.1_x86__h6adky7gbf63m [2019-08-15] (Gameloft.)
Facebook -> C:\Program Files\WindowsApps\Facebook.Facebook_186.2191.46880 .0_x86__8xx8rvfyw5nnt [2019-03-29] (Facebook Inc)
GetThemAll - Video Downlaoder -> C:\Program Files\WindowsApps\NimbusWeb.GetThemAll-VideoDownlaoder_2.3.2.0_x64__p5fjnfwkc9ns0 [2019-04-03] (FVD Media)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.18 11.1.0_x64__8wekyb3d8bbwe [2019-01-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.18 11.1.0_x86__8wekyb3d8bbwe [2019-01-13] (Microsoft Corporation) [MS Ad]
Microsoft News: le ultime notizie in tempo reale -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.12124.0_ x64__8wekyb3d8bbwe [2019-08-07] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireColl ection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-17] (Microsoft Studios) [MS Ad]
MSN Meteo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.31.11905 .0_x64__8wekyb3d8bbwe [2019-07-21] (Microsoft Corporation) [MS Ad]
Posta e Calendario -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsa pps_16005.11901.20184.0_x64__8wekyb3d8bbwe [2019-08-02] (Microsoft Corporation) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neut ral__wgeqdkkx372wm [2018-09-08] (Twitter Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2231841772-903031472-3598770431-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2017-12-11] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers1: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\ShellEx.dll [2019-04-15] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-29] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-29] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\ShellEx.dll [2019-04-15] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers2-x32: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => C:\Program Files (x86)\VMware\VMware Player\vmdkShellExt.dll [2016-10-21] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers2: [VMDiskMenuHandler64] -> {E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => C:\Program Files (x86)\VMware\VMware Player\x64\vmdkShellExt64.dll [2016-10-21] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\ShellEx.dll [2019-04-15] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-04] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-12-04] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2017-12-11] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers6: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\ShellEx.dll [2019-04-15] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-29] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-29] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\a1005\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9\Googl e Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=ChromeDefaultData

==================== Loaded Modules (Whitelisted) ==============

2017-03-01 16:29 - 2017-03-01 16:29 - 000051200 _____ () [File not signed] C:\Program Files\LibreOffice 5\program\python-core-3.3.0\lib\_socket.pyd
2017-09-23 20:26 - 2015-02-27 10:35 - 000489984 _____ (Newtonsoft) [File not signed] C:\Program Files (x86)\Wondershare\WAF\2.4.3.224\Newtonsoft.Json.dl l
2017-03-01 16:31 - 2017-03-01 16:31 - 000539648 _____ (The Document Foundation) [File not signed] C:\Program Files\LibreOffice 5\program\pyuno.pyd
2017-03-01 17:06 - 2017-03-01 17:06 - 000677376 _____ (The Document Foundation) [File not signed] C:\Program Files\LibreOffice 5\program\soffice.bin
2017-09-23 20:26 - 2017-04-20 14:39 - 000087552 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Wondershare\WAF\2.4.3.224\WsAppCollect.dll
2017-09-23 20:26 - 2017-04-20 14:39 - 000197632 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Wondershare\WAF\2.4.3.224\WsAppCommon.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 13:47 - 2019-08-18 08:49 - 000000883 _____ C:\WINDOWS\system32\drivers\etc\hosts


2019-01-07 16:06 - 2019-01-07 16:06 - 000000436 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\J ava\javapath;%SystemRoot%\system32;%SystemRoot%;%S ystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\Win dowsPowerShell\v1.0\;C:\Program Files (x86)\Calibre2\;C:\Program Files (x86)\Infocert\DiKe 6\RAO;%JAVA_HOME%\bin;;%SYSTEMROOT%\System32\OpenS SH\
HKU\S-1-5-21-2231841772-903031472-3598770431-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\a1005\AppData\Local\Microsoft\Windows\The mes\RoamedThemeFiles\DesktopBackground\asus.jpg
DNS Servers: 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "KiesTrayAgent"
HKU\S-1-5-21-2231841772-903031472-3598770431-1001\...\StartupApproved\Run: => "KiesPreload"
HKU\S-1-5-21-2231841772-903031472-3598770431-1001\...\StartupApproved\Run: => ""
HKU\S-1-5-21-2231841772-903031472-3598770431-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2231841772-903031472-3598770431-1001\...\StartupApproved\Run: => "uTox"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{5D55A7A0-C4DE-4381-8904-57F44C2CFD47}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{E1601B72-8BF1-4C24-93E7-140021016241}] => (Allow) C:\games\pro cycling manager 2017\pcm64.exe No File
FirewallRules: [{C5E57750-B51F-4BA4-9B66-F8DDF4471EC8}] => (Allow) C:\games\pro cycling manager 2017\pcm64.exe No File
FirewallRules: [{0DEE92D6-A12E-49B6-8540-EB6947EEA39E}] => (Allow) C:\Program Files (x86)\Walking\Suspicion.exe No File
FirewallRules: [{0F46E545-597C-4BD6-9597-226989397D71}] => (Allow) C:\Program Files (x86)\discount\Suspicion.exe No File
FirewallRules: [{08747958-F3E3-4267-8C30-22EDA793AD79}] => (Allow) C:\Program Files (x86)\Walking\Designation.exe No File
FirewallRules: [{A223F525-894D-4A86-86CC-606939BA1970}] => (Allow) C:\Program Files (x86)\Scored\Designation.exe No File
FirewallRules: [{4164E7D0-7FF2-46C3-B000-E01E88113451}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{B4343378-8089-45EA-ACB6-2D33D647E5AB}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{257912A1-5DA6-4B5C-B4D7-048BD20A7A9F}] => (Allow) C:\Program Files (x86)\MtsPlus\MtsMultiStation.exe () [File not signed]
FirewallRules: [{CA3D88C1-73F6-4C65-BDDB-CF957616753A}] => (Allow) C:\Program Files (x86)\MtsPlus\MtsMultiStation.exe () [File not signed]
FirewallRules: [{EEE86FA6-B449-4B5F-94A3-6A130B7BDEE2}] => (Allow) C:\Program Files (x86)\MtsPlus\MtsMultiStation.exe () [File not signed]
FirewallRules: [{F5D53433-BC35-4453-B8ED-B9D93D86FB08}] => (Allow) C:\Program Files (x86)\MtsPlus\MtsMultiStation.exe () [File not signed]
FirewallRules: [UDP Query User{7B445382-013E-479A-9284-9DA0305B3517}C:\games\pro cycling manager 2017\pcm64.exe] => (Allow) C:\games\pro cycling manager 2017\pcm64.exe No File
FirewallRules: [TCP Query User{852862B9-F770-4570-9A10-42089A462888}C:\games\pro cycling manager 2017\pcm64.exe] => (Allow) C:\games\pro cycling manager 2017\pcm64.exe No File
FirewallRules: [UDP Query User{223B5477-519D-4CD1-8910-51E9D66B0B96}C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe
FirewallRules: [TCP Query User{CBF60AEE-C700-4638-8A2A-1A312B22A68F}C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe
FirewallRules: [{8E1956C1-2CA8-417C-9A79-9034F68A3AAE}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe No File
FirewallRules: [{59F60EB8-C56C-4EDF-AC01-9F7A8B2003C4}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe No File
FirewallRules: [UDP Query User{1CAF1205-DF13-4808-B02B-B43355E449E7}C:\program files (x86)\java\jre1.8.0_171\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_171\bin\java.exe
FirewallRules: [TCP Query User{5B5FFD3C-E7F1-4647-8BF1-739E554D61AC}C:\program files (x86)\java\jre1.8.0_171\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_171\bin\java.exe
FirewallRules: [{9D7B20A7-6D73-4696-939C-B7A2BFD68C95}] => (Allow) C:\Users\a1005\AppData\Roaming\BitTorrent\BitTorre nt.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{8281A515-AD34-4ED6-8918-B55E5B65E5FC}] => (Allow) C:\Users\a1005\AppData\Roaming\BitTorrent\BitTorre nt.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{782D05A7-931C-421F-9277-D1F372A380D1}C:\program files\java\jre1.8.0_131\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_131\bin\javaw.exe No File
FirewallRules: [TCP Query User{C4A63070-84EE-451D-84EB-D38DBCA7073B}C:\program files\java\jre1.8.0_131\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_131\bin\javaw.exe No File
FirewallRules: [UDP Query User{7A61F530-1E9B-413C-B512-623918662B1B}C:\games\pro cycling manager 2017\pcm64.exe] => (Block) C:\games\pro cycling manager 2017\pcm64.exe No File
FirewallRules: [TCP Query User{E2F56999-AEF2-42E8-B6ED-0F06B8FE1252}C:\games\pro cycling manager 2017\pcm64.exe] => (Block) C:\games\pro cycling manager 2017\pcm64.exe No File
FirewallRules: [{E3109574-4C91-4C69-8CFA-F3088E8AA068}] => (Allow) C:\Users\a1005\AppData\Roaming\BitTorrent\BitTorre nt.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{9F4E2F47-F9E6-4E87-85F0-E0481F19E8EF}] => (Allow) C:\Users\a1005\AppData\Roaming\BitTorrent\BitTorre nt.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{AA5018BC-0237-4FC3-9F64-978D63ECD946}] => (Allow) C:\Users\a1005\AppData\Roaming\BitTorrent\BitTorre nt.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{07A63579-DD8A-499D-9B8D-7D605A1F076F}] => (Allow) C:\Users\a1005\AppData\Roaming\BitTorrent\BitTorre nt.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{1036942B-0A0E-47D5-B34B-B1E3F88E4AA8}] => (Allow) C:\Users\a1005\AppData\Roaming\BitTorrent\BitTorre nt.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{DAF17433-D989-49DE-8061-68D41E3A566A}] => (Allow) C:\Users\a1005\AppData\Roaming\BitTorrent\BitTorre nt.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{9E476388-CE2D-49FB-A0F3-FC55E7FFA7AC}] => (Allow) D:\Ubisoft Game Launcher\games\Assassin's Creed III\AC3SP.exe No File
FirewallRules: [{06046555-24F9-45E7-906D-22AA97AFD9AF}] => (Allow) D:\Ubisoft Game Launcher\games\Assassin's Creed III\AC3SP.exe No File
FirewallRules: [{C730E509-110C-4C55-A74F-57D0F1D0B4CB}] => (Allow) D:\Ubisoft Game Launcher\games\Assassin's Creed III\AC3MP.exe No File
FirewallRules: [{A1AC6B54-D90B-4015-A1B4-BD8996EAFB7C}] => (Allow) D:\Ubisoft Game Launcher\games\Assassin's Creed III\AC3MP.exe No File
FirewallRules: [{879436E5-1C3B-4697-9F9D-AF6652AB4D79}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{AAA6646B-415C-4B91-84C8-7AD20507A04B}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [TCP Query User{77CEB03D-5B68-4DFE-A789-57C0E4B8CA2C}D:\games\grand theft auto v\gta5.exe] => (Allow) D:\games\grand theft auto v\gta5.exe No File
FirewallRules: [UDP Query User{6D2ECB80-417C-4308-9368-5AF49C162B9F}D:\games\grand theft auto v\gta5.exe] => (Allow) D:\games\grand theft auto v\gta5.exe No File
FirewallRules: [TCP Query User{581FB351-9A65-4D4C-AFEF-31DDAD71276B}C:\program files\java\jre1.8.0_112\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_112\bin\java.exe No File
FirewallRules: [UDP Query User{D686F7F7-2A48-437F-BAC6-4CB12BF4ECC8}C:\program files\java\jre1.8.0_112\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_112\bin\java.exe No File
FirewallRules: [TCP Query User{FBE12332-C90F-4BF7-B9D3-58F2E815C77E}C:\users\a1005\appdata\roaming\utox\u tox.exe] => (Allow) C:\users\a1005\appdata\roaming\utox\utox.exe () [File not signed]
FirewallRules: [UDP Query User{62AE963F-E13B-4597-9A8B-138D849E2DAF}C:\users\a1005\appdata\roaming\utox\u tox.exe] => (Allow) C:\users\a1005\appdata\roaming\utox\utox.exe () [File not signed]
FirewallRules: [TCP Query User{47869143-832E-4E11-A40E-41B8AB3396D0}C:\program files\java\jre1.8.0_131\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_131\bin\java.exe No File
FirewallRules: [UDP Query User{589710F8-C883-48CA-845F-7E92C7FD7843}C:\program files\java\jre1.8.0_131\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_131\bin\java.exe No File
FirewallRules: [TCP Query User{729E03ED-02D8-4B52-8E81-9C9D50CD86FF}C:\users\a1005\appdata\roaming\utox\u tox.exe] => (Block) C:\users\a1005\appdata\roaming\utox\utox.exe () [File not signed]
FirewallRules: [UDP Query User{867D1768-4C4A-4E6F-900F-93D6135E49C0}C:\users\a1005\appdata\roaming\utox\u tox.exe] => (Block) C:\users\a1005\appdata\roaming\utox\utox.exe () [File not signed]
FirewallRules: [TCP Query User{989A2998-AF38-4C8C-816D-742F2350851C}C:\vtrader\vt.exe] => (Allow) C:\vtrader\vt.exe (Traderlink Italia Srl -> Traderlink Srl)
FirewallRules: [UDP Query User{F3DCAB10-5A23-4E8E-A4A0-0B1735503B8F}C:\vtrader\vt.exe] => (Allow) C:\vtrader\vt.exe (Traderlink Italia Srl -> Traderlink Srl)
FirewallRules: [TCP Query User{3BF99408-87AB-46A7-AD62-424EA7BDABAE}C:\vtrader\vttrade.exe] => (Allow) C:\vtrader\vttrade.exe (Traderlink Italia Srl -> Traderlink Srl)
FirewallRules: [UDP Query User{14B20160-4327-4FF4-BF32-5C1C88EA930B}C:\vtrader\vttrade.exe] => (Allow) C:\vtrader\vttrade.exe (Traderlink Italia Srl -> Traderlink Srl)
FirewallRules: [TCP Query User{360F7A6E-D645-40F9-9B9F-A36CC92266FF}C:\vtrader\vttools.exe] => (Allow) C:\vtrader\vttools.exe (Traderlink Srl) [File not signed]
FirewallRules: [UDP Query User{9A647DCA-FA42-4FBC-AF2A-550955102306}C:\vtrader\vttools.exe] => (Allow) C:\vtrader\vttools.exe (Traderlink Srl) [File not signed]
FirewallRules: [TCP Query User{CFF728F3-3FFF-4ED1-9ACF-85DDAF6D5226}C:\program files\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_161\bin\javaw.exe No File
FirewallRules: [UDP Query User{2F0DB241-C718-4E25-8917-7FE5E0BF42B7}C:\program files\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_161\bin\javaw.exe No File
FirewallRules: [TCP Query User{CD2EF019-721B-4E49-985A-CB50585275C5}C:\program files (x86)\relevantknowledge\rlvknlg.exe] => (Block) C:\program files (x86)\relevantknowledge\rlvknlg.exe No File
FirewallRules: [UDP Query User{74EA7DE3-B30C-494C-8B0A-84CFC8F8457A}C:\program files (x86)\relevantknowledge\rlvknlg.exe] => (Block) C:\program files (x86)\relevantknowledge\rlvknlg.exe No File

==================== Restore Points =========================

16-08-2019 15:29:52 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/18/2019 03:41:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Il programma SkypeApp.exe versione 8.51.0.72 non interagisce più con Windows ed è stato chiuso. Per vedere se sono disponibili ulteriori informazioni sul problema, verificare la cronologia del problema in Sicurezza e manutenzione nel Pannello di controllo.

ID processo: 20f0

Ora di avvio: 01d5559812a5be84

Ora di chiusura: 4294967295

Percorso applicazione: C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x6 4__kzf8qxf38zg5c\SkypeApp.exe

ID segnalazione: 0e513cd7-e6a9-462d-b05b-83e2c195d189

Nome completo pacchetto che ha generato l'errore: Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c

ID applicazione relativo al pacchetto che ha generato l'errore: App

Tipo interruzione: Quiesce

Error: (08/18/2019 09:35:06 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1000) (User: NT AUTHORITY)
Description: Accesso ai dati delle prestazioni negato all'utente "SYSTEM" (valore restituito da GetUserName() per il thread in esecuzione) come tentato dal modulo "C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe" (valore restituito da GetModuleFileName() per il binario che ha generato la query).

Error: (08/18/2019 08:52:13 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1000) (User: NT AUTHORITY)
Description: Accesso ai dati delle prestazioni negato all'utente "SYSTEM" (valore restituito da GetUserName() per il thread in esecuzione) come tentato dal modulo "C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe" (valore restituito da GetModuleFileName() per il binario che ha generato la query).

Error: (08/18/2019 08:07:28 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Il programma PilotshubApp.exe versione 1.1903.1906.7002 non interagisce più con Windows ed è stato chiuso. Per vedere se sono disponibili ulteriori informazioni sul problema, verificare la cronologia del problema in Sicurezza e manutenzione nel Pannello di controllo.

ID processo: 29ec

Ora di avvio: 01d5558b0ff91296

Ora di chiusura: 4294967295

Percorso applicazione: C:\Program Files\WindowsApps\Microsoft.WindowsFeedbackHub_1.1 903.1582.0_x64__8wekyb3d8bbwe\PilotshubApp.exe

ID segnalazione: 71b163d9-8f1a-4e85-9ed0-020afeb45e6e

Nome completo pacchetto che ha generato l'errore: Microsoft.WindowsFeedbackHub_1.1903.1582.0_x64__8w ekyb3d8bbwe

ID applicazione relativo al pacchetto che ha generato l'errore: App

Tipo interruzione: Cross-thread

Error: (08/17/2019 12:18:01 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: NT AUTHORITY)
Description: Impossibile aprire l'oggetto prestazione del servizio Server. I primi quattro byte (DWORD) della sezione Data contengono il codice di stato.

Error: (08/17/2019 12:12:02 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: NT AUTHORITY)
Description: Impossibile aprire l'oggetto prestazione del servizio Server. I primi quattro byte (DWORD) della sezione Data contengono il codice di stato.

Error: (08/17/2019 12:12:02 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: NT AUTHORITY)
Description: Impossibile aprire l'oggetto prestazione del servizio Server. I primi quattro byte (DWORD) della sezione Data contengono il codice di stato.

Error: (08/17/2019 12:09:54 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: NT AUTHORITY)
Description: Impossibile aprire l'oggetto prestazione del servizio Server. I primi quattro byte (DWORD) della sezione Data contengono il codice di stato.


System errors:
=============
Error: (08/18/2019 09:55:21 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Servizio Protocollo PNRP terminato con l'errore:
Impossibile accedere a una chiave.

Error: (08/18/2019 09:55:21 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: Impossibile avviare l'area PNRP. Creazione dell'identità predefinita non riuscita con codice di errore: 0x80630203.

Error: (08/18/2019 08:56:10 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Il servizio Cache tipi di carattere Windows Presentation Foundation 3.0.0.0 non è stato avviato per il seguente errore:
Il servizio non ha risposto alla richiesta di avvio o controllo nel tempo previsto.

Error: (08/18/2019 08:56:10 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Timeout (30000 millisecondi) durante l'attesa della connessione del servizio Cache tipi di carattere Windows Presentation Foundation 3.0.0.0.

Error: (08/18/2019 08:54:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Il servizio WsAppService non è stato avviato per il seguente errore:
Il servizio non ha risposto alla richiesta di avvio o controllo nel tempo previsto.

Error: (08/18/2019 08:54:55 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Timeout (45000 millisecondi) durante l'attesa della connessione del servizio WsAppService.

Error: (08/17/2019 01:09:47 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Servizio Protocollo PNRP terminato con l'errore:
Impossibile accedere a una chiave.

Error: (08/17/2019 01:09:47 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: Impossibile avviare l'area PNRP. Creazione dell'identità predefinita non riuscita con codice di errore: 0x80630203.


Windows Defender:
===================================
Date: 2019-08-18 16:24:08.661
Description:
Windows Defender Antivirus: analisi interrotta prima del completamento.
ID analisi: {3134FE3B-AE06-4868-B8A9-31AB80C725C0}
Tipo analisi: Antimalware
Parametri analisi: Analisi veloce
Utente: NT AUTHORITY\SYSTEM

Date: 2019-08-17 10:50:12.982
Description:
Windows Defender Antivirus: analisi interrotta prima del completamento.
ID analisi: {1247CF6B-C9FA-4695-B16B-ACE004646942}
Tipo analisi: Antimalware
Parametri analisi: Analisi veloce
Utente: KIASHAN6\a1005

Date: 2019-08-17 11:06:51.033
Description:
Windows Defender Antivirus: errore durante il tentativo di aggiornare l'intelligence sulla sicurezza.
Nuova versione intelligence sulla sicurezza:
Versione intelligence sulla sicurezza precedente: 1.299.2255.0
Origine aggiornamento: Server Microsoft Update
Tipo intelligence sulla sicurezza: Antivirus
Tipo aggiornamento: Completo
Utente: NT AUTHORITY\SYSTEM
Versione motore corrente:
Versione motore precedente: 1.1.16200.1
Codice errore: 0x8007043c
Descrizione errore: Questo servizio non può essere avviato in modalità provvisoria

Date: 2019-08-17 10:56:38.454
Description:
Windows Defender Antivirus: errore della funzionalità di protezione in tempo reale. Operazione non riuscita.
Funzionalità: All'accesso
Codice errore: 0x8007043c
Descrizione errore: Questo servizio non può essere avviato in modalità provvisoria
Motivo: L'intelligence sulla sicurezza antimalware ha smesso di funzionare per un motivo sconosciuto. In alcuni casi, è possibile risolvere il problema riavviando il servizio.

CodeIntegrity:
===================================

Date: 2019-08-18 09:41:39.998
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost. exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2019-08-18 09:41:39.879
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost. exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2019-08-18 09:41:36.204
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost. exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2019-08-18 09:41:36.154
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost. exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2019-08-18 09:41:35.566
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost. exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2019-08-18 09:41:35.473
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost. exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2019-08-18 09:33:52.814
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost. exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2019-08-18 09:33:52.795
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost. exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. K55VD.411 03/11/2013
Motherboard: ASUSTeK COMPUTER INC. K55VD
Processor: Intel(R) Core(TM) i7-3630QM CPU @ 2.40GHz
Percentage of memory in use: 47%
Total physical RAM: 12173.49 MB
Available physical RAM: 6417.6 MB
Total Virtual: 14605.49 MB
Available Virtual: 8834.8 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:185.19 GB) (Free:59.88 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Data) (Fixed) (Total:258.15 GB) (Free:44.3 GB) NTFS

\\?\Volume{317e3ff3-62b1-4ef2-8c43-4a035c9d219a}\ (Recovery) (Fixed) (Total:0.88 GB) (Free:0.55 GB) NTFS
\\?\Volume{78529535-bdcd-49e2-8e93-ba34b7df291e}\ () (Fixed) (Total:0.77 GB) (Free:0.28 GB) NTFS
\\?\Volume{d6203ec9-4ec8-4437-9699-9f4bf57d1d51}\ () (Fixed) (Total:0.34 GB) (Free:0.3 GB) NTFS
\\?\Volume{aad2e4cd-16c3-475c-94dd-ba7e6d825092}\ (Restore) (Fixed) (Total:20.01 GB) (Free:8.61 GB) NTFS
\\?\Volume{5341953e-a590-4f2a-bfe4-b3ba6d661f7f}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.25 GB) FAT32

==================== MBR & Partition Table ==================

================================================== ======
Disk: 0 (Size: 465.8 GB) (Disk ID: 05E2ADD8)

Partition: GPT.

==================== End of Addition.txt ============================
Reply With Quote