• Non sono ammesse registrazioni con indirizzi email temporanei usa e getta

Importante Richiesta controllo Logfile of HijackThis (Versione 2.10.0.31) del 06/05/2023

VIANELLO_85 ha scritto:
Vedo che hai trovato il problema, il mouse. Comunque per me log ok.
Clicca per espandere...
Potresti controllare anche il mio per piacere? Grazie.

https://www.digital-forum.it/showthread.php?p=7703735



Adriano.93 ha scritto:
Il notebook alcune volte si blocca completamente e le ventole smettono di girare, neanche l'orologio va avanti, e si sblocca da solo dopo 10-15 minuti e le ventole tornano a girare. Credo sia un problema dell'hard disk o qualche virus.

Alcune volte invece si spegne improvvisamente anche se non faccio nulla e si riaccende da solo.
Clicca per espandere...
 
Adriano.93 ha scritto:
Il notebook alcune volte si blocca completamente e le ventole smettono di girare, neanche l'orologio va avanti, e si sblocca da solo dopo 10-15 minuti e le ventole tornano a girare. Credo sia un problema dell'hard disk o qualche virus.

Alcune volte invece si spegne improvvisamente anche se non faccio nulla e si riaccende da solo.
Clicca per espandere...

Suona come un problema hardware, non credo dell'hd perchè se qualcosa non va penso si pianta e basta, è stato pulito internamente? ma potrebbe essere anche un problema nel sistema operativo.
 
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 18:51:38, on 03/08/2023
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19597)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\QNAP\Qfinder\iSCSIAgent.exe
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\Program Files (x86)\AnyDesk\AnyDesk.exe
D:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe
C:\Program Files (x86)\QNAP\Qfinder\QfinderPro.exe
C:\Program Files (x86)\QNAP\Qsync\Qsync.exe
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\Users\Proprietario\AppData\Local\SynologyDrive\SynologyDrive.app\bin\cloud-drive-ui.exe
C:\Users\Proprietario\AppData\Local\SynologyDrive\SynologyDrive.app\bin\cloud-drive-connect.exe
C:\Users\Proprietario\AppData\Local\SynologyDrive\SynologyDrive.app\bin\cloud-drive-daemon.exe
C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\Program Files (x86)\CrystalDiskInfo\DiskInfo.exe
C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
D:\Documenti\Download\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\109.0.1518.115\BHO\ie_to_edge_bho.dll
O2 - BHO: Guida per l'accesso all'account Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKLM\..\Run: [BtTray] "C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe"
O4 - HKLM\..\Run: [QfinderPro] "C:\Program Files (x86)\QNAP\Qfinder\QfinderPro.exe" /min /auto
O4 - HKLM\..\Run: [Qsync] "C:\Program Files (x86)\QNAP\Qsync\Qsync.exe" /launch_qsync
O4 - HKCU\..\Run: [CCleaner] "C:\Program Files\CCleaner\CCleaner64.exe" /AUTOS
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Skype for Desktop] C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
O4 - HKCU\..\Run: [HP OfficeJet Pro 8020 series (NET)] "C:\Program Files\HP\HP OfficeJet Pro 8020 series\Bin\ScanToPCActivationApp.exe" -deviceID "TH21B4R0Y8:NW" -scfn "HP OfficeJet Pro 8020 series (NET)" -AutoStart 1
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Proprietario\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\Run: [GoogleDriveFS] C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe --startup_mode (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIZIO LOCALE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIZIO DI RETE')
O4 - HKUS\S-1-5-18\..\Run: [GoogleDriveFS] C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe --startup_mode (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [GoogleDriveFS] C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe --startup_mode (User 'Default user')
O4 - Startup: Synology Drive Client.lnk = C:\Program Files (x86)\Synology\SynologyDrive\bin\launcher.exe
O4 - Global Startup: AnyDesk.lnk = C:\Program Files (x86)\AnyDesk\AnyDesk.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWOW64\skype4com.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Inc. - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD Crash Defender Service - Unknown owner - C:\Windows\system32\amdfendrsr.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ACP User Service (amdacpusrsvc) - Unknown owner - C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
O23 - Service: AnyDesk Service (AnyDesk) - AnyDesk Software GmbH - C:\Program Files (x86)\AnyDesk\AnyDesk.exe
O23 - Service: AMD User Experience Program Launcher (AUEPLauncher) - AMD - C:\Program Files\AMD\CIM\..\Performance Profile Client\AUEPLauncher.exe
O23 - Service: BlueSoleilCS - IVT Corporation - C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
O23 - Service: BsHelpCS - IVT Corporation - C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsHelpCS.exe
O23 - Service: CCleaner Performance Optimizer Service (CCleanerPerformanceOptimizerService) - Piriform Software Ltd - C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Genie Timeline Service (GenieTimelineService) - Genie9 - C:\Program Files\Genie9\Genie Timeline\GenieTimelineService.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) (GoogleChromeElevationService) - Google LLC - C:\Program Files\Google\Chrome\Application\109.0.5414.120\elevation_service.exe
O23 - Service: Servizio Google Update (gupdate) (gupdate) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: HTCMonitorService - Nero AG - D:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
O23 - Service: HuaweiHiSuiteService64.exe - Unknown owner - C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Accesso rete (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - D:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
O23 - Service: Synology Drive VSS Service x64 - Unknown owner - C:\Program Files (x86)\Synology\SynologyDrive\bin\vss-service-x64.exe
O23 - Service: TeamViewer - TeamViewer Germany GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: UsbClientService - Unknown owner - D:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12458 bytes


qualcosa di strano ? il pc con windows 7 non riesco ad andare in rete locale su altri computer
 
Logfile of HiJackThis+ (Alpha version) by Alex Dragokas v.3.2.0.1

Platform: x64 Windows 11 (Home), 10.0.22621.2283 (ReleaseId: 2009, 22H2), Service Pack: 0
Time: 01.10.2023 - 12:45 (UTC+02:00)
Language: OS: Italian (0x410). Display: Italian (0x410). Non-Unicode: Italian (0x410)
Memory: 2973 MiB Free. Loading RAM (64 %), CPU (2 %)
Elevated: Yes
Ran by: Lorenzo (group: Unknown; type: Microsoft) on DESKTOP-K11V5FN, FirstRun: yes

Chrome: 117.0.5938.132
Internet Explorer: 11.0.22621.1
Default: "C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)

Boot mode: Normal (Secure Boot: On) (Code Integrity: On)

Running processes:
Number | Path
1 C:\Program Files (x86)\Common Files\Steam\steamservice.exe
1 C:\Program Files (x86)\Google\Update\1.3.36.312\GoogleCrashHandler.exe
1 C:\Program Files (x86)\Google\Update\1.3.36.312\GoogleCrashHandler64.exe
1 C:\Program Files (x86)\Lenovo\Lenovo Calliope USB Keyboard\SklFundKb.exe
1 C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantage-(GenericMessagingAddin).exe
1 C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantage-(LenovoBoostAddin).exe
1 C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantage-(LenovoBoostSystemAddin).exe
1 C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantage-(VantageCoreAddin).exe
1 C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantageService.exe
2 C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe
6 C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
1 C:\Program Files (x86)\Steam\steam.exe
1 C:\Program Files\AMD\CNext\CNext\amdow.exe
1 C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
1 C:\Program Files\AMD\CNext\CNext\cncmd.exe
1 C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
11 C:\Program Files\Google\Chrome\Application\chrome.exe
1 C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
1 C:\Program Files\WindowsApps\Microsoft.GamingServices_15.81.24001.0_x64__8wekyb3d8bbwe\gamingservices.exe
1 C:\Program Files\WindowsApps\Microsoft.GamingServices_15.81.24001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
1 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21580.0_x64__8wekyb3d8bbwe\HxOutlook.exe
1 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21580.0_x64__8wekyb3d8bbwe\HxTsr.exe
1 C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.7272.0_x64__8wekyb3d8bbwe\GameBar.exe
1 C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.7272.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
1 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.23082.131.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
1 C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.23500.0.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
1 C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.23500.0.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\NisSrv.exe
1 C:\Windows\explorer.exe
1 C:\Windows\ImmersiveControlPanel\SystemSettings.exe
1 C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
1 C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
1 C:\Windows\System32\AggregatorHost.exe
1 C:\Windows\System32\amdfendrsr.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
1 C:\Windows\System32\audiodg.exe
1 C:\Windows\System32\cmd.exe
2 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
2 C:\Windows\System32\dasHost.exe
2 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
1 C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_3de4831720bb2934\RstMwService.exe
1 C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
1 C:\Windows\System32\DriverStore\FileRepository\piecomponent.inf_amd64_9bc8a839c751c49e\Intel_PIE_Service.exe
2 C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3d19142d5a057a7c\RtkAudUService64.exe
1 C:\Windows\System32\DriverStore\FileRepository\u0383914.inf_amd64_edc98fb5881ec41f\B383861\atieclxx.exe
1 C:\Windows\System32\DriverStore\FileRepository\u0396094.inf_amd64_a90ea54eeab05481\B395672\atiesrxx.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\Locator.exe
1 C:\Windows\System32\LsaIso.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\msiexec.exe
1 C:\Windows\System32\oobe\UserOOBEBroker.exe
5 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SecurityHealthSystray.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\Sgrm\SgrmBroker.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
89 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\SystemSettingsBroker.exe
2 C:\Windows\System32\taskhostw.exe
3 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\System32\wlanext.exe
3 C:\Windows\System32\WUDFHost.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
1 D:\Download\HiJackThis\HiJackThis.exe
1 D:\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe
1 D:\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe
1 D:\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe
2 D:\Electronic Arts\EA Desktop\EA Desktop\QtWebEngineProcess.exe
 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Default_Page_URL] = http://lenovo17win10.msn.com/?pc=LCTE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = http://lenovo17win10.msn.com/?pc=LCTE
O4 - ActiveSetup: HKLM\..\{8A69D345-D564-463c-AFF1-A69D9E530F96}: [StubPath] = C:\Program Files\Google\Chrome\Application\117.0.5938.132\Installer\chrmstp.exe --configure-user-settings --verbose-logging --system-level --channel=stable (sign: 'Google LLC')
O4 - HKCU\..\Run: [AMDNoiseSuppression] = C:\WINDOWS\system32\AMD\ANR\AMDNoiseSuppression.exe (file missing)
O4 - HKCU\..\Run: [EADM] = D:\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe -silent (sign: 'Electronic Arts, Inc.')
O4 - HKCU\..\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent (sign: 'Valve Corp.')
O4 - HKCU\..\RunOnce: [StartRSX] = C:\Program Files\AMD\CNext\CNext\LauncherRSXRuntime.exe (sign: 'Advanced Micro Devices Inc.')
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_BC68B7E3A3FF3A05DABA32118914F06A] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --win-session-start (2022/08/07) (sign: 'Microsoft')
O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Users\Lorenzo\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (2021/08/05) (sign: 'Microsoft')
O4 - HKLM\..\Run: [Lenovo Fundamental USB Keyboard] = C:\Program Files (x86)\Lenovo\Lenovo Calliope USB Keyboard\SklFundKb.exe (sign: 'LITE-ON TECHNOLOGY CORP.')
O4 - HKLM\..\Run: [RtkAudUService] = C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3d19142d5a057a7c\RtkAudUService64.exe -background (sign: 'Microsoft')
O4 - HKU\S-1-5-19\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'Local service') (sign: 'Microsoft')
O4 - HKU\S-1-5-19\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade (User 'Local service') (sign: 'Microsoft')
O4 - HKU\S-1-5-20\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'Network service') (sign: 'Microsoft')
O4 - HKU\S-1-5-20\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade (User 'Network service') (sign: 'Microsoft')
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\E&xport to Microsoft Excel: (default) = C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE (file missing)
O17 - DHCP DNS 1: 192.168.1.1
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Intel (empty)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\BatteryGauge (empty)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\McAfee (empty)
O22 - Tasks: (damaged) \Lenovo\ImController\TimeBasedEvents\039ccb5b-9bd3-4822-86fe-783273170c49 - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger 039ccb5b-9bd3-4822-86fe-783273170c49 (user missing) (sign: 'Microsoft')
O22 - Tasks: (damaged) \Lenovo\ImController\TimeBasedEvents\0ff97a12-b084-4806-9e3c-d6a5376c555f - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger 0ff97a12-b084-4806-9e3c-d6a5376c555f (user missing) (sign: 'Microsoft')
O22 - Tasks: (damaged) \Lenovo\ImController\TimeBasedEvents\72876a3d-adfa-4016-9676-e25a26e016a9 - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger 72876a3d-adfa-4016-9676-e25a26e016a9 (user missing) (sign: 'Microsoft')
O22 - Tasks: (damaged) \Lenovo\ImController\TimeBasedEvents\abeb13c3-3c21-415c-9aa6-0969400800cb - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger abeb13c3-3c21-415c-9aa6-0969400800cb (user missing) (sign: 'Microsoft')
O22 - Tasks: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (user missing) (sign: 'Microsoft')
O22 - Tasks: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (user missing) (sign: 'Microsoft')
O22 - Tasks: (disabled) \Agent Activation Runtime\S-1-5-21-1755012876-133732241-365190357-1002 - C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical - {613FBA38-A3DF-4AB8-9674-5604984A299A},/RuntimeWide - C:\Windows\System32\mscoree.dll (sign: 'Lenovo')
O22 - Tasks: (disabled) \Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical - {DE434264-8FE9-4C0B-A83B-89EBEEBFF78E},/RuntimeWide - C:\Windows\System32\mscoree.dll (sign: 'Lenovo')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\MdmDiagnosticsCleanup - C:\WINDOWS\system32\MdmDiagnosticsTool.exe /clean (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Shell\ThemeAssetTask_SyncFODState - {3BC5DD7D-EA3B-428C-B9B6-0723DB6A1057} - C:\Windows\System32\Windows.UI.Immersive.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\WINDOWS\system32\MusNotification.exe /RunOnAC RebootDialog (file missing)
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\WINDOWS\system32\MusNotification.exe /RunOnBattery RebootDialog (file missing)
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\WINDOWS\system32\usoclient.exe StartWork (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Lenovo\Vantage\Schedule\DailyTelemetryTransmission - C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe DailyTelemetryTransmission (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\WINDOWS\system32\sc.exe start InventorySvc (sign: '')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\SdbinstMergeDbTask - C:\WINDOWS\system32\sdbinst.exe -mm (sign: 'Microsoft')
O22 - Tasks: \HP\HP Print Scan Doctor\Printer Health Monitor - C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe (sign: 'HP Inc.')
O22 - Tasks: \HP\HP Print Scan Doctor\Printer Health Monitor Logon - C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe (sign: 'HP Inc.')
O22 - Tasks: \Lenovo\ImController\Lenovo iM Controller Monitor - C:\WINDOWS\system32\ImController.InfInstaller.exe -checkremoval (sign: 'Microsoft')
O22 - Tasks: \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance - C:\WINDOWS\system32\sc.exe START ImControllerService (sign: 'Microsoft')
O22 - Tasks: \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask - C:\WINDOWS\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32 (sign: 'Microsoft')
O22 - Tasks: \Lenovo\ImController\TimeBasedEvents\039ccb5b-9bd3-4822-86fe-783273170c49 - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger 039ccb5b-9bd3-4822-86fe-783273170c49 (sign: 'Microsoft')
O22 - Tasks: \Lenovo\ImController\TimeBasedEvents\0ff97a12-b084-4806-9e3c-d6a5376c555f - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger 0ff97a12-b084-4806-9e3c-d6a5376c555f (sign: 'Microsoft')
O22 - Tasks: \Lenovo\ImController\TimeBasedEvents\72876a3d-adfa-4016-9676-e25a26e016a9 - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger 72876a3d-adfa-4016-9676-e25a26e016a9 (sign: 'Microsoft')
O22 - Tasks: \Lenovo\ImController\TimeBasedEvents\abeb13c3-3c21-415c-9aa6-0969400800cb - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger abeb13c3-3c21-415c-9aa6-0969400800cb (sign: 'Microsoft')
O22 - Tasks: \Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance - C:\WINDOWS\system32\sc.exe start LenovoVantageService (sign: 'Microsoft')
O22 - Tasks: \Lenovo\Vantage\Schedule\BatteryGaugeAddinDailyScheduleTask - C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe BatteryGaugeAddinDailyScheduleTask (sign: 'Microsoft')
O22 - Tasks: \Lenovo\Vantage\Schedule\GenericMessagingAddin - C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe GenericMessagingAddin (sign: 'Microsoft')
O22 - Tasks: \Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask - C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe HeartbeatAddinDailyScheduleTask (sign: 'Microsoft')
O22 - Tasks: \Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport - C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe Lenovo.Vantage.SmartPerformance.MonthlyReport (sign: 'Microsoft')
O22 - Tasks: \Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.SScan - C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe Lenovo.Vantage.SmartPerformance.SScan (sign: 'Microsoft')
O22 - Tasks: \Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask - C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe LenovoCompanionAppAddinDailyScheduleTask (sign: 'Microsoft')
O22 - Tasks: \Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask - C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe LenovoSystemUpdateAddin_WeeklyTask (sign: 'Microsoft')
O22 - Tasks: \Lenovo\Vantage\Schedule\SmartPerformance.ExpireReminder - C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe SmartPerformance.ExpireReminder (sign: 'Microsoft')
O22 - Tasks: \Lenovo\Vantage\Schedule\VantageCoreAddinWeekScheduleTask - C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe VantageCoreAddinWeekScheduleTask (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 - {84F0FAE1-C27B-4F6F-807B-28CF6F96287D},/RuntimeWide - C:\Windows\System32\mscoree.dll (sign: 'Lenovo')
O22 - Tasks: \Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 - {429BC048-379E-45E0-80E4-EB1977941B5C},/RuntimeWide - C:\Windows\System32\mscoree.dll (sign: 'Lenovo')
O22 - Tasks: \Microsoft\Windows\AppxDeploymentClient\UCPD velocity - C:\WINDOWS\system32\UCPDMgr.exe (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\CloudRestore\Backup - {722D0F89-B69C-4700-AE8C-4A44350E4876},$(Arg0) - C:\WINDOWS\System32\CloudRestoreLauncher.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Input\InputSettingsRestoreDataAvailable - {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA},InputSettingsRestoreDataAvailable - C:\Windows\System32\InputCloudStore.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Input\syncpensettings - {3ECEE215-83F5-4123-A592-74F1FE4C3D59},SYNC_PEN_SETTINGS - C:\WINDOWS\System32\SettingsHandlers_Pen.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - C:\WINDOWS\System32\MbaeParserTask.exe (file missing)
O22 - Tasks: \Microsoft\Windows\SMB\UninstallSMB1ClientTask - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Client" (sign: '')
O22 - Tasks: \Microsoft\Windows\SMB\UninstallSMB1ServerTask - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Server" (sign: '')
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\WINDOWS\system32\MusNotification.exe (file missing)
O22 - Tasks: \Microsoft\Windows\WindowsBackup\AutomaticBackup - C:\WINDOWS\system32\rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\WindowsUpdate\RUXIM\RUXIMDisplay - C:\Program Files\ruxim\ruximics.exe /nonetwork (file missing)
O22 - Tasks: \Microsoft\Windows\WindowsUpdate\RUXIM\RUXIMSync - C:\Program Files\ruxim\ruximics.exe /onlyloadcampaigns (file missing)
O22 - Tasks: AMDInstallLauncher - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe /InstallAUEP (sign: 'Advanced Micro Devices Inc.')
O22 - Tasks: AMDInstallUEP - C:\Program Files\AMD\InstallUEP\AMDInstallUEP.exe (sign: 'Advanced Micro Devices Inc.')
O22 - Tasks: AMDLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -AMDLinkUpdate (sign: 'Advanced Micro Devices Inc.')
O22 - Tasks: GoogleUpdateTaskMachineCore{1175AE5B-4AE0-48F1-A74B-6AAA195EBCE0} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c (sign: 'Google LLC')
O22 - Tasks: GoogleUpdateTaskMachineUA{DAB3263D-3160-446A-A730-1C25A9B47B0B} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler (sign: 'Google LLC')
O22 - Tasks: ModifyLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -UpdateCurrentUser (sign: 'Advanced Micro Devices Inc.')
O22 - Tasks: OneDrive Reporting Task-S-1-5-21-1755012876-133732241-365190357-1002 - C:\Users\Lorenzo\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (sign: 'Microsoft')
O22 - Tasks: StartCN - C:\Program Files\AMD\CNext\CNext\cncmd.exe startwithdelay (sign: 'Advanced Micro Devices Inc.')
O22 - Tasks: StartDVR - C:\Program Files\AMD\CNext\CNext\RSServCmd.exe (sign: 'Advanced Micro Devices Inc.')
O22 - Tasks_Migrated: (damaged) \Lenovo\ImController\TimeBasedEvents\29040912-0283-48e9-8e86-a73fe0f107ee - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger 29040912-0283-48e9-8e86-a73fe0f107ee (user missing) (sign: 'Microsoft')
O22 - Tasks_Migrated: (damaged) \Lenovo\ImController\TimeBasedEvents\6262e335-7fa2-448c-9f1e-feaec3736f7a - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger 6262e335-7fa2-448c-9f1e-feaec3736f7a (user missing) (sign: 'Microsoft')
O22 - Tasks_Migrated: (damaged) \Lenovo\ImController\TimeBasedEvents\6874dd8d-fce5-4e7c-8d61-66f8d478310f - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger 6874dd8d-fce5-4e7c-8d61-66f8d478310f (user missing) (sign: 'Microsoft')
O22 - Tasks_Migrated: (damaged) \Lenovo\ImController\TimeBasedEvents\f81adea4-4df3-4ced-aacf-20bc30034ffb - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger f81adea4-4df3-4ced-aacf-20bc30034ffb (user missing) (sign: 'Microsoft')
O22 - Tasks_Migrated: (disabled) \Agent Activation Runtime\S-1-5-21-1755012876-133732241-365190357-1002 - C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe (sign: 'Microsoft')
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical - {613FBA38-A3DF-4AB8-9674-5604984A299A},/RuntimeWide - C:\Windows\System32\mscoree.dll (sign: 'Lenovo')
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical - {DE434264-8FE9-4C0B-A83B-89EBEEBFF78E},/RuntimeWide - C:\Windows\System32\mscoree.dll (sign: 'Lenovo')
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Provisioning\MdmDiagnosticsCleanup - C:\WINDOWS\system32\MdmDiagnosticsTool.exe /clean (sign: 'Microsoft')
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (sign: 'Microsoft')
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (sign: 'Microsoft')
O22 - Tasks_Migrated: (telemetry) \Lenovo\Vantage\Schedule\DailyTelemetryTransmission - C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe DailyTelemetryTransmission (file missing)
O22 - Tasks_Migrated: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (sign: 'Microsoft')
O22 - Tasks_Migrated: \HP\HP Print Scan Doctor\Printer Health Monitor - C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe (sign: 'HP Inc.')
O22 - Tasks_Migrated: \HP\HP Print Scan Doctor\Printer Health Monitor Logon - C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe (sign: 'HP Inc.')
O22 - Tasks_Migrated: \Lenovo\BatteryGauge\BatteryGaugeMaintenance - C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe (file missing)
O22 - Tasks_Migrated: \Lenovo\ImController\Lenovo iM Controller Monitor - C:\WINDOWS\system32\ImController.InfInstaller.exe -checkremoval (sign: 'Microsoft')
O22 - Tasks_Migrated: \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance - C:\WINDOWS\system32\sc.exe START ImControllerService (sign: 'Microsoft')
O22 - Tasks_Migrated: \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask - C:\WINDOWS\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32 (sign: 'Microsoft')
O22 - Tasks_Migrated: \Lenovo\ImController\TimeBasedEvents\29040912-0283-48e9-8e86-a73fe0f107ee - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger 29040912-0283-48e9-8e86-a73fe0f107ee (sign: 'Microsoft')
O22 - Tasks_Migrated: \Lenovo\ImController\TimeBasedEvents\6262e335-7fa2-448c-9f1e-feaec3736f7a - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger 6262e335-7fa2-448c-9f1e-feaec3736f7a (sign: 'Microsoft')
O22 - Tasks_Migrated: \Lenovo\ImController\TimeBasedEvents\6874dd8d-fce5-4e7c-8d61-66f8d478310f - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger 6874dd8d-fce5-4e7c-8d61-66f8d478310f (sign: 'Microsoft')
O22 - Tasks_Migrated: \Lenovo\ImController\TimeBasedEvents\f81adea4-4df3-4ced-aacf-20bc30034ffb - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger f81adea4-4df3-4ced-aacf-20bc30034ffb (sign: 'Microsoft')
O22 - Tasks_Migrated: \Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance - C:\WINDOWS\system32\sc.exe start LenovoVantageService (sign: 'Microsoft')
O22 - Tasks_Migrated: \Lenovo\Vantage\Schedule\GenericMessagingAddin - C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe GenericMessagingAddin (file missing)
O22 - Tasks_Migrated: \Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask - C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe HeartbeatAddinDailyScheduleTask (file missing)
O22 - Tasks_Migrated: \Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport - C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe Lenovo.Vantage.SmartPerformance.MonthlyReport (file missing)
O22 - Tasks_Migrated: \Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.SScan - C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe Lenovo.Vantage.SmartPerformance.SScan (file missing)
O22 - Tasks_Migrated: \Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask - C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe LenovoCompanionAppAddinDailyScheduleTask (file missing)
O22 - Tasks_Migrated: \Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask - C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe LenovoSystemUpdateAddin_WeeklyTask (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 - {84F0FAE1-C27B-4F6F-807B-28CF6F96287D},/RuntimeWide - C:\Windows\System32\mscoree.dll (sign: 'Lenovo')
O22 - Tasks_Migrated: \Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 - {429BC048-379E-45E0-80E4-EB1977941B5C},/RuntimeWide - C:\Windows\System32\mscoree.dll (sign: 'Lenovo')
O22 - Tasks_Migrated: \Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - C:\WINDOWS\System32\MbaeParserTask.exe (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\SMB\UninstallSMB1ClientTask - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Client" (sign: '')
O22 - Tasks_Migrated: \Microsoft\Windows\SMB\UninstallSMB1ServerTask - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Server" (sign: '')
O22 - Tasks_Migrated: \Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance - C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Windows Defender\Windows Defender Cleanup - C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe -IdleTask -TaskName WdCleanup (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan - C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe Scan -ScheduleJob -ScanTrigger 55 -IdleScheduledJob (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Windows Defender\Windows Defender Verification - C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe -IdleTask -TaskName WdVerification (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\WindowsBackup\AutomaticBackup - C:\WINDOWS\system32\rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup (sign: 'Microsoft')
O22 - Tasks_Migrated: \Microsoft\Windows\WindowsUpdate\RUXIM\RUXIMDisplay - C:\Program Files\ruxim\ruximics.exe /nonetwork (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\WindowsUpdate\RUXIM\RUXIMSync - C:\Program Files\ruxim\ruximics.exe /onlyloadcampaigns (file missing)
O22 - Tasks_Migrated: AMDInstallLauncher - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe /InstallAUEP (sign: 'Advanced Micro Devices Inc.')
O22 - Tasks_Migrated: AMDLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -AMDLinkUpdate (sign: 'Advanced Micro Devices Inc.')
O22 - Tasks_Migrated: GoogleUpdateTaskMachineCore{1175AE5B-4AE0-48F1-A74B-6AAA195EBCE0} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c (sign: 'Google LLC')
O22 - Tasks_Migrated: GoogleUpdateTaskMachineUA{DAB3263D-3160-446A-A730-1C25A9B47B0B} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler (sign: 'Google LLC')
O22 - Tasks_Migrated: ModifyLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -UpdateCurrentUser (sign: 'Advanced Micro Devices Inc.')
O22 - Tasks_Migrated: OneDrive Reporting Task-S-1-5-21-1755012876-133732241-365190357-1002 - C:\Users\Lorenzo\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (sign: 'Microsoft')
O23 - Service R2: AMD Crash Defender Service - C:\WINDOWS\System32\amdfendrsr.exe (sign: 'Microsoft')
O23 - Service R2: AMD External Events Utility - C:\WINDOWS\System32\DriverStore\FileRepository\u0396094.inf_amd64_a90ea54eeab05481\B395672\atiesrxx.exe (sign: 'Advanced Micro Devices Inc.')
O23 - Service R2: GameInput Service - C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe (sign: 'Microsoft')
O23 - Service R2: Gaming Services - (GamingServices) - C:\Program Files\WindowsApps\Microsoft.GamingServices_15.81.24001.0_x64__8wekyb3d8bbwe\GamingServices.exe (sign: 'Microsoft')
O23 - Service R2: Gaming Services - (GamingServicesNet) - C:\Program Files\WindowsApps\Microsoft.GamingServices_15.81.24001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe (sign: 'Microsoft')
O23 - Service R2: HP Print Scan Doctor Service - (HPPrintScanDoctorService) - C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe (sign: 'HP Inc.')
O23 - Service R2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe (sign: 'Microsoft')
O23 - Service R2: Intel(R) Management Engine WMI Provider Registration - (WMIRegistrationService) - C:\WINDOWS\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe (sign: 'Microsoft')
O23 - Service R2: Intel(R) Storage Middleware Service - (RstMwService) - C:\WINDOWS\System32\DriverStore\FileRepository\iaahcic.inf_amd64_3de4831720bb2934\RstMwService.exe (sign: 'Microsoft')
O23 - Service R2: LenovoVantageService - C:\Program Files (x86)\Lenovo\VantageService\\3.13.72.0\LenovoVantageService.exe (sign: 'Microsoft')
O23 - Service R2: Realtek Audio Universal Service - (RtkAudioUniversalService) - C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3d19142d5a057a7c\RtkAudUService64.exe (sign: 'Microsoft')
O23 - Service R2: System Interface Foundation Service - (ImControllerService) - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe (sign: 'Microsoft')
O23 - Service R3: EABackgroundService - D:\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (sign: 'Electronic Arts, Inc.')
O23 - Service R3: Intel® PROSet/Wireless Service - (PIEServiceNew) - C:\Windows\System32\DriverStore\FileRepository\piecomponent.inf_amd64_9bc8a839c751c49e\Intel_PIE_Service.exe (sign: 'Microsoft')
O23 - Service R3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\steamservice.exe /RunAsService (sign: 'Valve Corp.')
O23 - Service S2: Intel(R) TPM Provisioning Service - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_e936ad8266d026ce\lib\TPMProvisioningService.exe (sign: 'Microsoft')
O23 - Service S2: Servizio Google Update (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc (sign: 'Google LLC')
O23 - Service S3: EAAntiCheatService - C:\Program Files\EA\AC\eaanticheat.gameservice.exe (sign: 'Electronic Arts, Inc.')
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\117.0.5938.132\elevation_service.exe (sign: 'Google LLC')
O23 - Service S3: Intel(R) Capability Licensing Service TCP IP Interface - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_e936ad8266d026ce\lib\SocketHeciServer.exe (sign: 'Microsoft')
O23 - Service S3: Intel(R) Optane(TM) Memory Service - (iaStorAfsService) - C:\WINDOWS\System32\iaStorAfsService.exe (sign: 'Microsoft')
O23 - Service S3: Office 64 Source Engine - (ose64) - c:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (sign: 'Microsoft')
O23 - Service S3: Rockstar Game Library Service - (Rockstar Service) - D:\Program Files\Rockstar Games\Launcher\RockstarService.exe (sign: 'Rockstar Games, Inc.')
O23 - Service S3: Servizio Google Update (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc (sign: 'Google LLC')
O23 - Driver R0: AMD PCI Root Bus Lower Filter - (amdkmpfd) - C:\WINDOWS\System32\drivers\amdkmpfd.sys (+safe mode) (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R0: Intel(R) Chipset SATA/PCIe RST Premium Controller - (iaStorAC) - C:\WINDOWS\System32\drivers\iaStorAC.sys (sign: 'Intel Corporation')
O23 - Driver R3: ___ Driver scheda Intel(R) Wireless per Windows 10 64 Bit - (Netwtw04) - C:\WINDOWS\System32\drivers\Netwtw04.sys (+safe mode) (sign: 'Intel Corporation')
O23 - Driver R3: AMD Crash Defender Driver - (amdfendr) - C:\WINDOWS\System32\drivers\amdfendr.sys (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R3: AMD Crash Defender Manager Driver - (amdfendrmgr) - C:\WINDOWS\System32\drivers\amdfendrmgr.sys (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R3: AMD Function Driver for HD Audio Service - (AtiHDAudioService) - C:\WINDOWS\system32\drivers\AtihdWT6.sys (sign: 'Microsoft' - Advanced Micro Devices)
O23 - Driver R3: AMD Link Controller Emulation - (AMDXE) - C:\WINDOWS\System32\drivers\amdxe.sys (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R3: AMDSAFD - C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_66a9fa5d80327844\amdsafd.sys (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R3: amdwddmg - C:\WINDOWS\System32\DriverStore\FileRepository\u0396094.inf_amd64_a90ea54eeab05481\B395672\amdkmdag.sys (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R3: Intel(R) Management Engine Interface - (MEIx64) - C:\WINDOWS\System32\DriverStore\FileRepository\heci.inf_amd64_649c7923a043d3be\x64\TeeDriverW10x64.sys (sign: 'Intel Corporation')
O23 - Driver R3: Intel(R) Watchdog Timer Driver (Intel(R) WDT) - (ICCWDT) - C:\WINDOWS\System32\drivers\ICCWDT.sys (sign: 'Intel(R) Embedded Subsystems and IP Blocks Group')
O23 - Driver R3: Intel(R) Wireless Bluetooth(R) - (ibtusb) - C:\WINDOWS\System32\DriverStore\FileRepository\ibtusb.inf_amd64_1c2e1d1f3cb86e75\ibtusb.sys (+safe mode) (sign: 'Intel Corporation')
O23 - Driver R3: Realtek USB Card Reader - UER - (RTSUER) - C:\WINDOWS\system32\Drivers\RtsUer.sys (sign: 'Realtek Semiconductor Corp.')
O23 - Driver R3: Service for Realtek HD Audio (WDM) - (IntcAzAudAddService) - C:\WINDOWS\system32\drivers\RTKVHD64.sys (sign: 'Realtek Semiconductor Corp.')
O23 - Driver S1: WinSetupMon - C:\WINDOWS\system32\DRIVERS\WinSetupMon.sys (file missing)
O23 - Driver S3: "Microsoft Bluetooth Hands-Free Profile driver" ; {Placeholder="Microsoft Bluetooth"} - (BthHFEnum) - C:\WINDOWS\System32\drivers\bthhfenum.sys (not signed)
O23 - Driver S3: EAAntiCheat - C:\WINDOWS\system32\drivers\eaanticheat.sys (file missing)
O23 - Driver S3: iaStorAfs - C:\WINDOWS\System32\drivers\iaStorAfs.sys (sign: 'Intel(R) Rapid Storage Technology')
O23 - Driver S3: Intel(R) PRO/1000 PCI Express Network Connection Driver D - (e1dexpress) - C:\WINDOWS\System32\DriverStore\FileRepository\e1d68x64.inf_amd64_b32d0891eb98aee4\e1d68x64.sys (+safe mode) (sign: 'Intel Corporation')
O23 - Driver S3: Intel(R) Serial IO GPIO Controller Driver - (iaLPSSi_GPIO) - C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys (sign: 'Intel Corporation - Client Components Group')
O23 - Driver S3: SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.) - (ssudmdm) - C:\WINDOWS\system32\DRIVERS\ssudmdm.sys (sign: 'Samsung Electronics CO., LTD.')
O23 - Driver S3: SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.) - (dg_ssudbus) - C:\WINDOWS\system32\DRIVERS\ssudbus2.sys (+safe mode) (sign: 'Samsung Electronics CO., LTD.')
O23 - Driver S3: SAMSUNG Mobile USB Connectivity Device Driver V2 - (ss_conn_usb_driver2) - C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys (+safe mode) (sign: 'Samsung Electronics CO., LTD.')
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service: 'e1dexpress'
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service: 'Netwtw04'


--
End of file - Time spent: 34,8 sec. - 79472 bytes, CRC32: FFFFFFFF. Sign: ꌇ塟
 
Scusa ma che problema hai al sistema? perchè è logico postare il log nel caso ci sia qualcosa che non va.
 
IamRoby ha scritto:
Scusa ma che problema hai al sistema? perchè è logico postare il log nel caso ci sia qualcosa che non va.
Clicca per espandere...

solo per precauzione windows mi aveva rilevato un virus prontamente rimosso (forse era un falso positivo vista la provenienza sicura dei files)
 
Ultima modifica:
Da come vedo mi sembra ok, scarface, si, sempre meglio dire se il log è stato inserito solo verifica o per verifiche più 'dettagliate'
 
Salve a tutti, a causa di rallentamenti del s.o. Windows 11 e di un avviso che compare non appena finito di avviarsi il s.o. di un file dll mancante del s.o. stesso, chiedo gentilmente agli amministratori se è possibile di verificarmi gentilmente questo log ed in caso cosa riparare o eleminare come voci, grazie.

Logfile of HiJackThis Fork by Alex Dragokas v.2.10.0.31

Platform: x64 Windows 11 (Pro), 10.0.22000.2538 (ReleaseId: 2009, 21H2), Service Pack: 0
Time: 12.10.2023 - 15:26 (UTC+02:00)
Language: OS: Italian (0x410). Display: Italian (0x410). Non-Unicode: Italian (0x410)
Memory: 4576 MiB Free (37 %). CPU Loading: (4 %)
Elevated: Yes
Ran by: d80di (group: Administrators) on DESKTOP-20CKG13, FirstRun: yes

Chrome: 117.0.5938.150
Firefox: 118.0.2.8682
Internet Explorer: 11.0.22000.120
Default: "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Firefox)

Boot mode: Normal

Running processes:
Number | Path
1 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
6 C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.60\msedgewebview2.exe
1 C:\Program Files (x86)\SmartCMS\SmartCMS Server.exe
1 C:\Program Files (x86)\SmartCMS\SmartCMS Watch.exe
1 C:\Program Files\AMD\CNext\CNext\amdow.exe
1 C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
1 C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
1 C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
1 C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.23500.0.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
1 C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.23500.0.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\NisSrv.exe
1 C:\Users\d80di\Desktop\HiJackThis.exe
1 C:\Users\Public\longse_ivms\Database\bin\vlmysqld.exe
1 C:\Windows\explorer.exe
1 C:\Windows\System32\AggregatorHost.exe
1 C:\Windows\System32\amdfendrsr.exe
1 C:\Windows\System32\audiodg.exe
1 C:\Windows\System32\backgroundTaskHost.exe
1 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
2 C:\Windows\System32\dasHost.exe
2 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\DriverStore\FileRepository\c0360470.inf_amd64_b06c374aee20d185\B360357\atieclxx.exe
1 C:\Windows\System32\DriverStore\FileRepository\c0360470.inf_amd64_b06c374aee20d185\B360357\atiesrxx.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\lsass.exe
3 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\SgrmBroker.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
71 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = http://search.orbitdownloader.com
O1 - Hosts.ICS: 172.24.128.1 DESKTOP-20CKG13.mshome.net # 2027 10 6 9 19 7 27 83
O2 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre-1.8\bin\jp2ssv.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre-1.8\bin\ssv.dll
O4 - HKCU\..\StartupApproved\Run: [Java Corporation] = C:\Program Files\Java\jre-1.8\bin\javaw.exe -jar "C:\Users\d80di\AppData\Roaming\Java Corporation.jar" (2023/10/03)
O4 - HKCU\..\StartupApproved\Run: [Java Studio] = C:\Program Files\Java\jre-1.8\bin\javaw.exe -jar "C:\Users\d80di\AppData\Roaming\Java Studio.jar" (2023/10/05)
O4 - HKCU\..\StartupApproved\Run: [Java Update 12] = C:\Program Files\Java\jre-1.8\bin\javaw.exe -jar "C:\Users\d80di\AppData\Roaming\Java Update 12.jar" (2023/10/12)
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_595ACA7AB1ED3690A20B3E494738DA81] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start /prefetch:5 (2022/06/24)
O4 - HKCU\..\StartupApproved\Run: [NetTraffic] = C:\Program Files (x86)\NetTraffic\NetTraffic.exe (2022/12/11)
O4 - HKCU\..\StartupApproved\Run: [Opera Browser Assistant] = C:\Users\d80di\AppData\Local\Programs\Opera\assistant\browser_assistant.exe (2020/10/15)
O4 - HKCU\..\StartupApproved\Run: [Realtek Audio] = C:\WINDOWS\system32\wscript.exe //B "C:\Users\d80di\AppData\Roaming\Realtek Audio.js" (2023/10/05)
O4 - HKCU\..\StartupApproved\Run: [Services.exe] = C:\Users\d80di\AppData\Roaming\Services.exe (2023/10/12)
O4 - HKCU\..\StartupApproved\Run: [Text] = C:\WINDOWS\system32\wscript.exe //B "C:\Users\d80di\AppData\Roaming\Text.js" (2023/10/05)
O4 - HKCU\..\StartupApproved\Run: [Texto] = C:\WINDOWS\system32\wscript.exe //B "C:\Users\d80di\AppData\Roaming\Texto.js" (2023/10/05)
O4 - HKCU\..\StartupApproved\Run: [Username] = C:\WINDOWS\system32\wscript.exe //B "C:\Users\d80di\AppData\Roaming\Username.js" (2023/10/05)
O4 - HKCU\..\StartupApproved\StartupFolder: C:\Users\d80di\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Explorer.exe -> (PE EXE) (2023/10/12)
O4 - HKCU\..\StartupApproved\StartupFolder: C:\Users\d80di\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Java Corporation.jar (2023/10/03)
O4 - HKCU\..\StartupApproved\StartupFolder: C:\Users\d80di\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Java Studio.jar (2023/10/05)
O4 - HKCU\..\StartupApproved\StartupFolder: C:\Users\d80di\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Java Update 12.jar (2023/10/12)
O4 - HKCU\..\StartupApproved\StartupFolder: C:\Users\d80di\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Realtek Audio.js (2023/10/05)
O4 - HKCU\..\StartupApproved\StartupFolder: C:\Users\d80di\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\svchost.exe -> (PE EXE) (2023/10/12)
O4 - HKCU\..\StartupApproved\StartupFolder: C:\Users\d80di\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Text.js (2023/10/05)
O4 - HKCU\..\StartupApproved\StartupFolder: C:\Users\d80di\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Texto.js (2023/10/05)
O4 - HKCU\..\StartupApproved\StartupFolder: C:\Users\d80di\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Username.js (2023/10/05)
O4 - HKLM\..\StartupApproved\Run: [BraveVpnWireguardService] = C:\Program Files\BraveSoftware\Brave-Browser\Application\118.1.59.117\BraveVpnWireguardService\brave_vpn_wireguard_service.exe --interactive (2023/10/12)
O4 - HKLM\..\StartupApproved\Run: [Java Corporation] = C:\Program Files\Java\jre-1.8\bin\javaw.exe -jar "C:\Users\d80di\AppData\Roaming\Java Corporation.jar" (2023/10/03)
O4 - HKLM\..\StartupApproved\Run: [Java Studio] = C:\Program Files\Java\jre-1.8\bin\javaw.exe -jar "C:\Users\d80di\AppData\Roaming\Java Studio.jar" (2023/10/05)
O4 - HKLM\..\StartupApproved\Run: [Java Update 12] = C:\Program Files\Java\jre-1.8\bin\javaw.exe -jar "C:\Users\d80di\AppData\Roaming\Java Update 12.jar" (2023/10/12)
O4 - HKLM\..\StartupApproved\Run: [RtHDVCpl] = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s (2020/09/28)
O4 - HKLM\..\StartupApproved\Run: [SecurityHealth] = C:\WINDOWS\system32\SecurityHealthSystray.exe (2020/09/28)
O4 - HKLM\..\StartupApproved\Run32: [Realtek Audio] = C:\WINDOWS\system32\wscript.exe //B "C:\Users\d80di\AppData\Roaming\Realtek Audio.js" (2023/10/05)
O4 - HKLM\..\StartupApproved\Run32: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2020/10/15)
O4 - HKLM\..\StartupApproved\Run32: [Text] = C:\WINDOWS\system32\wscript.exe //B "C:\Users\d80di\AppData\Roaming\Text.js" (2023/10/05)
O4 - HKLM\..\StartupApproved\Run32: [Texto] = C:\WINDOWS\system32\wscript.exe //B "C:\Users\d80di\AppData\Roaming\Texto.js" (2023/10/05)
O4 - HKLM\..\StartupApproved\Run32: [Username] = C:\WINDOWS\system32\wscript.exe //B "C:\Users\d80di\AppData\Roaming\Username.js" (2023/10/05)
O4 - HKLM\..\StartupApproved\Run32: [V0330Mon.exe] = C:\WINDOWS\V0330Mon.exe (2020/09/28)
O4 - HKLM\..\StartupApproved\StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Carroll.lnk -> C:\Program Files (x86)\Carroll\Carroll.exe /OnlySet (2020/09/28)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\E&xport to Microsoft Excel: (default) = C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE (file missing)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Se&nd to OneNote: (default) = C:\Program Files\Microsoft Office\root\Office16\ONBttnIE.dll (file missing)
O17 - DHCP DNS 1: 8.8.8.8 (Well-known DNS: Google)
O17 - DHCP DNS 2: 8.8.4.4 (Well-known DNS: Google)
O17 - DHCP DNS 3: 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\..\{2793abdd-b4c7-4dfb-97cd-2eade4e47037}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{2793abdd-b4c7-4dfb-97cd-2eade4e47037}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{31a2b1e9-9a42-497b-9ce3-b4c3781798cc}: [NameServer] = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\..\{31a2b1e9-9a42-497b-9ce3-b4c3781798cc}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{31a2b1e9-9a42-497b-9ce3-b4c3781798cc}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{31A2B1E9-9A42-497B-9CE3-B4C3781798CC}: [NameServer] = 192.168.1.254
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{31A2B1E9-9A42-497B-9CE3-B4C3781798CC}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{31A2B1E9-9A42-497B-9CE3-B4C3781798CC}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{5885E632-0A94-43C0-BECD-2F7360F8BEA6}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{5885E632-0A94-43C0-BECD-2F7360F8BEA6}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{7FDD1E35-03CA-4386-A572-724116513A74}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{7FDD1E35-03CA-4386-A572-724116513A74}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{82C6D788-C5D3-40D4-9941-9A8EC44C2AFC}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{82C6D788-C5D3-40D4-9941-9A8EC44C2AFC}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{8D69708D-DDEC-A599-BB02-0475A5D2150E}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{8D69708D-DDEC-A599-BB02-0475A5D2150E}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{C71902A8-E482-42A4-A6C3-9D062F28B8D3}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{C71902A8-E482-42A4-A6C3-9D062F28B8D3}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{C72823A6-6E76-4D72-B82C-F11D084D8546}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{C72823A6-6E76-4D72-B82C-F11D084D8546}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O22 - BITS Job: (download) {7EB0C7BA-CE6E-499C-BA87-1400F8D4B6B0} - https://download-installer.cdn.mozi...te/win64/it/firefox-117.0.1-118.0.partial.mar -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\updates\downloading\update.mar
O22 - BITS Job: (download) {B8CB4DB3-673F-4F3D-9ECA-3C731D62E19E} - https://download-installer.cdn.mozi...te/win64/it/firefox-116.0.3-117.0.partial.mar -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\updates\downloading\update.mar
O22 - BITS Job: (download) {F9A66D2D-3A56-4EFA-86DC-BD66CD85DB66} - https://download-installer.cdn.mozi...te/win64/it/firefox-117.0.1-118.0.partial.mar -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\updates\downloading\update.mar
O22 - BITS Job: Fix all (including legit)
O22 - Task (.job): (disabled) (Not scheduled) CreateExplorerShellUnelevatedTask.job - C:\WINDOWS\explorer.exe
O22 - Task (.job): (Not scheduled) CCleanerCrashReporting.job - C:\Program Files\CCleaner\CCleanerBugReport.exe
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avira\System Speedup (empty)
O22 - Tasks: (disabled) \Agent Activation Runtime\S-1-5-21-1593497920-3724576141-1433594885-1001 - C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe
O22 - Tasks: (disabled) \Microsoft\Windows\Clip\LicenseImdsIntegration - C:\WINDOWS\system32\fclip.exe (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\WINDOWS\System32\Autopilot.dll (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\WINDOWS\System32\Autopilot.dll (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\MdmDiagnosticsCleanup - C:\WINDOWS\system32\MdmDiagnosticsTool.exe /clean (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\WINDOWS\system32\usoclient.exe StartWork (Microsoft)
O22 - Tasks: (disabled) Optimize Push Notification Data File-S-1-5-21-1593497920-3724576141-1433594885-1001 - {201600D8-6EFF-48CE-B842-E14D37A0682D} - C:\WINDOWS\System32\wpninprc.dll
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Tasks: \Abelssoft\Abelssoft SSD Fresh Settings Check_43 - C:\Program Files (x86)\SSDFresh\AbLauncher.exe checksettings -autorun
O22 - Tasks: \HP\HP Print Scan Doctor\Printer Health Monitor - C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe
O22 - Tasks: \HP\HP Print Scan Doctor\Printer Health Monitor Logon - C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe
O22 - Tasks: \Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - C:\WINDOWS\System32\MbaeParserTask.exe (file missing)
O22 - Tasks: \Mozilla\Firefox Background Update 308046B0AF4A39CB - C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
O22 - Tasks: \Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB - C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
O22 - Tasks: \System\SystemCheck - C:\Users\d80di\AppData\Roaming\Microsoft\Windows\Helper.exe -SystemCheck (file missing)
O22 - Tasks: \Windows Subsystem Modules\Windows Subsystem Modules - C:\WINDOWS\system32\rundll32.exe C:\ProgramData\microsoft\windows.sys,subsystem
O22 - Tasks: \WiseCleaner\WRCSkipUAC - C:\Program Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe $UAC
O22 - Tasks: Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O22 - Tasks: BraveSoftwareUpdateTaskMachineCore - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe /c
O22 - Tasks: BraveSoftwareUpdateTaskMachineUA - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe /ua /installsource scheduler
O22 - Tasks: CCleaner Update - C:\Program Files\CCleaner\CCUpdate.exe
O22 - Tasks: CCleanerCrashReporting - C:\Program Files\CCleaner\CCleanerBugReport.exe --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "c823f899-6e77-4164-95ec-08e774e3eb77" --version "6.15.10623" --silent
O22 - Tasks: CCleanerSkipUAC - d80di - C:\Program Files\CCleaner\CCleaner.exe $(Arg0)
O22 - Tasks: GoogleUpdateTaskMachineCore{B3DE2DE0-A0C3-460E-85DF-18D03FB50201} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Tasks: GoogleUpdateTaskMachineUA{67C95747-C4D3-4C6F-B8A4-D6D3BDD4F19E} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Tasks: Maxthon5 Update - C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe -RunScheduledUpdate
O22 - Tasks: Opera scheduled assistant Autoupdate 1601326342 - C:\Users\d80di\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate --component-name=assistant --component-path="C:\Users\d80di\AppData\Local\Programs\Opera\assistant" $(Arg0)
O22 - Tasks: Opera scheduled Autoupdate 1601326338 - C:\Users\d80di\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0)
O22 - Tasks: Skype - C:\Users\d80di\AppData\Roaming\Java Corporation.jar (file missing)
O22 - Tasks: StartCN - C:\Program Files\AMD\CNext\CNext\cncmd.exe startwithdelay
O22 - Tasks: StartDVR - C:\Program Files\AMD\CNext\CNext\RSServCmd.exe
O22 - Tasks: VivaldiUpdateCheck-5924e1198cc83f03 - C:\Users\d80di\AppData\Local\Vivaldi\Application\update_notifier.exe --from-scheduler
O22 - Tasks_Migrated: (disabled) \Agent Activation Runtime\S-1-5-21-1593497920-3724576141-1433594885-1001 - C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Tasks_Migrated: (disabled) Optimize Push Notification Data File-S-1-5-21-1593497920-3724576141-1433594885-1001 - {201600D8-6EFF-48CE-B842-E14D37A0682D} - C:\WINDOWS\System32\wpninprc.dll
O22 - Tasks_Migrated: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Tasks_Migrated: \Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - C:\WINDOWS\System32\MbaeParserTask.exe (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\SettingSync\BackgroundUploadTask - {59B9640B-3F70-4D1C-B159-F26EEB8A4C87} - (no file)
O22 - Tasks_Migrated: \Microsoft\Windows\SettingSync\NetworkStateChangeTask - {A4173A49-F373-4475-9A0F-2D615204DC20} - (no file)
O22 - Tasks_Migrated: \Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB - C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
O22 - Tasks_Migrated: \WiseCleaner\WRCSkipUAC - C:\Program Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe $UAC
O22 - Tasks_Migrated: GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Tasks_Migrated: GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Tasks_Migrated: Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} - C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe /waitUpgrade (file missing)
O22 - Tasks_Migrated: Maxthon5 Update - C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe -RunScheduledUpdate
O22 - Tasks_Migrated: Opera scheduled assistant Autoupdate 1601326342 - C:\Users\d80di\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate --component-name=assistant --component-path="C:\Users\d80di\AppData\Local\Programs\Opera\assistant" $(Arg0)
O22 - Tasks_Migrated: Opera scheduled Autoupdate 1601326338 - C:\Users\d80di\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0)
O22 - Tasks_Migrated: StartCN - C:\Program Files\AMD\CNext\CNext\cncmd.exe startwithdelay
O22 - Tasks_Migrated: StartDVR - C:\Program Files\AMD\CNext\CNext\RSServCmd.exe
O22 - Tasks_Migrated: VivaldiUpdateCheck-5924e1198cc83f03 - C:\Users\d80di\AppData\Local\Vivaldi\Application\update_notifier.exe --from-scheduler
O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service R2: AMD Crash Defender Service - C:\WINDOWS\system32\amdfendrsr.exe
O23 - Service R2: AMD External Events Utility - C:\WINDOWS\System32\DriverStore\FileRepository\c0360470.inf_amd64_b06c374aee20d185\B360357\atiesrxx.exe
O23 - Service R2: HP Print Scan Doctor Service - (HPPrintScanDoctorService) - C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
O23 - Service R2: SmartCMS_Server - C:\Program Files (x86)\SmartCMS\SmartCMS Watch.exe
O23 - Service R2: SmartCMSMYSQL - C:\Users\Public\longse_ivms\Database\bin\vlmysqld.exe --defaults-file=C:\\Users\\Public\\longse_ivms\\Database\\my.ini SmartCMSMYSQL
O23 - Service S2: Luminati Net Updater (win_mediaget.com) - (luminati_net_updater_win_mediaget_com) - C:/Users/d80di/MediaGet2/Luminati-m/net_updater32.exe --updater win_mediaget.com (file missing)
O23 - Service S2: MxService - C:\Program Files (x86)\Maxthon5\Bin\MxService.exe
O23 - Service S2: Servizio Brave Update (brave) - (brave) - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe /svc
O23 - Service S2: Servizio Google Update (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: Brave Vpn Service (BraveVpnService) - (BraveVpnService) - C:\Program Files\BraveSoftware\Brave-Browser\Application\118.1.59.117\brave_vpn_helper.exe
O23 - Service S3: Brave Vpn Wireguard Service (BraveVpnWireguardService) - (BraveVpnWireguardService) - C:\Program Files\BraveSoftware\Brave-Browser\Application\118.1.59.117\BraveVpnWireguardService\brave_vpn_wireguard_service.exe
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\117.0.5938.150\elevation_service.exe
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service S3: Remote Packet Capture Protocol v.0 (experimental) - (rpcapd) - C:\Program Files (x86)\WinPcap\rpcapd.exe -d -f "C:\Program Files (x86)\WinPcap\rpcapd.ini"
O23 - Service S3: Servizio Brave Update (bravem) - (bravem) - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe /medsvc
O23 - Service S3: Servizio Google Update (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O25 - WMI Event: Skip TPM Check on Dynamic Update - Skip TPM Check on Dynamic Update - Event="Win32_ProcessStartTrace WHERE ProcessName='vdsldr.exe'", C:\WINDOWS\system32\cmd.exe C:\WINDOWS\system32\cmd.exe /q Skip TPM Check on Dynamic Update (c) AveYo, 2021 /d /rerase appraiserres.dll /f /s /q (WorkDir = C:\$WINDOWS.~BT)


--
End of file - Time spent: 32 sec. - 50600 bytes, CRC32: FFFFFFFF. Sign: 侘蠔
 
Devi accedere o registrarti per poter rispondere.
Indietro
Alto Basso