ho contato 7-8 file missing nel listato.
Importante Richiesta controllo Logfile of HijackThis (Versione 2.10.0.31) del 06/05/2023
- Creatore Discussione ERCOLINO
- Data di inizio
ho contato 7-8 file missing nel listato.
O
Ospite
Ti ringrazio, quindi come devo agire? Quali voci devo fixare o rimuovere? 
se sono software che usi o servono al sistema dovresti reinstallarli o altrimenti eliminarli del tutto con Revo o Iobit uninstaller e nel caso fare una nuova installazione di queli poi, per i rallentamenti non so quale sia la causa.Ti ringrazio, quindi come devo agire? Quali voci devo fixare o rimuovere?
O
Ospite
Ok grazie.
O
Ospite
Ok vedrò come fare se esiste un modo per eleminare quelle voci in modo approfondito dal registro di sistema.
si fa manualmente ma meglio farlo fare a quei 2 software che ho citato o altri del genere che rimuovono programmi e fanno pulizia del registro anche.
O
Ospite
Ok grazie, vediamo anche se ERCOLINO o VIANELLO_85 sanno ulterioriormente indicarmi se intanto dovrò fixare o rimuovere qualcosa.
certo, con chi ha confidenza con Windows 11.
O
Ospite
Ok grazie lo farò al più presto, vi inserirò uno screenshot.
Buonasera, è possibile un controllo? Mi si aprivano delle finestre pubblicitarie su Chrome e credo di averle rimosse togliendo l'autorizzazione sulle impostazioni di notifica. Grazie
Logfile of HiJackThis+ (Alpha version) by Alex Dragokas v.3.2.0.2
Platform: x64 Windows 10 (Pro), 10.0.19045.3570 (ReleaseId: 2009, 22H2), Service Pack: 0
Time: 30.10.2023 - 20:29 (UTC+01:00)
Language: OS: Italian (0x410). Display: Italian (0x410). Non-Unicode: Italian (0x410)
Memory: 2288 MiB Free. Loading RAM (72 %), CPU (20 %)
Elevated: Yes
Ran by: Utente (group: Administrators; type: Local) on DESKTOP-6TNITRT, FirstRun: no
Chrome: 118.0.5993.118
Firefox: 119.0.0.8692
Internet Explorer: 11.0.19041.3570
Default: "C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)
Boot mode: Normal
Running processes:
Number | Path
1 C:\LP GESTIONE STUDIO\RocketDock\RocketDock.exe
1 C:\LP GESTIONE STUDIO\RocketDock\standalonestack2\StandaloneStack2.exe
1 C:\Program Files (x86)\AK910SwitchService\svc\AK910SwitchService.exe
1 C:\Program Files (x86)\Athena\IDProtect Client\Utils\IDProtect Monitor.exe
1 C:\Program Files (x86)\Bit4id\UKC\UKC\bin\kchain.exe
1 C:\Program Files (x86)\Bit4id\UKC\UKC\bin\kchain_gui.exe
1 C:\Program Files (x86)\Bit4id\UKC\UKC\etc\notify\QtToastServer.exe
1 C:\Program Files (x86)\Brother\BrUtilities\BrLogRx.exe
1 C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe
1 C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe
1 C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe
1 C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
1 C:\Program Files (x86)\Browny02\BrYNSvc.exe
1 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
1 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
1 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
1 C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
1 C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
1 C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
5 C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
1 C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
1 C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
1 C:\Program Files (x86)\Nuance\PDF Professional 7\PdfPro7Hook.exe
2 C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
37 C:\Program Files\Mozilla Firefox\firefox.exe
1 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
1 C:\Program Files\TeamViewer\TeamViewer_Service.exe
1 C:\Program Files\Tenda\WifiAutoInstall\WifiAutoInstallSrv.exe
1 C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2307.4.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
1 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.23082.131.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
1 C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.22091.10051.0_x64__8wekyb3d8bbwe\Video.UI.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\NisSrv.exe
1 C:\Users\Utente\AppData\Local\Temp\pcsc-client.dll\pcsc-client.dll.exe
1 C:\Users\Utente\Desktop\HiJackThis\HiJackThis.exe
1 C:\Windows\explorer.exe
1 C:\Windows\ImmersiveControlPanel\SystemSettings.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
1 C:\Windows\System32\audiodg.exe
1 C:\Windows\System32\CompPkgSrv.exe
2 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
1 C:\Windows\System32\dasHost.exe
1 C:\Windows\System32\dllhost.exe
2 C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\NVDisplay.Container.exe
1 C:\Windows\System32\dwm.exe
1 C:\Windows\System32\escsvc64.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\igfxCUIService.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\oobe\UserOOBEBroker.exe
1 C:\Windows\System32\rundll32.exe
9 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchFilterHost.exe
1 C:\Windows\System32\SearchIndexer.exe
2 C:\Windows\System32\SearchProtocolHost.exe
2 C:\Windows\System32\SecurityHealthHost.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SecurityHealthSystray.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\SgrmBroker.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
1 C:\Windows\System32\SppExtComObj.Exe
1 C:\Windows\System32\sppsvc.exe
80 C:\Windows\System32\svchost.exe
2 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
1 C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
O2-32 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre-1.8\bin\jp2ssv.dll (sign: 'Oracle America, Inc.')
O2-32 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre-1.8\bin\ssv.dll (sign: 'Oracle America, Inc.')
O2-32 - HKLM\..\BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\PlusIEContextMenu.dll (sign: 'Zeon Corporation')
O4 - ActiveSetup: HKLM\..\{8A69D345-D564-463c-AFF1-A69D9E530F96}: [StubPath] = C:\Program Files\Google\Chrome\Application\118.0.5993.118\Installer\chrmstp.exe --configure-user-settings --verbose-logging --system-level --channel=stable (sign: 'Google LLC')
O4 - HKCU\..\Run: [MicrosoftEdgeAutoLaunch_B171DF7C782C6549CCED649E6C8247F6] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start /prefetch:5 (sign: 'Microsoft')
O4 - HKCU\..\Run: [RocketDock] = C:\LP GESTIONE STUDIO\RocketDock\RocketDock.exe (not signed)
O4 - HKLM\..\Run: [bit4id csp store register (M x64)] = C:\Windows\system32\RUNDLL32.EXE "C:\Windows\system32\bit4upki-store.dll",RunImportServer (sign: 'Microsoft')
O4 - HKLM\..\Run: [RTHDVCPL] = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s (sign: 'Microsoft')
O4 - MountPoints2: HKCU\..\{4d93cb17-5f56-11ec-b055-00e04cf72f02}\shell\AutoRun\command: (default) = F:\Setup.exe (file missing)
O4 - MountPoints2: HKCU\..\{4d93cb8a-5f56-11ec-b055-00e04cf72f02}\shell\AutoRun\command: (default) = F:\Setup.exe (file missing)
O4 - Startup Global: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\kchain.lnk -> C:\Program Files (x86)\Bit4id\UKC\UKC\bin\kchain.exe (sign: 'BIT4ID SRL')
O4-32 - HKLM\..\Run: [bit4id csp store register (M)] = C:\Windows\SysWOW64\RUNDLL32.EXE "C:\Windows\system32\bit4upki-store.dll",RunImportServer (sign: 'Microsoft')
O4-32 - HKLM\..\Run: [BrotherSoftwareUpdateNotification] = C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe /Autorun (not signed)
O4-32 - HKLM\..\Run: [BrStsMon00] = C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN (not signed)
O4-32 - HKLM\..\Run: [ControlCenter4] = C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun (sign: 'Brother Industries, Ltd.')
O4-32 - HKLM\..\Run: [EEventManager] = C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (sign: 'SEIKO EPSON Corporation')
O4-32 - HKLM\..\Run: [IDProtect Monitor] = C:\Program Files (x86)\Athena\IDProtect Client\Utils\IDProtect Monitor.exe (sign: 'Athena Smartcard Solutions')
O4-32 - HKLM\..\Run: [IndexSearch] = C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe (sign: 'Nuance Communications, Inc.')
O4-32 - HKLM\..\Run: [ISUSPM] = C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe -scheduler (sign: 'Flexera Software LLC')
O4-32 - HKLM\..\Run: [M17A] = C:\Windows\twain_32\Brimm17a\Common\TwDsUiLaunch.exe (sign: 'Microsoft')
O4-32 - HKLM\..\Run: [PaperPort PTD] = C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe (sign: 'Nuance Communications, Inc.')
O4-32 - HKLM\..\Run: [PDFProHook] = C:\Program Files (x86)\Nuance\PDF Professional 7\pdfpro7hook.exe (sign: 'Nuance Communications, Inc.')
O4-32 - HKLM\..\Run: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (sign: 'Oracle America, Inc.')
O8 - Context menu item: HKU\S-1-5-18\..\Internet Explorer\MenuExt\Apri con PDF Viewer 7: (default) = C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\PlusIEContextMenu.dll (sign: 'Zeon Corporation')
O17 - DHCP DNS 1: 192.168.1.1
O22 - Tasks: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (user missing) (sign: 'Microsoft')
O22 - Tasks: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:appraiser.dll -f
oScheduledTelemetryRun (user missing) (sign: 'Microsoft')
O22 - Tasks: (disabled) \Agent Activation Runtime\S-1-5-21-824607233-3609746563-3892767088-1001 - C:\Windows\System32\AgentActivationRuntimeStarter.exe (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Clip\LicenseImdsIntegration - C:\Windows\system32\fclip.exe (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\Windows\system32\ProvTool.exe /turn 5 /source ProvRetryTask (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\Windows\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\Windows\system32\usoclient.exe StartMaintenanceWork (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\Windows\system32\usoclient.exe StartWork (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Office\Office 15 Subscription Heartbeat - C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Office\OfficeTelemetryAgentFallBack2016 - C:\Program Files\Microsoft Office\Office16\msoia.exe scan upload mininterval:2880 (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Office\OfficeTelemetryAgentLogOn2016 - C:\Program Files\Microsoft Office\Office16\msoia.exe scan upload (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:appraiser.dll -foScheduledTelemetryRun (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\Windows\system32\rundll32.exe C:\Windows\system32\PcaSvc.dll,PcaPatchSdbTask (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\AppListBackup\BackupNonMaintenance - {E0DCC2CC-3354-45F2-8914-519E07809082} - C:\Windows\system32\AppListBackupLauncher.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\CloudRestore\Backup - {722D0F89-B69C-4700-AE8C-4A44350E4876},$(Arg0) - C:\Windows\System32\CloudRestoreLauncher.dll (sign: 'Microsoft')
O22 - Tasks: \Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB - C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" (sign: 'Mozilla Corporation')
O22 - Tasks: \R@1n-KMS\Office16ProPlus - C:\Windows\System32\Wbem\wmic.exe path SoftwareLicensingProduct where (ID="d450596f-894d-49e0-966a-fd39ed4c4c64") call Activate (sign: 'Microsoft')
O22 - Tasks: Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (sign: 'Adobe Inc.')
O22 - Tasks: GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c (sign: 'Google LLC')
O22 - Tasks: GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler (sign: 'Google LLC')
O23 - Service R2: ABBYY FineReader 9.0 Sprint Licensing Service - (ABBYY.Licensing.FineReader.Sprint.9.0) - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -service (sign: 'ABBYY SOLUTIONS LIMITED')
O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (sign: 'Adobe Inc.')
O23 - Service R2: AK910SwitchService - C:\Program Files (x86)\AK910SwitchService\svc\AK910SwitchService.exe (not signed)
O23 - Service R2: Brother USB Application Controller - (USBAppControl) - C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe (not signed)
O23 - Service R2: Brother Workflow Application Controller - (WorkflowAppControl) - C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe (not signed)
O23 - Service R2: Epson Scanner Service - (EpsonScanSvc) - C:\Windows\system32\EscSvc64.exe (sign: 'SEIKO EPSON Corporation')
O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService1.0.0.0) - C:\Windows\system32\igfxCUIService.exe (sign: 'Microsoft')
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem (sign: 'Microsoft')
O23 - Service R2: PDFProFiltSrvPP - C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe (sign: 'Nuance Communications, Inc.')
O23 - Service R2: TeamViewer - C:\Program Files\TeamViewer\TeamViewer_Service.exe (sign: 'TeamViewer Germany GmbH')
O23 - Service R2: Wifi AutoInstall Service - (WifiAutoInstallSrv) - C:\Program Files\Tenda\WifiAutoInstall\WifiAutoInstallSrv.exe (sign: 'Realtek Semiconductor Corp.')
O23 - Service R3: BrYNSvc - C:\Program Files (x86)\Browny02\BrYNSvc.exe (not signed)
O23 - Service S2: Servizio Google Update (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc (sign: 'Google LLC')
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\118.0.5993.118\elevation_service.exe (sign: 'Google LLC')
O23 - Service S3: Intel(R) Content Protection HECI Service - (cphs) - C:\Windows\SysWow64\IntelCpHeciSvc.exe (sign: 'Microsoft')
O23 - Service S3: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS - (ICCS) - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (sign: 'Intel Corporation')
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (sign: 'Mozilla Corporation')
O23 - Service S3: Office 64 Source Engine - (ose64) - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (sign: 'Microsoft')
O23 - Service S3: Servizio Google Update (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc (sign: 'Google LLC')
O23 - Driver R0: pwdrvio - C:\Windows\system32\pwdrvio.sys (sign: 'MiniTool Solution Ltd')
O23 - Driver R3: IWD Bus Enumerator - (iwdbus) - C:\Windows\System32\drivers\iwdbus.sys (sign: 'Intel(R) Wireless Display')
O23 - Driver R3: nvlddmkm - C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\nvlddmkm.sys (sign: 'NVIDIA Corporation')
O23 - Driver R3: Realtek RT640 NT Driver - (rt640x64) - C:\Windows\System32\drivers\rt640x64.sys (+safe mode) (sign: 'Realtek Semiconductor Corp')
O23 - Driver R3: Realtek Wireless LAN 802.11n USB 2.0 Network Adapter - (RtlWlanu) - C:\Windows\System32\drivers\rtl8188gu.sys (+safe mode) (sign: 'Realtek Semiconductor Corp.')
O23 - Driver R3: Service for Realtek HD Audio (WDM) - (IntcAzAudAddService) - C:\Windows\system32\drivers\RTKVHD64.sys (sign: 'Realtek Semiconductor Corp.')
O23 - Driver S3: "Intel(R) Display Audio" ; {PlaceHolder="Display Audio","High Definition Audio"} - (IntcDAud) - C:\Windows\system32\DRIVERS\IntcDAud.sys (not signed)
O23 - Driver S3: "Microsoft Bluetooth A2dp driver" ; {Placeholder="Microsoft Bluetooth"} - (BthA2dp) - C:\Windows\System32\drivers\BthA2dp.sys (not signed)
O23 - Driver S3: "Microsoft Bluetooth Hands-Free Profile driver" ; {Placeholder="Microsoft Bluetooth"} - (BthHFEnum) - C:\Windows\System32\drivers\bthhfenum.sys (not signed)
O23 - Driver S3: igfx - C:\Windows\system32\DRIVERS\igdkmd64.sys (sign: 'Intel Corporation - pGFX')
O23 - Driver S3: Intel WiDi Audio Device - (intaud_WaveExtensible) - C:\Windows\system32\drivers\intelaud.sys (sign: 'Intel(R) Wireless Display')
O23 - Driver S3: Intel(R) Serial IO GPIO Controller Driver - (iaLPSSi_GPIO) - C:\Windows\System32\drivers\iaLPSSi_GPIO.sys (sign: 'Intel Corporation - Client Components Group')
O23 - Driver S3: pwdspio - C:\Windows\system32\pwdspio.sys (sign: 'MiniTool Solution Ltd')
O23 - Driver S3: SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.) - (ssudmdm) - C:\Windows\system32\DRIVERS\ssudmdm.sys (sign: 'Samsung Electronics CO., LTD.')
O23 - Driver S3: SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.) - (dg_ssudbus) - C:\Windows\system32\DRIVERS\ssudbus2.sys (+safe mode) (sign: 'Samsung Electronics CO., LTD.')
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service: 'rt640x64'
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service: 'RtlWlanu'
--
End of file - Time spent: 46,7 sec. - 38248 bytes, CRC32: FFFFFFFF. Sign: 㣘
Logfile of HiJackThis+ (Alpha version) by Alex Dragokas v.3.2.0.2
Platform: x64 Windows 10 (Pro), 10.0.19045.3570 (ReleaseId: 2009, 22H2), Service Pack: 0
Time: 30.10.2023 - 20:29 (UTC+01:00)
Language: OS: Italian (0x410). Display: Italian (0x410). Non-Unicode: Italian (0x410)
Memory: 2288 MiB Free. Loading RAM (72 %), CPU (20 %)
Elevated: Yes
Ran by: Utente (group: Administrators; type: Local) on DESKTOP-6TNITRT, FirstRun: no
Chrome: 118.0.5993.118
Firefox: 119.0.0.8692
Internet Explorer: 11.0.19041.3570
Default: "C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)
Boot mode: Normal
Running processes:
Number | Path
1 C:\LP GESTIONE STUDIO\RocketDock\RocketDock.exe
1 C:\LP GESTIONE STUDIO\RocketDock\standalonestack2\StandaloneStack2.exe
1 C:\Program Files (x86)\AK910SwitchService\svc\AK910SwitchService.exe
1 C:\Program Files (x86)\Athena\IDProtect Client\Utils\IDProtect Monitor.exe
1 C:\Program Files (x86)\Bit4id\UKC\UKC\bin\kchain.exe
1 C:\Program Files (x86)\Bit4id\UKC\UKC\bin\kchain_gui.exe
1 C:\Program Files (x86)\Bit4id\UKC\UKC\etc\notify\QtToastServer.exe
1 C:\Program Files (x86)\Brother\BrUtilities\BrLogRx.exe
1 C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe
1 C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe
1 C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe
1 C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
1 C:\Program Files (x86)\Browny02\BrYNSvc.exe
1 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
1 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
1 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
1 C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
1 C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
1 C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
5 C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
1 C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
1 C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
1 C:\Program Files (x86)\Nuance\PDF Professional 7\PdfPro7Hook.exe
2 C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
37 C:\Program Files\Mozilla Firefox\firefox.exe
1 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
1 C:\Program Files\TeamViewer\TeamViewer_Service.exe
1 C:\Program Files\Tenda\WifiAutoInstall\WifiAutoInstallSrv.exe
1 C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2307.4.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
1 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.23082.131.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
1 C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.22091.10051.0_x64__8wekyb3d8bbwe\Video.UI.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\NisSrv.exe
1 C:\Users\Utente\AppData\Local\Temp\pcsc-client.dll\pcsc-client.dll.exe
1 C:\Users\Utente\Desktop\HiJackThis\HiJackThis.exe
1 C:\Windows\explorer.exe
1 C:\Windows\ImmersiveControlPanel\SystemSettings.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
1 C:\Windows\System32\audiodg.exe
1 C:\Windows\System32\CompPkgSrv.exe
2 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
1 C:\Windows\System32\dasHost.exe
1 C:\Windows\System32\dllhost.exe
2 C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\NVDisplay.Container.exe
1 C:\Windows\System32\dwm.exe
1 C:\Windows\System32\escsvc64.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\igfxCUIService.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\oobe\UserOOBEBroker.exe
1 C:\Windows\System32\rundll32.exe
9 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchFilterHost.exe
1 C:\Windows\System32\SearchIndexer.exe
2 C:\Windows\System32\SearchProtocolHost.exe
2 C:\Windows\System32\SecurityHealthHost.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SecurityHealthSystray.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\SgrmBroker.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
1 C:\Windows\System32\SppExtComObj.Exe
1 C:\Windows\System32\sppsvc.exe
80 C:\Windows\System32\svchost.exe
2 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
1 C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
O2-32 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre-1.8\bin\jp2ssv.dll (sign: 'Oracle America, Inc.')
O2-32 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre-1.8\bin\ssv.dll (sign: 'Oracle America, Inc.')
O2-32 - HKLM\..\BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\PlusIEContextMenu.dll (sign: 'Zeon Corporation')
O4 - ActiveSetup: HKLM\..\{8A69D345-D564-463c-AFF1-A69D9E530F96}: [StubPath] = C:\Program Files\Google\Chrome\Application\118.0.5993.118\Installer\chrmstp.exe --configure-user-settings --verbose-logging --system-level --channel=stable (sign: 'Google LLC')
O4 - HKCU\..\Run: [MicrosoftEdgeAutoLaunch_B171DF7C782C6549CCED649E6C8247F6] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start /prefetch:5 (sign: 'Microsoft')
O4 - HKCU\..\Run: [RocketDock] = C:\LP GESTIONE STUDIO\RocketDock\RocketDock.exe (not signed)
O4 - HKLM\..\Run: [bit4id csp store register (M x64)] = C:\Windows\system32\RUNDLL32.EXE "C:\Windows\system32\bit4upki-store.dll",RunImportServer (sign: 'Microsoft')
O4 - HKLM\..\Run: [RTHDVCPL] = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s (sign: 'Microsoft')
O4 - MountPoints2: HKCU\..\{4d93cb17-5f56-11ec-b055-00e04cf72f02}\shell\AutoRun\command: (default) = F:\Setup.exe (file missing)
O4 - MountPoints2: HKCU\..\{4d93cb8a-5f56-11ec-b055-00e04cf72f02}\shell\AutoRun\command: (default) = F:\Setup.exe (file missing)
O4 - Startup Global: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\kchain.lnk -> C:\Program Files (x86)\Bit4id\UKC\UKC\bin\kchain.exe (sign: 'BIT4ID SRL')
O4-32 - HKLM\..\Run: [bit4id csp store register (M)] = C:\Windows\SysWOW64\RUNDLL32.EXE "C:\Windows\system32\bit4upki-store.dll",RunImportServer (sign: 'Microsoft')
O4-32 - HKLM\..\Run: [BrotherSoftwareUpdateNotification] = C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe /Autorun (not signed)
O4-32 - HKLM\..\Run: [BrStsMon00] = C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN (not signed)
O4-32 - HKLM\..\Run: [ControlCenter4] = C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun (sign: 'Brother Industries, Ltd.')
O4-32 - HKLM\..\Run: [EEventManager] = C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (sign: 'SEIKO EPSON Corporation')
O4-32 - HKLM\..\Run: [IDProtect Monitor] = C:\Program Files (x86)\Athena\IDProtect Client\Utils\IDProtect Monitor.exe (sign: 'Athena Smartcard Solutions')
O4-32 - HKLM\..\Run: [IndexSearch] = C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe (sign: 'Nuance Communications, Inc.')
O4-32 - HKLM\..\Run: [ISUSPM] = C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe -scheduler (sign: 'Flexera Software LLC')
O4-32 - HKLM\..\Run: [M17A] = C:\Windows\twain_32\Brimm17a\Common\TwDsUiLaunch.exe (sign: 'Microsoft')
O4-32 - HKLM\..\Run: [PaperPort PTD] = C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe (sign: 'Nuance Communications, Inc.')
O4-32 - HKLM\..\Run: [PDFProHook] = C:\Program Files (x86)\Nuance\PDF Professional 7\pdfpro7hook.exe (sign: 'Nuance Communications, Inc.')
O4-32 - HKLM\..\Run: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (sign: 'Oracle America, Inc.')
O8 - Context menu item: HKU\S-1-5-18\..\Internet Explorer\MenuExt\Apri con PDF Viewer 7: (default) = C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\PlusIEContextMenu.dll (sign: 'Zeon Corporation')
O17 - DHCP DNS 1: 192.168.1.1
O22 - Tasks: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (user missing) (sign: 'Microsoft')
O22 - Tasks: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:appraiser.dll -f
oScheduledTelemetryRun (user missing) (sign: 'Microsoft')O22 - Tasks: (disabled) \Agent Activation Runtime\S-1-5-21-824607233-3609746563-3892767088-1001 - C:\Windows\System32\AgentActivationRuntimeStarter.exe (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Clip\LicenseImdsIntegration - C:\Windows\system32\fclip.exe (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\Windows\system32\ProvTool.exe /turn 5 /source ProvRetryTask (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\Windows\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\Windows\system32\usoclient.exe StartMaintenanceWork (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\Windows\system32\usoclient.exe StartWork (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Office\Office 15 Subscription Heartbeat - C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Office\OfficeTelemetryAgentFallBack2016 - C:\Program Files\Microsoft Office\Office16\msoia.exe scan upload mininterval:2880 (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Office\OfficeTelemetryAgentLogOn2016 - C:\Program Files\Microsoft Office\Office16\msoia.exe scan upload (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:appraiser.dll -f
oScheduledTelemetryRun (sign: 'Microsoft')O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\Windows\system32\rundll32.exe C:\Windows\system32\PcaSvc.dll,PcaPatchSdbTask (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\AppListBackup\BackupNonMaintenance - {E0DCC2CC-3354-45F2-8914-519E07809082} - C:\Windows\system32\AppListBackupLauncher.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\CloudRestore\Backup - {722D0F89-B69C-4700-AE8C-4A44350E4876},$(Arg0) - C:\Windows\System32\CloudRestoreLauncher.dll (sign: 'Microsoft')
O22 - Tasks: \Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB - C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" (sign: 'Mozilla Corporation')
O22 - Tasks: \R@1n-KMS\Office16ProPlus - C:\Windows\System32\Wbem\wmic.exe path SoftwareLicensingProduct where (ID="d450596f-894d-49e0-966a-fd39ed4c4c64") call Activate (sign: 'Microsoft')
O22 - Tasks: Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (sign: 'Adobe Inc.')
O22 - Tasks: GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c (sign: 'Google LLC')
O22 - Tasks: GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler (sign: 'Google LLC')
O23 - Service R2: ABBYY FineReader 9.0 Sprint Licensing Service - (ABBYY.Licensing.FineReader.Sprint.9.0) - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -service (sign: 'ABBYY SOLUTIONS LIMITED')
O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (sign: 'Adobe Inc.')
O23 - Service R2: AK910SwitchService - C:\Program Files (x86)\AK910SwitchService\svc\AK910SwitchService.exe (not signed)
O23 - Service R2: Brother USB Application Controller - (USBAppControl) - C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe (not signed)
O23 - Service R2: Brother Workflow Application Controller - (WorkflowAppControl) - C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe (not signed)
O23 - Service R2: Epson Scanner Service - (EpsonScanSvc) - C:\Windows\system32\EscSvc64.exe (sign: 'SEIKO EPSON Corporation')
O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService1.0.0.0) - C:\Windows\system32\igfxCUIService.exe (sign: 'Microsoft')
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem (sign: 'Microsoft')
O23 - Service R2: PDFProFiltSrvPP - C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe (sign: 'Nuance Communications, Inc.')
O23 - Service R2: TeamViewer - C:\Program Files\TeamViewer\TeamViewer_Service.exe (sign: 'TeamViewer Germany GmbH')
O23 - Service R2: Wifi AutoInstall Service - (WifiAutoInstallSrv) - C:\Program Files\Tenda\WifiAutoInstall\WifiAutoInstallSrv.exe (sign: 'Realtek Semiconductor Corp.')
O23 - Service R3: BrYNSvc - C:\Program Files (x86)\Browny02\BrYNSvc.exe (not signed)
O23 - Service S2: Servizio Google Update (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc (sign: 'Google LLC')
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\118.0.5993.118\elevation_service.exe (sign: 'Google LLC')
O23 - Service S3: Intel(R) Content Protection HECI Service - (cphs) - C:\Windows\SysWow64\IntelCpHeciSvc.exe (sign: 'Microsoft')
O23 - Service S3: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS - (ICCS) - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (sign: 'Intel Corporation')
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (sign: 'Mozilla Corporation')
O23 - Service S3: Office 64 Source Engine - (ose64) - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (sign: 'Microsoft')
O23 - Service S3: Servizio Google Update (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc (sign: 'Google LLC')
O23 - Driver R0: pwdrvio - C:\Windows\system32\pwdrvio.sys (sign: 'MiniTool Solution Ltd')
O23 - Driver R3: IWD Bus Enumerator - (iwdbus) - C:\Windows\System32\drivers\iwdbus.sys (sign: 'Intel(R) Wireless Display')
O23 - Driver R3: nvlddmkm - C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\nvlddmkm.sys (sign: 'NVIDIA Corporation')
O23 - Driver R3: Realtek RT640 NT Driver - (rt640x64) - C:\Windows\System32\drivers\rt640x64.sys (+safe mode) (sign: 'Realtek Semiconductor Corp')
O23 - Driver R3: Realtek Wireless LAN 802.11n USB 2.0 Network Adapter - (RtlWlanu) - C:\Windows\System32\drivers\rtl8188gu.sys (+safe mode) (sign: 'Realtek Semiconductor Corp.')
O23 - Driver R3: Service for Realtek HD Audio (WDM) - (IntcAzAudAddService) - C:\Windows\system32\drivers\RTKVHD64.sys (sign: 'Realtek Semiconductor Corp.')
O23 - Driver S3: "Intel(R) Display Audio" ; {PlaceHolder="Display Audio","High Definition Audio"} - (IntcDAud) - C:\Windows\system32\DRIVERS\IntcDAud.sys (not signed)
O23 - Driver S3: "Microsoft Bluetooth A2dp driver" ; {Placeholder="Microsoft Bluetooth"} - (BthA2dp) - C:\Windows\System32\drivers\BthA2dp.sys (not signed)
O23 - Driver S3: "Microsoft Bluetooth Hands-Free Profile driver" ; {Placeholder="Microsoft Bluetooth"} - (BthHFEnum) - C:\Windows\System32\drivers\bthhfenum.sys (not signed)
O23 - Driver S3: igfx - C:\Windows\system32\DRIVERS\igdkmd64.sys (sign: 'Intel Corporation - pGFX')
O23 - Driver S3: Intel WiDi Audio Device - (intaud_WaveExtensible) - C:\Windows\system32\drivers\intelaud.sys (sign: 'Intel(R) Wireless Display')
O23 - Driver S3: Intel(R) Serial IO GPIO Controller Driver - (iaLPSSi_GPIO) - C:\Windows\System32\drivers\iaLPSSi_GPIO.sys (sign: 'Intel Corporation - Client Components Group')
O23 - Driver S3: pwdspio - C:\Windows\system32\pwdspio.sys (sign: 'MiniTool Solution Ltd')
O23 - Driver S3: SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.) - (ssudmdm) - C:\Windows\system32\DRIVERS\ssudmdm.sys (sign: 'Samsung Electronics CO., LTD.')
O23 - Driver S3: SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.) - (dg_ssudbus) - C:\Windows\system32\DRIVERS\ssudbus2.sys (+safe mode) (sign: 'Samsung Electronics CO., LTD.')
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service: 'rt640x64'
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service: 'RtlWlanu'
--
End of file - Time spent: 46,7 sec. - 38248 bytes, CRC32: FFFFFFFF. Sign: 㣘
Non mi sembra di notare nulla di anomalo sul log.
Semmai cancellerei cookie e cache di chrome.
Se il problema persiste apri una discussione.
Semmai cancellerei cookie e cache di chrome.
Se il problema persiste apri una discussione.
Buonasera a tutti. Devo aver preso un virus con la pennetta usb e non riesco a rimuoverlo. Quando inserisco la pennetta invece di aprirsi la cartella con i file, mi si crea un collegamento che fa riferimento a questo percorso: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -windowstyle hidden -NoProfile -nologo -ExecutionPolicy ByPass -File explorer.ps1
Per fortuna facendo doppio click sul collegamento, riesco ad accedere ai miei file (a differenza di altri utenti sul web che invece non riescono) ma ovviamente non è normale. Ho dato un'occhiata sul web ma trovo delle guide troppo difficili. Ho fatto scansioni con defender e malwarebytes ma non trovano nulla. Con HiJackThis si nota qualcosa? Spero qualcuno possa aiutarmi. Grazie
Logfile of HiJackThis+ (Alpha version) by Alex Dragokas v.3.2.0.2
Platform: x64 Windows 10 (Pro), 10.0.19045.3693 (ReleaseId: 2009, 22H2), Service Pack: 0
Time: 01.12.2023 - 21:02 (UTC+01:00)
Language: OS: Italian (0x410). Display: Italian (0x410). Non-Unicode: Italian (0x410)
Memory: 1740 MiB Free. Loading RAM (79 %), CPU (10 %)
Elevated: Yes
Ran by: Utente (group: Administrators; type: Local) on DESKTOP-6TNITRT, FirstRun: yes
Chrome: 119.0.6045.200
Firefox: 120.0.1.8733
Internet Explorer: 11.0.19041.3636
Default: "C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)
Boot mode: Normal
Running processes:
Number | Path
1 C:\LP GESTIONE STUDIO\RocketDock\RocketDock.exe
1 C:\Program Files (x86)\AK910SwitchService\svc\AK910SwitchService.exe
1 C:\Program Files (x86)\Athena\IDProtect Client\Utils\IDProtect Monitor.exe
1 C:\Program Files (x86)\Bit4id\UKC\UKC\bin\kchain.exe
1 C:\Program Files (x86)\Bit4id\UKC\UKC\bin\kchain_gui.exe
1 C:\Program Files (x86)\Bit4id\UKC\UKC\etc\notify\QtToastServer.exe
1 C:\Program Files (x86)\Brother\BrUtilities\BrLogRx.exe
1 C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe
1 C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe
1 C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe
1 C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
1 C:\Program Files (x86)\Browny02\BrYNSvc.exe
1 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
1 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
1 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
1 C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
1 C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
1 C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
5 C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
1 C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
1 C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
1 C:\Program Files (x86)\Nuance\PDF Professional 7\PdfPro7Hook.exe
2 C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
1 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
1 C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
37 C:\Program Files\Mozilla Firefox\firefox.exe
1 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
1 C:\Program Files\TeamViewer\TeamViewer_Service.exe
1 C:\Program Files\Tenda\WifiAutoInstall\WifiAutoInstallSrv.exe
1 C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.22091.10051.0_x64__8wekyb3d8bbwe\Video.UI.exe
2 C:\ProgramData\Adobe\Creative Cloud Experience Node\node.exe
1 C:\ProgramData\Adobe\Creative Cloud Experience Node\node_modules\loader-module\daemon\adobecreativecloudexperiencenode.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe
1 C:\Users\Utente\AppData\Local\Temp\pcsc-client.dll\pcsc-client.dll.exe
1 C:\Users\Utente\Desktop\HiJackThis\HiJackThis.exe
1 C:\Windows\explorer.exe
1 C:\Windows\RuntimeBroker .exe
1 C:\Windows\System32\ApplicationFrameHost.exe
1 C:\Windows\System32\audiodg.exe
4 C:\Windows\system32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
1 C:\Windows\System32\dasHost.exe
1 C:\Windows\System32\dllhost.exe
2 C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\NVDisplay.Container.exe
1 C:\Windows\System32\dwm.exe
1 C:\Windows\System32\escsvc64.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\igfxCUIService.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\oobe\UserOOBEBroker.exe
1 C:\Windows\System32\rundll32.exe
5 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchFilterHost.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SecurityHealthSystray.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\SgrmBroker.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
74 C:\Windows\System32\svchost.exe
2 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
1 C:\Windows\SysWOW64\attrib.exe
1 NuanceWDS.exe
O2-32 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre-1.8\bin\jp2ssv.dll (sign: 'Oracle America, Inc.')
O2-32 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre-1.8\bin\ssv.dll (sign: 'Oracle America, Inc.')
O2-32 - HKLM\..\BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\PlusIEContextMenu.dll (sign: 'Zeon Corporation')
O4 - ActiveSetup: HKLM\..\{8A69D345-D564-463c-AFF1-A69D9E530F96}: [StubPath] = C:\Program Files\Google\Chrome\Application\119.0.6045.200\Installer\chrmstp.exe --configure-user-settings --verbose-logging --system-level --channel=stable (sign: 'Google LLC')
O4 - HKCU\..\Run: [MicrosoftEdgeAutoLaunch_Bbc1qk55vk7wjgzg3pmxlh59rv5dlgewd9jem5nrt4w] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start /prefetch:5 (sign: 'Microsoft')
O4 - HKCU\..\Run: [RocketDock] = C:\LP GESTIONE STUDIO\RocketDock\RocketDock.exe (not signed)
O4 - HKLM\..\Run: [bit4id csp store register (M x64)] = C:\Windows\system32\RUNDLL32.EXE "C:\Windows\system32\bit4upki-store.dll",RunImportServer (sign: 'Microsoft')
O4 - HKLM\..\Run: [RTHDVCPL] = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s (sign: 'Microsoft')
O4 - MountPoints2: HKCU\..\{4d93cb17-5f56-11ec-b055-00e04cf72f02}\shell\AutoRun\command: (default) = F:\Setup.exe (file missing)
O4 - MountPoints2: HKCU\..\{4d93cb8a-5f56-11ec-b055-00e04cf72f02}\shell\AutoRun\command: (default) = F:\Setup.exe (file missing)
O4 - Startup Global: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\kchain.lnk -> C:\Program Files (x86)\Bit4id\UKC\UKC\bin\kchain.exe (sign: 'BIT4ID SRL')
O4-32 - HKLM\..\Run: [bit4id csp store register (M)] = C:\Windows\SysWOW64\RUNDLL32.EXE "C:\Windows\system32\bit4upki-store.dll",RunImportServer (sign: 'Microsoft')
O4-32 - HKLM\..\Run: [BrotherSoftwareUpdateNotification] = C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe /Autorun (not signed)
O4-32 - HKLM\..\Run: [BrStsMon00] = C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN (not signed)
O4-32 - HKLM\..\Run: [ControlCenter4] = C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun (sign: 'Brother Industries, Ltd.')
O4-32 - HKLM\..\Run: [EEventManager] = C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (sign: 'SEIKO EPSON Corporation')
O4-32 - HKLM\..\Run: [IDProtect Monitor] = C:\Program Files (x86)\Athena\IDProtect Client\Utils\IDProtect Monitor.exe (sign: 'Athena Smartcard Solutions')
O4-32 - HKLM\..\Run: [IndexSearch] = C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe (sign: 'Nuance Communications, Inc.')
O4-32 - HKLM\..\Run: [ISUSPM] = C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe -scheduler (sign: 'Flexera Software LLC')
O4-32 - HKLM\..\Run: [M17A] = C:\Windows\twain_32\Brimm17a\Common\TwDsUiLaunch.exe (sign: 'Microsoft')
O4-32 - HKLM\..\Run: [PaperPort PTD] = C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe (sign: 'Nuance Communications, Inc.')
O4-32 - HKLM\..\Run: [PDFProHook] = C:\Program Files (x86)\Nuance\PDF Professional 7\pdfpro7hook.exe (sign: 'Nuance Communications, Inc.')
O4-32 - HKLM\..\Run: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (sign: 'Oracle America, Inc.')
O7 - Policy: Bitcoin wallet address hijacker is present (no fix)
O8 - Context menu item: HKU\S-1-5-18\..\Internet Explorer\MenuExt\Apri con PDF Viewer 7: (default) = C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\PlusIEContextMenu.dll (sign: 'Zeon Corporation')
O17 - DHCP DNS 1: 192.168.1.1
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\R@1n-KMS (empty)
O22 - Tasks: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (user missing) (sign: 'Microsoft')
O22 - Tasks: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:appraiser.dll -foScheduledTelemetryRun (user missing) (sign: 'Microsoft')
O22 - Tasks: (disabled) \Agent Activation Runtime\S-1-5-21-824607233-3609746563-3892767088-1001 - C:\Windows\System32\AgentActivationRuntimeStarter.exe (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Clip\LicenseImdsIntegration - C:\Windows\system32\fclip.exe (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\Windows\system32\ProvTool.exe /turn 5 /source ProvRetryTask (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\Windows\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\Windows\system32\usoclient.exe StartMaintenanceWork (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\Windows\system32\usoclient.exe StartWork (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Office\Office 15 Subscription Heartbeat - C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Office\OfficeTelemetryAgentFallBack2016 - C:\Program Files\Microsoft Office\Office16\msoia.exe scan upload mininterval:2880 (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Office\OfficeTelemetryAgentLogOn2016 - C:\Program Files\Microsoft Office\Office16\msoia.exe scan upload (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:appraiser.dll -foScheduledTelemetryRun (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\Windows\system32\rundll32.exe C:\Windows\system32\PcaSvc.dll,PcaPatchSdbTask (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\AppListBackup\BackupNonMaintenance - {E0DCC2CC-3354-45F2-8914-519E07809082} - C:\Windows\system32\AppListBackupLauncher.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\CloudRestore\Backup - {722D0F89-B69C-4700-AE8C-4A44350E4876},$(Arg0) - C:\Windows\System32\CloudRestoreLauncher.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\ConsentUX\UnifiedConsent\UnifiedConsentSyncTask - {82aa0895-198a-4c1b-b2d1-c16894218afb} - C:\Windows\System32\unifiedconsent.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\WindowsUpdate\Refresh Group Policy Cache - {07369A67-07A6-4608-ABEA-379491CB7C46} - C:\Windows\System32\UpdatePolicy.dll (sign: 'Microsoft')
O22 - Tasks: \Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB - C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" (sign: 'Mozilla Corporation')
O22 - Tasks: Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (sign: 'Adobe Inc.')
O22 - Tasks: GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c (sign: 'Google LLC')
O22 - Tasks: GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler (sign: 'Google LLC')
O22 - Tasks: ScreenBrightnessRestore - C:\Program Files (x86)\ScreenDim\ScreenDim.exe restore (not signed)
O22 - Tasks: WinSoft Update Service - C:\Program Files (x86)\WinSoft Update Service\pythonw.exe bootstrap.pyc (sign: 'Python Software Foundation')
O23 - Service R2: ABBYY FineReader 9.0 Sprint Licensing Service - (ABBYY.Licensing.FineReader.Sprint.9.0) - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -service (sign: 'ABBYY SOLUTIONS LIMITED')
O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (sign: 'Adobe Inc.')
O23 - Service R2: Adobe Creative Cloud Experience Node - (adobecreativecloudexperiencenode.exe) - C:\ProgramData\Adobe\Creative Cloud Experience Node\node_modules\loader-module\daemon\adobecreativecloudexperiencenode.exe (not signed)
O23 - Service R2: AK910SwitchService - C:\Program Files (x86)\AK910SwitchService\svc\AK910SwitchService.exe (not signed)
O23 - Service R2: Brother USB Application Controller - (USBAppControl) - C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe (not signed)
O23 - Service R2: Brother Workflow Application Controller - (WorkflowAppControl) - C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe (not signed)
O23 - Service R2: Epson Scanner Service - (EpsonScanSvc) - C:\Windows\system32\EscSvc64.exe (sign: 'SEIKO EPSON Corporation')
O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService1.0.0.0) - C:\Windows\system32\igfxCUIService.exe (sign: 'Microsoft')
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem (sign: 'Microsoft')
O23 - Service R2: PDFProFiltSrvPP - C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe (sign: 'Nuance Communications, Inc.')
O23 - Service R2: TeamViewer - C:\Program Files\TeamViewer\TeamViewer_Service.exe (sign: 'TeamViewer Germany GmbH')
O23 - Service R2: Wifi AutoInstall Service - (WifiAutoInstallSrv) - C:\Program Files\Tenda\WifiAutoInstall\WifiAutoInstallSrv.exe (sign: 'Realtek Semiconductor Corp.')
O23 - Service R3: BrYNSvc - C:\Program Files (x86)\Browny02\BrYNSvc.exe (not signed)
O23 - Service R3: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (sign: 'Microsoft') (+safe mode)
O23 - Service S2: Servizio Google Update (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc (sign: 'Google LLC')
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\119.0.6045.200\elevation_service.exe (sign: 'Google LLC')
O23 - Service S3: Intel(R) Content Protection HECI Service - (cphs) - C:\Windows\SysWow64\IntelCpHeciSvc.exe (sign: 'Microsoft')
O23 - Service S3: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS - (ICCS) - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (sign: 'Intel Corporation')
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (sign: 'Mozilla Corporation')
O23 - Service S3: Office 64 Source Engine - (ose64) - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (sign: 'Microsoft')
O23 - Service S3: Servizio Google Update (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc (sign: 'Google LLC')
O23 - Driver R0: pwdrvio - C:\Windows\system32\pwdrvio.sys (sign: 'MiniTool Solution Ltd')
O23 - Driver R1: Malwarebytes Anti-Exploit - (ESProtectionDriver) - C:\Windows\system32\drivers\mbae64.sys (sign: 'Microsoft' - Malwarebytes)
O23 - Driver R2: MBAMChameleon - C:\Windows\System32\Drivers\MbamChameleon.sys (sign: 'Microsoft' - Malwarebytes)
O23 - Driver R3: IWD Bus Enumerator - (iwdbus) - C:\Windows\System32\drivers\iwdbus.sys (sign: 'Intel(R) Wireless Display')
O23 - Driver R3: MBAMFarflt - C:\Windows\system32\DRIVERS\farflt.sys (sign: 'Microsoft' - Malwarebytes)
O23 - Driver R3: MBAMProtection - C:\Windows\system32\DRIVERS\mbam.sys (sign: 'Microsoft' - Malwarebytes)
O23 - Driver R3: MBAMSwissArmy - C:\Windows\System32\Drivers\mbamswissarmy.sys (sign: 'Microsoft' - Malwarebytes)
O23 - Driver R3: nvlddmkm - C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\nvlddmkm.sys (sign: 'NVIDIA Corporation')
O23 - Driver R3: Realtek RT640 NT Driver - (rt640x64) - C:\Windows\System32\drivers\rt640x64.sys (+safe mode) (sign: 'Realtek Semiconductor Corp')
O23 - Driver R3: Realtek Wireless LAN 802.11n USB 2.0 Network Adapter - (RtlWlanu) - C:\Windows\System32\drivers\rtl8188gu.sys (+safe mode) (sign: 'Realtek Semiconductor Corp.')
O23 - Driver R3: Service for Realtek HD Audio (WDM) - (IntcAzAudAddService) - C:\Windows\system32\drivers\RTKVHD64.sys (sign: 'Realtek Semiconductor Corp.')
O23 - Driver S3: "Intel(R) Display Audio" ; {PlaceHolder="Display Audio","High Definition Audio"} - (IntcDAud) - C:\Windows\system32\DRIVERS\IntcDAud.sys (not signed)
O23 - Driver S3: "Microsoft Bluetooth A2dp driver" ; {Placeholder="Microsoft Bluetooth"} - (BthA2dp) - C:\Windows\System32\drivers\BthA2dp.sys (not signed)
O23 - Driver S3: "Microsoft Bluetooth Hands-Free Profile driver" ; {Placeholder="Microsoft Bluetooth"} - (BthHFEnum) - C:\Windows\System32\drivers\bthhfenum.sys (not signed)
O23 - Driver S3: igfx - C:\Windows\system32\DRIVERS\igdkmd64.sys (sign: 'Intel Corporation - pGFX')
O23 - Driver S3: Intel WiDi Audio Device - (intaud_WaveExtensible) - C:\Windows\system32\drivers\intelaud.sys (sign: 'Intel(R) Wireless Display')
O23 - Driver S3: Intel(R) Serial IO GPIO Controller Driver - (iaLPSSi_GPIO) - C:\Windows\System32\drivers\iaLPSSi_GPIO.sys (sign: 'Intel Corporation - Client Components Group')
O23 - Driver S3: pwdspio - C:\Windows\system32\pwdspio.sys (sign: 'MiniTool Solution Ltd')
O23 - Driver S3: SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.) - (ssudmdm) - C:\Windows\system32\DRIVERS\ssudmdm.sys (sign: 'Samsung Electronics CO., LTD.')
O23 - Driver S3: SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.) - (dg_ssudbus) - C:\Windows\system32\DRIVERS\ssudbus2.sys (+safe mode) (sign: 'Samsung Electronics CO., LTD.')
O23 - Driver S3: USB RNDIS6 Adapter - (usbrndis6) - C:\Windows\System32\drivers\usb80236.sys (+safe mode) (not signed)
O23 - Driver S3: USB Scanner Driver - (usbscan) - C:\Windows\System32\drivers\usbscan.sys (+safe mode) (not signed)
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service: 'rt640x64'
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service: 'RtlWlanu'
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service: 'usbrndis6'
--
End of file - Time spent: 42,3 sec. - 41322 bytes, CRC32: FFFFFFFF. Sign: 曫㓑
Per fortuna facendo doppio click sul collegamento, riesco ad accedere ai miei file (a differenza di altri utenti sul web che invece non riescono) ma ovviamente non è normale. Ho dato un'occhiata sul web ma trovo delle guide troppo difficili. Ho fatto scansioni con defender e malwarebytes ma non trovano nulla. Con HiJackThis si nota qualcosa? Spero qualcuno possa aiutarmi. Grazie
Logfile of HiJackThis+ (Alpha version) by Alex Dragokas v.3.2.0.2
Platform: x64 Windows 10 (Pro), 10.0.19045.3693 (ReleaseId: 2009, 22H2), Service Pack: 0
Time: 01.12.2023 - 21:02 (UTC+01:00)
Language: OS: Italian (0x410). Display: Italian (0x410). Non-Unicode: Italian (0x410)
Memory: 1740 MiB Free. Loading RAM (79 %), CPU (10 %)
Elevated: Yes
Ran by: Utente (group: Administrators; type: Local) on DESKTOP-6TNITRT, FirstRun: yes
Chrome: 119.0.6045.200
Firefox: 120.0.1.8733
Internet Explorer: 11.0.19041.3636
Default: "C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)
Boot mode: Normal
Running processes:
Number | Path
1 C:\LP GESTIONE STUDIO\RocketDock\RocketDock.exe
1 C:\Program Files (x86)\AK910SwitchService\svc\AK910SwitchService.exe
1 C:\Program Files (x86)\Athena\IDProtect Client\Utils\IDProtect Monitor.exe
1 C:\Program Files (x86)\Bit4id\UKC\UKC\bin\kchain.exe
1 C:\Program Files (x86)\Bit4id\UKC\UKC\bin\kchain_gui.exe
1 C:\Program Files (x86)\Bit4id\UKC\UKC\etc\notify\QtToastServer.exe
1 C:\Program Files (x86)\Brother\BrUtilities\BrLogRx.exe
1 C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe
1 C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe
1 C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe
1 C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
1 C:\Program Files (x86)\Browny02\BrYNSvc.exe
1 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
1 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
1 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
1 C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
1 C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
1 C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
5 C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
1 C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
1 C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
1 C:\Program Files (x86)\Nuance\PDF Professional 7\PdfPro7Hook.exe
2 C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
1 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
1 C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
37 C:\Program Files\Mozilla Firefox\firefox.exe
1 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
1 C:\Program Files\TeamViewer\TeamViewer_Service.exe
1 C:\Program Files\Tenda\WifiAutoInstall\WifiAutoInstallSrv.exe
1 C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.22091.10051.0_x64__8wekyb3d8bbwe\Video.UI.exe
2 C:\ProgramData\Adobe\Creative Cloud Experience Node\node.exe
1 C:\ProgramData\Adobe\Creative Cloud Experience Node\node_modules\loader-module\daemon\adobecreativecloudexperiencenode.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe
1 C:\Users\Utente\AppData\Local\Temp\pcsc-client.dll\pcsc-client.dll.exe
1 C:\Users\Utente\Desktop\HiJackThis\HiJackThis.exe
1 C:\Windows\explorer.exe
1 C:\Windows\RuntimeBroker .exe
1 C:\Windows\System32\ApplicationFrameHost.exe
1 C:\Windows\System32\audiodg.exe
4 C:\Windows\system32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
1 C:\Windows\System32\dasHost.exe
1 C:\Windows\System32\dllhost.exe
2 C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\NVDisplay.Container.exe
1 C:\Windows\System32\dwm.exe
1 C:\Windows\System32\escsvc64.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\igfxCUIService.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\oobe\UserOOBEBroker.exe
1 C:\Windows\System32\rundll32.exe
5 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchFilterHost.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SecurityHealthSystray.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\SgrmBroker.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
74 C:\Windows\System32\svchost.exe
2 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
1 C:\Windows\SysWOW64\attrib.exe
1 NuanceWDS.exe
O2-32 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre-1.8\bin\jp2ssv.dll (sign: 'Oracle America, Inc.')
O2-32 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre-1.8\bin\ssv.dll (sign: 'Oracle America, Inc.')
O2-32 - HKLM\..\BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\PlusIEContextMenu.dll (sign: 'Zeon Corporation')
O4 - ActiveSetup: HKLM\..\{8A69D345-D564-463c-AFF1-A69D9E530F96}: [StubPath] = C:\Program Files\Google\Chrome\Application\119.0.6045.200\Installer\chrmstp.exe --configure-user-settings --verbose-logging --system-level --channel=stable (sign: 'Google LLC')
O4 - HKCU\..\Run: [MicrosoftEdgeAutoLaunch_Bbc1qk55vk7wjgzg3pmxlh59rv5dlgewd9jem5nrt4w] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start /prefetch:5 (sign: 'Microsoft')
O4 - HKCU\..\Run: [RocketDock] = C:\LP GESTIONE STUDIO\RocketDock\RocketDock.exe (not signed)
O4 - HKLM\..\Run: [bit4id csp store register (M x64)] = C:\Windows\system32\RUNDLL32.EXE "C:\Windows\system32\bit4upki-store.dll",RunImportServer (sign: 'Microsoft')
O4 - HKLM\..\Run: [RTHDVCPL] = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s (sign: 'Microsoft')
O4 - MountPoints2: HKCU\..\{4d93cb17-5f56-11ec-b055-00e04cf72f02}\shell\AutoRun\command: (default) = F:\Setup.exe (file missing)
O4 - MountPoints2: HKCU\..\{4d93cb8a-5f56-11ec-b055-00e04cf72f02}\shell\AutoRun\command: (default) = F:\Setup.exe (file missing)
O4 - Startup Global: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\kchain.lnk -> C:\Program Files (x86)\Bit4id\UKC\UKC\bin\kchain.exe (sign: 'BIT4ID SRL')
O4-32 - HKLM\..\Run: [bit4id csp store register (M)] = C:\Windows\SysWOW64\RUNDLL32.EXE "C:\Windows\system32\bit4upki-store.dll",RunImportServer (sign: 'Microsoft')
O4-32 - HKLM\..\Run: [BrotherSoftwareUpdateNotification] = C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe /Autorun (not signed)
O4-32 - HKLM\..\Run: [BrStsMon00] = C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN (not signed)
O4-32 - HKLM\..\Run: [ControlCenter4] = C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun (sign: 'Brother Industries, Ltd.')
O4-32 - HKLM\..\Run: [EEventManager] = C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (sign: 'SEIKO EPSON Corporation')
O4-32 - HKLM\..\Run: [IDProtect Monitor] = C:\Program Files (x86)\Athena\IDProtect Client\Utils\IDProtect Monitor.exe (sign: 'Athena Smartcard Solutions')
O4-32 - HKLM\..\Run: [IndexSearch] = C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe (sign: 'Nuance Communications, Inc.')
O4-32 - HKLM\..\Run: [ISUSPM] = C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe -scheduler (sign: 'Flexera Software LLC')
O4-32 - HKLM\..\Run: [M17A] = C:\Windows\twain_32\Brimm17a\Common\TwDsUiLaunch.exe (sign: 'Microsoft')
O4-32 - HKLM\..\Run: [PaperPort PTD] = C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe (sign: 'Nuance Communications, Inc.')
O4-32 - HKLM\..\Run: [PDFProHook] = C:\Program Files (x86)\Nuance\PDF Professional 7\pdfpro7hook.exe (sign: 'Nuance Communications, Inc.')
O4-32 - HKLM\..\Run: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (sign: 'Oracle America, Inc.')
O7 - Policy: Bitcoin wallet address hijacker is present (no fix)
O8 - Context menu item: HKU\S-1-5-18\..\Internet Explorer\MenuExt\Apri con PDF Viewer 7: (default) = C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\PlusIEContextMenu.dll (sign: 'Zeon Corporation')
O17 - DHCP DNS 1: 192.168.1.1
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\R@1n-KMS (empty)
O22 - Tasks: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (user missing) (sign: 'Microsoft')
O22 - Tasks: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:appraiser.dll -f
oScheduledTelemetryRun (user missing) (sign: 'Microsoft')O22 - Tasks: (disabled) \Agent Activation Runtime\S-1-5-21-824607233-3609746563-3892767088-1001 - C:\Windows\System32\AgentActivationRuntimeStarter.exe (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Clip\LicenseImdsIntegration - C:\Windows\system32\fclip.exe (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\Windows\system32\ProvTool.exe /turn 5 /source ProvRetryTask (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\Windows\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\Windows\system32\usoclient.exe StartMaintenanceWork (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\Windows\system32\usoclient.exe StartWork (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Office\Office 15 Subscription Heartbeat - C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Office\OfficeTelemetryAgentFallBack2016 - C:\Program Files\Microsoft Office\Office16\msoia.exe scan upload mininterval:2880 (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Office\OfficeTelemetryAgentLogOn2016 - C:\Program Files\Microsoft Office\Office16\msoia.exe scan upload (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:appraiser.dll -f
oScheduledTelemetryRun (sign: 'Microsoft')O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\Windows\system32\rundll32.exe C:\Windows\system32\PcaSvc.dll,PcaPatchSdbTask (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\AppListBackup\BackupNonMaintenance - {E0DCC2CC-3354-45F2-8914-519E07809082} - C:\Windows\system32\AppListBackupLauncher.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\CloudRestore\Backup - {722D0F89-B69C-4700-AE8C-4A44350E4876},$(Arg0) - C:\Windows\System32\CloudRestoreLauncher.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\ConsentUX\UnifiedConsent\UnifiedConsentSyncTask - {82aa0895-198a-4c1b-b2d1-c16894218afb} - C:\Windows\System32\unifiedconsent.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\WindowsUpdate\Refresh Group Policy Cache - {07369A67-07A6-4608-ABEA-379491CB7C46} - C:\Windows\System32\UpdatePolicy.dll (sign: 'Microsoft')
O22 - Tasks: \Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB - C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" (sign: 'Mozilla Corporation')
O22 - Tasks: Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (sign: 'Adobe Inc.')
O22 - Tasks: GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c (sign: 'Google LLC')
O22 - Tasks: GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler (sign: 'Google LLC')
O22 - Tasks: ScreenBrightnessRestore - C:\Program Files (x86)\ScreenDim\ScreenDim.exe restore (not signed)
O22 - Tasks: WinSoft Update Service - C:\Program Files (x86)\WinSoft Update Service\pythonw.exe bootstrap.pyc (sign: 'Python Software Foundation')
O23 - Service R2: ABBYY FineReader 9.0 Sprint Licensing Service - (ABBYY.Licensing.FineReader.Sprint.9.0) - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -service (sign: 'ABBYY SOLUTIONS LIMITED')
O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (sign: 'Adobe Inc.')
O23 - Service R2: Adobe Creative Cloud Experience Node - (adobecreativecloudexperiencenode.exe) - C:\ProgramData\Adobe\Creative Cloud Experience Node\node_modules\loader-module\daemon\adobecreativecloudexperiencenode.exe (not signed)
O23 - Service R2: AK910SwitchService - C:\Program Files (x86)\AK910SwitchService\svc\AK910SwitchService.exe (not signed)
O23 - Service R2: Brother USB Application Controller - (USBAppControl) - C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe (not signed)
O23 - Service R2: Brother Workflow Application Controller - (WorkflowAppControl) - C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe (not signed)
O23 - Service R2: Epson Scanner Service - (EpsonScanSvc) - C:\Windows\system32\EscSvc64.exe (sign: 'SEIKO EPSON Corporation')
O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService1.0.0.0) - C:\Windows\system32\igfxCUIService.exe (sign: 'Microsoft')
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem (sign: 'Microsoft')
O23 - Service R2: PDFProFiltSrvPP - C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe (sign: 'Nuance Communications, Inc.')
O23 - Service R2: TeamViewer - C:\Program Files\TeamViewer\TeamViewer_Service.exe (sign: 'TeamViewer Germany GmbH')
O23 - Service R2: Wifi AutoInstall Service - (WifiAutoInstallSrv) - C:\Program Files\Tenda\WifiAutoInstall\WifiAutoInstallSrv.exe (sign: 'Realtek Semiconductor Corp.')
O23 - Service R3: BrYNSvc - C:\Program Files (x86)\Browny02\BrYNSvc.exe (not signed)
O23 - Service R3: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (sign: 'Microsoft') (+safe mode)
O23 - Service S2: Servizio Google Update (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc (sign: 'Google LLC')
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\119.0.6045.200\elevation_service.exe (sign: 'Google LLC')
O23 - Service S3: Intel(R) Content Protection HECI Service - (cphs) - C:\Windows\SysWow64\IntelCpHeciSvc.exe (sign: 'Microsoft')
O23 - Service S3: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS - (ICCS) - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (sign: 'Intel Corporation')
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (sign: 'Mozilla Corporation')
O23 - Service S3: Office 64 Source Engine - (ose64) - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (sign: 'Microsoft')
O23 - Service S3: Servizio Google Update (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc (sign: 'Google LLC')
O23 - Driver R0: pwdrvio - C:\Windows\system32\pwdrvio.sys (sign: 'MiniTool Solution Ltd')
O23 - Driver R1: Malwarebytes Anti-Exploit - (ESProtectionDriver) - C:\Windows\system32\drivers\mbae64.sys (sign: 'Microsoft' - Malwarebytes)
O23 - Driver R2: MBAMChameleon - C:\Windows\System32\Drivers\MbamChameleon.sys (sign: 'Microsoft' - Malwarebytes)
O23 - Driver R3: IWD Bus Enumerator - (iwdbus) - C:\Windows\System32\drivers\iwdbus.sys (sign: 'Intel(R) Wireless Display')
O23 - Driver R3: MBAMFarflt - C:\Windows\system32\DRIVERS\farflt.sys (sign: 'Microsoft' - Malwarebytes)
O23 - Driver R3: MBAMProtection - C:\Windows\system32\DRIVERS\mbam.sys (sign: 'Microsoft' - Malwarebytes)
O23 - Driver R3: MBAMSwissArmy - C:\Windows\System32\Drivers\mbamswissarmy.sys (sign: 'Microsoft' - Malwarebytes)
O23 - Driver R3: nvlddmkm - C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\nvlddmkm.sys (sign: 'NVIDIA Corporation')
O23 - Driver R3: Realtek RT640 NT Driver - (rt640x64) - C:\Windows\System32\drivers\rt640x64.sys (+safe mode) (sign: 'Realtek Semiconductor Corp')
O23 - Driver R3: Realtek Wireless LAN 802.11n USB 2.0 Network Adapter - (RtlWlanu) - C:\Windows\System32\drivers\rtl8188gu.sys (+safe mode) (sign: 'Realtek Semiconductor Corp.')
O23 - Driver R3: Service for Realtek HD Audio (WDM) - (IntcAzAudAddService) - C:\Windows\system32\drivers\RTKVHD64.sys (sign: 'Realtek Semiconductor Corp.')
O23 - Driver S3: "Intel(R) Display Audio" ; {PlaceHolder="Display Audio","High Definition Audio"} - (IntcDAud) - C:\Windows\system32\DRIVERS\IntcDAud.sys (not signed)
O23 - Driver S3: "Microsoft Bluetooth A2dp driver" ; {Placeholder="Microsoft Bluetooth"} - (BthA2dp) - C:\Windows\System32\drivers\BthA2dp.sys (not signed)
O23 - Driver S3: "Microsoft Bluetooth Hands-Free Profile driver" ; {Placeholder="Microsoft Bluetooth"} - (BthHFEnum) - C:\Windows\System32\drivers\bthhfenum.sys (not signed)
O23 - Driver S3: igfx - C:\Windows\system32\DRIVERS\igdkmd64.sys (sign: 'Intel Corporation - pGFX')
O23 - Driver S3: Intel WiDi Audio Device - (intaud_WaveExtensible) - C:\Windows\system32\drivers\intelaud.sys (sign: 'Intel(R) Wireless Display')
O23 - Driver S3: Intel(R) Serial IO GPIO Controller Driver - (iaLPSSi_GPIO) - C:\Windows\System32\drivers\iaLPSSi_GPIO.sys (sign: 'Intel Corporation - Client Components Group')
O23 - Driver S3: pwdspio - C:\Windows\system32\pwdspio.sys (sign: 'MiniTool Solution Ltd')
O23 - Driver S3: SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.) - (ssudmdm) - C:\Windows\system32\DRIVERS\ssudmdm.sys (sign: 'Samsung Electronics CO., LTD.')
O23 - Driver S3: SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.) - (dg_ssudbus) - C:\Windows\system32\DRIVERS\ssudbus2.sys (+safe mode) (sign: 'Samsung Electronics CO., LTD.')
O23 - Driver S3: USB RNDIS6 Adapter - (usbrndis6) - C:\Windows\System32\drivers\usb80236.sys (+safe mode) (not signed)
O23 - Driver S3: USB Scanner Driver - (usbscan) - C:\Windows\System32\drivers\usbscan.sys (+safe mode) (not signed)
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service: 'rt640x64'
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service: 'RtlWlanu'
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service: 'usbrndis6'
--
End of file - Time spent: 42,3 sec. - 41322 bytes, CRC32: FFFFFFFF. Sign: 曫㓑
Prova a fare una scansione completa con Malwarebytes
Prova anche con https://www.trendmicro.com/it_it/forHome/products/housecall.html
Prova anche con https://www.trendmicro.com/it_it/forHome/products/housecall.html
In riferimento a questa discussione https://www.digital-forum.it/threads/suono-periferica-pc-anomalo.218874/, chiedo gentilmente di controllare il log.
Ringrazio anticipatamente
Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18
Platform: x64 Windows 10 (Home), 10.0.22621.3235 (ReleaseId: 2009), Service Pack: 0
Time: 11.03.2024 - 20:47 (UTC+01:00)
Language: OS: Italian (0x410). Display: Italian (0x410). Non-Unicode: Italian (0x410)
Elevated: Yes
Ran by: (group: Administrator) on *****-PC, FirstRun: yes
Chrome: 122.0.6261.112
Firefox: 123.0.1.8829
Internet Explorer: 11.0.22621.1
Default: "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Firefox)
Boot mode: Normal
Running processes:
Number | Path
1 C:\Program Files (x86)\AK910SwitchService\svc\AK910SwitchService.exe
1 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
1 C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
1 C:\Program Files (x86)\Dropbox\Update\1.3.863.1\DropboxCrashHandler.exe
1 C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
1 C:\Program Files (x86)\EaseUS\ENS\AliyunWrapExe.exe
1 C:\Program Files (x86)\EaseUS\ENS\ensserver.exe
1 C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
1 C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
1 C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
1 C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
1 C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
1 C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
1 C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
1 C:\Program Files\AMD\CNext\CNext\amdow.exe
1 C:\Program Files\AMD\CNext\CNext\cncmd.exe
1 C:\Program Files\AVG\Antivirus\AVGSvc.exe
4 C:\Program Files\AVG\Antivirus\AVGUI.exe
1 C:\Program Files\AVG\Antivirus\aswEngSrv.exe
1 C:\Program Files\AVG\Antivirus\aswidsagent.exe
1 C:\Program Files\AVG\Antivirus\avgToolsSvc.exe
1 C:\Program Files\AVG\Antivirus\wsc_proxy.exe
2 C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
1 C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
1 C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
1 C:\Program Files\Bonjour\mDNSResponder.exe
1 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1 C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
1 C:\Program Files\CyberLink\Shared files\RichVideo64.exe
1 C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
1 C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe
1 C:\Program Files\HP\HP Enabling Services\BridgeCommunication.exe
1 C:\Program Files\HP\HP Enabling Services\DiagsCap.exe
1 C:\Program Files\HP\HP Enabling Services\NetworkCap.exe
1 C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe
1 C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
1 C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
1 C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
1 C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
1 C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
1 C:\Program Files\Intel\ConnectCenter\bin\CCFManager.exe
1 C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
13 C:\Program Files\Mozilla Firefox\firefox.exe
2 C:\Program Files\MySQL\MySQL Server 8.0\bin\mysqld.exe
1 C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
1 C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
1 C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
1 C:\Program Files\Windows Media Player\wmpnetwk.exe
1 C:\Program Files\WindowsApps\Microsoft.GamingServices_18.86.29002.0_x64__8wekyb3d8bbwe\gamingservices.exe
1 C:\Program Files\WindowsApps\Microsoft.GamingServices_18.86.29002.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
1 C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.170.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
1 C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.170.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
1 C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
1 C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.232.997.0_x64__zpdnekdrzrea0\SpotifyWidgetProvider.exe
1 C:\Users\Cosmo\Documents\Cosmo\HiJackThis\HiJackThis.exe
1 C:\Windows\ImmersiveControlPanel\SystemSettings.exe
1 C:\Windows\SwUSB.exe
2 C:\Windows\SysWOW64\svchost.exe
1 C:\Windows\System32\AggregatorHost.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
1 C:\Windows\System32\DbxSvc.exe
1 C:\Windows\System32\DriverStore\FileRepository\u0373977.inf_amd64_f16e16bd1520671a\B373987\atieclxx.exe
1 C:\Windows\System32\DriverStore\FileRepository\u0373977.inf_amd64_f16e16bd1520671a\B373987\atiesrxx.exe
3 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SecurityHealthSystray.exe
1 C:\Windows\System32\amdfendrsr.exe
1 C:\Windows\System32\audiodg.exe
1 C:\Windows\System32\backgroundTaskHost.exe
2 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
2 C:\Windows\System32\dasHost.exe
1 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\oobe\UserOOBEBroker.exe
1 C:\Windows\System32\rundll32.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
85 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wbem\unsecapp.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
2 C:\Windows\explorer.exe
1 C:\Windows\runSW.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page Redirect Cache] = https://www.msn.com/it-it?pc=UE01&ocid=UE01DHP
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = https://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
O2 - HKLM\..\BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
O2 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.80\BHO\ie_to_edge_bho_64.dll
O2-32 - HKLM\..\BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O2-32 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.80\BHO\ie_to_edge_bho.dll
O4 - Global User Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
O4 - HKCU\..\Run: [Adobe Acrobat Synchronizer] = C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
O4 - HKCU\..\StartupApproved\Run: [Opera Browser Assistant] = C:\Users\Cosmo\AppData\Local\Programs\Opera\assistant\browser_assistant.exe (2021/08/12)
O4 - HKCU\..\StartupApproved\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent (2023/06/10)
O4 - HKCU\..\StartupApproved\StartupFolder: C:\Users\Cosmo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Ecocerved SmartCardManager.lnk -> C:\Users\Cosmo\AppData\Local\Ecocerved.SmartCardManager\Ecocerved.SmartCardMaganer.exe (2018/04/26)
O4 - HKLM\..\Run: [AVGUI.exe] = C:\Program Files\AVG\Antivirus\AvLaunch.exe /gui
O4 - HKLM\..\Run: [IntelConnectCenter] = C:\Program Files\Intel\ConnectCenter\bin\ICCLauncher.exe /tasktrayonly
O4 - HKLM\..\Run: [RTHDVCPL] = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
O4 - HKLM\..\Run: [SecurityHealth] = C:\WINDOWS\system32\SecurityHealthSystray.exe
O4 - HKLM\..\Run: [bit4id csp store register (M x64)] = C:\WINDOWS\system32\bit4upki-store.dll "C:\WINDOWS\system32\bit4upki-store.dll",RunImportServer
O4 - HKLM\..\StartupApproved\Run32: [DropboxOEM] = C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe auto (2019/09/28)
O4 - HKLM\..\StartupApproved\Run32: [Dropbox] = C:\Program Files (x86)\Dropbox\Client\Dropbox.exe /systemstartup (2019/09/28)
O4 - HKU\S-1-5-19\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (Microsoft)
O4 - HKU\S-1-5-19\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade
O4 - HKU\S-1-5-20\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (Microsoft)
O4 - HKU\S-1-5-20\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade
O4-32 - HKLM\..\Run: [Adobe CCXProcess] = C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
O4-32 - HKLM\..\Run: [HP Software Update] = C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4-32 - HKLM\..\Run: [bit4id csp store register (M)] = C:\WINDOWS\SysWOW64\RUNDLL32.EXE "C:\WINDOWS\system32\bit4upki-store.dll",RunImportServer
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\E&sporta in Microsoft Excel: (default) = C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (file missing)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\E&xport to Microsoft Excel: (default) = C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE (file missing)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Se&nd to OneNote: (default) = C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll (file missing)
O9 - Button: HKLM\..\{25510184-5A38-4A99-B273-DCA8EEF6CD08}: Viene lanciato HP Network Check, che aiuta a risolvere i problemi di connessione - C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Button: HKLM\..\{A95fe080-8f5d-11d2-a20b-00aa003c157a}: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html (file missing)
O9 - Tools menu item: HKLM\..\{25510184-5A38-4A99-B273-DCA8EEF6CD08}: HP Network Check (Controllo rete HP) - C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Tools menu item: HKLM\..\{A95fe080-8f5d-11d2-a20b-00aa003c157a}: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html (file missing)
O9-32 - Button: HKLM\..\{22CC3EBD-C286-43aa-B8E6-06B115F74162}: HP Smart Print - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9-32 - Button: HKLM\..\{25510184-5A38-4A99-B273-DCA8EEF6CD08}: Viene lanciato HP Network Check, che aiuta a risolvere i problemi di connessione - C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9-32 - Tools menu item: HKLM\..\{22CC3EBD-C286-43aa-B8E6-06B115F74162}: HP Smart Print - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9-32 - Tools menu item: HKLM\..\{25510184-5A38-4A99-B273-DCA8EEF6CD08}: HP Network Check (Controllo rete HP) - C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O10 - Unknown file in Winsock LSP: C:\WINDOWS\system32\nlansp_c.dll
O16-32 - DPF: HKLM\..\{8AD9C840-044E-11D1-B3E9-00805F499D93}\DownloadInformation: (no name) [CODEBASE] = http://java.sun.com/update/1.8.0/jinstall-1_8_0_221-windows-i586.cab
O16-32 - DPF: HKLM\..\{CAFEEFAC-0018-0000-00221-ABCDEFFEDCBA}\DownloadInformation: (no name) [CODEBASE] = http://java.sun.com/update/1.8.0/jinstall-1_8_0_221-windows-i586.cab
O16-32 - DPF: HKLM\..\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\DownloadInformation: (no name) [CODEBASE] = http://java.sun.com/update/1.8.0/jinstall-1_8_0_221-windows-i586.cab
O17 - DHCP DNS 1: 8.8.8.8 (Well-known DNS: Google)
O17 - DHCP DNS 2: 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{e404c534-e4a2-4b2e-9c8d-2178e30b7715}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{e404c534-e4a2-4b2e-9c8d-2178e30b7715}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ AccExtIco1: AccExtIco1 Class - {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ AccExtIco2: AccExtIco2 Class - {853B7E05-C47D-4985-909A-D0DC5C6D7303} - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ AccExtIco3: AccExtIco3 Class - {42D38F2E-98E9-4382-B546-E24E4D6D04BB} - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt01: DropboxExt1 Class - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt02: DropboxExt7 Class - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt03: DropboxExt9 Class - {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt04: DropboxExt3 Class - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt05: DropboxExt2 Class - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt06: DropboxExt4 Class - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt07: DropboxExt5 Class - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt08: DropboxExt8 Class - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt09: DropboxExt10 Class - {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt10: DropboxExt6 Class - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\00avg: AVG - {472083B1-C522-11CF-8763-00608CC02F24} - C:\Program Files\AVG\Antivirus\ashShell.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt01: DropboxExt1 Class - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.69.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt02: DropboxExt7 Class - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.69.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt03: DropboxExt9 Class - {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.69.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt04: DropboxExt3 Class - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.69.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt05: DropboxExt2 Class - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.69.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt06: DropboxExt4 Class - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.69.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt07: DropboxExt5 Class - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.69.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt08: DropboxExt8 Class - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.69.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt09: DropboxExt10 Class - {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.69.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt10: DropboxExt6 Class - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.69.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\00avg: AVG - {472083B1-C522-11CF-8763-00608CC02F24} - C:\Program Files\AVG\Antivirus\x86\ashShell.dll
O22 - Task (.job): (Not scheduled) {5E9C47D5-C2A3-4B5B-9646-23F9F5362F1A}.job - C:\Program Files\Wizards of the Coast\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.95.809059.exe (file missing) /i "C:\Users\Cosmo\AppData\Local\Temp\AIED110.tmp" AI_SETUPEXEPATH="C:\Program Files\Wizards of the Coast\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.95.809059.exe" SETUPEXEDIR="C:\Program Files\Wizards of the Coast\MTGA\MTGALauncher\Updates\" ADDLOCAL=MainFeature,MicrosoftVisualC ALLUSERS="1" PRIM
O22 - Task (.job): (disabled) (Not scheduled) CreateExplorerShellUnelevatedTask.job - C:\WINDOWS\explorer.exe /NoUACCheck
O22 - Task (.job): (disabled) (Not scheduled) DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
O22 - Task (.job): (disabled) (Not scheduled) DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
O23 - Service R2: HP SimplePass Service - (omniserv) - C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
O23 - Service R2: Servizio Bonjour - (Bonjour Service) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service R2: AK910SwitchService - C:\Program Files (x86)\AK910SwitchService\svc\AK910SwitchService.exe
O23 - Service R2: AMD Crash Defender Service - C:\WINDOWS\System32\amdfendrsr.exe
O23 - Service R2: AMD External Events Utility - C:\WINDOWS\System32\DriverStore\FileRepository\u0373977.inf_amd64_f16e16bd1520671a\B373987\atiesrxx.exe
O23 - Service R2: AVG Antivirus - C:\Program Files\AVG\Antivirus\AVGSvc.exe /runassvc
O23 - Service R2: AVG Tools - C:\Program Files\AVG\Antivirus\avgToolsSvc.exe /runassvc
O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service R2: Apple Mobile Device Service - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service R2: AvgWscReporter - C:\Program Files\AVG\Antivirus\wsc_proxy.exe /runassvc /rpcserver
O23 - Service R2: Cyberlink RichVideo64 Service(CRVS) - (RichVideo64) - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service R2: DbxSvc - C:\WINDOWS\system32\DbxSvc.exe
O23 - Service R2: EaseUS UPDATE SERVICE - C:\Program Files (x86)\EaseUS\ENS\ensserver.exe
O23 - Service R2: Gaming Services - (GamingServices) - C:\Program Files\WindowsApps\Microsoft.GamingServices_18.86.29002.0_x64__8wekyb3d8bbwe\GamingServices.exe
O23 - Service R2: Gaming Services - (GamingServicesNet) - C:\Program Files\WindowsApps\Microsoft.GamingServices_18.86.29002.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
O23 - Service R2: HP App Helper HSA Service - (HPAppHelperCap) - C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe
O23 - Service R2: HP Diagnostics HSA Service - (HPDiagsCap) - C:\Program Files\HP\HP Enabling Services\DiagsCap.exe
O23 - Service R2: HP Network HSA Service - (HPNetworkCap) - C:\Program Files\HP\HP Enabling Services\NetworkCap.exe
O23 - Service R2: HP Print Scan Doctor Service - (HPPrintScanDoctorService) - C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
O23 - Service R2: HP Support Solutions Framework Service - (HPSupportSolutionsFrameworkService) - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service R2: HP System Info HSA Service - (HPSysInfoCap) - C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe
O23 - Service R2: MySQL80 - C:\Program Files\MySQL\MySQL Server 8.0\bin\mysqld.exe --defaults-file="C:\ProgramData\MySQL\MySQL Server 8.0\my.ini" MySQL80
O23 - Service R2: Realtek Audio Service - (RtkAudioService) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service R2: RunSwUSB - C:\Windows\runSW.exe
O23 - Service R2: SAMSUNG Mobile Connectivity Service - (ss_conn_service) - C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
O23 - Service R2: Servizio A portata di clic di Microsoft Office - (ClickToRunSvc) - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe /service
O23 - Service R3: avgbIDSAgent - C:\Program Files\AVG\Antivirus\aswidsagent.exe
O23 - Service S2: GameInput Service - C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe
O23 - Service S2: GoogleUpdater InternalService 124.0.6342.2 (GoogleUpdaterInternalService124.0.6342.2) - (GoogleUpdaterInternalService124.0.6342.2) - C:\Program Files (x86)\Google\GoogleUpdater\124.0.6342.2\updater.exe --system --windows-service --service=update-internal --enable-logging --vmodule=*/components/winhttp/*=1,*/components/update_client/*=2,*/chrome/updater/*=2
O23 - Service S2: GoogleUpdater Service 124.0.6342.2 (GoogleUpdaterService124.0.6342.2) - (GoogleUpdaterService124.0.6342.2) - C:\Program Files (x86)\Google\GoogleUpdater\124.0.6342.2\updater.exe --system --windows-service --service=update --enable-logging --vmodule=*/components/winhttp/*=1,*/components/update_client/*=2,*/chrome/updater/*=2
O23 - Service S2: HP Touchpoint Analytics - (HPTouchpointAnalyticsService) - C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
O23 - Service S2: Intel(R) Common Connectivity Framework - (STCServ) - C:\Program Files\Intel\STCServ\STCServ.exe
O23 - Service S2: Microsoft Edge Update Service (edgeupdate) - (edgeupdate) - C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /svc
O23 - Service S2: Servizio Aggiornamento Dropbox (dbupdate) - (dbupdate) - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /svc
O23 - Service S2: Servizio Google Update (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S2: Wondershare Driver Install Service help - (ElevationService) - C:\ProgramData\Wondershare\wsServices\ElevationService.exe (file missing)
O23 - Service S2: Wondershare Install Assist Service - (Wondershare InstallAssist) - C:\ProgramData\Wondershare\Service\InstallAssistService.exe (file missing)
O23 - Service S2: Wondershare WSID help - (DFWSIDService) - C:\ProgramData\Wondershare\wsServices\WsidService.exe (file missing)
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\122.0.6261.112\elevation_service.exe
O23 - Service S3: HP Software Framework Service - (hpqwmiex) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service S3: Microsoft Edge Elevation Service (MicrosoftEdgeElevationService) - (MicrosoftEdgeElevationService) - C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.80\elevation_service.exe
O23 - Service S3: Microsoft Edge Update Service (edgeupdatem) - (edgeupdatem) - C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /medsvc
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service S3: Office 64 Source Engine - (ose64) - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
O23 - Service S3: Servizio Aggiornamento Dropbox (dbupdatem) - (dbupdatem) - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /medsvc
O23 - Service S3: Servizio Google Update (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\steamservice.exe /RunAsService
O23 - Service S3: Visual Studio Standard Collector Service 150 - (VSStandardCollectorService150) - C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe
Ringrazio anticipatamente
Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18
Platform: x64 Windows 10 (Home), 10.0.22621.3235 (ReleaseId: 2009), Service Pack: 0
Time: 11.03.2024 - 20:47 (UTC+01:00)
Language: OS: Italian (0x410). Display: Italian (0x410). Non-Unicode: Italian (0x410)
Elevated: Yes
Ran by: (group: Administrator) on *****-PC, FirstRun: yes
Chrome: 122.0.6261.112
Firefox: 123.0.1.8829
Internet Explorer: 11.0.22621.1
Default: "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Firefox)
Boot mode: Normal
Running processes:
Number | Path
1 C:\Program Files (x86)\AK910SwitchService\svc\AK910SwitchService.exe
1 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
1 C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
1 C:\Program Files (x86)\Dropbox\Update\1.3.863.1\DropboxCrashHandler.exe
1 C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
1 C:\Program Files (x86)\EaseUS\ENS\AliyunWrapExe.exe
1 C:\Program Files (x86)\EaseUS\ENS\ensserver.exe
1 C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
1 C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
1 C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
1 C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
1 C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
1 C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
1 C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
1 C:\Program Files\AMD\CNext\CNext\amdow.exe
1 C:\Program Files\AMD\CNext\CNext\cncmd.exe
1 C:\Program Files\AVG\Antivirus\AVGSvc.exe
4 C:\Program Files\AVG\Antivirus\AVGUI.exe
1 C:\Program Files\AVG\Antivirus\aswEngSrv.exe
1 C:\Program Files\AVG\Antivirus\aswidsagent.exe
1 C:\Program Files\AVG\Antivirus\avgToolsSvc.exe
1 C:\Program Files\AVG\Antivirus\wsc_proxy.exe
2 C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
1 C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
1 C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
1 C:\Program Files\Bonjour\mDNSResponder.exe
1 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1 C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
1 C:\Program Files\CyberLink\Shared files\RichVideo64.exe
1 C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
1 C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe
1 C:\Program Files\HP\HP Enabling Services\BridgeCommunication.exe
1 C:\Program Files\HP\HP Enabling Services\DiagsCap.exe
1 C:\Program Files\HP\HP Enabling Services\NetworkCap.exe
1 C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe
1 C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
1 C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
1 C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
1 C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
1 C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
1 C:\Program Files\Intel\ConnectCenter\bin\CCFManager.exe
1 C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
13 C:\Program Files\Mozilla Firefox\firefox.exe
2 C:\Program Files\MySQL\MySQL Server 8.0\bin\mysqld.exe
1 C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
1 C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
1 C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
1 C:\Program Files\Windows Media Player\wmpnetwk.exe
1 C:\Program Files\WindowsApps\Microsoft.GamingServices_18.86.29002.0_x64__8wekyb3d8bbwe\gamingservices.exe
1 C:\Program Files\WindowsApps\Microsoft.GamingServices_18.86.29002.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
1 C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.170.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
1 C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.170.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
1 C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
1 C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.232.997.0_x64__zpdnekdrzrea0\SpotifyWidgetProvider.exe
1 C:\Users\Cosmo\Documents\Cosmo\HiJackThis\HiJackThis.exe
1 C:\Windows\ImmersiveControlPanel\SystemSettings.exe
1 C:\Windows\SwUSB.exe
2 C:\Windows\SysWOW64\svchost.exe
1 C:\Windows\System32\AggregatorHost.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
1 C:\Windows\System32\DbxSvc.exe
1 C:\Windows\System32\DriverStore\FileRepository\u0373977.inf_amd64_f16e16bd1520671a\B373987\atieclxx.exe
1 C:\Windows\System32\DriverStore\FileRepository\u0373977.inf_amd64_f16e16bd1520671a\B373987\atiesrxx.exe
3 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SecurityHealthSystray.exe
1 C:\Windows\System32\amdfendrsr.exe
1 C:\Windows\System32\audiodg.exe
1 C:\Windows\System32\backgroundTaskHost.exe
2 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
2 C:\Windows\System32\dasHost.exe
1 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\oobe\UserOOBEBroker.exe
1 C:\Windows\System32\rundll32.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
85 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wbem\unsecapp.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
2 C:\Windows\explorer.exe
1 C:\Windows\runSW.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page Redirect Cache] = https://www.msn.com/it-it?pc=UE01&ocid=UE01DHP
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = https://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
O2 - HKLM\..\BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
O2 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.80\BHO\ie_to_edge_bho_64.dll
O2-32 - HKLM\..\BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O2-32 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.80\BHO\ie_to_edge_bho.dll
O4 - Global User Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
O4 - HKCU\..\Run: [Adobe Acrobat Synchronizer] = C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
O4 - HKCU\..\StartupApproved\Run: [Opera Browser Assistant] = C:\Users\Cosmo\AppData\Local\Programs\Opera\assistant\browser_assistant.exe (2021/08/12)
O4 - HKCU\..\StartupApproved\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent (2023/06/10)
O4 - HKCU\..\StartupApproved\StartupFolder: C:\Users\Cosmo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Ecocerved SmartCardManager.lnk -> C:\Users\Cosmo\AppData\Local\Ecocerved.SmartCardManager\Ecocerved.SmartCardMaganer.exe (2018/04/26)
O4 - HKLM\..\Run: [AVGUI.exe] = C:\Program Files\AVG\Antivirus\AvLaunch.exe /gui
O4 - HKLM\..\Run: [IntelConnectCenter] = C:\Program Files\Intel\ConnectCenter\bin\ICCLauncher.exe /tasktrayonly
O4 - HKLM\..\Run: [RTHDVCPL] = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
O4 - HKLM\..\Run: [SecurityHealth] = C:\WINDOWS\system32\SecurityHealthSystray.exe
O4 - HKLM\..\Run: [bit4id csp store register (M x64)] = C:\WINDOWS\system32\bit4upki-store.dll "C:\WINDOWS\system32\bit4upki-store.dll",RunImportServer
O4 - HKLM\..\StartupApproved\Run32: [DropboxOEM] = C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe auto (2019/09/28)
O4 - HKLM\..\StartupApproved\Run32: [Dropbox] = C:\Program Files (x86)\Dropbox\Client\Dropbox.exe /systemstartup (2019/09/28)
O4 - HKU\S-1-5-19\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (Microsoft)
O4 - HKU\S-1-5-19\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade
O4 - HKU\S-1-5-20\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (Microsoft)
O4 - HKU\S-1-5-20\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade
O4-32 - HKLM\..\Run: [Adobe CCXProcess] = C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
O4-32 - HKLM\..\Run: [HP Software Update] = C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4-32 - HKLM\..\Run: [bit4id csp store register (M)] = C:\WINDOWS\SysWOW64\RUNDLL32.EXE "C:\WINDOWS\system32\bit4upki-store.dll",RunImportServer
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\E&sporta in Microsoft Excel: (default) = C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (file missing)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\E&xport to Microsoft Excel: (default) = C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE (file missing)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Se&nd to OneNote: (default) = C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll (file missing)
O9 - Button: HKLM\..\{25510184-5A38-4A99-B273-DCA8EEF6CD08}: Viene lanciato HP Network Check, che aiuta a risolvere i problemi di connessione - C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Button: HKLM\..\{A95fe080-8f5d-11d2-a20b-00aa003c157a}: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html (file missing)
O9 - Tools menu item: HKLM\..\{25510184-5A38-4A99-B273-DCA8EEF6CD08}: HP Network Check (Controllo rete HP) - C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Tools menu item: HKLM\..\{A95fe080-8f5d-11d2-a20b-00aa003c157a}: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html (file missing)
O9-32 - Button: HKLM\..\{22CC3EBD-C286-43aa-B8E6-06B115F74162}: HP Smart Print - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9-32 - Button: HKLM\..\{25510184-5A38-4A99-B273-DCA8EEF6CD08}: Viene lanciato HP Network Check, che aiuta a risolvere i problemi di connessione - C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9-32 - Tools menu item: HKLM\..\{22CC3EBD-C286-43aa-B8E6-06B115F74162}: HP Smart Print - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9-32 - Tools menu item: HKLM\..\{25510184-5A38-4A99-B273-DCA8EEF6CD08}: HP Network Check (Controllo rete HP) - C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O10 - Unknown file in Winsock LSP: C:\WINDOWS\system32\nlansp_c.dll
O16-32 - DPF: HKLM\..\{8AD9C840-044E-11D1-B3E9-00805F499D93}\DownloadInformation: (no name) [CODEBASE] = http://java.sun.com/update/1.8.0/jinstall-1_8_0_221-windows-i586.cab
O16-32 - DPF: HKLM\..\{CAFEEFAC-0018-0000-00221-ABCDEFFEDCBA}\DownloadInformation: (no name) [CODEBASE] = http://java.sun.com/update/1.8.0/jinstall-1_8_0_221-windows-i586.cab
O16-32 - DPF: HKLM\..\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\DownloadInformation: (no name) [CODEBASE] = http://java.sun.com/update/1.8.0/jinstall-1_8_0_221-windows-i586.cab
O17 - DHCP DNS 1: 8.8.8.8 (Well-known DNS: Google)
O17 - DHCP DNS 2: 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{e404c534-e4a2-4b2e-9c8d-2178e30b7715}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{e404c534-e4a2-4b2e-9c8d-2178e30b7715}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ AccExtIco1: AccExtIco1 Class - {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ AccExtIco2: AccExtIco2 Class - {853B7E05-C47D-4985-909A-D0DC5C6D7303} - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ AccExtIco3: AccExtIco3 Class - {42D38F2E-98E9-4382-B546-E24E4D6D04BB} - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt01: DropboxExt1 Class - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt02: DropboxExt7 Class - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt03: DropboxExt9 Class - {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt04: DropboxExt3 Class - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt05: DropboxExt2 Class - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt06: DropboxExt4 Class - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt07: DropboxExt5 Class - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt08: DropboxExt8 Class - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt09: DropboxExt10 Class - {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt10: DropboxExt6 Class - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.69.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\00avg: AVG - {472083B1-C522-11CF-8763-00608CC02F24} - C:\Program Files\AVG\Antivirus\ashShell.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt01: DropboxExt1 Class - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.69.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt02: DropboxExt7 Class - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.69.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt03: DropboxExt9 Class - {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.69.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt04: DropboxExt3 Class - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.69.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt05: DropboxExt2 Class - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.69.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt06: DropboxExt4 Class - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.69.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt07: DropboxExt5 Class - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.69.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt08: DropboxExt8 Class - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.69.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt09: DropboxExt10 Class - {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.69.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt10: DropboxExt6 Class - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.69.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\00avg: AVG - {472083B1-C522-11CF-8763-00608CC02F24} - C:\Program Files\AVG\Antivirus\x86\ashShell.dll
O22 - Task (.job): (Not scheduled) {5E9C47D5-C2A3-4B5B-9646-23F9F5362F1A}.job - C:\Program Files\Wizards of the Coast\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.95.809059.exe (file missing) /i "C:\Users\Cosmo\AppData\Local\Temp\AIED110.tmp" AI_SETUPEXEPATH="C:\Program Files\Wizards of the Coast\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.95.809059.exe" SETUPEXEDIR="C:\Program Files\Wizards of the Coast\MTGA\MTGALauncher\Updates\" ADDLOCAL=MainFeature,MicrosoftVisualC ALLUSERS="1" PRIM
O22 - Task (.job): (disabled) (Not scheduled) CreateExplorerShellUnelevatedTask.job - C:\WINDOWS\explorer.exe /NoUACCheck
O22 - Task (.job): (disabled) (Not scheduled) DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
O22 - Task (.job): (disabled) (Not scheduled) DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
O23 - Service R2: HP SimplePass Service - (omniserv) - C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
O23 - Service R2: Servizio Bonjour - (Bonjour Service) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service R2: AK910SwitchService - C:\Program Files (x86)\AK910SwitchService\svc\AK910SwitchService.exe
O23 - Service R2: AMD Crash Defender Service - C:\WINDOWS\System32\amdfendrsr.exe
O23 - Service R2: AMD External Events Utility - C:\WINDOWS\System32\DriverStore\FileRepository\u0373977.inf_amd64_f16e16bd1520671a\B373987\atiesrxx.exe
O23 - Service R2: AVG Antivirus - C:\Program Files\AVG\Antivirus\AVGSvc.exe /runassvc
O23 - Service R2: AVG Tools - C:\Program Files\AVG\Antivirus\avgToolsSvc.exe /runassvc
O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service R2: Apple Mobile Device Service - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service R2: AvgWscReporter - C:\Program Files\AVG\Antivirus\wsc_proxy.exe /runassvc /rpcserver
O23 - Service R2: Cyberlink RichVideo64 Service(CRVS) - (RichVideo64) - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service R2: DbxSvc - C:\WINDOWS\system32\DbxSvc.exe
O23 - Service R2: EaseUS UPDATE SERVICE - C:\Program Files (x86)\EaseUS\ENS\ensserver.exe
O23 - Service R2: Gaming Services - (GamingServices) - C:\Program Files\WindowsApps\Microsoft.GamingServices_18.86.29002.0_x64__8wekyb3d8bbwe\GamingServices.exe
O23 - Service R2: Gaming Services - (GamingServicesNet) - C:\Program Files\WindowsApps\Microsoft.GamingServices_18.86.29002.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
O23 - Service R2: HP App Helper HSA Service - (HPAppHelperCap) - C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe
O23 - Service R2: HP Diagnostics HSA Service - (HPDiagsCap) - C:\Program Files\HP\HP Enabling Services\DiagsCap.exe
O23 - Service R2: HP Network HSA Service - (HPNetworkCap) - C:\Program Files\HP\HP Enabling Services\NetworkCap.exe
O23 - Service R2: HP Print Scan Doctor Service - (HPPrintScanDoctorService) - C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
O23 - Service R2: HP Support Solutions Framework Service - (HPSupportSolutionsFrameworkService) - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service R2: HP System Info HSA Service - (HPSysInfoCap) - C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe
O23 - Service R2: MySQL80 - C:\Program Files\MySQL\MySQL Server 8.0\bin\mysqld.exe --defaults-file="C:\ProgramData\MySQL\MySQL Server 8.0\my.ini" MySQL80
O23 - Service R2: Realtek Audio Service - (RtkAudioService) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service R2: RunSwUSB - C:\Windows\runSW.exe
O23 - Service R2: SAMSUNG Mobile Connectivity Service - (ss_conn_service) - C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
O23 - Service R2: Servizio A portata di clic di Microsoft Office - (ClickToRunSvc) - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe /service
O23 - Service R3: avgbIDSAgent - C:\Program Files\AVG\Antivirus\aswidsagent.exe
O23 - Service S2: GameInput Service - C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe
O23 - Service S2: GoogleUpdater InternalService 124.0.6342.2 (GoogleUpdaterInternalService124.0.6342.2) - (GoogleUpdaterInternalService124.0.6342.2) - C:\Program Files (x86)\Google\GoogleUpdater\124.0.6342.2\updater.exe --system --windows-service --service=update-internal --enable-logging --vmodule=*/components/winhttp/*=1,*/components/update_client/*=2,*/chrome/updater/*=2
O23 - Service S2: GoogleUpdater Service 124.0.6342.2 (GoogleUpdaterService124.0.6342.2) - (GoogleUpdaterService124.0.6342.2) - C:\Program Files (x86)\Google\GoogleUpdater\124.0.6342.2\updater.exe --system --windows-service --service=update --enable-logging --vmodule=*/components/winhttp/*=1,*/components/update_client/*=2,*/chrome/updater/*=2
O23 - Service S2: HP Touchpoint Analytics - (HPTouchpointAnalyticsService) - C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
O23 - Service S2: Intel(R) Common Connectivity Framework - (STCServ) - C:\Program Files\Intel\STCServ\STCServ.exe
O23 - Service S2: Microsoft Edge Update Service (edgeupdate) - (edgeupdate) - C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /svc
O23 - Service S2: Servizio Aggiornamento Dropbox (dbupdate) - (dbupdate) - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /svc
O23 - Service S2: Servizio Google Update (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S2: Wondershare Driver Install Service help - (ElevationService) - C:\ProgramData\Wondershare\wsServices\ElevationService.exe (file missing)
O23 - Service S2: Wondershare Install Assist Service - (Wondershare InstallAssist) - C:\ProgramData\Wondershare\Service\InstallAssistService.exe (file missing)
O23 - Service S2: Wondershare WSID help - (DFWSIDService) - C:\ProgramData\Wondershare\wsServices\WsidService.exe (file missing)
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\122.0.6261.112\elevation_service.exe
O23 - Service S3: HP Software Framework Service - (hpqwmiex) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service S3: Microsoft Edge Elevation Service (MicrosoftEdgeElevationService) - (MicrosoftEdgeElevationService) - C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.80\elevation_service.exe
O23 - Service S3: Microsoft Edge Update Service (edgeupdatem) - (edgeupdatem) - C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /medsvc
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service S3: Office 64 Source Engine - (ose64) - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
O23 - Service S3: Servizio Aggiornamento Dropbox (dbupdatem) - (dbupdatem) - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /medsvc
O23 - Service S3: Servizio Google Update (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\steamservice.exe /RunAsService
O23 - Service S3: Visual Studio Standard Collector Service 150 - (VSStandardCollectorService150) - C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe
Il log sembra ok
L'antivirus potrebbe aver svolto correttamente il proprio lavoro.
Ricordo che l'ultima versione stabile del programmino è la 2.10.0.31
L'antivirus potrebbe aver svolto correttamente il proprio lavoro.
Ricordo che l'ultima versione stabile del programmino è la 2.10.0.31
Grazie mille, ora sono più tranquillo