Importante Richiesta controllo Logfile of HijackThis (Versione 2.10.0.31) del 06/05/2023

Ciao, no non va eliminato.

Lascia tutto come è

Ho visto il test di velocità che hai fatto nell'altra discussione, ti rispondi li

A causa a volte di blocco della navigazione su alcuni browser tipo su Mozilla Firefox, Google Chrome, chiedo gentilmente allo staff se mi analizzate il seguente log
Logfile of HiJackThis Fork by Alex Dragokas v.2.10.0.23

Platform: x64 Windows 11 (Pro), 10.0.22000.978 (ReleaseId: 2009, 21H2), Service Pack: 0
Time: 18.09.2022 - 17:01 (UTC+02:00)
Language: OS: Italian (0x410). Display: Italian (0x410). Non-Unicode: Italian (0x410)
Memory: 4327 MiB Free (40 %). CPU Loading: (13 %)
Elevated: Yes
Ran by: d80di(group: Administrators) on DESKTOP-20CKG13, FirstRun: no

Chrome: 105.0.5195.127
Firefox: 104.0.2.8280
Internet Explorer: 11.0.22000.120
Default: "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Firefox)

Boot mode: Normal

Running processes:
Number | Path
1 C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
1 C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
6 C:\Program Files (x86)\Microsoft\EdgeWebView\Application\105.0.1343.42\msedgewebview2.exe
1 C:\Program Files\AMD\CNext\CNext\amdow.exe
1 C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
1 C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
1 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22062.543.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
1 C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.665.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\NisSrv.exe
1 C:\Users\d80di\Desktop\HiJackThis.exe
1 C:\Windows\explorer.exe
1 C:\Windows\System32\AggregatorHost.exe
1 C:\Windows\System32\amdfendrsr.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
1 C:\Windows\System32\audiodg.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
2 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\DriverStore\FileRepository\c0360470.inf_amd64_b06c374aee20d185\B360357\atieclxx.exe
1 C:\Windows\System32\DriverStore\FileRepository\c0360470.inf_amd64_b06c374aee20d185\B360357\atiesrxx.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\lsass.exe
3 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\SgrmBroker.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
76 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\vmcompute.exe
1 C:\Windows\System32\vmms.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe

O1 - Hosts.ICS: 172.18.224.1 DESKTOP-20CKG13.mshome.net # 2027 9 5 17 14 16 13 586
O2 - HKLM\..\BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_341\bin\jp2ssv.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_341\bin\ssv.dll
O2-32 - HKLM\..\BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O3 - HKLM\..\Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3-32 - HKLM\..\Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_595ACA7AB1ED3690A20B3E494738DA81] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start /prefetch:5 (2022/06/24)
O4 - HKCU\..\StartupApproved\Run: [Opera Browser Assistant] = C:\Users\d80di\AppData\Local\Programs\Opera\assistant\browser_assistant.exe (2020/10/15)
O4 - HKLM\..\StartupApproved\Run: [RtHDVCpl] = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s (2020/09/28)
O4 - HKLM\..\StartupApproved\Run: [SecurityHealth] = C:\WINDOWS\system32\SecurityHealthSystray.exe (2020/09/28)
O4 - HKLM\..\StartupApproved\Run32: [CanonQuickMenu] = C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon (2022/06/24)
O4 - HKLM\..\StartupApproved\Run32: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2020/10/15)
O4 - HKLM\..\StartupApproved\Run32: [V0330Mon.exe] = C:\WINDOWS\V0330Mon.exe (2020/09/28)
O4 - HKLM\..\StartupApproved\StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Carroll.lnk -> C:\Program Files (x86)\Carroll\Carroll.exe /OnlySet (2020/09/28)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\E&xport to Microsoft Excel: (default) = C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE (file missing)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Se&nd to OneNote: (default) = C:\Program Files\Microsoft Office\root\Office16\ONBttnIE.dll (file missing)
O10 - Unknown file in Winsock LSP: C:\WINDOWS\system32\nlansp_c.dll
O17 - DHCP DNS 1: 8.8.8.8 (Well-known DNS: Google)
O17 - DHCP DNS 2: 8.8.4.4 (Well-known DNS: Google)
O17 - DHCP DNS 3: 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\..\{2793abdd-b4c7-4dfb-97cd-2eade4e47037}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{2793abdd-b4c7-4dfb-97cd-2eade4e47037}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{31a2b1e9-9a42-497b-9ce3-b4c3781798cc}: [NameServer] = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\..\{31a2b1e9-9a42-497b-9ce3-b4c3781798cc}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{31a2b1e9-9a42-497b-9ce3-b4c3781798cc}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{31A2B1E9-9A42-497B-9CE3-B4C3781798CC}: [NameServer] = 192.168.1.254
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{31A2B1E9-9A42-497B-9CE3-B4C3781798CC}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{31A2B1E9-9A42-497B-9CE3-B4C3781798CC}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{C71902A8-E482-42A4-A6C3-9D062F28B8D3}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{C71902A8-E482-42A4-A6C3-9D062F28B8D3}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O22 - BITS Job: (download) {F9F31CF2-9B2B-4D4C-B2DF-B44657365CB0} - https://download-installer.cdn.mozi...te/win64/it/firefox-101.0.1-102.0.partial.mar -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\updates\downloading\update.mar
O22 - BITS Job: Fix all (including legit)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avira\System Speedup (empty)
O22 - Tasks: (disabled) \Microsoft\Windows\Clip\LicenseImdsIntegration - C:\WINDOWS\system32\fclip.exe (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\WINDOWS\System32\Autopilot.dll (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\WINDOWS\System32\Autopilot.dll (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\MdmDiagnosticsCleanup - C:\WINDOWS\system32\MdmDiagnosticsTool.exe /clean (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\WINDOWS\system32\usoclient.exe StartWork (Microsoft)
O22 - Tasks: (disabled) Optimize Push Notification Data File-S-1-5-21-1593497920-3724576141-1433594885-1001 - {201600D8-6EFF-48CE-B842-E14D37A0682D} - C:\WINDOWS\System32\wpninprc.dll
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Tasks: \Abelssoft\Abelssoft SSD Fresh Settings Check_43 - C:\Program Files (x86)\SSDFresh\AbLauncher.exe checksettings -autorun
O22 - Tasks: \Agent Activation Runtime\S-1-5-21-1593497920-3724576141-1433594885-1001 - C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe
O22 - Tasks: \Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - C:\WINDOWS\System32\MbaeParserTask.exe (file missing)
O22 - Tasks: \Mozilla\Firefox Background Update 308046B0AF4A39CB - C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
O22 - Tasks: \Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB - C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
O22 - Tasks: \WiseCleaner\WRCSkipUAC - C:\Program Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe $UAC
O22 - Tasks: BraveSoftwareUpdateTaskMachineCore - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe /c
O22 - Tasks: BraveSoftwareUpdateTaskMachineUA - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe /ua /installsource scheduler
O22 - Tasks: GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Tasks: GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Tasks: Maxthon5 Update - C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe -RunScheduledUpdate
O22 - Tasks: Opera scheduled assistant Autoupdate 1601326342 - C:\Users\d80di\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate --component-name=assistant --component-path="C:\Users\d80di\AppData\Local\Programs\Opera\assistant" $(Arg0)
O22 - Tasks: Opera scheduled Autoupdate 1601326338 - C:\Users\d80di\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0)
O22 - Tasks: StartCN - C:\Program Files\AMD\CNext\CNext\cncmd.exe startwithdelay
O22 - Tasks: StartDVR - C:\Program Files\AMD\CNext\CNext\RSServCmd.exe
O22 - Tasks: VivaldiUpdateCheck-5924e1198cc83f03 - C:\Users\d80di\AppData\Local\Vivaldi\Application\update_notifier.exe --from-scheduler
O22 - Tasks_Migrated: (disabled) \Agent Activation Runtime\S-1-5-21-1593497920-3724576141-1433594885-1001 - C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Tasks_Migrated: (disabled) Optimize Push Notification Data File-S-1-5-21-1593497920-3724576141-1433594885-1001 - {201600D8-6EFF-48CE-B842-E14D37A0682D} - C:\WINDOWS\System32\wpninprc.dll
O22 - Tasks_Migrated: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Tasks_Migrated: \Abelssoft\Abelssoft SSD Fresh Settings Check_43 - C:\Program Files (x86)\SSDFresh\AbLauncher.exe checksettings -autorun
O22 - Tasks_Migrated: \Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - C:\WINDOWS\System32\MbaeParserTask.exe (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\SettingSync\BackgroundUploadTask - {59B9640B-3F70-4D1C-B159-F26EEB8A4C87} - (no file)
O22 - Tasks_Migrated: \Microsoft\Windows\SettingSync\NetworkStateChangeTask - {A4173A49-F373-4475-9A0F-2D615204DC20} - (no file)
O22 - Tasks_Migrated: \Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB - C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
O22 - Tasks_Migrated: \WiseCleaner\WRCSkipUAC - C:\Program Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe $UAC
O22 - Tasks_Migrated: ASC_SkipUac_d80di - C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe /SkipUac (file missing)
O22 - Tasks_Migrated: GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Tasks_Migrated: GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Tasks_Migrated: Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} - C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe /waitUpgrade (file missing)
O22 - Tasks_Migrated: Maxthon5 Update - C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe -RunScheduledUpdate
O22 - Tasks_Migrated: Opera scheduled assistant Autoupdate 1601326342 - C:\Users\d80di\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate --component-name=assistant --component-path="C:\Users\d80di\AppData\Local\Programs\Opera\assistant" $(Arg0)
O22 - Tasks_Migrated: Opera scheduled Autoupdate 1601326338 - C:\Users\d80di\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0)
O22 - Tasks_Migrated: StartCN - C:\Program Files\AMD\CNext\CNext\cncmd.exe startwithdelay
O22 - Tasks_Migrated: StartDVR - C:\Program Files\AMD\CNext\CNext\RSServCmd.exe
O22 - Tasks_Migrated: Sump Task (One-Time) - C:\Program Files (x86)\IObit\Advanced SystemCare\sump.exe /sup2 (file missing)
O22 - Tasks_Migrated: VivaldiUpdateCheck-5924e1198cc83f03 - C:\Users\d80di\AppData\Local\Vivaldi\Application\update_notifier.exe --from-scheduler
O23 - Service R2: AMD Crash Defender Service - C:\WINDOWS\system32\amdfendrsr.exe
O23 - Service R2: AMD External Events Utility - C:\WINDOWS\System32\DriverStore\FileRepository\c0360470.inf_amd64_b06c374aee20d185\B360357\atiesrxx.exe
O23 - Service S2: MxService - C:\Program Files (x86)\Maxthon5\Bin\MxService.exe
O23 - Service S2: Servizio Brave Update (brave) - (brave) - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe /svc
O23 - Service S2: Servizio Google Update (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\105.0.5195.127\elevation_service.exe
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service S3: Servizio Brave Update (bravem) - (bravem) - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe /medsvc
O23 - Service S3: Servizio Google Update (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O25 - WMI Event: Skip TPM Check on Dynamic Update - Skip TPM Check on Dynamic Update - Event="Win32_ProcessStartTrace WHERE ProcessName='vdsldr.exe'", C:\WINDOWS\system32\cmd.exe C:\WINDOWS\system32\cmd.exe /q Skip TPM Check on Dynamic Update (c) AveYo, 2021 /d /rerase appraiserres.dll /f /s /q (WorkDir = C:\$WINDOWS.~BT)


--
End of file - Time spent: 15 sec. - 32392 bytes, CRC32: FFFFFFFF. Sign: ᶎ⼪

Devo fixare qualcosa?
Grazie.

Non noto niente da segnalare.

Ok grazie VIANELLO_85.

Salve, siccome oggi ho avuto un furto dell'account facebook, potete verificare che non ci sia nulla di anomalo nel log?

Running processes:
Number | Path
1 C:\Program Files (x86)\AK910SwitchService\svc\AK910SwitchService.exe
1 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
1 C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
1 C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
1 C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
1 C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
1 C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
1 C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
1 C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
1 C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
1 C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
1 C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
1 C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
1 C:\Program Files\AMD\CNext\CNext\amdow.exe
1 C:\Program Files\AMD\CNext\CNext\cncmd.exe
1 C:\Program Files\AVG\Antivirus\AVGSvc.exe
4 C:\Program Files\AVG\Antivirus\AVGUI.exe
1 C:\Program Files\AVG\Antivirus\aswEngSrv.exe
1 C:\Program Files\AVG\Antivirus\aswidsagent.exe
1 C:\Program Files\AVG\Antivirus\avgToolsSvc.exe
1 C:\Program Files\AVG\Antivirus\wsc_proxy.exe
2 C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
1 C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
1 C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
1 C:\Program Files\Bonjour\mDNSResponder.exe
1 C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
1 C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
1 C:\Program Files\CyberLink\Shared files\RichVideo64.exe
1 C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
1 C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe
1 C:\Program Files\HP\HP Enabling Services\DiagsCap.exe
1 C:\Program Files\HP\HP Enabling Services\NetworkCap.exe
1 C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe
1 C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
1 C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
1 C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
1 C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
1 C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
1 C:\Program Files\Intel\ConnectCenter\bin\CCFManager.exe
13 C:\Program Files\Mozilla Firefox\firefox.exe
5 C:\Program Files\Mozilla Thunderbird\thunderbird.exe
2 C:\Program Files\MySQL\MySQL Server 8.0\bin\mysqld.exe
1 C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
1 C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
1 C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
1 C:\Program Files\Windows Media Player\wmpnetwk.exe
1 C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
1 C:\Program Files\WindowsApps\Microsoft.GamingServices_6.69.19001.0_x64__8wekyb3d8bbwe\gamingservices.exe
1 C:\Program Files\WindowsApps\Microsoft.GamingServices_6.69.19001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
1 C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2022.30070.26007.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
1 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22072.207.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
1 C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
1 C:\Users\Cosmo\Documents\Cosmo\HiJackThis\HiJackThis.exe
1 C:\Windows\ImmersiveControlPanel\SystemSettings.exe
2 C:\Windows\SysWOW64\svchost.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
1 C:\Windows\System32\DbxSvc.exe
1 C:\Windows\System32\DriverStore\FileRepository\u0372458.inf_amd64_f3ea25a6aa6555b8\B372420\atieclxx.exe
1 C:\Windows\System32\DriverStore\FileRepository\u0372458.inf_amd64_f3ea25a6aa6555b8\B372420\atiesrxx.exe
7 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SettingSyncHost.exe
1 C:\Windows\System32\SgrmBroker.exe
1 C:\Windows\System32\SystemSettingsBroker.exe
1 C:\Windows\System32\amdfendrsr.exe
1 C:\Windows\System32\audiodg.exe
2 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
2 C:\Windows\System32\dasHost.exe
2 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\oobe\UserOOBEBroker.exe
1 C:\Windows\System32\rundll32.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
88 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wbem\unsecapp.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
2 C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
2 C:\Windows\explorer.exe
1 C:\Windows\runSW.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page Redirect Cache] = https://www.msn.com/it-it/?pc=UE01&ocid=UE01DHP
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = https://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
O2 - HKLM\..\BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
O2 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\105.0.1343.53\BHO\ie_to_edge_bho_64.dll
O2-32 - HKLM\..\BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O2-32 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\105.0.1343.53\BHO\ie_to_edge_bho.dll
O4 - Global User Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
O4 - HKCU\..\Run: [Adobe Acrobat Synchronizer] = C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
O4 - HKCU\..\StartupApproved\Run: [Opera Browser Assistant] = C:\Users\Cosmo\AppData\Local\Programs\Opera\assistant\browser_assistant.exe (2021/08/12)
O4 - HKCU\..\StartupApproved\StartupFolder: C:\Users\Cosmo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Ecocerved SmartCardManager.lnk -> C:\Users\Cosmo\AppData\Local\Ecocerved.SmartCardManager\Ecocerved.SmartCardMaganer.exe (2018/04/26)
O4 - HKCU\..\StartupApproved\StartupFolder: C:\Users\Cosmo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Invia a OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (2017/10/27)
O4 - HKLM\..\Run: [AVGUI.exe] = C:\Program Files\AVG\Antivirus\AvLaunch.exe /gui
O4 - HKLM\..\Run: [IntelConnectCenter] = C:\Program Files\Intel\ConnectCenter\bin\ICCLauncher.exe /tasktrayonly
O4 - HKLM\..\Run: [RTHDVCPL] = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
O4 - HKLM\..\Run: [SecurityHealth] = C:\WINDOWS\system32\SecurityHealthSystray.exe
O4 - HKLM\..\Run: [bit4id csp store register (M x64)] = C:\WINDOWS\system32\bit4upki-store.dll "C:\WINDOWS\system32\bit4upki-store.dll",RunImportServer
O4 - HKLM\..\StartupApproved\Run32: [DropboxOEM] = C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe auto (2019/09/28)
O4 - HKLM\..\StartupApproved\Run32: [Dropbox] = C:\Program Files (x86)\Dropbox\Client\Dropbox.exe /systemstartup (2019/09/28)
O4 - HKLM\..\StartupApproved\Run32: [Wondershare Helper Compact.exe] = C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (2017/10/19)
O4 - HKU\S-1-5-19\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade
O4 - HKU\S-1-5-20\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade
O4-32 - HKLM\..\Run: [Adobe CCXProcess] = C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
O4-32 - HKLM\..\Run: [HP Software Update] = C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4-32 - HKLM\..\Run: [bit4id csp store register (M)] = C:\WINDOWS\SysWOW64\RUNDLL32.EXE "C:\WINDOWS\system32\bit4upki-store.dll",RunImportServer
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\E&sporta in Microsoft Excel: (default) = C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (file missing)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\E&xport to Microsoft Excel: (default) = C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE (file missing)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Se&nd to OneNote: (default) = C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll (file missing)
O9 - Button: HKLM\..\{25510184-5A38-4A99-B273-DCA8EEF6CD08}: Viene lanciato HP Network Check, che aiuta a risolvere i problemi di connessione - C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Button: HKLM\..\{A95fe080-8f5d-11d2-a20b-00aa003c157a}: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html (file missing)
O9 - Tools menu item: HKLM\..\{25510184-5A38-4A99-B273-DCA8EEF6CD08}: HP Network Check (Controllo rete HP) - C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Tools menu item: HKLM\..\{A95fe080-8f5d-11d2-a20b-00aa003c157a}: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html (file missing)
O9-32 - Button: HKLM\..\{22CC3EBD-C286-43aa-B8E6-06B115F74162}: HP Smart Print - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9-32 - Button: HKLM\..\{25510184-5A38-4A99-B273-DCA8EEF6CD08}: Viene lanciato HP Network Check, che aiuta a risolvere i problemi di connessione - C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9-32 - Tools menu item: HKLM\..\{22CC3EBD-C286-43aa-B8E6-06B115F74162}: HP Smart Print - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9-32 - Tools menu item: HKLM\..\{25510184-5A38-4A99-B273-DCA8EEF6CD08}: HP Network Check (Controllo rete HP) - C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O15 - Trusted Zone: *.localhost
O15 - Trusted Zone: http://webcompanion.com
O16-32 - DPF: HKLM\..\{8AD9C840-044E-11D1-B3E9-00805F499D93}\DownloadInformation: (no name) [CODEBASE] = http://java.sun.com/update/1.8.0/jinstall-1_8_0_221-windows-i586.cab
O16-32 - DPF: HKLM\..\{CAFEEFAC-0018-0000-00221-ABCDEFFEDCBA}\DownloadInformation: (no name) [CODEBASE] = http://java.sun.com/update/1.8.0/jinstall-1_8_0_221-windows-i586.cab
O16-32 - DPF: HKLM\..\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\DownloadInformation: (no name) [CODEBASE] = http://java.sun.com/update/1.8.0/jinstall-1_8_0_221-windows-i586.cab
O17 - DHCP DNS 1: 8.8.8.8 (Well-known DNS: Google)
O17 - DHCP DNS 2: 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{e404c534-e4a2-4b2e-9c8d-2178e30b7715}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{e404c534-e4a2-4b2e-9c8d-2178e30b7715}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ AccExtIco1: AccExtIco1 Class - {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ AccExtIco2: AccExtIco2 Class - {853B7E05-C47D-4985-909A-D0DC5C6D7303} - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ AccExtIco3: AccExtIco3 Class - {42D38F2E-98E9-4382-B546-E24E4D6D04BB} - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt01: DropboxExt1 Class - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.53.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt02: DropboxExt7 Class - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.53.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt03: DropboxExt9 Class - {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.53.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt04: DropboxExt3 Class - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.53.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt05: DropboxExt2 Class - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.53.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt06: DropboxExt4 Class - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.53.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt07: DropboxExt5 Class - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.53.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt08: DropboxExt8 Class - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.53.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt09: DropboxExt10 Class - {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.53.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt10: DropboxExt6 Class - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.53.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\00avg: AVG - {472083B1-C522-11CF-8763-00608CC02F24} - C:\Program Files\AVG\Antivirus\ashShell.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt01: DropboxExt1 Class - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.53.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt02: DropboxExt7 Class - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.53.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt03: DropboxExt9 Class - {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.53.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt04: DropboxExt3 Class - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.53.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt05: DropboxExt2 Class - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.53.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt06: DropboxExt4 Class - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.53.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt07: DropboxExt5 Class - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.53.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt08: DropboxExt8 Class - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.53.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt09: DropboxExt10 Class - {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.53.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt10: DropboxExt6 Class - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.53.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\00avg: AVG - {472083B1-C522-11CF-8763-00608CC02F24} - C:\Program Files\AVG\Antivirus\x86\ashShell.dll
O22 - Task (.job): (disabled) (Not scheduled) CreateExplorerShellUnelevatedTask.job - C:\WINDOWS\explorer.exe /NoUACCheck
O22 - Task (.job): (disabled) DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
O22 - Task (.job): (disabled) DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
O22 - Task (.job): {5E9C47D5-C2A3-4B5B-9646-23F9F5362F1A}.job - C:\Program Files\Wizards of the Coast\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.95.809059.exe (file missing) /i "C:\Users\Cosmo\AppData\Local\Temp\AIED110.tmp" AI_SETUPEXEPATH="C:\Program Files\Wizards of the Coast\MTGA\MTGALauncher\Updates\MTGAInstaller_1.0.95.809059.exe" SETUPEXEDIR="C:\Program Files\Wizards of the Coast\MTGA\MTGALauncher\Updates" ADDLOCAL=MainFeature,MicrosoftVisualC ALLUSERS="1" PRIM
O23 - Service R2: HP SimplePass Service - (omniserv) - C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
O23 - Service R2: Servizio Bonjour - (Bonjour Service) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service R2: AK910SwitchService - C:\Program Files (x86)\AK910SwitchService\svc\AK910SwitchService.exe
O23 - Service R2: AMD Crash Defender Service - C:\WINDOWS\System32\amdfendrsr.exe
O23 - Service R2: AMD External Events Utility - C:\WINDOWS\System32\DriverStore\FileRepository\u0372458.inf_amd64_f3ea25a6aa6555b8\B372420\atiesrxx.exe
O23 - Service R2: AVG Antivirus - C:\Program Files\AVG\Antivirus\AVGSvc.exe /runassvc
O23 - Service R2: AVG Tools - C:\Program Files\AVG\Antivirus\avgToolsSvc.exe /runassvc
O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service R2: AvgWscReporter - C:\Program Files\AVG\Antivirus\wsc_proxy.exe /runassvc /rpcserver
O23 - Service R2: Cyberlink RichVideo64 Service(CRVS) - (RichVideo64) - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service R2: DbxSvc - C:\WINDOWS\system32\DbxSvc.exe
O23 - Service R2: Gaming Services - (GamingServices) - C:\Program Files\WindowsApps\Microsoft.GamingServices_6.69.19001.0_x64__8wekyb3d8bbwe\GamingServices.exe
O23 - Service R2: Gaming Services - (GamingServicesNet) - C:\Program Files\WindowsApps\Microsoft.GamingServices_6.69.19001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
O23 - Service R2: HP App Helper HSA Service - (HPAppHelperCap) - C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe
O23 - Service R2: HP Diagnostics HSA Service - (HPDiagsCap) - C:\Program Files\HP\HP Enabling Services\DiagsCap.exe
O23 - Service R2: HP Network HSA Service - (HPNetworkCap) - C:\Program Files\HP\HP Enabling Services\NetworkCap.exe
O23 - Service R2: HP Print Scan Doctor Service - (HPPrintScanDoctorService) - C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
O23 - Service R2: HP Support Solutions Framework Service - (HPSupportSolutionsFrameworkService) - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service R2: HP System Info HSA Service - (HPSysInfoCap) - C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe
O23 - Service R2: MySQL80 - C:\Program Files\MySQL\MySQL Server 8.0\bin\mysqld.exe --defaults-file="C:\ProgramData\MySQL\MySQL Server 8.0\my.ini" MySQL80
O23 - Service R2: Realtek Audio Service - (RtkAudioService) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service R2: RunSwUSB - C:\Windows\runSW.exe
O23 - Service R2: SAMSUNG Mobile Connectivity Service - (ss_conn_service) - C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
O23 - Service R2: Servizio A portata di clic di Microsoft Office - (ClickToRunSvc) - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe /service
O23 - Service R3: avgbIDSAgent - C:\Program Files\AVG\Antivirus\aswidsagent.exe
O23 - Service S2: GameInput Service - C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe
O23 - Service S2: HP Touchpoint Analytics - (HPTouchpointAnalyticsService) - C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
O23 - Service S2: Intel(R) Common Connectivity Framework - (STCServ) - C:\Program Files\Intel\STCServ\STCServ.exe
O23 - Service S2: Servizio AVG Browser Update (avg) - (avg) - C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe /svc (file missing)
O23 - Service S2: Servizio Aggiornamento Dropbox (dbupdate) - (dbupdate) - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /svc
O23 - Service S2: Servizio Aggiornamento Microsoft Edge (edgeupdate) - (edgeupdate) - C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /svc
O23 - Service S2: Servizio Google Update (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\105.0.5195.127\elevation_service.exe
O23 - Service S3: HP Software Framework Service - (hpqwmiex) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service S3: Microsoft Edge Elevation Service (MicrosoftEdgeElevationService) - (MicrosoftEdgeElevationService) - C:\Program Files (x86)\Microsoft\Edge\Application\105.0.1343.53\elevation_service.exe
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service S3: Office 64 Source Engine - (ose64) - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
O23 - Service S3: ProtonVPN Service - C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe
O23 - Service S3: ProtonVPN Update Service - C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe
O23 - Service S3: Servizio AVG Browser Update (avgm) - (avgm) - C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe /medsvc (file missing)
O23 - Service S3: Servizio Aggiornamento Dropbox (dbupdatem) - (dbupdatem) - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /medsvc
O23 - Service S3: Servizio Aggiornamento Microsoft Edge (edgeupdatem) - (edgeupdatem) - C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /medsvc
O23 - Service S3: Servizio Google Update (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Visual Studio Standard Collector Service 150 - (VSStandardCollectorService150) - C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe

Toglierei i 015

VIANELLO_85 ha scritto:

Toglierei i 015

Clicca per espandere...

Grazie mille provvedo subito a toglierli. Volevo sapere esiste un modo per controllare il log anche su un pc con Ubuntu?

Non saprei

Ciao a tutti sono nuovo del forum, vorrei che qualcuno di buon cuore mi controllasse il log di Hijackthis di seguito. Grazie mille a chi mi rispondera
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 12:35:27, on 21/10/2022
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.19041.1566)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe
C:\Program Files (x86)\AnyDesk\AnyDesk.exe
C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe
C:\Users\danib\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\106.0.1370.52\BHO\ie_to_edge_bho.dll
O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
O4 - HKLM\..\Run: [BrotherSoftwareUpdateNotification] C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe /Autorun
O4 - HKCU\..\Run: [OneDrive] "C:\Users\danib\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [MicrosoftEdgeAutoLaunch_F69FE395FC93567DED0F3CAB194A0919] "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_DDCD80460B6BA5859C183779CD79B5D1] "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
O4 - Global Startup: AnyDesk.lnk = C:\Program Files (x86)\AnyDesk\AnyDesk.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{7949634d-71cd-4c5b-8055-3b77b2da08d7}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: adaware antivirus service (adawareantivirusservice) - Unknown owner - C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.10.234.0\AdAwareService.exe
O23 - Service: adaware antivirus wsc service (adawareantiviruswscservice) - Unknown owner - C:\Program Files\adaware\adaware antivirus\elam\3.0.0.0\AdAwareWSCService.exe
O23 - Service: Adobe Genuine Monitor Service (AGMService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AnyDesk Service (AnyDesk) - AnyDesk Software GmbH - C:\Program Files (x86)\AnyDesk\AnyDesk.exe
O23 - Service: Avira Fallback Updater (AviraFallbackUpdater) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Fallback Updater\Avira.Spotlight.FallbackUpdater.exe
O23 - Service: Avira Optimizer Host (AviraOptimizerHost) - Avira Operations GmbH - C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
O23 - Service: Avira Phantom VPN (AviraPhantomVPN) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
O23 - Service: Avira Security (AviraSecurity) - Avira Operations GmbH - C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
O23 - Service: Avira Security Updater (AviraSecurityUpdater) - Avira Operations GmbH - C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_8acfe - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: Wondershare WSID help (DFWSIDService) - wondershare - C:\Program Files (x86)\Wondershare\Dr.Fone\WsidService.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Wondershare Driver Install Service help (ElevationService) - Unknown owner - C:\Program Files (x86)\Wondershare\dr.fone\Addins\SocialApps\ElevationService.exe (file missing)
O23 - Service: Endpoint Protection Service (EndpointProtectionService) - Avira Operations Gmb - C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe
O23 - Service: Endpoint Protection Secondary Service (EndpointProtectionService2) - Avira Operations Gmb - C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) (GoogleChromeElevationService) - Google LLC - C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
O23 - Service: Servizio Google Update (gupdate) (gupdate) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Servizio Google Update (gupdatem) (gupdatem) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer - TeamViewer Germany GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wondershare Install Assist Service (Wondershare InstallAssist) - Wondershare - C:\ProgramData\Wondershare\Service\InstallAssistService.exe
O23 - Service: Wondershare Driver Install Service (WsDrvInst) - Unknown owner - C:\Program Files (x86)\Wondershare\Dr.Fone\Addins\SocialApps\DriverInstall.exe (file missing)
O23 - Service: Wacom Professional Service (WTabletServicePro) - Wacom Co. Ltd. - C:\Program Files\Tablet\Wacom\WTabletServicePro.exe

--
End of file - 11369 bytes

Hai riscontrato problemi o solo verifica?

VIANELLO_85 ha scritto:

Hai riscontrato problemi o solo verifica?

Clicca per espandere...

Sono stato bannato da Facebook e Instagram, ho fatto scansione antivirus e ne ho trovati alcuni e mi volevi assicurare che non ci sia altro

Ok

Non mi sembra di vedere niente di irregolare.

Ti consiglio, le volte future di usare l'ultima versione del programma di log, che trovi al primo post

Ok va bene, grazie mille

C'è qualcosa di strano? ecco il log
come faccio a scansionare tutti i drive? mi fa solo C: a quanto pare

Logfile of HiJackThis Fork by Alex Dragokas v.2.10.0.23

Platform: x64 Windows 11 (Home), 10.0.22621.819 (ReleaseId: 2009, 22H2), Service Pack: 0
Time: 21.11.2022 - 20:27 (UTC+01:00)
Language: OS: Italian (0x410). Display: Italian (0x410). Non-Unicode: Italian (0x410)
Memory: 3931 MiB Free (52 %). CPU Loading: (1 %)
Elevated: Yes
Ran by: Lorenzo (group: Administrators) on DESKTOP-K11V5FN, FirstRun: yes

Chrome: 107.0.5304.107
Internet Explorer: 11.0.22621.1
Default: "C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
1 C:\Program Files (x86)\Common Files\Steam\steamservice.exe
1 C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
1 C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
1 C:\Program Files (x86)\Lenovo\Lenovo Calliope USB Keyboard\SklFundKb.exe
1 C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoBoostSystemAddin).exe
1 C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(SmartInteractAddin).exe
1 C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(VantageCoreAddin).exe
1 C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe
6 C:\Program Files (x86)\Microsoft\EdgeWebView\Application\107.0.1418.52\msedgewebview2.exe
7 C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
1 C:\Program Files (x86)\Steam\steam.exe
8 C:\Program Files\Google\Chrome\Application\chrome.exe
1 C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
1 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxTsr.exe
1 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22092.211.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
1 C:\Program Files\WindowsApps\MicrosoftTeams_22287.702.1670.9453_x64__8wekyb3d8bbwe\msteams.exe
1 C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.765.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCopyAccelerator.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\NisSrv.exe
1 C:\Users\Lorenzo\Desktop\HiJackThis\HiJackThis.exe
1 C:\Windows\explorer.exe
1 C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
1 C:\Windows\System32\AggregatorHost.exe
1 C:\Windows\System32\amdfendrsr.exe
1 C:\Windows\System32\audiodg.exe
1 C:\Windows\System32\cmd.exe
2 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
2 C:\Windows\System32\dasHost.exe
1 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
1 C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_3de4831720bb2934\RstMwService.exe
1 C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
1 C:\Windows\System32\DriverStore\FileRepository\piecomponent.inf_amd64_9bc8a839c751c49e\Intel_PIE_Service.exe
2 C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3d19142d5a057a7c\RtkAudUService64.exe
1 C:\Windows\System32\DriverStore\FileRepository\u0384991.inf_amd64_ec94cf5fef2223e7\B384893\atieclxx.exe
1 C:\Windows\System32\DriverStore\FileRepository\u0384991.inf_amd64_ec94cf5fef2223e7\B384893\atiesrxx.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\LsaIso.exe
1 C:\Windows\System32\lsass.exe
5 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SecurityHealthSystray.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\Sgrm\SgrmBroker.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
88 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhostw.exe
2 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\System32\wlanext.exe
2 C:\Windows\System32\WUDFHost.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe
1 D:\Program Files\CNext\CNext\amdow.exe
1 D:\Program Files\CNext\CNext\AMDRSServ.exe
1 D:\Program Files\CNext\CNext\cncmd.exe
1 D:\Program Files\CNext\CNext\RadeonSoftware.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Default_Page_URL] = http://lenovo17win10.msn.com/?pc=LCTE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = http://lenovo17win10.msn.com/?pc=LCTE
O4 - HKCU\..\Run: [AMDNoiseSuppression] = C:\WINDOWS\system32\AMD\ANR\AMDNoiseSuppression.exe (file missing)
O4 - HKCU\..\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent
O4 - HKCU\..\StartupApproved\Run: [Discord] = C:\Users\Lorenzo\AppData\Local\Discord\Update.exe --processStart Discord.exe (2022/10/26)
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_BC68B7E3A3FF3A05DABA32118914F06A] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start /prefetch:5 (2022/08/07)
O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Users\Lorenzo\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (2021/08/05)
O4 - HKLM\..\Run: [Lenovo Fundamental USB Keyboard] = C:\Program Files (x86)\Lenovo\Lenovo Calliope USB Keyboard\SklFundKb.exe
O4 - HKLM\..\Run: [RtkAudUService] = C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3d19142d5a057a7c\RtkAudUService64.exe -background
O4 - HKU\S-1-5-19\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (Microsoft) (User 'Local service')
O4 - HKU\S-1-5-19\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade (User 'Local service')
O4 - HKU\S-1-5-20\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (Microsoft) (User 'Network service')
O4 - HKU\S-1-5-20\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade (User 'Network service')
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\E&xport to Microsoft Excel: (default) = C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE (file missing)
O10 - Unknown file in Winsock LSP: C:\WINDOWS\system32\nlansp_c.dll
O17 - DHCP DNS 1: 192.168.1.1
O22 - BITS Job: (download) {DC1DD82E-778C-452E-8DBC-54FF596D4F82} - http://edgedl.me.gvt1.com/edgedl/de...7110832bd84638211d90ea73ec753785afbd56fb.crxd -> C:\Users\Lorenzo\AppData\Local\Temp\chrome_BITS_14408_631067631\db33d6e9682755909a645a197110832bd84638211d90ea73ec753785afbd56fb.crxd
O22 - BITS Job: Fix all (including legit)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Intel (empty)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\McAfee (empty)
O22 - Tasks: (damaged) \Lenovo\ImController\TimeBasedEvents\23295378-7e2d-4b54-be89-9ed4a489388f - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger 23295378-7e2d-4b54-be89-9ed4a489388f (user missing)
O22 - Tasks: (damaged) \Lenovo\ImController\TimeBasedEvents\4b50eaee-07d5-4e07-9860-884a96aff2df - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger 4b50eaee-07d5-4e07-9860-884a96aff2df (user missing)
O22 - Tasks: (damaged) \Lenovo\ImController\TimeBasedEvents\90a3b666-7d45-43a9-941c-086ea0d7c941 - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger 90a3b666-7d45-43a9-941c-086ea0d7c941 (user missing)
O22 - Tasks: (damaged) \Lenovo\ImController\TimeBasedEvents\a7f3d603-c32f-4fa5-ae55-25481a80807e - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger a7f3d603-c32f-4fa5-ae55-25481a80807e (user missing)
O22 - Tasks: (disabled) \Agent Activation Runtime\S-1-5-21-1755012876-133732241-365190357-1002 - C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\MdmDiagnosticsCleanup - C:\WINDOWS\system32\MdmDiagnosticsTool.exe /clean (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Printing\PrintJobCleanupTask - {8ABCE260-32B6-476C-AE13-B34D0C91292D} - C:\Windows\System32\PrinterCleanupTask.dll (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Shell\ThemeAssetTask_SyncFODState - {3BC5DD7D-EA3B-428C-B9B6-0723DB6A1057} - C:\Windows\System32\Windows.UI.Immersive.dll (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\WINDOWS\system32\MusNotification.exe /RunOnAC RebootDialog (file missing)
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\WINDOWS\system32\MusNotification.exe /RunOnBattery RebootDialog (file missing)
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\WINDOWS\system32\usoclient.exe StartWork (Microsoft)
O22 - Tasks: (telemetry) \Lenovo\Vantage\Schedule\DailyTelemetryTransmission - C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe DailyTelemetryTransmission
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\WINDOWS\system32\sc.exe start InventorySvc
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\SdbinstMergeDbTask - C:\WINDOWS\system32\sdbinst.exe -mm (Microsoft)
O22 - Tasks: \HP\HP Print Scan Doctor\Printer Health Monitor - C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe
O22 - Tasks: \HP\HP Print Scan Doctor\Printer Health Monitor Logon - C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe
O22 - Tasks: \Lenovo\BatteryGauge\BatteryGaugeMaintenance - C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe
O22 - Tasks: \Lenovo\ImController\Lenovo iM Controller Monitor - C:\WINDOWS\system32\ImController.InfInstaller.exe -checkremoval
O22 - Tasks: \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance - C:\WINDOWS\system32\sc.exe START ImControllerService
O22 - Tasks: \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask - C:\WINDOWS\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
O22 - Tasks: \Lenovo\ImController\TimeBasedEvents\23295378-7e2d-4b54-be89-9ed4a489388f - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger 23295378-7e2d-4b54-be89-9ed4a489388f
O22 - Tasks: \Lenovo\ImController\TimeBasedEvents\4b50eaee-07d5-4e07-9860-884a96aff2df - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger 4b50eaee-07d5-4e07-9860-884a96aff2df
O22 - Tasks: \Lenovo\ImController\TimeBasedEvents\90a3b666-7d45-43a9-941c-086ea0d7c941 - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger 90a3b666-7d45-43a9-941c-086ea0d7c941
O22 - Tasks: \Lenovo\ImController\TimeBasedEvents\a7f3d603-c32f-4fa5-ae55-25481a80807e - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger a7f3d603-c32f-4fa5-ae55-25481a80807e
O22 - Tasks: \Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance - C:\WINDOWS\system32\sc.exe start LenovoVantageService
O22 - Tasks: \Lenovo\Vantage\Schedule\GenericMessagingAddin - C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe GenericMessagingAddin
O22 - Tasks: \Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask - C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe HeartbeatAddinDailyScheduleTask
O22 - Tasks: \Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport - C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe Lenovo.Vantage.SmartPerformance.MonthlyReport
O22 - Tasks: \Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.SScan - C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe Lenovo.Vantage.SmartPerformance.SScan
O22 - Tasks: \Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask - C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe LenovoCompanionAppAddinDailyScheduleTask
O22 - Tasks: \Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask - C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe LenovoSystemUpdateAddin_WeeklyTask
O22 - Tasks: \Microsoft\Windows\CloudRestore\Restore - {B4BCFA6F-948D-46B8-BF27-E8B1117E23B3} - C:\WINDOWS\system32\CloudRestoreLauncher.dll (Microsoft)
O22 - Tasks: \Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - C:\WINDOWS\System32\MbaeParserTask.exe (file missing)
O22 - Tasks: \Microsoft\Windows\PI\SecureBootEncodeUEFI - C:\WINDOWS\system32\SecureBootEncodeUEFI.exe (Microsoft)
O22 - Tasks: \Microsoft\Windows\Security\Pwdless\IntelligentPwdlessTask - {8702A841-D5CA-47C3-812D-9CEDC304C200} - C:\WINDOWS\system32\IntelligentPwdlessTask.dll (Microsoft)
O22 - Tasks: \Microsoft\Windows\SMB\UninstallSMB1ClientTask - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Client"
O22 - Tasks: \Microsoft\Windows\SMB\UninstallSMB1ServerTask - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Server"
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\StartOobeAppsScan_LicenseAccepted - C:\WINDOWS\system32\usoclient.exe StartOobeAppsScan (Microsoft)
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\WINDOWS\system32\MusNotification.exe (file missing)
O22 - Tasks: \Microsoft\Windows\WindowsBackup\AutomaticBackup - C:\WINDOWS\system32\rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup (Microsoft)
O22 - Tasks: \Microsoft\Windows\WindowsUpdate\RUXIM\RUXIMDisplay - C:\Program Files\ruxim\ruximics.exe /nonetwork (file missing)
O22 - Tasks: \Microsoft\Windows\WindowsUpdate\RUXIM\RUXIMSync - C:\Program Files\ruxim\ruximics.exe /onlyloadcampaigns (file missing)
O22 - Tasks: \Microsoft\Windows\WlanSvc\MoProfileManagement - {085EDA12-CF4A-4944-8222-8ADCADE137CB} - C:\Windows\System32\WlanMediaManager.dll (Microsoft)
O22 - Tasks: AMDInstallLauncher - D:\Program Files\CIM\Bin64\InstallManagerApp.exe /InstallAUEP
O22 - Tasks: AMDLinkUpdate - D:\Program Files\CIM\Bin64\InstallManagerApp.exe -AMDLinkUpdate
O22 - Tasks: GoogleUpdateTaskMachineCore{1175AE5B-4AE0-48F1-A74B-6AAA195EBCE0} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Tasks: GoogleUpdateTaskMachineUA{DAB3263D-3160-446A-A730-1C25A9B47B0B} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Tasks: ModifyLinkUpdate - D:\Program Files\CIM\Bin64\InstallManagerApp.exe -UpdateCurrentUser
O22 - Tasks: OneDrive Reporting Task-S-1-5-21-1755012876-133732241-365190357-1002 - C:\Users\Lorenzo\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting
O22 - Tasks_Migrated: (damaged) \Lenovo\ImController\TimeBasedEvents\29040912-0283-48e9-8e86-a73fe0f107ee - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger 29040912-0283-48e9-8e86-a73fe0f107ee (user missing)
O22 - Tasks_Migrated: (damaged) \Lenovo\ImController\TimeBasedEvents\6262e335-7fa2-448c-9f1e-feaec3736f7a - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger 6262e335-7fa2-448c-9f1e-feaec3736f7a (user missing)
O22 - Tasks_Migrated: (damaged) \Lenovo\ImController\TimeBasedEvents\6874dd8d-fce5-4e7c-8d61-66f8d478310f - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger 6874dd8d-fce5-4e7c-8d61-66f8d478310f (user missing)
O22 - Tasks_Migrated: (damaged) \Lenovo\ImController\TimeBasedEvents\f81adea4-4df3-4ced-aacf-20bc30034ffb - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger f81adea4-4df3-4ced-aacf-20bc30034ffb (user missing)
O22 - Tasks_Migrated: (disabled) \Agent Activation Runtime\S-1-5-21-1755012876-133732241-365190357-1002 - C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (Microsoft)
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (Microsoft)
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Provisioning\MdmDiagnosticsCleanup - C:\WINDOWS\system32\MdmDiagnosticsTool.exe /clean (Microsoft)
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Tasks_Migrated: (telemetry) \Lenovo\Vantage\Schedule\DailyTelemetryTransmission - C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe DailyTelemetryTransmission
O22 - Tasks_Migrated: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Tasks_Migrated: \HP\HP Print Scan Doctor\Printer Health Monitor - C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe
O22 - Tasks_Migrated: \HP\HP Print Scan Doctor\Printer Health Monitor Logon - C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe
O22 - Tasks_Migrated: \Lenovo\BatteryGauge\BatteryGaugeMaintenance - C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe
O22 - Tasks_Migrated: \Lenovo\ImController\Lenovo iM Controller Monitor - C:\WINDOWS\system32\ImController.InfInstaller.exe -checkremoval
O22 - Tasks_Migrated: \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance - C:\WINDOWS\system32\sc.exe START ImControllerService
O22 - Tasks_Migrated: \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask - C:\WINDOWS\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
O22 - Tasks_Migrated: \Lenovo\ImController\TimeBasedEvents\29040912-0283-48e9-8e86-a73fe0f107ee - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger 29040912-0283-48e9-8e86-a73fe0f107ee
O22 - Tasks_Migrated: \Lenovo\ImController\TimeBasedEvents\6262e335-7fa2-448c-9f1e-feaec3736f7a - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger 6262e335-7fa2-448c-9f1e-feaec3736f7a
O22 - Tasks_Migrated: \Lenovo\ImController\TimeBasedEvents\6874dd8d-fce5-4e7c-8d61-66f8d478310f - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger 6874dd8d-fce5-4e7c-8d61-66f8d478310f
O22 - Tasks_Migrated: \Lenovo\ImController\TimeBasedEvents\f81adea4-4df3-4ced-aacf-20bc30034ffb - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger f81adea4-4df3-4ced-aacf-20bc30034ffb
O22 - Tasks_Migrated: \Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance - C:\WINDOWS\system32\sc.exe start LenovoVantageService
O22 - Tasks_Migrated: \Lenovo\Vantage\Schedule\GenericMessagingAddin - C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe GenericMessagingAddin
O22 - Tasks_Migrated: \Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask - C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe HeartbeatAddinDailyScheduleTask
O22 - Tasks_Migrated: \Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport - C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe Lenovo.Vantage.SmartPerformance.MonthlyReport
O22 - Tasks_Migrated: \Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.SScan - C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe Lenovo.Vantage.SmartPerformance.SScan
O22 - Tasks_Migrated: \Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask - C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe LenovoCompanionAppAddinDailyScheduleTask
O22 - Tasks_Migrated: \Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask - C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe LenovoSystemUpdateAddin_WeeklyTask
O22 - Tasks_Migrated: \Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - C:\WINDOWS\System32\MbaeParserTask.exe (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\SMB\UninstallSMB1ClientTask - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Client"
O22 - Tasks_Migrated: \Microsoft\Windows\SMB\UninstallSMB1ServerTask - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Server"
O22 - Tasks_Migrated: \Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance - C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Windows Defender\Windows Defender Cleanup - C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe -IdleTask -TaskName WdCleanup (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan - C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe Scan -ScheduleJob -ScanTrigger 55 -IdleScheduledJob (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Windows Defender\Windows Defender Verification - C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe -IdleTask -TaskName WdVerification (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\WindowsBackup\AutomaticBackup - C:\WINDOWS\system32\rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup (Microsoft)
O22 - Tasks_Migrated: \Microsoft\Windows\WindowsUpdate\RUXIM\RUXIMDisplay - C:\Program Files\ruxim\ruximics.exe /nonetwork (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\WindowsUpdate\RUXIM\RUXIMSync - C:\Program Files\ruxim\ruximics.exe /onlyloadcampaigns (file missing)
O22 - Tasks_Migrated: AMDInstallLauncher - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe /InstallAUEP (file missing)
O22 - Tasks_Migrated: AMDLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -AMDLinkUpdate (file missing)
O22 - Tasks_Migrated: GoogleUpdateTaskMachineCore{1175AE5B-4AE0-48F1-A74B-6AAA195EBCE0} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Tasks_Migrated: GoogleUpdateTaskMachineUA{DAB3263D-3160-446A-A730-1C25A9B47B0B} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Tasks_Migrated: ModifyLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -UpdateCurrentUser (file missing)
O22 - Tasks_Migrated: OneDrive Reporting Task-S-1-5-21-1755012876-133732241-365190357-1002 - C:\Users\Lorenzo\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting
O23 - Service R2: AMD Crash Defender Service - C:\WINDOWS\System32\amdfendrsr.exe
O23 - Service R2: AMD External Events Utility - C:\WINDOWS\System32\DriverStore\FileRepository\u0384991.inf_amd64_ec94cf5fef2223e7\B384893\atiesrxx.exe
O23 - Service R2: HP Print Scan Doctor Service - (HPPrintScanDoctorService) - C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
O23 - Service R2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
O23 - Service R2: Intel(R) Management Engine WMI Provider Registration - (WMIRegistrationService) - C:\WINDOWS\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
O23 - Service R2: Intel(R) Storage Middleware Service - (RstMwService) - C:\WINDOWS\System32\DriverStore\FileRepository\iaahcic.inf_amd64_3de4831720bb2934\RstMwService.exe
O23 - Service R2: LenovoVantageService - C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe
O23 - Service R2: Realtek Audio Universal Service - (RtkAudioUniversalService) - C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3d19142d5a057a7c\RtkAudUService64.exe
O23 - Service R2: System Interface Foundation Service - (ImControllerService) - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
O23 - Service R3: Intel® PROSet/Wireless Service - (PIEServiceNew) - C:\Windows\System32\DriverStore\FileRepository\piecomponent.inf_amd64_9bc8a839c751c49e\Intel_PIE_Service.exe
O23 - Service R3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\steamservice.exe /RunAsService
O23 - Service S2: Intel(R) TPM Provisioning Service - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_e936ad8266d026ce\lib\TPMProvisioningService.exe
O23 - Service S2: Servizio Google Update (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: EABackgroundService - D:\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe -start
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\107.0.5304.107\elevation_service.exe
O23 - Service S3: Intel(R) Capability Licensing Service TCP IP Interface - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_e936ad8266d026ce\lib\SocketHeciServer.exe
O23 - Service S3: Intel(R) Optane(TM) Memory Service - (iaStorAfsService) - C:\WINDOWS\System32\iaStorAfsService.exe
O23 - Service S3: Office 64 Source Engine - (ose64) - c:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
O23 - Service S3: Servizio Google Update (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc


--
End of file - Time spent: 13,6 sec. - 57450 bytes, CRC32: FFFFFFFF. Sign: 끱䊿

Che problemi riscontri?
Mi sembra ok, noti qualche problema al pc?

VIANELLO_85 ha scritto:

Che problemi riscontri?
Mi sembra ok, noti qualche problema al pc?

Clicca per espandere...

grazie per la risposta...
Avevo prestato il pc a mio nipote e ho visto un pò di files strani scaricati che neanche si aprivano, li ho scansionati ma non li rilevava come virus (windows defender)
prontamente eliminati anche la cronologia di chrome c'erano siti strani
ho solo notato dei problemi di rallentamento del pc che ora non ci sono

Non prestare più il Pc

meglio di no...
mi consigli un buon antivirus free

Con Win 11 direi che puoi usare il suo.

Purtroppo con Win 10 e 11, a volte gli antivirus di terze parti possono provocare qualche problemino

Passa nel 3d di Win 11

https://www.digital-forum.it/showthread.php?210418-Discussione-su-Windows-11

Ciao Ragazzi, allego il log.
Il problema del PC + lo schermo o la scheda video o la ventola.
Grazie
Logfile of HiJackThis Fork by Alex Dragokas v.2.10.0.23


Platform: x64 Windows 10 (Home), 10.0.19045.2311 (ReleaseId: 2009, 22H2), Service Pack: 0
Time: 03.12.2022 - 12:53 (UTC+01:00)
Language: OS: Italian (0x410). Display: Italian (0x410). Non-Unicode: Italian (0x410)
Memory: 6223 MiB Free (25 %). CPU Loading: (2 %)
Elevated: Yes
Ran by: mzigg (group: Administrators) on DESKTOP-7EFKNNC, FirstRun: yes


Internet Explorer: 11.0.19041.1566
Default: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument %1 (Microsoft Edge)


Boot mode: Safe mode with network support


Running processes:
Number | Path
9 C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe
1 C:\Users\mzigg\AppData\Local\Temp\BF475230-7C38-4DC3-A5D0-87061EB03233\DismHost.exe
1 C:\Users\mzigg\Desktop\HiJackThis.exe
1 C:\Windows\explorer.exe
1 C:\Windows\HelpPane.exe
1 C:\Windows\servicing\TrustedInstaller.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
1 C:\Windows\System32\cleanmgr.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
2 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\lsass.exe
4 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
28 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
1 C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.2300_none_7e14edbc7c88b7d5\TiWorker.exe


O4 - HKCU\..\StartupApproved\Run: [GoogleDriveFS] = C:\Program Files\Google\Drive File Stream\67.0.2.0\GoogleDriveFS.exe --startup_mode (2022/12/01)
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_6F1C606BF520E49A9738B9FB689C9285] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start /prefetch:5 (2022/12/01)
O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Users\mzigg\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (2022/12/02)
O4 - HKLM\..\StartupApproved\Run: [RtHDVBg_Dolby] = C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 (2022/12/01)
O4 - HKLM\..\StartupApproved\Run: [RtHDVCpl] = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s (2022/12/01)
O4 - HKU\S-1-5-18\..\Run: [GoogleDriveFS] = C:\Program Files\Google\Drive File Stream\67.0.2.0\GoogleDriveFS.exe --startup_mode (User 'LocalSystem')
O4 - HKU\S-1-5-19\..\Run: [GoogleDriveFS] = C:\Program Files\Google\Drive File Stream\67.0.2.0\GoogleDriveFS.exe --startup_mode (User 'Local service')
O4 - HKU\S-1-5-20\..\Run: [GoogleDriveFS] = C:\Program Files\Google\Drive File Stream\67.0.2.0\GoogleDriveFS.exe --startup_mode (User 'Network service')
O4-32 - HKLM\..\Run: [HP Software Update] = C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O7 - KnownFolder: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders, Personal = C:\Users\mzigg\Documents
O9 - Button: HKLM\..\{22CC3EBD-C286-43aa-B8E6-06B115F74162}: HP Smart Print - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Tools menu item: HKLM\..\{22CC3EBD-C286-43aa-B8E6-06B115F74162}: HP Smart Print - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9-32 - Button: HKLM\..\{22CC3EBD-C286-43aa-B8E6-06B115F74162}: HP Smart Print - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9-32 - Tools menu item: HKLM\..\{22CC3EBD-C286-43aa-B8E6-06B115F74162}: HP Smart Print - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O17 - DHCP DNS 1: 192.168.1.1
O21 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files\Google\Drive File Stream\67.0.2.0\drivefsext.dll
O22 - Task (.job): (disabled) (Not scheduled) CreateExplorerShellUnelevatedTask.job - C:\WINDOWS\explorer.exe
O22 - Tasks: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\WINDOWS\system32\MusNotification.exe /RunOnAC EngagedRebootReminder (Microsoft)
O22 - Tasks: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\WINDOWS\system32\MusNotification.exe /RunOnBattery EngagedRebootReminder (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\WINDOWS\system32\usoclient.exe StartWork (Microsoft)
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Tasks: \Microsoft\Windows\Defrag\ScheduledDefrag - C:\WINDOWS\system32\defrag.exe \\?\Volume{6ec7ed66-0000-0000-0080-000000000000}\ -e -h -o -$ (Microsoft)
O22 - Tasks: \Microsoft\Windows\SMB\UninstallSMB1ClientTask - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Client"
O22 - Tasks: \Microsoft\Windows\SMB\UninstallSMB1ServerTask - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Server"
O22 - Tasks: Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O22 - Tasks: GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Tasks: GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Tasks: Intel PTT EK Recertification - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe
O22 - Tasks: OneDrive Reporting Task-S-1-5-21-1034405051-2081940735-2702514897-1001 - C:\Users\mzigg\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting
O23 - Service S2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
O23 - Service S2: Intel(R) Management Engine WMI Provider Registration - (WMIRegistrationService) - C:\WINDOWS\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
O23 - Service S2: Intel(R) TPM Provisioning Service - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\TPMProvisioningService.exe
O23 - Service S2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
O23 - Service S3: Intel(R) Capability Licensing Service TCP IP Interface - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\SocketHeciServer.exe




--
End of file - Time spent: 136,2 sec. - 17372 bytes, CRC32: FFFFFFFF. Sign: ⠦馘