Un controllo.
Grazie
Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18
Platform: x64 Windows 10 (Home), 10.0.18362.295 (ReleaseId: 1903), Service Pack: 0
Time: 27.08.2019 - 16:25 (UTC+02:00)
Language: OS: Italian (0x410). Display: Italian (0x410). Non-Unicode: Italian (0x410)
Elevated: Yes
Ran by: Crotone1 (group: Administrator) on CROTONE1-PC, FirstRun: yes
Chrome: 76.0.3809.100
Firefox: 68.0.2.7164
Edge: 11.0.18362.267
Internet Explorer: 11.0.18362.1
Default: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Firefox)
Boot mode: Normal
Running processes:
Number | Path
1 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
1 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
1 C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
1 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
1 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
1 C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
8 C:\Program Files (x86)\Mozilla Firefox\firefox.exe
1 C:\Program Files (x86)\Nero\Update\NASvc.exe
1 C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe
1 C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
1 C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe
1 C:\Program Files\AVAST Software\Avast\AvastSvc.exe
1 C:\Program Files\AVAST Software\Avast\AvastUI.exe
1 C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
1 C:\Program Files\AVAST Software\Avast\aswidsagent.exe
1 C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
1 C:\Program Files\Intel\iCLS Client\HeciServer.exe
1 C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
1 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
1 C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
1 C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
1 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
1 C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
1 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
1 C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
1 C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
1 C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
1 C:\Program Files\TOSHIBA\Teco\TecoResident.exe
1 C:\Program Files\TOSHIBA\Teco\TecoService.exe
1 C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeApp.exe
1 C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
1 C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19051.16210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
1 C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1906.53.0_x64__8wekyb3d8bbwe\Calculator.exe
1 C:\Program Files\WindowsApps\Microsoft.WindowsStore_11906.1001.24.0_x64__8wekyb3d8bbwe\WinStore.App.exe
1 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19071.901.0_x64__8wekyb3d8bbwe\YourPhone.exe
1 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe\HxOutlook.exe
1 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe\HxTsr.exe
1 C:\Users\Crotone1\AppData\Local\Facebook\Update\FacebookUpdate.exe
1 C:\Users\Crotone1\Desktop\HiJackThis.exe
1 C:\Windows\ImmersiveControlPanel\SystemSettings.exe
1 C:\Windows\RtkBtManServ.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
8 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SecurityHealthSystray.exe
1 C:\Windows\System32\SgrmBroker.exe
1 C:\Windows\System32\TODDSrv.exe
1 C:\Windows\System32\VSSVC.exe
1 C:\Windows\System32\atieclxx.exe
1 C:\Windows\System32\atiesrxx.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
1 C:\Windows\System32\dasHost.exe
1 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\dwm.exe
1 C:\Windows\System32\escsvc64.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
73 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wbem\unsecapp.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
1 C:\Windows\explorer.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Default_Page_URL] =
http://toshiba13.msn.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] =
https://www.google.it/
O2-32 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_221\bin\jp2ssv.dll
O2-32 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_221\bin\ssv.dll
O4 - Global User Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
O4 - HKCU\..\Run: [Facebook Update] = C:\Users\Crotone1\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Users\Crotone1\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (2019/02/02)
O4 - HKCU\..\StartupApproved\Run: [Spotify Web Helper] = C:\Users\Crotone1\AppData\Roaming\Spotify\SpotifyWebHelper.exe (2019/03/27)
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] = C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
O4 - HKLM\..\Run: [AvastUI.exe] = C:\Program Files\AVAST Software\Avast\AvLaunch.exe /gui
O4 - HKLM\..\Run: [RtHDVCpl] = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
O4 - HKLM\..\Run: [SRS Premium Sound HD] = C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe /f="C:\Program Files\SRS Labs\SRS Control Panel\SRS_Premium_Sound_HD.zip" /h
O4 - HKLM\..\Run: [SecurityHealth] = C:\WINDOWS\system32\SecurityHealthSystray.exe
O4 - HKLM\..\Run: [TCrdMain] = C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
O4 - HKLM\..\Run: [TODDMain] = C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe
O4 - HKLM\..\Run: [TecoResident] = C:\Program Files\TOSHIBA\Teco\TecoResident.exe
O4 - HKLM\..\Run: [TosWaitSrv] = C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe
O4 - HKLM\..\StartupApproved\StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Image Transfer Utility.lnk -> C:\Program Files (x86)\Canon\ImageTransferUtility\ImageTransferUtility.exe (2015/08/26)
O4 - HKU\S-1-5-19\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade
O4 - HKU\S-1-5-20\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade
O4-32 - HKLM\..\Run: [Intel AppUp(SM) center] = C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
O4-32 - HKLM\..\Run: [StartCCC] = C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe MSRun
O4-32 - HKLM\..\Run: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O4-32 - HKLM\..\Run: [TPUReg] = C:\Program Files (x86)\TOSHIBA\Password Utility\TosPU.exe /Retimes
O17 - DHCP DNS 1: 192.168.1.254
O18 - HKLM\Software\Classes\Protocols\Handler\skype4com: [CLSID] = {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\00asw: avast - {472083B0-C522-11CF-8763-00608CC02F24} - C:\Program Files\AVAST Software\Avast\ashShell.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\00avast: avast - {472083B0-C522-11CF-8763-00608CC02F24} - C:\Program Files\AVAST Software\Avast\ashShell.dll
O22 - Task (.job): (Not scheduled) EPSON XP-225 Series Update {CD2A4DA0-9593-4396-B625-CD02778F6DD7}.job - C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNFE.EXE /EXE:"{CD2A4DA0-9593-4396-B625-CD02778F6DD7}" /F:"Update"
O22 - Task (.job): (Not scheduled) FacebookUpdateTaskUserS-1-5-21-3212974350-4222326917-2881284299-1001Core.job - C:\Users\Crotone1\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
O22 - Task (.job): (Not scheduled) FacebookUpdateTaskUserS-1-5-21-3212974350-4222326917-2881284299-1001UA.job - C:\Users\Crotone1\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
O22 - Task (.job): (Not scheduled) G2MUpdateTask-S-1-5-21-3212974350-4222326917-2881284299-1001.job - C:\Users\Crotone1\AppData\Local\GoToMeeting\14172\g2mupdate.exe
O22 - Task (.job): (Not scheduled) G2MUploadTask-S-1-5-21-3212974350-4222326917-2881284299-1001.job - C:\Users\Crotone1\AppData\Local\GoToMeeting\14172\g2mupload.exe
O23 - Service R2: "Realtek Bluetooth Device Manager Service" ;RtkServ - (RtkBtManServ) - C:\WINDOWS\RtkBtManServ.exe
O23 - Service R2: AMD External Events Utility - C:\WINDOWS\system32\atiesrxx.exe
O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service R2: Avast Antivirus - (avast! Antivirus) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service R2: AvastWscReporter - C:\Program Files\AVAST Software\Avast\wsc_proxy.exe /runassvc /rpcserver
O23 - Service R2: Epson Scanner Service - (EpsonScanSvc) - C:\WINDOWS\system32\EscSvc64.exe
O23 - Service R2: GFNEX Service - (GFNEXSrv) - C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe
O23 - Service R2: Intel(R) Capability Licensing Service Interface - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service R2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service R2: Intel(R) ME Service - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service R2: Intel(R) Management and Security Application Local Management Service - (LMS) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service R2: Intel(R) Management and Security Application User Notification Service - (UNS) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service R2: Machine Debug Manager - (MDM) - C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
O23 - Service R2: Nero Update - (NAUpdate) - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service R2: Realtek Audio Service - (RtkAudioService) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service R2: SynTPEnh Caller Service - (SynTPEnhService) - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service R2: TOSHIBA Optical Disc Drive Service - (TODDSrv) - C:\Windows\system32\TODDSrv.exe
O23 - Service R2: TOSHIBA eco Utility Service - C:\Program Files\TOSHIBA\Teco\TecoService.exe
O23 - Service R2: TeamViewer 12 - (TeamViewer) - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service R2: Wondershare Application Framework Service - (WsAppService) - C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe
O23 - Service R3: TPCH Service - (TPCHSrv) - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service R3: aswbIDSAgent - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service S2: Servizio Google Update (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: Adobe Flash Player Update Service - (AdobeFlashPlayerUpdateSvc) - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.100\elevation_service.exe
O23 - Service S3: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service S3: Microsoft Office Diagnostics Service - (odserv) - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service S3: Servizio Google Update (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: TEMPRO Service - (TemproMonitoringService) - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service S3: TMachInfo - C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
--
End of file - Time spent: 44 sec. - 27484 bytes, CRC32: FFFFFFFF. Sign: 叅눑