Importante Richiesta controllo Logfile of HijackThis (Versione 2.10.0.31) del 06/05/2023

lucpip · 20 Novembre 2019

fatto come mi hai scritto e ora sembra a posto. questo è il report dopo aver scaricato l'ultima versione

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Platform: x64 Windows 10 (Home), 10.0.18363.476 (ReleaseId: 1909), Service Pack: 0
Time: 20.11.2019 - 22:46 (UTC+01:00)
Language: OS: Italian (0x410). Display: Italian (0x410). Non-Unicode: Italian (0x410)
Elevated: Yes
Ran by: avesc (group: Administrator) on LAPTOP-M5MCFRDR, FirstRun: yes

Chrome: 78.0.3904.108
Edge: 11.0.18362.476
Internet Explorer: 11.0.18362.1
Default: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
1 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
1 C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
1 C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
1 C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
1 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
3 C:\Program Files (x86)\Dropbox\Client\85.4.155\QtWebEngineProcess.exe
3 C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
1 C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
9 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
1 C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler.exe
1 C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler64.exe
1 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
1 C:\Program Files (x86)\HP\HP CoolSense\CoolSense.exe
1 C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
1 C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe
1 C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
1 C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
1 C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
1 C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
1 C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
1 C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
1 C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
1 C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
1 C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
1 C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe
1 C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
1 C:\Program Files\Bonjour\mDNSResponder.exe
2 C:\Program Files\Google\Drive\googledrivesync.exe
1 C:\Program Files\HPCommRecovery\HPCommRecovery.exe
1 C:\Program Files\HP\HP OfficeJet 5200 series\Bin\ScanToPCActivationApp.exe
1 C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
1 C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
1 C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
1 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
1 C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
2 C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
2 C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
1 C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
1 C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
1 C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.54.91.0_x64__kzf8qxf38zg5c\SkypeApp.exe
1 C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.54.91.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
1 C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.54.91.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
1 C:\Program Files\WindowsApps\Microsoft.WindowsStore_11911.1001.9.0_x64__8wekyb3d8bbwe\WinStore.App.exe
1 C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.34.15002.0_x64__8wekyb3d8bbwe\GameBar.exe
1 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19102.525.0_x64__8wekyb3d8bbwe\YourPhone.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1910.4-0\MsMpEng.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1910.4-0\NisSrv.exe
1 C:\Users\avesc\AppData\Local\Cisco\VideoGuardPlayer\VideoGuardMonitor\CiscoVideoGuardMonitor.exe
1 C:\Users\avesc\AppData\Local\MEGAsync\MEGAsync.exe
1 C:\Users\avesc\AppData\Local\Microsoft\OneDrive\19.192.0926.0012\FileCoAuth.exe
1 C:\Users\avesc\AppData\Local\Microsoft\OneDrive\OneDrive.exe
1 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
1 C:\Windows\RtkBtAudioServ.exe
1 C:\Windows\RtkBtManServ.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
1 C:\Windows\System32\CompPkgSrv.exe
1 C:\Windows\System32\DataExchangeHost.exe
1 C:\Windows\System32\DbxSvc.exe
1 C:\Windows\System32\DriverStore\FileRepository\ki128916.inf_amd64_3509e1eb83b83cfb\IntelCpHDCPSvc.exe
1 C:\Windows\System32\DriverStore\FileRepository\ki128916.inf_amd64_3509e1eb83b83cfb\IntelCpHeciSvc.exe
1 C:\Windows\System32\DriverStore\FileRepository\ki128916.inf_amd64_3509e1eb83b83cfb\igfxCUIService.exe
1 C:\Windows\System32\DriverStore\FileRepository\ki128916.inf_amd64_3509e1eb83b83cfb\igfxEM.exe
1 C:\Windows\System32\ETDCtrl.exe
1 C:\Windows\System32\ETDService.exe
1 C:\Windows\System32\Intel\DPTF\esif_uf.exe
1 C:\Windows\System32\MicrosoftEdgeCP.exe
1 C:\Windows\System32\MicrosoftEdgeSH.exe
9 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SecurityHealthHost.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SecurityHealthSystray.exe
1 C:\Windows\System32\SettingSyncHost.exe
1 C:\Windows\System32\SgrmBroker.exe
1 C:\Windows\System32\SystemSettingsBroker.exe
2 C:\Windows\System32\WUDFHost.exe
1 C:\Windows\System32\audiodg.exe
1 C:\Windows\System32\browser_broker.exe
1 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
1 C:\Windows\System32\dasHost.exe
1 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\rundll32.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
87 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\wbem\WmiPrvSE.exe
2 C:\Windows\System32\wbem\unsecapp.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\System32\wlanext.exe
1 C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
1 C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
1 C:\Windows\explorer.exe
1 D:\Temp\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Default_Page_URL] = http://hp17win10.msn.com/?pc=HCTE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = https://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
R0 - HKLM\Software\Microsoft\Internet Explorer\Main: [Default_Page_URL] = http://hp17win10.msn.com/?pc=HCTE
R0 - HKLM\Software\Microsoft\Internet Explorer\Main: [Start Page] = http://hp17win10.msn.com/?pc=HCTE
R4 - SearchScopes: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{19F9431D-B59E-4961-A823-A04887DDEE14}: [SuggestionsURL] = http://asp.assoc-amazon.co.uk/suggestions?q={searchTerms}&t=hp-uk1-vsb-21 - Amazon (UK) Search Suggestions
R4 - SearchScopes: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{19F9431D-B59E-4961-A823-A04887DDEE14}: [SuggestionsURL_JSON] = http://completion.amazon.co.uk/search/complete?method=completion&q={searchTerms}&search-alias=aps&client=amzn-search-suggestions/9fe582406fb5106f343a84083d78795713c12d68&mkt=3 - Amazon (UK) Search Suggestions
R4 - SearchScopes: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{19F9431D-B59E-4961-A823-A04887DDEE14}: = http://www.amazon.co.uk/s/ref=az...sec. - 52322 bytes, CRC32: FFFFFFFF. Sign: 鳥䲍

ERCOLINO · 20 Novembre 2019

Elimina tutti gli R4

lucpip · 20 Novembre 2019

Grazie Ercolino

Ryo Saeba · 24 Novembre 2019

Pc che si riavvia.... ecco il log

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Platform: x64 Windows 10 (Pro), 10.0.18363.476 (ReleaseId: 1909), Service Pack: 0
Time: 24.11.2019 - 11:12 (UTC+01:00)
Language: OS: Italian (0x410). Display: Italian (0x410). Non-Unicode: Italian (0x410)
Elevated: Yes
Ran by: Ryo (group: Administrator) on DELL, FirstRun: yes

Chrome: 60.0.3112.101
Firefox: 70.0.1.7242
Edge: 11.0.18362.476
Internet Explorer: 11.476.18362.0
Default: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Firefox)

Boot mode: Normal

Running processes:
Number | Path
1 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
1 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
1 C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
1 C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
1 C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
1 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
1 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
5 C:\Program Files (x86)\Mozilla Firefox\firefox.exe
1 C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
1 C:\Program Files (x86)\Stickies\stickies.exe
1 C:\Program Files\Dell\QuickSet\quickset.exe
1 C:\Program Files\Macrium\Common\MacriumService.exe
1 C:\Program Files\Macrium\Common\ReflectMonitor.exe
1 C:\Program Files\Macrium\Common\ReflectUI.exe
1 C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
1 C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
1 C:\Program Files\ShellFolderFix\ShellFolderFixUI.exe
1 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
1 C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
1 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
1 C:\Program Files\TrueCrypt\TrueCrypt.exe
1 C:\Program Files\WindowsApps\Microsoft.BingWeather_4.33.13094.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Weather.exe
1 C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.54.91.0_x64__kzf8qxf38zg5c\SkypeApp.exe
1 C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.54.91.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
1 C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.54.91.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
1 C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1908.0.0_x64__8wekyb3d8bbwe\Calculator.exe
1 C:\Program Files\WindowsApps\Microsoft.WindowsStore_11911.1001.9.0_x64__8wekyb3d8bbwe\WinStore.App.exe
1 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19102.525.0_x64__8wekyb3d8bbwe\YourPhone.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1910.4-0\MsMpEng.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1910.4-0\NisSrv.exe
1 C:\Users\Ryo\Desktop\HiJackThis.exe
2 C:\Windows\SysWOW64\svchost.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
1 C:\Windows\System32\BtwRSupportService.exe
1 C:\Windows\System32\LsaIso.exe
8 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchFilterHost.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\SecurityHealthHost.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SecurityHealthSystray.exe
1 C:\Windows\System32\SettingSyncHost.exe
1 C:\Windows\System32\SgrmBroker.exe
1 C:\Windows\System32\WUDFHost.exe
1 C:\Windows\System32\atieclxx.exe
1 C:\Windows\System32\atiesrxx.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
1 C:\Windows\System32\dasHost.exe
1 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\drivers\o2flash.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\rundll32.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
82 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\usocoreworker.exe
1 C:\Windows\System32\vmcompute.exe
1 C:\Windows\System32\vmms.exe
1 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
1 C:\Windows\explorer.exe
1 C:\Windows\regedit.exe

O1 - Hosts: 127.0.0.1 player.kmpmedia.net
O1 - Hosts: 127.0.0.1 rad.msn.com
O1 - Hosts: 127.0.0.1 player.kmpmedia.net
O1 - Hosts: 127.0.0.1 log.kmplayer.com
O1 - Hosts: 127.0.0.1 cdn.kmplayer.com
O1 - Hosts: 127.0.0.1 cdn.pandora.tv
O1 - Hosts.ICS: 192.168.121.97 DELL.mshome.net # 2024 11 5 22 9 45 7 833
O2 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_231\bin\jp2ssv.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_231\bin\ssv.dll
O2-32 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_231\bin\jp2ssv.dll
O2-32 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_231\bin\ssv.dll
O4 - HKCU\..\Run: [TrueCrypt] = C:\Program Files\TrueCrypt\TrueCrypt.exe /q preferences /a logon
O4 - HKCU\..\StartupApproved\Run: [AA530576E453F6888AE42896E01DCD7D04E93EBF._service_run] = D:\Programmi vari\Chrome 64\GoogleChromePortable\App\Chrome-bin\chrome.exe --type=service --user-data-dir="D:\Programmi vari\Chrome 64\GoogleChromePortable\Data\profile" /prefetch:8 (2019/11/09)
O4 - HKCU\..\StartupApproved\Run: [GUDelayStartup] = C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe -delayrun (2018/12/01)
O4 - HKCU\..\StartupApproved\Run: [NETGEARGenie] = C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe -mini -redirect (2019/11/09)
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] = C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
O4 - HKLM\..\Run: [QuickSet] = C:\Program Files\Dell\QuickSet\QuickSet.exe
O4 - HKLM\..\Run: [SecurityHealth] = C:\WINDOWS\system32\SecurityHealthSystray.exe
O4 - HKLM\..\StartupApproved\Run32: [Dell Webcam Central] = C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe /mode2 (2018/12/01)
O4 - HKLM\..\StartupApproved\StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Stickies.lnk -> C:\Program Files (x86)\Stickies\stickies.exe (1601/01/01)
O4 - HKU\S-1-5-19\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade
O4 - HKU\S-1-5-20\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade
O4 - User Startup: C:\Users\Ryo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ShellFolderFix.lnk -> C:\Program Files (x86)\ShellFolderFix\ShellFolderFixUI.exe /autostart
O4-32 - HKLM\..\Run: [GrooveMonitor] = C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
O4-32 - HKLM\..\Run: [RUSB3MON] = C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
O4-32 - HKLM\..\Run: [StartCCC] = C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe MSRun
O4-32 - HKLM\..\Run: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O16 - DPF: HKLM\..\{8AD9C840-044E-11D1-B3E9-00805F499D93}\DownloadInformation: Java Plug-in 11.231.2 [CODEBASE] = http://java.sun.com/update/1.8.0/jinstall-1_8_0_201-windows-i586.cab
O16 - DPF: HKLM\..\{CAFEEFAC-0018-0000-00201-ABCDEFFEDCBA}\DownloadInformation: (no name) [CODEBASE] = http://java.sun.com/update/1.8.0/jinstall-1_8_0_201-windows-i586.cab
O16 - DPF: HKLM\..\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\DownloadInformation: Java Plug-in 11.231.2 [CODEBASE] = http://java.sun.com/update/1.8.0/jinstall-1_8_0_201-windows-i586.cab
O16-32 - DPF: HKLM\..\{6C269571-C6D7-4818-BCA4-32A035E8C884}\DownloadInformation: Creative Software AutoUpdate [CODEBASE] = http://files.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
O16-32 - DPF: HKLM\..\{D4B68B83-8710-488B-A692-D74B50BA558E}\DownloadInformation: Creative Software AutoUpdate Support Package 2 [CODEBASE] = http://files.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
O16-32 - DPF: HKLM\..\{F6ACF75C-C32C-447B-9BEF-46B766368D29}\DownloadInformation: Creative Software AutoUpdate Support Package [CODEBASE] = http://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab
O17 - DHCP DNS 1: 208.67.222.222 (Well-known DNS: Cisco OpenDNS)
O17 - DHCP DNS 2: 208.67.220.220 (Well-known DNS: Cisco OpenDNS)
O17 - HKLM\System\CCS\Services\Tcpip\..\{7caf1b91-58b3-4bf5-b34e-a57eb2adeb5e}: [NameServer] = 208.67.220.220 (Well-known DNS: Cisco OpenDNS)
O17 - HKLM\System\CCS\Services\Tcpip\..\{7caf1b91-58b3-4bf5-b34e-a57eb2adeb5e}: [NameServer] = 208.67.222.222 (Well-known DNS: Cisco OpenDNS)
O17 - HKLM\System\CCS\Services\Tcpip\..\{bfaccd77-0baf-4feb-afad-aafbe09f5289}: [NameServer] = 208.67.220.220 (Well-known DNS: Cisco OpenDNS)
O17 - HKLM\System\CCS\Services\Tcpip\..\{bfaccd77-0baf-4feb-afad-aafbe09f5289}: [NameServer] = 208.67.222.222 (Well-known DNS: Cisco OpenDNS)
O18 - HKLM\Software\Classes\Protocols\Handler\wlpg: [CLSID] = {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O21-32 - HKLM\..\ShellExecuteHooks: [{B5A7F190-DDA6-4420-B3BA-52453494E6CD}] - Groove GFS Stub Execution Hook - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (disabled)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 1 (GFS Unread Stub): Groove Explorer Icon Overlay 1 (GFS Unread Stub) - {99FD978C-D287-4F50-827F-B2C658EDA8E7} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2 (GFS Stub): Groove Explorer Icon Overlay 2 (GFS Stub) - {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2.5 (GFS Unread Folder): Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) - {920E6DB1-9907-4370-B3A0-BAFC03D81399} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 3 (GFS Folder): Groove Explorer Icon Overlay 3 (GFS Folder) - {16F3DD56-1AF5-4347-846D-7C10C4192619} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 4 (GFS Unread Mark): Groove Explorer Icon Overlay 4 (GFS Unread Mark) - {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O22 - Task (.job): (disabled) (Not scheduled) CreateExplorerShellUnelevatedTask.job - C:\WINDOWS\explorer.exe /NOUACCHECK
O23 - Service R2: AMD External Events Utility - C:\WINDOWS\system32\atiesrxx.exe
O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service R2: AtherosSvc - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service R2: Bluetooth Driver Management Service - (BcmBtRSupport) - C:\WINDOWS\system32\BtwRSupportService.exe
O23 - Service R2: Macrium Service - (MacriumService) - C:\Program Files\Macrium\Common\MacriumService.exe
O23 - Service R2: O2FLASH - C:\WINDOWS\system32\DRIVERS\o2flash.exe
O23 - Service R2: SynTPEnh Caller Service - (SynTPEnhService) - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service S3: Adobe Flash Player Update Service - (AdobeFlashPlayerUpdateSvc) - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service S3: Microsoft Office Diagnostics Service - (odserv) - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
O23 - Service S3: Microsoft Office Groove Audit Service - C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service S3: NETGEARGenieDaemon - C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe
O23 - Service S3: NMIndexingService - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe

--
End of file - Time spent: 32,2 sec. - 26398 bytes, CRC32: FFFFFFFF. Sign: 扊⵷

ERCOLINO · 24 Novembre 2019

Indicate sempre il motivo per il quale richiedete il controllo e quindi il problema esatto che riscontrate

Inizia a togliere tutti gli 01

Cancella tutto il contenuto della cartella temp

C:Windows/temp

Cancellare cache e cookies del browser

Aggiorna Chrome

Ryo Saeba · 24 Novembre 2019

Grazie.
Avevo scritto qui https://www.digital-forum.it/showth...u-Windows-10&p=6368718&viewfull=1#post6368718

Mi sembra che il problema non sia solo di windows 10, quindi eventualmente spostate la discussione in zona pertinente...

ERCOLINO · 25 Novembre 2019

Ti ho risposto li

carontel · 25 Novembre 2019

Per favore mi controllate il log, grazie

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Platform: x64 Windows 10 (Pro), 10.0.18362.476 (ReleaseId: 1903), Service Pack: 0
Time: 25.11.2019 - 22:52 (UTC+01:00)
Language: OS: Italian (0x410). Display: Italian (0x410). Non-Unicode: Italian (0x410)
Elevated: Yes
Ran by: Utente (group: Administrator) on DESKTOP-FT2JQLB, FirstRun: yes

Chrome: 78.0.3904.108
Firefox: 16.0.1.4666
Edge: 11.0.18362.476
Internet Explorer: 11.0.18362.1
Default: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
1 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
1 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
1 C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
24 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
1 C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler.exe
1 C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler64.exe
1 C:\Program Files (x86)\Polaris Office\Office8\Binary\POSyncCenter.exe
1 C:\Program Files (x86)\Polaris Office\Office8\Binary\PSNoticeChecker.exe
1 C:\Program Files (x86)\Polaris Office\Office8\Binary\PViewManager.exe
1 C:\Program Files (x86)\WinZip\WZQKPICK.EXE
1 C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.54.91.0_x64__kzf8qxf38zg5c\SkypeApp.exe
1 C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.54.91.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
1 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19102.525.0_x64__8wekyb3d8bbwe\YourPhone.exe
1 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12228.20206.0_x64__8wekyb3d8bbwe\HxAccounts.exe
1 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12228.20206.0_x64__8wekyb3d8bbwe\HxOutlook.exe
1 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12228.20206.0_x64__8wekyb3d8bbwe\HxTsr.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1910.4-0\MsMpEng.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1910.4-0\NisSrv.exe
1 C:\Users\Utente\AppData\Local\Microsoft\OneDrive\OneDrive.exe
1 C:\Users\Utente\Desktop\HiJackThis\HiJackThis.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
1 C:\Windows\System32\MicrosoftEdgeCP.exe
1 C:\Windows\System32\MicrosoftEdgeSH.exe
8 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SecurityHealthSystray.exe
1 C:\Windows\System32\SgrmBroker.exe
1 C:\Windows\System32\audiodg.exe
1 C:\Windows\System32\browser_broker.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
2 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\igfxCUIService.exe
1 C:\Windows\System32\igfxEM.exe
1 C:\Windows\System32\igfxHK.exe
1 C:\Windows\System32\igfxTray.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
71 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
1 C:\Windows\explorer.exe

O2 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_231\bin\jp2ssv.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_231\bin\ssv.dll
O2-32 - HKLM\..\BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O4 - HKCU\..\Run: [OneDrive] = C:\Users\Utente\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (Microsoft)
O4 - HKCU\..\Run: [PolarisOffice] = C:\Program Files (x86)\Polaris Office\Office8\Binary\POSyncCenter.exe
O4 - HKCU\..\RunOnce: [Application Restart #0] = C:\Program Files (x86)\Polaris Office\Office8\Binary\PViewManager.exe -Embedding /RestartByRestartManager:1E2FF54F-1D03-46fb-82D6-67917C18D731 /RestartByRestartManager:13F54600-3AAC-4134-A54C-9EDE2F2FAEAF /RestartByRestartManager:CF633F65-F4AE-4093-93AD-E7A70768A927
O4 - HKLM\..\Run: [SecurityHealth] = C:\WINDOWS\system32\SecurityHealthSystray.exe
O4 - HKLM\..\StartupApproved\StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk -> C:\Program Files (x86)\WinZip\WZQKPICK.EXE (1601/01/01)
O4-32 - HKLM\..\Run: [DivXUpdate] = C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe /CHECKNOW
O4-32 - HKLM\..\Run: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O17 - DHCP DNS 1: 192.168.1.1
O21 - HKLM\..\ShellIconOverlayIdentifiers\ 0FileIconSyncOn: FileIconOverlayExt Class - {62E15A97-5651-41E4-95C4-706D30C86A4B} - C:\Program Files (x86)\Polaris Office\Office8\Binary\SyncOverlay\X64\0FileIconSyncOn64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ 1FileIconSyncAlert: FileIconOverlayExt Class - {BF741CA6-27BF-4B49-A3A3-1C39415582D8} - C:\Program Files (x86)\Polaris Office\Office8\Binary\SyncOverlay\X64\1FileIconSyncAlert64.dll
O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService1.0.0.0) - C:\WINDOWS\system32\igfxCUIService.exe
O23 - Service S2: Servizio Google Update (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: Adobe Flash Player Update Service - (AdobeFlashPlayerUpdateSvc) - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.108\elevation_service.exe
O23 - Service S3: Intel(R) Content Protection HECI Service - (cphs) - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service S3: Servizio Google Update (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc

--
End of file - Time spent: 83,5 sec. - 14188 bytes, CRC32: FFFFFFFF. Sign: 泗㤇

ERCOLINO · 25 Novembre 2019

Che problemi hai?

Il log mi sembra ok

Aggiorna Firefox

Cancella il contenuto della cartella Temp

C:Windows/temp

carontel · 25 Novembre 2019

Ciao ercolino, ieri mentre navigavo su vari siti, avevo disponibili sul disco 4Gb di spazio, (ho il pc pieno di registrazioni tv di cui sono collezionista, anzi chi vuole far scambi è ben accetto) e tutto ad un tratto mi spunta il riquadro di windows a destra di liberare spazio dal disco perchè era pieno, vado per guardare e lo spazio libero era quasi 0, ho il dubbio che mi abbia scaricato qualcosa a mia insaputa, però andando nei download non c'era niente di nuovo, magari è nascosto altrove. Premetto che avevo aperto nel pc una quindicina di pagine. Chiudendole tutte lo spazio libero è diventato di 2gb, ma all'appello ne mancano altri 2 gb, possibile abbia scaricato qualcosa che non volevo?

carontel · 25 Novembre 2019

Visto che uso come principale chrome conviene aggiornare firefox?

Ospite · 26 Novembre 2019

Quello che usi o non usi se è installato a prescindere devi tenere tutto aggiornato.

ERCOLINO · 26 Novembre 2019

carontel ha scritto:
Ciao ercolino, ieri mentre navigavo su vari siti, avevo disponibili sul disco 4Gb di spazio, (ho il pc pieno di registrazioni tv di cui sono collezionista, anzi chi vuole far scambi è ben accetto) e tutto ad un tratto mi spunta il riquadro di windows a destra di liberare spazio dal disco perchè era pieno, vado per guardare e lo spazio libero era quasi 0, ho il dubbio che mi abbia scaricato qualcosa a mia insaputa, però andando nei download non c'era niente di nuovo, magari è nascosto altrove. Premetto che avevo aperto nel pc una quindicina di pagine. Chiudendole tutte lo spazio libero è diventato di 2gb, ma all'appello ne mancano altri 2 gb, possibile abbia scaricato qualcosa che non volevo?

Non credo, elimina quello che non ti serve, mettilo su un HDD esterno.

carontel · 27 Novembre 2019

Allora il fatto che no avevo più spazio disponibile nel disco è da imputare alle 15 pagine aperte sul pc? aprendo molte pagine lo spazio nel disco si riduce?
Ercolino i file mi servono tutti, sono tutte registrazioni tv anni 60/70 che colleziono, dovrei si acquistare un Hdd esterno e metterle là.

ERCOLINO · 27 Novembre 2019

Non centra nulla le pagine aperte, il tuo problema é che l'HDD del Pc è troppo pieno, devi comprare un HDD esterno e spostare tutto li.

Piú roba si tiene sull'HDD dove c'é il sistema operativo piú il Pc diventa lento

scarfacecik84 · 27 Dicembre 2019

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Platform: x64 Windows 10 (Pro), 10.0.18362.535 (ReleaseId: 1903), Service Pack: 0
Time: 27.12.2019 - 20:38 (UTC+01:00)
Language: OS: Italian (0x410). Display: Italian (0x410). Non-Unicode: Italian (0x410)
Elevated: Yes
Ran by: Lorenzo (group: Administrator) on DESKTOP-FLAUC24, FirstRun: yes

Chrome: 79.0.3945.88
Edge: 11.0.18362.476
Internet Explorer: 11.0.18362.1
Default: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
7 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
1 C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
1 C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
1 C:\Program Files (x86)\Razer\Razer Cortex\Cef\CefSharp.BrowserSubprocess.exe
1 C:\Program Files (x86)\Razer\Razer Cortex\FPSRunner32.exe
1 C:\Program Files (x86)\Razer\Razer Cortex\PMRunner32.exe
1 C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe
1 C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
1 C:\Program Files (x86)\Razer\Razer Cortex\x64\FPSRunner64.exe
1 C:\Program Files (x86)\Razer\Razer Cortex\x64\PMRunner64.exe
1 C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
2 C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe
1 C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
1 C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
1 C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
1 C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
1 C:\Program Files\AMD\CNext\CNext\amdow.exe
1 C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
1 C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.55.131.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
1 C:\Program Files\WindowsApps\Microsoft.WindowsStore_11912.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\MsMpEng.exe
1 C:\Windows\ImmersiveControlPanel\SystemSettings.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
1 C:\Windows\System32\DriverStore\FileRepository\c0349464.inf_amd64_81834963f99dd94b\B349558\atieclxx.exe
1 C:\Windows\System32\DriverStore\FileRepository\c0349464.inf_amd64_81834963f99dd94b\B349558\atiesrxx.exe
4 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchFilterHost.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SecurityHealthSystray.exe
1 C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
1 C:\Windows\System32\WUDFHost.exe
1 C:\Windows\System32\audiodg.exe
1 C:\Windows\System32\backgroundTaskHost.exe
2 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
1 C:\Windows\System32\dasHost.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\lsass.exe
2 C:\Windows\System32\schtasks.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
70 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\wbem\WmiApSrv.exe
3 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\System32\wscript.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
1 C:\Windows\explorer.exe
1 F:\PROGRAMMI\HiJackThis\HiJackThis.exe

O4 - HKCU\..\Run: [Steam] = D:\Program Files (x86)\Steam\steam.exe -silent
O4 - HKCU\..\StartupApproved\Run: [EADM] = C:\Program Files (x86)\Origin\Origin.exe -AutoStart (2019/12/11)
O4 - HKLM\..\Run: [RTHDVCPL] = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
O4 - HKLM\..\Run: [SecurityHealth] = C:\Windows\system32\SecurityHealthSystray.exe
O4 - HKLM\..\Session Manager: [BootExecute] = C:\Windows\system32\autochk.exe /p \??\F:
O4 - HKLM\..\Session Manager: [BootExecute] = autocheck autochk * (file missing)
O4-32 - HKLM\..\Run: [RazerCortex] = C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncher.exe -autorun
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive1: (no name) - {BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive2: (no name) - {5AB7172C-9C11-405C-8DD5-AF20F3606282} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive3: (no name) - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive4: (no name) - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive5: (no name) - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive6: (no name) - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive7: (no name) - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\00asw: (no name) - {472083B0-C522-11CF-8763-00608CC02F24} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive1: (no name) - {BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive2: (no name) - {5AB7172C-9C11-405C-8DD5-AF20F3606282} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive3: (no name) - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive4: (no name) - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive5: (no name) - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive6: (no name) - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive7: (no name) - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} - (no file)
O23 - Service R2: AMD External Events Utility - C:\Windows\System32\DriverStore\FileRepository\c0349464.inf_amd64_81834963f99dd94b\B349558\atiesrxx.exe
O23 - Service R2: Razer Central Service - (RzActionSvc) - C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
O23 - Service R2: Razer Game Manager - (Razer Game Manager Service) - C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
O23 - Service R2: RzKLService - C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
O23 - Service S2: Origin Web Helper Service - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service S2: Servizio Google Update (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.88\elevation_service.exe
O23 - Service S3: Origin Client Service - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service S3: Servizio Google Update (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService

--
End of file - Time spent: 18,9 sec. - 15848 bytes, CRC32: FFFFFFFF. Sign: 薼ꎂ

George82 · 29 Dicembre 2019

Scusate l'intromissione, chiedo se la scansione del computer con "LogFile of HijackThis" bisogna effettuarla con connessione attiva o in modalità provvisoria,grazie.

ERCOLINO · 29 Dicembre 2019

In modo normale

Va chiuso il browser

ERCOLINO · 29 Dicembre 2019

scarfacecik84 ha scritto:
Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Platform: x64 Windows 10 (Pro), 10.0.18362.535 (ReleaseId: 1903), Service Pack: 0
Time: 27.12.2019 - 20:38 (UTC+01:00)
Language: OS: Italian (0x410). Display: Italian (0x410). Non-Unicode: Italian (0x410)
Elevated: Yes
Ran by: Lorenzo (group: Administrator) on DESKTOP-FLAUC24, FirstRun: yes

Chrome: 79.0.3945.88
Edge: 11.0.18362.476
Internet Explorer: 11.0.18362.1
Default: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
7 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
1 C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
1 C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
1 C:\Program Files (x86)\Razer\Razer Cortex\Cef\CefSharp.BrowserSubprocess.exe
1 C:\Program Files (x86)\Razer\Razer Cortex\FPSRunner32.exe
1 C:\Program Files (x86)\Razer\Razer Cortex\PMRunner32.exe
1 C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe
1 C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
1 C:\Program Files (x86)\Razer\Razer Cortex\x64\FPSRunner64.exe
1 C:\Program Files (x86)\Razer\Razer Cortex\x64\PMRunner64.exe
1 C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
2 C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe
1 C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
1 C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
1 C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
1 C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
1 C:\Program Files\AMD\CNext\CNext\amdow.exe
1 C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
1 C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.55.131.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
1 C:\Program Files\WindowsApps\Microsoft.WindowsStore_11912.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\MsMpEng.exe
1 C:\Windows\ImmersiveControlPanel\SystemSettings.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
1 C:\Windows\System32\DriverStore\FileRepository\c0349464.inf_amd64_81834963f99dd94b\B349558\atieclxx.exe
1 C:\Windows\System32\DriverStore\FileRepository\c0349464.inf_amd64_81834963f99dd94b\B349558\atiesrxx.exe
4 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchFilterHost.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SecurityHealthSystray.exe
1 C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
1 C:\Windows\System32\WUDFHost.exe
1 C:\Windows\System32\audiodg.exe
1 C:\Windows\System32\backgroundTaskHost.exe
2 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
1 C:\Windows\System32\dasHost.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\lsass.exe
2 C:\Windows\System32\schtasks.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
70 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\wbem\WmiApSrv.exe
3 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\System32\wscript.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
1 C:\Windows\explorer.exe
1 F:\PROGRAMMI\HiJackThis\HiJackThis.exe

O4 - HKCU\..\Run: [Steam] = D:\Program Files (x86)\Steam\steam.exe -silent
O4 - HKCU\..\StartupApproved\Run: [EADM] = C:\Program Files (x86)\Origin\Origin.exe -AutoStart (2019/12/11)
O4 - HKLM\..\Run: [RTHDVCPL] = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
O4 - HKLM\..\Run: [SecurityHealth] = C:\Windows\system32\SecurityHealthSystray.exe
O4 - HKLM\..\Session Manager: [BootExecute] = C:\Windows\system32\autochk.exe /p \??\F:
O4 - HKLM\..\Session Manager: [BootExecute] = autocheck autochk * (file missing)
O4-32 - HKLM\..\Run: [RazerCortex] = C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncher.exe -autorun
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive1: (no name) - {BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive2: (no name) - {5AB7172C-9C11-405C-8DD5-AF20F3606282} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive3: (no name) - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive4: (no name) - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive5: (no name) - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive6: (no name) - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive7: (no name) - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\00asw: (no name) - {472083B0-C522-11CF-8763-00608CC02F24} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive1: (no name) - {BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive2: (no name) - {5AB7172C-9C11-405C-8DD5-AF20F3606282} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive3: (no name) - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive4: (no name) - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive5: (no name) - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive6: (no name) - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive7: (no name) - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} - (no file)
O23 - Service R2: AMD External Events Utility - C:\Windows\System32\DriverStore\FileRepository\c0349464.inf_amd64_81834963f99dd94b\B349558\atiesrxx.exe
O23 - Service R2: Razer Central Service - (RzActionSvc) - C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
O23 - Service R2: Razer Game Manager - (Razer Game Manager Service) - C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
O23 - Service R2: RzKLService - C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
O23 - Service S2: Origin Web Helper Service - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service S2: Servizio Google Update (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.88\elevation_service.exe
O23 - Service S3: Origin Client Service - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service S3: Servizio Google Update (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService

--
End of file - Time spent: 18,9 sec. - 15848 bytes, CRC32: FFFFFFFF. Sign: 薼ꎂ

Mi era sfuggito.

Noti qualche problema in particolare?

Il log mi sembra ok

Fai una pulita comunque ai cookies e cache del browser e cancella tutto il contenuto della cartella Temp

C:Windows/temp

Ivymike · 24 Febbraio 2020

Stamattina non riesco ad aprire le pagine di google, sia la home del motore di ricerca che quelle annesse... siccome su l'altro pc connesso alla stessa rete, riesco ho pensato di aver beccato qualche virus nelle installazioni che ho fatto ieri.

Ho scansionato con Hijack ma non so leggere bene il log.
Potreste aiutarmi?

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxyOverride] = *.a*.*;*.b*.*;*.c*.*;*.d*.*;*.e*.*;*.f*.*;*.h*.*;*.i*.*;*.j*.*;*.k*.*;*.l*.*;*.m*.*;*.n*.*;*.o*.*;*.p*.*;*.q*.*;*.r*.*;*.s*.*;*.u*.*;*.v*.*;*.w*.*;*.x*.*;*.y*.*;*.z*.*;*.0*.*;*.1*.*;*.2*.*;*.3*.*;*.4*.*;*.5*.*;*.6*.*;*.7*.*;*.8*.*;*.9*.*;*.*a.*;*.*b.*;*.*d.*;*.*f.*;*.*g.*;*.*h.*;*.*i.*;*.*j.*;*.*k.*;*.*l.*;*.*m.*;*.*n.*;*.*o.*;*.*p.*;*.*q.*;*.*r.*;*.*t.*;*.*u.*;*.*v.*;*.*w.*;*.*x.*;*.*y.*;*.*z.*;*.*0.*;*.*1.*;*.*2.*;*.*3.*;*.*4.*;*.*5.*;*.*6.*;*.*7.*;*.*8.*;*.*9.*;*.g0*.*;*.g1*.*;*.g2*.*;*.g3*.*;*.g4*.*;*.g5*.*;*.g6*.*;*.g7*.*;*.g8*.*;*.g9*.*;*.t0*.*;*.t1*.*;*.t2*.*;*.t3*.*;*.t4*.*;*.t5*.*;*.t6*.*;*.t7*.*;*.t8*.*;*.t9*.*;*.ga*.*;*.gb*.*;*.gc*.*;*.gd*.*;*.ge*.*;*.gf*.*;*.gg*.*;*.gh*.*;*.gi*.*;*.gj*.*;*.gk*.*;*.gl*.*;*.gm*.*;*.gn*.*;*.gp*.*;*.gq*.*;*.gr*.*;*.gs*.*;*.gt*.*;*.gu*.*;*.gv*.*;*.gw*.*;*.gx*.*;*.gy*.*;*.gz*.*;*.ta*.*;*.tc*.*;*.td*.*;*.te*.*;*.tf*.*;*.tg*.*;*.th*.*;*.ti*.*;*.tj*.*;*.tk*.*;*.tl*.*;*.tm*.*;*.tn*.*;*.to*.*;*.tp*.*;*.tq*.*;*.tr*.*;*.ts*.*;*.tt*.*;*.tu*.*;*.tv*.*;*.tw*.*;*.tx*.*;*.ty*.*;*.tz*.*;*ae.*;*be.*;*ce.*;*de.*;*ee.*;*fe.*;*ge.*;*he.*;*ie.*;*je.*;*ke.*;*me.*;*ne.*;*oe.*;*pe.*;*qe.*;*re.*;*se.*;*te.*;*ue.*;*ve.*;*we.*;*xe.*;*ye.*;*ze.*;*as.*;*bs.*;*cs.*;*ds.*;*fs.*;*gs.*;*hs.*;*js.*;*ks.*;*ls.*;*ms.*;*ns.*;*os.*;*ps.*;*qs.*;*rs.*;*ss.*;*ts.*;*us.*;*vs.*;*ws.*;*xs.*;*ys.*;*zs.*;*ac.*;*bc.*;*cc.*;*dc.*;*ec.*;*fc.*;*gc.*;*hc.*;*jc.*;*kc.*;*lc.*;*mc.*;*nc.*;*oc.*;*pc.*;*qc.*;*rc.*;*sc.*;*tc.*;*uc.*;*vc.*;*wc.*;*xc.*;*yc.*;*zc.*;*.*0e.*;*.*1e.*;*.*2e.*;*.*3e.*;*.*4e.*;*.*5e.*;*.*6e.*;*.*7e.*;*.*8e.*;*.*9e.*;*.*0s.*;*.*1s.*;*.*2s.*;*.*3s.*;*.*4s.*;*.*5s.*;*.*6s.*;*.*7s.*;*.*8s.*;*.*9s.*;*.*0c.*;*.*1c.*;*.*2c.*;*.*3c.*;*.*4c.*;*.*5c.*;*.*6c.*;*.*7c.*;*.*8c.*;*.*9c.*;0*;1*;2*;3*;4*;5*;6*;7*;8*;9*;*0;*1;*2;*3;*4;*5;*6;*7;*8;*9;b*.*;c*.*;d*.*;f*.*;h*.*;i*.*;j*.*;k*.*;l*.*;n*.*;m*.*;o*.*;p*.*;q*.*;r*.*;s*.*;t*.*;u*.*;v*.*;x*.*;y*.*;z*.*;*a.*;*b.*;*f.*;*g.*;*h.*;*j.*;*k.*;*l.*;*m.*;*n.*;*o.*;*p.*;*q.*;*r.*;*t.*;*u.*;*v.*;*x.*;*y.*;*z.*;*.local
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxyServer] = 127.0.0.1:8003 (enabled)
R1 - HKLM\System\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies: (default) = 1127.0.0.1:8003
O1 - Hosts: Reset contents to default
O1 - Hosts: 127.0.0.1 activation.acronis.com web-api-tih.acronis.com
O1 - Hosts: 127.0.0.1 activation.acronis.com web-api-tih.acronis.com
O1 - Hosts: 127.0.0.1 activation.acronis.com web-api-tih.acronis.com
O1 - Hosts: 127.0.0.1 activation.acronis.com web-api-tih.acronis.com
O1 - Hosts: 127.0.0.1 na1r.services.adobe.com
O1 - Hosts: 127.0.0.1 hlrcv.stage.adobe.com
O1 - Hosts: 127.0.0.1 lmlicenses.wip4.adobe.com
O1 - Hosts: 127.0.0.1 lm.licenses.adobe.com
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 genuine.adobe.com
O1 - Hosts: 127.0.0.1 prod.adobegenuine.com
O2 - HKLM\..\BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_241\bin\jp2ssv.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_241\bin\ssv.dll
O2 - HKLM\..\BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll
O2 - HKLM\..\BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll
O2-32 - HKLM\..\BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O2-32 - HKLM\..\BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
O2-32 - HKLM\..\BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O3 - HKLM\..\Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll
O3-32 - HKLM\..\Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O4 - HKCU\..\Run: [Adobe Acrobat Synchronizer] = C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
O4 - HKCU\..\Run: [CCXProcess] = C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
O4 - HKCU\..\Run: [view] = C:\Users\Filippo\AppData\Roaming\view\viewU.exe
O4 - HKLM\..\Run: [CDAServer] = C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
O4 - HKLM\..\Run: [EvtMgr6] = C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
O4 - HKLM\..\Run: [RTHDVCPL] = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
O4 - HKLM\..\Run: [egui] = C:\Program Files\ESET\ESET Security\ecmds.exe /run /hide /proxy
O4 - HKLM\..\StartupApproved\Run32: [Acrobat Assistant 8.0] (2019/02/04) = C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe
O4 - HKLM\..\StartupApproved\Run32: [Adobe Creative Cloud] (2019/02/07) = C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe --showwindow=false --onOSstartup=true
O4 - HKLM\..\StartupApproved\Run32: [SunJavaUpdateSched] (2019/05/20) = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\StartupApproved\Run: [AdobeAAMUpdater-1.0] (2019/02/04) = C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
O4 - HKLM\..\StartupApproved\Run: [AdobeGCInvoker-1.0] (2019/02/04) = C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe
O4 - HKLM\..\StartupApproved\Run: [SecurityHealth] (1601/01/01) = C:\WINDOWS\system32\SecurityHealthSystray.exe
O4 - User Startup: C:\Users\Filippo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk -> C:\Rainmeter\Rainmeter.exe
O4 - User Startup: C:\Users\Filippo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar824.lnk -> C:\Program Files (x86)\Windows Sidebar\sidebar.exe
O4-32 - HKLM\..\Run: [AllShareAgent] = C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
O15 - Trusted Zone: HKCU - http://download.microsoft.com
O15 - Trusted Zone: HKCU - http://download.windowsupdate.com
O15 - Trusted Zone: HKCU - http://ntservicepack.microsoft.com
O15 - Trusted Zone: HKCU - http://update.microsoft.com
O15 - Trusted Zone: HKCU - http://windowsupdate.microsoft.com
O15 - Trusted Zone: HKCU - http://ws.microsoft.com
O15 - Trusted Zone: HKCU - http://wustat.windows.com
O15 - Trusted Zone: HKCU - https://download.windowsupdate.com
O15 - Trusted Zone: HKCU - https://update.microsoft.com
O15 - Trusted Zone: HKCU - https://windowsupdate.com
O15 - Trusted Zone: HKCU - https://ws.microsoft.com
O15 - Trusted Zone: http://download.windowsupdate.com
O15 - Trusted Zone: http://wustat.windows.com
O15 - Trusted Zone: https://download.windowsupdate.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{2bb3c7be-ae22-431f-b205-7188e17f490a}: [NameServer] = 212.216.112.112
O17 - HKLM\System\CCS\Services\Tcpip\..\{2bb3c7be-ae22-431f-b205-7188e17f490a}: [NameServer] = 212.216.172.62
O21 - HKLM\..\ShellIconOverlayIdentifiers: OneDrive1 - {BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers: OneDrive2 - {5AB7172C-9C11-405C-8DD5-AF20F3606282} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers: OneDrive3 - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers: OneDrive4 - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers: OneDrive5 - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers: OneDrive6 - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers: OneDrive7 - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers: AccExtIco1 Class - {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers: AccExtIco2 Class - {853B7E05-C47D-4985-909A-D0DC5C6D7303} - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers: AccExtIco3 Class - {42D38F2E-98E9-4382-B546-E24E4D6D04BB} - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers: OneDrive1 - {BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers: OneDrive2 - {5AB7172C-9C11-405C-8DD5-AF20F3606282} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers: OneDrive3 - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers: OneDrive4 - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers: OneDrive5 - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers: OneDrive6 - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers: OneDrive7 - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} - (no file)
O22 - Task: (disabled) (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask
O22 - Task: (disabled) \Agent Activation Runtime\S-1-5-21-1074140562-1853794864-24934786-1000 - C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe
O22 - Task: (disabled) \Microsoft\Windows\InstallService\WakeUpAndContinueUpdates - {0DC331EE-8438-49D5-A721-E10B937CE459} - C:\Windows\System32\InstallServiceTasks.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\InstallService\WakeUpAndScanForUpdates - {D5A04D91-6FE6-4FE4-A98A-FEB4500C5AF7} - C:\Windows\System32\InstallServiceTasks.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\MdmDiagnosticsCleanup - C:\WINDOWS\system32\MdmDiagnosticsTool.exe /clean (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Shell\UpdateAgentTask_RemoveFOD - C:\WINDOWS\System32\ShellUpdateAgentTask.exe -RemoveFOD (file missing)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\WINDOWS\system32\MusNotification.exe /RunOnAC ReadyToReboot (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\WINDOWS\system32\MusNotification.exe /RunOnBattery ReadyToReboot (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Work - C:\WINDOWS\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\WaaSMedic\PerformRemediation - {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32},None - C:\WINDOWS\System32\WaaSMedicSvc.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\WindowsUpdate\sihpostreboot - C:\WINDOWS\system32\sihclient.exe /PostReboot (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Workplace Join\Automatic-Device-Join - C:\WINDOWS\System32\dsregcmd.exe $(Arg0) $(Arg1) $(Arg2) (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Workplace Join\Device-Sync - {C662D912-E4D6-44A3-89A0-20550514951D},DeviceUpdate - C:\Windows\System32\dsregtask.dll (Microsoft)
O22 - Task: (telemetry) \Microsoft\Office\OfficeTelemetryAgentFallBack2016 - C:\Program Files\Microsoft Office\root\Office16\msoia.exe scan upload mininterval:2880 (Microsoft)
O22 - Task: (telemetry) \Microsoft\Office\OfficeTelemetryAgentLogOn2016 - C:\Program Files\Microsoft Office\root\Office16\msoia.exe scan upload (Microsoft)
O22 - Task: AIDA64 AutoStart - E:\#_ PROGRAMMI _#\#_Microsoft_#\#___ Windows ___#\aida64extreme\aida64.exe
O22 - Task: Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O22 - Task: AdobeGCInvoker-1.0 - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe -mode=scheduled
O22 - Task: MicrosoftEdgeUpdateTaskMachineCore - C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /c
O22 - Task: MicrosoftEdgeUpdateTaskMachineUA - C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /ua /installsource scheduler
O22 - Task: Microsoft_Hardware_Launch_ipoint_exe - C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
O22 - Task: Microsoft_Hardware_Launch_itype_exe - C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
O22 - Task: Microsoft_Hardware_Launch_mousekeyboardcenter_exe - C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe
O22 - Task: Microsoft_MKC_Logon_Task_ipoint.exe - C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
O22 - Task: Microsoft_MKC_Logon_Task_itype.exe - C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
O22 - Task: \ASUS\ASUS AISuiteIII - C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
O22 - Task: \ASUS\ASUS DIPAwayMode - C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
O22 - Task: \ASUS\ASUS DigiPowerControl Help - C:\Program Files (x86)\ASUS\AI Suite III\DIGI+ Power Control\PowerControlHelp.exe
O22 - Task: \Microsoft\Office\Office Automatic Updates 2.0 - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe /frequentupdate SCHEDULEDTASK displaylevel=False (Microsoft)
O22 - Task: \Microsoft\Office\Office ClickToRun Service Monitor - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe /WatchService (Microsoft)
O22 - Task: \Microsoft\Office\Office Feature Updates - C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe (Microsoft)
O22 - Task: \Microsoft\Office\Office Feature Updates Logon - C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe /onlogon (Microsoft)
O22 - Task: \Microsoft\Office\OfficeBackgroundTaskHandlerLogon - C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft)
O22 - Task: \Microsoft\Office\OfficeBackgroundTaskHandlerRegistration - C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft)
O22 - Task: \Microsoft\Windows\BitLocker\BitLocker Encrypt All Drives - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},BitLockerEncryptAllDrives - C:\WINDOWS\System32\edptask.dll (Microsoft)
O22 - Task: \Microsoft\Windows\Data Integrity Scan\Data Integrity Check And Scan - {DCFD3EA8-D960-4719-8206-490AE315F94F} - C:\Windows\System32\discan.dll (Microsoft)
O22 - Task: \Microsoft\Windows\Data Integrity Scan\Data Integrity Scan - {DCFD3EA8-D960-4719-8206-490AE315F94F},-Manual - C:\Windows\System32\discan.dll (Microsoft)
O22 - Task: \Microsoft\Windows\Device Information\Device - C:\WINDOWS\system32\devicecensus.exe SystemCxt (Microsoft)
O22 - Task: \Microsoft\Windows\Device Information\Device User - C:\WINDOWS\system32\devicecensus.exe UserCxt (Microsoft)
O22 - Task: \Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceLocationRightsChange - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -SettingChange - C:\WINDOWS\system32\DeviceDirectoryClient.dll (Microsoft)
O22 - Task: \Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePolicyChange - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -SettingChange - C:\WINDOWS\system32\DeviceDirectoryClient.dll (Microsoft)
O22 - Task: \Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceProtectionStateChanged - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -ProtectionStateChanged -FreeNetworkOnly - C:\WINDOWS\system32\DeviceDirectoryClient.dll (Microsoft)
O22 - Task: \Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceWnsFallback - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -Periodic - C:\WINDOWS\system32\DeviceDirectoryClient.dll (Microsoft)
O22 - Task: \Microsoft\Windows\Diagnosis\RecommendedTroubleshootingScanner - {AD08DCC2-4E35-4486-9D49-547CBD30942D} - C:\WINDOWS\System32\MitigationClient.dll (Microsoft)
O22 - Task: \Microsoft\Windows\DirectX\DXGIAdapterCache - C:\WINDOWS\system32\dxgiadaptercache.exe (Microsoft)
O22 - Task: \Microsoft\Windows\DirectX\DirectXDatabaseUpdater - C:\WINDOWS\system32\directxdatabaseupdater.exe (Microsoft)
O22 - Task: \Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures - {59EECBFE-C2F5-4419-9B99-13FE05FF2675} - C:\Windows\System32\fcon.dll (Microsoft)
O22 - Task: \Microsoft\Windows\Flighting\FeatureConfig\UsageDataFlushing - {99EFDAD1-0F11-4A6B-A702-4E1C37D1A3EF} - C:\Windows\System32\fcon.dll (Microsoft)
O22 - Task: \Microsoft\Windows\Flighting\FeatureConfig\UsageDataReporting - {BBFCD054-8AAC-45DE-A1EB-7B246C9028AF} - C:\Windows\System32\fcon.dll (Microsoft)
O22 - Task: \Microsoft\Windows\Flighting\OneSettings\RefreshCache - {E07647F7-AED2-48D9-9720-939BC24A8A3C} - C:\Windows\System32\wosc.dll (Microsoft)
O22 - Task: \Microsoft\Windows\HelloFace\FODCleanupTask - C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe (Microsoft)
O22 - Task: \Microsoft\Windows\Input\LocalUserSyncDataAvailable - {8E7C2AFB-72B9-415C-9AC2-5037693309B7},LocalUserSyncDataAvailable - C:\Windows\System32\InputCloudStore.dll (Microsoft)
O22 - Task: \Microsoft\Windows\Input\MouseSyncDataAvailable - {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA},MouseSyncDataAvailable - C:\Windows\System32\InputCloudStore.dll (Microsoft)
O22 - Task: \Microsoft\Windows\Input\PenSyncDataAvailable - {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA},PenSyncDataAvailable - C:\Windows\System32\InputCloudStore.dll (Microsoft)
O22 - Task: \Microsoft\Windows\Input\TouchpadSyncDataAvailable - {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA},TouchpadSyncDataAvailable - C:\Windows\System32\InputCloudStore.dll (Microsoft)
O22 - Task: \Microsoft\Windows\InstallService\ScanForUpdates - {A558C6A5-B42B-4C98-B610-BF9559143139} - C:\Windows\System32\InstallServiceTasks.dll (Microsoft)
O22 - Task: \Microsoft\Windows\InstallService\ScanForUpdatesAsUser - {DDAFAEA2-8842-4E96-BADE-D44A8D676FDB} - C:\Windows\System32\InstallServiceTasks.dll (Microsoft)
O22 - Task: \Microsoft\Windows\InstallService\SmartRetry - {F3A219C3-2698-4CBF-9C07-037EDB8E72E6} - C:\Windows\System32\InstallServiceTasks.dll (Microsoft)
O22 - Task: \Microsoft\Windows\International\Synchronize Language Settings - {10D62541-90D0-42FE-848C-0DBC1AC42EDA},SyncFromCloud - C:\Windows\System32\CoreGlobConfig.dll (Microsoft)
O22 - Task: \Microsoft\Windows\LanguageComponentsInstaller\ReconcileLanguageResources - {D0582E3B-3126-4CAA-9155-AC37C912A489} - C:\WINDOWS\System32\LanguageOverlayServer.dll (Microsoft)
O22 - Task: \Microsoft\Windows\Setup\SnapshotCleanupTask - C:\Windows\System32\OOBE\SetupPlatform\SetupPlatform.exe -removesnapshot (Microsoft)
O22 - Task: \Microsoft\Windows\ShellLogonTask_SetCBSEndOfLife - C:\WINDOWS\System32\ShellLogonTask.exe -SetCBSEndOfLife (file missing)
O22 - Task: \Microsoft\Windows\Shell\ShellLogonTask_SetCBSEndOfLife - C:\WINDOWS\System32\ShellLogonTask.exe -SetCBSEndOfLife (file missing)
O22 - Task: \Microsoft\Windows\Shell\UpdateAgentTask_AcquireFOD - C:\WINDOWS\System32\ShellUpdateAgentTask.exe -AcquireFOD (file missing)
O22 - Task: \Microsoft\Windows\Shell\UpdateAgentTask_AquireFOD - C:\WINDOWS\System32\ShellUpdateAgentTask.exe -AquireFOD (file missing)
O22 - Task: \Microsoft\Windows\Shell\UpdateAgentTask_SetCBSEndOfLife - C:\WINDOWS\System32\ShellUpdateAgentTask.exe -SetCBSEndOfLife (file missing)
O22 - Task: \Microsoft\Windows\Shell\UpdateUserPictureTask - {09C5DD34-009D-40FA-BCB9-0165AD0C15D4} - C:\Windows\System32\Windows.UI.Immersive.dll (Microsoft)
O22 - Task: \Microsoft\Windows\SoftwareProtectionPlatform\SvcTrigger - {B1AEBB5D-EAD9-4476-B375-9C3ED9F32AFC},logon - C:\WINDOWS\System32\sppcext.dll (Microsoft)
O22 - Task: \Microsoft\Windows\Speech\HeadsetButtonPress - C:\WINDOWS\system32\speech_onecore\common\SpeechRuntime.exe StartedFromTask (Microsoft)
O22 - Task: \Microsoft\Windows\StateRepository\MaintenanceTasks - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\Windows.StateRepositoryClient.dll,StateRepositoryDoMaintenanceTasks
O22 - Task: \Microsoft\Windows\UpdateOrchestrator\AC Power Install - C:\WINDOWS\system32\usoclient.exe StartInstall (Microsoft)
O22 - Task: \Microsoft\Windows\UpdateOrchestrator\Backup Scan - C:\WINDOWS\system32\usoclient.exe StartScan (Microsoft)
O22 - Task: \Microsoft\Windows\UpdateOrchestrator\Report policies - C:\WINDOWS\system32\usoclient.exe ReportPolicies (Microsoft)
O22 - Task: \Microsoft\Windows\UpdateOrchestrator\Schedule Scan Static Task - C:\WINDOWS\system32\usoclient.exe StartScan (Microsoft)
O22 - Task: \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\WINDOWS\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\WINDOWS\system32\MusNotification.exe (Microsoft)
O22 - Task: \Microsoft\Windows\UpdateOrchestrator\Universal Orchestrator Start - C:\WINDOWS\system32\usoclient.exe StartUWork (Microsoft)
O22 - Task: \Microsoft\Windows\UpdateOrchestrator\UpdateModelTask - C:\WINDOWS\system32\usoclient.exe StartModelUpdates (Microsoft)
O22 - Task: \Microsoft\Windows\WindowsUpdate\sihcommit - C:\WINDOWS\system32\sihclient.exe /Commit (Microsoft)
O22 - Task: \Microsoft\Windows\WlanSvc\CDSSync - {B0D2B535-12E1-439F-86B3-BADA289510F0},$(Arg0) - C:\Windows\System32\WiFiCloudStore.dll (Microsoft)
O22 - Task: \Microsoft\Windows\WwanSvc\OobeDiscovery - {C93CF9D5-031B-4AAA-AB0B-EF802347B381} - C:\Windows\System32\MBMediaManager.dll (Microsoft)
O22 - Task: \Microsoft\Windows\applicationdata\CleanupTemporaryState - C:\WINDOWS\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
O22 - Task: \Microsoft\Windows\applicationdata\DsSvcCleanup - C:\WINDOWS\system32\dstokenclean.exe (Microsoft)
O22 - Task: \Microsoft\Windows\applicationdata\appuriverifierdaily - C:\WINDOWS\system32\AppHostRegistrationVerifier.exe (Microsoft)
O22 - Task: \Microsoft\Windows\applicationdata\appuriverifierinstall - C:\WINDOWS\system32\AppHostRegistrationVerifier.exe (Microsoft)
O22 - Task: \Nero\Nero Info - C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe -shedul
O23 - Service R2: ASUS Com Service - (asComSvc) - C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
O23 - Service R2: ASUS HM Com Service - (asHmComSvc) - C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service R2: Adobe Genuine Monitor Service - (AGMService) - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
O23 - Service R2: Adobe Genuine Software Integrity Service - (AGSService) - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service R2: AdobeUpdateService - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
O23 - Service R2: AsusFanControlService - C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.25\AsusFanControlService.exe
O23 - Service R2: Bluetooth Driver Management Service - (BcmBtRSupport) - C:\WINDOWS\system32\BtwRSupportService.exe
O23 - Service R2: Crypkey License - C:\WINDOWS\system32\crypserv.exe
O23 - Service R2: DSC MCPH Service - (MCPH) - C:\Program Files\Bentel\BOSS\MCPH\MCPH.exe
O23 - Service R2: ESET Service - (ekrn) - C:\Program Files\ESET\ESET Security\ekrn.exe
O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService1.0.0.0) - C:\WINDOWS\system32\igfxCUIService.exe
O23 - Service R2: Nero Update - (NAUpdate) - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service R2: SAMSUNG Mobile Connectivity Service - (ss_conn_service) - C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
O23 - Service R2: Samsung AllShare PC - (SamsungAllShareV2.0) - C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
O23 - Service R2: Servizio A portata di clic di Microsoft Office - (ClickToRunSvc) - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe /service
O23 - Service R3: ESET Firewall Helper - (ekrnEpfw) - C:\Program Files\ESET\ESET Security\ekrn.exe
O23 - Service R3: Intel(R) Content Protection HECI Service - (cphs) - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service R3: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS - (ICCS) - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service S2: Servizio Aggiornamento Microsoft Edge (edgeupdate) - (edgeupdate) - C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /svc
O23 - Service S3: Logitech Bluetooth Service - (LBTServ) - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service S3: Microsoft Edge Elevation Service - (MicrosoftEdgeElevationService) - C:\Program Files (x86)\Microsoft\Edge\Application\80.0.361.57\elevation_service.exe
O23 - Service S3: Office 64 Source Engine - (ose64) - c:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
O23 - Service S3: SAMSUNG Mobile USB Connectivity Launcher - (ss_conn_launcher_service) - C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe
O23 - Service S3: Servizio Aggiornamento Microsoft Edge (edgeupdatem) - (edgeupdatem) - C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /medsvc
O23 - Service S3: Servizio Controllo rete di Microsoft Defender Antivirus - (WdNisSvc) - C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe
O23 - Service S3: Servizio Microsoft Defender Antivirus - (WinDefend) - C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe
O23 - Service S3: Servizio Windows Defender Advanced Threat Protection - (Sense) - C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe
O23 - Service S3: SimpleSlideShowServer - C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe

--
End of file - Time spent: 15 sec. - 79390 bytes, CRC32: FFFFFFFF. Sign: ︡簍

Importante Richiesta controllo Logfile of HijackThis (Versione 2.10.0.31) del 06/05/2023

lucpip

Digital-Forum Gold Master

ERCOLINO

lucpip

Digital-Forum Gold Master

Ryo Saeba

Digital-Forum Senior Master

ERCOLINO

Ryo Saeba

Digital-Forum Senior Master

ERCOLINO

carontel

Digital-Forum Senior Master

ERCOLINO

carontel

Digital-Forum Senior Master

carontel

Digital-Forum Senior Master

Ospite

ERCOLINO

carontel

Digital-Forum Senior Master

ERCOLINO

scarfacecik84

Digital-Forum Senior

George82

Digital-Forum Senior Plus

ERCOLINO

ERCOLINO

Ivymike

Digital-Forum Senior Master