Importante Richiesta controllo Logfile of HijackThis (Versione 2.10.0.31) del 06/05/2023

@ piripacchia

Quali problemi riscontri sul pc, visto che hai postato il log?

Sola verifica o altro?

Ricordo inoltre che l'ultima versione del programma la trovi all'intero del primo post, vedo che hai ancora la 2.0.5

Buonasera e grazie per avermi risposto!
Il mio computer è incredibilmente lento, inoltre domenica scorsa mi sono accorta che nel hkey_current_user c’era una strana cartella, nominata con una chiocciola e un carattere cinese. Dopo averla eliminata ho provveduto a scaricare Malwarebytes. Successivamente ho visto che nella cartella Program Files (x86) c’era la cartella Wondershare. Leggendo su internet ho visto che pare si tratti di un malware e in effetti ho avuto molte difficoltà ad eliminarlo da Program Files (x86), inoltre nonostante ho eliminato tutte le chiavi di sistema con quel nome, continuano a comparire in diverse cartelle del computer file collegati a Wondershare! Il fatto che né Avast né Malwarebytes ha rilevato Wondershare un po’ mi preoccupa...
Allora ho fatto il log ma non sapendolo analizzare l’ho postato qui

Benvenuto

Il log mi sembra ok.

Elimina cache e cookies dai browser, poi elimina il contenuto della cartella Temp

C:Windows/temp

ERCOLINO ha scritto:

Benvenuto

Il log mi sembra ok.

Elimina cache e cookies dai browser, poi elimina il contenuto della cartella Temp

C:Windows/temp

Clicca per espandere...

Grazie mille! Ho seguito il tuo consiglio
Nel mentre ho anche effettuato il log con la versione più recente di HiJackThis come consigliato da VIANELLO_85 ed sono usciti fuori molti più processi in esecuzione! Il log è questo

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Platform: x64 Windows 7 (Home Premium), 6.1.7601.24544, Service Pack: 1
Time: 31.07.2020 - 11:38 (UTC+02:00)
Language: OS: Italian (0x410). Display: Italian (0x410). Non-Unicode: Italian (0x410)
Elevated: Yes

Chrome: 84.0.4147.105
Firefox: 78.0.2.7494
Internet Explorer: 11.0.9600.19596
Default: "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Firefox)

Boot mode: Normal

Running processes:
Number | Path
1 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
1 C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
1 C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
1 C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
1 C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
1 C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
1 C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
1 C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
1 C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
1 C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
1 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
1 C:\Program Files (x86)\SafeExamBrowser\SebWindowsServiceWCF\SebWindowsServiceWCF.exe
1 C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe
1 C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
1 C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe
1 C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe
1 C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
1 C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe
1 C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
1 C:\Program Files (x86)\WinRAR\WinRAR.exe
1 C:\Program Files\AVAST Software\Avast\AvastSvc.exe
3 C:\Program Files\AVAST Software\Avast\AvastUI.exe
1 C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
1 C:\Program Files\AVAST Software\Avast\aswidsagent.exe
1 C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
1 C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
1 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
1 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
1 C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
1 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
1 C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
1 C:\Program Files\Intel\WiFi\bin\EvtEng.exe
1 C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
1 C:\Program Files\Intel\iCLS Client\HeciServer.exe
1 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
1 C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
1 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
1 C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe
1 C:\Program Files\Windows Media Player\wmpnetwk.exe
1 C:\Users\---\Downloads\HiJackThis.exe
1 C:\Windows\SysWOW64\irstrtsv.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\audiodg.exe
1 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\dwm.exe
1 C:\Windows\System32\escsvc64.exe
1 C:\Windows\System32\hkcmd.exe
1 C:\Windows\System32\igfxext.exe
1 C:\Windows\System32\igfxpers.exe
1 C:\Windows\System32\igfxsrvc.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\lsm.exe
2 C:\Windows\System32\rundll32.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
14 C:\Windows\System32\svchost.exe
3 C:\Windows\System32\taskeng.exe
1 C:\Windows\System32\taskhost.exe
1 C:\Windows\System32\wbem\WmiApSrv.exe
2 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wbem\unsecapp.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\System32\wlanext.exe
1 C:\Windows\explorer.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Default_Page_URL] = http://samsung.msn.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = http://samsung.msn.com/
O2 - HKLM\..\BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2-32 - HKLM\..\BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll
O2-32 - HKLM\..\BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - (no file)
O2-32 - HKLM\..\BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - HKLM\..\Toolbar: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - (no file)
O3-32 - HKLM\..\Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll
O4 - HKCU\..\Run: [Google Update] = C:\Users\---\AppData\Local\Google\Update\1.3.35.452\GoogleUpdateCore.exe
O4 - HKCU\..\Run: [ISUSPM] = C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler (file missing)
O4 - HKLM\..\Run: [AvastUI.exe] = C:\Program Files\AVAST Software\Avast\AvLaunch.exe /gui
O4 - HKLM\..\Run: [BLEServicesCtrl] = C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
O4 - HKLM\..\Run: [BTMTrayAgent] = C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
O4 - HKLM\..\Run: [ETDCtrl] = C:\Program Files\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [HotKeysCmds] = C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [IgfxTray] = C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [Persistence] = C:\windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
O4 - HKLM\..\Session Manager: [BootExecute] = (no file)
O4 - HKU\S-1-5-19\..\Run: [Sidebar] = C:\Program Files\Windows Sidebar\Sidebar.exe /autoRun (file missing)
O4 - HKU\S-1-5-20\..\Run: [Sidebar] = C:\Program Files\Windows Sidebar\Sidebar.exe /autoRun (file missing)
O4 - MSConfig\startupfolder: C:^Users^---^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk [backup] => C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe (2019/09/02)
O4 - MSConfig\startupreg: PDFPrint [command] = C:\Program Files (x86)\PDF24\pdf24.exe (HKLM) (2019/09/02)
O4-32 - HKLM\..\Run: [USB3MON] = C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\E&sporta in Microsoft Excel: (default) = C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE (file missing)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\I&nvia a OneNote: (default) = C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (file missing)
O9-32 - Button: HKLM\..\{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}: Inserisci blog - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9-32 - Tools menu item: HKLM\..\{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}: Pubblica su un &blog in Windows Live Writer - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O18 - HKLM\Software\Classes\Protocols\Handler\wlpg: [CLSID] = {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\00asw: avast - {472083B0-C522-11CF-8763-00608CC02F24} - C:\Program Files\AVAST Software\Avast\ashShell.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\00avast: avast - {472083B0-C522-11CF-8763-00608CC02F24} - C:\Program Files\AVAST Software\Avast\ashShell.dll
O22 - Task (.job): (Ready) ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job - C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe --domain-id 4e00205a-2ab1-4423-8f77-cc25b82cde1d --caller winlogon-impersonate
O22 - Task (.job): (Ready) ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job - C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe --domain-id 4e00205a-2ab1-4423-8f77-cc25b82cde1d --caller scheduler-impersonate
O22 - Task (.job): (Ready) Xerox PhotoCafe Communicator.job - C:\ProgramData\Xerox PhotoCafe\MessageCheck.exe
O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service R2: Avast Antivirus - (avast! Antivirus) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe /runassvc
O23 - Service R2: Bluetooth Device Monitor - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service R2: Bluetooth OBEX Service - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service R2: Diagnostics Tracking Service - (DiagTrack) - C:\windows\System32\svchost.exe -k utcsvc; "ServiceDll" = C:\windows\system32\diagtrack.dll
O23 - Service R2: Epson Scanner Service - (EpsonScanSvc) - C:\windows\system32\EscSvc64.exe
O23 - Service R2: ExpressCache - C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
O23 - Service R2: HuaweiHiSuiteService64.exe - C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe -/service
O23 - Service R2: Intel(R) Capability Licensing Service Interface - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service R2: Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service - (BTHSSecurityMgr) - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service R2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service R2: Intel(R) ME Service - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service R2: Intel(R) Management and Security Application Local Management Service - (LMS) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service R2: Intel(R) Management and Security Application User Notification Service - (UNS) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service R2: Intel(R) PROSet/Wireless Event Log - (EvtEng) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service R2: Intel(R) PROSet/Wireless Registry Service - (RegSrvc) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service R2: Intel(R) PROSet/Wireless Zero Configuration Service - (ZeroConfigService) - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
O23 - Service R2: Intel(R) Rapid Start Technology Service - (irstrtsv) - C:\windows\SysWOW64\irstrtsv.exe
O23 - Service R2: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service - (AMPPALR3) - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service R2: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service R2: SEB Windows Service - (SebWindowsServiceWCF) - C:\Program Files (x86)\SafeExamBrowser\SebWindowsServiceWCF\SebWindowsServiceWCF.exe
O23 - Service R2: SamsungDeviceConfiguration - (SamsungDeviceConfigurationWinService) - C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe
O23 - Service R2: SeaPort - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
O23 - Service R2: Servizio A portata di clic di Microsoft Office - (ClickToRunSvc) - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe /service
O23 - Service R3: Bluetooth Media Service - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service R3: aswbIDSAgent - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service S2: Servizio Aggiornamento Microsoft Edge (edgeupdate) - (edgeupdate) - C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /svc
O23 - Service S3: Adobe Flash Player Update Service - (AdobeFlashPlayerUpdateSvc) - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service S3: Bing Bar Update Service - (BBSvc) - C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
O23 - Service S3: GameConsoleService - C:\Program Files (x86)\WildGames\Game Console - WildGames\GameConsoleService.exe
O23 - Service S3: Intel(R) Content Protection HECI Service - (cphs) - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service S3: Microsoft Edge Elevation Service (MicrosoftEdgeElevationService) - (MicrosoftEdgeElevationService) - C:\Program Files (x86)\Microsoft\Edge\Application\83.0.478.50\elevation_service.exe
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service S3: Office 64 Source Engine - (ose64) - c:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
O23 - Service S3: Servizio Aggiornamento Microsoft Edge (edgeupdatem) - (edgeupdatem) - C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /medsvc
O23 - Service S3: Wireless PAN DHCP Server - (MyWiFiDHCPDNS) - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe


--
End of file - Time spent: 76,9 sec. - 28202 bytes, CRC32: FFFFFFFF. Sign: ɍ幔

Il log mi pare regolare, Dal log intravedo che è da aggiornare firefox, alla 79.0, e open office fermo alla 3.4.1, siamo alla 4.1.7

VIANELLO_85 ha scritto:

Il log mi pare regolare, Dal log intravedo che è da aggiornare firefox, alla 79.0, e open office fermo alla 3.4.1, siamo alla 4.1.7

Clicca per espandere...

In realtà si tratta del computer di mia sorella...diciamo che non fa molto caso a queste cose
Grazie mille!!!! Procederò ad aggiornare tutti i programmi

Su softpedia e majorgeeks c'è la nuova versione HiJackThis Fork 2.9.26.0 rilasciata l'8 agosto,
si può scaricare da lì o meglio attendere?

Vedi link presente in prima pagina, già da un'occhiata veloce è la versione da te indicata.

Aggiornato HiJackThis alla nuova versione 2.9.0.26

Change log 2.9.0.26

Le novitá rispetto alla precedente versione 2.9.0.18

Salve ho un piccolo problema quando riavvio il pc mi apre in automatico chrome e appare una pagina protectbrowser che me ne apre subito un altra contenente pubblicità da cosa può dipendere?
ho provato a cancellare chrome e ad usare altri browser ma il problema persiste
grazie

questo è il mio file log

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.26

Platform: x64 Windows 10 (Home), 10.0.18363.1016 (ReleaseId: 1909), Service Pack: 0
Time: 25.08.2020 - 12:51 (UTC+02:00)
Language: OS: Italian (0x410). Display: Italian (0x410). Non-Unicode: Italian (0x410)
Elevated: Yes
Ran by: loren (group: Administrator) on DESKTOP-1VGO4HB, FirstRun: yes

Chrome: 84.0.4147.135
Edge: 11.0.18362.1016
Internet Explorer: 11.0.18362.1
Default: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
1 C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
1 C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
1 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
1 C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
1 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
7 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
1 C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
1 C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
1 C:\Program Files (x86)\HP\HP CoolSense\CoolSense.exe
1 C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
1 C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe
1 C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
1 C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
1 C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe
1 C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
1 C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
1 C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
1 C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe
1 C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
1 C:\Program Files\Bonjour\mDNSResponder.exe
1 C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
1 C:\Program Files\HPCommRecovery\HPCommRecovery.exe
1 C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
1 C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
1 C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
1 C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
1 C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
1 C:\Program Files\WindowsApps\Microsoft.WindowsStore_12008.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
1 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20071.95.0_x64__8wekyb3d8bbwe\YourPhone.exe
1 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13110.41006.0_x64__8wekyb3d8bbwe\HxTsr.exe
1 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13110.41006.0_x64__8wekyb3d8bbwe\commsapps.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2007.8-0\MsMpEng.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2007.8-0\NisSrv.exe
1 C:\Users\loren\Downloads\HiJackThis\HiJackThis.exe
1 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
1 C:\Windows\RtkBtManServ.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
1 C:\Windows\System32\CxAudioSvc.exe
1 C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_d52c63e0e1c02c96\jhi_service.exe
1 C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_120314e52c04567c\RstMwService.exe
1 C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_1244e13de260a91d\lib\SocketHeciServer.exe
1 C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1c41cc68747d972b\IntelCpHDCPSvc.exe
1 C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1c41cc68747d972b\IntelCpHeciSvc.exe
1 C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1c41cc68747d972b\igfxCUIService.exe
1 C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1c41cc68747d972b\igfxEM.exe
1 C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_bff7913eb62bbf90\aesm_service.exe
1 C:\Windows\System32\Intel\DPTF\esif_uf.exe
2 C:\Windows\System32\RtkAudUService64.exe
10 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SECOMN64.exe
1 C:\Windows\System32\SearchFilterHost.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SecurityHealthSystray.exe
1 C:\Windows\System32\SettingSyncHost.exe
1 C:\Windows\System32\SgrmBroker.exe
1 C:\Windows\System32\SynAudSrv.exe
1 C:\Windows\System32\SynTPEnh.exe
1 C:\Windows\System32\SynTPEnhService.exe
2 C:\Windows\System32\WUDFHost.exe
1 C:\Windows\System32\audiodg.exe
2 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
2 C:\Windows\System32\dasHost.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
1 C:\Windows\System32\sppsvc.exe
90 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\usocoreworker.exe
1 C:\Windows\System32\wbem\WMIADAP.exe
1 C:\Windows\System32\wbem\WmiApSrv.exe
2 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\System32\wlanext.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\explorer.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Default_Page_URL] = http://hp17win10.msn.com/?pc=HCTE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = http://google.it/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main: [Default_Page_URL] = http://hp17win10.msn.com/?pc=HCTE
R0 - HKLM\Software\Microsoft\Internet Explorer\Main: [Start Page] = http://hp17win10.msn.com/?pc=HCTE
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{DC8A0C5C-22AD-4339-80F9-BB17DFF0E1BA}: [SuggestionsURL] = http://asp.assoc-amazon.co.uk/suggestions?q={searchTerms}&t=hp-uk1-vsb-21 - Amazon (UK) Search Suggestions
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{DC8A0C5C-22AD-4339-80F9-BB17DFF0E1BA}: [SuggestionsURL_JSON] = http://completion.amazon.co.uk/search/complete?method=completion&q={searchTerms}&search-alias=aps&client=amzn-search-suggestions/9fe582406fb5106f343a84083d78795713c12d68&mkt=3 - Amazon (UK) Search Suggestions
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{DC8A0C5C-22AD-4339-80F9-BB17DFF0E1BA}: = http://www.amazon.co.uk/s/ref=az... sec. - 41164 bytes, CRC32: FFFFFFFF. Sign: 貙

Ho qualche sospetto su queste due stringhe

O4 - HKCU\..\Run: [loren] = C:\WINDOWS\explorer.exe h.ttp://exinariuminix.info
O22 - Task: loren - C:\WINDOWS\system32\cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Run /f /v loren /t REG_SZ /d "explorer.exe htt.p://exinariuminix.info"

Visto che mettendo il link su google viene fuori qualche risultato sospetto.
Vedi qui
https://www.bugsfighter.com/it/remove-exinariuminix-info-ads/

dopo aver seguito le tue indicazioni e dopo un po di riavvii il problema sembra essere scomparso
grazie mille

Bene

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.26

Platform: x64 Windows 10 (Home), 10.0.19041.450 (ReleaseId: 2004), Service Pack: 0
Time: 25.08.2020 - 17:29 (UTC+02:00)
Language: OS: Italian (0x410). Display: Italian (0x410). Non-Unicode: Italian (0x410)
Elevated: Yes
Ran by: Gingy (group: Administrator) on GINGY, FirstRun: yes

Chrome: 84.0.4147.135
Firefox: 80.0.0.7535
Edge: 11.0.19041.423
Internet Explorer: 11.0.19041.1
Default: "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Firefox)

Boot mode: Normal

Running processes:
Number | Path
2 C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe
1 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
1 C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
1 C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
1 C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
1 C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
8 C:\Program Files\Mozilla Firefox\firefox.exe
1 C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
1 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
1 C:\Program Files\SUPERAntiSpyware\SASCore64.exe
1 C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2005.23.0_x64__8wekyb3d8bbwe\Calculator.exe
1 C:\Program Files\WindowsApps\Microsoft.WindowsStore_12008.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
1 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20081.116.0_x64__8wekyb3d8bbwe\YourPhone.exe
1 C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.4-0\MsMpEng.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.4-0\NisSrv.exe
1 C:\Users\Gingy\Desktop\HiJackThis.exe
1 C:\Windows\ImmersiveControlPanel\SystemSettings.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
1 C:\Windows\System32\BtwRSupportService.exe
1 C:\Windows\System32\CompPkgSrv.exe
7 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchFilterHost.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SecurityHealthSystray.exe
1 C:\Windows\System32\SettingSyncHost.exe
1 C:\Windows\System32\SgrmBroker.exe
1 C:\Windows\System32\SystemSettingsBroker.exe
1 C:\Windows\System32\audiodg.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
1 C:\Windows\System32\dasHost.exe
2 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\lsass.exe
2 C:\Windows\System32\nvvsvc.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
75 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\InputApp\TextInputHost.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
1 C:\Windows\explorer.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = www.google.com
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ACF88A4-6FF2-4769-8E55-FBD615B8BD86}: = http://www.google.it/#hl=it&sour...sec. - 23776 bytes, CRC32: FFFFFFFF. Sign: 竬渪

@gingy

Togli tutti gli 015

Quali problemi riscontri?

VIANELLO_85 ha scritto:

@gingy

Togli tutti gli 015

Quali problemi riscontri?

Clicca per espandere...

Ciao, ho seguito il tuo consiglio rimuovendo tutti gli 015. Da un pò di tempo riscontro schermate blu di errore (BSOD) e spegnimenti improvvisi del notebook. Sarà che ho un PC di 10 anni fa upgradato con 8 GB di RAM, SSD e l'installazione di Windows 10 fatta al tempo dell'upgrade gratuito da Windows 7.

Direi che quei 015 non portano allo spegnimento del pc.
Controllerei le temperature del pc e nel caso effettuerei una pulizia delle ventole, se fattibile.

Ti consiglio, se non lo hai già fatto, di aprire una discussione dedicata

A causa di rallentamento del sistema operativo, chiedo gentilmente se mi analizzate questo log del mio pc, grazie:
Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.26

Platform: x64 Windows 10 (Pro), 10.0.19041.450 (ReleaseId: 2004), Service Pack: 0
Time: 25.08.2020 - 22:12 (UTC+02:00)
Language: OS: Italian (0x410). Display: Italian (0x410). Non-Unicode: Italian (0x410)
Elevated: Yes
Ran by: d80di (group: Administrator) on DESKTOP-IQ6DAQG, FirstRun: no

Chrome: 85.0.4183.83
Firefox: 80.0.0.7535
Edge: 11.0.19041.423
Internet Explorer: 11.0.19041.1
Default: "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Firefox)

Boot mode: Normal

Running processes:
Number | Path
1 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 20.0\avp.exe
1 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 20.0\avpui.exe
7 C:\Program Files\Mozilla Firefox\firefox.exe
1 C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
1 C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
1 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20071.100.0_x64__8wekyb3d8bbwe\YourPhone.exe
1 C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.20032.16211.0_x64__8wekyb3d8bbwe\Video.UI.exe
1 C:\Users\d80di\AppData\Local\Vivaldi\Application\update_notifier.exe
1 C:\Users\d80di\Desktop\HiJackThis.exe
1 C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
1 C:\Windows\System32\CompPkgSrv.exe
1 C:\Windows\System32\DriverStore\FileRepository\c0357776.inf_amd64_a6b775fc46387daa\B357669\atieclxx.exe
1 C:\Windows\System32\DriverStore\FileRepository\c0357776.inf_amd64_a6b775fc46387daa\B357669\atiesrxx.exe
6 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SettingSyncHost.exe
1 C:\Windows\System32\SgrmBroker.exe
1 C:\Windows\System32\audiodg.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
1 C:\Windows\System32\dasHost.exe
1 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
75 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\InputApp\TextInputHost.exe
1 C:\Windows\V0330Mon.exe
1 C:\Windows\explorer.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = www.google.com
O2 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\84.0.522.63\BHO\ie_to_edge_bho_64.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_261\bin\jp2ssv.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_261\bin\ssv.dll
O2 - HKLM\..\BHO: ScriptInjectionPluginBrowserHelperObject - {9F904093-6E18-4536-BF5F-B03689CF00F0} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 20.0\x64\IEExt\ie_plugin.dll
O2-32 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\84.0.522.63\BHO\ie_to_edge_bho.dll
O2-32 - HKLM\..\BHO: ScriptInjectionPluginBrowserHelperObject - {9F904093-6E18-4536-BF5F-B03689CF00F0} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 20.0\IEExt\ie_plugin.dll
O3 - HKLM\..\Toolbar: Kaspersky Protection Toolbar - {EF293C5A-9F37-49FD-91C4-2B867063FC54} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 20.0\x64\IEExt\ie_plugin.dll
O3-32 - HKLM\..\Toolbar: Kaspersky Protection Toolbar - {EF293C5A-9F37-49FD-91C4-2B867063FC54} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 20.0\IEExt\ie_plugin.dll
O4 - HKCU\..\Run: [Vivaldi Update Notifier] = C:\Users\d80di\AppData\Local\Vivaldi\Application\update_notifier.exe
O4 - HKCU\..\StartupApproved\Run: [Opera Browser Assistant] = C:\Users\d80di\AppData\Local\Programs\Opera\assistant\browser_assistant.exe (2020/05/26)
O4 - HKLM\..\StartupApproved\Run: [RtHDVCpl] = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s (2018/11/08)
O4 - HKLM\..\StartupApproved\Run: [SecurityHealth] = C:\WINDOWS\system32\SecurityHealthSystray.exe (2019/05/23)
O4-32 - HKLM\..\Run: [V0330Mon.exe] = C:\WINDOWS\V0330Mon.exe
O17 - DHCP DNS 1: 192.168.1.254
O21 - HKLM\..\ShellIconOverlayIdentifiers\
MEGA (Pending): (no name) - {056D528D-CE28-4194-9BA3-BA2E9197FF8C} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\
MEGA (Synced): (no name) - {05B38830-F4E9-4329-978B-1DD28605D202} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\
MEGA (Syncing): (no name) - {0596C850-7BDD-4C9D-AFDF-873BE6890637} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\00asw: (no name) - {472083B0-C522-11CF-8763-00608CC02F24} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\
MEGA (Pending): (no name) - {056D528D-CE28-4194-9BA3-BA2E9197FF8C} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\
MEGA (Synced): (no name) - {05B38830-F4E9-4329-978B-1DD28605D202} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\
MEGA (Syncing): (no name) - {0596C850-7BDD-4C9D-AFDF-873BE6890637} - (no file)
O22 - Task (.job): (Not scheduled) TrackerAutoUpdate.job - C:\Program Files\Tracker Software\Update\TrackerUpdate.exe -CheckUpdate
O22 - Task (.job): (disabled) (Not scheduled) CreateExplorerShellUnelevatedTask.job - C:\WINDOWS\explorer.exe /NOUACCHECK
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\WINDOWS\system32\MusNotification.exe /RunOnAC Reboot (Microsoft)
O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\WINDOWS\system32\MusNotification.exe /RunOnBattery Reboot (Microsoft)
O22 - Task: (disabled) AMSkipUAC - C:\Program Files\Zemana AntiMalware\AntiMalware.exe /SKIPUAC
O22 - Task: (disabled) CCleaner Update - C:\Program Files\CCleaner\CCUpdate.exe
O22 - Task: (disabled) Opera scheduled Autoupdate 1541599312 - C:\Users\d80di\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0)
O22 - Task: (disabled) Opera scheduled assistant Autoupdate 1582042054 - C:\Users\d80di\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate --component-name=assistant --component-path="C:\Users\d80di\AppData\Local\Programs\Opera\assistant" $(Arg0)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Shell\FamilySafetyMonitorToastTask - {D2CBF5F7-5702-440B-8D8F-8203034A6B82},$(Arg0) - (no file)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\WINDOWS\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: (disabled) \S-1-5-21-2186422160-4022518713-3623572979-1001\DataSenseLiveTileTask - C:\WINDOWS\System32\DataUsageLiveTileTask.exe
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: (update) \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\WINDOWS\system32\MusNotification.exe (Microsoft)
O22 - Task: AMHelper - C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe /UPDATE
O22 - Task: Adobe Flash Player NPAPI Notifier - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_414_Plugin.exe -check plugin
O22 - Task: Adobe Flash Player Updater - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O22 - Task: CCleanerSkipUAC - C:\Program Files\CCleaner\CCleaner.exe $(Arg0)
O22 - Task: GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Task: GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Task: Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} - C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe /waitUpgrade
O22 - Task: Maxthon Update - C:\Program Files (x86)\Maxthon\Bin\MxStart.exe -RunScheduledUpdate
O22 - Task: TrackerAutoUpdate - C:\Program Files\Tracker Software\Update\TrackerUpdate.exe -CheckUpdate
O22 - Task: \Avast Software\Overseer - C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe /from_scheduler:1
O22 - Task: \Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB - C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
O23 - Service R2: AMD External Events Utility - C:\WINDOWS\System32\DriverStore\FileRepository\c0357776.inf_amd64_a6b775fc46387daa\B357669\atiesrxx.exe
O23 - Service R2: Kaspersky Anti-Virus Service 20.0 - (AVP20.0) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 20.0\avp.exe -r
O23 - Service R2: Realtek Audio Service - (RtkAudioService) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service S2: Servizio Google Update (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: Adobe Flash Player Update Service - (AdobeFlashPlayerUpdateSvc) - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service S3: CorsairSSDTool - (CorsairSSDToolBox) - C:\Program Files (x86)\Corsair SSD Toolbox\CSSDTService.exe
O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\85.0.4183.83\elevation_service.exe
O23 - Service S3: Kaspersky Volume Shadow Copy Service Bridge. 20.0 - (klvssbridge64_20.0) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 20.0\x64\vssbridge64.exe
O23 - Service S3: Launcher Service: player - (player) - C:\ProgramData\playersclub\LaunchServ.exe
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service S3: Servizio Google Update (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Wondershare Application Framework Service - (WsAppService) - C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppService.exe


--
End of file - Time spent: 11,3 sec. - 23190 bytes, CRC32: FFFFFFFF. Sign: ᾩ

Il log mi sembra ok

Fai pulizia dei file della cartella Temp

Quel zemana a che ti serve?

Non installater inutilmente 200 programmi che hanno funzioni antimalware ecc.....

Si richiano solo casini e rallentamenti