Problema PC: Chiavetta USB infetta?

Shark81 · 5 Dicembre 2023

O22 - Tasks: \AVAST Software\Avast settings backup - C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs (file missing)
O22 - Tasks: \Microsoft\Windows\AppListBackup\BackupNonMaintenance - {E0DCC2CC-3354-45F2-8914-519E07809082} - C:\WINDOWS\system32\AppListBackupLauncher.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\CloudRestore\Backup - {722D0F89-B69C-4700-AE8C-4A44350E4876},$(Arg0) - C:\WINDOWS\System32\CloudRestoreLauncher.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\ConsentUX\UnifiedConsent\UnifiedConsentSyncTask - {82aa0895-198a-4c1b-b2d1-c16894218afb} - C:\WINDOWS\System32\unifiedconsent.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\MobilePC\HotStart - {06DA0625-9701-43DA-BFD7-FBEEA2180A1E} - (no file)
O22 - Tasks: \Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler - {5AA199A0-1CED-43A5-9B85-3226086738A3} - (no file)
O22 - Tasks: \Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor - {EA9155A3-8A39-40B4-8963-D3C761B18371} - (no file)
O22 - Tasks: \Microsoft\Windows\SideShow\GadgetManager - {FF87090D-4A9A-4F47-879B-29A80C355D61},$(Arg0) - (no file)
O22 - Tasks: \Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task - {BF6C1E47-86EC-4194-9CE5-13C15DCB2001},IdleSyncMaintenance - (no file)
O22 - Tasks: \Microsoft\Windows\SkyDrive\Routine Maintenance Task - {1B1F472E-3221-4826-97DB-2C2324D389AE},RoutineMaintenance - (no file)
O22 - Tasks: \Microsoft\Windows\WindowsUpdate\Refresh Group Policy Cache - {07369A67-07A6-4608-ABEA-379491CB7C46} - C:\Windows\System32\UpdatePolicy.dll (sign: 'Microsoft')
O22 - Tasks: \Mozilla\Firefox Default Browser Agent E7CF176E110C211B - C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B" (sign: 'Mozilla Corporation')
O22 - Tasks: \Toshiba\CommonNotifier - C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe (sign: 'Toshiba Europe GmbH')
O22 - Tasks: {E65FA2E5-B185-4A9C-8549-7D45F317EF6D} - C:\windows\system32\pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{758C8301-2696-4855-AF45-534B1200980A}\setup.exe" -c -runfromtemp -l0x0409 -removeonly (sign: 'Microsoft')
O22 - Tasks: Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (sign: 'Adobe Inc.')
O22 - Tasks: CCleaner Update - C:\Program Files\CCleaner\CCUpdate.exe (sign: 'PIRIFORM SOFTWARE LIMITED')
O22 - Tasks: CCleanerCrashReporting - C:\Program Files\CCleaner\CCleanerBugReport.exe --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "bbece037-cd46-4caf-b3a5-006541453320" --version "6.11.10455" --silent (sign: 'PIRIFORM SOFTWARE LIMITED')
O22 - Tasks: CCleanerSkipUAC - Crotone1 - C:\Program Files\CCleaner\CCleaner.exe $(Arg0) (sign: 'PIRIFORM SOFTWARE LIMITED')
O22 - Tasks: EPSON XP-225 Series Update {CD2A4DA0-9593-4396-B625-CD02778F6DD7} - C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNFE.EXE /EXE:"{CD2A4DA0-9593-4396-B625-CD02778F6DD7}" /F:"Update" (sign: 'SEIKO EPSON CORPORATION')
O22 - Tasks: FacebookUpdateTaskUserS-1-5-21-3212974350-4222326917-2881284299-1001Core - C:\Users\Crotone1\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver (sign: 'Facebook, Inc.')
O22 - Tasks: FacebookUpdateTaskUserS-1-5-21-3212974350-4222326917-2881284299-1001UA - C:\Users\Crotone1\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler (sign: 'Facebook, Inc.')
O22 - Tasks: G2MUpdateTask-S-1-5-21-3212974350-4222326917-2881284299-1001 - C:\Users\Crotone1\AppData\Local\GoToMeeting\19950\g2mupdate.exe (sign: 'LogMeIn, Inc.')
O22 - Tasks: G2MUploadTask-S-1-5-21-3212974350-4222326917-2881284299-1001 - C:\Users\Crotone1\AppData\Local\GoToMeeting\19950\g2mupload.exe (sign: 'LogMeIn, Inc.')
O22 - Tasks: GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c (sign: 'Google Inc')
O22 - Tasks: GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler (sign: 'Google Inc')
O22 - Tasks: Synaptics TouchPad Enhancements - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (sign: 'Synaptics Incorporated')
O22 - Tasks_Migrated: (disabled) (telemetry) \Microsoft\Windows\IME\SQM data sender - {CCB1D8CB-D39F-41C9-B793-0196214BDC4E} - C:\Windows\System32\IME\shared\imecfm.dll (sign: 'Microsoft')
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Shell\FamilySafetyMonitorToastTask - {D2CBF5F7-5702-440B-8D8F-8203034A6B82},$(Arg0) - (no file)
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Shell\FamilySafetyUpload - {EBF00FCB-0769-4B81-9BEC-6C05514111AA},4 - (no file)
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\SideShow\AutoWake - {E51DFD48-AA36-4B45-BB52-E831F02E8316} - (no file)
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\SideShow\SessionAgent - {45F26E9E-6199-477F-85DA-AF1EDFE067B1} - (no file)
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\SideShow\SystemDataProviders - {7CCA6768-8373-4D28-8876-83E8B4E3A969} - (no file)
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\WindowsUpdate\AUFirmwareInstall - {EFF7F153-1C97-417A-B633-FEDE6683A939} - C:\WINDOWS\system32\wuaueng.dll (sign: 'Microsoft')
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Workplace Join\Automatic-Workplace-Join - C:\WINDOWS\System32\AutoWorkplace.exe join (file missing)
O22 - Tasks_Migrated: (disabled) \S-1-5-21-3212974350-4222326917-2881284299-1001\DataSenseLiveTileTask - C:\WINDOWS\System32\DataUsageLiveTileTask.exe (sign: 'Microsoft')
O22 - Tasks_Migrated: (disabled) \Toshiba\Service Station - C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe /hide (sign: 'TOSHIBA CORPORATION')
O22 - Tasks_Migrated: (telemetry) \Microsoft\Windows\Customer Experience Improvement Program\BthSQM - {C8367320-6F85-11E0-A1F0-0800200C9A66},SYSTEM - C:\WINDOWS\System32\BthTelemetry.dll (sign: 'Microsoft')
O22 - Tasks_Migrated: \AVAST Software\Avast settings backup - C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs (file missing)
O22 - Tasks_Migrated: \AVAST Software\Overseer - C:\Program Files\Common Files\avast software\overseer\overseer.exe /from_scheduler:1 (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Diagnosis\RecommendedTroubleshootingScanner - C:\WINDOWS\system32\mitigationscanner.exe (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\MobilePC\HotStart - {06DA0625-9701-43DA-BFD7-FBEEA2180A1E} - (no file)
O22 - Tasks_Migrated: \Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler - {5AA199A0-1CED-43A5-9B85-3226086738A3} - (no file)
O22 - Tasks_Migrated: \Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor - {EA9155A3-8A39-40B4-8963-D3C761B18371} - (no file)
O22 - Tasks_Migrated: \Microsoft\Windows\SideShow\GadgetManager - {FF87090D-4A9A-4F47-879B-29A80C355D61},$(Arg0) - (no file)
O22 - Tasks_Migrated: \Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task - {BF6C1E47-86EC-4194-9CE5-13C15DCB2001},IdleSyncMaintenance - (no file)
O22 - Tasks_Migrated: \Microsoft\Windows\SkyDrive\Routine Maintenance Task - {1B1F472E-3221-4826-97DB-2C2324D389AE},RoutineMaintenance - (no file)
O22 - Tasks_Migrated: \Microsoft\Windows\SMB\UninstallSMB1ClientTask - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Client" (sign: '')
O22 - Tasks_Migrated: \Microsoft\Windows\SMB\UninstallSMB1ServerTask - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Server" (sign: '')
O22 - Tasks_Migrated: \Mozilla\Firefox Default Browser Agent E7CF176E110C211B - C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B" (sign: 'Mozilla Corporation')
O22 - Tasks_Migrated: \Toshiba\CommonNotifier - C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe (sign: 'Toshiba Europe GmbH')
O22 - Tasks_Migrated: {E65FA2E5-B185-4A9C-8549-7D45F317EF6D} - C:\windows\system32\pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{758C8301-2696-4855-AF45-534B1200980A}\setup.exe" -c -runfromtemp -l0x0409 -removeonly (sign: 'Microsoft')
O22 - Tasks_Migrated: Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (sign: 'Adobe Inc.')
O22 - Tasks_Migrated: Adobe Flash Player NPAPI Notifier - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_445_Plugin.exe -check plugin (file missing)
O22 - Tasks_Migrated: Adobe Flash Player Updater - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (file missing)
O22 - Tasks_Migrated: Avast Emergency Update - C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (file missing)
O22 - Tasks_Migrated: CCleaner Update - C:\Program Files\CCleaner\CCUpdate.exe (sign: 'PIRIFORM SOFTWARE LIMITED')
O22 - Tasks_Migrated: CCleanerSkipUAC - C:\Program Files\CCleaner\CCleaner.exe $(Arg0) (sign: 'PIRIFORM SOFTWARE LIMITED')
O22 - Tasks_Migrated: EPSON XP-225 Series Update {CD2A4DA0-9593-4396-B625-CD02778F6DD7} - C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNFE.EXE /EXE:"{CD2A4DA0-9593-4396-B625-CD02778F6DD7}" /F:"Update" (sign: 'SEIKO EPSON CORPORATION')
O22 - Tasks_Migrated: FacebookUpdateTaskUserS-1-5-21-3212974350-4222326917-2881284299-1001Core - C:\Users\Crotone1\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver (sign: 'Facebook, Inc.')
O22 - Tasks_Migrated: FacebookUpdateTaskUserS-1-5-21-3212974350-4222326917-2881284299-1001UA - C:\Users\Crotone1\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler (sign: 'Facebook, Inc.')
O22 - Tasks_Migrated: G2MUpdateTask-S-1-5-21-3212974350-4222326917-2881284299-1001 - C:\Users\Crotone1\AppData\Local\GoToMeeting\18962\g2mupdate.exe (file missing)
O22 - Tasks_Migrated: G2MUploadTask-S-1-5-21-3212974350-4222326917-2881284299-1001 - C:\Users\Crotone1\AppData\Local\GoToMeeting\18962\g2mupload.exe (file missing)
O22 - Tasks_Migrated: GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c (sign: 'Google Inc')
O22 - Tasks_Migrated: GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler (sign: 'Google Inc')
O22 - Tasks_Migrated: OneDrive Standalone Update Task-S-1-5-21-3212974350-4222326917-2881284299-1001 - C:\Users\Crotone1\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (file missing)
O22 - Tasks_Migrated: Synaptics TouchPad Enhancements - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (sign: 'Synaptics Incorporated')
O23 - Service R2: "Realtek Bluetooth Device Manager Service" ;RtkServ HPWU - (RtkBtManServ) - C:\WINDOWS\RtkBtManServ.exe (sign: 'Microsoft')
O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (sign: 'Adobe Inc.')
O23 - Service R2: Adobe Creative Cloud Experience Node - (adobecreativecloudexperiencenode.exe) - C:\ProgramData\Adobe\Creative Cloud Experience Node\node_modules\loader-module\daemon\adobecreativecloudexperiencenode.exe (not signed)
O23 - Service R2: AK910SwitchService - C:\Program Files (x86)\AK910SwitchService\svc\AK910SwitchService.exe (not signed)
O23 - Service R2: AMD External Events Utility - C:\WINDOWS\system32\atiesrxx.exe (sign: 'Microsoft')
O23 - Service R2: DSDWirelessLEDCtlService - C:\WINDOWS\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_5df7e0d31a7e7230\RMService.exe (sign: 'Microsoft')
O23 - Service R2: dynabook Function Key control service - (DSDFunctionKeyCtlService) - C:\WINDOWS\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_5df7e0d31a7e7230\DSDFunctionKeyCtlService.exe (sign: 'Microsoft')
O23 - Service R2: Epson Scanner Service - (EpsonScanSvc) - C:\WINDOWS\system32\EscSvc64.exe (sign: 'SEIKO EPSON Corporation')
O23 - Service R2: GFNEX Service - (GFNEXSrv) - C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe (not signed)
O23 - Service R2: Intel(R) Capability Licensing Service Interface - C:\Program Files\Intel\iCLS Client\HeciServer.exe (sign: 'Intel® Upgrade Service')
O23 - Service R2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (sign: 'Intel Corporation')
O23 - Service R2: Intel(R) Management and Security Application Local Management Service - (LMS) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (sign: 'Intel Corporation')
O23 - Service R2: Intel(R) Management and Security Application User Notification Service - (UNS) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (sign: 'Intel Corporation')
O23 - Service R2: Intel(R) ME Service - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (sign: 'Intel Corporation')
O23 - Service R2: Machine Debug Manager - (MDM) - C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe (not signed)
O23 - Service R2: Nero Update - (NAUpdate) - C:\Program Files (x86)\Nero\Update\NASvc.exe (sign: 'Nero AG')
O23 - Service R2: Realtek Audio Service - (RtkAudioService) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (sign: 'Realtek Semiconductor Corp')
O23 - Service R2: SynTPEnh Caller Service - (SynTPEnhService) - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (sign: 'Synaptics Incorporated')
O23 - Service R2: TeamViewer - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (sign: 'TeamViewer Germany GmbH')
O23 - Service R2: TOSHIBA eco Utility Service - C:\Program Files\TOSHIBA\Teco\TecoService.exe (sign: 'TOSHIBA CORPORATION')
O23 - Service R2: TOSHIBA Optical Disc Drive Service - (TODDSrv) - C:\Windows\system32\TODDSrv.exe (sign: 'TOSHIBA CORPORATION')
O23 - Service R2: Wondershare Application Framework Service - (WsAppService) - C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe (sign: 'Wondershare Technology Co.,Ltd')
O23 - Service R3: TPCH Service - (TPCHSrv) - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe (sign: 'TOSHIBA CORPORATION')
O23 - Service S2: AvastWscReporter - C:\Program Files\AVAST Software\Avast\wsc_proxy.exe /runassvc /rpcserver (file missing)
O23 - Service S2: DSDTabletControlService - C:\WINDOWS\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_5df7e0d31a7e7230\DSDTabSysSvc.exe (sign: 'Microsoft')
O23 - Service S2: dynabookSettingService - C:\WINDOWS\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_5df7e0d31a7e7230\dynabookSystemService.exe (sign: 'Microsoft')
O23 - Service S2: Servizio Aggiornamento Microsoft Edge (edgeupdate) - (edgeupdate) - C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /svc (sign: 'Microsoft')
O23 - Service S2: Servizio Google Update (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc (sign: 'Google Inc')
O23 - Service S2: TSDSettingService - C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_5be63eebe47f1577\dynabookSystemService.exe (sign: 'Microsoft')
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\119.0.6045.200\elevation_service.exe (sign: 'Google LLC')
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (sign: 'Mozilla Corporation')
O23 - Service S3: Servizio Aggiornamento Microsoft Edge (edgeupdatem) - (edgeupdatem) - C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /medsvc (sign: 'Microsoft')
O23 - Service S3: Servizio Google Update (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc (sign: 'Google Inc')
O23 - Service S3: TEMPRO Service - (TemproMonitoringService) - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe (sign: 'Toshiba Europe GmbH')
O23 - Service S3: TMachInfo - C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe (sign: 'TOSHIBA CORPORATION')
O23 - Driver R0: AMD PCI Root Bus Lower Filter - (amdkmpfd) - C:\WINDOWS\System32\drivers\amdkmpfd.sys (+safe mode) (sign: 'Advanced Micro Devices, Inc.')
O23 - Driver R0: dynabook ACPI-Based Value Added Logical and General Purpose Device Driver - (DVALZ_O) - C:\WINDOWS\System32\drivers\DVALZ_O.SYS (sign: 'Dynabook Inc.')
O23 - Driver R0: iaStorA - C:\WINDOWS\System32\drivers\iaStorA.sys (sign: 'Intel Corporation')
O23 - Driver R0: TOSHIBA tos_sps64 Service - (tos_sps64) - C:\WINDOWS\System32\drivers\tos_sps64.sys (sign: 'TOSHIBA CORPORATION')
O23 - Driver R1: dynabook Service Control Driver - (dsrvctldrv) - C:\WINDOWS\System32\drivers\dsrvctldrv.sys (sign: 'Dynabook Inc.')
O23 - Driver R1: dynabook Service Control Driver - (TosSrvCtlDrv) - C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_5be63eebe47f1577\TosSrvCtlDrv.sys (sign: 'Dynabook Inc.')
O23 - Driver R2: PEGAGFN - C:\Program Files (x86)\TOSHIBA\Password Utility\PEGAGFN.sys (sign: 'PEGATRON CORPORATION')
O23 - Driver R2: TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver - (TVALZFL) - C:\WINDOWS\system32\DRIVERS\TVALZFL.sys (sign: 'TOSHIBA CORPORATION')
O23 - Driver R3: AMD Function Driver for HD Audio Service - (AtiHDAudioService) - C:\WINDOWS\system32\drivers\AtihdWT6.sys (sign: 'Microsoft' - Advanced Micro Devices)
O23 - Driver R3: amdkmdag - C:\WINDOWS\system32\DRIVERS\atikmdag.sys (sign: 'Microsoft' - Advanced Micro Devices, Inc.)
O23 - Driver R3: amdkmdap - C:\WINDOWS\system32\DRIVERS\atikmpag.sys (sign: 'Microsoft' - Advanced Micro Devices, Inc.)
O23 - Driver R3: Bluetooth ACPI - (tosrfec) - C:\WINDOWS\System32\drivers\tosrfec.sys (+safe mode) (sign: 'Dynabook Inc.')
O23 - Driver R3: dynabook Hotkey Driver - (dhotkey) - C:\WINDOWS\System32\drivers\dhotkey.sys (sign: 'Dynabook Inc.')
O23 - Driver R3: Intel(R) Management Engine Interface - (MEIx64) - C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys (sign: 'Intel Corporation - Embedded Subsystems and IP Blocks Group')
O23 - Driver R3: Realtek Bluetooth Filter Driver - (RtkBtFilter) - C:\WINDOWS\System32\drivers\RtkBtfilter.sys (+safe mode) (sign: 'Realtek Semiconductor Corp.')
O23 - Driver R3: Realtek RT640 NT Driver - (rt640x64) - C:\WINDOWS\System32\drivers\rt640x64.sys (+safe mode) (sign: 'Realtek Semiconductor Corp')
O23 - Driver R3: Realtek USB Card Reader - UER - (RTSUER) - C:\WINDOWS\system32\Drivers\RtsUer.sys (sign: 'Realtek Semiconductor Corp.')
O23 - Driver R3: Service for Realtek HD Audio (WDM) - (IntcAzAudAddService) - C:\WINDOWS\system32\drivers\RTKVHD64.sys (sign: 'Realtek Semiconductor Corp')
O23 - Driver R3: Synaptics TouchPad Driver - (SynTP) - C:\WINDOWS\system32\DRIVERS\SynTP.sys (sign: 'Synaptics Incorporated')
O23 - Driver R3: TOSHIBA Writing Engine Filter Driver - (TDCMDPST) - C:\WINDOWS\system32\DRIVERS\tdcmdpst.sys (+safe mode) (sign: 'TOSHIBA CORPORATION')
O23 - Driver S0: dynabook ACPI-Based Value Added Logical and General Purpose Device Driver - (TVALZ_O) - C:\WINDOWS\System32\drivers\TVALZ_O.SYS (sign: 'Dynabook Inc.')
O23 - Driver S3: "Microsoft Bluetooth A2dp driver" ; {Placeholder="Microsoft Bluetooth"} - (BthA2dp) - C:\WINDOWS\System32\drivers\BthA2dp.sys (not signed)
O23 - Driver S3: "Microsoft Bluetooth Hands-Free Profile driver" ; {Placeholder="Microsoft Bluetooth"} - (BthHFEnum) - C:\WINDOWS\System32\drivers\bthhfenum.sys (not signed)
O23 - Driver S3: dynabook Hotkey Driver - (Thotkey) - C:\WINDOWS\System32\drivers\Thotkey.sys (sign: 'Dynabook Inc.')
O23 - Driver S3: Intel(R) Serial IO GPIO Controller Driver - (iaLPSSi_GPIO) - C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys (sign: 'Intel Corporation - Client Components Group')
O23 - Driver S3: Inventec 8168 NT Driver - (RTL8168) - C:\WINDOWS\System32\drivers\rtlh64.sys (+safe mode) (sign: 'Realtek Semiconductor Corp')
O23 - Driver S3: MpKsl8531073e - C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2D98BD4F-36DB-4CBB-90F7-06D81822BAA2}\MpKslDrv.sys (file missing)
O23 - Driver S3: SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.) - (ssudmdm) - C:\WINDOWS\system32\DRIVERS\ssudmdm.sys (sign: 'Samsung Electronics Co., Ltd.')
O23 - Driver S3: SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.) - (dg_ssudbus) - C:\WINDOWS\system32\DRIVERS\ssudbus2.sys (+safe mode) (sign: 'Samsung Electronics Co., Ltd.')
O23 - Driver S3: SmbDrvI - C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys (+safe mode) (sign: 'Synaptics Incorporated')
O23 - Driver S3: USB RNDIS6 Adapter - (usbrndis6) - C:\WINDOWS\System32\drivers\usb80236.sys (+safe mode) (not signed)
O23 - Driver S3: USB Scanner Driver - (usbscan) - C:\WINDOWS\system32\DRIVERS\usbscan.sys (+safe mode) (not signed)
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service: 'rt640x64'
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service: 'RTL8168'
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service: 'usbrndis6'
O23 - Dependency: Microsoft Service Group 'PlugPlay' contains unknown service: 'RtkAudioService'
O27 - Account: (AutoLogon) HKLM\..\Winlogon: CROTONE1-PC\Crotone1 (type: Microsoft)
O27 - Account: (Bad profile) Folder is not referenced by any of user SIDs: C:\Users\Default.migrated

VIANELLO_85 · 5 Dicembre 2023

Vedendo questo lungo log, non mi sembra di vedere le righe segnalate in precedenza.

Hai ancora problemi?

Shark81 · 5 Dicembre 2023

Non ho più problemi però come avevo scritto in precedenza, avendo avuto la stessa situazione sul notebook, ho preferito per sicurezza postare il log nel caso ci fosse qualcosa di sospetto

ERCOLINO · 5 Dicembre 2023

Mi sembra ok.

Hai scansionato anche con Trend Micro?

Shark81 · 5 Dicembre 2023

Appena posso, faccio una scansione.
Non so se è collegato al problema che ho avuto ma dopo aver lasciato il notebook in standby, quando sono andato per riattivarlo, ho trovato sul desktop una finestra:
pcsc-client.dll.exe - Errore di applicazione. Si è verificato l'errore di exception eccezione software sconosciuta (0xe0434352) nell'applicazione alla posizione 0x0000000075F3F932.
Di cosa si tratta? Qualche programma eliminato?

VIANELLO_85 · 5 Dicembre 2023

https://www.file.net/it/processo/pcsc-client.dll.exe.html

Shark81 · 5 Dicembre 2023

Con Trend Micro non ho fatto scansione ma con Defender e Malwarebytes sì e non hanno trovato nulla

VIANELLO_85 · 5 Dicembre 2023

Occhio che i due antivirus (Trend micro e Defender) se attivi insieme (se non è la versione online) non si pestino i piedi uno con l'altro.

Shark81 · 5 Dicembre 2023

Per Trend Micro ho utilizzato il link pubblicato da Ercolino quindi credo sia la versione online. Dall'articolo che hai postato non è detto si tratti di virus. Oltretutto ho provato a fare la ricerca in tutta l'unità C: e non vi è traccia di pcsc-client.dll.exe

VIANELLO_85 · 5 Dicembre 2023

Ok

Si quella è la versione on line

Shark81 · 5 Dicembre 2023

Trovato:
1 C:\Users\Crotone1\AppData\Local\Temp\pcsc-client.dll\pcsc-client.dll.exe

VIANELLO_85 · 5 Dicembre 2023

Fai una bella pulizia dei file temporanei

Shark81 · 5 Dicembre 2023

Va bene fare la pulizia disco direttamente da windows? Eventualmente cosa devo settare? In automatico mi dà spuntati: programmi scaricati, file temporanei internet, anteprima.
Sono senza spunta: Segnalazioni errore windows, Cache shader DirectX, File di ottimizzazione recapito, Cestino, File temporanei. E' il caso di spuntare tutto? E poi c'è pulizia file di sistema che non so se va fatta. Se gentilmente mi dici come procedere. Grazie

IamRoby · 5 Dicembre 2023

Shark81 ha scritto:
Va bene fare la pulizia disco direttamente da windows? Eventualmente cosa devo settare? In automatico mi dà spuntati: programmi scaricati, file temporanei internet, anteprima.
Sono senza spunta: Segnalazioni errore windows, Cache shader DirectX, File di ottimizzazione recapito, Cestino, File temporanei. E' il caso di spuntare tutto? E poi c'è pulizia file di sistema che non so se va fatta. Se gentilmente mi dici come procedere. Grazie

Tutto no, solo quelli non utili o legati ad utilità di sistema, nel cestino vedi se hai cose che non vuoi cancellare per sempre.

puoi cancellare manualmente quanto c'è nella C:\Users\Crotone1\AppData\Local\Temp\

VIANELLO_85 · 5 Dicembre 2023

IamRoby ha scritto:
puoi cancellare manualmente quanto c'è nella C:\Users\Crotone1\AppData\Local\Temp\

Cancella quello che ti fa effettivamente levare.
Ci potrebbero essere dei file 'in uso' legittimi.

IamRoby · 5 Dicembre 2023

VIANELLO_85 ha scritto:
Cancella quello che ti fa effettivamente levare.
Ci potrebbero essere dei file 'in uso' legittimi.

quelli non ti permette di cancellarli almeno finchè i software sono aperti.

VIANELLO_85 · 5 Dicembre 2023

Magari i meno 'smanettoni' credono che possano essere cancellati tutti i file siti all'interno della cartella

Prima che, magari, scatti il campanello d'allarme che non riesce a cancellare tutto...

Shark81 · 5 Dicembre 2023

Sicuro che posso eliminare tutto il contenuto?

Ad alcune cartelle mi ha chiesto il consenso come amministratore ed io l'ho dato. Posso svuotare il cestino serenamente? :lol:

Ho notato che proprio la cartella pcsc-client.dll si riforma dopo averla cancellata

VIANELLO_85 · 5 Dicembre 2023

Alcune si riformeranno perchè usate da altri programmi e necessari per il loro funzionamento.
Cancella quello che riesci a cancellare. Non andrei troppo in profondità. Con windows solitamente mi limitavo al canc.
Quello che si cancellava bene, per il resto rimane lì.

ERCOLINO · 5 Dicembre 2023

Shark81 ha scritto:
Sicuro che posso eliminare tutto il contenuto?
Ad alcune cartelle mi ha chiesto il consenso come amministratore ed io l'ho dato. Posso svuotare il cestino serenamente?
Ho notato che proprio la cartella pcsc-client.dll si riforma dopo averla cancellata

C:\Users\Crotone1\AppData\Local\Temp\

Puoi cancellare tutto il contenuto della cartella Temp, alcune cose non te le fa cancellare perchè in uso, in questo caso scegli ignora e rimangono li

Anche il contenuto della cartella Temp in C:\Windows\Temp si può cancellare

Problema PC: Chiavetta USB infetta?

Shark81

Digital-Forum Gold Master

VIANELLO_85

Shark81

Digital-Forum Gold Master

ERCOLINO

Shark81

Digital-Forum Gold Master

VIANELLO_85

Shark81

Digital-Forum Gold Master

VIANELLO_85

Shark81

Digital-Forum Gold Master

VIANELLO_85

Shark81

Digital-Forum Gold Master

VIANELLO_85

Shark81

Digital-Forum Gold Master

IamRoby

Digital-Forum Gold Master

VIANELLO_85

IamRoby

Digital-Forum Gold Master

VIANELLO_85

Shark81

Digital-Forum Gold Master

VIANELLO_85

ERCOLINO