Logfile of HiJackThis Fork by Alex Dragokas v.2.10.0.23
Platform: x64 Windows 11 (Home), 10.0.22621.1485 (ReleaseId: 2009, 22H2), Service Pack: 0
Time: 09.04.2023 - 17:07 (UTC+02:00)
Language: OS: Italian (0x410). Display: Italian (0x410). Non-Unicode: Italian (0x410)
Memory: 3783 MiB Free (54 %). CPU Loading: (4 %)
Elevated: Yes
Ran by: Lorenzo (group: Administrators) on DESKTOP-K11V5FN, FirstRun: yes
Chrome: 111.0.5563.147
Internet Explorer: 11.0.22621.1
Default: "C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)
Boot mode: Normal
Running processes:
Number | Path
1 C:\Program Files (x86)\Common Files\Steam\steamservice.exe
1 C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
1 C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
1 C:\Program Files (x86)\Lenovo\Lenovo Calliope USB Keyboard\SklFundKb.exe
1 C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(LenovoBoostAddin).exe
1 C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(LenovoBoostSystemAddin).exe
1 C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(VantageCoreAddin).exe
1 C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe
6 C:\Program Files (x86)\Microsoft\EdgeWebView\Application\111.0.1661.62\msedgewebview2.exe
8 C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
1 C:\Program Files (x86)\Steam\steam.exe
1 C:\Program Files\AMD\CNext\CNext\amdow.exe
1 C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
1 C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
1 C:\Program Files\AMD\CNext\CNext\cncmd.exe
1 C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
1 C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
1 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.23022.140.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
1 C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.8900.0.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
1 C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.8900.0.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MsMpEng.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\NisSrv.exe
1 C:\Windows\explorer.exe
2 C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
1 C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
1 C:\Windows\System32\AggregatorHost.exe
1 C:\Windows\System32\amdfendrsr.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
1 C:\Windows\System32\audiodg.exe
1 C:\Windows\System32\backgroundTaskHost.exe
1 C:\Windows\System32\cmd.exe
2 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
2 C:\Windows\System32\dasHost.exe
1 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
1 C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_3de4831720bb2934\RstMwService.exe
1 C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
1 C:\Windows\System32\DriverStore\FileRepository\piecomponent.inf_amd64_9bc8a839c751c49e\Intel_PIE_Service.exe
2 C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3d19142d5a057a7c\RtkAudUService64.exe
1 C:\Windows\System32\DriverStore\FileRepository\u0386220.inf_amd64_1894141ab65df02b\B386218\atieclxx.exe
1 C:\Windows\System32\DriverStore\FileRepository\u0386220.inf_amd64_1894141ab65df02b\B386218\atiesrxx.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\Locator.exe
1 C:\Windows\System32\LsaIso.exe
1 C:\Windows\System32\lsass.exe
6 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SecurityHealthSystray.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\Sgrm\SgrmBroker.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
84 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\wbem\WmiApSrv.exe
2 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\System32\wlanext.exe
3 C:\Windows\System32\WUDFHost.exe
1 C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe
1 D:\Download\HiJackThis\HiJackThis.exe
1 D:\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Default_Page_URL] =
http://lenovo17win10.msn.com/?pc=LCTE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] =
http://lenovo17win10.msn.com/?pc=LCTE
O4 - HKCU\..\Run: [AMDNoiseSuppression] = C:\WINDOWS\system32\AMD\ANR\AMDNoiseSuppression.exe (file missing)
O4 - HKCU\..\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent
O4 - HKCU\..\StartupApproved\Run: [EADM] = D:\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe -silent (2023/03/10)
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_BC68B7E3A3FF3A05DABA32118914F06A] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start /prefetch:5 (2022/08/07)
O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Users\Lorenzo\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (2021/08/05)
O4 - HKLM\..\Run: [Lenovo Fundamental USB Keyboard] = C:\Program Files (x86)\Lenovo\Lenovo Calliope USB Keyboard\SklFundKb.exe
O4 - HKLM\..\Run: [RtkAudUService] = C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3d19142d5a057a7c\RtkAudUService64.exe -background
O4 - HKU\S-1-5-19\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (Microsoft) (User 'Local service')
O4 - HKU\S-1-5-19\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade (User 'Local service')
O4 - HKU\S-1-5-20\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (Microsoft) (User 'Network service')
O4 - HKU\S-1-5-20\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade (User 'Network service')
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\E&xport to Microsoft Excel: (default) = C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE (file missing)
O10 - Unknown file in Winsock LSP: C:\WINDOWS\system32\nlansp_c.dll
O17 - DHCP DNS 1: 192.168.1.1
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Intel (empty)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\BatteryGauge (empty)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\McAfee (empty)
O22 - Tasks: (damaged) \Lenovo\ImController\TimeBasedEvents\28944fb1-7a4e-4b5b-a728-268a7fd5996f - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger 28944fb1-7a4e-4b5b-a728-268a7fd5996f (user missing)
O22 - Tasks: (damaged) \Lenovo\ImController\TimeBasedEvents\4b5beea2-80b3-4677-8eb0-61eadff9715f - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger 4b5beea2-80b3-4677-8eb0-61eadff9715f (user missing)
O22 - Tasks: (damaged) \Lenovo\ImController\TimeBasedEvents\a652925b-624b-49c3-bb52-29106b6a00b5 - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger a652925b-624b-49c3-bb52-29106b6a00b5 (user missing)
O22 - Tasks: (damaged) \Lenovo\ImController\TimeBasedEvents\ad6351c1-b766-48e9-9f58-4ad2bf66bfa5 - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger ad6351c1-b766-48e9-9f58-4ad2bf66bfa5 (user missing)
O22 - Tasks: (disabled) \Agent Activation Runtime\S-1-5-21-1755012876-133732241-365190357-1002 - C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\MdmDiagnosticsCleanup - C:\WINDOWS\system32\MdmDiagnosticsTool.exe /clean (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Printing\PrintJobCleanupTask - {8ABCE260-32B6-476C-AE13-B34D0C91292D} - C:\Windows\System32\PrinterCleanupTask.dll (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Shell\ThemeAssetTask_SyncFODState - {3BC5DD7D-EA3B-428C-B9B6-0723DB6A1057} - C:\Windows\System32\Windows.UI.Immersive.dll (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\WINDOWS\system32\MusNotification.exe /RunOnAC RebootDialog (file missing)
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\WINDOWS\system32\MusNotification.exe /RunOnBattery RebootDialog (file missing)
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\WINDOWS\system32\usoclient.exe StartWork (Microsoft)
O22 - Tasks: (telemetry) \Lenovo\Vantage\Schedule\DailyTelemetryTransmission - C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe DailyTelemetryTransmission
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\WINDOWS\system32\sc.exe start InventorySvc
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\SdbinstMergeDbTask - C:\WINDOWS\system32\sdbinst.exe -mm (Microsoft)
O22 - Tasks: \HP\HP Print Scan Doctor\Printer Health Monitor - C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe
O22 - Tasks: \HP\HP Print Scan Doctor\Printer Health Monitor Logon - C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe
O22 - Tasks: \Lenovo\ImController\Lenovo iM Controller Monitor - C:\WINDOWS\system32\ImController.InfInstaller.exe -checkremoval
O22 - Tasks: \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance - C:\WINDOWS\system32\sc.exe START ImControllerService
O22 - Tasks: \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask - C:\WINDOWS\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
O22 - Tasks: \Lenovo\ImController\TimeBasedEvents\28944fb1-7a4e-4b5b-a728-268a7fd5996f - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger 28944fb1-7a4e-4b5b-a728-268a7fd5996f
O22 - Tasks: \Lenovo\ImController\TimeBasedEvents\4b5beea2-80b3-4677-8eb0-61eadff9715f - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger 4b5beea2-80b3-4677-8eb0-61eadff9715f
O22 - Tasks: \Lenovo\ImController\TimeBasedEvents\a652925b-624b-49c3-bb52-29106b6a00b5 - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger a652925b-624b-49c3-bb52-29106b6a00b5
O22 - Tasks: \Lenovo\ImController\TimeBasedEvents\ad6351c1-b766-48e9-9f58-4ad2bf66bfa5 - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger ad6351c1-b766-48e9-9f58-4ad2bf66bfa5
O22 - Tasks: \Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance - C:\WINDOWS\system32\sc.exe start LenovoVantageService
O22 - Tasks: \Lenovo\Vantage\Schedule\BatteryGaugeAddinDailyScheduleTask - C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe BatteryGaugeAddinDailyScheduleTask
O22 - Tasks: \Lenovo\Vantage\Schedule\GenericMessagingAddin - C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe GenericMessagingAddin
O22 - Tasks: \Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask - C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe HeartbeatAddinDailyScheduleTask
O22 - Tasks: \Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport - C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe Lenovo.Vantage.SmartPerformance.MonthlyReport
O22 - Tasks: \Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.SScan - C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe Lenovo.Vantage.SmartPerformance.SScan
O22 - Tasks: \Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask - C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe LenovoCompanionAppAddinDailyScheduleTask
O22 - Tasks: \Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask - C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe LenovoSystemUpdateAddin_WeeklyTask
O22 - Tasks: \Microsoft\Windows\CloudRestore\Restore - {B4BCFA6F-948D-46B8-BF27-E8B1117E23B3} - C:\WINDOWS\system32\CloudRestoreLauncher.dll (Microsoft)
O22 - Tasks: \Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - C:\WINDOWS\System32\MbaeParserTask.exe (file missing)
O22 - Tasks: \Microsoft\Windows\PI\SecureBootEncodeUEFI - C:\WINDOWS\system32\SecureBootEncodeUEFI.exe (Microsoft)
O22 - Tasks: \Microsoft\Windows\Security\Pwdless\IntelligentPwdlessTask - {8702A841-D5CA-47C3-812D-9CEDC304C200} - C:\WINDOWS\system32\IntelligentPwdlessTask.dll (Microsoft)
O22 - Tasks: \Microsoft\Windows\SMB\UninstallSMB1ClientTask - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Client"
O22 - Tasks: \Microsoft\Windows\SMB\UninstallSMB1ServerTask - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Server"
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\StartOobeAppsScan_LicenseAccepted - C:\WINDOWS\system32\usoclient.exe StartOobeAppsScan (Microsoft)
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\WINDOWS\system32\MusNotification.exe (file missing)
O22 - Tasks: \Microsoft\Windows\WindowsBackup\AutomaticBackup - C:\WINDOWS\system32\rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup (Microsoft)
O22 - Tasks: \Microsoft\Windows\WindowsUpdate\RUXIM\RUXIMDisplay - C:\Program Files\ruxim\ruximics.exe /nonetwork (file missing)
O22 - Tasks: \Microsoft\Windows\WindowsUpdate\RUXIM\RUXIMSync - C:\Program Files\ruxim\ruximics.exe /onlyloadcampaigns (file missing)
O22 - Tasks: \Microsoft\Windows\WlanSvc\MoProfileManagement - {085EDA12-CF4A-4944-8222-8ADCADE137CB} - C:\Windows\System32\WlanMediaManager.dll (Microsoft)
O22 - Tasks: AMDInstallLauncher - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe /InstallAUEP
O22 - Tasks: AMDLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -AMDLinkUpdate
O22 - Tasks: GoogleUpdateTaskMachineCore{1175AE5B-4AE0-48F1-A74B-6AAA195EBCE0} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Tasks: GoogleUpdateTaskMachineUA{DAB3263D-3160-446A-A730-1C25A9B47B0B} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Tasks: ModifyLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -UpdateCurrentUser
O22 - Tasks: OneDrive Reporting Task-S-1-5-21-1755012876-133732241-365190357-1002 - C:\Users\Lorenzo\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting
O22 - Tasks_Migrated: (damaged) \Lenovo\ImController\TimeBasedEvents\29040912-0283-48e9-8e86-a73fe0f107ee - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger 29040912-0283-48e9-8e86-a73fe0f107ee (user missing)
O22 - Tasks_Migrated: (damaged) \Lenovo\ImController\TimeBasedEvents\6262e335-7fa2-448c-9f1e-feaec3736f7a - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger 6262e335-7fa2-448c-9f1e-feaec3736f7a (user missing)
O22 - Tasks_Migrated: (damaged) \Lenovo\ImController\TimeBasedEvents\6874dd8d-fce5-4e7c-8d61-66f8d478310f - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger 6874dd8d-fce5-4e7c-8d61-66f8d478310f (user missing)
O22 - Tasks_Migrated: (damaged) \Lenovo\ImController\TimeBasedEvents\f81adea4-4df3-4ced-aacf-20bc30034ffb - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger f81adea4-4df3-4ced-aacf-20bc30034ffb (user missing)
O22 - Tasks_Migrated: (disabled) \Agent Activation Runtime\S-1-5-21-1755012876-133732241-365190357-1002 - C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (Microsoft)
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (Microsoft)
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Provisioning\MdmDiagnosticsCleanup - C:\WINDOWS\system32\MdmDiagnosticsTool.exe /clean (Microsoft)
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Tasks_Migrated: (telemetry) \Lenovo\Vantage\Schedule\DailyTelemetryTransmission - C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe DailyTelemetryTransmission (file missing)
O22 - Tasks_Migrated: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Tasks_Migrated: \HP\HP Print Scan Doctor\Printer Health Monitor - C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe
O22 - Tasks_Migrated: \HP\HP Print Scan Doctor\Printer Health Monitor Logon - C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe
O22 - Tasks_Migrated: \Lenovo\BatteryGauge\BatteryGaugeMaintenance - C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe
O22 - Tasks_Migrated: \Lenovo\ImController\Lenovo iM Controller Monitor - C:\WINDOWS\system32\ImController.InfInstaller.exe -checkremoval
O22 - Tasks_Migrated: \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance - C:\WINDOWS\system32\sc.exe START ImControllerService
O22 - Tasks_Migrated: \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask - C:\WINDOWS\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
O22 - Tasks_Migrated: \Lenovo\ImController\TimeBasedEvents\29040912-0283-48e9-8e86-a73fe0f107ee - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger 29040912-0283-48e9-8e86-a73fe0f107ee
O22 - Tasks_Migrated: \Lenovo\ImController\TimeBasedEvents\6262e335-7fa2-448c-9f1e-feaec3736f7a - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger 6262e335-7fa2-448c-9f1e-feaec3736f7a
O22 - Tasks_Migrated: \Lenovo\ImController\TimeBasedEvents\6874dd8d-fce5-4e7c-8d61-66f8d478310f - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger 6874dd8d-fce5-4e7c-8d61-66f8d478310f
O22 - Tasks_Migrated: \Lenovo\ImController\TimeBasedEvents\f81adea4-4df3-4ced-aacf-20bc30034ffb - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger f81adea4-4df3-4ced-aacf-20bc30034ffb
O22 - Tasks_Migrated: \Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance - C:\WINDOWS\system32\sc.exe start LenovoVantageService
O22 - Tasks_Migrated: \Lenovo\Vantage\Schedule\GenericMessagingAddin - C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe GenericMessagingAddin (file missing)
O22 - Tasks_Migrated: \Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask - C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe HeartbeatAddinDailyScheduleTask (file missing)
O22 - Tasks_Migrated: \Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport - C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe Lenovo.Vantage.SmartPerformance.MonthlyReport (file missing)
O22 - Tasks_Migrated: \Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.SScan - C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe Lenovo.Vantage.SmartPerformance.SScan (file missing)
O22 - Tasks_Migrated: \Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask - C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe LenovoCompanionAppAddinDailyScheduleTask (file missing)
O22 - Tasks_Migrated: \Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask - C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe LenovoSystemUpdateAddin_WeeklyTask (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - C:\WINDOWS\System32\MbaeParserTask.exe (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\SMB\UninstallSMB1ClientTask - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Client"
O22 - Tasks_Migrated: \Microsoft\Windows\SMB\UninstallSMB1ServerTask - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Server"
O22 - Tasks_Migrated: \Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance - C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Windows Defender\Windows Defender Cleanup - C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe -IdleTask -TaskName WdCleanup (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan - C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe Scan -ScheduleJob -ScanTrigger 55 -IdleScheduledJob (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Windows Defender\Windows Defender Verification - C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe -IdleTask -TaskName WdVerification (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\WindowsBackup\AutomaticBackup - C:\WINDOWS\system32\rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup (Microsoft)
O22 - Tasks_Migrated: \Microsoft\Windows\WindowsUpdate\RUXIM\RUXIMDisplay - C:\Program Files\ruxim\ruximics.exe /nonetwork (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\WindowsUpdate\RUXIM\RUXIMSync - C:\Program Files\ruxim\ruximics.exe /onlyloadcampaigns (file missing)
O22 - Tasks_Migrated: AMDInstallLauncher - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe /InstallAUEP
O22 - Tasks_Migrated: AMDLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -AMDLinkUpdate
O22 - Tasks_Migrated: GoogleUpdateTaskMachineCore{1175AE5B-4AE0-48F1-A74B-6AAA195EBCE0} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Tasks_Migrated: GoogleUpdateTaskMachineUA{DAB3263D-3160-446A-A730-1C25A9B47B0B} - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Tasks_Migrated: ModifyLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -UpdateCurrentUser
O22 - Tasks_Migrated: OneDrive Reporting Task-S-1-5-21-1755012876-133732241-365190357-1002 - C:\Users\Lorenzo\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting
O23 - Service R2: AMD Crash Defender Service - C:\WINDOWS\System32\amdfendrsr.exe
O23 - Service R2: AMD External Events Utility - C:\WINDOWS\System32\DriverStore\FileRepository\u0386220.inf_amd64_1894141ab65df02b\B386218\atiesrxx.exe
O23 - Service R2: HP Print Scan Doctor Service - (HPPrintScanDoctorService) - C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
O23 - Service R2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
O23 - Service R2: Intel(R) Management Engine WMI Provider Registration - (WMIRegistrationService) - C:\WINDOWS\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
O23 - Service R2: Intel(R) Storage Middleware Service - (RstMwService) - C:\WINDOWS\System32\DriverStore\FileRepository\iaahcic.inf_amd64_3de4831720bb2934\RstMwService.exe
O23 - Service R2: LenovoVantageService - C:\Program Files (x86)\Lenovo\VantageService\\3.13.43.0\LenovoVantageService.exe
O23 - Service R2: Realtek Audio Universal Service - (RtkAudioUniversalService) - C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3d19142d5a057a7c\RtkAudUService64.exe
O23 - Service R2: System Interface Foundation Service - (ImControllerService) - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
O23 - Service R3: EABackgroundService - D:\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe -start
O23 - Service R3: Intel® PROSet/Wireless Service - (PIEServiceNew) - C:\Windows\System32\DriverStore\FileRepository\piecomponent.inf_amd64_9bc8a839c751c49e\Intel_PIE_Service.exe
O23 - Service R3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\steamservice.exe /RunAsService
O23 - Service S2: Intel(R) TPM Provisioning Service - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_e936ad8266d026ce\lib\TPMProvisioningService.exe
O23 - Service S2: Servizio Google Update (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: EAAntiCheatService - C:\Program Files\EA\AC\eaanticheat.gameservice.exe
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\111.0.5563.147\elevation_service.exe
O23 - Service S3: Intel(R) Capability Licensing Service TCP IP Interface - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_e936ad8266d026ce\lib\SocketHeciServer.exe
O23 - Service S3: Intel(R) Optane(TM) Memory Service - (iaStorAfsService) - C:\WINDOWS\System32\iaStorAfsService.exe
O23 - Service S3: Office 64 Source Engine - (ose64) - c:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
O23 - Service S3: Servizio Google Update (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
--
End of file - Time spent: 14,3 sec. - 57502 bytes, CRC32: FFFFFFFF. Sign: 乭