• Non sono ammesse registrazioni con indirizzi email temporanei usa e getta

Importante Richiesta controllo Logfile of HijackThis (Versione 2.10.0.31) del 06/05/2023

Ciao, potete dare un occhiata al mio?
Lo divido per non essere troppo lungo per un solo post.
Grazie

Logfile of HiJackThis Fork by Alex Dragokas v.2.10.0.31

Platform: x64 Windows 10 (Home), 10.0.19045.4170 (ReleaseId: 2009, 22H2), Service Pack: 0
Time: 30.03.2024 - 09:35 (UTC+01:00)
Language: OS: Italian (0x410). Display: Italian (0x410). Non-Unicode: Italian (0x410)
Memory: 2247 MiB Free (72 %). CPU Loading: (11 %)
Elevated: Yes
Ran by: mf (group: Administrators) on MF-PC, FirstRun: no

Chrome: 123.0.6312.86
Internet Explorer: 11.0.19041.3636
Default: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument %1 (Microsoft Edge)

Boot mode: Normal

Running processes:
Number | Path
1 C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
1 C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
1 C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
1 C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
1 C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe
1 C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe
1 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
1 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
1 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
1 C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
1 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
1 C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
1 C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
1 C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
1 C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
1 C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
1 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
2 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
1 C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE
1 C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
1 C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\OFFICEVIRT.EXE
1 C:\Program Files (x86)\Google\Update\1.3.36.363\GoogleCrashHandler.exe
1 C:\Program Files (x86)\Google\Update\1.3.36.363\GoogleCrashHandler64.exe
1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
1 C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
1 C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
1 C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
1 C:\Program Files (x86)\Leica Geosystems\Cyclone\CyraLicense.exe
1 C:\Program Files (x86)\Leica Geosystems\Cyclone\FastObjectsServer.exe
1 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
1 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
1 C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
1 C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
1 C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
1 C:\Program Files\ASUS\P4G\BatteryLife.exe
1 C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
1 C:\Program Files\AVAST Software\Avast\aswidsagent.exe
1 C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
1 C:\Program Files\AVAST Software\Avast\AvastSvc.exe
4 C:\Program Files\AVAST Software\Avast\AvastUI.exe
1 C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
1 C:\Program Files\ByteFence\ByteFence.exe
1 C:\Program Files\ByteFence\ByteFenceService.exe
1 C:\Program Files\ByteFence\rtop\bin\rtop_bg.exe
1 C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe
1 C:\Program Files\CCleaner\CCleaner64.exe
1 C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
1 C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
1 C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
1 C:\Program Files\Intel\iCLS Client\HeciServer.exe
2 C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
1 C:\Program Files\Windows Defender\MsMpEng.exe
1 C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2411.4.0_x64__cv1g1gvanyjgm\WhatsApp.exe
1 C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2401.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
1 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.24022.87.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
1 C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.22091.10061.0_x64__8wekyb3d8bbwe\Video.UI.exe
1 C:\Users\mf\Desktop\HiJackThis\HiJackThis.exe
1 C:\Windows\explorer.exe
1 C:\Windows\ImmersiveControlPanel\SystemSettings.exe
1 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
1 C:\Windows\System32\AggregatorHost.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
1 C:\Windows\System32\audiodg.exe
1 C:\Windows\System32\CastSrv.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
1 C:\Windows\System32\dasHost.exe
1 C:\Windows\System32\dwm.exe
1 C:\Windows\System32\FBAgent.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\igfxCUIService.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\oobe\UserOOBEBroker.exe
7 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchFilterHost.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SecurityHealthSystray.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\SgrmBroker.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
79 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\wbem\unsecapp.exe
1 C:\Windows\System32\wbem\WmiApSrv.exe
2 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
2 C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Search Bar] = https://www.google.com/?trackid=sp-006
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Search Page] = https://www.google.com/search?trackid=sp-006&q={searchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = https://it.search.yahoo.com/yhs/web...y_soverj_00_00&os_ver=10.0&os=Windows+10+Home
R0 - HKLM\Software\Microsoft\Internet Explorer\Main: [Default_Page_URL] = http://isearch.omiga-plus.com/?type...HitachiXHTS547575A9E384_J2140059C60GJAC60GJAX
R0 - HKLM\Software\Microsoft\Internet Explorer\Main: [Default_Search_URL] = http://isearch.omiga-plus.com/web/?...achiXHTS547575A9E384_J2140059C60GJAC60GJAX&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main: [Search Page] = http://isearch.omiga-plus.com/web/?...achiXHTS547575A9E384_J2140059C60GJAC60GJAX&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main: [Start Page] = https://it.search.yahoo.com/yhs/web...y_soverj_00_00&os_ver=10.0&os=Windows+10+Home
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: [URL,TopResultURLFallback] = http://vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ggfc_15_05_ch&cd=2XzuyEtN2Y1L1QzuyEyEyC0DyDyByCzztA0B0DtAyEyB0F0DtN0D0Tzu0StCtCtByCtN1L2XzutAtFyBtFtBtFtCtN1L1CzutCyEtBzytDyD1V1ByEtN1L1G1B1V1N2Y1L1Qzu2StC0C0EzzyByCyByBtG0CtB0B0FtGzz0DtByEtG0DyD0CtCtGyByEtAtD0EyByEyD0C0C0Czz2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FyEyCyE0DtAzzyEtGyBzz0E0AtGyE0DyB0CtGzyzztDzztGyDtByDtByCyCyDyC0D0EtC0F2Q&cr=642276483&ir= - Vosteran
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: = http://www2.delta-search.com/?q=... Hosts: Reset contents to default O1 - Hosts:
 
O1 - Hosts:
O1 - Hosts: 0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
O1 - Hosts: 0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
O1 - Hosts: 0.0.0.0 media.opencandy.com
O1 - Hosts: 0.0.0.0 cdn.opencandy.com
O1 - Hosts: 0.0.0.0 tracking.opencandy.com
O1 - Hosts: 0.0.0.0 api.opencandy.com
O1 - Hosts: 0.0.0.0 api.recommendedsw.com
O1 - Hosts: 0.0.0.0 rp.yefeneri2.com
O1 - Hosts: 0.0.0.0 os.yefeneri2.com
O1 - Hosts: 0.0.0.0 os2.yefeneri2.com
O1 - Hosts: 0.0.0.0 installer.betterinstaller.com
O1 - Hosts: 0.0.0.0 installer.filebulldog.com
O1 - Hosts: 0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
O1 - Hosts: 0.0.0.0 inno.bisrv.com
O1 - Hosts: 0.0.0.0 nsis.bisrv.com
O1 - Hosts: 0.0.0.0 cdn.file2desktop.com
O1 - Hosts: 0.0.0.0 cdn.goateastcach.us
O1 - Hosts: 0.0.0.0 cdn.guttastatdk.us
O1 - Hosts: 0.0.0.0 cdn.inskinmedia.com
O1 - Hosts: 0.0.0.0 cdn.insta.oibundles2.com
O1 - Hosts: 0.0.0.0 cdn.insta.playbryte.com
O1 - Hosts: 0.0.0.0 cdn.llogetfastcach.us
O1 - Hosts: 0.0.0.0 cdn.montiera.com
O1 - Hosts: 0.0.0.0 cdn.msdwnld.com
O1 - Hosts: 0.0.0.0 cdn.mypcbackup.com
O1 - Hosts: 0.0.0.0 cdn.ppdownload.com
O1 - Hosts: 0.0.0.0 cdn.riceateastcach.us
O1 - Hosts: 0.0.0.0 cdn.shyapotato.us
O1 - Hosts: 0.0.0.0 cdn.solimba.com
O1 - Hosts: 0.0.0.0 cdn.tuto4pc.com
O1 - Hosts: 0.0.0.0 cdn.appround.biz
O1 - Hosts: 0.0.0.0 cdn.bigspeedpro.com
O1 - Hosts: 0.0.0.0 cdn.bispd.com
O1 - Hosts: 0.0.0.0 cdn.bisrv.com
O1 - Hosts: 0.0.0.0 cdn.cdndp.com
O1 - Hosts: 0.0.0.0 cdn.download.sweetpacks.com
O1 - Hosts: 0.0.0.0 cdn.dpdownload.com
O1 - Hosts: 0.0.0.0 cdn.visualbee.net
O2 - HKLM\..\BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll
O2-32 - HKLM\..\BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
O2-32 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre-1.8\bin\jp2ssv.dll
O2-32 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre-1.8\bin\ssv.dll
O3 - HKLM\..\Toolbar: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - (no file)
O3 - HKLM\..\Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll
O4 - HKCU\..\Run: [AvastBrowserAutoLaunch_E91F3A6C96BBCB2536B9F4154C5F3AC7] = C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe --check-run=src=logon --onboarding-at-startup --auto-launch-at-startup --profile-directory="Default"
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] = C:\Program Files\CCleaner\CCleaner64.exe /MONITOR
O4 - HKCU\..\Run: [com.squirrel.Teams.Teams] = C:\Users\mf\AppData\Local\Microsoft\Teams\Update.exe --processStart "Teams.exe" --process-start-args "--system-initiated"
O4 - HKCU\..\Run: [MicrosoftEdgeAutoLaunch_F658BBB3F6B1034640A088C084D106E7] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start
O4 - HKCU\..\StartupApproved\Run: [Chromium] = c:\users\mf\appdata\local\chromium\application\chrome.exe --auto-launch-at-startup --profile-directory="Default" --restore-last-session (2020/07/15)
O4 - HKCU\..\StartupApproved\Run: [GarminExpressTrayApp] = C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe (2016/04/17)
O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Users\mf\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (2016/04/17)
O4 - HKCU\..\StartupApproved\Run: [VideoGuardMonitor] = C:\Users\mf\AppData\Local\Cisco\VideoGuardPlayer\VideoGuardMonitor\CiscoVideoGuardMonitor.exe (2022/07/17)
O4 - HKLM\..\Run: [AvastUI.exe] = C:\Program Files\AVAST Software\Avast\AvLaunch.exe /gui
O4 - HKLM\..\RunOnce: [!BCILauncher] = C:\WINDOWS\Temp\MUBSTemp\BCILauncher.EXE bgaupmi=D75B1291BA7C488CB87AA14CEB3B0C4B (file missing)
O4-32 - HKLM\..\Run: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O7 - Policy: HKLM\Software\Microsoft\Windows Defender: [DisableAntiVirus] = 1
O7 - Policy: HKLM\Software\Microsoft\Windows Defender\Real-Time Protection: [DpaDisabled] = 1
O7 - Policy: HKLM\Software\Policies\Microsoft\Windows Defender: [DisableAntiSpyware] = 1
O7 - TroubleShooting (EV): HKLM\..\Environment: [PSModulePath] = %SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\ (Missing: %ProgramFiles%\WindowsPowerShell\Modules)
O9-32 - Button: HKLM\..\{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}: Inserisci blog - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9-32 - Tools menu item: HKLM\..\{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}: Pubblica su un &blog in Windows Live Writer - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O15 - Trusted Zone: https://amazon.it
O16-32 - DPF: HKLM\..\{8AD9C840-044E-11D1-B3E9-00805F499D93}\DownloadInformation: Java Plug-in 11.401.2 [CODEBASE] = http://java.sun.com/update/1.8.0/jinstall-1_8_0_40-windows-i586.cab
O16-32 - DPF: HKLM\..\{CAFEEFAC-0018-0000-0040-ABCDEFFEDCBA}\DownloadInformation: Java Plug-in 1.8.0_40 [CODEBASE] = http://java.sun.com/update/1.8.0/jinstall-1_8_0_40-windows-i586.cab
O16-32 - DPF: HKLM\..\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\DownloadInformation: Java Plug-in 11.401.2 [CODEBASE] = http://java.sun.com/update/1.8.0/jinstall-1_8_0_40-windows-i586.cab
O17 - DHCP DNS 1: 192.168.1.1
O18 - HKLM\Software\Classes\Protocols\Handler\wlpg: [CLSID] = {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\ASUSWSShellExt64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files (x86)\Google\Drive\googledrivesync64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files\AVAST Software\Avast\ashShell.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Users\mf\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files\AVAST Software\Avast\x86\ashShell.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Users\mf\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
 
O22 - BITS Job: (download) {7086060B-80D8-4241-ADB9-B649D2FCA577} - MicrosoftMapsBingGeoStore - (no URL)
O22 - BITS Job: (download) {DCEF960D-0CD6-49F3-9281-F75001E5D9B7} - AFSD3DC933E10E4418394AD5258C7DF9858_BITSTEST - (no URL)
O22 - BITS Job: Fix all (including legit)
O22 - Task (.job): (disabled) (Not scheduled) P4GIntlCtrl.job - C:\Program Files\ASUS\P4G\IntlDPST.exe
O22 - Task (.job): (disabled) Yahoo! Powered nised.job - C:\WINDOWS\system32\wscript.exe
O22 - Task (.job): CCleanerCrashReporting.job - C:\Program Files\CCleaner\CCleanerBugReport.exe
O22 - Task (.job): Digital Sites.job - C:\Users\mf\AppData\Roaming\DigitalSites\UpdateProc\UPDATE~1.EXE (file missing)
O22 - Task (.job): ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job - C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
O22 - Task (.job): ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job - C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
O22 - Task: (damaged) C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform (empty)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2656A780-720E-4E0B-9A30-048C0284DE86} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d (no xml)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{293B9ACB-DB3C-4CA2-B6A6-48728505916E} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d (no xml)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{43846AAA-9B88-40DD-B984-946F0BE4FC5B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d (no xml)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{43F606A6-6669-4580-8D1D-AD50DC99C03C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent (no xml)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5A084105-D931-4010-8FFB-0577052329C8} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B (no xml)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5BC695F3-FEF4-4547-9CF5-EFB2F33C017E} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent (no xml)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{607E4B0E-67B1-4BEC-9C6A-961424A91DD1} - (no key)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{607E4B0E-67B1-4BEC-9C6A-961424A91DD1} - \Microsoft\Windows\UNP\RunCampaignManager (no xml)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AABBF655-70FF-4744-A924-C2767758A259} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd (no xml)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AF5C64F5-F103-4C4A-B6A5-E4F7685CC07E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d (no xml)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B9A54542-CF68-41BC-8A4F-D10515D370EC} - \Microsoft\Windows\Setup\gwx\launchtrayprocess (no xml)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CA1CC55C-36A6-4F5B-A210-1593D897EE4E} - \OfficeSoftwareProtectionPlatform\SvcRestartTask (no xml)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D9E3F6F1-BA68-4A1C-9716-E4647503D4C8} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d (no xml)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E61B1ED0-259A-4C4D-911C-90F41D0140ED} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig (no xml)
O22 - Tasks: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (Microsoft) (user missing)
O22 - Tasks: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (Microsoft) (user missing)
O22 - Tasks: (disabled) \Agent Activation Runtime\S-1-5-21-1232614349-1706152515-3375908610-1001 - C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\WINDOWS\System32\Autopilot.dll (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\WINDOWS\System32\Autopilot.dll (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Media Center\PeriodicScanRetry - C:\WINDOWS\ehome\MCUpdate.exe -pscn 0 (file missing)
O22 - Tasks: (disabled) \Microsoft\Windows\Media Center\RecordingRestart - C:\WINDOWS\ehome\ehrec /RestartRecording (file missing)
O22 - Tasks: (disabled) \Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor - {EA9155A3-8A39-40B4-8963-D3C761B18371} - (no file)
O22 - Tasks: (disabled) \Microsoft\Windows\Shell\FamilySafetyMonitorToastTask - {D2CBF5F7-5702-440B-8D8F-8203034A6B82},$(Arg0) - (no file)
O22 - Tasks: (disabled) \Microsoft\Windows\Shell\WindowsParentalControls - {DFA14C43-F385-4170-99CC-1B7765FA0E4A} - (no file)
O22 - Tasks: (disabled) \Microsoft\Windows\Shell\WindowsParentalControlsMigration - {343D770D-7788-47C2-B62A-B7C4CED925CB} - (no file)
O22 - Tasks: (disabled) \Microsoft\Windows\SideShow\AutoWake - {E51DFD48-AA36-4B45-BB52-E831F02E8316} - (no file)
O22 - Tasks: (disabled) \Microsoft\Windows\SideShow\SessionAgent - {45F26E9E-6199-477F-85DA-AF1EDFE067B1} - (no file)
O22 - Tasks: (disabled) \Microsoft\Windows\SideShow\SystemDataProviders - {7CCA6768-8373-4D28-8876-83E8B4E3A969} - (no file)
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\WINDOWS\system32\usoclient.exe StartWork (Microsoft)
O22 - Tasks: (disabled) ASUS Live Update - C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
O22 - Tasks: (disabled) ASUS P4G - C:\Program Files\ASUS\P4G\BatteryLife.exe
O22 - Tasks: (disabled) ASUS Quick Gesture - C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe
O22 - Tasks: (disabled) ASUS Quick Gesture (x64) - C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe
O22 - Tasks: (disabled) ASUS Smart Gesture Launcher - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe
O22 - Tasks: (disabled) ASUS USB Charger Plus - C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
O22 - Tasks: (disabled) ATKOSD2 - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O22 - Tasks: (disabled) GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Tasks: (disabled) ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon - C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe --domain-id 4e00205a-2ab1-4423-8f77-cc25b82cde1d --caller winlogon-impersonate
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc (Microsoft)
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (Microsoft)
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (Microsoft)
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Tasks: \AVAST Software\Overseer - C:\Program Files\Common Files\avast software\overseer\overseer.exe /from_scheduler:1
O22 - Tasks: \Microsoft\Windows Live\SOXE\Extractor Definitions Update Task - {3519154C-227E-47F3-9CC9-12C3F05817F1} - (no file)
O22 - Tasks: \Microsoft\Windows\AppListBackup\BackupNonMaintenance - {E0DCC2CC-3354-45F2-8914-519E07809082} - C:\WINDOWS\system32\AppListBackupLauncher.dll (Microsoft)
O22 - Tasks: \Microsoft\Windows\AppxDeploymentClient\UCPD velocity - C:\WINDOWS\system32\UCPDMgr.exe (Microsoft)
O22 - Tasks: \Microsoft\Windows\CloudRestore\Backup - {722D0F89-B69C-4700-AE8C-4A44350E4876},$(Arg0) - C:\WINDOWS\System32\CloudRestoreLauncher.dll (Microsoft)
O22 - Tasks: \Microsoft\Windows\ConsentUX\UnifiedConsent\UnifiedConsentSyncTask - {82aa0895-198a-4c1b-b2d1-c16894218afb} - C:\WINDOWS\System32\unifiedconsent.dll (Microsoft)
O22 - Tasks: \Microsoft\Windows\Media Center\ActivateWindowsSearch - C:\WINDOWS\ehome\ehPrivJob.exe /DoActivateWindowsSearch (file missing)
O22 - Tasks: \Microsoft\Windows\Media Center\ConfigureInternetTimeService - C:\WINDOWS\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (file missing)
O22 - Tasks: \Microsoft\Windows\Media Center\DispatchRecoveryTasks - C:\WINDOWS\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (file missing)
O22 - Tasks: \Microsoft\Windows\Media Center\ehDRMInit - C:\WINDOWS\ehome\ehPrivJob.exe /DRMInit (file missing)
O22 - Tasks: \Microsoft\Windows\Media Center\InstallPlayReady - C:\WINDOWS\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (file missing)
O22 - Tasks: \Microsoft\Windows\Media Center\mcupdate - C:\WINDOWS\ehome\mcupdate $(Arg0) (file missing)
O22 - Tasks: \Microsoft\Windows\Media Center\mcupdate_scheduled - C:\WINDOWS\ehome\mcupdate -crl -hms -pscn 15 (file missing)
O22 - Tasks: \Microsoft\Windows\Media Center\MediaCenterRecoveryTask - C:\WINDOWS\ehome\mcupdate.exe -MediaCenterRecoveryTask (file missing)
O22 - Tasks: \Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - C:\WINDOWS\ehome\mcupdate.exe -ObjectStoreRecoveryTask (file missing)
O22 - Tasks: \Microsoft\Windows\Media Center\OCURActivate - C:\WINDOWS\ehome\ehPrivJob.exe /OCURActivate (file missing)
O22 - Tasks: \Microsoft\Windows\Media Center\OCURDiscovery - C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (file missing)
O22 - Tasks: \Microsoft\Windows\Media Center\PBDADiscovery - C:\WINDOWS\ehome\ehPrivJob.exe /PBDADiscovery (file missing)
O22 - Tasks: \Microsoft\Windows\Media Center\PBDADiscoveryW1 - C:\WINDOWS\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (file missing)
O22 - Tasks: \Microsoft\Windows\Media Center\PBDADiscoveryW2 - C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (file missing)
O22 - Tasks: \Microsoft\Windows\Media Center\PvrRecoveryTask - C:\WINDOWS\ehome\mcupdate.exe -PvrRecoveryTask (file missing)
O22 - Tasks: \Microsoft\Windows\Media Center\PvrScheduleTask - C:\WINDOWS\ehome\mcupdate.exe -PvrSchedule (file missing)
O22 - Tasks: \Microsoft\Windows\Media Center\RegisterSearch - C:\WINDOWS\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (file missing)
O22 - Tasks: \Microsoft\Windows\Media Center\ReindexSearchRoot - C:\WINDOWS\ehome\ehPrivJob.exe /DoReindexSearchRoot (file missing)
O22 - Tasks: \Microsoft\Windows\Media Center\SqlLiteRecoveryTask - C:\WINDOWS\ehome\mcupdate.exe -SqlLiteRecoveryTask (file missing)
O22 - Tasks: \Microsoft\Windows\Media Center\UpdateRecordPath - C:\WINDOWS\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (file missing)
O22 - Tasks: \Microsoft\Windows\MobilePC\HotStart - {06DA0625-9701-43DA-BFD7-FBEEA2180A1E} - (no file)
O22 - Tasks: \Microsoft\Windows\SideShow\GadgetManager - {FF87090D-4A9A-4F47-879B-29A80C355D61},$(Arg0) - (no file)
O22 - Tasks: \Microsoft\Windows\TabletPC\InputPersonalization - C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe (Microsoft)
O22 - Tasks: \Microsoft\Windows\Tcpip\IpAddressConflict1 - C:\WINDOWS\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem (Microsoft)
O22 - Tasks: \Microsoft\Windows\Tcpip\IpAddressConflict2 - C:\WINDOWS\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem (Microsoft)
O22 - Tasks: \Microsoft\Windows\WindowsUpdate\Refresh Group Policy Cache - {07369A67-07A6-4608-ABEA-379491CB7C46} - C:\Windows\System32\UpdatePolicy.dll (Microsoft)
O22 - Tasks: {085E5AE1-682E-4941-8059-CC6CEDDE3C29} - C:\WINDOWS\system32\pcalua.exe -a "C:\Users\mf\Downloads\eMule0.50a-Installer (2).exe" -d C:\Users\mf\Downloads
O22 - Tasks: {12BD7B1A-6388-4013-8AC1-1883FE47F70D} - c:\program files (x86)\mozilla firefox\firefox.exe http://ui.skype.com/ui/0/6.7.59.102/it/abandoninstall?page=tsProgressBar (file missing)
O22 - Tasks: {3C468AAC-74FF-4747-B9D1-910275B1F460} - C:\Windows\system32\pcalua.exe -a "C:\Users\mf\Downloads\epson324826eu (1).exe" -d C:\Users\mf\Downloads
O22 - Tasks: {595F7578-6091-4104-8C2C-3638A55FCA14} - c:\program files (x86)\mozilla firefox\firefox.exe http://www.skype.com/go/downloading?source=lightinstaller&ver=6.7.0.102&LastError=12002 (file missing)
O22 - Tasks: {8359B552-3773-424B-B1AE-9026CDEA2400} - C:\Windows\system32\pcalua.exe -a C:\Users\mf\AppData\Roaming\omiga-plus\UninstallManager.exe -c -ptid=tugs
O22 - Tasks: {865AE5AF-4CD1-4557-B379-1514C9E2B671} - C:\Windows\system32\pcalua.exe -a "C:\Users\mf\Downloads\epson324826eu (5).exe" -d C:\Users\mf\Downloads
O22 - Tasks: {9783570B-C119-497B-9666-089FCACD6DAA} - C:\Windows\system32\pcalua.exe -a C:\Users\mf\Desktop\HiJackThis.exe -d C:\Users\mf\Desktop
O22 - Tasks: {B618187F-895E-4717-A6A2-8CBAD7BF869E} - c:\program files (x86)\mozilla firefox\firefox.exe http://ui.skype.com/ui/0/6.6.0.106/it/abandoninstall?source=lightinstaller&page=tsInstall (file missing)
O22 - Tasks: {C6509AC9-3829-4877-9816-6D7412C5D865} - C:\Windows\system32\pcalua.exe -a "C:\Users\mf\Downloads\epson324826eu (2).exe" -d C:\Users\mf\Downloads
O22 - Tasks: {F77EE82F-C7C7-45A3-8AF5-781029F12F97} - c:\program files (x86)\mozilla firefox\firefox.exe http://www.skype.com/go/downloading?source=lightinstaller&ver=6.11.0.102&LastError=12002 (file missing)
O22 - Tasks: Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O22 - Tasks: Avast Emergency Update - C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
O22 - Tasks: Avast Secure Browser Heartbeat Task (Hourly) - C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe --type=heartbeat --hourly
O22 - Tasks: Avast Secure Browser Heartbeat Task (Logon) - C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe --type=heartbeat --logon
O22 - Tasks: avastBCLRestartS-1-5-21-1232614349-1706152515-3375908610-1001 - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (file missing)
O22 - Tasks: AvastBrowserProtectS-1-5-21-1232614349-1706152515-3375908610-1001 - C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowserProtect.exe --runonce
O22 - Tasks: AvastUpdateTaskMachineCore - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /c
O22 - Tasks: AvastUpdateTaskMachineUA - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /ua /installsource scheduler
O22 - Tasks: ByteFence - C:\Program Files\ByteFence\ByteFence.exe /a
O22 - Tasks: CCleaner Update - C:\Program Files\CCleaner\CCUpdate.exe
O22 - Tasks: CCleanerCrashReporting - C:\Program Files\CCleaner\CCleanerBugReport.exe --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "8f20d0c8-27ca-4baa-89ab-59f35e93c5d7" --version "6.22.10977" --silent
O22 - Tasks: CCleanerSkipUAC - mf - C:\Program Files\CCleaner\CCleaner.exe $(Arg0)
O22 - Tasks: Digital Sites - C:\Users\mf\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE /Check (file missing)
O22 - Tasks: GarminUpdaterTask - C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe
O22 - Tasks: GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Tasks: ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d - C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe --domain-id 4e00205a-2ab1-4423-8f77-cc25b82cde1d --caller scheduler-impersonate
O22 - Tasks: LaunchSignup - C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe frompopup (file missing)
O22 - Tasks: OneDrive Reporting Task-S-1-5-21-1232614349-1706152515-3375908610-1001 - C:\Users\mf\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting
O22 - Tasks: SidebarExecute - C:\Program Files\Windows Sidebar\sidebar.exe (file missing)
O22 - Tasks: Yahoo! Powered nised - C:\WINDOWS\system32\wscript.exe "C:\ProgramData\{7015B576-FA57-3FB0-7C91-A1F2E6D32A3C}\timo.txt" "687474703a2f2f7761676e672e636f6d" "433a5c50726f6772616d446174615c7b37303135423537362d464135372d334642302d374339312d4131463245364433324133437d5c726f6465646f" "433a5c50726f6772616d446174615c7b37303135423537362d464135372d334642302d374339312d4131463245364433324133437d5c7261726f6c6963" "//B" "//E:jscript" "--IsErIk"
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Media Center\PeriodicScanRetry - C:\WINDOWS\ehome\MCUpdate.exe -pscn 0 (file missing)
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Media Center\RecordingRestart - C:\WINDOWS\ehome\ehrec /RestartRecording (file missing)
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor - {EA9155A3-8A39-40B4-8963-D3C761B18371} - (no file)
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Shell\FamilySafetyMonitorToastTask - {D2CBF5F7-5702-440B-8D8F-8203034A6B82},$(Arg0) - (no file)
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Shell\WindowsParentalControls - {DFA14C43-F385-4170-99CC-1B7765FA0E4A} - (no file)
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Shell\WindowsParentalControlsMigration - {343D770D-7788-47C2-B62A-B7C4CED925CB} - (no file)
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\SideShow\AutoWake - {E51DFD48-AA36-4B45-BB52-E831F02E8316} - (no file)
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\SideShow\SessionAgent - {45F26E9E-6199-477F-85DA-AF1EDFE067B1} - (no file)
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\SideShow\SystemDataProviders - {7CCA6768-8373-4D28-8876-83E8B4E3A969} - (no file)
O22 - Tasks_Migrated: (disabled) Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O22 - Tasks_Migrated: (disabled) ASUS Live Update - C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
O22 - Tasks_Migrated: (disabled) ASUS P4G - C:\Program Files\ASUS\P4G\BatteryLife.exe
O22 - Tasks_Migrated: (disabled) ASUS Quick Gesture - C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe
O22 - Tasks_Migrated: (disabled) ASUS Quick Gesture (x64) - C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe
O22 - Tasks_Migrated: (disabled) ASUS Smart Gesture Launcher - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe
O22 - Tasks_Migrated: (disabled) ASUS SmartLogon Console Sensor - C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
O22 - Tasks_Migrated: (disabled) ASUS USB Charger Plus - C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
O22 - Tasks_Migrated: (disabled) GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Tasks_Migrated: (disabled) ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon - C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe --domain-id 4e00205a-2ab1-4423-8f77-cc25b82cde1d --caller winlogon-impersonate
O22 - Tasks_Migrated: \AVAST Software\Overseer - C:\Program Files\Common Files\avast software\overseer\overseer.exe /from_scheduler:1
O22 - Tasks_Migrated: \Microsoft\Windows Live\SOXE\Extractor Definitions Update Task - {3519154C-227E-47F3-9CC9-12C3F05817F1} - (no file)
O22 - Tasks_Migrated: \Microsoft\Windows\Diagnosis\RecommendedTroubleshootingScanner - C:\WINDOWS\system32\mitigationscanner.exe (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Media Center\ActivateWindowsSearch - C:\WINDOWS\ehome\ehPrivJob.exe /DoActivateWindowsSearch (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Media Center\ConfigureInternetTimeService - C:\WINDOWS\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Media Center\DispatchRecoveryTasks - C:\WINDOWS\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Media Center\ehDRMInit - C:\WINDOWS\ehome\ehPrivJob.exe /DRMInit (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Media Center\InstallPlayReady - C:\WINDOWS\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Media Center\mcupdate - C:\WINDOWS\ehome\mcupdate $(Arg0) (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Media Center\mcupdate_scheduled - C:\WINDOWS\ehome\mcupdate -crl -hms -pscn 15 (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Media Center\MediaCenterRecoveryTask - C:\WINDOWS\ehome\mcupdate.exe -MediaCenterRecoveryTask (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - C:\WINDOWS\ehome\mcupdate.exe -ObjectStoreRecoveryTask (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Media Center\OCURActivate - C:\WINDOWS\ehome\ehPrivJob.exe /OCURActivate (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Media Center\OCURDiscovery - C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Media Center\PBDADiscovery - C:\WINDOWS\ehome\ehPrivJob.exe /PBDADiscovery (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Media Center\PBDADiscoveryW1 - C:\WINDOWS\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Media Center\PBDADiscoveryW2 - C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Media Center\PvrRecoveryTask - C:\WINDOWS\ehome\mcupdate.exe -PvrRecoveryTask (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Media Center\PvrScheduleTask - C:\WINDOWS\ehome\mcupdate.exe -PvrSchedule (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Media Center\RegisterSearch - C:\WINDOWS\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Media Center\ReindexSearchRoot - C:\WINDOWS\ehome\ehPrivJob.exe /DoReindexSearchRoot (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Media Center\SqlLiteRecoveryTask - C:\WINDOWS\ehome\mcupdate.exe -SqlLiteRecoveryTask (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Media Center\UpdateRecordPath - C:\WINDOWS\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\MobilePC\HotStart - {06DA0625-9701-43DA-BFD7-FBEEA2180A1E} - (no file)
O22 - Tasks_Migrated: \Microsoft\Windows\RemovalTools\MRT_ERROR_HB - C:\WINDOWS\system32\MRT.exe /EHB /HeartbeatFailure "SubmitHeartbeatReportData" /HeartbeatError "0x80072ee7"
O22 - Tasks_Migrated: \Microsoft\Windows\SideShow\GadgetManager - {FF87090D-4A9A-4F47-879B-29A80C355D61},$(Arg0) - (no file)
O22 - Tasks_Migrated: \Microsoft\Windows\SMB\UninstallSMB1ClientTask - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Client"
O22 - Tasks_Migrated: \Microsoft\Windows\SMB\UninstallSMB1ServerTask - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Server"
O22 - Tasks_Migrated: \Microsoft\Windows\TabletPC\InputPersonalization - C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe (Microsoft)
O22 - Tasks_Migrated: \Microsoft\Windows\Tcpip\IpAddressConflict1 - C:\WINDOWS\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem (Microsoft)
O22 - Tasks_Migrated: \Microsoft\Windows\Tcpip\IpAddressConflict2 - C:\WINDOWS\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem (Microsoft)
O22 - Tasks_Migrated: {085E5AE1-682E-4941-8059-CC6CEDDE3C29} - C:\WINDOWS\system32\pcalua.exe -a "C:\Users\mf\Downloads\eMule0.50a-Installer (2).exe" -d C:\Users\mf\Downloads
O22 - Tasks_Migrated: {12BD7B1A-6388-4013-8AC1-1883FE47F70D} - c:\program files (x86)\mozilla firefox\firefox.exe http://ui.skype.com/ui/0/6.7.59.102/it/abandoninstall?page=tsProgressBar (file missing)
O22 - Tasks_Migrated: {3C468AAC-74FF-4747-B9D1-910275B1F460} - C:\Windows\system32\pcalua.exe -a "C:\Users\mf\Downloads\epson324826eu (1).exe" -d C:\Users\mf\Downloads
O22 - Tasks_Migrated: {595F7578-6091-4104-8C2C-3638A55FCA14} - c:\program files (x86)\mozilla firefox\firefox.exe http://www.skype.com/go/downloading?source=lightinstaller&ver=6.7.0.102&LastError=12002 (file missing)
O22 - Tasks_Migrated: {8359B552-3773-424B-B1AE-9026CDEA2400} - C:\Windows\system32\pcalua.exe -a C:\Users\mf\AppData\Roaming\omiga-plus\UninstallManager.exe -c -ptid=tugs
O22 - Tasks_Migrated: {865AE5AF-4CD1-4557-B379-1514C9E2B671} - C:\Windows\system32\pcalua.exe -a "C:\Users\mf\Downloads\epson324826eu (5).exe" -d C:\Users\mf\Downloads
O22 - Tasks_Migrated: {9783570B-C119-497B-9666-089FCACD6DAA} - C:\Windows\system32\pcalua.exe -a C:\Users\mf\Desktop\HiJackThis.exe -d C:\Users\mf\Desktop
O22 - Tasks_Migrated: {B618187F-895E-4717-A6A2-8CBAD7BF869E} - c:\program files (x86)\mozilla firefox\firefox.exe http://ui.skype.com/ui/0/6.6.0.106/it/abandoninstall?source=lightinstaller&page=tsInstall (file missing)
O22 - Tasks_Migrated: {C6509AC9-3829-4877-9816-6D7412C5D865} - C:\Windows\system32\pcalua.exe -a "C:\Users\mf\Downloads\epson324826eu (2).exe" -d C:\Users\mf\Downloads
O22 - Tasks_Migrated: {F77EE82F-C7C7-45A3-8AF5-781029F12F97} - c:\program files (x86)\mozilla firefox\firefox.exe http://www.skype.com/go/downloading?source=lightinstaller&ver=6.11.0.102&LastError=12002 (file missing)
O22 - Tasks_Migrated: Adobe Flash Player NPAPI Notifier - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_414_Plugin.exe -check plugin (file missing)
O22 - Tasks_Migrated: Adobe Flash Player PPAPI Notifier - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_414_pepper.exe -check pepperplugin (file missing)
O22 - Tasks_Migrated: Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (file missing)
O22 - Tasks_Migrated: ATKOSD2 - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O22 - Tasks_Migrated: Avast Emergency Update - C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
O22 - Tasks_Migrated: Avast Secure Browser Heartbeat Task (Hourly) - C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe --type=heartbeat --hourly
O22 - Tasks_Migrated: Avast Secure Browser Heartbeat Task (Logon) - C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe --type=heartbeat --logon
O22 - Tasks_Migrated: avastBCLRestartS-1-5-21-1232614349-1706152515-3375908610-1001 - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (file missing)
O22 - Tasks_Migrated: AvastUpdateTaskMachineCore - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /c
O22 - Tasks_Migrated: AvastUpdateTaskMachineUA - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /ua /installsource scheduler
O22 - Tasks_Migrated: ByteFence - C:\Program Files\ByteFence\ByteFence.exe /a
O22 - Tasks_Migrated: CCleaner Update - C:\Program Files\CCleaner\CCUpdate.exe
O22 - Tasks_Migrated: CCleanerSkipUAC - C:\Program Files\CCleaner\CCleaner.exe $(Arg0)
O22 - Tasks_Migrated: Digital Sites - C:\Users\mf\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE /Check (file missing)
O22 - Tasks_Migrated: GarminUpdaterTask - C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe
O22 - Tasks_Migrated: GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Tasks_Migrated: ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d - C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe --domain-id 4e00205a-2ab1-4423-8f77-cc25b82cde1d --caller scheduler-impersonate
O22 - Tasks_Migrated: LaunchSignup - C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe frompopup (file missing)
O22 - Tasks_Migrated: SidebarExecute - C:\Program Files\Windows Sidebar\sidebar.exe (file missing)
O22 - Tasks_Migrated: Yahoo! Powered nised - C:\WINDOWS\system32\wscript.exe "C:\ProgramData\{7015B576-FA57-3FB0-7C91-A1F2E6D32A3C}\timo.txt" "687474703a2f2f7761676e672e636f6d" "433a5c50726f6772616d446174615c7b37303135423537362d464135372d334642302d374339312d4131463245364433324133437d5c726f6465646f" "433a5c50726f6772616d446174615c7b37303135423537362d464135372d334642302d374339312d4131463245364433324133437d5c7261726f6c6963" "//B" "//E:jscript" "--IsErIk"
O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service R2: AFBAgent - C:\WINDOWS\system32\FBAgent.exe
O23 - Service R2: Application Virtualization Client - (sftlist) - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
O23 - Service R2: Avast Antivirus - (avast! Antivirus) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe /runassvc
O23 - Service R2: Avast Tools - (avast! Tools) - C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe /runassvc
O23 - Service R2: AvastWscReporter - C:\Program Files\AVAST Software\Avast\wsc_proxy.exe /runassvc /rpcserver
O23 - Service R2: ByteFence Anti-Malware Service - (ByteFenceService) - C:\Program Files\ByteFence\ByteFenceService.exe
O23 - Service R2: Client Virtualization Handler - (cvhsvc) - C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
O23 - Service R2: rtop - C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe
O23 - Service R3: ASLDR Service - (ASLDRService) - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service R3: ASUS InstantOn Service - (ASUS InstantOn) - C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
O23 - Service R3: aswbIDSAgent - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service R3: ATKGFNEX Service - (ATKGFNEXSrv) - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service R3: BBUpdate - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe
O23 - Service R3: CCleaner Performance Optimizer Service - (CCleanerPerformanceOptimizerService) - C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
O23 - Service R3: Cyclone License Server - (CycloneLicenseServer) - C:\Program Files (x86)\Leica Geosystems\Cyclone\CyraLicense.exe "C:\Program Files (x86)\Leica Geosystems\Cyclone\"
O23 - Service R3: Intel(R) Capability Licensing Service Interface - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service R3: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service R3: Intel(R) HD Graphics Control Panel Service - (igfxCUIService1.0.0.0) - C:\WINDOWS\system32\igfxCUIService.exe
O23 - Service R3: Intel(R) Management and Security Application Local Management Service - (LMS) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service R3: Intel(R) Management and Security Application User Notification Service - (UNS) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service R3: Intel(R) ME Service - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service R3: Leica HDS Server - C:\Program Files (x86)\Leica Geosystems\Cyclone\fastobjectsserver.exe -config "C:\Program Files (x86)\Leica Geosystems\Cyclone\ptserver.cfg"
O23 - Service S2: BingBar Service - (BBSvc) - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe
O23 - Service S2: Garmin Device Interaction Service - C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe EXPRESS
O23 - Service S2: Google Update Service (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S2: Servizio %1!s! Update (avast) - (avast) - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /svc
O23 - Service S3: Avast Secure Browser Elevation Service (AvastSecureBrowserElevationService) - (AvastSecureBrowserElevationService) - C:\Program Files (x86)\AVAST Software\Browser\Application\122.0.24368.130\elevation_service.exe
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\123.0.6312.86\elevation_service.exe
O23 - Service S3: Google Update Service (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Intel(R) Content Protection HECI Service - (cphs) - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service S3: NVIDIA Update Service Daemon - (nvUpdatusService) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service S3: Servizio %1!s! Update (avastm) - (avastm) - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /medsvc
 
Che problemi ti da esattamente?
Vedendo così intanto piallaerei i 01 host e questi che mi puzzano:

Codice: 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main: [Default_Page_URL] = http://isearch.omiga-plus.com/?type...HitachiXHTS547575A9E384_J2140059C60GJAC60GJAX
R0 - HKLM\Software\Microsoft\Internet Explorer\Main: [Default_Search_URL] = http://isearch.omiga-plus.com/web/?...achiXHTS547575A9E384_J2140059C60GJAC60GJAX&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main: [Search Page] = http://isearch.omiga-plus.com/web/?...achiXHTS547575A9E384_J2140059C60GJAC60GJAX&q={searchTerms}
 
VIANELLO_85 ha scritto:
Che problemi ti da esattamente?
Vedendo così intanto piallaerei i 01 host e questi che mi puzzano:

Codice: 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main: [Default_Page_URL] = http://isearch.omiga-plus.com/?type...HitachiXHTS547575A9E384_J2140059C60GJAC60GJAX
R0 - HKLM\Software\Microsoft\Internet Explorer\Main: [Default_Search_URL] = http://isearch.omiga-plus.com/web/?...achiXHTS547575A9E384_J2140059C60GJAC60GJAX&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main: [Search Page] = http://isearch.omiga-plus.com/web/?...achiXHTS547575A9E384_J2140059C60GJAC60GJAX&q={searchTerms}
Clicca per espandere...
Da eliminare

Eliminare tutti gli HOST 01

Eliminerei anche tutto quello che riguarda ByteFence

Poi fai una scansione totale con l'antivirus
 
Grazie!
C'è voluta una mezz'oretta per eliminare tutti i bytefence ma c'è l'ho fatta.
Il PC avrà ormai una dozzina di anni e spesso richiede una decina di minuti per mettersi in moto. A quel punto faccio una pulizia accurata e si velocizza ma dopo un paio di settimane, siamo di nuovo al punto di partenza.
... ma forse è normale che sia così....
 
Mi date un'occhiata perchè sono stato costretto ad aggiungere questo sito ed un altro affidabili come eccezioni da non scansionare perchè Avg m'impediva di aprirli vedendo delle minacce
Logfile of HiJackThis Fork by Alex Dragokas v.2.10.0.31

Platform: x64 Windows 10 (Pro), 10.0.19045.4170 (ReleaseId: 2009, 22H2), Service Pack: 0
Time: 30.03.2024 - 15:33 (UTC+01:00)
Language: OS: Italian (0x410). Display: Italian (0x410). Non-Unicode: Italian (0x410)
Memory: 629 MiB Free (84 %). CPU Loading: (16 %)
Elevated: Yes
Ran by: Soglia (group: Administrators) on DESKTOP-CDO0LV4, FirstRun: yes

Chrome: 123.0.6312.86
Firefox: 124.0.1.8846
Internet Explorer: 11.0.19041.3636
Default: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument %1 (Microsoft Edge)

Boot mode: Normal

Running processes:
Number | Path
1 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
1 C:\Program Files (x86)\Dell\UpdateService\DCF\Dell.DCF.UA.Bradbury.API.SubAgent.exe
1 C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
16 C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
1 C:\Program Files\AVG\Antivirus\afwServ.exe
1 C:\Program Files\AVG\Antivirus\aswEngSrv.exe
1 C:\Program Files\AVG\Antivirus\aswidsagent.exe
1 C:\Program Files\AVG\Antivirus\AVGSvc.exe
1 C:\Program Files\AVG\Antivirus\avgToolsSvc.exe
4 C:\Program Files\AVG\Antivirus\AVGUI.exe
1 C:\Program Files\AVG\Antivirus\wsc_proxy.exe
1 C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
1 C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
1 C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
1 C:\Program Files\Dell\DTP\AnalyticsSubAgent\Dell.TechHub.Analytics.SubAgent.exe
1 C:\Program Files\Dell\DTP\DataManagerSubAgent\Dell.TechHub.DataManager.SubAgent.exe
1 C:\Program Files\Dell\DTP\DiagnosticsSubAgent\Dell.TechHub.Diagnostics.SubAgent.exe
1 C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe
1 C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.UserProcess.exe
1 C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
1 C:\Program Files\Dell\TechHub\Dell.CoreServices.Client.exe
1 C:\Program Files\Dell\TechHub\Dell.TechHub.exe
1 C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
1 C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
1 C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
1 C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
1 C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.22091.10061.0_x64__8wekyb3d8bbwe\Video.UI.exe
1 C:\Users\Soglia\AppData\Local\Microsoft\OneDrive\24.050.0310.0001\FileCoAuth.exe
1 C:\Users\Soglia\AppData\Local\Microsoft\OneDrive\OneDrive.exe
1 C:\Users\Soglia\AppData\Roaming\Telegram Desktop\Telegram.exe
1 C:\Users\Soglia\Desktop\HiJackThis\HiJackThis.exe
1 C:\Windows\explorer.exe
1 C:\Windows\ImmersiveControlPanel\SystemSettings.exe
1 C:\Windows\System32\AggregatorHost.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
1 C:\Windows\System32\audiodg.exe
1 C:\Windows\System32\CompPkgSrv.exe
5 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
2 C:\Windows\System32\dasHost.exe
3 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\igfxCUIService.exe
1 C:\Windows\System32\igfxHK.exe
1 C:\Windows\System32\igfxTray.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\oobe\UserOOBEBroker.exe
6 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchFilterHost.exe
1 C:\Windows\System32\SearchIndexer.exe
2 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SecurityHealthSystray.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\SgrmBroker.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
73 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\SystemSettingsBroker.exe
3 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\wbem\unsecapp.exe
2 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
2 C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe

O4 - HKCU\..\Run: [MicrosoftEdgeAutoLaunch_D6D56CCCED9AEB944D8409D30E0B084A] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --no-startup-window --win-session-start
O4 - HKCU\..\Run: [OneDrive] = C:\Users\Soglia\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (Microsoft)
O4 - HKLM\..\Run: [AVGUI.exe] = C:\Program Files\AVG\Antivirus\AvLaunch.exe /gui
O4 - HKLM\..\Run: [IAStorIcon] = C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [RtHDVBg] = C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX4
O4 - HKLM\..\Run: [RtHDVCpl] = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe /s
O4-32 - HKLM\..\Run: [IMSS] = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" 60
O7 - Policy: HKLM\Software\Microsoft\Windows Defender: [DisableAntiSpyware] = 1
O7 - Policy: HKLM\Software\Microsoft\Windows Defender: [DisableAntiVirus] = 1
O17 - DHCP DNS 1: 192.168.1.1
O21 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files\AVG\Antivirus\ashShell.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files\AVG\Antivirus\x86\ashShell.dll
O22 - BITS Job: (download) {7D60E232-9531-4670-A06B-7B3C9CCCC24F} - http://edgedl.me.gvt1.com/edgedl/di...ec448c9037cab822a515f2d94bd470be2862400d.puff -> C:\Users\Soglia\AppData\Local\Temp\chrome_BITS_7240_1805337345\b3781f775e21c5285f6e524fec448c9037cab822a515f2d94bd470be2862400d.puff
O22 - BITS Job: (download) {ACAE608F-FD61-48C4-AE57-31286DC576ED} - http://edgedl.me.gvt1.com/edgedl/re..._439_all_ZZ_adbbwdbp45y3tcec5bde2wha5nnq.crx3 -> C:\Users\Soglia\AppData\Local\Temp\chrome_BITS_13920_638824116\lmelglejhemejginpboagddgdfbepgmp_439_all_ZZ_adbbwdbp45y3tcec5bde2wha5nnq.crx3
O22 - BITS Job: Fix all (including legit)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software (empty)
O22 - Tasks: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (Microsoft) (user missing)
O22 - Tasks: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (Microsoft) (user missing)
O22 - Tasks: (disabled) \Microsoft\Windows\Clip\LicenseImdsIntegration - C:\Windows\system32\fclip.exe (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\Windows\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\Windows\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\Windows\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\Windows\system32\usoclient.exe StartWork (Microsoft)
O22 - Tasks: (telemetry) \Microsoft\Office\Office 15 Subscription Heartbeat - C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe (Microsoft)
O22 - Tasks: (telemetry) \Microsoft\Office\OfficeTelemetryAgentFallBack - C:\Program Files\Microsoft Office\Office15\msoia.exe scan upload mininterval:2880 (Microsoft)
O22 - Tasks: (telemetry) \Microsoft\Office\OfficeTelemetryAgentLogOn - C:\Program Files\Microsoft Office\Office15\msoia.exe scan upload (Microsoft)
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc (Microsoft)
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (Microsoft)
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\Windows\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (Microsoft)
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\Windows\system32\rundll32.exe C:\Windows\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Tasks: \AVG\AVG Antivirus Patcher - C:\Program Files\Common Files\AVG\Icarus\avg-av\icarus.exe /update:avg-av /silent /only_patch
O22 - Tasks: \AVG\Overseer - C:\Program Files\Common Files\AVG\Overseer\overseer.exe /from_scheduler:1
O22 - Tasks: \GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem124.0.6359.0{38F76961-A72E-415C-B4B9-04D1D9BD7E73} - C:\Program Files (x86)\Google\GoogleUpdater\124.0.6359.0\updater.exe --wake --system --enable-logging --vmodule=*/components/winhttp/*=1,*/components/update_client/*=2,*/chrome/updater/*=2
O22 - Tasks: \Microsoft\Windows\AppListBackup\BackupNonMaintenance - {E0DCC2CC-3354-45F2-8914-519E07809082} - C:\Windows\system32\AppListBackupLauncher.dll (Microsoft)
O22 - Tasks: \Microsoft\Windows\AppxDeploymentClient\UCPD velocity - C:\Windows\system32\UCPDMgr.exe (Microsoft)
O22 - Tasks: \Microsoft\Windows\CloudRestore\Backup - {722D0F89-B69C-4700-AE8C-4A44350E4876},$(Arg0) - C:\Windows\System32\CloudRestoreLauncher.dll (Microsoft)
O22 - Tasks: \Microsoft\Windows\ConsentUX\UnifiedConsent\UnifiedConsentSyncTask - {82aa0895-198a-4c1b-b2d1-c16894218afb} - C:\Windows\System32\unifiedconsent.dll (Microsoft)
O22 - Tasks: \Microsoft\Windows\WindowsUpdate\Refresh Group Policy Cache - {07369A67-07A6-4608-ABEA-379491CB7C46} - C:\Windows\System32\UpdatePolicy.dll (Microsoft)
O22 - Tasks: \Mozilla\Firefox Background Update 308046B0AF4A39CB - C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
O22 - Tasks: \Mozilla\Firefox Background Update S-1-5-21-2883731058-2789653933-4289055623-1001 308046B0AF4A39CB - C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
O22 - Tasks: \Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB - C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
O22 - Tasks: Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O22 - Tasks: Antivirus Emergency Update - C:\Program Files\AVG\Antivirus\AvEmUpdate.exe
O22 - Tasks: Dell SupportAssistAgent AutoUpdate - C:\Program Files\Dell\SupportAssistAgent\bin\FrameworkAgents\SupportAssistInstaller.exe AutoUpdate
O22 - Tasks: Intel PTT EK Recertification - C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe
O22 - Tasks: Microsoft Office 15 Sync Maintenance for DESKTOP-CDO0LV4-Soglia DESKTOP-CDO0LV4 - C:\Program Files\Microsoft Office\Office15\MsoSync.exe
O22 - Tasks: OneDrive Reporting Task-S-1-5-21-2883731058-2789653933-4289055623-1001 - C:\Users\Soglia\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting
O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service R2: AVG Antivirus - C:\Program Files\AVG\Antivirus\AVGSvc.exe /runassvc
O23 - Service R2: AVG Firewall Service - (AVG Firewall) - C:\Program Files\AVG\Antivirus\afwServ.exe
O23 - Service R2: AVG Tools - C:\Program Files\AVG\Antivirus\avgToolsSvc.exe /runassvc
O23 - Service R2: AVGWscReporter - C:\Program Files\AVG\Antivirus\wsc_proxy.exe /runassvc /rpcserver
O23 - Service R2: Dell Client Management Service - (DellClientManagementService) - C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
O23 - Service R2: Dell Data Vault Collector - (DDVDataCollector) - C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
O23 - Service R2: Dell Data Vault Processor - (DDVRulesProcessor) - C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
O23 - Service R2: Dell Data Vault Service API - (DDVCollectorSvcApi) - C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
O23 - Service R2: Dell SupportAssist - (SupportAssistAgent) - C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
O23 - Service R2: Dell TechHub - (DellTechHub) - C:\Program Files\Dell\TechHub\Dell.TechHub.exe
O23 - Service R2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService2.0.0.0) - C:\Windows\system32\igfxCUIService.exe
O23 - Service R2: Intel(R) Management and Security Application Local Management Service - (LMS) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service R2: Intel(R) Rapid Storage Technology - (IAStorDataMgrSvc) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service R3: avgbIDSAgent - C:\Program Files\AVG\Antivirus\aswidsagent.exe
O23 - Service S2: GoogleUpdater InternalService 124.0.6359.0 (GoogleUpdaterInternalService124.0.6359.0) - (GoogleUpdaterInternalService124.0.6359.0) - C:\Program Files (x86)\Google\GoogleUpdater\124.0.6359.0\updater.exe --system --windows-service --service=update-internal --enable-logging --vmodule=*/components/winhttp/*=1,*/components/update_client/*=2,*/chrome/updater/*=2
O23 - Service S2: GoogleUpdater Service 124.0.6359.0 (GoogleUpdaterService124.0.6359.0) - (GoogleUpdaterService124.0.6359.0) - C:\Program Files (x86)\Google\GoogleUpdater\124.0.6359.0\updater.exe --system --windows-service --service=update --enable-logging --vmodule=*/components/winhttp/*=1,*/components/update_client/*=2,*/chrome/updater/*=2
O23 - Service S2: Intel(R) TPM Provisioning Service - C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe
O23 - Service S2: Servizio Google Update (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\123.0.6312.86\elevation_service.exe
O23 - Service S3: Intel(R) Capability Licensing Service TCP IP Interface - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service S3: Intel(R) Content Protection HECI Service - (cphs) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service S3: Office 64 Source Engine - (ose64) - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
O23 - Service S3: Servizio Google Update (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc


--
End of file - Time spent: 11,2 sec. - 34056 bytes, CRC32: FFFFFFFF. Sign: 㧻ꡣ
 
Devi accedere o registrarti per poter rispondere.
Indietro
Alto Basso