Torna indietro   Hardware Upgrade Forum > Networking e sicurezza > Antivirus e Sicurezza > Aiuto sono infetto! Cosa faccio?

Apple MacBook Air M3: chi deve davvero comprarlo? La recensione
Apple MacBook Air M3: chi deve davvero comprarlo? La recensione
A distanza di circa 8 mesi arriva l’importante aggiornamento dei MacBook Air: nessun cambiamento estetico, ma una revisione hardware interna con l’upgrade al processore M3. Le prestazioni migliorano rispetto alle generazioni precedenti, e questo fa sorgere una domanda spontanea: a chi è rivolto oggi questo laptop? Cerchiamo di capirlo nella nostra recensione 
ASUS ROG Swift OLED PG49WCD: quando QD-OLED e ultrawide si fondono
ASUS ROG Swift OLED PG49WCD: quando QD-OLED e ultrawide si fondono
Da ASUS un monitor particolare ma molto completo: principalmente indirizzato al videogiocatore, può essere sfruttato con efficacia anche per attività creative e di produzione multimediale
Dreame L10s Pro Ultra Heat: la pulizia di casa tutta sostanza
Dreame L10s Pro Ultra Heat: la pulizia di casa tutta sostanza
Il nuovo robot aspirapolvere domestico di Dreame abbina funzionalità complete a un moccio flottante che raggiunge al meglio gli angoli delle pareti. Un prodotto tutto in uno semplice da utilizzare ma molto efficace, in grado di rispondere al meglio alle necessità di pulizia della casa
Tutti gli articoli Tutte le news

Vai al Forum
Rispondi
 
Strumenti
Old 20-04-2020, 18:20   #14621
theboy
Senior Member
 
L'Avatar di theboy
 
Iscritto dal: Jan 2009
Messaggi: 2741
Quote:
Originariamente inviato da Vajont Guarda i messaggi
Ecco il link

https://gofile.io/?c=HpAb1s

Ho provato adwcleaner mi escono alcune chiavi di registro

https://gofile.io/?c=vc8Tpm

Un file chiamato securityXploded. Comunque dovrebbe esserci l'immagine della scansione fatta, i 41 file trovati sono chiavi di registro. Malwarebytes mi da sempre errore di istallazione, non capisco perché forse è più recente della mia versione di S.O.
prova questa
https://filehippo.com/it/download_ma...es/3.6.1.2711/

oppure questa
https://filehippo.com/it/download_ma...es/3.0.4.1269/

usi salvare le password con opera?

dal log di HiJackThis vedo solo cose che ADWcleaner può pulire senza problemi
theboy è offline   Rispondi citando il messaggio o parte di esso
Old 21-04-2020, 09:24   #14622
Vajont
Member
 
Iscritto dal: Oct 2006
Messaggi: 219
Quote:
Originariamente inviato da theboy Guarda i messaggi
prova questa
https://filehippo.com/it/download_ma...es/3.6.1.2711/

oppure questa
https://filehippo.com/it/download_ma...es/3.0.4.1269/

usi salvare le password con opera?

dal log di HiJackThis vedo solo cose che ADWcleaner può pulire senza problemi
In realtà non uso proprio opera. Non lo tengo nemmeno istallato. Quindi devo togliere tutte quelle chiavi di registro?

Anche quelle due versioni di malwarebytes non vanno. Mi dice impossibile avviare correttamente l'applicazione (0xc000007b)

Inoltre se provo a disistallarlo mi esce

Runtime Error (at 407:201):

Access violation at address 6FE7C542 in module 'suhlpr.dll'. Read of address 00000000

Ultima modifica di Vajont : 21-04-2020 alle 09:42.
Vajont è offline   Rispondi citando il messaggio o parte di esso
Old 21-04-2020, 15:20   #14623
theboy
Senior Member
 
L'Avatar di theboy
 
Iscritto dal: Jan 2009
Messaggi: 2741
ok allora puoi pulire tutto con ADWcleaner tranquillamente
installa RogueKiller, alternativamente a malwarebytes..
https://www.adlice.com/download/roguekiller/

comunque mi sa che hai qualcosa che non va col tuo win7, ti conviene reinstallare tutto da zero, a questo punto se puoi passa a win10 e sostituisci il disco con un SSD altrimenti non ti troveresti bene con win10
davvero, non è normale che non ti permetta di installare malwarebytes, alternativamente se hai un dvd originale di installazione di win7 sp1 fai un ripristino con opzione per mantenere i dati

da cmd avviato come amministratore avvia: sfc /scannow
theboy è offline   Rispondi citando il messaggio o parte di esso
Old 14-11-2020, 18:20   #14624
Ada_Mantio84
Junior Member
 
Iscritto dal: Nov 2020
Messaggi: 3
analisi log

Salve è il primo post spero di non fare casini potreste gentilmente analizzare il mio log? grazie, grazie

http://www.filedropper.com/hijackthisadamantio
Ada_Mantio84 è offline   Rispondi citando il messaggio o parte di esso
Old 07-06-2021, 21:19   #14625
Noe83
Junior Member
 
Iscritto dal: Apr 2017
Messaggi: 27
Aiuto analisi log

Ciao a tutti, da un po' di tempo la ventola del mio PC parte sempre così ho pensato di fare un'analisi con HiJackThis ma non so assolutamente leggere il risultato . Ho visto che esistevano pagine online ma non sono più attive , se qualcuno esperto vuole darmi una mano, allego il file di log.
Grazie
Allegati
File Type: zip hijackthis.zip (4.1 KB, 2 visite)
Noe83 è offline   Rispondi citando il messaggio o parte di esso
Old 11-06-2021, 00:26   #14626
Noe83
Junior Member
 
Iscritto dal: Apr 2017
Messaggi: 27
Ho allegato il nuovo file
Allegati
File Type: zip Log.zip (8.4 KB, 6 visite)
Noe83 è offline   Rispondi citando il messaggio o parte di esso
Old 12-06-2021, 22:27   #14627
Noe83
Junior Member
 
Iscritto dal: Apr 2017
Messaggi: 27
Ma se cancello questi elementi poi i programmi funzionano lo stesso?
Noe83 è offline   Rispondi citando il messaggio o parte di esso
Old 14-06-2021, 19:17   #14628
Noe83
Junior Member
 
Iscritto dal: Apr 2017
Messaggi: 27
Adobe non è solo per i PDF...uso vari programmi della suite per l'università, non posso disinstallarli
Noe83 è offline   Rispondi citando il messaggio o parte di esso
Old 15-06-2021, 22:02   #14629
Noe83
Junior Member
 
Iscritto dal: Apr 2017
Messaggi: 27
Lo so hai ragione, però adesso mi servono non posso toglierli. Puoi consigliarmi qualche software gratuito per eseguire queste scansioni?
Noe83 è offline   Rispondi citando il messaggio o parte di esso
Old 16-06-2021, 21:13   #14630
Noe83
Junior Member
 
Iscritto dal: Apr 2017
Messaggi: 27
OK grazie, appena posso provo
Noe83 è offline   Rispondi citando il messaggio o parte di esso
Old 16-11-2021, 15:31   #14631
avengedsevenfold-84
Member
 
L'Avatar di avengedsevenfold-84
 
Iscritto dal: May 2015
Messaggi: 147
dove posso scaricare hjackthis?
ho provato un paio di link nella discussione ma windows me lo rileva come pericoloso
avengedsevenfold-84 è offline   Rispondi citando il messaggio o parte di esso
Old 16-11-2021, 17:56   #14632
Nicodemo Timoteo Taddeo
Senior Member
 
L'Avatar di Nicodemo Timoteo Taddeo
 
Iscritto dal: Mar 2008
Messaggi: 17963
Quote:
Originariamente inviato da avengedsevenfold-84 Guarda i messaggi
dove posso scaricare hjackthis?
ho provato un paio di link nella discussione ma windows me lo rileva come pericoloso
Questo è il link all'eseguibile:
https://github.com/dragokas/hijackth...HiJackThis.exe

Questa è la pagina web su github:
https://github.com/dragokas/hijackthis/
Nicodemo Timoteo Taddeo è online   Rispondi citando il messaggio o parte di esso
Old 01-08-2022, 22:33   #14633
avengedsevenfold-84
Member
 
L'Avatar di avengedsevenfold-84
 
Iscritto dal: May 2015
Messaggi: 147
Logfile of HiJackThis Fork by Alex Dragokas v.2.10.0.10

Platform: x64 Windows 11 (Home), 10.0.22000.795 (ReleaseId: 2009, 21H2), Service Pack: 0
Time: 01.08.2022 - 22:32 (UTC+02:00)
Language: OS: Italian (0x410). Display: Italian (0x410). Non-Unicode: Italian (0x410)
Elevated: Yes
Ran by: Lorenzo (group: Administrators) on DESKTOP-K11V5FN, FirstRun: yes

Chrome: 103.0.5060.134
Internet Explorer: 11.0.22000.120
Default: "C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
1 C:\Program Files (x86)\Common Files\Steam\steamservice.exe
1 C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe
1 C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe
1 C:\Program Files (x86)\Lenovo\Lenovo Calliope USB Keyboard\SklFundKb.exe
1 C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoBoostAddin).exe
1 C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoBoostSystemAddin).exe
1 C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoServiceBridgeAddin).exe
1 C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(SmartInteractAddin).exe
1 C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(VantageCoreAddin).exe
1 C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe
6 C:\Program Files (x86)\Microsoft\EdgeWebView\Application\103.0.1264.77\msedgewebview2.exe
7 C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
1 C:\Program Files (x86)\Steam\steam.exe
13 C:\Program Files\Google\Chrome\Application\chrome.exe
1 C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
1 C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.40027.0_x64__0a9344xs7nr4m\radeonsoftware\amdow.exe
1 C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.40027.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe
1 C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.40027.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSSrcExt.exe
1 C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.40027.0_x64__0a9344xs7nr4m\radeonsoftware\cncmd.exe
1 C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.40027.0_x64__0a9344xs7nr4m\radeonsoftware\QtWebEngineProcess.exe
1 C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.21.40027.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe
1 C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
1 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22052.554.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
1 C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.22041.10091.0_x64__8wekyb3d8bbwe\Video.UI.exe
1 C:\Program Files\WindowsApps\MicrosoftTeams_22183.300.1431.9295_x64__8wekyb3d8bbwe\msteams.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCopyAccelerator.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe
6 C:\Users\Lorenzo\AppData\Local\Discord\app-1.0.9005\Discord.exe
1 C:\Windows\explorer.exe
1 C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
1 C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
1 C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
1 C:\Windows\System32\AggregatorHost.exe
1 C:\Windows\System32\amdfendrsr.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
1 C:\Windows\System32\audiodg.exe
2 C:\Windows\System32\backgroundTaskHost.exe
1 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
2 C:\Windows\System32\dasHost.exe
1 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
1 C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_3de4831720bb2934\RstMwService.exe
1 C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
1 C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
1 C:\Windows\System32\DriverStore\FileRepository\piecomponent.inf_amd64_9bc8a839c751c49e\Intel_PIE_Service.exe
2 C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3d19142d5a057a7c\RtkAudUService64.exe
1 C:\Windows\System32\DriverStore\FileRepository\u0377059.inf_amd64_d7036a5508806f8e\B376743\atieclxx.exe
1 C:\Windows\System32\DriverStore\FileRepository\u0377059.inf_amd64_d7036a5508806f8e\B376743\atiesrxx.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\MoNotificationUx.exe
7 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SecurityHealthSystray.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\SgrmBroker.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
80 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\System32\wlanext.exe
4 C:\Windows\System32\WUDFHost.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
1 C:\Windows\UUS\amd64\MoUsoCoreWorker.exe
1 D:\Download\HiJackThis.exe
1 D:\Origin\Origin.exe
1 D:\Origin\OriginClientService.exe
1 D:\Origin\OriginWebHelperService.exe
5 D:\Origin\QtWebEngineProcess.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Default_Page_URL] = http://lenovo17win10.msn.com/?pc=LCTE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = http://lenovo17win10.msn.com/?pc=LCTE
O4 - HKCU\..\Run: [Discord] = C:\Users\Lorenzo\AppData\Local\Discord\Update.exe --processStart Discord.exe
O4 - HKCU\..\Run: [EADM] = D:\Origin\Origin.exe -AutoStart
O4 - HKCU\..\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent
O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Users\Lorenzo\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (2021/08/05)
O4 - HKLM\..\Run: [Lenovo Fundamental USB Keyboard] = C:\Program Files (x86)\Lenovo\Lenovo Calliope USB Keyboard\SklFundKb.exe
O4 - HKLM\..\Run: [RtkAudUService] = C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3d19142d5a057a7c\RtkAudUService64.exe -background
O4 - HKU\S-1-5-19\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade (User 'Local service')
O4 - HKU\S-1-5-20\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade (User 'Network service')
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\E&xport to Microsoft Excel: (default) = C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE (file missing)
O10 - Unknown file in Winsock LSP: C:\WINDOWS\system32\nlansp_c.dll
O17 - DHCP DNS 1: 192.168.1.1
O22 - Task: (damaged) \Lenovo\ImController\TimeBasedEvents\48eb7336-7f2e-4112-8b15-ec59b9b1febf - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger 48eb7336-7f2e-4112-8b15-ec59b9b1febf (user missing)
O22 - Task: (damaged) \Lenovo\ImController\TimeBasedEvents\8abe97c5-50eb-4923-994d-751818fdf076 - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger 8abe97c5-50eb-4923-994d-751818fdf076 (user missing)
O22 - Task: (damaged) \Lenovo\ImController\TimeBasedEvents\b573713b-f562-448e-9a07-a2979ee134ff - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger b573713b-f562-448e-9a07-a2979ee134ff (user missing)
O22 - Task: (damaged) \Lenovo\ImController\TimeBasedEvents\ceb29178-ebe6-4a82-994c-6237b105f406 - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger ceb29178-ebe6-4a82-994c-6237b105f406 (user missing)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Intel (empty)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\McAfee (empty)
O22 - Task: (disabled) \Agent Activation Runtime\S-1-5-21-1755012876-133732241-365190357-1002 - C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\MdmDiagnosticsCleanup - C:\WINDOWS\system32\MdmDiagnosticsTool.exe /clean (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Task: (telemetry) \Lenovo\Vantage\Schedule\DailyTelemetryTransmission - C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe DailyTelemetryTransmission
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Task: \HP\HP Print Scan Doctor\Printer Health Monitor - C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe
O22 - Task: \HP\HP Print Scan Doctor\Printer Health Monitor Logon - C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe
O22 - Task: \Lenovo\BatteryGauge\BatteryGaugeMaintenance - C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe
O22 - Task: \Lenovo\ImController\Lenovo iM Controller Monitor - C:\WINDOWS\system32\ImController.InfInstaller.exe -checkremoval
O22 - Task: \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance - C:\WINDOWS\system32\sc.exe START ImControllerService
O22 - Task: \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask - C:\WINDOWS\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
O22 - Task: \Lenovo\ImController\TimeBasedEvents\48eb7336-7f2e-4112-8b15-ec59b9b1febf - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger 48eb7336-7f2e-4112-8b15-ec59b9b1febf
O22 - Task: \Lenovo\ImController\TimeBasedEvents\8abe97c5-50eb-4923-994d-751818fdf076 - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger 8abe97c5-50eb-4923-994d-751818fdf076
O22 - Task: \Lenovo\ImController\TimeBasedEvents\b573713b-f562-448e-9a07-a2979ee134ff - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger b573713b-f562-448e-9a07-a2979ee134ff
O22 - Task: \Lenovo\ImController\TimeBasedEvents\ceb29178-ebe6-4a82-994c-6237b105f406 - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger ceb29178-ebe6-4a82-994c-6237b105f406
O22 - Task: \Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance - C:\WINDOWS\system32\sc.exe start LenovoVantageService
O22 - Task: \Lenovo\Vantage\Schedule\GenericMessagingAddin - C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe GenericMessagingAddin
O22 - Task: \Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask - C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe HeartbeatAddinDailyScheduleTask
O22 - Task: \Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.SScan - C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe Lenovo.Vantage.SmartPerformance.SScan
O22 - Task: \Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask - C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe LenovoCompanionAppAddinDailyScheduleTask
O22 - Task: \Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask - C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe LenovoSystemUpdateAddin_WeeklyTask
O22 - Task: \Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - C:\WINDOWS\System32\MbaeParserTask.exe (file missing)
O22 - Task: \Microsoft\Windows\SMB\UninstallSMB1ClientTask - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Client"
O22 - Task: \Microsoft\Windows\SMB\UninstallSMB1ServerTask - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Server"
O22 - Task: \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\WINDOWS\system32\usoclient.exe StartWork (Microsoft)
O22 - Task: \Microsoft\Windows\WindowsBackup\AutomaticBackup - C:\WINDOWS\system32\rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup (Microsoft)
O22 - Task: \Microsoft\Windows\WindowsUpdate\RUXIM\RUXIMDisplay - C:\Program Files\ruxim\ruximics.exe /nonetwork (file missing)
O22 - Task: \Microsoft\Windows\WindowsUpdate\RUXIM\RUXIMSync - C:\Program Files\ruxim\ruximics.exe /onlyloadcampaigns (file missing)
O22 - Task: AMDInstallLauncher - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe /InstallAUEP
O22 - Task: AMDLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -AMDLinkUpdate
O22 - Task: GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Task: GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Task: ModifyLinkUpdate - C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe -UpdateCurrentUser
O22 - Task: OneDrive Reporting Task-S-1-5-21-1755012876-133732241-365190357-1002 - C:\Users\Lorenzo\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting
O22 - Task: StartCN - C:\Program Files\AMD\CNext\CNext\cncmd.exe startwithdelay
O22 - Task: StartDVR - C:\Program Files\AMD\CNext\CNext\RSServCmd.exe
O23 - Service R2: AMD Crash Defender Service - C:\WINDOWS\System32\amdfendrsr.exe
O23 - Service R2: AMD External Events Utility - C:\WINDOWS\System32\DriverStore\FileRepository\u0377059.inf_amd64_d7036a5508806f8e\B376743\atiesrxx.exe
O23 - Service R2: HP Print Scan Doctor Service - (HPPrintScanDoctorService) - C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
O23 - Service R2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
O23 - Service R2: Intel(R) Management and Security Application Local Management Service - (LMS) - C:\WINDOWS\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
O23 - Service R2: Intel(R) Management Engine WMI Provider Registration - (WMIRegistrationService) - C:\WINDOWS\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
O23 - Service R2: Intel(R) Storage Middleware Service - (RstMwService) - C:\WINDOWS\System32\DriverStore\FileRepository\iaahcic.inf_amd64_3de4831720bb2934\RstMwService.exe
O23 - Service R2: LenovoVantageService - C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe
O23 - Service R2: Origin Web Helper Service - D:\Origin\OriginWebHelperService.exe
O23 - Service R2: Realtek Audio Universal Service - (RtkAudioUniversalService) - C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3d19142d5a057a7c\RtkAudUService64.exe
O23 - Service R2: System Interface Foundation Service - (ImControllerService) - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
O23 - Service R3: Intel® PROSet/Wireless Service - (PIEServiceNew) - C:\WINDOWS\System32\DriverStore\FileRepository\piecomponent.inf_amd64_9bc8a839c751c49e\Intel_PIE_Service.exe
O23 - Service R3: Origin Client Service - D:\Origin\OriginClientService.exe
O23 - Service R3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\steamservice.exe /RunAsService
O23 - Service S2: Intel(R) TPM Provisioning Service - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_e936ad8266d026ce\lib\TPMProvisioningService.exe
O23 - Service S2: Servizio Google Update (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\103.0.5060.134\elevation_service.exe
O23 - Service S3: Intel(R) Capability Licensing Service TCP IP Interface - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_e936ad8266d026ce\lib\SocketHeciServer.exe
O23 - Service S3: Intel(R) Optane(TM) Memory Service - (iaStorAfsService) - C:\WINDOWS\System32\iaStorAfsService.exe
O23 - Service S3: Office 64 Source Engine - (ose64) - c:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
O23 - Service S3: Servizio Google Update (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc


--
End of file - Time spent: 12,4 sec. - 36638 bytes, CRC32: FFFFFFFF. Sign: ➽ꨐ
avengedsevenfold-84 è offline   Rispondi citando il messaggio o parte di esso
Old 29-10-2022, 22:03   #14634
ma_ru_6
Member
 
L'Avatar di ma_ru_6
 
Iscritto dal: Jun 2007
Messaggi: 182
backup cmos.zipSalve ragazzi ho il pc imballato come mai in vita mia credo si sia preso qualcosa potete cortesemente dare un occhio al mio log file ?


Logfile of HiJackThis Fork by Alex Dragokas v.2.10.0.23

Platform: x64 Windows 10 (Pro), 10.0.19044.2130 (ReleaseId: 2009, 21H2), Service Pack: 0
Time: 29.10.2022 - 21:55 (UTC+02:00)
Language: OS: Italian (0x410). Display: Italian (0x410). Non-Unicode: Italian (0x410)
Memory: 25242 MiB Free (24 %). CPU Loading: (27 %)
Elevated: Yes
Ran by: ma_ru (group: Administrators) on DESKTOP-BRLQVC3, FirstRun: yes

Chrome: 106.0.5249.119
Firefox: 106.0.2.8333
Internet Explorer: 11.0.19041.1566
Default: "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Firefox)

Boot mode: Normal

Running processes:
Number | Path
1 C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
1 C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\AsPowerBar.exe
1 C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
1 C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
1 C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.33\AsusFanControlService.exe
1 C:\Program Files (x86)\ASUS\AXSP\4.00.38\atkexComSvc.exe
1 C:\Program Files (x86)\ASUS\Lighting Control\AsLedService.exe
1 C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
1 C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
1 C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe
1 C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
1 C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe
1 C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
1 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
1 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
1 C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
1 C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\SBZ.exe
7 C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
1 C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
1 C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
1 C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
1 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
1 C:\Program Files (x86)\MSI\Dragon Center\APP_Dragon_Center_Keeper.exe
1 C:\Program Files (x86)\MSI\Dragon Center\CC_Engine_x64.exe
1 C:\Program Files (x86)\MSI\Dragon Center\DragonCenter_Service.exe
1 C:\Program Files (x86)\MSI\Dragon Center\Mystic_Light\LEDKeeper2.exe
1 C:\Program Files (x86)\MSI\Dragon Center\StorageMonitor\StorageMonitor.exe
1 C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
1 C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe
1 C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
1 C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe
1 C:\Program Files\Avira\Endpoint Protection SDK\SentryEye.exe
1 C:\Program Files\cFosSpeed\spd.exe
1 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1 C:\Program Files\Common Files\cdarbsvc\cdarbsvc_v1.0.0_x64.exe
1 C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
1 C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
2 C:\Program Files\Google\Drive File Stream\65.0.4.0\crashpad_handler.exe
7 C:\Program Files\Google\Drive File Stream\65.0.4.0\GoogleDriveFS.exe
1 C:\Program Files\Intel\WiFi\bin\EvtEng.exe
1 C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
1 C:\Program Files\KMSpico\Service_KMS.exe
1 C:\Program Files\Logitech Gaming Software\ArxApplets\Discord\logitechg_discord.exe
1 C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
1 C:\Program Files\Logitech Gaming Software\LAClient\laclient.exe
1 C:\Program Files\Logitech Gaming Software\LCore.exe
1 C:\Program Files\Logitech\Gaming Software\LWEMon.exe
1 C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
1 C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
1 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
1 C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
1 C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
11 C:\Program Files\Mozilla Firefox\firefox.exe
3 C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
3 C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
1 C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
1 C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
1 C:\Program Files\WindowsApps\Microsoft.GamingApp_2210.1001.60.0_x64__8wekyb3d8bbwe\XboxAppServices.exe
1 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxOutlook.exe
1 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxTsr.exe
1 C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.822.9161.0_x64__8wekyb3d8bbwe\GameBar.exe
1 C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.822.9161.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
1 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22082.119.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
1 C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
1 C:\ProgramData\LogiShrd\LogiOptions\Software\Current\laclient\laclient.exe
1 C:\ProgramData\LogiShrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
1 C:\ProgramData\LogiShrd\LogiOptions\Software\Current\LogiOverlay.exe
1 C:\Users\ma_ru\AppData\Local\Microsoft\OneDrive\OneDrive.exe
1 C:\Users\ma_ru\Downloads\HiJackThis.exe
1 C:\Windows\explorer.exe
1 C:\Windows\ImmersiveControlPanel\SystemSettings.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
1 C:\Windows\System32\audiodg.exe
1 C:\Windows\System32\backgroundTaskHost.exe
1 C:\Windows\System32\BtwRSupportService.exe
4 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
1 C:\Windows\System32\dasHost.exe
1 C:\Windows\System32\DbxSvc.exe
2 C:\Windows\System32\dllhost.exe
2 C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1b5e80ff87b1f5c8\Display.NvContainer\NVDisplay.Container.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\oobe\UserOOBEBroker.exe
1 C:\Windows\System32\rundll32.exe
10 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchFilterHost.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SecurityHealthSystray.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\SgrmBroker.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spacedeskService.exe
1 C:\Windows\System32\spacedeskServiceTray.exe
1 C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
1 C:\Windows\System32\spoolsv.exe
89 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\SystemSettingsBroker.exe
1 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\wbem\unsecapp.exe
2 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
2 C:\Windows\System32\WUDFHost.exe
1 C:\Windows\System32\WWAHost.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
1 C:\Windows\SysWOW64\CtHdaSvc.exe
1 C:\Windows\SysWOW64\muachost.exe
1 C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
1 C:\Windows\SysWOW64\XtuService.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = https://go.microsoft.com/fwlink/p/?L...1&ocid=UE01DHP
O1 - Hosts.ICS: 192.168.137.1 DESKTOP-BRLQVC3.mshome.net # 2025 10 3 15 13 41 3 497
O1 - Hosts.ICS: 192.168.137.227 LGwebOSTV.mshome.net # 2020 10 5 23 13 41 3 497
O2 - HKLM\..\BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
O2-32 - HKLM\..\BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2-32 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_351\bin\jp2ssv.dll
O2-32 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_351\bin\ssv.dll
O3 - HKLM\..\Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3-32 - HKLM\..\Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKCU\..\Run: [Discord] = C:\Users\ma_ru\AppData\Local\Discord\Update.exe --processStart Discord.exe
O4 - HKCU\..\Run: [GoogleDriveFS] = C:\Program Files\Google\Drive File Stream\65.0.4.0\GoogleDriveFS.exe --startup_mode
O4 - HKCU\..\Run: [OneDrive] = C:\Users\ma_ru\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (Microsoft)
O4 - HKCU\..\StartupApproved\Run: [ApplePhotoStreams] = C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (2018/12/10)
O4 - HKCU\..\StartupApproved\Run: [CCleaner Smart Cleaning] = C:\Program Files\CCleaner\CCleaner64.exe /MONITOR (2021/04/08)
O4 - HKCU\..\StartupApproved\Run: [DAEMON Tools Lite Automount] = C:\Program Files\DAEMON Tools Lite\DTAgent.exe -autorun (2020/06/27)
O4 - HKCU\..\StartupApproved\Run: [EpicGamesLauncher] = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent (2022/02/20)
O4 - HKCU\..\StartupApproved\Run: [iCloudServices] = C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (2019/05/27)
O4 - HKCU\..\StartupApproved\Run: [Skype for Desktop] = C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (2020/06/27)
O4 - HKCU\..\StartupApproved\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent (2021/10/07)
O4 - HKCU\..\StartupApproved\Run: [WTFast Tray] = C:\Program Files (x86)\WTFast\wtfast.exe trayonly (2019/04/11)
O4 - HKCU\..\StartupApproved\StartupFolder: C:\Users\ma_ru\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Folding@home.lnk -> C:\Program Files (x86)\FAHClient\HideConsole.exe C:\Program Files (x86)\FAHClient\FAHClient.exe (2020/05/29)
O4 - HKCU\..\StartupApproved\StartupFolder: C:\Users\ma_ru\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk -> C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe /AUTOHIDE (2021/10/07)
O4 - HKCU\..\StartupApproved\StartupFolder: C:\Users\ma_ru\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\startup helper.lnk -> C:\Tnlenterprises\SentryVision\ControlPanel.exe -s (2019/08/29)
O4 - HKLM\..\Run: [Launch LCore] = C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
O4 - HKLM\..\Run: [LogiOptions] = C:\Program Files\Logitech\LogiOptions\LogiOptions.exe /noui
O4 - HKLM\..\Run: [Start WingMan Profiler] = C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
O4 - HKLM\..\StartupApproved\Run: [iTunesHelper] = C:\Program Files\iTunes\iTunesHelper.exe (2018/05/23)
O4 - HKLM\..\StartupApproved\Run: [Logitech Download Assistant] = C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch (2021/04/08)
O4 - HKLM\..\StartupApproved\Run: [RTHDVCPL] = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s (2019/01/16)
O4 - HKLM\..\StartupApproved\Run32: [ProductUpdater] = C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe (2018/05/23)
O4 - HKLM\..\StartupApproved\Run32: [QuickTime Task] = C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime (2018/05/23)
O4 - HKLM\..\StartupApproved\Run32: [UpdReg] = C:\Windows\UpdReg.EXE (2020/06/27)
O4 - HKLM\..\StartupApproved\Run32: [Wondershare Helper Compact.exe] = C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (2021/10/07)
O4 - HKU\S-1-5-18\..\Run: [GoogleDriveFS] = C:\Program Files\Google\Drive File Stream\65.0.4.0\GoogleDriveFS.exe --startup_mode (User 'LocalSystem')
O4 - HKU\S-1-5-19\..\Run: [GoogleDriveFS] = C:\Program Files\Google\Drive File Stream\65.0.4.0\GoogleDriveFS.exe --startup_mode (User 'Local service')
O4 - HKU\S-1-5-20\..\Run: [GoogleDriveFS] = C:\Program Files\Google\Drive File Stream\65.0.4.0\GoogleDriveFS.exe --startup_mode (User 'Network service')
O4 - Startup: C:\Users\ma_ru\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar645.lnk -> (lnk is corrupted)
O4-32 - HKLM\..\Run: [Dropbox] = C:\Program Files (x86)\Dropbox\Client\Dropbox.exe /systemstartup
O4-32 - HKLM\..\Run: [Intel Driver & Support Assistant] = C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
O4-32 - HKLM\..\Run: [Sound Blaster Z-Series Control Panel] = C:\Program Files (x86)\Creative\Sound Blaster Z-Series\Sound Blaster Z-Series Control Panel\SBZ.exe /r
O4-32 - HKLM\..\Run: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O7 - KnownFolder: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders, Personal = C:\Users\ma_ru\Documents
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\E&xport to Microsoft Excel: (default) = C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE (file missing)
O15 - Trusted Zone: *.localhost
O15 - Trusted Zone: http://webcompanion.com
O16-32 - DPF: HKLM\..\{D4B68B83-8710-488B-A692-D74B50BA558E}\DownloadInformation: Creative Software AutoUpdate Support Package 2 [CODEBASE] = http://files.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
O16-32 - DPF: HKLM\..\{F6ACF75C-C32C-447B-9BEF-46B766368D29}\DownloadInformation: Creative Software AutoUpdate Support Package [CODEBASE] = http://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab
O17 - DHCP DNS 1: 192.168.1.1
O21 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.55.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files\Google\Drive File Stream\65.0.4.0\drivefsext.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files (x86)\Dropbox\Client\DropboxExt.55.0.dll
O22 - BITS Job: (download) {88AC140D-BB7C-4476-9D48-F63A97F7EBC1} - https://download-installer.cdn.mozilla.net/pub/firefox/releases/106.0.1/update/win64/it/firefox-106.0-106.0.1.partial.mar -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\updates\downloading\update.mar
O22 - BITS Job: (download) {D400B76C-64AA-4354-882A-B2CF66C94294} - http://emupdate.avcdn.net/files/emupdate/pong.txt -> C:\WINDOWS\TEMP\b2200182-ae70-4b0c-afe2-e98079a09ee2
O22 - BITS Job: Fix all (including legit)
O22 - Task (.job): (disabled) (Not scheduled) CreateExplorerShellUnelevatedTask.job - C:\WINDOWS\explorer.exe
O22 - Task (.job): (disabled) (Not scheduled) DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O22 - Task (.job): (disabled) (Not scheduled) DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O22 - Task (.job): CCleanerCrashReporting.job - C:\Program Files\CCleaner\CCleanerBugReport.exe
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{02845eed-5a9c-40f0-8ece-339f6024dc7a} - (no xml)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{02845eed-5a9c-40f0-8ece-339f6024dc7a} - (no key)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0b2a1a77-a797-411b-b0fe-1fd9ca4abe92} - (no xml)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0b2a1a77-a797-411b-b0fe-1fd9ca4abe92} - (no key)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{15b9262b-dd4a-468c-85d7-25a89d6565a4} - (no xml)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{15b9262b-dd4a-468c-85d7-25a89d6565a4} - (no key)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{69756134-9986-4c07-be8f-2725f92347e0} - (no xml)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{69756134-9986-4c07-be8f-2725f92347e0} - (no key)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{856ed5ab-084a-4f82-a6f5-5244f8036d5f} - (no xml)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{856ed5ab-084a-4f82-a6f5-5244f8036d5f} - (no key)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{d48f6bab-93fa-438b-9b82-2206db775eaa} - (no xml)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{d48f6bab-93fa-438b-9b82-2206db775eaa} - (no key)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{f46e32ff-db49-4b37-94db-090c8fe97827} - (no xml)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{f46e32ff-db49-4b37-94db-090c8fe97827} - (no key)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avira\Safe Shopping (empty)
O22 - Task: (damaged) HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avira\System Speedup (empty)
O22 - Tasks: (damaged) Avira_Security_Maintenance - C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe CrashCollector (user missing)
O22 - Tasks: (damaged) Avira_Security_Maintenance - C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe ServiceWatchdog (user missing)
O22 - Tasks: (disabled) \Microsoft\Windows\Clip\LicenseImdsIntegration - C:\WINDOWS\system32\fclip.exe (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\WINDOWS\System32\Autopilot.dll (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\WINDOWS\System32\Autopilot.dll (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Shell\FamilySafetyMonitorToastTask - {D2CBF5F7-5702-440B-8D8F-8203034A6B82},$(Arg0) - (no file)
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\WINDOWS\system32\usoclient.exe StartWork (Microsoft)
O22 - Tasks: (disabled) Opera scheduled Autoupdate 1591955198 - C:\Users\ma_ru\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (file missing)
O22 - Tasks: (disabled) SamsungMagician - C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe /AUTOHIDE
O22 - Tasks: (telemetry) \Intel\Intel Telemetry 2 (x86) - C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe $(Arg0)
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Tasks: (telemetry) NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Tasks: (telemetry) NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Tasks: (telemetry) NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Tasks: (telemetry) NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Tasks: \Agent Activation Runtime\S-1-5-21-4019647693-1073724643-1904518318-1001 - C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe
O22 - Tasks: \Apple\AppleSoftwareUpdate - C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe -task
O22 - Tasks: \ASUS\ASUS AISuiteIII - C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe -schedule
O22 - Tasks: \ASUS\ASUS DIPAwayMode - C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
O22 - Tasks: \ASUS\GpuFanHelper - C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe
O22 - Tasks: \Mozilla\Firefox Background Update 308046B0AF4A39CB - C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
O22 - Tasks: \Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB - C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
O22 - Tasks: \Nero\Nero Info - C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe -shedul
O22 - Tasks: Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O22 - Tasks: Adobe Uninstaller - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe --sapCode=PHSP --productVersion=19.1 --productPlatform=win64 --appletID=AppsPanel_BL --appletVersion=1.0 --appMode=Uninstall (file missing)
O22 - Tasks: AutoPico Daily Restart - C:\Program Files\KMSpico\AutoPico.exe /silent
O22 - Tasks: Avira_Security_Maintenance - C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe CrashCollector
O22 - Tasks: Avira_Security_Maintenance - C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe FallbackTelemetry
O22 - Tasks: Avira_Security_Maintenance - C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe ServiceWatchdog
O22 - Tasks: Avira_Security_Service_SCM_Watchdog - C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe HandleServiceControlManagerEvent 7000
O22 - Tasks: Avira_Security_Systray - C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe
O22 - Tasks: Avira_Security_Update - C:\WINDOWS\system32\net.exe start AviraSecurityUpdater
O22 - Tasks: AviraSystemSpeedupVerify - C:\Program Files (x86)\Avira\System Speedup\setup\avira_speedup_setup.exe /VERIFY /VERYSILENT /NOSTART /NODOTNET /NORESTART
O22 - Tasks: CCleaner Update - C:\Program Files\CCleaner\CCUpdate.exe
O22 - Tasks: CCleanerCrashReporting - C:\Program Files\CCleaner\CCleanerBugReport.exe --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "3ee2e0a6-a764-4fe3-881f-11b0447eef34" --version "6.04.10044" --silent
O22 - Tasks: CCleanerSkipUAC - ma_ru - C:\Program Files\CCleaner\CCleaner.exe $(Arg0)
O22 - Tasks: DropboxUpdateTaskMachineCore - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
O22 - Tasks: DropboxUpdateTaskMachineUA - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
O22 - Tasks: GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Tasks: GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Tasks: IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe --automatic
O22 - Tasks: IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe --automatic
O22 - Tasks: IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (file missing)
O22 - Tasks: MSIAfterburner - C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe /s
O22 - Tasks: MSISW_Host - C:\WINDOWS\SysWOW64\muachost.exe
O22 - Tasks: NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
O22 - Tasks: NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe
O22 - Tasks: NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe --launcher=TaskScheduler
O22 - Tasks: NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
O22 - Tasks: NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
O22 - Tasks: OInstall - C:\WINDOWS\OInstall.exe /activate
O22 - Tasks: OneDrive Reporting Task-S-1-5-21-4019647693-1073724643-1904518318-1001 - C:\Users\ma_ru\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Shell\FamilySafetyMonitorToastTask - {D2CBF5F7-5702-440B-8D8F-8203034A6B82},$(Arg0) - (no file)
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\WINDOWS\system32\usoclient.exe StartWork (Microsoft)
O22 - Tasks_Migrated: (disabled) USER_ESRV_SVC_QUEENCREEK - C:\WINDOWS\System32\Wscript.exe //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
O22 - Tasks_Migrated: (telemetry) \Intel\Intel Telemetry 2 (x86) - C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe $(Arg0)
O22 - Tasks_Migrated: (telemetry) \Microsoft\Office\OfficeTelemetryAgentFallBack2016 - C:\Program Files\Microsoft Office\root\Office16\msoia.exe scan upload mininterval:2880 (file missing)
O22 - Tasks_Migrated: (telemetry) \Microsoft\Office\OfficeTelemetryAgentLogOn2016 - C:\Program Files\Microsoft Office\root\Office16\msoia.exe scan upload (file missing)
O22 - Tasks_Migrated: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Tasks_Migrated: (telemetry) NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Tasks_Migrated: (telemetry) NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Tasks_Migrated: (telemetry) NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Tasks_Migrated: (telemetry) NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe
O22 - Tasks_Migrated: \Agent Activation Runtime\S-1-5-21-4019647693-1073724643-1904518318-1001 - C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe
O22 - Tasks_Migrated: \Apple\AppleSoftwareUpdate - C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe -task
O22 - Tasks_Migrated: \ASUS\ASUS AISuiteIII - C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe -schedule
O22 - Tasks_Migrated: \ASUS\ASUS DIPAwayMode - C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
O22 - Tasks_Migrated: \ASUS\GpuFanHelper - C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe
O22 - Tasks_Migrated: \Microsoft\Office\Office Automatic Updates 2.0 - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe /frequentupdate SCHEDULEDTASK displaylevel=False (file missing)
O22 - Tasks_Migrated: \Microsoft\Office\Office ClickToRun Service Monitor - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe /WatchService (file missing)
O22 - Tasks_Migrated: \Microsoft\Office\Office Feature Updates - C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe (file missing)
O22 - Tasks_Migrated: \Microsoft\Office\Office Feature Updates Logon - C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe /onlogon (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\termsrv\RemoteFX\RemoteFXvGPUDisableTask - C:\WINDOWS\System32\RemoteFXvGPUDisablement.exe Disable (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\termsrv\RemoteFX\RemoteFXWarningTask - C:\WINDOWS\System32\RemoteFXvGPUDisablement.exe Warning (file missing)
O22 - Tasks_Migrated: \Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB - C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
O22 - Tasks_Migrated: \Nero\Nero Info - C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe -shedul
O22 - Tasks_Migrated: Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O22 - Tasks_Migrated: Adobe Flash Player NPAPI Notifier - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_445_Plugin.exe -check plugin (file missing)
O22 - Tasks_Migrated: Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (file missing)
O22 - Tasks_Migrated: AdobeGCInvoker-1.0 - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe -mode=scheduled (file missing)
O22 - Tasks_Migrated: AutoPico Daily Restart - C:\Program Files\KMSpico\AutoPico.exe /silent
O22 - Tasks_Migrated: Avira_Antivirus_Systray - C:\Program Files (x86)\Avira\Antivirus\avgnt.exe /min (file missing)
O22 - Tasks_Migrated: Avira_Security_Update - C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe /CheckAndInstall
O22 - Tasks_Migrated: AviraSystemSpeedupUpdate - C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe /VERIFY /VERYSILENT /NOSTART /NODOTNET /NORESTART
O22 - Tasks_Migrated: CCleaner Update - C:\Program Files\CCleaner\CCUpdate.exe
O22 - Tasks_Migrated: CCleanerSkipUAC - C:\Program Files\CCleaner\CCleaner.exe $(Arg0)
O22 - Tasks_Migrated: DropboxUpdateTaskMachineCore - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
O22 - Tasks_Migrated: DropboxUpdateTaskMachineUA - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
O22 - Tasks_Migrated: GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Tasks_Migrated: GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Tasks_Migrated: IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe --automatic
O22 - Tasks_Migrated: IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe --automatic
O22 - Tasks_Migrated: IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (file missing)
O22 - Tasks_Migrated: MSIAfterburner - C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe /s
O22 - Tasks_Migrated: MSISW_Host - C:\WINDOWS\SysWOW64\muachost.exe
O22 - Tasks_Migrated: NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
O22 - Tasks_Migrated: NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
O22 - Tasks_Migrated: NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe
O22 - Tasks_Migrated: NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe --launcher=TaskScheduler
O22 - Tasks_Migrated: NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
O22 - Tasks_Migrated: NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
O22 - Tasks_Migrated: Opera scheduled Autoupdate 1591955198 - C:\Users\ma_ru\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (file missing)
O22 - Tasks_Migrated: SamsungMagician - C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe /AUTOHIDE
O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service R2: Apple Mobile Device Service - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service R2: ASUS Com Service - (asComSvc) - C:\Program Files (x86)\ASUS\AXSP\4.00.38\atkexComSvc.exe
O23 - Service R2: ASUS LED Control Service - C:\Program Files (x86)\ASUS\Lighting Control\AsLedService.exe
O23 - Service R2: ASUS System Control Service - (AsSysCtrlService) - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
O23 - Service R2: AsusFanControlService - C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.33\AsusFanControlService.exe
O23 - Service R2: Avira Optimizer Host - (AviraOptimizerHost) - C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
O23 - Service R2: Avira Security - (AviraSecurity) - C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
O23 - Service R2: Bluetooth Driver Management Service - (BcmBtRSupport) - C:\WINDOWS\system32\BtwRSupportService.exe
O23 - Service R2: Canon Inkjet Printer/Scanner/Fax Extended Survey Program - (IJPLMSVC) - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service R2: CdRom Device Arbiter service - (CdRomArbiterService) - C:\Program Files\Common Files\cdarbsvc\cdarbsvc_v1.0.0_x64.exe
O23 - Service R2: cFosSpeed System Service - (cFosSpeedS) - C:\Program Files\cFosSpeed\spd.exe -service
O23 - Service R2: Creative Audio Service - (CTAudSvcService) - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service R2: DbxSvc - C:\WINDOWS\system32\DbxSvc.exe
O23 - Service R2: Dragon Center Service - (DragonCenter_Service) - C:\Program Files (x86)\MSI\Dragon Center\DragonCenter_Service.exe
O23 - Service R2: Endpoint Protection Service - (EndpointProtectionService) - C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe Files\Avira\Endpoint Protection SDK\endpointprotection.exe start EndpointProtectionService
O23 - Service R2: Freemake Improver - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
O23 - Service R2: Intel(R) Driver & Support Assistant - (DSAService) - C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
O23 - Service R2: Intel(R) PROSet/Wireless Event Log - (EvtEng) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service R2: Intel(R) PROSet/Wireless Registry Service - (RegSrvc) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service R2: Intel(R) PROSet/Wireless Zero Configuration Service - (ZeroConfigService) - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
O23 - Service R2: Italy Canon IJ Scan Utility register event - (CIJSRegister) - C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe
O23 - Service R2: Logitech Gaming Registry Service - (LogiRegistryService) - C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
O23 - Service R2: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1b5e80ff87b1f5c8\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1b5e80ff87b1f5c8\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
O23 - Service R2: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
O23 - Service R2: SamsungMagicianSVC - C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe
O23 - Service R2: Service KMSELDI - C:\Program Files\KMSpico\Service_KMS.exe
O23 - Service R2: Sound Blaster Audio Service - (CtHdaSvc) - C:\WINDOWS\sysWow64\CtHdaSvc.exe
O23 - Service R2: spacedeskService - C:\WINDOWS\System32\spacedeskService.exe
O23 - Service R2: TeamViewer - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service R2: XTUOCDriverService - (XTU3SERVICE) - C:\WINDOWS\SysWOW64\XtuService.exe
O23 - Service R3: Avira Phantom VPN - (AviraPhantomVPN) - C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
O23 - Service S2: Avira Security Updater - (AviraSecurityUpdater) - C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe
O23 - Service S2: GameInput Service - C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe
O23 - Service S2: Joulemeter Service - C:\Program Files (x86)\Microsoft Research\Joulemeter\JoulemeterService.exe
O23 - Service S2: Servizio Aggiornamento Dropbox (dbupdate) - (dbupdate) - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /svc
O23 - Service S2: Servizio Google Update (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: Creative Media Toolbox 6 Licensing Service - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\MT6Licensing.exe
O23 - Service S3: Disc Soft Lite Bus Service - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service S3: EABackgroundService - F:\EA Desktop\EA Desktop\EABackgroundService.exe -start (file missing)
O23 - Service S3: Easy Anti-Cheat (Epic Online Services) - (EasyAntiCheat_EOS) - C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe
O23 - Service S3: EasyAntiCheat - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service S3: Endpoint Protection Secondary Service - (EndpointProtectionService2) - C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe Files\Avira\Endpoint Protection SDK\endpointprotection.exe start EndpointProtectionService2
O23 - Service S3: Epic Online Services - (EpicOnlineServices) - C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
O23 - Service S3: Intel(R) Driver & Support Assistant Updater - (DSAUpdateService) - C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
O23 - Service S3: Intel(R) SUR QC Software Asset Manager - (Intel(R) SUR QC SAM) - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe
O23 - Service S3: MagicianSVC - C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service S3: NVIDIA FrameView SDK service - (FvSvc) - C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe -service
O23 - Service S3: Office 64 Source Engine - (ose64) - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
O23 - Service S3: Servizio Aggiornamento Dropbox (dbupdatem) - (dbupdatem) - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /medsvc
O23 - Service S3: Servizio Google Update (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: SiSoftware Deployment Agent Service - (SandraAgentSrv) - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2020\RpcAgentSrv.exe
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService
O23 - Service S3: Wireless PAN DHCP Server - (MyWiFiDHCPDNS) - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe


--
End of file - Time spent: 10,4 sec. - 85358 bytes, CRC32: FFFFFFFF. Sign: 豑튺

Ultima modifica di ma_ru_6 : 02-11-2022 alle 09:48.
ma_ru_6 è offline   Rispondi citando il messaggio o parte di esso
Old 06-01-2023, 20:25   #14635
manga81
Senior Member
 
L'Avatar di manga81
 
Iscritto dal: Jan 2006
Città: messina-milano
Messaggi: 15986
Quote:
Originariamente inviato da Nicodemo Timoteo Taddeo Guarda i messaggi
Questo è il link all'eseguibile:
https://github.com/dragokas/hijackth...HiJackThis.exe

Questa è la pagina web su github:
https://github.com/dragokas/hijackthis/
non lo usavo da una vita, notando il pc lento pensavo e penso di avere qualcosa, ricordo che c'era un sito dove si poteva caricare il log che ti diceva cosa fixare o sbaglio?

c'è qualche guida in italiano?



hijackthis.de non funziona più???
__________________
compro: 1 - 2 - 3 -- vendo: 1 - 2 - 3 - Per impegni personali sarò assente o poco presente sul forum per un po di tempo, chi vuole mi contatti tramite mail e su telegram @Manga81

Ultima modifica di manga81 : 06-01-2023 alle 21:37.
manga81 è offline   Rispondi citando il messaggio o parte di esso
Old 07-01-2023, 07:36   #14636
Nicodemo Timoteo Taddeo
Senior Member
 
L'Avatar di Nicodemo Timoteo Taddeo
 
Iscritto dal: Mar 2008
Messaggi: 17963
Quote:
Originariamente inviato da manga81 Guarda i messaggi
non lo usavo da una vita, notando il pc lento pensavo e penso di avere qualcosa, ricordo che c'era un sito dove si poteva caricare il log che ti diceva cosa fixare o sbaglio?

c'è qualche guida in italiano?



hijackthis.de non funziona più???
Siti che analizzavano il logo postato dagli utenti ce ne erano diversi, uno ad esempio era quello di ilsoftware.it, ma con il disinteresse per questo programma sono spariti anche loro penso.

In qualche forum internazionale tra l'altro ormai viene spinto l'utilizzo di altri strumenti, esempio Farbar Recovery Scan Tool (FRST):

https://www.techspot.com/downloads/6...scan-tool.html

Ma bisogna essere abbastanza esperti per saper analizzare i risultati, non mi risultano siti che facciano in automatico neanche per lui.
Nicodemo Timoteo Taddeo è online   Rispondi citando il messaggio o parte di esso
Old 07-01-2023, 15:11   #14637
manga81
Senior Member
 
L'Avatar di manga81
 
Iscritto dal: Jan 2006
Città: messina-milano
Messaggi: 15986
Quote:
Originariamente inviato da Nicodemo Timoteo Taddeo Guarda i messaggi
Siti che analizzavano il logo postato dagli utenti ce ne erano diversi, uno ad esempio era quello di ilsoftware.it, ma con il disinteresse per questo programma sono spariti anche loro penso.

In qualche forum internazionale tra l'altro ormai viene spinto l'utilizzo di altri strumenti, esempio Farbar Recovery Scan Tool (FRST):

https://www.techspot.com/downloads/6...scan-tool.html

Ma bisogna essere abbastanza esperti per saper analizzare i risultati, non mi risultano siti che facciano in automatico neanche per lui.
adesso valuterò con calma
__________________
compro: 1 - 2 - 3 -- vendo: 1 - 2 - 3 - Per impegni personali sarò assente o poco presente sul forum per un po di tempo, chi vuole mi contatti tramite mail e su telegram @Manga81
manga81 è offline   Rispondi citando il messaggio o parte di esso
Old 21-02-2024, 10:41   #14638
malikmohsin56746
Junior Member
 
Iscritto dal: Feb 2024
Messaggi: 1
Quote:
Originariamente inviato da Riku Guarda i messaggi
Ciao, spybot è meglio eliminarlo perchè ci sono programmi migliori guarda qua:http://www.hwupgrade.it/forum/showthread.php?t=1825614

Per il file nascosto se vuoi fare un controllo approfondito segui questa guida: http://www.hwupgrade.it/forum/showthread.php?t=1599737
Grazie per il suggerimento! È sempre utile conoscere alternative migliori. Darò un'occhiata al link che hai condiviso.
malikmohsin56746 è offline   Rispondi citando il messaggio o parte di esso
 Rispondi


Apple MacBook Air M3: chi deve davvero comprarlo? La recensione Apple MacBook Air M3: chi deve davvero comprarlo...
ASUS ROG Swift OLED PG49WCD: quando QD-OLED e ultrawide si fondono ASUS ROG Swift OLED PG49WCD: quando QD-OLED e ul...
Dreame L10s Pro Ultra Heat: la pulizia di casa tutta sostanza Dreame L10s Pro Ultra Heat: la pulizia di casa t...
HONOR Magic6 Pro: come funziona Magic Portal, il modo ''intelligente'' di condividere HONOR Magic6 Pro: come funziona Magic Portal, il...
L'innovazione richiede fiducia: Workday si propone come guida nell'era dell'IA L'innovazione richiede fiducia: Workday si propo...
Italia strategica per Oracle. Arriva la ...
Sam-Bankman Fried: 25 anni di reclusione...
Mobility Analytics di WINDTRE Business p...
Il lander lunare JAXA SLIM si è r...
Warframe conquista l'iPhone: senza soluz...
Marvel Rivals!, l'inaspettato shooter Pv...
Twitch aggiorna le linee guida sui conte...
Galaxy M55 ufficiale: la nuova fascia me...
Google corregge sette vulnerabilit&agrav...
IA: le imprese italiane sono in prima li...
Garmin Dash Cam 57: un'alleata perfetta ...
Elgato Facecam MK2: come rendere ancora ...
2 iRobot Roomba al prezzo più sco...
La tua connessione in fibra ottica potre...
Il controller DualSense per PS5 con un p...
Chromium
GPU-Z
OCCT
LibreOffice Portable
Opera One Portable
Opera One 106
CCleaner Portable
CCleaner Standard
Cpu-Z
Driver NVIDIA GeForce 546.65 WHQL
SmartFTP
Trillian
Google Chrome Portable
Google Chrome 120
VirtualBox
Tutti gli articoli Tutte le news Tutti i download

Strumenti

Regole
Non Puoi aprire nuove discussioni
Non Puoi rispondere ai messaggi
Non Puoi allegare file
Non Puoi modificare i tuoi messaggi

Il codice vB è On
Le Faccine sono On
Il codice [IMG] è On
Il codice HTML è Off
Vai al Forum


Tutti gli orari sono GMT +1. Ora sono le: 19:05.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Served by www3v