Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.26
Platform: x64 Windows 8.1 (Home), 6.3.9600.19817, Service Pack: 0
Time: 30.09.2020 - 18:32 (UTC+02:00)
Language: OS: Italian (0x410). Display: Italian (0x410). Non-Unicode: Italian (0x410)
Elevated: Yes
Ran by: carlo (group: Administrator) on PC-CARLO, FirstRun: no
Firefox: 81.0.0.7565
Internet Explorer: 11.0.9600.19036
Default: "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Internet Explorer)
Boot mode: Normal
Running processes:
Number | Path
1 C:\Program Files\Classic Shell\ClassicStartMenu.exe
7 C:\Program Files\Mozilla Firefox\firefox.exe
1 C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
1 C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
1 C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
1 C:\Program Files\Sandboxie\SbieCtrl.exe
3 C:\Program Files\Sandboxie\SbieSvc.exe
1 C:\Program Files\Windows Defender\MsMpEng.exe
1 C:\Program Files\Windows Defender\NisSrv.exe
1 C:\Users\carlo\Desktop\PortableApps\HiJackThis\HiJackThis.exe
1 C:\Windows\System32\Locator.exe
1 C:\Windows\System32\SettingSyncHost.exe
1 C:\Windows\System32\SkyDrive.exe
1 C:\Windows\System32\atieclxx.exe
1 C:\Windows\System32\atiesrxx.exe
1 C:\Windows\System32\audiodg.exe
1 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\dasHost.exe
1 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\dwm.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
16 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhost.exe
1 C:\Windows\System32\taskhostex.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\System32\wlanext.exe
2 C:\Windows\explorer.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] =
http://www.google.it/O2 - HKLM\..\BHO: (no name) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - (no file)
O2 - HKLM\..\BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_241\bin\jp2ssv.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_241\bin\ssv.dll
O2-32 - HKLM\..\BHO: (no name) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - (no file)
O2-32 - HKLM\..\BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
O2-32 - HKLM\..\BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll
O4 - HKLM\..\StartupApproved\Run32: [BrHelp] = C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe /AUTORUN (2020/06/11)
O4 - HKLM\..\StartupApproved\Run32: [BrStsMon00] = C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN (2020/06/11)
O4 - HKLM\..\StartupApproved\Run32: [ControlCenter4] = C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun (2020/06/11)
O4 - HKLM\..\StartupApproved\Run32: [StartCCC] = C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun (2017/04/17)
O4 - HKLM\..\StartupApproved\Run: [Logitech Download Assistant] = C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch (2017/04/17)
O4 - HKLM\..\StartupApproved\Run: [RTHDVCPL] = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s (2017/04/17)
O8 - Context menu item: HKU\.DEFAULT\..\Internet Explorer\MenuExt\Apri con PDF Viewer Plus: (default) = C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll
O9 - Button: HKLM\..\{56753E59-AF1D-4FBA-9E15-31557124ADA2}: (no name) - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Tools menu item: HKLM\..\{56753E59-AF1D-4FBA-9E15-31557124ADA2}: Classic IE Settings - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9-32 - Button: HKLM\..\{56753E59-AF1D-4FBA-9E15-31557124ADA2}: (no name) - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9-32 - Tools menu item: HKLM\..\{56753E59-AF1D-4FBA-9E15-31557124ADA2}: Classic IE Settings - C:\Program Files\Classic Shell\ClassicIE_32.exe
O15 - Trusted Zone: *.localhost
O17 - DHCP DNS 1: 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{17EB6FEC-D711-45B4-BBEF-9D5F7E6519A1}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{17EB6FEC-D711-45B4-BBEF-9D5F7E6519A1}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O21 - HKLM\..\
ShellIconOverlayIdentifiers\ShareOverlay: (no name) - {594D4122-1F87-41E2-96C7-825FB4796516} - (no file)
O21-32 - HKLM\..\
ShellIconOverlayIdentifiers\ShareOverlay: (no name) - {594D4122-1F87-41E2-96C7-825FB4796516} - (no file)
O22 - Task (.job): Synaptics TouchPad Enhancements.job - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (file missing)
O22 - Task: (disabled) Adobe Flash Player NPAPI Notifier - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_403_Plugin.exe -check plugin
O22 - Task: (disabled) GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Task: (disabled) GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Task: (disabled) Synaptics TouchPad Enhancements - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (file missing)
O22 - Task: (disabled) \Microsoft\Windows\SideShow\AutoWake - {E51DFD48-AA36-4B45-BB52-E831F02E8316} - (no file)
O22 - Task: (disabled) \Microsoft\Windows\SideShow\SessionAgent - {45F26E9E-6199-477F-85DA-AF1EDfE067B1} - (no file)
O22 - Task: (disabled) \Microsoft\Windows\SideShow\SystemDataProviders - {7CCA6768-8373-4D28-8876-83E8B4E3A969} - (no file)
O22 - Task: (telemetry) \Microsoft\Office\Office 15 Subscription Heartbeat - C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe (Microsoft)
O22 - Task: (telemetry) \Microsoft\Office\OfficeTelemetryAgentFallBack2016 - C:\Program Files\Microsoft Office\Office16\msoia.exe scan upload mininterval:2880 (Microsoft)
O22 - Task: (telemetry) \Microsoft\Office\OfficeTelemetryAgentLogOn2016 - C:\Program Files\Microsoft Office\Office16\msoia.exe scan upload (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\WINDOWS\system32\CompatTelRunner.exe (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\WINDOWS\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\ProgramDataUpdater - C:\WINDOWS\system32\CompatTelRunner.exe -maintenance (Microsoft)
O22 - Task: CCleaner Update - C:\Program Files\CCleaner\CCUpdate.exe
O22 - Task: CCleanerSkipUAC - C:\Program Files\CCleaner\CCleaner.exe $(Arg0)
O22 - Task: \Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /taskrestart (file missing)
O22 - Task: \Hewlett-Packard\HP Support Assistant\PC Health Analysis - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /L Analysis (file missing)
O22 - Task: \Hewlett-Packard\HP Support Assistant\Update Check - C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe /s /p 1 (file missing)
O22 - Task: \Microsoft\Windows Live\SOXE\Extractor Definitions Update Task - {3519154C-227E-47F3-9CC9-12C3F05817F1} - (no file)
O22 - Task: \
Microsoft\Windows\MobilePC\HotStart - {06DA0625-9701-43da-BFD7-FBEEA2180A1E} - (no file)
O22 - Task: \Microsoft\Windows\
SideShow\GadgetManager - {FF87090D-4A9A-4f47-879B-29A80C355D61},$(Arg0) - (no file)
O22 - Task: \Nero\Nero Info - C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe -shedul
O23 - Service R2: AMD External Events Utility - C:\WINDOWS\system32\atiesrxx.exe
O23 - Service R2: Andrea RT Filters Service - (AERTFilters) - C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
O23 - Service R2: Diagnostics Tracking Service - (DiagTrack) - C:\WINDOWS\System32\svchost.exe -k utcsvc; "ServiceDll" = C:\WINDOWS\system32\diagtrack.dll
O23 - Service R2: Realtek Audio Service - (RtkAudioService) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service R2: Sandboxie Service - (SbieSvc) - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service S3: AOMEI Backupper Scheduler Service - (Backupper Service) - C:\Program Files (x86)\AOMEI Backupper\ABService.exe
O23 - Service S3: AcrSch2Svc - (no file)
O23 - Service S3: BrYNSvc - C:\Program Files (x86)\Browny02\BrYNSvc.exe
O23 - Service S3: CyberLink PowerDVD 12 Media Server Monitor Service - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe (file missing)
O23 - Service S3: CyberLink PowerDVD 12 Media Server Service - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe (file missing)
O23 - Service S3: Google Updater Service - (gusvc) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service S3: HP CASL Framework Service - (hpqcaslwmiex) - C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
O23 - Service S3: HP Service - (hpsrv) - C:\WINDOWS\system32\Hpservice.exe
O23 - Service S3: Intel(R) Capability Licensing Service Interface - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service S3: Intel(R) Capability Licensing Service TCP IP Interface - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service S3: Intel(R) Content Protection HECI Service - (cphs) - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service S3: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service S3: Intel(R) HD Graphics Control Panel Service - (igfxCUIService1.0.0.0) - C:\WINDOWS\system32\igfxCUIService.exe
O23 - Service S3: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS - (ICCS) - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service S3: Intel(R) ME Service - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service S3: Intel(R) Management and Security Application Local Management Service - (LMS) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service S3: Intel(R) Management and Security Application User Notification Service - (UNS) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service S3: Intel(R) Rapid Storage Technology - (IAStorDataMgrSvc) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service S3: Nero Update - (NAUpdate) - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service S3: Office 64 Source Engine - (ose64) - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
O23 - Service S3: PDFProFiltSrvPP - C:\Program Files (x86)
\Nuance\PaperPort\PDFProFiltSrvPP.exe
O23 - Service S3: SAMSUNG Mobile Connectivity Service - (ss_conn_service) - C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
O23 - Service S3: Servizio EaseUS Agent - (EaseUS Agent) - C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
O23 - Service S3: Servizio Google Update (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: Servizio Google Update (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: TeamViewer 11 - (TeamViewer) - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service S3: mmsminisrv - (no file)
O23 - Service S3: syncagentsrv - (no file)
--
End of file - Time spent: 13,2 sec. - 24584 bytes, CRC32: FFFFFFFF. Sign: 잮
NON HO PROBLEMI MA NON SO COSA SIANO QUELLE VOCI. E SE C'è QUALCHE VOCE CHE MI APRE LE FINESTRE SE VOGLIO EDGE O SE HO LETTO L'INFORMATIVA, SIA SU FF SIA SU IE