Benvenuto Ospite Cerca | Topic Attivi | Utenti | | Log In | Registra

Pc praticamente bloccato Opzioni
Misonsan
Inviato: Sunday, November 24, 2019 9:26:22 AM
Rank: AiutAmico

Iscritto dal : 7/8/2007
Posts: 77
Ciao a tutti.

Ho un desktop Windows 10 pro a 64 bit.
Da qualche giorno noto un certo rallentamento quasi ci fosse uno script che gira prendendosi le risorse della macchina.
Tutti i programmi che uso diventano quasi fermi e ho la frequente necessità di riavviare per poi ritrovarmi nella stessa condizione.
Ho provato a far girare Spybot, malware hunter, ma non rilevano nulla.
E' possibile far girare qualche tool che verifichi se ho qualche strano personaggio a bordo ?

Grazie

Moreno Brick wall
Sponsor
Inviato: Sunday, November 24, 2019 9:26:22 AM

 
wolfestein
Inviato: Sunday, November 24, 2019 2:40:25 PM

Rank: AiutAmico

Iscritto dal : 2/15/2009
Posts: 15,955
Prova con HijackThis e metti il log che rilascia.
http://www.aiutamici.com/software?ID=11175
C'è pure la verisone portatile che non ha bisogno d'installazione.
P.S.W10 ha fatto degli aggiornamenti recentemente?
Misonsan
Inviato: Sunday, November 24, 2019 3:09:51 PM
Rank: AiutAmico

Iscritto dal : 7/8/2007
Posts: 77
grazie per la cortese assistenza.
Si sono stati fatti degli aggiornamenti.
Arrivano e sono bloccanti nel senso che le voci del menu chiusura sono:

- sospendi
- aggiorna e chiudi
- aggiorna e riavvia.

quindi devo necessariamente aggiornare

Provo ad eseguire hijack e poi posto i log.
Grazie
Moreno
Misonsan
Inviato: Sunday, November 24, 2019 3:25:03 PM
Rank: AiutAmico

Iscritto dal : 7/8/2007
Posts: 77
ecco il log con la scansione di HijackThis

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Platform: x64 Windows 10 (Pro), 10.0.18362.476 (ReleaseId: 1903), Service Pack: 0
Time: 24.11.2019 - 15:19 (UTC+01:00)
Language: OS: Italian (0x410). Display: Italian (0x410). Non-Unicode: Italian (0x410)
Elevated: Yes
Ran by: Moreno (group: Administrator) on DESKTOP-P3TEF6K, FirstRun: yes

Chrome: 78.0.3904.108
Firefox: 70.0.1.7242
Edge: 11.0.18362.476
Internet Explorer: 11.0.18362.1
Default: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Firefox)

Boot mode: Normal

Running processes:
Number | Path
1 C:\HijackThis_da Cancellare\HiJackThis.exe
1 C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
1 C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
1 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
1 C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
1 C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
1 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
1 C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
1 C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
1 C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
1 C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
1 C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
1 C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
1 C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
1 C:\Program Files (x86)\Glarysoft\Malware Hunter\Cloudscan\MHCloudSvc.exe
1 C:\Program Files (x86)\Glarysoft\Malware Hunter\MalwareHunter.exe
1 C:\Program Files (x86)\Glarysoft\Malware Hunter\mhtray.exe
1 C:\Program Files (x86)\Glarysoft\Malware Hunter\x64\x64ProcessAssistSvc.exe
1 C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler.exe
1 C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler64.exe
1 C:\Program Files (x86)\Hewlett-Packard\OrderReminder\OrderReminder.exe
1 C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
1 C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
6 C:\Program Files (x86)\Mozilla Firefox\firefox.exe
1 C:\Program Files (x86)\MySQL\MySQL Notifier 1.1\MySQLNotifier.exe
1 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
1 C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
1 C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe
1 C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
1 C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
1 C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
1 C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
1 C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
1 C:\Program Files\AVAST Software\Avast\AvastSvc.exe
2 C:\Program Files\AVAST Software\Avast\AvastUI.exe
1 C:\Program Files\AVAST Software\Avast\aswidsagent.exe
1 C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
1 C:\Program Files\Docker\Docker\Docker Desktop.exe
2 C:\Program Files\Docker\Docker\Docker.Watchguard.exe
1 C:\Program Files\Docker\Docker\com.docker.service
1 C:\Program Files\Docker\Docker\resources\com.docker.backend.exe
1 C:\Program Files\Docker\Docker\resources\com.docker.proxy.exe
1 C:\Program Files\Docker\Docker\resources\vpnkit.exe
1 C:\Program Files\Docker\Docker\resources\wsl\lifecycle-controller-api.exe
1 C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe
1 C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe
1 C:\Program Files\EnigmaSoft\SpyHunter\SpyHunter5.exe
1 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
1 C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
1 C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
1 C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\sqlceip.exe
1 C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
1 C:\Program Files\MySQL\MySQL Server 5.7\bin\mysqld.exe
1 C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
1 C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
1 C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.54.91.0_x64__kzf8qxf38zg5c\SkypeApp.exe
1 C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.54.91.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
1 C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1908.0.0_x64__8wekyb3d8bbwe\Calculator.exe
1 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19102.525.0_x64__8wekyb3d8bbwe\YourPhone.exe
1 C:\Users\Moreno\AppData\Local\Microsoft\OneDrive\OneDrive.exe
5 C:\Users\Moreno\AppData\Roaming\Spotify\Spotify.exe
2 C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
1 C:\Windows\System32\DbxSvc.exe
1 C:\Windows\System32\LsaIso.exe
5 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SecurityHealthSystray.exe
1 C:\Windows\System32\SettingSyncHost.exe
1 C:\Windows\System32\SgrmBroker.exe
1 C:\Windows\System32\SppExtComObj.Exe
1 C:\Windows\System32\ViakaraokeSrv.exe
1 C:\Windows\System32\WUDFHost.exe
1 C:\Windows\System32\audiodg.exe
6 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
1 C:\Windows\System32\dasHost.exe
2 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\lsass.exe
2 C:\Windows\System32\nvvsvc.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
1 C:\Windows\System32\sppsvc.exe
79 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\vds.exe
1 C:\Windows\System32\vmcompute.exe
1 C:\Windows\System32\vmms.exe
1 C:\Windows\System32\vmwp.exe
1 C:\Windows\System32\wbem\WmiApSrv.exe
2 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wbem\unsecapp.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
1 C:\Windows\explorer.exe
1 vmmem

O1 - Hosts: 192.168.1.100 host.docker.internal
O1 - Hosts: 192.168.1.100 gateway.docker.internal
O1 - Hosts: 127.0.0.1 kubernetes.docker.internal
O1 - Hosts.ICS: 192.168.33.145 DESKTOP-P3TEF6K.mshome.net # 2024 11 5 22 14 4 10 467
O2 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_181\bin\jp2ssv.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_181\bin\ssv.dll
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] = C:\Program Files\CCleaner\CCleaner64.exe /MONITOR (file missing)
O4 - HKCU\..\Run: [Docker Desktop] = C:\Program Files\Docker\Docker\Docker Desktop.exe
O4 - HKCU\..\Run: [GUDelayStartup] = C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe -delayrun
O4 - HKCU\..\Run: [MySQL Notifier] = C:\Program Files (x86)\MySQL\MySQL Notifier 1.1\MySqlNotifier.exe
O4 - HKCU\..\Run: [OneDrive] = C:\Users\Moreno\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (Microsoft)
O4 - HKCU\..\Run: [Spotify] = C:\Users\Moreno\AppData\Roaming\Spotify\Spotify.exe --autostart
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] = C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
O4 - HKLM\..\Run: [AvastUI.exe] = C:\Program Files\AVAST Software\Avast\AvLaunch.exe /gui
O4 - HKLM\..\Run: [NvBackend] = C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
O4 - HKLM\..\Run: [SecurityHealth] = C:\WINDOWS\system32\SecurityHealthSystray.exe
O4 - HKU\.DEFAULT\..\Run: [Docker Desktop] = C:\Program Files\Docker\Docker\com.docker.service
O4 - HKU\S-1-5-80-1985561900-798682989-2213159822-1904180398-3434236965\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade (User 'SQLTELEMETRY$SQLEXPRESS')
O4 - HKU\S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade (User 'MSSQL$SQLEXPRESS')
O4-32 - HKLM\..\Run: [APSDaemon] = C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4-32 - HKLM\..\Run: [AdobeCS6ServiceManager] = C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe -launchedbylogin
O4-32 - HKLM\..\Run: [Dropbox] = C:\Program Files (x86)\Dropbox\Client\Dropbox.exe /systemstartup
O4-32 - HKLM\..\Run: [MalTray] = C:\Program Files (x86)\Glarysoft\Malware Hunter\mhtray.exe /autorun
O4-32 - HKLM\..\Run: [OrderReminder] = C:\Program Files (x86)\Hewlett-Packard\OrderReminder\OrderReminder.exe
O4-32 - HKLM\..\Run: [SDTray] = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
O4-32 - HKLM\..\Run: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O4-32 - HKLM\..\Run: [SwitchBoard] = C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4-32 - HKLM\..\Run: [VirtualCloneDrive] = C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe /s
O4-32 - HKLM\..\Run: [Wondershare Helper Compact.exe] = C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O8 - Context menu item: HKU\.DEFAULT\..\Internet Explorer\MenuExt\E&sporta in Microsoft Excel: (default) = C:\Program Files (x86)\Microsoft Office\OFFICE11\EXCEL.EXE (file missing)
O17 - DHCP DNS 1: 1.1.1.1
O17 - DHCP DNS 2: 1.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{dac62701-d25c-45a2-8633-823eedb2341d}: [NameServer] = 1.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{dac62701-d25c-45a2-8633-823eedb2341d}: [NameServer] = 1.1.1.1
O20-32 - HKLM\..\Winlogon\Notify\SDWinLogon: [DllName] = SDWinLogon.dll (file missing)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt01: DropboxExt1 Class - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt02: DropboxExt7 Class - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt03: DropboxExt9 Class - {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt04: DropboxExt3 Class - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt05: DropboxExt2 Class - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt06: DropboxExt4 Class - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt07: DropboxExt5 Class - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt08: DropboxExt8 Class - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt09: DropboxExt10 Class - {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt10: DropboxExt6 Class - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ GoogleDriveBlacklisted: Google Drive Shell extension - {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} - C:\Program Files\Google\Drive\googledrivesync64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ GoogleDriveSynced: Google Drive Shell extension - {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} - C:\Program Files\Google\Drive\googledrivesync64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ GoogleDriveSyncing: Google Drive Shell extension - {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} - C:\Program Files\Google\Drive\googledrivesync64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\00asw: avast - {472083B0-C522-11CF-8763-00608CC02F24} - C:\Program Files\AVAST Software\Avast\ashShell.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\00avast: avast - {472083B0-C522-11CF-8763-00608CC02F24} - C:\Program Files\AVAST Software\Avast\ashShell.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt01: DropboxExt1 Class - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt02: DropboxExt7 Class - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt03: DropboxExt9 Class - {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt04: DropboxExt3 Class - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt05: DropboxExt2 Class - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt06: DropboxExt4 Class - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt07: DropboxExt5 Class - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt08: DropboxExt8 Class - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt09: DropboxExt10 Class - {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt10: DropboxExt6 Class - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O22 - Task (.job): (Not scheduled) G2MUpdateTask-S-1-5-21-3649196008-1343095814-678780624-1002.job - C:\Users\Moreno\AppData\Local\GoToMeeting\15939\g2mupdate.exe
O22 - Task (.job): (Not scheduled) G2MUploadTask-S-1-5-21-3649196008-1343095814-678780624-1002.job - C:\Users\Moreno\AppData\Local\GoToMeeting\15939\g2mupload.exe
O22 - Task (.job): (disabled) (Not scheduled) DropboxUpdateTaskMachineCore1d55974c93a3ccc.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
O22 - Task (.job): (disabled) (Not scheduled) DropboxUpdateTaskMachineUA1d55974c9509762.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
O23 - Service R2: "VIA Karaoke digital mixer Service" ; {PlaceHolder="UAA","High Definition Audio"} - (VIAKaraokeService) - C:\WINDOWS\system32\viakaraokesrv.exe
O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service R2: Avast Antivirus - (avast! Antivirus) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service R2: AvastWscReporter - C:\Program Files\AVAST Software\Avast\wsc_proxy.exe /runassvc /rpcserver
O23 - Service R2: DbxSvc - C:\WINDOWS\system32\DbxSvc.exe
O23 - Service R2: Digital Wave Update Service - (DigitalWave.Update.Service) - C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
O23 - Service R2: Docker Desktop Service - (com.docker.service) - C:\Program Files\Docker\Docker\com.docker.service
O23 - Service R2: HuaweiHiSuiteService64.exe - C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe -/service
O23 - Service R2: MYSQL57 - C:\Program Files\MySQL\MySQL Server 5.7\bin\mysqld.exe --defaults-file="C:\ProgramData\MySQL\MySQL Server 5.7\my.ini" MYSQL57
O23 - Service R2: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service R2: NVIDIA Display Driver Service - (nvsvc) - C:\WINDOWS\system32\nvvsvc.exe
O23 - Service R2: NVIDIA Stereoscopic 3D Driver Service - (Stereo Service) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service R2: SQL Server (SQLEXPRESS) - (MSSQL$SQLEXPRESS) - C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\sqlservr.exe -sSQLEXPRESS
O23 - Service R2: SQL Server Browser - (SQLBrowser) - C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
O23 - Service R2: SQL Server CEIP service (SQLEXPRESS) - (SQLTELEMETRY$SQLEXPRESS) - C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\sqlceip.exe -Service SQLEXPRESS
O23 - Service R2: Servizio EaseUS Agent - (EaseUS Agent) - C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
O23 - Service R2: SpyHunter 5 Kernel - (EsgShKernel) - C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe
O23 - Service R2: SpyHunter 5 Kernel Monitor - (ShMonitor) - C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe
O23 - Service R2: Spybot-S&D 2 Scanner Service - (SDScannerService) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service R2: Spybot-S&D 2 Security Center Service - (SDWSCService) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service R2: Spybot-S&D 2 Updating Service - (SDUpdateService) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service R2: TeamViewer 14 - (TeamViewer) - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service R3: aswbIDSAgent - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service S2: SQL Server Agent (SQLEXPRESS) - (SQLAgent$SQLEXPRESS) - C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE -i SQLEXPRESS
O23 - Service S2: Servizio %1!s! Update (avast) - (avast) - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /svc
O23 - Service S2: Servizio Aggiornamento Dropbox (dbupdate) - (dbupdate) - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /svc
O23 - Service S2: Servizio Google Update (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: Adobe Flash Player Update Service - (AdobeFlashPlayerUpdateSvc) - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service S3: Avast Secure Browser Elevation Service - (AvastSecureBrowserElevationService) - C:\Program Files (x86)\AVAST Software\Browser\Application\77.1.1830.90\elevation_service.exe
O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.108\elevation_service.exe
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service S3: Office 64 Source Engine - (ose64) - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
O23 - Service S3: Servizio %1!s! Update (avastm) - (avastm) - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /medsvc
O23 - Service S3: Servizio Aggiornamento Dropbox (dbupdatem) - (dbupdatem) - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /medsvc
O23 - Service S3: Servizio Google Update (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: SwitchBoard - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service S3: Te.Service - C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe
O23 - Service S3: VirtualBox system service - (VBoxSDS) - C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe
O23 - Service S3: Visual Studio Standard Collector Service 150 - (VSStandardCollectorService150) - C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe


--
End of file - Time spent: 31,8 sec. - 42474 bytes, CRC32: FFFFFFFF. Sign: ﷲ뢯
Misonsan
Inviato: Sunday, November 24, 2019 3:46:59 PM
Rank: AiutAmico

Iscritto dal : 7/8/2007
Posts: 77
ecco il log con la scansione di HijackThis

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Platform: x64 Windows 10 (Pro), 10.0.18362.476 (ReleaseId: 1903), Service Pack: 0
Time: 24.11.2019 - 15:19 (UTC+01:00)
Language: OS: Italian (0x410). Display: Italian (0x410). Non-Unicode: Italian (0x410)
Elevated: Yes
Ran by: Moreno (group: Administrator) on DESKTOP-P3TEF6K, FirstRun: yes

Chrome: 78.0.3904.108
Firefox: 70.0.1.7242
Edge: 11.0.18362.476
Internet Explorer: 11.0.18362.1
Default: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Firefox)

Boot mode: Normal

Running processes:
Number | Path
1 C:\HijackThis_da Cancellare\HiJackThis.exe
1 C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
1 C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
1 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
1 C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
1 C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
1 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
1 C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
1 C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
1 C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
1 C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
1 C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
1 C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
1 C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
1 C:\Program Files (x86)\Glarysoft\Malware Hunter\Cloudscan\MHCloudSvc.exe
1 C:\Program Files (x86)\Glarysoft\Malware Hunter\MalwareHunter.exe
1 C:\Program Files (x86)\Glarysoft\Malware Hunter\mhtray.exe
1 C:\Program Files (x86)\Glarysoft\Malware Hunter\x64\x64ProcessAssistSvc.exe
1 C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler.exe
1 C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler64.exe
1 C:\Program Files (x86)\Hewlett-Packard\OrderReminder\OrderReminder.exe
1 C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
1 C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
6 C:\Program Files (x86)\Mozilla Firefox\firefox.exe
1 C:\Program Files (x86)\MySQL\MySQL Notifier 1.1\MySQLNotifier.exe
1 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
1 C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
1 C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe
1 C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
1 C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
1 C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
1 C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
1 C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
1 C:\Program Files\AVAST Software\Avast\AvastSvc.exe
2 C:\Program Files\AVAST Software\Avast\AvastUI.exe
1 C:\Program Files\AVAST Software\Avast\aswidsagent.exe
1 C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
1 C:\Program Files\Docker\Docker\Docker Desktop.exe
2 C:\Program Files\Docker\Docker\Docker.Watchguard.exe
1 C:\Program Files\Docker\Docker\com.docker.service
1 C:\Program Files\Docker\Docker\resources\com.docker.backend.exe
1 C:\Program Files\Docker\Docker\resources\com.docker.proxy.exe
1 C:\Program Files\Docker\Docker\resources\vpnkit.exe
1 C:\Program Files\Docker\Docker\resources\wsl\lifecycle-controller-api.exe
1 C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe
1 C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe
1 C:\Program Files\EnigmaSoft\SpyHunter\SpyHunter5.exe
1 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
1 C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
1 C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
1 C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\sqlceip.exe
1 C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
1 C:\Program Files\MySQL\MySQL Server 5.7\bin\mysqld.exe
1 C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
1 C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
1 C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.54.91.0_x64__kzf8qxf38zg5c\SkypeApp.exe
1 C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.54.91.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
1 C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1908.0.0_x64__8wekyb3d8bbwe\Calculator.exe
1 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19102.525.0_x64__8wekyb3d8bbwe\YourPhone.exe
1 C:\Users\Moreno\AppData\Local\Microsoft\OneDrive\OneDrive.exe
5 C:\Users\Moreno\AppData\Roaming\Spotify\Spotify.exe
2 C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
1 C:\Windows\System32\DbxSvc.exe
1 C:\Windows\System32\LsaIso.exe
5 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SecurityHealthSystray.exe
1 C:\Windows\System32\SettingSyncHost.exe
1 C:\Windows\System32\SgrmBroker.exe
1 C:\Windows\System32\SppExtComObj.Exe
1 C:\Windows\System32\ViakaraokeSrv.exe
1 C:\Windows\System32\WUDFHost.exe
1 C:\Windows\System32\audiodg.exe
6 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
1 C:\Windows\System32\dasHost.exe
2 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\lsass.exe
2 C:\Windows\System32\nvvsvc.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
1 C:\Windows\System32\sppsvc.exe
79 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\vds.exe
1 C:\Windows\System32\vmcompute.exe
1 C:\Windows\System32\vmms.exe
1 C:\Windows\System32\vmwp.exe
1 C:\Windows\System32\wbem\WmiApSrv.exe
2 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wbem\unsecapp.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
1 C:\Windows\explorer.exe
1 vmmem

O1 - Hosts: 192.168.1.100 host.docker.internal
O1 - Hosts: 192.168.1.100 gateway.docker.internal
O1 - Hosts: 127.0.0.1 kubernetes.docker.internal
O1 - Hosts.ICS: 192.168.33.145 DESKTOP-P3TEF6K.mshome.net # 2024 11 5 22 14 4 10 467
O2 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_181\bin\jp2ssv.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_181\bin\ssv.dll
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] = C:\Program Files\CCleaner\CCleaner64.exe /MONITOR (file missing)
O4 - HKCU\..\Run: [Docker Desktop] = C:\Program Files\Docker\Docker\Docker Desktop.exe
O4 - HKCU\..\Run: [GUDelayStartup] = C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe -delayrun
O4 - HKCU\..\Run: [MySQL Notifier] = C:\Program Files (x86)\MySQL\MySQL Notifier 1.1\MySqlNotifier.exe
O4 - HKCU\..\Run: [OneDrive] = C:\Users\Moreno\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (Microsoft)
O4 - HKCU\..\Run: [Spotify] = C:\Users\Moreno\AppData\Roaming\Spotify\Spotify.exe --autostart
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] = C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
O4 - HKLM\..\Run: [AvastUI.exe] = C:\Program Files\AVAST Software\Avast\AvLaunch.exe /gui
O4 - HKLM\..\Run: [NvBackend] = C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
O4 - HKLM\..\Run: [SecurityHealth] = C:\WINDOWS\system32\SecurityHealthSystray.exe
O4 - HKU\.DEFAULT\..\Run: [Docker Desktop] = C:\Program Files\Docker\Docker\com.docker.service
O4 - HKU\S-1-5-80-1985561900-798682989-2213159822-1904180398-3434236965\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade (User 'SQLTELEMETRY$SQLEXPRESS')
O4 - HKU\S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade (User 'MSSQL$SQLEXPRESS')
O4-32 - HKLM\..\Run: [APSDaemon] = C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4-32 - HKLM\..\Run: [AdobeCS6ServiceManager] = C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe -launchedbylogin
O4-32 - HKLM\..\Run: [Dropbox] = C:\Program Files (x86)\Dropbox\Client\Dropbox.exe /systemstartup
O4-32 - HKLM\..\Run: [MalTray] = C:\Program Files (x86)\Glarysoft\Malware Hunter\mhtray.exe /autorun
O4-32 - HKLM\..\Run: [OrderReminder] = C:\Program Files (x86)\Hewlett-Packard\OrderReminder\OrderReminder.exe
O4-32 - HKLM\..\Run: [SDTray] = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
O4-32 - HKLM\..\Run: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O4-32 - HKLM\..\Run: [SwitchBoard] = C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4-32 - HKLM\..\Run: [VirtualCloneDrive] = C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe /s
O4-32 - HKLM\..\Run: [Wondershare Helper Compact.exe] = C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O8 - Context menu item: HKU\.DEFAULT\..\Internet Explorer\MenuExt\E&sporta in Microsoft Excel: (default) = C:\Program Files (x86)\Microsoft Office\OFFICE11\EXCEL.EXE (file missing)
O17 - DHCP DNS 1: 1.1.1.1
O17 - DHCP DNS 2: 1.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{dac62701-d25c-45a2-8633-823eedb2341d}: [NameServer] = 1.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{dac62701-d25c-45a2-8633-823eedb2341d}: [NameServer] = 1.1.1.1
O20-32 - HKLM\..\Winlogon\Notify\SDWinLogon: [DllName] = SDWinLogon.dll (file missing)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt01: DropboxExt1 Class - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt02: DropboxExt7 Class - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt03: DropboxExt9 Class - {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt04: DropboxExt3 Class - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt05: DropboxExt2 Class - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt06: DropboxExt4 Class - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt07: DropboxExt5 Class - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt08: DropboxExt8 Class - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt09: DropboxExt10 Class - {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt10: DropboxExt6 Class - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ GoogleDriveBlacklisted: Google Drive Shell extension - {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} - C:\Program Files\Google\Drive\googledrivesync64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ GoogleDriveSynced: Google Drive Shell extension - {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} - C:\Program Files\Google\Drive\googledrivesync64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ GoogleDriveSyncing: Google Drive Shell extension - {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} - C:\Program Files\Google\Drive\googledrivesync64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\00asw: avast - {472083B0-C522-11CF-8763-00608CC02F24} - C:\Program Files\AVAST Software\Avast\ashShell.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\00avast: avast - {472083B0-C522-11CF-8763-00608CC02F24} - C:\Program Files\AVAST Software\Avast\ashShell.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt01: DropboxExt1 Class - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt02: DropboxExt7 Class - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt03: DropboxExt9 Class - {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt04: DropboxExt3 Class - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt05: DropboxExt2 Class - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt06: DropboxExt4 Class - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt07: DropboxExt5 Class - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt08: DropboxExt8 Class - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt09: DropboxExt10 Class - {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt10: DropboxExt6 Class - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O22 - Task (.job): (Not scheduled) G2MUpdateTask-S-1-5-21-3649196008-1343095814-678780624-1002.job - C:\Users\Moreno\AppData\Local\GoToMeeting\15939\g2mupdate.exe
O22 - Task (.job): (Not scheduled) G2MUploadTask-S-1-5-21-3649196008-1343095814-678780624-1002.job - C:\Users\Moreno\AppData\Local\GoToMeeting\15939\g2mupload.exe
O22 - Task (.job): (disabled) (Not scheduled) DropboxUpdateTaskMachineCore1d55974c93a3ccc.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
O22 - Task (.job): (disabled) (Not scheduled) DropboxUpdateTaskMachineUA1d55974c9509762.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
O23 - Service R2: "VIA Karaoke digital mixer Service" ; {PlaceHolder="UAA","High Definition Audio"} - (VIAKaraokeService) - C:\WINDOWS\system32\viakaraokesrv.exe
O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service R2: Avast Antivirus - (avast! Antivirus) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service R2: AvastWscReporter - C:\Program Files\AVAST Software\Avast\wsc_proxy.exe /runassvc /rpcserver
O23 - Service R2: DbxSvc - C:\WINDOWS\system32\DbxSvc.exe
O23 - Service R2: Digital Wave Update Service - (DigitalWave.Update.Service) - C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
O23 - Service R2: Docker Desktop Service - (com.docker.service) - C:\Program Files\Docker\Docker\com.docker.service
O23 - Service R2: HuaweiHiSuiteService64.exe - C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe -/service
O23 - Service R2: MYSQL57 - C:\Program Files\MySQL\MySQL Server 5.7\bin\mysqld.exe --defaults-file="C:\ProgramData\MySQL\MySQL Server 5.7\my.ini" MYSQL57
O23 - Service R2: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service R2: NVIDIA Display Driver Service - (nvsvc) - C:\WINDOWS\system32\nvvsvc.exe
O23 - Service R2: NVIDIA Stereoscopic 3D Driver Service - (Stereo Service) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service R2: SQL Server (SQLEXPRESS) - (MSSQL$SQLEXPRESS) - C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\sqlservr.exe -sSQLEXPRESS
O23 - Service R2: SQL Server Browser - (SQLBrowser) - C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
O23 - Service R2: SQL Server CEIP service (SQLEXPRESS) - (SQLTELEMETRY$SQLEXPRESS) - C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\sqlceip.exe -Service SQLEXPRESS
O23 - Service R2: Servizio EaseUS Agent - (EaseUS Agent) - C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
O23 - Service R2: SpyHunter 5 Kernel - (EsgShKernel) - C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe
O23 - Service R2: SpyHunter 5 Kernel Monitor - (ShMonitor) - C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe
O23 - Service R2: Spybot-S&D 2 Scanner Service - (SDScannerService) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service R2: Spybot-S&D 2 Security Center Service - (SDWSCService) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service R2: Spybot-S&D 2 Updating Service - (SDUpdateService) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service R2: TeamViewer 14 - (TeamViewer) - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service R3: aswbIDSAgent - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service S2: SQL Server Agent (SQLEXPRESS) - (SQLAgent$SQLEXPRESS) - C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE -i SQLEXPRESS
O23 - Service S2: Servizio %1!s! Update (avast) - (avast) - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /svc
O23 - Service S2: Servizio Aggiornamento Dropbox (dbupdate) - (dbupdate) - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /svc
O23 - Service S2: Servizio Google Update (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: Adobe Flash Player Update Service - (AdobeFlashPlayerUpdateSvc) - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service S3: Avast Secure Browser Elevation Service - (AvastSecureBrowserElevationService) - C:\Program Files (x86)\AVAST Software\Browser\Application\77.1.1830.90\elevation_service.exe
O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.108\elevation_service.exe
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service S3: Office 64 Source Engine - (ose64) - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
O23 - Service S3: Servizio %1!s! Update (avastm) - (avastm) - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /medsvc
O23 - Service S3: Servizio Aggiornamento Dropbox (dbupdatem) - (dbupdatem) - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /medsvc
O23 - Service S3: Servizio Google Update (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: SwitchBoard - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service S3: Te.Service - C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe
O23 - Service S3: VirtualBox system service - (VBoxSDS) - C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe
O23 - Service S3: Visual Studio Standard Collector Service 150 - (VSStandardCollectorService150) - C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe


--
End of file - Time spent: 31,8 sec. - 42474 bytes, CRC32: FFFFFFFF. Sign: ﷲ뢯
cbbusto
Inviato: Monday, November 25, 2019 12:31:03 AM

Rank: AiutAmico

Iscritto dal : 11/8/2008
Posts: 13,964
Ci sono dei programmi inutili che creano solo problemi.
Prima cosa da fare disinstalla Avast, se non lo hai installato tu, di solito viene scaricato quando si aggiorna Ccleaner, per rimuoverlo completamente usa
Iobit Unistaller la versione free lo lanci e clicca su Avast e disinstalla, poi devi eliminare anche SpyHunter che è un programma commerciale e crea solo pasticci, sempre con Iobit Unistaller.
Poi attiva Defender che è l'antivirus del sistema e per win 10 è il più adatto, se non si è attivato, clic col tasto destro su Start poi clicca su Impostazioni,
Aggiornamento e sicurezza, poi alla sinistra clic su Sicurezza di windows, apri sicurezza di windows e vedi se protezione in tempo reale è attivata altrimenti attivala tu. Clic su windows update e fai gli aggiornamenti che ti vengono proposti, gli aggiornamenti del sistema vanno sempre installati, l'ultima versione è la 1909.
Poi apri ccleaner vai in strumenti Avvio seleziona tutte le voci una ad una, lasci solo l'antivirus che è SecuriryHealtch, sulla destra clic su Disattiva, ok chiudi. Fai una pulizia con Ccleaner compreso il registro, riavvia il pc, vedi come va se si è velocizzato, poi rifai una nuova scansione con Hijthis e posta il nuovo log che controllo cosa è rimasto. Ciao
Misonsan
Inviato: Monday, November 25, 2019 9:01:53 AM
Rank: AiutAmico

Iscritto dal : 7/8/2007
Posts: 77
ciao cbbusto

grazie per la paziente attenzione

ecco il log della scansione di Hijthis
Grazie
Moreno

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Platform: x64 Windows 10 (Pro), 10.0.18363.476 (ReleaseId: 1909), Service Pack: 0
Time: 25.11.2019 - 09:00 (UTC+01:00)
Language: OS: Italian (0x410). Display: Italian (0x410). Non-Unicode: Italian (0x410)
Elevated: Yes
Ran by: Moreno (group: Administrator) on DESKTOP-P3TEF6K, FirstRun: no

Chrome: 78.0.3904.108
Firefox: 70.0.1.7242
Edge: 11.0.18362.476
Internet Explorer: 11.0.18362.1
Default: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Firefox)

Boot mode: Normal

Running processes:
Number | Path
1 C:\HijackThis_da Cancellare\HiJackThis.exe
1 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
1 C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
1 C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
1 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
1 C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
1 C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
1 C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
1 C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
1 C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
1 C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
1 C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
1 C:\Program Files (x86)\Glarysoft\Malware Hunter\Cloudscan\MHCloudSvc.exe
1 C:\Program Files (x86)\Glarysoft\Malware Hunter\MalwareHunter.exe
1 C:\Program Files (x86)\Glarysoft\Malware Hunter\mhtray.exe
1 C:\Program Files (x86)\Glarysoft\Malware Hunter\x64\x64ProcessAssistSvc.exe
1 C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler.exe
1 C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler64.exe
1 C:\Program Files (x86)\Hewlett-Packard\OrderReminder\OrderReminder.exe
1 C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
1 C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
1 C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
1 C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
5 C:\Program Files (x86)\Mozilla Firefox\firefox.exe
1 C:\Program Files (x86)\MySQL\MySQL Notifier 1.1\MySQLNotifier.exe
1 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
1 C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
1 C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe
1 C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
1 C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
1 C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
1 C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
1 C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
1 C:\Program Files\CCleaner\CCleaner64.exe
1 C:\Program Files\Docker\Docker\Docker Desktop.exe
2 C:\Program Files\Docker\Docker\Docker.Watchguard.exe
1 C:\Program Files\Docker\Docker\com.docker.service
1 C:\Program Files\Docker\Docker\resources\com.docker.backend.exe
1 C:\Program Files\Docker\Docker\resources\com.docker.proxy.exe
1 C:\Program Files\Docker\Docker\resources\vpnkit.exe
1 C:\Program Files\Docker\Docker\resources\wsl\lifecycle-controller-api.exe
1 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
1 C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
1 C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
1 C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\sqlceip.exe
1 C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
1 C:\Program Files\MySQL\MySQL Server 5.7\bin\mysqld.exe
1 C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
1 C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
1 C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.54.91.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
1 C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.54.91.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
1 C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1908.0.0_x64__8wekyb3d8bbwe\Calculator.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1910.4-0\MsMpEng.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1910.4-0\NisSrv.exe
1 C:\Users\Moreno\AppData\Local\Microsoft\OneDrive\OneDrive.exe
1 C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
1 C:\Windows\System32\CompPkgSrv.exe
1 C:\Windows\System32\DbxSvc.exe
1 C:\Windows\System32\LsaIso.exe
4 C:\Windows\System32\MicrosoftEdgeCP.exe
1 C:\Windows\System32\MicrosoftEdgeSH.exe
5 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchFilterHost.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SecurityHealthSystray.exe
1 C:\Windows\System32\SettingSyncHost.exe
1 C:\Windows\System32\SgrmBroker.exe
1 C:\Windows\System32\SppExtComObj.Exe
1 C:\Windows\System32\ViakaraokeSrv.exe
1 C:\Windows\System32\WUDFHost.exe
1 C:\Windows\System32\audiodg.exe
1 C:\Windows\System32\browser_broker.exe
6 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
1 C:\Windows\System32\dasHost.exe
2 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\msiexec.exe
1 C:\Windows\System32\notepad.exe
2 C:\Windows\System32\nvvsvc.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
1 C:\Windows\System32\sppsvc.exe
79 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\vds.exe
1 C:\Windows\System32\vmcompute.exe
1 C:\Windows\System32\vmms.exe
1 C:\Windows\System32\vmwp.exe
1 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
1 C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
1 C:\Windows\explorer.exe
1 vmmem

O1 - Hosts: 192.168.1.100 host.docker.internal
O1 - Hosts: 192.168.1.100 gateway.docker.internal
O1 - Hosts: 127.0.0.1 kubernetes.docker.internal
O1 - Hosts.ICS: 172.17.194.1 DESKTOP-P3TEF6K.mshome.net # 2024 11 6 23 7 32 33 178
O2 - HKLM\..\BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_181\bin\jp2ssv.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_181\bin\ssv.dll
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] = C:\Program Files\CCleaner\CCleaner64.exe /MONITOR
O4 - HKCU\..\Run: [Docker Desktop] = C:\Program Files\Docker\Docker\Docker Desktop.exe
O4 - HKCU\..\Run: [MySQL Notifier] = C:\Program Files (x86)\MySQL\MySQL Notifier 1.1\MySqlNotifier.exe
O4 - HKCU\..\Run: [Spotify] = C:\Users\Moreno\AppData\Roaming\Spotify\Spotify.exe --autostart
O4 - HKCU\..\StartupApproved\Run: [GUDelayStartup] = C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe -delayrun (2019/11/25)
O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Users\Moreno\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (2019/11/25)
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] = C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
O4 - HKLM\..\Run: [NvBackend] = C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
O4 - HKLM\..\Run: [SecurityHealth] = C:\WINDOWS\system32\SecurityHealthSystray.exe
O4 - HKLM\..\StartupApproved\Run32: [APSDaemon] = C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (2019/11/25)
O4 - HKLM\..\StartupApproved\Run32: [AdobeCS6ServiceManager] = C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe -launchedbylogin (2019/11/25)
O4 - HKLM\..\StartupApproved\Run32: [Dropbox] = C:\Program Files (x86)\Dropbox\Client\Dropbox.exe /systemstartup (2019/11/25)
O4 - HKLM\..\StartupApproved\Run32: [MalTray] = C:\Program Files (x86)\Glarysoft\Malware Hunter\mhtray.exe /autorun (2019/11/25)
O4 - HKLM\..\StartupApproved\Run32: [OrderReminder] = C:\Program Files (x86)\Hewlett-Packard\OrderReminder\OrderReminder.exe (2019/11/25)
O4 - HKLM\..\StartupApproved\Run32: [SDTray] = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (2019/11/25)
O4 - HKLM\..\StartupApproved\Run32: [SwitchBoard] = C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (2019/11/25)
O4 - HKLM\..\StartupApproved\Run32: [VirtualCloneDrive] = C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe /s (2019/11/25)
O4 - HKLM\..\StartupApproved\Run32: [Wondershare Helper Compact.exe] = C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (2019/11/25)
O4 - HKU\.DEFAULT\..\Run: [Docker Desktop] = C:\Program Files\Docker\Docker\com.docker.service
O4 - HKU\S-1-5-80-1985561900-798682989-2213159822-1904180398-3434236965\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade (User 'SQLTELEMETRY$SQLEXPRESS')
O4 - HKU\S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade (User 'MSSQL$SQLEXPRESS')
O4-32 - HKLM\..\Run: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O8 - Context menu item: HKU\.DEFAULT\..\Internet Explorer\MenuExt\E&sporta in Microsoft Excel: (default) = C:\Program Files (x86)\Microsoft Office\OFFICE11\EXCEL.EXE (file missing)
O17 - DHCP DNS 1: 1.1.1.1
O17 - DHCP DNS 2: 1.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{dac62701-d25c-45a2-8633-823eedb2341d}: [NameServer] = 1.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{dac62701-d25c-45a2-8633-823eedb2341d}: [NameServer] = 1.1.1.1
O20-32 - HKLM\..\Winlogon\Notify\SDWinLogon: [DllName] = SDWinLogon.dll (file missing)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt01: DropboxExt1 Class - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt02: DropboxExt7 Class - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt03: DropboxExt9 Class - {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt04: DropboxExt3 Class - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt05: DropboxExt2 Class - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt06: DropboxExt4 Class - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt07: DropboxExt5 Class - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt08: DropboxExt8 Class - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt09: DropboxExt10 Class - {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt10: DropboxExt6 Class - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ GoogleDriveBlacklisted: Google Drive Shell extension - {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} - C:\Program Files\Google\Drive\googledrivesync64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ GoogleDriveSynced: Google Drive Shell extension - {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} - C:\Program Files\Google\Drive\googledrivesync64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ GoogleDriveSyncing: Google Drive Shell extension - {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} - C:\Program Files\Google\Drive\googledrivesync64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\00asw: (no name) - {472083B0-C522-11CF-8763-00608CC02F24} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\00avast: (no name) - {472083B0-C522-11CF-8763-00608CC02F24} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt01: DropboxExt1 Class - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt02: DropboxExt7 Class - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt03: DropboxExt9 Class - {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt04: DropboxExt3 Class - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt05: DropboxExt2 Class - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt06: DropboxExt4 Class - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt07: DropboxExt5 Class - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt08: DropboxExt8 Class - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt09: DropboxExt10 Class - {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt10: DropboxExt6 Class - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O22 - Task (.job): (Not scheduled) G2MUpdateTask-S-1-5-21-3649196008-1343095814-678780624-1002.job - C:\Users\Moreno\AppData\Local\GoToMeeting\15939\g2mupdate.exe
O22 - Task (.job): (Not scheduled) G2MUploadTask-S-1-5-21-3649196008-1343095814-678780624-1002.job - C:\Users\Moreno\AppData\Local\GoToMeeting\15939\g2mupload.exe
O22 - Task (.job): (disabled) (Not scheduled) DropboxUpdateTaskMachineCore1d55974c93a3ccc.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
O22 - Task (.job): (disabled) (Not scheduled) DropboxUpdateTaskMachineUA1d55974c9509762.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
O23 - Service R2: "VIA Karaoke digital mixer Service" ; {PlaceHolder="UAA","High Definition Audio"} - (VIAKaraokeService) - C:\WINDOWS\system32\viakaraokesrv.exe
O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service R2: DbxSvc - C:\WINDOWS\system32\DbxSvc.exe
O23 - Service R2: Digital Wave Update Service - (DigitalWave.Update.Service) - C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
O23 - Service R2: Docker Desktop Service - (com.docker.service) - C:\Program Files\Docker\Docker\com.docker.service
O23 - Service R2: HuaweiHiSuiteService64.exe - C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe -/service
O23 - Service R2: MYSQL57 - C:\Program Files\MySQL\MySQL Server 5.7\bin\mysqld.exe --defaults-file="C:\ProgramData\MySQL\MySQL Server 5.7\my.ini" MYSQL57
O23 - Service R2: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service R2: NVIDIA Display Driver Service - (nvsvc) - C:\WINDOWS\system32\nvvsvc.exe
O23 - Service R2: NVIDIA Stereoscopic 3D Driver Service - (Stereo Service) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service R2: SQL Server (SQLEXPRESS) - (MSSQL$SQLEXPRESS) - C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\sqlservr.exe -sSQLEXPRESS
O23 - Service R2: SQL Server Browser - (SQLBrowser) - C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
O23 - Service R2: SQL Server CEIP service (SQLEXPRESS) - (SQLTELEMETRY$SQLEXPRESS) - C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\sqlceip.exe -Service SQLEXPRESS
O23 - Service R2: Servizio EaseUS Agent - (EaseUS Agent) - C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
O23 - Service R2: Spybot-S&D 2 Scanner Service - (SDScannerService) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service R2: Spybot-S&D 2 Security Center Service - (SDWSCService) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service R2: Spybot-S&D 2 Updating Service - (SDUpdateService) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service R2: TeamViewer 14 - (TeamViewer) - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service S2: IObit Uninstaller Service - (IObitUnSvr) - C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
O23 - Service S2: SQL Server Agent (SQLEXPRESS) - (SQLAgent$SQLEXPRESS) - C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE -i SQLEXPRESS
O23 - Service S2: Servizio Aggiornamento Dropbox (dbupdate) - (dbupdate) - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /svc
O23 - Service S2: Servizio Google Update (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: Adobe Flash Player Update Service - (AdobeFlashPlayerUpdateSvc) - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.108\elevation_service.exe
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service S3: Office 64 Source Engine - (ose64) - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
O23 - Service S3: Servizio Aggiornamento Dropbox (dbupdatem) - (dbupdatem) - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /medsvc
O23 - Service S3: Servizio Google Update (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: SwitchBoard - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service S3: Te.Service - C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe
O23 - Service S3: VirtualBox system service - (VBoxSDS) - C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe
O23 - Service S3: Visual Studio Standard Collector Service 150 - (VSStandardCollectorService150) - C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe


--
End of file - Time spent: 29,6 sec. - 41224 bytes, CRC32: FFFFFFFF. Sign: 暛惕
cbbusto
Inviato: Tuesday, November 26, 2019 6:35:14 PM

Rank: AiutAmico

Iscritto dal : 11/8/2008
Posts: 13,964
Avevo detto di disattire tutti i programmi in avvio automatico e lasciare solo Defender ma non lo hai fatto, non servono in Avvio ti rallentano solo il pc i programmi non vengono toccati.
Sotto ti metto tutti quelli da disattivare:

O4 - HKCU\..\Run: [CCleaner Smart Cleaning] = C:\Program Files\CCleaner\CCleaner64.exe /MONITOR
O4 - HKCU\..\Run: [Docker Desktop] = C:\Program Files\Docker\Docker\Docker Desktop.exe
O4 - HKCU\..\Run: [MySQL Notifier] = C:\Program Files (x86)\MySQL\MySQL Notifier 1.1\MySqlNotifier.exe
O4 - HKCU\..\Run: [Spotify] = C:\Users\Moreno\AppData\Roaming\Spotify\Spotify.exe --autostart
O4 - HKCU\..\StartupApproved\Run: [GUDelayStartup] = C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe -delayrun (2019/11/25)
O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Users\Moreno\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (2019/11/25)
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] = C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
O4 - HKLM\..\Run: [NvBackend] = C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
O4 - HKLM\..\StartupApproved\Run32: [APSDaemon] = C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (2019/11/25)
O4 - HKLM\..\StartupApproved\Run32: [AdobeCS6ServiceManager] = C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe -launchedbylogin (2019/11/25)
O4 - HKLM\..\StartupApproved\Run32: [Dropbox] = C:\Program Files (x86)\Dropbox\Client\Dropbox.exe /systemstartup (2019/11/25)
O4 - HKLM\..\StartupApproved\Run32: [MalTray] = C:\Program Files (x86)\Glarysoft\Malware Hunter\mhtray.exe /autorun (2019/11/25)
O4 - HKLM\..\StartupApproved\Run32: [OrderReminder] = C:\Program Files (x86)\Hewlett-Packard\OrderReminder\OrderReminder.exe (2019/11/25)
O4 - HKLM\..\StartupApproved\Run32: [SDTray] = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (2019/11/25)
O4 - HKLM\..\StartupApproved\Run32: [SwitchBoard] = C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (2019/11/25)
O4 - HKLM\..\StartupApproved\Run32: [VirtualCloneDrive] = C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe /s (2019/11/25)
O4 - HKLM\..\StartupApproved\Run32: [Wondershare Helper Compact.exe] = C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (2019/11/25)
O4 - HKU\.DEFAULT\..\Run: [Docker Desktop] = C:\Program Files\Docker\Docker\com.docker.service
O4 - HKU\S-1-5-80-1985561900-798682989-2213159822-1904180398-3434236965\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade (User 'SQLTELEMETRY$SQLEXPRESS')
O4 - HKU\S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade (User 'MSSQL$SQLEXPRESS')
O4-32 - HKLM\..\Run: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

Poi dimmi coma va il PC.
Misonsan
Inviato: Thursday, November 28, 2019 6:38:47 PM
Rank: AiutAmico

Iscritto dal : 7/8/2007
Posts: 77
Ciao Cbbusto

scusa il ritardo, ma ho avuto dei contrattempi.
Ho tolto da avvio i prgrammi che mi dicevi.
Rimane solo antivirius.

ecco la nuova scansione HiJackThis
Ciao
Moreno

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Platform: x64 Windows 10 (Pro), 10.0.18363.476 (ReleaseId: 1909), Service Pack: 0
Time: 28.11.2019 - 18:36 (UTC+01:00)
Language: OS: Italian (0x410). Display: Italian (0x410). Non-Unicode: Italian (0x410)
Elevated: Yes
Ran by: Moreno (group: Administrator) on DESKTOP-P3TEF6K, FirstRun: yes

Chrome: 78.0.3904.108
Firefox: 70.0.1.7242
Edge: 11.0.18362.476
Internet Explorer: 11.0.18362.1
Default: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Firefox)

Boot mode: Normal

Running processes:
Number | Path
1 C:\HijackThis_da Cancellare\HiJackThis.exe
1 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
1 C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
1 C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
1 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
1 C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
1 C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
1 C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
1 C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
1 C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
8 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
1 C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler.exe
1 C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler64.exe
1 C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
1 C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
11 C:\Program Files (x86)\Mozilla Firefox\firefox.exe
1 C:\Program Files (x86)\MySQL\MySQL Notifier 1.1\MySQLNotifier.exe
1 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
1 C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
1 C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe
1 C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
1 C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
1 C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
1 C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
1 C:\Program Files\CCleaner\CCleaner64.exe
1 C:\Program Files\Docker\Docker\Docker Desktop.exe
2 C:\Program Files\Docker\Docker\Docker.Watchguard.exe
1 C:\Program Files\Docker\Docker\com.docker.service
1 C:\Program Files\Docker\Docker\resources\com.docker.backend.exe
1 C:\Program Files\Docker\Docker\resources\com.docker.proxy.exe
1 C:\Program Files\Docker\Docker\resources\vpnkit.exe
1 C:\Program Files\Docker\Docker\resources\wsl\lifecycle-controller-api.exe
1 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
1 C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
1 C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
1 C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\sqlceip.exe
1 C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
1 C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
1 C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
1 C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.54.91.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
1 C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.54.91.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
1 C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1908.0.0_x64__8wekyb3d8bbwe\Calculator.exe
1 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19102.525.0_x64__8wekyb3d8bbwe\YourPhone.exe
2 C:\Program Files\nodejs\node.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1910.4-0\MsMpEng.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1910.4-0\NisSrv.exe
19 C:\Users\Moreno\AppData\Local\Programs\Microsoft VS Code\Code.exe
2 C:\Users\Moreno\AppData\Local\Programs\Microsoft VS Code\resources\app\out\vs\platform\files\node\watcher\win32\CodeHelper.exe
1 C:\Windows\ImmersiveControlPanel\SystemSettings.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
1 C:\Windows\System32\CompPkgSrv.exe
1 C:\Windows\System32\DbxSvc.exe
1 C:\Windows\System32\LsaIso.exe
6 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchIndexer.exe
2 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SecurityHealthSystray.exe
1 C:\Windows\System32\SettingSyncHost.exe
1 C:\Windows\System32\SgrmBroker.exe
1 C:\Windows\System32\SppExtComObj.Exe
1 C:\Windows\System32\ViakaraokeSrv.exe
1 C:\Windows\System32\WUDFHost.exe
3 C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
1 C:\Windows\System32\audiodg.exe
1 C:\Windows\System32\cmd.exe
12 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
1 C:\Windows\System32\dasHost.exe
2 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\lsass.exe
2 C:\Windows\System32\nvvsvc.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
1 C:\Windows\System32\sppsvc.exe
79 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\vds.exe
1 C:\Windows\System32\vmcompute.exe
1 C:\Windows\System32\vmms.exe
1 C:\Windows\System32\vmwp.exe
1 C:\Windows\System32\wbem\WMIC.exe
1 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
1 C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
1 C:\Windows\explorer.exe
1 vmmem

O1 - Hosts: 192.168.1.100 host.docker.internal
O1 - Hosts: 192.168.1.100 gateway.docker.internal
O1 - Hosts: 127.0.0.1 kubernetes.docker.internal
O1 - Hosts.ICS: 172.17.90.49 DESKTOP-P3TEF6K.mshome.net # 2024 11 6 23 8 33 38 414
O2 - HKLM\..\BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_181\bin\jp2ssv.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_181\bin\ssv.dll
O4 - HKCU\..\StartupApproved\Run: [CCleaner Smart Cleaning] = C:\Program Files\CCleaner\CCleaner64.exe /MONITOR (2019/11/28)
O4 - HKCU\..\StartupApproved\Run: [Docker Desktop] = C:\Program Files\Docker\Docker\Docker Desktop.exe (2019/11/28)
O4 - HKCU\..\StartupApproved\Run: [GUDelayStartup] = C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe -delayrun (2019/11/25)
O4 - HKCU\..\StartupApproved\Run: [MySQL Notifier] = C:\Program Files (x86)\MySQL\MySQL Notifier 1.1\MySqlNotifier.exe (2019/11/28)
O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Users\Moreno\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (2019/11/25)
O4 - HKCU\..\StartupApproved\Run: [Spotify] = C:\Users\Moreno\AppData\Roaming\Spotify\Spotify.exe --autostart (2019/11/28)
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] = C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
O4 - HKLM\..\Run: [NvBackend] = C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
O4 - HKLM\..\Run: [SecurityHealth] = C:\WINDOWS\system32\SecurityHealthSystray.exe
O4 - HKLM\..\StartupApproved\Run32: [APSDaemon] = C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (2019/11/25)
O4 - HKLM\..\StartupApproved\Run32: [AdobeCS6ServiceManager] = C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe -launchedbylogin (2019/11/25)
O4 - HKLM\..\StartupApproved\Run32: [Dropbox] = C:\Program Files (x86)\Dropbox\Client\Dropbox.exe /systemstartup (2019/11/25)
O4 - HKLM\..\StartupApproved\Run32: [MalTray] = C:\Program Files (x86)\Glarysoft\Malware Hunter\mhtray.exe /autorun (2019/11/25)
O4 - HKLM\..\StartupApproved\Run32: [OrderReminder] = C:\Program Files (x86)\Hewlett-Packard\OrderReminder\OrderReminder.exe (2019/11/25)
O4 - HKLM\..\StartupApproved\Run32: [SDTray] = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (2019/11/25)
O4 - HKLM\..\StartupApproved\Run32: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2019/11/28)
O4 - HKLM\..\StartupApproved\Run32: [SwitchBoard] = C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (2019/11/25)
O4 - HKLM\..\StartupApproved\Run32: [VirtualCloneDrive] = C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe /s (2019/11/25)
O4 - HKLM\..\StartupApproved\Run32: [Wondershare Helper Compact.exe] = C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (2019/11/25)
O4 - HKU\.DEFAULT\..\Run: [Docker Desktop] = C:\Program Files\Docker\Docker\com.docker.service
O4 - HKU\S-1-5-80-1985561900-798682989-2213159822-1904180398-3434236965\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade (User 'SQLTELEMETRY$SQLEXPRESS')
O4 - HKU\S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade (User 'MSSQL$SQLEXPRESS')
O8 - Context menu item: HKU\.DEFAULT\..\Internet Explorer\MenuExt\E&sporta in Microsoft Excel: (default) = C:\Program Files (x86)\Microsoft Office\OFFICE11\EXCEL.EXE (file missing)
O17 - DHCP DNS 1: 1.1.1.1
O17 - DHCP DNS 2: 1.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{dac62701-d25c-45a2-8633-823eedb2341d}: [NameServer] = 1.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{dac62701-d25c-45a2-8633-823eedb2341d}: [NameServer] = 1.1.1.1
O20-32 - HKLM\..\Winlogon\Notify\SDWinLogon: [DllName] = SDWinLogon.dll (file missing)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt01: DropboxExt1 Class - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt02: DropboxExt7 Class - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt03: DropboxExt9 Class - {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt04: DropboxExt3 Class - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt05: DropboxExt2 Class - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt06: DropboxExt4 Class - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt07: DropboxExt5 Class - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt08: DropboxExt8 Class - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt09: DropboxExt10 Class - {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt10: DropboxExt6 Class - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ GoogleDriveBlacklisted: Google Drive Shell extension - {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} - C:\Program Files\Google\Drive\googledrivesync64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ GoogleDriveSynced: Google Drive Shell extension - {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} - C:\Program Files\Google\Drive\googledrivesync64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ GoogleDriveSyncing: Google Drive Shell extension - {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} - C:\Program Files\Google\Drive\googledrivesync64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\00asw: (no name) - {472083B0-C522-11CF-8763-00608CC02F24} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\00avast: (no name) - {472083B0-C522-11CF-8763-00608CC02F24} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt01: DropboxExt1 Class - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt02: DropboxExt7 Class - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt03: DropboxExt9 Class - {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt04: DropboxExt3 Class - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt05: DropboxExt2 Class - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt06: DropboxExt4 Class - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt07: DropboxExt5 Class - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt08: DropboxExt8 Class - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt09: DropboxExt10 Class - {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt10: DropboxExt6 Class - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O22 - Task (.job): (Not scheduled) G2MUpdateTask-S-1-5-21-3649196008-1343095814-678780624-1002.job - C:\Users\Moreno\AppData\Local\GoToMeeting\15939\g2mupdate.exe
O22 - Task (.job): (Not scheduled) G2MUploadTask-S-1-5-21-3649196008-1343095814-678780624-1002.job - C:\Users\Moreno\AppData\Local\GoToMeeting\15939\g2mupload.exe
O22 - Task (.job): (disabled) (Not scheduled) DropboxUpdateTaskMachineCore1d55974c93a3ccc.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
O22 - Task (.job): (disabled) (Not scheduled) DropboxUpdateTaskMachineUA1d55974c9509762.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
O23 - Service R2: "VIA Karaoke digital mixer Service" ; {PlaceHolder="UAA","High Definition Audio"} - (VIAKaraokeService) - C:\WINDOWS\system32\viakaraokesrv.exe
O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service R2: DbxSvc - C:\WINDOWS\system32\DbxSvc.exe
O23 - Service R2: Digital Wave Update Service - (DigitalWave.Update.Service) - C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
O23 - Service R2: Docker Desktop Service - (com.docker.service) - C:\Program Files\Docker\Docker\com.docker.service
O23 - Service R2: HuaweiHiSuiteService64.exe - C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe -/service
O23 - Service R2: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service R2: NVIDIA Display Driver Service - (nvsvc) - C:\WINDOWS\system32\nvvsvc.exe
O23 - Service R2: NVIDIA Stereoscopic 3D Driver Service - (Stereo Service) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service R2: SQL Server (SQLEXPRESS) - (MSSQL$SQLEXPRESS) - C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\sqlservr.exe -sSQLEXPRESS
O23 - Service R2: SQL Server Browser - (SQLBrowser) - C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
O23 - Service R2: SQL Server CEIP service (SQLEXPRESS) - (SQLTELEMETRY$SQLEXPRESS) - C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\sqlceip.exe -Service SQLEXPRESS
O23 - Service R2: Servizio EaseUS Agent - (EaseUS Agent) - C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
O23 - Service R2: Spybot-S&D 2 Scanner Service - (SDScannerService) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service R2: Spybot-S&D 2 Security Center Service - (SDWSCService) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service R2: Spybot-S&D 2 Updating Service - (SDUpdateService) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service R2: TeamViewer 14 - (TeamViewer) - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service S2: IObit Uninstaller Service - (IObitUnSvr) - C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
O23 - Service S2: SQL Server Agent (SQLEXPRESS) - (SQLAgent$SQLEXPRESS) - C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE -i SQLEXPRESS
O23 - Service S2: Servizio Aggiornamento Dropbox (dbupdate) - (dbupdate) - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /svc
O23 - Service S2: Servizio Google Update (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: Adobe Flash Player Update Service - (AdobeFlashPlayerUpdateSvc) - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.108\elevation_service.exe
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service S3: Office 64 Source Engine - (ose64) - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
O23 - Service S3: Servizio Aggiornamento Dropbox (dbupdatem) - (dbupdatem) - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /medsvc
O23 - Service S3: Servizio Google Update (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: SwitchBoard - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service S3: Te.Service - C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe
O23 - Service S3: VirtualBox system service - (VBoxSDS) - C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe
O23 - Service S3: Visual Studio Standard Collector Service 150 - (VSStandardCollectorService150) - C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe


--
End of file - Time spent: 35,6 sec. - 39988 bytes, CRC32: FFFFFFFF. Sign: ൅縀
cbbusto
Inviato: Saturday, November 30, 2019 11:59:13 AM

Rank: AiutAmico

Iscritto dal : 11/8/2008
Posts: 13,964
Le voci 04 ci sono ancora, comunque non è un problema, non mi hai detto se il pc funziona bene e non si blocca.
Misonsan
Inviato: Saturday, November 30, 2019 2:52:00 PM
Rank: AiutAmico

Iscritto dal : 7/8/2007
Posts: 77
ciao cbbusto

Ho cancellato tutto tranne che l'antivirus, come mi avevi indicato.
Non so perchè continuino a comparire le voci taggate [04].

Il pc sembra andare, anche se non è un leone nonostante abbia 8 gb di ram.

Ogni tanto rallenta per uno script di qualche applicazione internet (che non riesco a identificare), ma per fortuna nella form è presente un bottone per poterlo killare.
Se non devo fare altro, ti ringrazio per la pazienza e la cura nel seguire il mio problema.
Grazie

Moreno
giza
Inviato: Saturday, November 30, 2019 3:31:31 PM

Rank: AiutAmico

Iscritto dal : 10/27/2006
Posts: 9,618
devi selezionare system scan only, poi selezioni quelli indicati e in basso clic su fix cheked si apre una finestra e metti si
solfami
Inviato: Saturday, November 30, 2019 8:29:02 PM

Rank: AiutAmico

Iscritto dal : 11/14/2003
Posts: 2,270
Salve
Vedi le istruzioni del prog
http://software.aiutamici.com/software?ID=11175
vedi dove devi mettere le spunte
Saluti

Misonsan
Inviato: Sunday, December 01, 2019 9:38:55 PM
Rank: AiutAmico

Iscritto dal : 7/8/2007
Posts: 77
Ciao Giza e Solfami

Ho fatto la scansione "System Scan Only" e questo è l'esito.
Ho fatto dei file .jpg con il risultato e mi premeva farveli vedere prima di operare, ma vedo che non c'è modo di inviare allegati.
ve li giro come log.
Ecco il risultato.

dovrei fare "fix cheked" su tutte le voci selezionate e che evidenzio in blu ?
Non creo problemi alle applicazioni installate ?

Grazie
Moreno




Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Platform: x64 Windows 10 (Pro), 10.0.18363.476 (ReleaseId: 1909), Service Pack: 0
Time: 01.12.2019 - 21:34 (UTC+01:00)
Language: OS: Italian (0x410). Display: Italian (0x410). Non-Unicode: Italian (0x410)
Elevated: Yes
Ran by: Moreno (group: Administrator) on DESKTOP-P3TEF6K, FirstRun: yes

Chrome: 78.0.3904.108
Firefox: 70.0.1.7242
Edge: 11.0.18362.476
Internet Explorer: 11.0.18362.1
Default: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Firefox)

Boot mode: Normal

Running processes:
Number | Path
1 C:\HijackThis_da Cancellare\HiJackThis.exe
1 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
1 C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
1 C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
1 C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
1 C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
1 C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
1 C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
1 C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler.exe
1 C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler64.exe
1 C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
1 C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
6 C:\Program Files (x86)\Mozilla Firefox\firefox.exe
1 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
1 C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
1 C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe
1 C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
1 C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
1 C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
1 C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
1 C:\Program Files\Docker\Docker\com.docker.service
1 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
1 C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
1 C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
1 C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\sqlceip.exe
1 C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
2 C:\Program Files\MySQL\MySQL Server 8.0\bin\mysqld.exe
1 C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
1 C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
1 C:\Program Files\SmartGit\git\git-bash.exe
1 C:\Program Files\SmartGit\git\usr\bin\bash.exe
1 C:\Program Files\SmartGit\git\usr\bin\mintty.exe
1 C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.54.91.0_x64__kzf8qxf38zg5c\SkypeApp.exe
1 C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.54.91.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
1 C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1908.0.0_x64__8wekyb3d8bbwe\Calculator.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1910.4-0\MsMpEng.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1910.4-0\NisSrv.exe
1 C:\Windows\ImmersiveControlPanel\SystemSettings.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
1 C:\Windows\System32\CompPkgSrv.exe
1 C:\Windows\System32\DbxSvc.exe
1 C:\Windows\System32\LsaIso.exe
5 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SecurityHealthSystray.exe
1 C:\Windows\System32\SettingSyncHost.exe
1 C:\Windows\System32\SgrmBroker.exe
1 C:\Windows\System32\ViakaraokeSrv.exe
1 C:\Windows\System32\WUDFHost.exe
3 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
1 C:\Windows\System32\dasHost.exe
2 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\lsass.exe
2 C:\Windows\System32\mspaint.exe
2 C:\Windows\System32\nvvsvc.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
1 C:\Windows\System32\sppsvc.exe
78 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\vds.exe
1 C:\Windows\System32\vmcompute.exe
1 C:\Windows\System32\vmms.exe
1 C:\Windows\System32\wbem\WMIC.exe
1 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
1 C:\Windows\explorer.exe
1 C:\laragon40\laragon.exe

O1 - Hosts: 192.168.1.100 host.docker.internal
O1 - Hosts: 192.168.1.100 gateway.docker.internal
O1 - Hosts: 127.0.0.1 kubernetes.docker.internal
O1 - Hosts: 127.0.0.1 mylaravelapp.test #laragon magic!
O1 - Hosts.ICS: 192.168.217.17 DESKTOP-P3TEF6K.mshome.net # 2024 11 5 29 13 38 45 953
O2 - HKLM\..\BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_181\bin\jp2ssv.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_181\bin\ssv.dll
O4 - HKCU\..\StartupApproved\Run: [CCleaner Smart Cleaning] = C:\Program Files\CCleaner\CCleaner64.exe /MONITOR (2019/11/28)
O4 - HKCU\..\StartupApproved\Run: [Docker Desktop] = C:\Program Files\Docker\Docker\Docker Desktop.exe (2019/11/28)
O4 - HKCU\..\StartupApproved\Run: [GUDelayStartup] = C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe -delayrun (2019/11/25)
O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Users\Moreno\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (2019/11/25)
O4 - HKCU\..\StartupApproved\Run: [Spotify] = C:\Users\Moreno\AppData\Roaming\Spotify\Spotify.exe --autostart (2019/11/28)
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] = C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
O4 - HKLM\..\Run: [NvBackend] = C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
O4 - HKLM\..\Run: [SecurityHealth] = C:\WINDOWS\system32\SecurityHealthSystray.exe
O4 - HKLM\..\StartupApproved\Run32: [APSDaemon] = C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (2019/11/25)
O4 - HKLM\..\StartupApproved\Run32: [AdobeCS6ServiceManager] = C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe -launchedbylogin (2019/11/25)
O4 - HKLM\..\StartupApproved\Run32: [Dropbox] = C:\Program Files (x86)\Dropbox\Client\Dropbox.exe /systemstartup (2019/11/25)
O4 - HKLM\..\StartupApproved\Run32: [MalTray] = C:\Program Files (x86)\Glarysoft\Malware Hunter\mhtray.exe /autorun (2019/11/25)
O4 - HKLM\..\StartupApproved\Run32: [OrderReminder] = C:\Program Files (x86)\Hewlett-Packard\OrderReminder\OrderReminder.exe (2019/11/25)
O4 - HKLM\..\StartupApproved\Run32: [SDTray] = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (2019/11/25)
O4 - HKLM\..\StartupApproved\Run32: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2019/11/28)
O4 - HKLM\..\StartupApproved\Run32: [SwitchBoard] = C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (2019/11/25)
O4 - HKLM\..\StartupApproved\Run32: [VirtualCloneDrive] = C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe /s (2019/11/25)
O4 - HKLM\..\StartupApproved\Run32: [Wondershare Helper Compact.exe] = C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (2019/11/25)
O4 - HKU\.DEFAULT\..\Run: [Docker Desktop] = C:\Program Files\Docker\Docker\com.docker.service
O4 - HKU\S-1-5-80-1985561900-798682989-2213159822-1904180398-3434236965\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade (User 'SQLTELEMETRY$SQLEXPRESS')
O4 - HKU\S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade (User 'MSSQL$SQLEXPRESS')
O4 - User Startup: C:\Users\Moreno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\laragon.lnk -> C:\laragon40\laragon.exe
O8 - Context menu item: HKU\.DEFAULT\..\Internet Explorer\MenuExt\E&sporta in Microsoft Excel: (default) = C:\Program Files (x86)\Microsoft Office\OFFICE11\EXCEL.EXE (file missing)
O17 - DHCP DNS 1: 1.1.1.1
O17 - DHCP DNS 2: 1.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{dac62701-d25c-45a2-8633-823eedb2341d}: [NameServer] = 1.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{dac62701-d25c-45a2-8633-823eedb2341d}: [NameServer] = 1.1.1.1
O20-32 - HKLM\..\Winlogon\Notify\SDWinLogon: [DllName] = SDWinLogon.dll (file missing)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt01: DropboxExt1 Class - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt02: DropboxExt7 Class - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt03: DropboxExt9 Class - {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt04: DropboxExt3 Class - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt05: DropboxExt2 Class - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt06: DropboxExt4 Class - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt07: DropboxExt5 Class - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt08: DropboxExt8 Class - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt09: DropboxExt10 Class - {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt10: DropboxExt6 Class - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ GoogleDriveBlacklisted: Google Drive Shell extension - {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} - C:\Program Files\Google\Drive\googledrivesync64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ GoogleDriveSynced: Google Drive Shell extension - {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} - C:\Program Files\Google\Drive\googledrivesync64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ GoogleDriveSyncing: Google Drive Shell extension - {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} - C:\Program Files\Google\Drive\googledrivesync64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\00asw: (no name) - {472083B0-C522-11CF-8763-00608CC02F24} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\00avast: (no name) - {472083B0-C522-11CF-8763-00608CC02F24} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt01: DropboxExt1 Class - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt02: DropboxExt7 Class - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt03: DropboxExt9 Class - {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt04: DropboxExt3 Class - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt05: DropboxExt2 Class - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt06: DropboxExt4 Class - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt07: DropboxExt5 Class - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt08: DropboxExt8 Class - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt09: DropboxExt10 Class - {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt10: DropboxExt6 Class - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O22 - Task (.job): (Not scheduled) G2MUpdateTask-S-1-5-21-3649196008-1343095814-678780624-1002.job - C:\Users\Moreno\AppData\Local\GoToMeeting\15939\g2mupdate.exe
O22 - Task (.job): (Not scheduled) G2MUploadTask-S-1-5-21-3649196008-1343095814-678780624-1002.job - C:\Users\Moreno\AppData\Local\GoToMeeting\15939\g2mupload.exe
O22 - Task (.job): (disabled) (Not scheduled) DropboxUpdateTaskMachineCore1d55974c93a3ccc.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
O22 - Task (.job): (disabled) (Not scheduled) DropboxUpdateTaskMachineUA1d55974c9509762.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
O23 - Service R2: "VIA Karaoke digital mixer Service" ; {PlaceHolder="UAA","High Definition Audio"} - (VIAKaraokeService) - C:\WINDOWS\system32\viakaraokesrv.exe
O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service R2: DbxSvc - C:\WINDOWS\system32\DbxSvc.exe
O23 - Service R2: Digital Wave Update Service - (DigitalWave.Update.Service) - C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
O23 - Service R2: Docker Desktop Service - (com.docker.service) - C:\Program Files\Docker\Docker\com.docker.service
O23 - Service R2: HuaweiHiSuiteService64.exe - C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe -/service
O23 - Service R2: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service R2: MySQL80 - C:\Program Files\MySQL\MySQL Server 8.0\bin\mysqld.exe --defaults-file="C:\ProgramData\MySQL\MySQL Server 8.0\my.ini" MySQL80
O23 - Service R2: NVIDIA Display Driver Service - (nvsvc) - C:\WINDOWS\system32\nvvsvc.exe
O23 - Service R2: NVIDIA Stereoscopic 3D Driver Service - (Stereo Service) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service R2: SQL Server (SQLEXPRESS) - (MSSQL$SQLEXPRESS) - C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\sqlservr.exe -sSQLEXPRESS
O23 - Service R2: SQL Server Browser - (SQLBrowser) - C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
O23 - Service R2: SQL Server CEIP service (SQLEXPRESS) - (SQLTELEMETRY$SQLEXPRESS) - C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\sqlceip.exe -Service SQLEXPRESS
O23 - Service R2: Servizio EaseUS Agent - (EaseUS Agent) - C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
O23 - Service R2: Spybot-S&D 2 Scanner Service - (SDScannerService) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service R2: Spybot-S&D 2 Security Center Service - (SDWSCService) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service R2: Spybot-S&D 2 Updating Service - (SDUpdateService) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service R2: TeamViewer 14 - (TeamViewer) - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service S2: IObit Uninstaller Service - (IObitUnSvr) - C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
O23 - Service S2: SQL Server Agent (SQLEXPRESS) - (SQLAgent$SQLEXPRESS) - C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE -i SQLEXPRESS
O23 - Service S2: Servizio Aggiornamento Dropbox (dbupdate) - (dbupdate) - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /svc
O23 - Service S2: Servizio Google Update (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: Adobe Flash Player Update Service - (AdobeFlashPlayerUpdateSvc) - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.108\elevation_service.exe
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service S3: Office 64 Source Engine - (ose64) - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
O23 - Service S3: Servizio Aggiornamento Dropbox (dbupdatem) - (dbupdatem) - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /medsvc
O23 - Service S3: Servizio Google Update (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: SwitchBoard - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service S3: Te.Service - C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe
O23 - Service S3: VirtualBox system service - (VBoxSDS) - C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe
O23 - Service S3: Visual Studio Standard Collector Service 150 - (VSStandardCollectorService150) - C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe



--
End of file - Time spent: 36,8 sec. - 38042 bytes, CRC32: FFFFFFFF. Sign: 쒗릎
giza
Inviato: Monday, December 02, 2019 11:43:22 AM

Rank: AiutAmico

Iscritto dal : 10/27/2006
Posts: 9,618
CBBUSTO TI HA INDICATO I FILE CON 04 (IN ITALIANO: ZERO QUATTRO) DA FIXARE MA A QUANTO PARE NON VUOI CAPIRE. QUELLI SONO FILE CHE PARTONO AUTOMATICAMENTE IN AVVIO E FIXANDOLI NON SUCCEDE NIENTE, ANZI L'AVVIO è PIù VELOCE PERCHè NON CARICA QUEI FILE. NON VENGONO CANCELLATI !!!!!
cbbusto
Inviato: Monday, December 02, 2019 11:05:00 PM

Rank: AiutAmico

Iscritto dal : 11/8/2008
Posts: 13,964
Attento non devi fixare tutte le voci segnate in blu altrimenti fai danni, fixa solo le seguenti:

O4 - HKCU\..\StartupApproved\Run: [CCleaner Smart Cleaning] = C:\Program Files\CCleaner\CCleaner64.exe /MONITOR (2019/11/28)
O4 - HKCU\..\StartupApproved\Run: [Docker Desktop] = C:\Program Files\Docker\Docker\Docker Desktop.exe (2019/11/28)
O4 - HKCU\..\StartupApproved\Run: [GUDelayStartup] = C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe -delayrun (2019/11/25)
O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Users\Moreno\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (2019/11/25)
O4 - HKCU\..\StartupApproved\Run: [Spotify] = C:\Users\Moreno\AppData\Roaming\Spotify\Spotify.exe --autostart (2019/11/28)
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] = C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
O4 - HKLM\..\Run: [NvBackend] = C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
O4 - HKLM\..\StartupApproved\Run32: [APSDaemon] = C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (2019/11/25)
O4 - HKLM\..\StartupApproved\Run32: [AdobeCS6ServiceManager] = C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe -launchedbylogin (2019/11/25)
O4 - HKLM\..\StartupApproved\Run32: [Dropbox] = C:\Program Files (x86)\Dropbox\Client\Dropbox.exe /systemstartup (2019/11/25)
O4 - HKLM\..\StartupApproved\Run32: [MalTray] = C:\Program Files (x86)\Glarysoft\Malware Hunter\mhtray.exe /autorun (2019/11/25)
O4 - HKLM\..\StartupApproved\Run32: [OrderReminder] = C:\Program Files (x86)\Hewlett-Packard\OrderReminder\OrderReminder.exe (2019/11/25)
O4 - HKLM\..\StartupApproved\Run32: [SDTray] = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (2019/11/25)
O4 - HKLM\..\StartupApproved\Run32: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2019/11/28)
O4 - HKLM\..\StartupApproved\Run32: [SwitchBoard] = C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (2019/11/25)
O4 - HKLM\..\StartupApproved\Run32: [VirtualCloneDrive] = C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe /s (2019/11/25)
O4 - HKLM\..\StartupApproved\Run32: [Wondershare Helper Compact.exe] = C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (2019/11/25)
O4 - HKU\.DEFAULT\..\Run: [Docker Desktop] = C:\Program Files\Docker\Docker\com.docker.service
O4 - HKU\S-1-5-80-1985561900-798682989-2213159822-1904180398-3434236965\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade (User 'SQLTELEMETRY$SQLEXPRESS')
O4 - HKU\S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade (User 'MSSQL$SQLEXPRESS')
O4 - User Startup: C:\Users\Moreno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\laragon.lnk -> C:\laragon40\laragon.exe
Misonsan
Inviato: Saturday, December 07, 2019 7:49:25 AM
Rank: AiutAmico

Iscritto dal : 7/8/2007
Posts: 77
ecco la situazione dopo il fix

Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18

Platform: x64 Windows 10 (Pro), 10.0.18363.476 (ReleaseId: 1909), Service Pack: 0
Time: 07.12.2019 - 07:47 (UTC+01:00)
Language: OS: Italian (0x410). Display: Italian (0x410). Non-Unicode: Italian (0x410)
Elevated: Yes
Ran by: Moreno (group: Administrator) on DESKTOP-P3TEF6K, FirstRun: no

Chrome: 78.0.3904.108
Firefox: 70.0.1.7242
Edge: 11.0.18362.476
Internet Explorer: 11.0.18362.1
Default: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Firefox)

Boot mode: Normal

Running processes:
Number | Path
1 C:\HijackThis_da Cancellare\HiJackThis.exe
1 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
1 C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
1 C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
1 C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
1 C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
1 C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
1 C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
1 C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler.exe
1 C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler64.exe
1 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
1 C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
1 C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
6 C:\Program Files (x86)\Mozilla Firefox\firefox.exe
1 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
1 C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
1 C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe
1 C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
1 C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
1 C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
1 C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
1 C:\Program Files\Docker\Docker\com.docker.service
1 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
1 C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
1 C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
1 C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\sqlceip.exe
1 C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
2 C:\Program Files\MySQL\MySQL Server 8.0\bin\mysqld.exe
1 C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
1 C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
1 C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.54.91.0_x64__kzf8qxf38zg5c\SkypeApp.exe
1 C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.54.91.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
1 C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1908.0.0_x64__8wekyb3d8bbwe\Calculator.exe
1 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19111.85.0_x64__8wekyb3d8bbwe\YourPhone.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1910.4-0\MsMpEng.exe
1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1910.4-0\NisSrv.exe
1 C:\Windows\ImmersiveControlPanel\SystemSettings.exe
1 C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
1 C:\Windows\System32\CompPkgSrv.exe
1 C:\Windows\System32\DbxSvc.exe
1 C:\Windows\System32\LsaIso.exe
6 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SecurityHealthSystray.exe
1 C:\Windows\System32\SettingSyncHost.exe
1 C:\Windows\System32\SgrmBroker.exe
1 C:\Windows\System32\ViakaraokeSrv.exe
1 C:\Windows\System32\WUDFHost.exe
1 C:\Windows\System32\audiodg.exe
1 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
1 C:\Windows\System32\dasHost.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\lsass.exe
2 C:\Windows\System32\nvvsvc.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
87 C:\Windows\System32\svchost.exe
2 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\vds.exe
1 C:\Windows\System32\vmcompute.exe
1 C:\Windows\System32\vmms.exe
2 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
1 C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.471_none_5f12f35059003107\TiWorker.exe
1 C:\Windows\explorer.exe
1 C:\Windows\servicing\TrustedInstaller.exe
1 C:\laragon40\laragon.exe

O1 - Hosts: 192.168.1.100 host.docker.internal
O1 - Hosts: 192.168.1.100 gateway.docker.internal
O1 - Hosts: 127.0.0.1 kubernetes.docker.internal
O1 - Hosts: 127.0.0.1 mylaravelapp.test #laragon magic!
O1 - Hosts.ICS: 172.17.196.209 DESKTOP-P3TEF6K.mshome.net # 2024 12 0 1 8 11 33 436
O2 - HKLM\..\BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_181\bin\jp2ssv.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_181\bin\ssv.dll
O8 - Context menu item: HKU\.DEFAULT\..\Internet Explorer\MenuExt\E&sporta in Microsoft Excel: (default) = C:\Program Files (x86)\Microsoft Office\OFFICE11\EXCEL.EXE (file missing)
O17 - DHCP DNS 1: 1.1.1.1
O17 - DHCP DNS 2: 1.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{dac62701-d25c-45a2-8633-823eedb2341d}: [NameServer] = 1.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{dac62701-d25c-45a2-8633-823eedb2341d}: [NameServer] = 1.1.1.1
O20-32 - HKLM\..\Winlogon\Notify\SDWinLogon: [DllName] = SDWinLogon.dll (file missing)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt01: DropboxExt1 Class - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt02: DropboxExt7 Class - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt03: DropboxExt9 Class - {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt04: DropboxExt3 Class - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt05: DropboxExt2 Class - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt06: DropboxExt4 Class - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt07: DropboxExt5 Class - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt08: DropboxExt8 Class - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt09: DropboxExt10 Class - {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt10: DropboxExt6 Class - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ GoogleDriveBlacklisted: Google Drive Shell extension - {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} - C:\Program Files\Google\Drive\googledrivesync64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ GoogleDriveSynced: Google Drive Shell extension - {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} - C:\Program Files\Google\Drive\googledrivesync64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ GoogleDriveSyncing: Google Drive Shell extension - {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} - C:\Program Files\Google\Drive\googledrivesync64.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\00asw: (no name) - {472083B0-C522-11CF-8763-00608CC02F24} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\00avast: (no name) - {472083B0-C522-11CF-8763-00608CC02F24} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt01: DropboxExt1 Class - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt02: DropboxExt7 Class - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt03: DropboxExt9 Class - {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt04: DropboxExt3 Class - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt05: DropboxExt2 Class - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt06: DropboxExt4 Class - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt07: DropboxExt5 Class - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt08: DropboxExt8 Class - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt09: DropboxExt10 Class - {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ DropboxExt10: DropboxExt6 Class - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O22 - Task (.job): (Not scheduled) G2MUpdateTask-S-1-5-21-3649196008-1343095814-678780624-1002.job - C:\Users\Moreno\AppData\Local\GoToMeeting\15939\g2mupdate.exe
O22 - Task (.job): (Not scheduled) G2MUploadTask-S-1-5-21-3649196008-1343095814-678780624-1002.job - C:\Users\Moreno\AppData\Local\GoToMeeting\15939\g2mupload.exe
O22 - Task (.job): (disabled) (Not scheduled) DropboxUpdateTaskMachineCore1d55974c93a3ccc.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
O22 - Task (.job): (disabled) (Not scheduled) DropboxUpdateTaskMachineUA1d55974c9509762.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
O23 - Service R2: "VIA Karaoke digital mixer Service" ; {PlaceHolder="UAA","High Definition Audio"} - (VIAKaraokeService) - C:\WINDOWS\system32\viakaraokesrv.exe
O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service R2: DbxSvc - C:\WINDOWS\system32\DbxSvc.exe
O23 - Service R2: Digital Wave Update Service - (DigitalWave.Update.Service) - C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
O23 - Service R2: Docker Desktop Service - (com.docker.service) - C:\Program (file missing)
O23 - Service R2: HuaweiHiSuiteService64.exe - C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe -/service
O23 - Service R2: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service R2: MySQL80 - C:\Program Files\MySQL\MySQL Server 8.0\bin\mysqld.exe --defaults-file="C:\ProgramData\MySQL\MySQL Server 8.0\my.ini" MySQL80
O23 - Service R2: NVIDIA Display Driver Service - (nvsvc) - C:\WINDOWS\system32\nvvsvc.exe
O23 - Service R2: NVIDIA Stereoscopic 3D Driver Service - (Stereo Service) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service R2: SQL Server (SQLEXPRESS) - (MSSQL$SQLEXPRESS) - C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\sqlservr.exe -sSQLEXPRESS
O23 - Service R2: SQL Server Browser - (SQLBrowser) - C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
O23 - Service R2: SQL Server CEIP service (SQLEXPRESS) - (SQLTELEMETRY$SQLEXPRESS) - C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\sqlceip.exe -Service SQLEXPRESS
O23 - Service R2: Servizio EaseUS Agent - (EaseUS Agent) - C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
O23 - Service R2: Spybot-S&D 2 Scanner Service - (SDScannerService) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service R2: Spybot-S&D 2 Security Center Service - (SDWSCService) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service R2: Spybot-S&D 2 Updating Service - (SDUpdateService) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service R2: TeamViewer 14 - (TeamViewer) - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service S2: IObit Uninstaller Service - (IObitUnSvr) - C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
O23 - Service S2: SQL Server Agent (SQLEXPRESS) - (SQLAgent$SQLEXPRESS) - C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE -i SQLEXPRESS
O23 - Service S2: Servizio Aggiornamento Dropbox (dbupdate) - (dbupdate) - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /svc
O23 - Service S2: Servizio Google Update (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: Adobe Flash Player Update Service - (AdobeFlashPlayerUpdateSvc) - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.108\elevation_service.exe
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service S3: Office 64 Source Engine - (ose64) - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
O23 - Service S3: Servizio Aggiornamento Dropbox (dbupdatem) - (dbupdatem) - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /medsvc
O23 - Service S3: Servizio Google Update (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: SwitchBoard - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (file missing)
O23 - Service S3: Te.Service - C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe
O23 - Service S3: VirtualBox system service - (VBoxSDS) - C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe
O23 - Service S3: Visual Studio Standard Collector Service 150 - (VSStandardCollectorService150) - C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe


--
End of file - Time spent: 20,7 sec. - 32130 bytes, CRC32: FFFFFFFF. Sign: 嵎績

Pensi vada bene ?
grazie
Moreno
cbbusto
Inviato: Saturday, December 07, 2019 11:01:18 AM

Rank: AiutAmico

Iscritto dal : 11/8/2008
Posts: 13,964
Si va bene, se Defender è attivato è tutto a posto.

Ora fai una pulita del registro con il seguente programma,
Per una pulizia profonda del registro, usa Eusing Free Registry Cleaner sw da usare saltuariamente, lo scarichi da qui:
http://www.eusing.com/free_registry_cleaner/registry_cleaner.htm
clic su Download Site1, una volta lanciato appare una finestra che chiede il codice, clic su ignora e procedi, poi in alto a sinistra clic su Analizza Registro, lascia fare fino alla fine non ti preoccupare se trova molte voci, poi clicca su Ripara Registro, il sw è sicuro comunque crea un punto di ripristino e fa anche il backup dei file eliminati infatti in alto sotto ripara registro si trova la voce Ripristina Registro.
Per fare questa pulizia meglio chiudere tutti i programmi e disconnesso.
Il programma è compatibile con tutti i S.O. windows compreso win 10.
Il pc dovrebbe andare meglio, fammi sapere. Ciao
sabbb
Inviato: Saturday, December 07, 2019 1:08:39 PM
Rank: AiutAmico

Iscritto dal : 9/12/2009
Posts: 6,632
Un suggerimento per cbbusto che saluto.

Autoruns è un buon alleato Speak to the hand
Utenti presenti in questo topic
Guest


Salta al Forum
Aggiunta nuovi Topic disabilitata in questo forum.
Risposte disabilitate in questo forum.
Eliminazione tuoi Post disabilitata in questo forum.
Modifica dei tuoi post disabilitata in questo forum.
Creazione Sondaggi disabilitata in questo forum.
Voto ai sondaggi disabilitato in questo forum.

Main Forum RSS : RSS

Aiutamici Theme
Powered by Yet Another Forum.net versione 1.9.1.8 (NET v2.0) - 3/29/2008
Copyright © 2003-2008 Yet Another Forum.net. All rights reserved.