dopo aver chiuso il coperchio delnotebook senza averlo spento, il pc è diventato lento nelle risposte di apertura programmi e pagine. allego hijackthis
w.7 x 64
Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.26
Platform: x64 Windows 7 (Home Premium), 6.1.7601.24546, Service Pack: 1
Time: 12.02.2022 - 11:58 (UTC+01:00)
Language: OS: Italian (0x410). Display: Italian (0x410). Non-Unicode: Italian (0x410)
Elevated: Yes
Ran by: Awad (group: Administrator) on AWAD-PC, FirstRun: yes
Firefox: 97.0.0.8068
Internet Explorer: 11.0.9600.19597
Default: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Firefox)
Boot mode: Normal
Running processes:
Number | Path
1 C:\Program Files\CCleaner\CCleaner64.exe
1 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
1 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
1 C:\Program Files\Microsoft Security Client\MsMpEng.exe
1 C:\Program Files\Microsoft Security Client\NisSrv.exe
1 C:\Program Files\Windows Media Player\wmpnetwk.exe
1 C:\Users\Awad\Desktop\HiJackThis\HiJackThis.exe
2 C:\Windows\System32\CompatTelRunner.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\audiodg.exe
1 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\dwm.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\lsm.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
1 C:\Windows\System32\sppsvc.exe
13 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskeng.exe
1 C:\Windows\System32\taskhost.exe
1 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\explorer.exe
1 C:\Windows\servicing\TrustedInstaller.exe
O2 - HKLM\..\BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2-32 - HKLM\..\BHO: Guida per l'accesso a Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] = C:\Program Files\CCleaner\CCleaner64.exe /MONITOR
O4 - MSConfig\startupreg: CCleaner Smart Cleaning [command] = C:\Program Files\CCleaner\CCleaner64.exe /MONITOR (HKCU) (2022/02/11)
O4 - MSConfig\startupreg: HotKeysCmds [command] = C:\Windows\system32\hkcmd.exe (HKLM) (2022/02/01)
O4 - MSConfig\startupreg: IgfxTray [command] = C:\Windows\system32\igfxtray.exe (HKLM) (2022/02/01)
O4 - MSConfig\startupreg: PLFSetL [command] = C:\Windows\PLFSetL.exe (HKLM) (2022/02/01)
O4 - MSConfig\startupreg: Persistence [command] = C:\Windows\system32\igfxpers.exe (HKLM) (2022/02/01)
O4 - MSConfig\startupreg: RTHDVCPL [command] = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s (HKLM) (2022/02/01)
O4 - MSConfig\startupreg: SNUVCDSM [command] = C:\Windows\snuvcdsm.exe (HKLM) (2022/02/01)
O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Add to Google Photos Screensa&ver: (default) = C:\Windows\system32\GPhotos.scr (file missing)
O8 - Context menu item: HKU\S-1-5-19\..\Internet Explorer\MenuExt\Add to Google Photos Screensa&ver: (default) = C:\Windows\system32\GPhotos.scr (file missing)
O8 - Context menu item: HKU\S-1-5-20\..\Internet Explorer\MenuExt\Add to Google Photos Screensa&ver: (default) = C:\Windows\system32\GPhotos.scr (file missing)
O9-32 - Button: HKLM\..\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}: (no name) - C:\Program Files (x86)\Java\j2re1.4.2_06\bin\npjpi142_06.dll
O9-32 - Button: HKLM\..\{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}: Inserisci blog - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9-32 - Tools menu item: HKLM\..\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}: Sun Java Console - C:\Program Files (x86)\Java\j2re1.4.2_06\bin\npjpi142_06.dll
O9-32 - Tools menu item: HKLM\..\{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}: Pubblica su un &blog in Windows Live Writer - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O16-32 - DPF: HKLM\..\{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}\DownloadInformation: QuickTime Plugin Control [CODEBASE] =
http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cabO16-32 - DPF: HKLM\..\{8AD9C840-044E-11D1-B3E9-00805F499D93}\DownloadInformation: Java Plug-in 1.4.2_06 [CODEBASE] =
http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cabO16-32 - DPF: HKLM\..\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}\DownloadInformation: Java Plug-in 1.4.2_06 [CODEBASE] =
http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cabO17 - DHCP DNS 1: 8.8.8.8 (Well-known DNS: Google)
O17 - DHCP DNS 2: 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{12B94EF1-4C06-4F43-A760-1530512C3422}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{12B94EF1-4C06-4F43-A760-1530512C3422}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{12B94EF1-4C06-4F43-A760-1530512C3422}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{12B94EF1-4C06-4F43-A760-1530512C3422}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O18 - HKLM\Software\Classes\Protocols\Handler\wlpg: [CLSID] = {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\Gestore icona firma digitale di AutoCAD: AcSignIcon - {36A21736-36C2-4C11-8ACB-D4136F2B57BD} - C:\Windows\system32\AcSignIcon.dll
O22 - Task (.job): (disabled) Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O22 - Task (.job): GlaryInitialize.job - C:\Program Files (x86)\Glary Utilities\initialize.exe
O22 - Task: (activation) \Microsoft\Windows\Windows Activation Technologies\ValidationTask - C:\Windows\system32\Wat\WatAdminSvc.exe /run (Microsoft)
O22 - Task: (activation) \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - C:\Windows\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"
O22 - Task: (disabled) Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O22 - Task: (disabled) CCleanerSkipUAC - Awad - C:\Program Files\CCleaner\CCleaner.exe $(Arg0)
O22 - Task: (disabled) CreateChoiceProcessTask - C:\Windows\System32\browserchoice.exe /launch
O22 - Task: (disabled) GlaryInitialize - C:\Program Files (x86)\Glary Utilities\initialize.exe
O22 - Task: (disabled) GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Task: (disabled) GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Task: (disabled) RealPlayerRealUpgradeLogonTaskS-1-5-21-1653504487-937080709-3891541705-1000 - C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe /logoncheck (file missing)
O22 - Task: (disabled) RealPlayerRealUpgradeScheduledTaskS-1-5-21-1653504487-937080709-3891541705-1000 - C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe /scheduledcheck (file missing)
O22 - Task: (disabled) {75605349-50F5-4B89-BBC8-F7DAE1BB5B1D} - C:\Windows\system32\pcalua.exe -a C:\Users\Awad\Desktop\eMule0.49c-Installer2.exe -d "C:\Program Files (x86)\Mozilla Firefox"
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\Windows\system32\CompatTelRunner.exe (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\Windows\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\ProgramDataUpdater - C:\Windows\system32\compattelrunner.exe -maintenance (Microsoft)
O22 - Task: (telemetry) \Microsoft\Windows\Customer Experience Improvement Program\Uploader - C:\Windows\system32\WSqmCons.exe -u (Microsoft)
O22 - Task: (update) \Microsoft\Windows\End Of Support\Notify1 - C:\Windows\system32\sipnotify.exe -LogonOrUnlock (Microsoft)
O22 - Task: (update) \Microsoft\Windows\End Of Support\Notify2 - C:\Windows\system32\sipnotify.exe -Daily (Microsoft)
O22 - Task: CCleaner Update - C:\Program Files\CCleaner\CCUpdate.exe
O22 - Task: \Microsoft\Windows Live\SOXE\Extractor Definitions Update Task - {3519154C-227E-47F3-9CC9-12C3F05817F1} - (no file)
O22 - Task: \Mozilla\Firefox Background Update E7CF176E110C211B - C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
O23 - Service R2: Diagnostics Tracking Service - (DiagTrack) - C:\Windows\System32\svchost.exe -k utcsvc; "ServiceDll" = C:\Windows\system32\diagtrack.dll
O23 - Service S3: Adobe Active File Monitor V8 - (AdobeActiveFileMonitor8.0) - c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
O23 - Service S3: Adobe Flash Player Update Service - (AdobeFlashPlayerUpdateSvc) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service S3: Autodesk Licensing Service - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service S3: Autodesk Network Licensing Service - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskNetSrv.exe
O23 - Service S3: Dritek WMI Service - (DsiWMIService) - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service S3: FLEXnet Licensing Service - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service S3: GameConsoleService - C:\Program Files (x86)\Packard Bell Games\Packard Bell Game Console\GameConsoleService.exe
O23 - Service S3: Google Software Updater - (gusvc) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service S3: Intel(R) Management & Security Application User Notification Service - (UNS) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service S3: Intel(R) Management and Security Application Local Management Service - (LMS) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service S3: Intel(R) Rapid Storage Technology - (IAStorDataMgrSvc) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service S3: NTI IScheduleSvc - C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe (file missing)
O23 - Service S3: Pos Service - (PowerOffer Service) - C:\Users\Awad\AppData\Local\PosService\Pos.exe
O23 - Service S3: Servizio Google Update (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Servizio di Google Update (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: TeamViewer 7 - (TeamViewer7) - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service S3: TurboBoost - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service S3: VMware Agent Service - (ufad-ws60) - C:\Program Files (x86)\VMware\VMware Player\vmware-ufad.exe -d "C:\Program Files (x86)\VMware\VMware Player\\" -s ufad-p2v.xml
O23 - Service S3: VMware Authorization Service - (VMAuthdService) - C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
O23 - Service S3: VMware DHCP Service - (VMnetDHCP) - C:\WINDOWS\SYSWOW64\VMNETDHCP.EXE
O23 - Service S3: VMware NAT Service - C:\WINDOWS\SYSWOW64\VMNAT.EXE
O23 - Service S3: VMware USB Arbitration Service - (VMUSBArbService) - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe
O23 - Service S3: Windows Live Family Safety Service - (fsssvc) - C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
--
End of file - Time spent: 51,8 sec. - 24834 bytes, CRC32: FFFFFFFF. Sign: 䥲⨟
