|
Rank: AiutAmico
Iscritto dal : 3/9/2001 Posts: 58
|
Buonasera, il mio sistema operativo è windows10 da un pò di tempo è comparso questo maledetto virus PUA:Win32/PcMechanic e non riesco con nessun antivirus ad eliminare. Gentilmente potete controllare il log e indicarmi quale riga debbo togliere? Grazie
Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.26
Platform: x64 Windows 10 (Pro), 10.0.19044.1586 (ReleaseId: 2009), Service Pack: 0 Time: 14.03.2022 - 17:51 (UTC+01:00) Language: OS: Italian (0x410). Display: Italian (0x410). Non-Unicode: Italian (0x410) Elevated: Yes Ran by: Salvo (group: Administrator) on DESKTOP-TVMVEDA, FirstRun: yes
Chrome: 99.0.4844.51 Internet Explorer: 11.0.19041.1566 Default: "C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)
Boot mode: Normal
Running processes: Number | Path 1 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 1 C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe 1 C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe 1 C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe 1 C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe 1 C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe 1 C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe 1 C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome-nm-host.exe 1 C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe 1 C:\Program Files (x86)\Volume2\Volume2.exe 1 C:\Program Files (x86)\WinZip\WINZIP32.EXE 1 C:\Program Files (x86)\iISystem Wiper\SystemWiper.exe 2 C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe 16 C:\Program Files\Google\Chrome\Application\chrome.exe 1 C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe 1 C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe 1 C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe 1 C:\Program Files\Macrium\Common\MacriumService.exe 1 C:\Program Files\Macrium\Common\ReflectMonitor.exe 1 C:\Program Files\Macrium\Common\ReflectUI.exe 1 C:\Program Files\TomTom HOME\TTHOMEService.exe 1 C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2021.21090.10008.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe 1 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22012.167.0_x64__8wekyb3d8bbwe\YourPhone.exe 1 C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.22011.10031.0_x64__8wekyb3d8bbwe\Video.UI.exe 1 C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe 1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe 1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\NisSrv.exe 1 C:\Users\Salvo\AppData\Local\MEGAsync\MEGAsync.exe 1 C:\Users\Salvo\Desktop\HiJackThis\HiJackThis.exe 1 C:\Windows\ImmersiveControlPanel\SystemSettings.exe 1 C:\Windows\System32\ApplicationFrameHost.exe 1 C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_12ed482042e0dee5\igfxCUIService.exe 1 C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_12ed482042e0dee5\igfxEM.exe 1 C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe 1 C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_003a6d3c4c50c291\OneApp.IGCC.WinService.exe 1 C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_1dc9fc8d5e442f6a\IntelCpHDCPSvc.exe 1 C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_1dc9fc8d5e442f6a\IntelCpHeciSvc.exe 9 C:\Windows\System32\RuntimeBroker.exe 1 C:\Windows\System32\SearchFilterHost.exe 1 C:\Windows\System32\SearchIndexer.exe 2 C:\Windows\System32\SearchProtocolHost.exe 1 C:\Windows\System32\SecurityHealthService.exe 1 C:\Windows\System32\SecurityHealthSystray.exe 1 C:\Windows\System32\SgrmBroker.exe 1 C:\Windows\System32\audiodg.exe 1 C:\Windows\System32\cmd.exe 2 C:\Windows\System32\conhost.exe 2 C:\Windows\System32\csrss.exe 1 C:\Windows\System32\ctfmon.exe 1 C:\Windows\System32\dwm.exe 2 C:\Windows\System32\fontdrvhost.exe 1 C:\Windows\System32\lsass.exe 1 C:\Windows\System32\oobe\UserOOBEBroker.exe 1 C:\Windows\System32\services.exe 1 C:\Windows\System32\sihost.exe 1 C:\Windows\System32\smartscreen.exe 1 C:\Windows\System32\smss.exe 1 C:\Windows\System32\spoolsv.exe 74 C:\Windows\System32\svchost.exe 1 C:\Windows\System32\taskhostw.exe 1 C:\Windows\System32\wininit.exe 1 C:\Windows\System32\winlogon.exe 1 C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe 1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe 1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe 1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe 1 C:\Windows\explorer.exe
O2 - HKLM\..\BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll O2 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\99.0.1150.39\BHO\ie_to_edge_bho_64.dll O2 - HKLM\..\BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll O2-32 - HKLM\..\BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll O2-32 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\99.0.1150.39\BHO\ie_to_edge_bho.dll O2-32 - HKLM\..\BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O3 - HKLM\..\Toolbar: &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll O3 - HKLM\..\Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll O3-32 - HKLM\..\Toolbar: &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O3-32 - HKLM\..\Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll O4 - HKCU\..\Run: [Adobe Acrobat Synchronizer] = C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe O4 - HKCU\..\Run: [RoboForm] = C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe O4 - HKCU\..\Run: [TomTomHOME.exe] = C:\Program Files\TomTom HOME\TTHOMERunner.exe -s (file missing) O4 - HKCU\..\Run: [iIWiper] = C:\Program Files (x86)\iISystem Wiper\SystemWiper.exe m O4 - HKCU\..\StartupApproved\Run: [CCleaner Smart Cleaning] = C:\Program Files\CCleaner\CCleaner64.exe /MONITOR (2021/10/02) O4 - HKLM\..\Run: [Reflect UI] = C:\Program Files\Macrium\Common\ReflectUI.exe O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] = C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (file missing) O4 - User Startup: C:\Users\Salvo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk -> C:\Users\Salvo\AppData\Local\MEGAsync\MEGAsync.exe O4-32 - HKLM\..\Run: [Intel Driver & Support Assistant] = C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe O4-32 - HKLM\..\Run: [Volume2] = C:\Program Files (x86)\Volume2\Volume2.exe O4-32 - HKLM\..\Run: [Wondershare Helper Compact.exe] = C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (file missing) O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Compila Modulo: (default) = C:/Program Files (x86)/Siber Systems/AI RoboForm (file missing) O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Personalizza: (default) = C:/Program Files (x86)/Siber Systems/AI RoboForm (file missing) O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\RF Barra strumenti: (default) = C:/Program Files (x86)/Siber Systems/AI RoboForm (file missing) O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Salva Moduli: (default) = C:/Program Files (x86)/Siber Systems/AI RoboForm (file missing) O9 - Button: HKLM\..\{320AF880-6646-11D3-ABEE-C5DBF3571F46}: Compila - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll O9 - Button: HKLM\..\{320AF880-6646-11D3-ABEE-C5DBF3571F49}: Salva - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll O9 - Button: HKLM\..\{724d43aa-0d85-11d4-9908-00400523e39a}: Mostra Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll O9 - Tools menu item: HKLM\..\{320AF880-6646-11D3-ABEE-C5DBF3571F46}: Compila Modulo - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll O9 - Tools menu item: HKLM\..\{320AF880-6646-11D3-ABEE-C5DBF3571F49}: Salva Moduli - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll O9 - Tools menu item: HKLM\..\{724d43aa-0d85-11d4-9908-00400523e39a}: RF Barra strumenti - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll O9-32 - Button: HKLM\..\{320AF880-6646-11D3-ABEE-C5DBF3571F46}: Compila - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O9-32 - Button: HKLM\..\{320AF880-6646-11D3-ABEE-C5DBF3571F49}: Salva - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O9-32 - Button: HKLM\..\{724d43aa-0d85-11d4-9908-00400523e39a}: Mostra Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O9-32 - Tools menu item: HKLM\..\{320AF880-6646-11D3-ABEE-C5DBF3571F46}: Compila Modulo - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O9-32 - Tools menu item: HKLM\..\{320AF880-6646-11D3-ABEE-C5DBF3571F49}: Salva Moduli - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O9-32 - Tools menu item: HKLM\..\{724d43aa-0d85-11d4-9908-00400523e39a}: RF Barra strumenti - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O17 - DHCP DNS 1: 192.168.43.1 O21 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Pending): MEGA (Pending) - {056D528D-CE28-4194-9BA3-BA2E9197FF8C} - C:\Users\Salvo\AppData\Local\MEGAsync\ShellExtX64.dll O21 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Synced): MEGA (Synced) - {05B38830-F4E9-4329-978B-1DD28605D202} - C:\Users\Salvo\AppData\Local\MEGAsync\ShellExtX64.dll O21 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Syncing): MEGA (Syncing) - {0596C850-7BDD-4C9D-AFDF-873BE6890637} - C:\Users\Salvo\AppData\Local\MEGAsync\ShellExtX64.dll O21-32 - HKLM\..\ShellExecuteHooks: [{B5A7F190-DDA6-4420-B3BA-52453494E6CD}] - Groove GFS Stub Execution Hook - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (disabled) O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 1 (GFS Unread Stub): Groove Explorer Icon Overlay 1 (GFS Unread Stub) - {99FD978C-D287-4F50-827F-B2C658EDA8E7} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2 (GFS Stub): Groove Explorer Icon Overlay 2 (GFS Stub) - {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2.5 (GFS Unread Folder): Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) - {920E6DB1-9907-4370-B3A0-BAFC03D81399} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 3 (GFS Folder): Groove Explorer Icon Overlay 3 (GFS Folder) - {16F3DD56-1AF5-4347-846D-7C10C4192619} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 4 (GFS Unread Mark): Groove Explorer Icon Overlay 4 (GFS Unread Mark) - {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateAssistant\UpdateAssistant - C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe /ClientID Win10Upgrade:VNL:NHV25:{} (Microsoft) O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateAssistant\UpdateAssistantAllUsersRun - C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe /ClientID Win10Upgrade:VNL:NHV25:{} /AllUsersRun (Microsoft) O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateAssistant\UpdateAssistantCalendarRun - C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe /ClientID Win10Upgrade:VNL:NHV25:{} /CalendarRun (Microsoft) O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateAssistant\UpdateAssistantWakeupRun - C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe /ClientID Win10Upgrade:VNL:NHV25:{} /WakeupRun (Microsoft) O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\WINDOWS\system32\MusNotification.exe /RunOnAC RebootDialog (Microsoft) O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\WINDOWS\system32\MusNotification.exe /RunOnBattery RebootDialog (Microsoft) O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft) O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft) O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (Microsoft) O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\WINDOWS\system32\usoclient.exe StartWork (Microsoft) O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft) O22 - Task: (update) \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\WINDOWS\system32\MusNotification.exe (Microsoft) O22 - Task: Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe O22 - Task: CCleaner Update - C:\Program Files\CCleaner\CCUpdate.exe O22 - Task: CCleanerSkipUAC - Salvo - C:\Program Files\CCleaner\CCleaner.exe $(Arg0) O22 - Task: EOSv3 Scheduler onLogOn - C:\Users\Salvo\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe LOGON O22 - Task: EOSv3 Scheduler onTime - C:\Users\Salvo\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe SCHED O22 - Task: GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c O22 - Task: GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler O22 - Task: IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (file missing) O22 - Task: Intel PTT EK Recertification - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe O22 - Task: IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe --automatic O22 - Task: IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe --automatic O22 - Task: OneDrive Standalone Update Task-S-1-5-21-1025282367-3084422637-3164669770-500 - C:\Users\Salvo\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (file missing) O22 - Task: OneDrive Standalone Update Task-S-1-5-21-1908716372-1856947639-1881081324-500 - C:\Users\Salvo\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (file missing) O22 - Task: Open URL by RoboForm - C:\WINDOWS\system32\rundll32.exe url.dll,FileProtocolHandler "http://www.roboform.com/test-pass.html?aaa=KICMNJJMKMJJMJMJJJPMCNOMLMJJLMCNLMJMLMMJCNHMNJIMNMCNIMLJIMNMOJLMMJNMKMJMMJOJJNJICMIMCNGMCNGMFMOMOMCNIMHMGMCNOMGMPMLMOMFMJMCNMMCNGMJMPMPMCNNMJNPICMPMFMEKMICNJJCKFMPMJNHICMEKMICNJJCKJNBJCMMKOJDJJIAJJNKJCMJNNICMJNDJCMGJLIJNMJCMPMFMPMFMPMJNFICMGJLJKJBJLIGJLIGJKJMIBNKJHIKJ" O22 - Task: Run RoboForm TaskBar Icon - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe O22 - Task: USER_ESRV_SVC_QUEENCREEK - C:\WINDOWS\System32\Wscript.exe //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs" O22 - Task: \MEGA\MEGAsync Update Task S-1-5-21-1025282367-3084422637-3164669770-1001 - C:\Users\Salvo\AppData\Local\MEGAsync\MEGAupdater.exe O22 - Task: \Microsoft\Windows\AppListBackup\Backup - {E0DCC2CC-3354-45F2-8914-519E07809082} - C:\WINDOWS\system32\AppListBackupLauncher.dll (Microsoft) O22 - Task: \Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler - {5AA199A0-1CED-43A5-9B85-3226086738A3} - (no file) O22 - Task: \Microsoft\Windows\WindowsUpdate\RUXIM\RUXIMDisplay - C:\Program Files\ruxim\ruximics.exe /nonetwork (Microsoft) O22 - Task: \Microsoft\Windows\WindowsUpdate\RUXIM\RUXIMSync - C:\Program Files\ruxim\ruximics.exe /onlyloadcampaigns (Microsoft) O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service R2: Energy Server Service queencreek - (ESRV_SVC_QUEENCREEK) - C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe "--AUTO_START" "--start" "--start_options_registry_key" "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\ESRV_SVC_QUEENCREEK\_start" O23 - Service R2: HuaweiHiSuiteService64.exe - C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe -/service O23 - Service R2: Intel(R) Content Protection HDCP Service - (cplspcon) - C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_1dc9fc8d5e442f6a\IntelCpHDCPSvc.exe O23 - Service R2: Intel(R) Driver & Support Assistant - (DSAService) - C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe O23 - Service R2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe O23 - Service R2: Intel(R) Graphics Command Center Service - (igccservice) - C:\WINDOWS\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_003a6d3c4c50c291\OneApp.IGCC.WinService.exe O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService2.0.0.0) - C:\WINDOWS\System32\DriverStore\FileRepository\cui_dch.inf_amd64_12ed482042e0dee5\igfxCUIService.exe O23 - Service R2: Intel(R) System Usage Report Service SystemUsageReportSvc_QUEENCREEK - (SystemUsageReportSvc_QUEENCREEK) - C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe O23 - Service R2: Macrium Service - (MacriumService) - C:\Program Files\Macrium\Common\MacriumService.exe O23 - Service R2: TTHOMEService - C:\Program Files\TomTom HOME\TTHOMEService.exe O23 - Service R3: Intel(R) Content Protection HECI Service - (cphs) - C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_1dc9fc8d5e442f6a\IntelCpHeciSvc.exe O23 - Service R3: Intel(R) Driver & Support Assistant Updater - (DSAUpdateService) - C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe O23 - Service S2: AsusUpdateCheck - C:\WINDOWS\System32\AsusUpdateCheck.exe O23 - Service S2: Intel(R) TPM Provisioning Service - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\TPMProvisioningService.exe O23 - Service S2: Servizio Google Update (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\99.0.4844.51\elevation_service.exe O23 - Service S3: Intel(R) Capability Licensing Service TCP IP Interface - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\SocketHeciServer.exe O23 - Service S3: Intel(R) SUR QC Software Asset Manager - (Intel(R) SUR QC SAM) - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service S3: NBService - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service S3: NMIndexingService - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service S3: Servizio Google Update (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc O23 - Service S3: User Energy Server Service queencreek - (USER_ESRV_SVC_QUEENCREEK) - C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe "--run_as_user_process"
--
|
|
|
|
|
Rank: AiutAmico
Iscritto dal : 3/9/2001 Posts: 58
|
Scusate non cè nessuno competente che possa aiutarmi? Grazie
|
|
Rank: AiutAmico
Iscritto dal : 10/27/2006 Posts: 9,409
|
lo hijactisologo al momento è latente. comincia a fixare tutti gli 04 e poi ristampa il log
|
|
Rank: AiutAmico
Iscritto dal : 3/9/2001 Posts: 58
|
Ciao Giza, ho fatto come mi hai indicato ho fixato tutti gli 04 dopodichè ho pulito la cartella temp e Prefect ho pulito il registro con Free Registry Clean e ho riavviato il sistema. Purtroppo il maledetto è sempre presente però il sistema mi ha tolto tutti i collegamenti a molti programmi. Ecco il nuovo Log: Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.26
Platform: x64 Windows 10 (Pro), 10.0.19044.1586 (ReleaseId: 2009), Service Pack: 0 Time: 16.03.2022 - 18:20 (UTC+01:00) Language: OS: Italian (0x410). Display: Italian (0x410). Non-Unicode: Italian (0x410) Elevated: Yes Ran by: Salvo (group: Administrator) on DESKTOP-TVMVEDA, FirstRun: yes
Chrome: 99.0.4844.51 Internet Explorer: 11.0.19041.1566 Default: "C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)
Boot mode: Normal
Running processes: Number | Path 1 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 1 C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe 1 C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe 1 C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe 1 C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe 1 C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe 1 C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe 1 C:\Program Files\Macrium\Common\MacriumService.exe 1 C:\Program Files\Macrium\Common\ReflectMonitor.exe 1 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22012.167.0_x64__8wekyb3d8bbwe\YourPhone.exe 1 C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.22011.10031.0_x64__8wekyb3d8bbwe\Video.UI.exe 1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe 1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\NisSrv.exe 1 C:\Users\Salvo\Documents\Download\HiJackThis\HiJackThis.exe 1 C:\Windows\ImmersiveControlPanel\SystemSettings.exe 1 C:\Windows\System32\ApplicationFrameHost.exe 1 C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_12ed482042e0dee5\igfxCUIService.exe 1 C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_12ed482042e0dee5\igfxEM.exe 1 C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe 1 C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_003a6d3c4c50c291\OneApp.IGCC.WinService.exe 1 C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_1dc9fc8d5e442f6a\IntelCpHDCPSvc.exe 1 C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_1dc9fc8d5e442f6a\IntelCpHeciSvc.exe 7 C:\Windows\System32\RuntimeBroker.exe 1 C:\Windows\System32\SearchFilterHost.exe 1 C:\Windows\System32\SearchIndexer.exe 1 C:\Windows\System32\SearchProtocolHost.exe 1 C:\Windows\System32\SecurityHealthService.exe 1 C:\Windows\System32\SecurityHealthSystray.exe 1 C:\Windows\System32\audiodg.exe 3 C:\Windows\System32\backgroundTaskHost.exe 2 C:\Windows\System32\csrss.exe 1 C:\Windows\System32\ctfmon.exe 1 C:\Windows\System32\dllhost.exe 1 C:\Windows\System32\dwm.exe 2 C:\Windows\System32\fontdrvhost.exe 1 C:\Windows\System32\lsass.exe 1 C:\Windows\System32\oobe\UserOOBEBroker.exe 1 C:\Windows\System32\services.exe 1 C:\Windows\System32\sihost.exe 1 C:\Windows\System32\smartscreen.exe 1 C:\Windows\System32\smss.exe 1 C:\Windows\System32\spoolsv.exe 71 C:\Windows\System32\svchost.exe 1 C:\Windows\System32\taskhostw.exe 2 C:\Windows\System32\wbem\WmiPrvSE.exe 1 C:\Windows\System32\wininit.exe 1 C:\Windows\System32\winlogon.exe 1 C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe 1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe 1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe 1 C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1525_none_7e00daaa7c97a563\TiWorker.exe 1 C:\Windows\explorer.exe 1 C:\Windows\servicing\TrustedInstaller.exe
O2 - HKLM\..\BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll O2 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\99.0.1150.39\BHO\ie_to_edge_bho_64.dll O2 - HKLM\..\BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll O2-32 - HKLM\..\BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll O2-32 - HKLM\..\BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\99.0.1150.39\BHO\ie_to_edge_bho.dll O2-32 - HKLM\..\BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O3 - HKLM\..\Toolbar: &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll O3 - HKLM\..\Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll O3-32 - HKLM\..\Toolbar: &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O3-32 - HKLM\..\Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Compila Modulo: (default) = C:/Program Files (x86)/Siber Systems/AI RoboForm (file missing) O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Personalizza: (default) = C:/Program Files (x86)/Siber Systems/AI RoboForm (file missing) O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\RF Barra strumenti: (default) = C:/Program Files (x86)/Siber Systems/AI RoboForm (file missing) O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Salva Moduli: (default) = C:/Program Files (x86)/Siber Systems/AI RoboForm (file missing) O9 - Button: HKLM\..\{320AF880-6646-11D3-ABEE-C5DBF3571F46}: Compila - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll O9 - Button: HKLM\..\{320AF880-6646-11D3-ABEE-C5DBF3571F49}: Salva - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll O9 - Button: HKLM\..\{724d43aa-0d85-11d4-9908-00400523e39a}: Mostra Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll O9 - Tools menu item: HKLM\..\{320AF880-6646-11D3-ABEE-C5DBF3571F46}: Compila Modulo - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll O9 - Tools menu item: HKLM\..\{320AF880-6646-11D3-ABEE-C5DBF3571F49}: Salva Moduli - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll O9 - Tools menu item: HKLM\..\{724d43aa-0d85-11d4-9908-00400523e39a}: RF Barra strumenti - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll O9-32 - Button: HKLM\..\{320AF880-6646-11D3-ABEE-C5DBF3571F46}: Compila - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O9-32 - Button: HKLM\..\{320AF880-6646-11D3-ABEE-C5DBF3571F49}: Salva - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O9-32 - Button: HKLM\..\{724d43aa-0d85-11d4-9908-00400523e39a}: Mostra Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O9-32 - Tools menu item: HKLM\..\{320AF880-6646-11D3-ABEE-C5DBF3571F46}: Compila Modulo - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O9-32 - Tools menu item: HKLM\..\{320AF880-6646-11D3-ABEE-C5DBF3571F49}: Salva Moduli - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O9-32 - Tools menu item: HKLM\..\{724d43aa-0d85-11d4-9908-00400523e39a}: RF Barra strumenti - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll O17 - DHCP DNS 1: 192.168.43.1 O21 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Pending): MEGA (Pending) - {056D528D-CE28-4194-9BA3-BA2E9197FF8C} - C:\Users\Salvo\AppData\Local\MEGAsync\ShellExtX64.dll O21 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Synced): MEGA (Synced) - {05B38830-F4E9-4329-978B-1DD28605D202} - C:\Users\Salvo\AppData\Local\MEGAsync\ShellExtX64.dll O21 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Syncing): MEGA (Syncing) - {0596C850-7BDD-4C9D-AFDF-873BE6890637} - C:\Users\Salvo\AppData\Local\MEGAsync\ShellExtX64.dll O21-32 - HKLM\..\ShellExecuteHooks: [{B5A7F190-DDA6-4420-B3BA-52453494E6CD}] - Groove GFS Stub Execution Hook - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (disabled) O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 1 (GFS Unread Stub): Groove Explorer Icon Overlay 1 (GFS Unread Stub) - {99FD978C-D287-4F50-827F-B2C658EDA8E7} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2 (GFS Stub): Groove Explorer Icon Overlay 2 (GFS Stub) - {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2.5 (GFS Unread Folder): Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) - {920E6DB1-9907-4370-B3A0-BAFC03D81399} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 3 (GFS Folder): Groove Explorer Icon Overlay 3 (GFS Folder) - {16F3DD56-1AF5-4347-846D-7C10C4192619} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 4 (GFS Unread Mark): Groove Explorer Icon Overlay 4 (GFS Unread Mark) - {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateAssistant\UpdateAssistant - C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe /ClientID Win10Upgrade:VNL:NHV25:{} (Microsoft) O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateAssistant\UpdateAssistantAllUsersRun - C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe /ClientID Win10Upgrade:VNL:NHV25:{} /AllUsersRun (Microsoft) O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateAssistant\UpdateAssistantCalendarRun - C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe /ClientID Win10Upgrade:VNL:NHV25:{} /CalendarRun (Microsoft) O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateAssistant\UpdateAssistantWakeupRun - C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe /ClientID Win10Upgrade:VNL:NHV25:{} /WakeupRun (Microsoft) O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\WINDOWS\system32\MusNotification.exe /RunOnAC RebootDialog (Microsoft) O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\WINDOWS\system32\MusNotification.exe /RunOnBattery RebootDialog (Microsoft) O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft) O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft) O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (Microsoft) O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\WINDOWS\system32\usoclient.exe StartWork (Microsoft) O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft) O22 - Task: (update) \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\WINDOWS\system32\MusNotification.exe (Microsoft) O22 - Task: Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe O22 - Task: CCleaner Update - C:\Program Files\CCleaner\CCUpdate.exe O22 - Task: CCleanerSkipUAC - Salvo - C:\Program Files\CCleaner\CCleaner.exe $(Arg0) O22 - Task: EOSv3 Scheduler onLogOn - C:\Users\Salvo\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe LOGON O22 - Task: EOSv3 Scheduler onTime - C:\Users\Salvo\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe SCHED O22 - Task: GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c O22 - Task: GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler O22 - Task: IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (file missing) O22 - Task: Intel PTT EK Recertification - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe O22 - Task: IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe --automatic O22 - Task: IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe --automatic O22 - Task: OneDrive Standalone Update Task-S-1-5-21-1025282367-3084422637-3164669770-500 - C:\Users\Salvo\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (file missing) O22 - Task: OneDrive Standalone Update Task-S-1-5-21-1908716372-1856947639-1881081324-500 - C:\Users\Salvo\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (file missing) O22 - Task: Open URL by RoboForm - C:\WINDOWS\system32\rundll32.exe url.dll,FileProtocolHandler "http://www.roboform.com/test-pass.html?aaa=KICMNJJMKMJJMJMJJJPMCNOMLMJJLMCNLMJMLMMJCNHMNJIMNMCNIMLJIMNMOJLMMJNMKMJMMJOJJNJICMIMCNGMCNGMFMOMOMCNIMHMGMCNOMGMPMLMOMFMJMCNMMCNGMJMPMPMCNNMJNPICMPMFMEKMICNJJCKFMPMJNHICMEKMICNJJCKJNBJCMMKOJDJJIAJJNKJCMJNNICMJNDJCMGJLIJNMJCMPMFMPMFMPMJNFICMGJLJKJBJLIGJLIGJKJMIBNKJHIKJ" O22 - Task: Run RoboForm TaskBar Icon - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (file missing) O22 - Task: USER_ESRV_SVC_QUEENCREEK - C:\WINDOWS\System32\Wscript.exe //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs" O22 - Task: \MEGA\MEGAsync Update Task S-1-5-21-1025282367-3084422637-3164669770-1001 - C:\Users\Salvo\AppData\Local\MEGAsync\MEGAupdater.exe O22 - Task: \Microsoft\Windows\AppListBackup\Backup - {E0DCC2CC-3354-45F2-8914-519E07809082} - C:\WINDOWS\system32\AppListBackupLauncher.dll (Microsoft) O22 - Task: \Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler - {5AA199A0-1CED-43A5-9B85-3226086738A3} - (no file) O22 - Task: \Microsoft\Windows\WindowsUpdate\RUXIM\RUXIMDisplay - C:\Program Files\ruxim\ruximics.exe /nonetwork (Microsoft) O22 - Task: \Microsoft\Windows\WindowsUpdate\RUXIM\RUXIMSync - C:\Program Files\ruxim\ruximics.exe /onlyloadcampaigns (Microsoft) O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service R2: HuaweiHiSuiteService64.exe - C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe -/service O23 - Service R2: Intel(R) Content Protection HDCP Service - (cplspcon) - C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_1dc9fc8d5e442f6a\IntelCpHDCPSvc.exe O23 - Service R2: Intel(R) Driver & Support Assistant - (DSAService) - C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe O23 - Service R2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe O23 - Service R2: Intel(R) Graphics Command Center Service - (igccservice) - C:\WINDOWS\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_003a6d3c4c50c291\OneApp.IGCC.WinService.exe O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService2.0.0.0) - C:\WINDOWS\System32\DriverStore\FileRepository\cui_dch.inf_amd64_12ed482042e0dee5\igfxCUIService.exe O23 - Service R2: Intel(R) System Usage Report Service SystemUsageReportSvc_QUEENCREEK - (SystemUsageReportSvc_QUEENCREEK) - C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe O23 - Service R2: Macrium Service - (MacriumService) - C:\Program Files\Macrium\Common\MacriumService.exe O23 - Service R3: Intel(R) Content Protection HECI Service - (cphs) - C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_1dc9fc8d5e442f6a\IntelCpHeciSvc.exe O23 - Service R3: Intel(R) Driver & Support Assistant Updater - (DSAUpdateService) - C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe O23 - Service S2: AsusUpdateCheck - C:\WINDOWS\System32\AsusUpdateCheck.exe O23 - Service S2: Energy Server Service queencreek - (ESRV_SVC_QUEENCREEK) - C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe "--AUTO_START" "--start" "--start_options_registry_key" "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\ESRV_SVC_QUEENCREEK\_start" O23 - Service S2: Intel(R) TPM Provisioning Service - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\TPMProvisioningService.exe O23 - Service S2: Servizio Google Update (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc O23 - Service S2: TTHOMEService - C:\Program Files\TomTom HOME\TTHOMEService.exe O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\99.0.4844.51\elevation_service.exe O23 - Service S3: Intel(R) Capability Licensing Service TCP IP Interface - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\SocketHeciServer.exe O23 - Service S3: Intel(R) SUR QC Software Asset Manager - (Intel(R) SUR QC SAM) - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service S3: NBService - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service S3: NMIndexingService - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service S3: Servizio Google Update (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc O23 - Service S3: User Energy Server Service queencreek - (USER_ESRV_SVC_QUEENCREEK) - C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe "--run_as_user_process"
-- End of file - Time spent: 12,7 sec. - 37624 bytes, CRC32: FFFFFFFF. Sign: ô‹“®
|
|
Rank: AiutAmico
Iscritto dal : 10/27/2006 Posts: 9,409
|
se ti riferisci allo 04, sono programmi in avvio che si riformano quando li usi. no problem. per il resto, devi aspettare l'experto. segui quanto indicato qui. http://forum.aiutamici.com/yaf_postst96025_ELIMINARE-PAGINE-PUBBLICITARIE-E-PORCHERIE-VARIE-E-PULIRE-SISTEMA.aspx
|
|
Rank: AiutAmico
Iscritto dal : 3/9/2001 Posts: 58
|
Ok aspetto l'esperto. Grazie
|
|
Rank: Newbie
Iscritto dal : 2/16/2024 Posts: 0
|
|
|
Guest |