Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Boot mode: Normal
- Running processes:
- Number | Path
- 9 C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe
- 1 C:\Program Files\ESET\ESET Security\eguiProxy.exe
- 1 C:\Program Files\ESET\ESET Security\ekrn.exe
- 1 C:\Program Files\Shadow Defender\DefenderDaemon.exe
- 1 C:\Users\HOME\AppData\Local\Temp\irpb.exe
- 1 C:\Users\HOME\Desktop\HiJackThis\HiJackThis.exe
- 1 C:\Users\HOME\Desktop\IperiusRemote.exe
- 1 C:\Users\HOME\Desktop\ProcessExplorer\procexp64.exe
- 1 C:\Windows\System32\ApplicationFrameHost.exe
- 1 C:\Windows\System32\AutoModeDetect.exe
- 2 C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_0222c12a396c055f\DAX3API.exe
- 1 C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_b9fd1528982e300f\LenovoUtilityService.exe
- 2 C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3d345565ec73a109\RtkAudUService64.exe
- 1 C:\Windows\System32\DriverStore\FileRepository\u0361437.inf_amd64_b82dc71fab24f1f3\B361368\atieclxx.exe
- 1 C:\Windows\System32\DriverStore\FileRepository\u0361437.inf_amd64_b82dc71fab24f1f3\B361368\atiesrxx.exe
- 1 C:\Windows\System32\ETDCtrl.exe
- 1 C:\Windows\System32\ETDCtrlHelper.exe
- 1 C:\Windows\System32\ETDService.exe
- 1 C:\Windows\System32\ETDTouch.exe
- 1 C:\Windows\System32\FMService64.exe
- 1 C:\Windows\System32\LNBITSSvc.exe
- 4 C:\Windows\System32\RuntimeBroker.exe
- 1 C:\Windows\System32\SecurityHealthService.exe
- 1 C:\Windows\System32\SettingSyncHost.exe
- 1 C:\Windows\System32\SgrmBroker.exe
- 1 C:\Windows\System32\SynTPEnh.exe
- 1 C:\Windows\System32\SynTPEnhService.exe
- 1 C:\Windows\System32\audiodg.exe
- 1 C:\Windows\System32\cmd.exe
- 2 C:\Windows\System32\conhost.exe
- 2 C:\Windows\System32\csrss.exe
- 1 C:\Windows\System32\ctfmon.exe
- 1 C:\Windows\System32\dasHost.exe
- 1 C:\Windows\System32\dllhost.exe
- 1 C:\Windows\System32\drivers\AdminService.exe
- 1 C:\Windows\System32\drivers\QcomWlanSrvx64.exe
- 1 C:\Windows\System32\dwm.exe
- 2 C:\Windows\System32\fontdrvhost.exe
- 1 C:\Windows\System32\lsass.exe
- 1 C:\Windows\System32\oobe\UserOOBEBroker.exe
- 1 C:\Windows\System32\services.exe
- 1 C:\Windows\System32\sihost.exe
- 1 C:\Windows\System32\smartscreen.exe
- 1 C:\Windows\System32\smss.exe
- 22 C:\Windows\System32\svchost.exe
- 1 C:\Windows\System32\taskhostw.exe
- 2 C:\Windows\System32\wbem\WmiPrvSE.exe
- 1 C:\Windows\System32\wbem\unsecapp.exe
- 1 C:\Windows\System32\wininit.exe
- 1 C:\Windows\System32\winlogon.exe
- 1 C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
- 1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
- 1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\InputApp\TextInputHost.exe
- 1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
- 1 C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1371_none_7e1bd7147c8285b0\TiWorker.exe
- 1 C:\Windows\explorer.exe
- 1 C:\Windows\servicing\TrustedInstaller.exe
- R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = http://www.google.it/
- O1 - Hosts: Reset contents to default
- O1 - Hosts: 0.0.0.0 analytics.ff.avast.com
- O1 - Hosts: 0.0.0.0 analytics.ns1.ff.avast.com
- O1 - Hosts: 0.0.0.0 v7event.stats.avcdn.net
- O1 - Hosts: 0.0.0.0 v7.stats.avcdn.net
- O1 - Hosts: 0.0.0.0 flow.lavasoft.com
- O1 - Hosts: 0.0.0.0 telemetry.malwarebytes.com
- O1 - Hosts: 0.0.0.0 ws.mcafee.com
- O1 - Hosts: 0.0.0.0 analytics.ccs.mcafee.com
- O1 - Hosts: 0.0.0.0 analyticsdcs.ccs.mcafee.com
- O1 - Hosts: 0.0.0.0 carcharodon.trendmicro.com
- O1 - Hosts: 0.0.0.0 a.ads1.msn.com
- O1 - Hosts: 0.0.0.0 a.ads2.msads.net
- O1 - Hosts: 0.0.0.0 a.ads2.msn.com
- O1 - Hosts: 0.0.0.0 a.rad.msn.com
- O1 - Hosts: 0.0.0.0 a-0001.a-msedge.net
- O1 - Hosts: 0.0.0.0 a-0002.a-msedge.net
- O1 - Hosts: 0.0.0.0 a-0003.a-msedge.net
- O1 - Hosts: 0.0.0.0 a-0004.a-msedge.net
- O1 - Hosts: 0.0.0.0 a-0005.a-msedge.net
- O1 - Hosts: 0.0.0.0 a-0006.a-msedge.net
- O1 - Hosts: 0.0.0.0 a-0007.a-msedge.net
- O1 - Hosts: 0.0.0.0 a-0008.a-msedge.net
- O1 - Hosts: 0.0.0.0 a-0009.a-msedge.net
- O1 - Hosts: 0.0.0.0 ac3.msn.com
- O1 - Hosts: 0.0.0.0 ad.doubleclick.net
- O1 - Hosts: 0.0.0.0 adnexus.net
- O1 - Hosts: 0.0.0.0 adnxs.com
- O1 - Hosts: 0.0.0.0 ads.msn.com
- O1 - Hosts: 0.0.0.0 ads1.msads.net
- O1 - Hosts: 0.0.0.0 ads1.msn.com
- O1 - Hosts: 0.0.0.0 aidps.atdmt.com
- O1 - Hosts: 0.0.0.0 aka-cdn-ns.adtech.de
- O1 - Hosts: 0.0.0.0 a-msedge.net
- O1 - Hosts: 0.0.0.0 apps.skype.com
- O1 - Hosts: 0.0.0.0 az361816.vo.msecnd.net
- O1 - Hosts: 0.0.0.0 az512334.vo.msecnd.net
- O1 - Hosts: 0.0.0.0 b.ads1.msn.com
- O1 - Hosts: 0.0.0.0 b.ads2.msads.net
- O1 - Hosts: 0.0.0.0 b.rad.msn.com
- O1 - Hosts: 0.0.0.0 bs.serving-sys.com
- O1 - Hosts: 0.0.0.0 c.atdmt.com
- O1 - Hosts: 0.0.0.0 c.msn.com
- O1 - Hosts: 0.0.0.0 cdn.atdmt.com
- O1 - Hosts: 0.0.0.0 cds26.ams9.msecn.net
- O1 - Hosts: 0.0.0.0 compatexchange.cloudapp.net
- O1 - Hosts: 0.0.0.0 corpext.msitadfs.glbdns2.microsoft.com
- O1 - Hosts: 0.0.0.0 cs1.wpc.v0cdn.net
- O1 - Hosts: 0.0.0.0 db3aqu.atdmt.com
- O1 - Hosts: 0.0.0.0 ec.atdmt.com
- O1 - Hosts: 0.0.0.0 fe2.update.microsoft.com.akadns.net
- O1 - Hosts: 0.0.0.0 feedback.microsoft-hohm.com
- O1 - Hosts: 0.0.0.0 flex.msn.com
- O1 - Hosts: 0.0.0.0 g.msn.com
- O1 - Hosts: 0.0.0.0 h1.msn.com
- O1 - Hosts: 0.0.0.0 lb1.www.ms.akadns.net
- O1 - Hosts: 0.0.0.0 live.rads.msn.com
- O1 - Hosts: 0.0.0.0 m.adnxs.com
- O1 - Hosts: 0.0.0.0 m.hotmail.com
- O1 - Hosts: 0.0.0.0 msedge.net
- O1 - Hosts: 0.0.0.0 msftncsi.com
- O1 - Hosts: 0.0.0.0 msnbot-65-55-108-23.search.msn.com
- O1 - Hosts: 0.0.0.0 msntest.serving-sys.com
- O1 - Hosts: 0.0.0.0 pre.footprintpredict.com
- O1 - Hosts: 0.0.0.0 preview.msn.com
- O1 - Hosts: 0.0.0.0 pricelist.skype.com
- O1 - Hosts: 0.0.0.0 rad.live.com
- O1 - Hosts: 0.0.0.0 rad.msn.com
- O1 - Hosts: 0.0.0.0 s.gateway.messenger.live.com
- O1 - Hosts: 0.0.0.0 s0.2mdn.net
- O1 - Hosts: 0.0.0.0 schemas.microsoft.akadns.net
- O1 - Hosts: 0.0.0.0 secure.adnxs.com
- O1 - Hosts: 0.0.0.0 secure.flashtalking.com
- O1 - Hosts: 0.0.0.0 sls.update.microsoft.com.akadns.net
- O1 - Hosts: 0.0.0.0 static.2mdn.net
- O1 - Hosts: 0.0.0.0 statsfe1.ws.microsoft.com
- O1 - Hosts: 0.0.0.0 statsfe2.update.microsoft.com.akadns.net
- O1 - Hosts: 0.0.0.0 statsfe2.ws.microsoft.com
- O1 - Hosts: 0.0.0.0 survey.watson.microsoft.com
- O1 - Hosts: 0.0.0.0 view.atdmt.com
- O1 - Hosts: 0.0.0.0 www.msftncsi.com
- O1 - Hosts: 0.0.0.0 choice.microsoft.com
- O1 - Hosts: 0.0.0.0 choice.microsoft.com.nstac.net
- O1 - Hosts: 0.0.0.0 df.telemetry.microsoft.com
- O1 - Hosts: 0.0.0.0 oca.telemetry.microsoft.com
- O1 - Hosts: 0.0.0.0 oca.telemetry.microsoft.com.nsatc.net
- O1 - Hosts: 0.0.0.0 redir.metaservices.microsoft.com
- O1 - Hosts: 0.0.0.0 reports.wes.df.telemetry.microsoft.com
- O1 - Hosts: 0.0.0.0 services.wes.df.telemetry.microsoft.com
- O1 - Hosts: 0.0.0.0 settings-sandbox.data.microsoft.com
- O1 - Hosts: 0.0.0.0 settings-win.data.microsoft.com
- O1 - Hosts: 0.0.0.0 sqm.df.telemetry.microsoft.com
- O1 - Hosts: 0.0.0.0 sqm.telemetry.microsoft.com
- O1 - Hosts: 0.0.0.0 sqm.telemetry.microsoft.com.nsatc.net
- O1 - Hosts: 0.0.0.0 telecommand.telemetry.microsoft.com
- O1 - Hosts: 0.0.0.0 telecommand.telemetry.microsoft.com.nsatc.net
- O1 - Hosts: 0.0.0.0 telemetry.appex.bing.net
- O1 - Hosts: 0.0.0.0 telemetry.microsoft.com
- O1 - Hosts: 0.0.0.0 telemetry.urs.microsoft.com
- O1 - Hosts: 0.0.0.0 vortex-sandbox.data.microsoft.com
- O1 - Hosts: 0.0.0.0 vortex-win.data.microsoft.com
- O1 - Hosts: 0.0.0.0 vortex.data.microsoft.com
- O1 - Hosts: 0.0.0.0 watson.telemetry.microsoft.com
- O1 - Hosts: 0.0.0.0 watson.telemetry.microsoft.com.nsatc.net
- O1 - Hosts: 0.0.0.0 watson.ppe.telemetry.microsoft.com
- O1 - Hosts: 0.0.0.0 wes.df.telemetry.microsoft.com
- O1 - Hosts: 0.0.0.0 vortex-bn2.metron.live.com.nsatc.net
- O1 - Hosts: 0.0.0.0 vortex-cy2.metron.live.com.nsatc.net
- O1 - Hosts: 0.0.0.0 watson.live.com
- O1 - Hosts: 0.0.0.0 watson.microsoft.com
- O1 - Hosts: 0.0.0.0 feedback.search.microsoft.com
- O1 - Hosts: 0.0.0.0 feedback.windows.com
- O1 - Hosts: 0.0.0.0 corp.sts.microsoft.com
- O1 - Hosts: 0.0.0.0 diagnostics.support.microsoft.com
- O1 - Hosts: 0.0.0.0 i1.services.social.microsoft.com
- O1 - Hosts: 0.0.0.0 i1.services.social.microsoft.com.nsatc.net
- O1 - Hosts: 0.0.0.0 vortex-bn2.metron.live.com.nsatc.net
- O1 - Hosts: 0.0.0.0 vortex-cy2.metron.live.com.nsatc.net
- O1 - Hosts: 0.0.0.0 ca.telemetry.microsoft.com
- O1 - Hosts: 0.0.0.0 cache.datamart.windows.com
- O1 - Hosts: 0.0.0.0 diagnostics.support.microsoft.com
- O1 - Hosts: 0.0.0.0 spynet2.microsoft.com
- O1 - Hosts: 0.0.0.0 spynetalt.microsoft.com
- O4 - HKLM\..\Run: [RtkAudUService] = C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3d345565ec73a109\RtkAudUService64.exe -background
- O4 - HKLM\..\Run: [egui] = C:\Program Files\ESET\ESET Security\ecmds.exe /run /hide /proxy
- O17 - DHCP DNS 1: 1.1.1.1 (Well-known DNS: Cloudflare / APNIC)
- O17 - DHCP DNS 2: 1.0.0.1 (Well-known DNS: Cloudflare / APNIC)
- O17 - DHCP DNS 3: 192.168.1.254
- O17 - HKLM\System\CCS\Services\Tcpip\..\{19e2e284-7121-4819-8f90-cd60bf6b5789}: [NameServer] = 1.0.0.1 (Well-known DNS: Cloudflare / APNIC)
- O17 - HKLM\System\CCS\Services\Tcpip\..\{19e2e284-7121-4819-8f90-cd60bf6b5789}: [NameServer] = 1.1.1.1 (Well-known DNS: Cloudflare / APNIC)
- O17 - HKLM\System\CCS\Services\Tcpip\..\{6b76f73d-1a72-4fba-b78f-2bbfa8ca8978}: [NameServer] = 1.0.0.1 (Well-known DNS: Cloudflare / APNIC)
- O17 - HKLM\System\CCS\Services\Tcpip\..\{6b76f73d-1a72-4fba-b78f-2bbfa8ca8978}: [NameServer] = 1.1.1.1 (Well-known DNS: Cloudflare / APNIC)
- O17 - HKLM\System\CCS\Services\Tcpip\..\{82f6ebee-8687-4ce1-bbd0-82cf2e5f4763}: [NameServer] = 1.0.0.1 (Well-known DNS: Cloudflare / APNIC)
- O17 - HKLM\System\CCS\Services\Tcpip\..\{82f6ebee-8687-4ce1-bbd0-82cf2e5f4763}: [NameServer] = 1.1.1.1 (Well-known DNS: Cloudflare / APNIC)
- O17 - HKLM\System\CCS\Services\Tcpip\..\{82f6ebee-8687-4ce1-bbd0-82cf2e5f4763}: [NameServer] = 192.168.1.254
- O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{00B49112-A4B2-446F-9813-CBB2C4D2740A}: [NameServer] = 1.0.0.1 (Well-known DNS: Cloudflare / APNIC)
- O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{00B49112-A4B2-446F-9813-CBB2C4D2740A}: [NameServer] = 1.1.1.1 (Well-known DNS: Cloudflare / APNIC)
- O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{19E2E284-7121-4819-8F90-CD60BF6B5789}: [NameServer] = 1.0.0.1 (Well-known DNS: Cloudflare / APNIC)
- O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{19E2E284-7121-4819-8F90-CD60BF6B5789}: [NameServer] = 1.1.1.1 (Well-known DNS: Cloudflare / APNIC)
- O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{6B76F73D-1A72-4FBA-B78F-2BBFA8CA8978}: [NameServer] = 1.0.0.1 (Well-known DNS: Cloudflare / APNIC)
- O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{6B76F73D-1A72-4FBA-B78F-2BBFA8CA8978}: [NameServer] = 1.1.1.1 (Well-known DNS: Cloudflare / APNIC)
- O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{82F6EBEE-8687-4CE1-BBD0-82CF2E5F4763}: [NameServer] = 1.0.0.1 (Well-known DNS: Cloudflare / APNIC)
- O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{82F6EBEE-8687-4CE1-BBD0-82CF2E5F4763}: [NameServer] = 1.1.1.1 (Well-known DNS: Cloudflare / APNIC)
- O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{82F6EBEE-8687-4CE1-BBD0-82CF2E5F4763}: [NameServer] = 192.168.1.254
- O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_AC - C:\Windows\system32\MusNotification.exe /RunOnAC RebootDialog (Microsoft)
- O22 - Task: (disabled) (update) \Microsoft\Windows\UpdateOrchestrator\Reboot_Battery - C:\Windows\system32\MusNotification.exe /RunOnBattery RebootDialog (Microsoft)
- O22 - Task: (disabled) BraveSoftwareUpdateTaskMachineCore - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe /c
- O22 - Task: (disabled) BraveSoftwareUpdateTaskMachineUA - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe /ua /installsource scheduler
- O22 - Task: (disabled) Driver Booster SkipUAC (HOME) - C:\Program Files (x86)\IObit\Driver Booster\9.0.1\DriverBooster.exe /skipuac
- O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\Windows\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
- O22 - Task: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\Windows\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
- O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\Windows\system32\usoclient.exe StartMaintenanceWork (Microsoft)
- O22 - Task: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\Windows\system32\usoclient.exe StartWork (Microsoft)
- O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\Windows\system32\rundll32.exe C:\Windows\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
- O22 - Task: (update) \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\Windows\system32\MusNotification.exe (Microsoft)
- O23 - Service R2: AMD External Events Utility - C:\Windows\System32\DriverStore\FileRepository\u0361437.inf_amd64_b82dc71fab24f1f3\B361368\atiesrxx.exe
- O23 - Service R2: AtherosSvc - C:\Windows\System32\drivers\AdminService.exe
- O23 - Service R2: Dolby DAX API Service - (DolbyDAXAPI) - C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_0222c12a396c055f\DAX3API.exe
- O23 - Service R2: ELAN Service - (ETDService) - C:\Windows\System32\ETDService.exe
- O23 - Service R2: ESET Service - (ekrn) - C:\Program Files\ESET\ESET Security\ekrn.exe
- O23 - Service R2: Fortemedia APO Control Service - (FMAPOService) - C:\Windows\System32\FMService64.exe
- O23 - Service R2: Lenovo Fn and function keys service - (LenovoFnAndFunctionKeys) - C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_b9fd1528982e300f\LenovoUtilityService.exe
- O23 - Service R2: Lenovo Notebook ITS Service - (LITSSVC) - C:\Windows\System32\LNBITSSvc.exe
- O23 - Service R2: Qualcomm Atheros WLAN Driver Service - (QcomWlanSrv) - C:\Windows\System32\drivers\QcomWlanSrvx64.exe
- O23 - Service R2: Realtek Audio Universal Service - (RtkAudioUniversalService) - C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3d345565ec73a109\RtkAudUService64.exe
- O23 - Service R2: SynTPEnhService - C:\Windows\System32\SynTPEnhService.exe
- O23 - Service R3: ESET Firewall Helper - (ekrnEpfw) - C:\Program Files\ESET\ESET Security\ekrn.exe
- O23 - Service S3: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
- O23 - Service S3: Servizio Brave Update (bravem) - (bravem) - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe /medsvc
- O23 - Service S3: Shadow Defender Service - ({0CBD4F48-3751-475D-BE88-4F271385B672}) - C:\Program Files\Shadow Defender\Service.exe
- --
- End of file - Time spent: 11,7 sec. - 31180 bytes, CRC32: FFFFFFFF. Sign: êšć
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement