Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18Platform: x64 Windows

1. Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18
2.  
3. Platform: x64 Windows 10 (Pro), 10.0.17763.504 (ReleaseId: 1809), Service Pack: 0
4. Time: 26.05.2019 - 21:31 (UTC+01:00)
5. Language: OS: English (0x409). Display: English (0x409). Non-Unicode: English (0x409)
6. Elevated: Yes
7. Ran by: Alistair (group: Administrator) on DESKTOP-6EPC1RV, FirstRun: no
8.  
9. Chrome: 74.0.3729.169
10. Edge: 11.0.17763.504
11. Internet Explorer: 11.0.17763.1
12. Default: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Chrome)
13.  
14. Boot mode: Normal
15.  
16. Running processes:
17. Number | Path
18. 2 C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
19. 1 C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
20. 1 C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
21. 1 C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
22. 1 C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
23. 1 C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
24. 1 C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
25. 1 C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
26. 1 C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
27. 1 C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
28. 1 C:\Program Files (x86)\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
29. 1 C:\Program Files (x86)\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
30. 1 C:\Program Files (x86)\Common Files\Steam\SteamService.exe
31. 61 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
32. 1 C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
33. 1 C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
34. 1 C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
35. 1 C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
36. 1 C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
37. 1 C:\Program Files\7-Zip\7zFM.exe
38. 2 C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
39. 1 C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
40. 1 C:\Program Files\Macrium\Common\MacriumService.exe
41. 1 C:\Program Files\Macrium\Common\ReflectMonitor.exe
42. 1 C:\Program Files\Macrium\Common\ReflectUI.exe
43. 1 C:\Program Files\Microsoft SQL Server\110\LocalDB\Binn\sqlservr.exe
44. 1 C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
45. 2 C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
46. 1 C:\Program Files\NVIDIA Corporation\Display\nvsmartmaxapp.exe
47. 1 C:\Program Files\NVIDIA Corporation\Display\nvsmartmaxapp64.exe
48. 3 C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
49. 3 C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
50. 1 C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
51. 1 C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
52. 3 C:\Program Files\PuTTY\putty.exe
53. 1 C:\Program Files\StableBit\DrivePool\DrivePool.Notifications.exe
54. 1 C:\Program Files\StableBit\DrivePool\DrivePool.Service.exe
55. 1 C:\Program Files\SyncTrayzor\SyncTrayzor.exe
56. 1 C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Service.exe
57. 1 C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Tray.exe
58. 1 C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
59. 1 C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1902.42.0_x64__8wekyb3d8bbwe\Calculator.exe
60. 1 C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.27.0_x64__8wekyb3d8bbwe\WinStore.App.exe
61. 1 C:\ProgramData\Battle.net\Agent\Agent.6700\Agent.exe
62. 1 C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
63. 1 C:\ProgramData\FLEXnet\Connect\11\agent.exe
64. 1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\MsMpEng.exe
65. 1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\NisSrv.exe
66. 6 C:\Users\Alistair\AppData\Local\Discord\app-0.0.305\Discord.exe
67. 1 C:\Users\Alistair\AppData\Local\Microsoft\OneDrive\OneDrive.exe
68. 1 C:\Users\Alistair\AppData\Local\RuneLite\RuneLite.exe
69. 1 C:\Users\Alistair\AppData\Local\Temp\7zO4FDD4D1F\HiJackThis.exe
70. 4 C:\Users\Alistair\AppData\Roaming\Spotify\Spotify.exe
71. 1 C:\Users\Alistair\AppData\Roaming\SyncTrayzor\syncthing.exe
72. 1 C:\Users\Alistair\Desktop\HiJackThis\HiJackThis.exe
73. 1 C:\Windows\ImmersiveControlPanel\SystemSettings.exe
74. 1 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
75. 1 C:\Windows\SysWOW64\cmd.exe
76. 1 C:\Windows\System32\ApplicationFrameHost.exe
77. 1 C:\Windows\System32\CompPkgSrv.exe
78. 1 C:\Windows\System32\MicrosoftEdgeCP.exe
79. 1 C:\Windows\System32\MicrosoftEdgeSH.exe
80. 7 C:\Windows\System32\RuntimeBroker.exe
81. 1 C:\Windows\System32\SearchFilterHost.exe
82. 1 C:\Windows\System32\SearchIndexer.exe
83. 2 C:\Windows\System32\SearchProtocolHost.exe
84. 1 C:\Windows\System32\SecurityHealthService.exe
85. 1 C:\Windows\System32\SecurityHealthSystray.exe
86. 1 C:\Windows\System32\SettingSyncHost.exe
87. 1 C:\Windows\System32\SgrmBroker.exe
88. 1 C:\Windows\System32\SystemSettingsBroker.exe
89. 2 C:\Windows\System32\WUDFHost.exe
90. 1 C:\Windows\System32\audiodg.exe
91. 1 C:\Windows\System32\browser_broker.exe
92. 3 C:\Windows\System32\cmd.exe
93. 9 C:\Windows\System32\conhost.exe
94. 2 C:\Windows\System32\csrss.exe
95. 1 C:\Windows\System32\ctfmon.exe
96. 1 C:\Windows\System32\dasHost.exe
97. 2 C:\Windows\System32\dllhost.exe
98. 1 C:\Windows\System32\dwm.exe
99. 2 C:\Windows\System32\fontdrvhost.exe
100. 1 C:\Windows\System32\igfxCUIService.exe
101. 1 C:\Windows\System32\igfxEM.exe
102. 1 C:\Windows\System32\lsass.exe
103. 1 C:\Windows\System32\mmc.exe
104. 2 C:\Windows\System32\notepad.exe
105. 1 C:\Windows\System32\rundll32.exe
106. 1 C:\Windows\System32\services.exe
107. 1 C:\Windows\System32\sihost.exe
108. 1 C:\Windows\System32\smartscreen.exe
109. 1 C:\Windows\System32\smss.exe
110. 1 C:\Windows\System32\spoolsv.exe
111. 79 C:\Windows\System32\svchost.exe
112. 2 C:\Windows\System32\taskhostw.exe
113. 1 C:\Windows\System32\vds.exe
114. 2 C:\Windows\System32\wbem\WmiPrvSE.exe
115. 1 C:\Windows\System32\wbem\unsecapp.exe
116. 1 C:\Windows\System32\wininit.exe
117. 1 C:\Windows\System32\winlogon.exe
118. 1 C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
119. 1 C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
120. 1 C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
121. 1 C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
122. 1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
123. 1 C:\Windows\explorer.exe
124. 1 G:\ROOT\Program Files (x86)\Arduino\java\bin\javaw.exe
125. 2 G:\ROOT\Program Files (x86)\Battle.net\.Battle.net.exe.733.2880.temp
126. 1 G:\ROOT\Program Files (x86)\Steam\Steam.exe
127. 5 G:\ROOT\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
128. 1 G:\ROOT\Program Files\KeePassXC\keepassxc-proxy.exe
129.  
130. O1 - Hosts: 172.20.5.2 facebook.home.v2.pw
131. O2 - HKLM\..\BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll
132. O2 - HKLM\..\BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll
133. O2-32 - HKLM\..\BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
134. O2-32 - HKLM\..\BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
135. O3 - HKLM\..\Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll
136. O3-32 - HKLM\..\Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
137. O4 - HKCU\..\Run: [4F3C3CDF5914B8BD0422FA6A09A34E132DAEF785._service_run] = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --type=service /prefetch:8
138. O4 - HKCU\..\Run: [Adobe Acrobat Synchronizer] = C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
139. O4 - HKCU\..\Run: [OneDrive] = C:\Users\Alistair\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (Microsoft)
140. O4 - HKCU\..\Run: [Spotify] = C:\Users\Alistair\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized
141. O4 - HKCU\..\Run: [SyncTrayzor] = C:\Program Files\SyncTrayzor\SyncTrayzor.exe -minimized
142. O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] = C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
143. O4 - HKLM\..\Run: [AdobeGCInvoker-1.0] = C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe
144. O4 - HKLM\..\Run: [Reflect UI] = C:\Program Files\Macrium\Common\ReflectUI.exe
145. O4 - HKLM\..\Run: [SecurityHealth] = C:\Windows\system32\SecurityHealthSystray.exe
146. O4 - HKLM\..\Run: [StableBit DrivePool Notifications] = C:\Program Files\StableBit\DrivePool\DrivePool.Notifications.exe
147. O4 - HKLM\..\Run: [Veeam.EndPoint.Tray.exe] = C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Tray.exe -NoControlPanel -CheckNumberOfRunningAgents
148. O4-32 - HKLM\..\Run: [Acrobat Assistant 8.0] = C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe
149. O4-32 - HKLM\..\Run: [Adobe Creative Cloud] = C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe --showwindow=false --onOSstartup=true
150. O4-32 - HKLM\..\Run: [Discord] = C:\ProgramData\SquirrelMachineInstalls\Discord.exe --checkInstall
151. O4-32 - HKLM\..\Run: [ISUSPM] = C:\ProgramData\FLEXnet\Connect\11\isuspm.exe -scheduler
152. O4-32 - HKLM\..\Run: [Nuance OmniPage Ultimate-reminder] = G:\ROOT\Program Files (x86)\Nuance\OmniPage19\Ereg\Ereg.exe -r "C:\ProgramData\ScanSoft\OmniPage Ultimate\Ereg\Ereg.ini"
153. O4-32 - HKLM\..\Run: [OmniPage Preload] = G:\ROOT\Program Files (x86)\Nuance\OmniPage19\OmniPage19.exe /preload
154. O17 - DHCP DNS 1: 8.8.8.8 (Well-known DNS: Google)
155. O17 - DHCP DNS 2: 8.8.4.4 (Well-known DNS: Google)
156. O17 - DHCP DNS 3: 172.20.5.6
157. O17 - HKLM\System\CCS\Services\Tcpip\..\{ffbae7b9-cd2d-4e5b-bbb2-2149e9e1a87d}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)
158. O17 - HKLM\System\CCS\Services\Tcpip\..\{ffbae7b9-cd2d-4e5b-bbb2-2149e9e1a87d}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
159. O21 - HKLM\..\ShellIconOverlayIdentifiers\ AccExtIco1: AccExtIco1 Class - {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
160. O21 - HKLM\..\ShellIconOverlayIdentifiers\ AccExtIco2: AccExtIco2 Class - {853B7E05-C47D-4985-909A-D0DC5C6D7303} - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
161. O21 - HKLM\..\ShellIconOverlayIdentifiers\ AccExtIco3: AccExtIco3 Class - {42D38F2E-98E9-4382-B546-E24E4D6D04BB} - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
162. O23 - Service R2: Adobe Genuine Monitor Service - (AGMService) - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
163. O23 - Service R2: Adobe Genuine Software Integrity Service - (AGSService) - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
164. O23 - Service R2: Intel(R) Driver & Support Assistant - (DSAService) - C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
165. O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService2.0.0.0) - C:\Windows\system32\igfxCUIService.exe
166. O23 - Service R2: Macrium Service - (MacriumService) - C:\Program Files\Macrium\Common\MacriumService.exe
167. O23 - Service R2: Microsoft Office Click-to-Run Service - (ClickToRunSvc) - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe /service
168. O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
169. O23 - Service R2: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
170. O23 - Service R2: NVIDIA Telemetry Container - (NvTelemetryContainer) - C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r
171. O23 - Service R2: StableBit DrivePool Service - (DrivePoolService) - C:\Program Files\StableBit\DrivePool\DrivePool.Service.exe
172. O23 - Service R2: Veeam Agent for Microsoft Windows - (VeeamEndpointBackupSvc) - C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Service.exe
173. O23 - Service R3: Intel(R) Driver & Support Assistant Updater - (DSAUpdateService) - C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
174. O23 - Service R3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService
175. O23 - Service S2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
176. O23 - Service S2: AdobeUpdateService - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
177. O23 - Service S2: Google Update Service (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
178. O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.169\elevation_service.exe
179. O23 - Service S3: Google Update Service (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
180. O23 - Service S3: Intel(R) Content Protection HECI Service - (cphs) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
181. O23 - Service S3: Intel(R) SUR QC Software Asset Manager - (Intel(R) SUR QC SAM) - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe
182. O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
183. O23 - Service S3: NVIDIA NetworkService Container - (NvContainerNetworkService) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
184. O23 - Service S3: Office 64 Source Engine - (ose64) - c:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
185.  
186.  
187. --
188. End of file - Time spent: 15 sec. - 31912 bytes, CRC32: FFFFFFFF. Sign: 鬡㈧