Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18 Platform: x64 Windows 7 (Ultimate), 6.1.7601.0, Service Pack: 1 Time: 28.01.2019 - 17:09 (UTC-06:00) Language: OS: Spanish (0xC0A). Display: Spanish (0xC0A). Non-Unicode: Spanish (0x80A) Elevated: Yes Ran by: User (group: Administrator) on USER-PC, FirstRun: yes Chrome: 71.0.3578.98 Internet Explorer: 8.0.7601.17514 Default: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Chrome) Boot mode: Normal Running processes: Number | Path 1 C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe 1 C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe 1 C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe 1 C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe 1 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 1 C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe 1 C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe 1 C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe 1 C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe 1 C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe 1 C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe 1 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 1 C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe 1 C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe 1 C:\Program Files\AMD Quick Stream\AMDQuickStream.exe 1 C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe 1 C:\Program Files\CCleaner\CCleaner64.exe 1 C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe 1 C:\Program Files\ESET\ESET Security\egui.exe 1 C:\Program Files\ESET\ESET Security\ekrn.exe 1 C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe 1 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe 1 C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe 1 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 1 C:\Users\User\Desktop\HiJackThis.exe 1 C:\Windows\System32\SearchIndexer.exe 1 C:\Windows\System32\WUDFHost.exe 1 C:\Windows\System32\atieclxx.exe 1 C:\Windows\System32\atiesrxx.exe 2 C:\Windows\System32\csrss.exe 1 C:\Windows\System32\dllhost.exe 1 C:\Windows\System32\dwm.exe 1 C:\Windows\System32\escsvc64.exe 1 C:\Windows\System32\lsass.exe 1 C:\Windows\System32\lsm.exe 1 C:\Windows\System32\services.exe 1 C:\Windows\System32\smss.exe 1 C:\Windows\System32\spool\drivers\x64\3\E_YATISME.EXE 1 C:\Windows\System32\spoolsv.exe 12 C:\Windows\System32\svchost.exe 1 C:\Windows\System32\taskeng.exe 2 C:\Windows\System32\taskhost.exe 1 C:\Windows\System32\wininit.exe 1 C:\Windows\System32\winlogon.exe 1 C:\Windows\explorer.exe 1 C:\Windows\servicing\TrustedInstaller.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Search Page] = http://www2.savemax.store/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = www.google.com R1 - HKLM\System\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies: (default) = 1http=127.0.0.1:49581;https=127.0.0.1:49581;socks=127.0.0.1:49580 O2 - HKLM\..\BHO: AMD SteadyVideo BHO - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll O2 - HKLM\..\BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll O2-32 - HKLM\..\BHO: AMD SteadyVideo BHO - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll O2-32 - HKLM\..\BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\20.6.0.27\IPS\IPSBHO.DLL (file missing) O3 - HKLM\..\Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll O4 - HKCU\..\Run: [AppEx Accelerator UI] = C:\Program Files\AMD Quick Stream\AMDQuickStream.exe -h O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] = C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe O4 - HKCU\..\Run: [CCleaner Smart Cleaning] = C:\Program Files\CCleaner\CCleaner64.exe /MONITOR O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] = C:\Windows\system32\spool\DRIVERS\x64\3\E_YATISME.EXE /EPT "EPLTarget\P0000000000000000" /M "L4160 Series" O4 - HKCU\..\Run: [ISUSPM Startup] = C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe -startup O4 - HKCU\..\Run: [MegaDownloader] = C:\Users\User\Desktop\MegaDownloader.exe -silent O4 - HKLM\..\Run: [HotKeysCmds] = C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [IgfxTray] = C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [NUSB3MON] = C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe O4 - HKLM\..\Run: [Persistence] = C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [RTHDVCPL] = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s O4 - HKLM\..\Run: [egui] = C:\Program Files\ESET\ESET Security\ecmds.exe /launch /hide O4-32 - HKLM\..\Run: [AvastUI.exe] = C:\Program Files\AVAST Software\Avast\AvLaunch.exe /gui (file missing) O4-32 - HKLM\..\Run: [BCSSync] = C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices O4-32 - HKLM\..\Run: [EEventManager] = C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe O4-32 - HKLM\..\Run: [ISUSScheduler] = C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe -start O4-32 - HKLM\..\Run: [PDVD8LanguageShortcut] = C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe O4-32 - HKLM\..\Run: [RemoteControl8] = C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe O4-32 - HKLM\..\Run: [StartCCC] = C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe MSRun O4-32 - HKLM\..\Run: [USB3MON] = C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe O17 - DHCP DNS 1: 10.2.9.2 O17 - DHCP DNS 2: 10.2.9.68 O18 - HKLM\Software\Classes\Protocols\Filter\video/mp4: [CLSID] = {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll O18 - HKLM\Software\Classes\Protocols\Filter\video/x-flv: [CLSID] = {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll O21 - HKLM\..\ShellIconOverlayIdentifiers\00asw: (no name) - {472083B0-C522-11CF-8763-00608CC02F24} - (no file) O22 - Task (.job): (disabled) (Ready) GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler O22 - Task (.job): (disabled) (Ready) GoogleUpdateTaskMachineUA1d17999195e6983.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler O23 - Service R2: AMD External Events Utility - C:\Windows\system32\atiesrxx.exe O23 - Service R2: AMD FUEL Service - C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe /launchService O23 - Service R2: ASUS Com Service - (asComSvc) - C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service R2: ESET Service - (ekrn) - C:\Program Files\ESET\ESET Security\ekrn.exe O23 - Service R2: Epson Scanner Service - (EpsonScanSvc) - C:\Windows\system32\EscSvc64.exe O23 - Service R2: EpsonCustomerResearchParticipation - C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe O23 - Service R2: Intel(R) Capability Licensing Service Interface - C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe O23 - Service R2: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe O23 - Service R2: TeamViewer 13 - (TeamViewer) - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe O23 - Service R3: ESET Firewall Helper - (ekrnEpfw) - C:\Program Files\ESET\ESET Security\ekrn.exe O23 - Service R3: NMIndexingService - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service S2: %1!s! Update Servicio (avast) - (avast) - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /svc (file missing) O23 - Service S2: Google Update Servicio (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc O23 - Service S3: %1!s! Update Servicio (avastm) - (avastm) - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /medsvc (file missing) O23 - Service S3: Avast Secure Browser Elevation Service - (AvastSecureBrowserElevationService) - C:\Program Files (x86)\AVAST Software\Browser\Application\71.0.1037.99\elevation_service.exe (file missing) O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\elevation_service.exe O23 - Service S3: Google Update Servicio (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc O23 - Service S3: Intel(R) Capability Licensing Service TCP IP Interface - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe O23 - Service S3: Intel(R) Content Protection HECI Service - (cphs) - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service S3: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS - (ICCS) - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe O23 - Service S3: Microsoft SharePoint Workspace Audit Service - C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE /auditservice O23 - Service S3: NBService - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe -- End of file - Time spent: 184.8 sec. - 20040 bytes, CRC32: FFFFFFFF. Sign: 巉𣏕