Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18 Platform: x64 Windows 7 (Pro), 6.1.7601.24468, Service Pack: 1 Time: 25.06.2019 - 17:15 (UTC-05:00) Language: OS: Spanish (0xC0A). Display: Spanish (0xC0A). Non-Unicode: Spanish (0x80A) Elevated: Yes Ran by: Salvador (group: Administrator) on SALVADOR-PC, FirstRun: yes Firefox: 67.0.4.7109 Internet Explorer: 11.0.9600.19377 Default: "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Firefox) Boot mode: Normal Running processes: Number | Path 2 C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe 1 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 1 C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe 1 C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe 1 C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe 1 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe 1 C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe 1 C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe 1 C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe 1 C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe 1 C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe 1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe 1 C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe 1 C:\Program Files (x86)\VideoViewer\VideoViewer.exe 1 C:\Program Files\CCleaner\CCleaner64.exe 1 C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe 1 C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 1 C:\Program Files\IDT\WDM\AESTSr64.exe 1 C:\Program Files\IDT\WDM\stacsv64.exe 1 C:\Program Files\IDT\WDM\sttray64.exe 1 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe 1 C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe 1 C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE 1 C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE 1 C:\Program Files\Microsoft Security Client\MsMpEng.exe 1 C:\Program Files\Microsoft Security Client\msseces.exe 9 C:\Program Files\Mozilla Firefox\firefox.exe 1 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe 1 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe 1 C:\Program Files\Windows Media Player\wmpnetwk.exe 1 C:\ProgramData\DataCardService\DCSHelper.exe 1 C:\Users\Salvador\Downloads\HiJackThis.exe 1 C:\Windows\Samsung\PanelMgr\SSMMgr.exe 1 C:\Windows\Samsung\PanelMgr\caller64.exe 1 C:\Windows\System32\SearchFilterHost.exe 1 C:\Windows\System32\SearchIndexer.exe 1 C:\Windows\System32\SearchProtocolHost.exe 1 C:\Windows\System32\WUDFHost.exe 1 C:\Windows\System32\audiodg.exe 2 C:\Windows\System32\csrss.exe 1 C:\Windows\System32\dwm.exe 1 C:\Windows\System32\hkcmd.exe 1 C:\Windows\System32\hpservice.exe 1 C:\Windows\System32\igfxpers.exe 1 C:\Windows\System32\igfxtray.exe 1 C:\Windows\System32\lsass.exe 1 C:\Windows\System32\lsm.exe 2 C:\Windows\System32\notepad.exe 1 C:\Windows\System32\services.exe 1 C:\Windows\System32\smss.exe 1 C:\Windows\System32\spoolsv.exe 16 C:\Windows\System32\svchost.exe 2 C:\Windows\System32\taskeng.exe 1 C:\Windows\System32\taskhost.exe 1 C:\Windows\System32\valWBFPolicyService.exe 3 C:\Windows\System32\wbem\WmiPrvSE.exe 2 C:\Windows\System32\wbem\unsecapp.exe 1 C:\Windows\System32\wininit.exe 1 C:\Windows\System32\winlogon.exe 1 C:\Windows\explorer.exe O2 - HKLM\..\BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll O2 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_211\bin\jp2ssv.dll O2 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_211\bin\ssv.dll O2-32 - HKLM\..\BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll O4 - HKCU\..\Run: [CCleaner Smart Cleaning] = C:\Program Files\CCleaner\CCleaner64.exe /MONITOR O4 - HKCU\..\Run: [CCleaner] = C:\Program Files\CCleaner\CCleaner64.exe /AUTOS O4 - HKCU\..\Run: [VideoViewer] = C:\Program Files (x86)\VideoViewer\VideoViewer.exe O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] = C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe O4 - HKLM\..\Run: [AdobeGCInvoker-1.0] = C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe O4 - HKLM\..\Run: [HotKeysCmds] = C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [IgfxTray] = C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [MSC] = C:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey O4 - HKLM\..\Run: [Persistence] = C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [SynTPEnh] = C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [SysTrayApp] = C:\Program Files\IDT\WDM\sttray64.exe O4 - MSConfig\startupreg: Adobe Creative Cloud [command] = C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe --showwindow=false --onOSstartup=true (HKLM) (2018/10/19) O4 - MSConfig\startupreg: Skype for Desktop [command] = C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (HKCU) (2019/06/23) O4 - MSConfig\startupreg: electron.app.Loom [command] = C:\Users\Salvador\AppData\Local\Programs\Loom\Loom.exe --process-start-args "--loomHidden" (HKCU) (2019/06/23) O4-32 - HKLM\..\Run: [HP Software Update] = C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4-32 - HKLM\..\Run: [Samsung PanelMgr] = C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun O4-32 - HKLM\..\Run: [StatusAlerts] = C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on O4-32 - HKLM\..\Run: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\&Anexar destino de vínculo a PDF existente: (default) = C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll (file missing) O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Agregar página web a PDF existente: (default) = C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll (file missing) O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Convertir &página web a PDF de Adobe: (default) = C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll (file missing) O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Convertir destino de vínculo a Adobe PDF: (default) = C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll (file missing) O9 - Button: HKLM\..\{25510184-5A38-4A99-B273-DCA8EEF6CD08}: Ejecuta Comprobación de red de HP, que le ayuda a resolver problemas de conexión - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Tools menu item: HKLM\..\{25510184-5A38-4A99-B273-DCA8EEF6CD08}: Comprobación de red de HP - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9-32 - Button: HKLM\..\{25510184-5A38-4A99-B273-DCA8EEF6CD08}: Ejecuta Comprobación de red de HP, que le ayuda a resolver problemas de conexión - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9-32 - Tools menu item: HKLM\..\{25510184-5A38-4A99-B273-DCA8EEF6CD08}: Comprobación de red de HP - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O15 - Trusted Zone: *.localhost O15 - Trusted Zone: http://webcompanion.com O16-32 - DPF: HKLM\..\{FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9}\DownloadInformation: Performance Viewer Activex Control [CODEBASE] = https://secure.logmein.com//activex/ractrl.cab?lmi=4187 O17 - DHCP DNS 1: 185.130.104.222 O17 - DHCP DNS 2: 185.4.65.4 O17 - DHCP DNS 3: 116.203.6.218 O17 - DHCP DNS 4: 185.4.64.13 O17 - HKLM\System\CCS\Services\Tcpip\..\{536D3191-43DC-4D4F-AE20-CFFDA8205014}: [NameServer] = 116.203.6.218 O17 - HKLM\System\CCS\Services\Tcpip\..\{536D3191-43DC-4D4F-AE20-CFFDA8205014}: [NameServer] = 185.130.104.222 O17 - HKLM\System\CCS\Services\Tcpip\..\{536D3191-43DC-4D4F-AE20-CFFDA8205014}: [NameServer] = 185.4.64.13 O17 - HKLM\System\CCS\Services\Tcpip\..\{536D3191-43DC-4D4F-AE20-CFFDA8205014}: [NameServer] = 185.4.65.4 O17 - HKLM\System\CCS\Services\Tcpip\..\{694F79A3-D2A1-47C2-80DA-D6355229B1AC}: [NameServer] = 116.203.6.218 O17 - HKLM\System\CCS\Services\Tcpip\..\{694F79A3-D2A1-47C2-80DA-D6355229B1AC}: [NameServer] = 185.130.104.222 O17 - HKLM\System\CCS\Services\Tcpip\..\{694F79A3-D2A1-47C2-80DA-D6355229B1AC}: [NameServer] = 185.4.64.13 O17 - HKLM\System\CCS\Services\Tcpip\..\{694F79A3-D2A1-47C2-80DA-D6355229B1AC}: [NameServer] = 185.4.65.4 O17 - HKLM\System\CCS\Services\Tcpip\..\{8539FA45-C71B-43A1-895A-EAC163CC8234}: [NameServer] = 116.203.6.218 O17 - HKLM\System\CCS\Services\Tcpip\..\{8539FA45-C71B-43A1-895A-EAC163CC8234}: [NameServer] = 185.130.104.222 O17 - HKLM\System\CCS\Services\Tcpip\..\{8539FA45-C71B-43A1-895A-EAC163CC8234}: [NameServer] = 185.4.64.13 O17 - HKLM\System\CCS\Services\Tcpip\..\{8539FA45-C71B-43A1-895A-EAC163CC8234}: [NameServer] = 185.4.65.4 O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{536D3191-43DC-4D4F-AE20-CFFDA8205014}: [NameServer] = 116.203.6.218 O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{536D3191-43DC-4D4F-AE20-CFFDA8205014}: [NameServer] = 185.130.104.222 O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{536D3191-43DC-4D4F-AE20-CFFDA8205014}: [NameServer] = 185.4.64.13 O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{536D3191-43DC-4D4F-AE20-CFFDA8205014}: [NameServer] = 185.4.65.4 O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{694F79A3-D2A1-47C2-80DA-D6355229B1AC}: [NameServer] = 116.203.6.218 O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{694F79A3-D2A1-47C2-80DA-D6355229B1AC}: [NameServer] = 185.130.104.222 O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{694F79A3-D2A1-47C2-80DA-D6355229B1AC}: [NameServer] = 185.4.64.13 O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{694F79A3-D2A1-47C2-80DA-D6355229B1AC}: [NameServer] = 185.4.65.4 O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{8539FA45-C71B-43A1-895A-EAC163CC8234}: [NameServer] = 116.203.6.218 O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{8539FA45-C71B-43A1-895A-EAC163CC8234}: [NameServer] = 185.130.104.222 O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{8539FA45-C71B-43A1-895A-EAC163CC8234}: [NameServer] = 185.4.64.13 O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{8539FA45-C71B-43A1-895A-EAC163CC8234}: [NameServer] = 185.4.65.4 O21 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Pending): (no name) - {056D528D-CE28-4194-9BA3-BA2E9197FF8C} - (no file) O21 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Synced): (no name) - {05B38830-F4E9-4329-978B-1DD28605D202} - (no file) O21 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Syncing): (no name) - {0596C850-7BDD-4C9D-AFDF-873BE6890637} - (no file) O21 - HKLM\..\ShellIconOverlayIdentifiers\ AccExtIco1: AccExtIco1 Class - {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll O21 - HKLM\..\ShellIconOverlayIdentifiers\ AccExtIco2: AccExtIco2 Class - {853B7E05-C47D-4985-909A-D0DC5C6D7303} - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll O21 - HKLM\..\ShellIconOverlayIdentifiers\ AccExtIco3: AccExtIco3 Class - {42D38F2E-98E9-4382-B546-E24E4D6D04BB} - C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll O21 - HKLM\..\ShellIconOverlayIdentifiers\00asw: (no name) - {472083B0-C522-11CF-8763-00608CC02F24} - (no file) O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Pending): (no name) - {056D528D-CE28-4194-9BA3-BA2E9197FF8C} - (no file) O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Synced): (no name) - {05B38830-F4E9-4329-978B-1DD28605D202} - (no file) O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ MEGA (Syncing): (no name) - {0596C850-7BDD-4C9D-AFDF-873BE6890637} - (no file) O22 - Task (.job): (Not scheduled) HPCeeScheduleForSalvador.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForSalvador (null) O22 - Task (.job): (Ready) G2MUpdateTask-S-1-5-21-869245772-2272638929-4024518757-1000.job - C:\Users\Salvador\AppData\Local\GoToMeeting\13190\g2mupdate.exe O22 - Task (.job): (Ready) G2MUploadTask-S-1-5-21-869245772-2272638929-4024518757-1000.job - C:\Users\Salvador\AppData\Local\GoToMeeting\13190\g2mupload.exe O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service R2: Adobe Genuine Monitor Service - (AGMService) - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe O23 - Service R2: Adobe Genuine Software Integrity Service - (AGSService) - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe O23 - Service R2: AdobeUpdateService - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe O23 - Service R2: Andrea ST Filters Service - (AESTFilters) - C:\Program Files\IDT\WDM\AESTSr64.exe O23 - Service R2: Audio Service - (STacSV) - C:\Program Files\IDT\WDM\STacSV64.exe O23 - Service R2: Diagnostics Tracking Service - (DiagTrack) - C:\Windows\System32\svchost.exe -k utcsvc; "ServiceDll" = C:\Windows\system32\diagtrack.dll O23 - Service R2: HP LaserJet Service - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe O23 - Service R2: HP Service - (hpsrv) - C:\Windows\system32\Hpservice.exe O23 - Service R2: HP Support Solutions Framework Service - (HPSupportSolutionsFrameworkService) - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe O23 - Service R2: Intel(R) Management & Security Application User Notification Service - (UNS) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service R2: Intel(R) Management and Security Application Local Management Service - (LMS) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service R2: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe O23 - Service R2: Servicio Hacer clic y ejecutar de Microsoft Office - (ClickToRunSvc) - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe /service O23 - Service R2: TeamViewer 14 - (TeamViewer) - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe O23 - Service R2: Validity WBF Policy Service - (valWBFPolicyService) - C:\Windows\system32\valWBFPolicyService.exe O23 - Service S2: HWDeviceService64.exe - C:\ProgramData\DatacardService\HWDeviceService64.exe -/service O23 - Service S3: Adobe Flash Player Update Service - (AdobeFlashPlayerUpdateSvc) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service S3: HP CASL Framework Service - (hpqcaslwmiex) - C:\Program Files (x86)\HP\Shared\hpqwmiex.exe O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service S3: Office 64 Source Engine - (ose64) - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE O23 - Service S3: Remote Packet Capture Protocol v.0 (experimental) - (rpcapd) - C:\Program Files (x86)\WinPcap\rpcapd.exe -d -f "C:\Program Files (x86)\WinPcap\rpcapd.ini" -- End of file - Time spent: 90.1 sec. - 32752 bytes, CRC32: FFFFFFFF. Sign: 筆뫴