Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18 Platform: x32 Windows 7 (Ultimate), 6.1.7601.24544, Service Pack: 1 Time: 07.03.2020 - 17:25 (UTC-04:00) Language: OS: Spanish (0xC0A). Display: Spanish (0xC0A). Non-Unicode: Spanish (0xC0A) Elevated: Yes Ran by: Disloth (group: Administrator) on DISLORTH-WORK, FirstRun: yes Chrome: 79.0.3945.117 Firefox: 70.0.1.7242 Internet Explorer: 11.0.9600.19597 Default: "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Chrome) Boot mode: Safe mode with network support Running processes: Number | Path 20 C:\Program Files\Google\Chrome\Application\chrome.exe 4 C:\Users\Disloth\AppData\Local\Google\Chrome\User Data\SwReporter\77.225.200\software_reporter_tool.exe 1 C:\Users\Disloth\Downloads\HiJackThis.exe 2 C:\Windows\System32\csrss.exe 1 C:\Windows\System32\ctfmon.exe 2 C:\Windows\System32\dllhost.exe 1 C:\Windows\System32\lsass.exe 1 C:\Windows\System32\lsm.exe 1 C:\Windows\System32\services.exe 1 C:\Windows\System32\smss.exe 11 C:\Windows\System32\svchost.exe 1 C:\Windows\System32\wbem\WmiPrvSE.exe 1 C:\Windows\System32\wininit.exe 1 C:\Windows\System32\winlogon.exe 1 C:\Windows\explorer.exe R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxyOverride] = *.local;192.168.*.* R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}: [SuggestionsURL] = https://ie.search.yahoo.com/os?appid=ie8&command={searchTerms} - Yahoo! R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}: [TopResultURL] = https://ve.search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10440__171026__yaie&p={searchTerms} - Yahoo! R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}: [URL] = https://ve.search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10440__171026__yaie&p={searchTerms} - Yahoo! O1 - Hosts: Reset contents to default O1 - Hosts: 127.0.0.1 lmlicenses.wip4.adobe.com O1 - Hosts: 127.0.0.1 lm.licenses.adobe.com O1 - Hosts: 127.0.0.1 activate.adobe.com O1 - Hosts: 127.0.0.1 practivate.adobe.com O1 - Hosts: 127.0.0.1 lm.licenses.adobe.com O1 - Hosts: 127.0.0.1 lmlicenses.wip4.adobe.com O1 - Hosts: 127.0.0.1 ereg.adobe.com O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com O1 - Hosts: 127.0.0.1 wip3.adobe.com O1 - Hosts: 127.0.0.1 3dns-3.adobe.com O1 - Hosts: 127.0.0.1 3dns-2.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com O1 - Hosts: 127.0.0.1 activate-sea.adobe.com O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com O1 - Hosts: 127.0.0.1 hl2rcv.adobe.com O1 - Hosts: 127.0.0.1 lm.licenses.adobe.com O1 - Hosts: 127.0.0.1 na2m-pr.licenses.adobe.com O1 - Hosts: 127.0.0.1 na4r.services.adobe.com O1 - Hosts: 127.0.0.1 ims-na1-prprod.adobelogin.com O1 - Hosts: 127.0.0.1 na1r.services.adobe.com O1 - Hosts: 127.0.0.1 hlrcv.stage.adobe.com127.0.0.1 activation.cloud.techsmith.com O1 - Hosts: 127.0.0.1 oscount.techsmith.com O1 - Hosts: 127.0.0.1 65.52.240.48 O1 - Hosts: 127.0.0.1 69.167.144.18 O1 - Hosts: 127.0.0.1 updater.techsmith.com O1 - Hosts: 127.0.0.1 camtasiatudi.techsmith.com O1 - Hosts: 127.0.0.1 tsccloud.cloudapp.net O1 - Hosts: 127.0.0.1 assets.cloud.techsmith.com O2 - HKLM\..\BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll O2 - HKLM\..\BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll O2 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_161\bin\jp2ssv.dll O2 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_161\bin\ssv.dll O2 - HKLM\..\BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll O3 - HKLM\..\Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll O4 - HKCU\..\Run: [Adobe Acrobat Synchronizer] = C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe O4 - HKCU\..\Run: [CCleaner Monitoring] = C:\Program Files\CCleaner\CCleaner.exe /MONITOR O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_4F5040AEE09E803C5969C89766380771] = C:\Program Files\Google\Chrome\Application\chrome.exe --no-startup-window /prefetch:5 O4 - HKCU\..\Run: [IDMan] = C:\Program Files\Internet Download Manager\IDMan.exe /onboot O4 - HKCU\..\Run: [MinerGateGui] = C:\Program Files\MinerGate\minergate.exe --auto O4 - HKCU\..\Run: [Skype for Desktop] = C:\Program Files\Microsoft\Skype for Desktop\Skype.exe O4 - HKCU\..\Run: [Web Companion] = C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize (file missing) O4 - HKCU\..\Run: [XperiaCompanionAgent] = C:\Program Files\Sony\Xperia Companion\XperiaCompanionAgent.exe O4 - HKLM\..\Run: [Acrobat Assistant 8.0] = C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrotray.exe O4 - HKLM\..\Run: [Adobe Creative Cloud] = C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe --showwindow=false --onOSstartup=true O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] = C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe O4 - HKLM\..\Run: [AdobeGCInvoker-1.0] = C:\Program Files\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe O4 - HKLM\..\Run: [Creative WebCam Tray] = C:\Program Files\Creative\WebCam Control\CAMTRAY.EXE O4 - HKLM\..\Run: [HotKeysCmds] = C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [IgfxTray] = C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [Persistence] = C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [RIM PeerManager] = C:\Program Files\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] = C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] = C:\Program Files\Common Files\Java\Java Update\jusched.exe O4 - HKLM\..\Run: [egui] = C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe /hide /waitservice O4 - HKLM\..\Run: [iTunesHelper] = C:\Program Files\iTunes\iTunesHelper.exe O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Descargar con IDM todos los enlaces : (default) = C:\Program Files\Internet Download Manager\IEGetAll.htm O8 - Context menu item: HKCU\..\Internet Explorer\MenuExt\Descargar con IDM: (default) = C:\Program Files\Internet Download Manager\IEExt.htm O10 - Unknown file in Winsock LSP: C:\Program Files\Bonjour\mdnsNSP.dll O15 - Trusted Zone: *.localhost O15 - Trusted Zone: http://webcompanion.com O17 - DHCP DNS 1: 8.8.8.8 (Well-known DNS: Google) O17 - DHCP DNS 2: 8.8.4.4 (Well-known DNS: Google) O17 - HKLM\System\CCS\Services\Tcpip\..\{079F6FFF-A4DF-4F91-83C1-250753CC6A6A}: [NameServer] = 8.8.4.4 (Well-known DNS: Google) O17 - HKLM\System\CCS\Services\Tcpip\..\{079F6FFF-A4DF-4F91-83C1-250753CC6A6A}: [NameServer] = 8.8.8.8 (Well-known DNS: Google) O17 - HKLM\System\CCS\Services\Tcpip\..\{92051B92-EEF7-43FC-8321-E9B8A1712CA6}: [NameServer] = 8.8.4.4 (Well-known DNS: Google) O17 - HKLM\System\CCS\Services\Tcpip\..\{92051B92-EEF7-43FC-8321-E9B8A1712CA6}: [NameServer] = 8.8.8.8 (Well-known DNS: Google) O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{079F6FFF-A4DF-4F91-83C1-250753CC6A6A}: [NameServer] = 8.8.4.4 (Well-known DNS: Google) O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{079F6FFF-A4DF-4F91-83C1-250753CC6A6A}: [NameServer] = 8.8.8.8 (Well-known DNS: Google) O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{92051B92-EEF7-43FC-8321-E9B8A1712CA6}: [NameServer] = 8.8.4.4 (Well-known DNS: Google) O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{92051B92-EEF7-43FC-8321-E9B8A1712CA6}: [NameServer] = 8.8.8.8 (Well-known DNS: Google) O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive6: (no name) - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} - (no file) O21 - HKLM\..\ShellIconOverlayIdentifiers\ AccExtIco1: AccExtIco1 Class - {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} - C:\Program Files\Common Files\Adobe\CoreSyncExtension\CoreSync_x86.dll O21 - HKLM\..\ShellIconOverlayIdentifiers\ AccExtIco2: AccExtIco2 Class - {853B7E05-C47D-4985-909A-D0DC5C6D7303} - C:\Program Files\Common Files\Adobe\CoreSyncExtension\CoreSync_x86.dll O21 - HKLM\..\ShellIconOverlayIdentifiers\ AccExtIco3: AccExtIco3 Class - {42D38F2E-98E9-4382-B546-E24E4D6D04BB} - C:\Program Files\Common Files\Adobe\CoreSyncExtension\CoreSync_x86.dll O21 - HKLM\..\ShellIconOverlayIdentifiers\ IDM Shell Extension: IDM Shell Extension - {CDC95B92-E27C-4745-A8C5-64A52A78855D} - C:\Program Files\Internet Download Manager\IDMShellExt.dll O22 - Task (.job): (Ready) G2MUpdateTask-S-1-5-21-838994074-81632765-970354094-1000.job - C:\Users\Disloth\AppData\Local\GoToMeeting\16474\g2mupdate.exe O22 - Task (.job): (Ready) G2MUploadTask-S-1-5-21-838994074-81632765-970354094-1000.job - C:\Users\Disloth\AppData\Local\GoToMeeting\16474\g2mupload.exe O22 - Task (.job): (Ready) iToolsDaemon.job - C:\Program Files\ThinkSky\iTools 3\iToolsDaemon.exe (file missing) O23 - Service S2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service S2: Adobe Genuine Monitor Service - (AGMService) - C:\Program Files\Common Files\Adobe\AdobeGCClient\AGMService.exe O23 - Service S2: Adobe Genuine Software Integrity Service - (AGSService) - C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe O23 - Service S2: AdobeUpdateService - C:\Program Files\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe O23 - Service S2: Apple Mobile Device - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service S2: BlackBerry Link Communication Manager - (RIM Tunnel Service) - C:\Program Files\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe service O23 - Service S2: Diagnostics Tracking Service - (DiagTrack) - C:\Windows\System32\svchost.exe -k utcsvc; "ServiceDll" = C:\Windows\system32\diagtrack.dll O23 - Service S2: ESET Service - (ekrn) - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service S2: Internet Pass-Through Service - (PassThru Service) - C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe O23 - Service S2: KingoSoftService - C:\Users\Disloth\AppData\Local\Kingosoft\Kingo Root\update_54326\bin\KingoSoftService.exe Root\update_54326\bin\KingoSoftService.exe "C:\Users\Disloth\AppData\Local\Kingosoft\Kingo Root\update_54326\bin\checkupdate.exe" O23 - Service S2: Motorola Device Manager Service - (Motorola Device Manager) - C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe O23 - Service S2: PST Service - C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe O23 - Service S2: RIM MDNS - C:\Program Files\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe O23 - Service S2: SAMSUNG Mobile Connectivity Service - (ss_conn_service) - C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe O23 - Service S2: Servicio Bonjour - (Bonjour Service) - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service S2: Servicio Hacer clic y ejecutar de Microsoft Office - (ClickToRunSvc) - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe /service O23 - Service S2: Servicio Xperia Companion - (XperiaCompanionService) - C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe O23 - Service S2: Servicio de Google Update (gupdate) - (gupdate) - C:\Program Files\Google\Update\GoogleUpdate.exe /svc O23 - Service S2: TeamViewer - C:\Program Files\TeamViewer\TeamViewer_Service.exe O23 - Service S2: UDisk Monitor Driver - C:\Program Files\Froyo_Android_Driver\Bin\MonServiceUDisk.exe O23 - Service S3: BlackBerry Device Manager - C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\79.0.3945.117\elevation_service.exe O23 - Service S3: Intel(R) Content Protection HECI Service - (cphs) - C:\Windows\system32\IntelCpHeciSvc.exe O23 - Service S3: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS - (ICCS) - C:\Program Files\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service S3: Servicio de Google Update (gupdatem) - (gupdatem) - C:\Program Files\Google\Update\GoogleUpdate.exe /medsvc O23 - Service S3: Servicio del iPod - (iPod Service) - C:\Program Files\iPod\bin\iPodService.exe O23 - Service S3: nProtect GameGuard Service - (npggsvc) - C:\Windows\system32\GameMon.des -service -- End of file - Time spent: 20,9 sec. - 27030 bytes, CRC32: FFFFFFFF. Sign: 똺⓲