Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.18 Platform: x64 Windows 10 (Home), 10.0.18362.778 (ReleaseId: 1903), Service Pack: 0 Time: 28.04.2020 - 17:45 (UTC-04:00) Language: OS: English (0x409). Display: English (0x409). Non-Unicode: English (0x409) Elevated: Yes Ran by: Llen (group: Administrator) on ANDREW, FirstRun: yes Chrome: 81.0.4044.122 Edge: 11.0.18362.752 Internet Explorer: 11.0.18362.1 Default: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Chrome) Boot mode: Normal Running processes: Number | Path 1 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe 1 C:\Program Files (x86)\Common Files\Steam\SteamService.exe 2 C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe 1 C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe 11 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 1 C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe 1 C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe 1 C:\Program Files (x86)\Gyazo\GyStation.exe 1 C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe 1 C:\Program Files (x86)\Norton Security Suite\Engine\22.20.2.57\WSCStub.exe 1 C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe 1 C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe 1 C:\Program Files (x86)\Razer\APO0527Drv\Drivers\x64\THXHelper0527.exe 1 C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe 2 C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe 1 C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe 1 C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe 1 C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe 1 C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe 1 C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe 1 C:\Program Files (x86)\Razer\THXService\Drivers\x64\THXService.exe 1 C:\Program Files (x86)\Razer\THXVAD\Drivers\x64\THXHelper22AD.exe 1 C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\Lightshot.exe 7 C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe 1 C:\Program Files (x86)\Steam\steam.exe 1 C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe 1 C:\Program Files\Logitech Gaming Software\LCore.exe 2 C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe 1 C:\Program Files\Parsec\pservice.exe 1 C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe 1 C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe 3 C:\Program Files\WindowsApps\Microsoft.GamingApp_2003.1001.4.0_x64__8wekyb3d8bbwe\app\Xbox.exe 1 C:\Program Files\WindowsApps\Microsoft.GamingApp_2003.1001.4.0_x64__8wekyb3d8bbwe\app\XboxAppServices.exe 1 C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeApp.exe 1 C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe 1 C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.120.4062.0_x64__8wekyb3d8bbwe\GameBar.exe 1 C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.120.4062.0_x64__8wekyb3d8bbwe\GameBarFT.exe 1 C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.120.4062.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe 1 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20032.111.0_x64__8wekyb3d8bbwe\YourPhone.exe 1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.8-0\MsMpEng.exe 1 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.8-0\NisSrv.exe 6 C:\Users\Llen\AppData\Local\Discord\app-0.0.306\Discord.exe 1 C:\Users\Llen\Desktop\HiJackThis.exe 1 C:\Users\Llen\Desktop\ \WinAuth.exe 1 C:\Windows\SysWOW64\PnkBstrA.exe 1 C:\Windows\SysWOW64\WTClient.exe 2 C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d223212c0a2275b5\Display.NvContainer\NVDisplay.Container.exe 1 C:\Windows\System32\GameBarPresenceWriter.exe 6 C:\Windows\System32\RuntimeBroker.exe 1 C:\Windows\System32\SearchFilterHost.exe 1 C:\Windows\System32\SearchIndexer.exe 1 C:\Windows\System32\SearchProtocolHost.exe 1 C:\Windows\System32\SecurityHealthHost.exe 1 C:\Windows\System32\SecurityHealthService.exe 1 C:\Windows\System32\SecurityHealthSystray.exe 1 C:\Windows\System32\SettingSyncHost.exe 1 C:\Windows\System32\SgrmBroker.exe 1 C:\Windows\System32\WUDFHost.exe 1 C:\Windows\System32\audiodg.exe 1 C:\Windows\System32\conhost.exe 2 C:\Windows\System32\csrss.exe 1 C:\Windows\System32\ctfmon.exe 1 C:\Windows\System32\dasHost.exe 2 C:\Windows\System32\dllhost.exe 1 C:\Windows\System32\drivers\WTSrv.exe 1 C:\Windows\System32\dwm.exe 2 C:\Windows\System32\fontdrvhost.exe 1 C:\Windows\System32\lsass.exe 1 C:\Windows\System32\rundll32.exe 1 C:\Windows\System32\services.exe 1 C:\Windows\System32\sihost.exe 1 C:\Windows\System32\smartscreen.exe 1 C:\Windows\System32\smss.exe 1 C:\Windows\System32\spoolsv.exe 78 C:\Windows\System32\svchost.exe 1 C:\Windows\System32\taskhostw.exe 2 C:\Windows\System32\wbem\WmiPrvSE.exe 1 C:\Windows\System32\wininit.exe 1 C:\Windows\System32\winlogon.exe 1 C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe 1 C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe 1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe 1 C:\Windows\explorer.exe 2 D:\Minecraft\MinecraftLauncher.exe 1 D:\Minecraft\runtime\jre-x64\bin\javaw.exe 1 D:\SteamLibrary\steamapps\common\wallpaper_engine\wallpaper32.exe O1 - Hosts: 0.0.0.0 nw2master.bioware.com O1 - Hosts: 0.0.0.0 nwn2.master.gamespy.com O1 - Hosts: 0.0.0.0 nwmaster.bioware.com O1 - Hosts: 0.0.0.0 nwn.master.gamespy.com O2 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_241\bin\jp2ssv.dll O2 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_241\bin\ssv.dll O4 - HKCU\..\Run: [Discord] = C:\Users\Llen\AppData\Local\Discord\app-0.0.306\Discord.exe O4 - HKCU\..\Run: [EADM] = C:\Program Files (x86)\Origin\Origin.exe -AutoStart O4 - HKCU\..\Run: [EpicGamesLauncher] = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe -silent O4 - HKCU\..\Run: [Gyazo] = C:\Program Files (x86)\Gyazo\GyStation.exe O4 - HKCU\..\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent O4 - HKCU\..\Run: [Synapse3] = C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe /StartMinimized O4 - HKCU\..\Run: [launchOnStartup] = C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe /launchViaAutoStart O4 - HKCU\..\StartupApproved\Run: [OneDrive] = C:\Users\Llen\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background (2020/03/14) O4 - HKCU\..\StartupApproved\Run: [Overwolf] = C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe -overwolfsilent (2020/03/14) O4 - HKLM\..\Run: [Launch LCore] = C:\Program Files\Logitech Gaming Software\LCore.exe /minimized O4 - HKLM\..\Run: [RTHDVCPL] = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s O4 - HKLM\..\Run: [RtHDVBg] = C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX3 O4 - HKLM\..\Run: [SecurityHealth] = C:\WINDOWS\system32\SecurityHealthSystray.exe O4 - HKLM\..\Run: [THX0527Helper] = C:\Program Files (x86)\Razer\APO0527Drv\Drivers\x64\THXHelper0527.exe O4 - HKLM\..\Run: [THX22adHelper] = C:\Program Files (x86)\Razer\THXVAD\Drivers\x64\THXHelper22ad.exe O4 - HKU\.DEFAULT\..\Run: [Synapse3] = C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe /StartMinimized O4 - HKU\S-1-5-19\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade O4 - HKU\S-1-5-20\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade O4-32 - HKLM\..\Run: [Lightshot] = C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe O4-32 - HKLM\..\Run: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe O4-32 - HKLM\..\Run: [WTClient] = C:\WINDOWS\system32\WTClient.exe O17 - DHCP DNS 1: 75.75.75.75 O17 - DHCP DNS 2: 75.75.76.76 O22 - Task (.job): (Not scheduled) update-S-1-5-21-724091371-1853607471-1177718006-1001.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate O22 - Task (.job): (Not scheduled) update-sys.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate O23 - Service R2: Logitech Gaming Registry Service - (LogiRegistryService) - C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d223212c0a2275b5\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f C:\ProgramData\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d223212c0a2275b5\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem O23 - Service R2: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" O23 - Service R2: Parsec - C:\Program Files\Parsec\pservice.exe O23 - Service R2: PnkBstrA - C:\WINDOWS\system32\PnkBstrA.exe (file missing) O23 - Service R2: Razer Central Service - (RzActionSvc) - C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe O23 - Service R2: Razer Chroma SDK Server - C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe O23 - Service R2: Razer Chroma SDK Service - C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe O23 - Service R2: Razer Game Manager - (Razer Game Manager Service) - C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe O23 - Service R2: Razer Synapse Service - C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe O23 - Service R2: THXService - C:\Program Files (x86)\Razer\THXService\Drivers\x64\THXService.exe O23 - Service R2: WinTab Service - (WinTabService) - C:\WINDOWS\System32\Drivers\WTSRV.EXE O23 - Service R3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService O23 - Service S2: Brave Update Service (brave) - (brave) - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe /svc O23 - Service S2: Google Update Service (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc O23 - Service S2: Origin Web Helper Service - C:\Program Files (x86)\Origin\OriginWebHelperService.exe O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe O23 - Service S3: Brave Update Service (bravem) - (bravem) - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe /medsvc O23 - Service S3: Dragon Age: Origins - Content Updater - (DAUpdaterSvc) - D:\SteamLibrary\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe O23 - Service S3: EasyAntiCheat - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe O23 - Service S3: GalaxyClientService - C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe O23 - Service S3: GalaxyCommunication - C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.122\elevation_service.exe O23 - Service S3: Google Update Service (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc O23 - Service S3: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe O23 - Service S3: NVIDIA NetworkService Container - (NvContainerNetworkService) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" O23 - Service S3: Nexon Game Security Service - (NGS) - C:\WINDOWS\NGService.exe -service O23 - Service S3: Origin Client Service - C:\Program Files (x86)\Origin\OriginClientService.exe O23 - Service S3: Overwolf Updater Windows SCM - (OverwolfUpdater) - C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe /RunningFrom SCM O23 - Service S3: Rockstar Game Library Service - (Rockstar Service) - C:\Program Files\Rockstar Games\Launcher\RockstarService.exe O23 - Service S3: nProtect GameGuard Service - (npggsvc) - C:\WINDOWS\system32\GameMon.des -service (file missing) O23 - Service S3: vgc - C:\Program Files\Riot Vanguard\vgc.exe -- End of file - Time spent: 27.2 sec. - 27638 bytes, CRC32: FFFFFFFF. Sign: 閧覆