Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 23:53:57, on 07.04.2021 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.19041.0001) Boot mode: Normal Running processes: C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe C:\Users\Adrian\AppData\Local\Discord\app-0.0.309\Discord.exe C:\Users\Adrian\AppData\Local\Discord\app-0.0.309\Discord.exe C:\Users\Adrian\AppData\Local\Discord\app-0.0.309\Discord.exe C:\Users\Adrian\AppData\Local\Discord\app-0.0.309\Discord.exe C:\Users\Adrian\AppData\Local\Discord\app-0.0.309\Discord.exe C:\Users\Adrian\AppData\Local\Discord\app-0.0.309\Discord.exe C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe C:\Users\Adrian\AppData\Local\Overwolf\Extensions\dafpjodfmofenjonekfnkphpghegoekhfepmbmib\0.9.9.2439\plugins\agent\FuzeTV.exe C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Windscribe\Windscribe.exe C:\Program Files (x86)\Windscribe\WindscribeEngine.exe C:\Program Files (x86)\Minecraft Launcher\MinecraftLauncher.exe C:\Program Files (x86)\Minecraft Launcher\MinecraftLauncher.exe C:\Program Files (x86)\Minecraft Launcher\MinecraftLauncher.exe C:\Program Files (x86)\Minecraft Launcher\MinecraftLauncher.exe C:\Program Files (x86)\Minecraft Launcher\MinecraftLauncher.exe C:\Users\Adrian\Downloads\hijackthis-2-0-5.exe C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\21.030.0211.0002\FileCoAuth.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit= O1 - Hosts: 142.44.142.126 sessionserver.mojang.com O1 - Hosts: 142.44.142.126 authserver.mojang.com O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\89.0.774.68\BHO\ie_to_edge_bho.dll O4 - HKLM\..\Run: [XtremeTuner Plus] C:\Program Files\XtremeTuner Plus\XtremeTuner Plus.exe SysTray O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\RunOnce: [GrpConv] grpconv -o O4 - HKCU\..\Run: [OneDrive] "C:\Users\Adrian\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent O4 - HKCU\..\Run: [Synapse3] C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe /StartMinimized O4 - HKCU\..\Run: [com.squirrel.Teams.Teams] C:\Users\Adrian\AppData\Local\Microsoft\Teams\Update.exe --processStart "Teams.exe" --process-start-args "--system-initiated" O4 - HKCU\..\Run: [Discord] C:\Users\Adrian\AppData\Local\Discord\Update.exe --processStart Discord.exe O4 - HKCU\..\Run: [EpicGamesLauncher] "C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent O4 - HKCU\..\Run: [Voicemod] "C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe" O4 - HKCU\..\Run: [Opera Browser Assistant] C:\Users\Adrian\AppData\Local\Programs\Opera\assistant\browser_assistant.exe O4 - HKCU\..\Run: [Web Companion] C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize O4 - HKCU\..\Run: [Windscribe] "C:\Program Files (x86)\Windscribe\Windscribe.exe" -os_restart O4 - HKCU\..\Run: [FACEIT] "C:\Users\Adrian\AppData\Local\FACEITApp\update.exe" --processStart "FACEIT.exe" O4 - HKCU\..\Run: [Overwolf] C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe -overwolfsilent O4 - HKCU\..\Run: [Opera GX Browser Assistant] C:\Users\Adrian\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe O4 - HKCU\..\Run: [electron.app.Guilded] C:\Users\Adrian\AppData\Local\Programs\Guilded\Guilded.exe O4 - HKCU\..\Run: [AvastBrowserAutoLaunch_90272D517C352EE096375EDF5209A687] "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --check-run=src=logon --auto-launch-at-startup --profile-directory="Default" O4 - HKUS\S-1-5-18\..\Run: [Synapse3] C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe /StartMinimized (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [Synapse3] C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe /StartMinimized (User 'Default user') O4 - Startup: FuzeTV.lnk = C:\Users\Adrian\AppData\Local\Overwolf\Extensions\dafpjodfmofenjonekfnkphpghegoekhfepmbmib\0.9.9.2439\plugins\agent\FuzeTV.exe O4 - Global Startup: SoftEther VPN Client Manager Startup.lnk = C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: http://*.webcompanion.com O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\Avast Software\Avast\aswidsagent.exe O23 - Service: Avast Browser Update-Dienst (avast) (avast) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\Avast Software\Avast\AvastSvc.exe O23 - Service: Avast Firewall Service (avast! Firewall) - AVAST Software - C:\Program Files\Avast Software\Avast\afwServ.exe O23 - Service: Avast Tools (avast! Tools) - AVAST Software - C:\Program Files\Avast Software\Avast\aswToolsSvc.exe O23 - Service: Avast Browser Update-Dienst (avastm) (avastm) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe O23 - Service: Avast Secure Browser Elevation Service (AvastSecureBrowserElevationService) (AvastSecureBrowserElevationService) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Application\89.1.8954.115\elevation_service.exe O23 - Service: AvastWscReporter - AVAST Software - C:\Program Files\Avast Software\Avast\wsc_proxy.exe O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe O23 - Service: Avast Cleanup (CleanupPSvc) - AVAST Software - C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\Windows\system32\CredentialEnrollmentManager.exe (file missing) O23 - Service: CredentialEnrollmentManagerUserSvc_90a7a - Unknown owner - C:\Windows\system32\CredentialEnrollmentManager.exe (file missing) O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: EasyAntiCheat - Epic Games, Inc - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Epic Online Services (EpicOnlineServices) - Epic Games, Inc. - C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Futuremark SystemInfo Service - Futuremark - C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe O23 - Service: NVIDIA FrameView SDK service (FvSvc) - NVIDIA - C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) (GoogleChromeElevationService) - Google LLC - C:\Program Files\Google\Chrome\Application\89.0.4389.114\elevation_service.exe O23 - Service: Google Update-Dienst (gupdate) (gupdate) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-Dienst (gupdatem) (gupdatem) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: ManyCam Service - Unknown owner - C:\ProgramData\ManyCam\Service\ManyCamService.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @oem35.inf,%SERVICE_FRIENDLY_NAME%;Nahimic service (NahimicService) - Unknown owner - C:\Windows\system32\NahimicService.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\NVDisplay.Container.exe O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\Windows\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing) O23 - Service: Razer Game Manager (Razer Game Manager Service) - Razer Inc - C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe O23 - Service: Rockstar Game Library Service (Rockstar Service) - Rockstar Games - C:\Program Files\Rockstar Games\Launcher\RockstarService.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\Windows\system32\SecurityHealthService.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing) O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\Windows\system32\SgrmBroker.exe (file missing) O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\Windows\system32\spectrum.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing) O23 - Service: Twitch Service (TwitchService) - Unknown owner - C:\Program Files\Common Files\Twitch\TwitchService.exe O23 - Service: Uncheater for BattleGroundsLite_SE (uncheater_bgl) - Wellbia.com Co., Ltd. - C:\Program Files\Common Files\Uncheater\uncheater_bgl.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: WindscribeService - Windscribe Limited - C:\Program Files (x86)\Windscribe\WindscribeService.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 14261 bytes