List of Processes to flag potential dangers

1. svchost is normal
2. WinZip and other Windows programs are normal
3. I see most of these in my / client machines.

A bad process can take a good name, but what you posted looks normal.

jegajothy,

My Os is win 10 prof 64 bit and I recently underwent a hacking and I am uncertain if the hacker had left any malware to come to live whenever the pc is booted on.

By "hacking", do you mean a hacker gained control of your computer?

If so, then you are wise to be suspicious and should consider restoring from a known good backup image, or if you don't have a backup available, backup your data and consider wiping and reinstalling Windows 10.  

The problem with cleaning up after a take over control hack has happened is that you can never be certain that a rootkit or time activated malware hasn't been left behind, which won't necessarily show up in your running processes.

I'm not a big fan of recommending re-installs, but in cases like a hacker gaining access to your system, it really is the only way to be "certain" that you are safe. With that said;

Hope if the Experts please take a look at the list of processes that are running and flag for me any potential threat that is still running.

I see nothing of concern in any of your posted screenshots and I concur with John, all the running processes look normal to me.

Hope that's helpful.

SmileBoxTray could be malware.  Some Google links flag it as such.

Will do more research on this.

Scan_Registry_Run_Keys.bat is a batch file to get informations about your running keys on the registry and to check all your startup items that starts with windows, all running processes with their commands lines, all connections (established and in listening)

• Startup items
• Process list
• Services List
• Scheduled task list
• File Hosts's contents
• All Network connections
• DNS Cache

So you should, copy and paste this code with your notepad and save it as Scan_Registry_Run_Keys.bat and execute it as administrator to generate a text report that you can join it on the http://pastebin.com and post its link here in your next reply !

SmileBoxTray could be malware.  Some Google links flag it as such.

Will do more research on this.

Have a read of  https://www.file.net/process/smileboxtray.exe.html  and  https://www.cnet.com/forums/discussions/smilebox-tray-exe-591706/  to help you decide if SmileBoxTray is malware or not.  You can submit the executable to any of the online virus scanners to check.

Now there are about 3 anti-virus scanners running on your machine; Avast, Hitman and MalwareBytes.  You normally only use one as more than one slows the whole system down.

If you've been hacked previously, you really should reinstall your OS and restore your data from backup.  If you have to ask about running processes, then you don't really know enough to figure out which ones are bad and which ones are good.  If you are still infected, then you're just wasting time while the hacker is grabbing more data from you.

If you somewhat know what you're doing, you'd have already take the system offline and started a scan of the disk from another known good working system first.  Once it's cleaned, you would still boot up disconnected from any network and then start your diagnosis completely offline.  These are just the first steps.  Unless you're doing forensics, this is a waste of time and you should really reinstall the system.

While the processes may look normal, you can't know without checking more deeply.  Micosoft's built in Task Manager is inadequate for this.  If you don't know how to do that already, it's time to reinstall and restore your data from backup.  A reinstall is the only way to be certain that whatever was on there is no longer there.

Yes and this question is a follow on from the author's first question on this where we did suggest reinstalling the OS.

thank u.