Navegadores secuestrados

Eliminar Malwares
1

Hola a todos ! Desde hace unos días tengo mis navegadores (Chrome, Firefox y M.Edge) secuestrados por sec-surf.com. Este programa me redirige a un falso Google cuando busco algo. He leído que hay un tema antiguo con el mismo problema asi, que he seguido todos los pasos indicados (salvo el script final para no liarlo) y tengo informes de Malwarebytes, ADWCleaner, ZHP Cleaner y el Farbar Recovery Scan Tool. Para ganar tiempo, iré copiando todos los informes en mensajes siguientes. Gracias de antemano por vuestra ayuda !

2

Hola Fbird, Bienvenido a Forospyware.

Por favor, pega los reportes de los programas que utilizaste y contanos como sigue el problema.

Saludos

3 
Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 31/7/19
Hora del análisis: 10:33
Archivo de registro: ef2aea26-b36d-11e9-aeb6-d43d7eb03fc2.json

-Información del software-
Versión: 3.8.3.2965
Versión de los componentes: 1.0.613
Versión del paquete de actualización: 1.0.11789
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 17134.885)
CPU: x64
Sistema de archivos: NTFS
Usuario: SALON\Jean-Philippe

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 371517
Amenazas detectadas: 51
Amenazas en cuarentena: 51
Tiempo transcurrido: 20 min, 46 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 2
PUP.Optional.SearchMulty.Generic, HKU\S-1-5-21-4141171654-374504699-3676777031-1002\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|oodoiphimccmljckplmokekgaihbihpi, En cuarentena, [14770], [605550],1.0.11789
PUP.Optional.SearchMulty.Generic, HKU\S-1-5-21-4141171654-374504699-3676777031-1002\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|hclkgnmkggdiljilllnfmhmgcencdjfd, En cuarentena, [14770], [605550],1.0.11789

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 14
PUP.Optional.MultyApp, C:\USERS\JEAN-PHILIPPE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\WEB APPLICATIONS\_crx_hclkgnmkggdiljilllnfmhmgcencdjfd, En cuarentena, [4916], [660322],1.0.11789
PUP.Optional.MultyApp, C:\USERS\JEAN-PHILIPPE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\WEB APPLICATIONS\_crx_oodoiphimccmljckplmokekgaihbihpi, En cuarentena, [4916], [660322],1.0.11789
PUP.Optional.SearchMulty.Generic, C:\Users\Jean-Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\oodoiphimccmljckplmokekgaihbihpi\1.2_0\_metadata, En cuarentena, [14770], [605550],1.0.11789
PUP.Optional.SearchMulty.Generic, C:\Users\Jean-Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\oodoiphimccmljckplmokekgaihbihpi\1.2_0\icons, En cuarentena, [14770], [605550],1.0.11789
PUP.Optional.SearchMulty.Generic, C:\Users\Jean-Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\oodoiphimccmljckplmokekgaihbihpi\1.2_0\c, En cuarentena, [14770], [605550],1.0.11789
PUP.Optional.SearchMulty.Generic, C:\Users\Jean-Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\oodoiphimccmljckplmokekgaihbihpi\1.2_0\s, En cuarentena, [14770], [605550],1.0.11789
PUP.Optional.SearchMulty.Generic, C:\Users\Jean-Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\oodoiphimccmljckplmokekgaihbihpi\1.2_0, En cuarentena, [14770], [605550],1.0.11789
PUP.Optional.SearchMulty.Generic, C:\USERS\JEAN-PHILIPPE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\OODOIPHIMCCMLJCKPLMOKEKGAIHBIHPI, En cuarentena, [14770], [605550],1.0.11789
PUP.Optional.SearchMulty.Generic, C:\Users\Jean-Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclkgnmkggdiljilllnfmhmgcencdjfd\1.2_0\_metadata, En cuarentena, [14770], [605550],1.0.11789
PUP.Optional.SearchMulty.Generic, C:\Users\Jean-Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclkgnmkggdiljilllnfmhmgcencdjfd\1.2_0\icons, En cuarentena, [14770], [605550],1.0.11789
PUP.Optional.SearchMulty.Generic, C:\Users\Jean-Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclkgnmkggdiljilllnfmhmgcencdjfd\1.2_0\c, En cuarentena, [14770], [605550],1.0.11789
PUP.Optional.SearchMulty.Generic, C:\Users\Jean-Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclkgnmkggdiljilllnfmhmgcencdjfd\1.2_0\s, En cuarentena, [14770], [605550],1.0.11789
PUP.Optional.SearchMulty.Generic, C:\Users\Jean-Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclkgnmkggdiljilllnfmhmgcencdjfd\1.2_0, En cuarentena, [14770], [605550],1.0.11789
PUP.Optional.SearchMulty.Generic, C:\USERS\JEAN-PHILIPPE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\HCLKGNMKGGDILJILLLNFMHMGCENCDJFD, En cuarentena, [14770], [605550],1.0.11789

Archivo: 35
PUP.Optional.MultyApp, C:\USERS\JEAN-PHILIPPE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\WEB APPLICATIONS\_crx_hclkgnmkggdiljilllnfmhmgcencdjfd\Multy App.ico, En cuarentena, [4916], [660322],1.0.11789
PUP.Optional.MultyApp, C:\Users\Jean-Philippe\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_hclkgnmkggdiljilllnfmhmgcencdjfd\Multy App.ico.md5, En cuarentena, [4916], [660322],1.0.11789
PUP.Optional.MultyApp, C:\USERS\JEAN-PHILIPPE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\WEB APPLICATIONS\_crx_oodoiphimccmljckplmokekgaihbihpi\Multy App.ico, En cuarentena, [4916], [660322],1.0.11789
PUP.Optional.MultyApp, C:\Users\Jean-Philippe\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_oodoiphimccmljckplmokekgaihbihpi\Multy App.ico.md5, En cuarentena, [4916], [660322],1.0.11789
PUP.Optional.SearchMulty.Generic, C:\USERS\JEAN-PHILIPPE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, [14770], [605550],1.0.11789
PUP.Optional.SearchMulty.Generic, C:\USERS\JEAN-PHILIPPE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Sustituido, [14770], [605550],1.0.11789
PUP.Optional.SearchMulty.Generic, C:\USERS\JEAN-PHILIPPE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\OODOIPHIMCCMLJCKPLMOKEKGAIHBIHPI\1.2_0\MANIFEST.JSON, En cuarentena, [14770], [605550],1.0.11789
PUP.Optional.SearchMulty.Generic, C:\Users\Jean-Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\oodoiphimccmljckplmokekgaihbihpi\1.2_0\c\s.css, En cuarentena, [14770], [605550],1.0.11789
PUP.Optional.SearchMulty.Generic, C:\Users\Jean-Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\oodoiphimccmljckplmokekgaihbihpi\1.2_0\icons\button.png, En cuarentena, [14770], [605550],1.0.11789
PUP.Optional.SearchMulty.Generic, C:\Users\Jean-Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\oodoiphimccmljckplmokekgaihbihpi\1.2_0\icons\icon128.png, En cuarentena, [14770], [605550],1.0.11789
PUP.Optional.SearchMulty.Generic, C:\Users\Jean-Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\oodoiphimccmljckplmokekgaihbihpi\1.2_0\icons\icon48.png, En cuarentena, [14770], [605550],1.0.11789
PUP.Optional.SearchMulty.Generic, C:\Users\Jean-Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\oodoiphimccmljckplmokekgaihbihpi\1.2_0\icons\icon64.png, En cuarentena, [14770], [605550],1.0.11789
PUP.Optional.SearchMulty.Generic, C:\Users\Jean-Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\oodoiphimccmljckplmokekgaihbihpi\1.2_0\s\jquery.js, En cuarentena, [14770], [605550],1.0.11789
PUP.Optional.SearchMulty.Generic, C:\Users\Jean-Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\oodoiphimccmljckplmokekgaihbihpi\1.2_0\s\s.js, En cuarentena, [14770], [605550],1.0.11789
PUP.Optional.SearchMulty.Generic, C:\Users\Jean-Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\oodoiphimccmljckplmokekgaihbihpi\1.2_0\_metadata\computed_hashes.json, En cuarentena, [14770], [605550],1.0.11789
PUP.Optional.SearchMulty.Generic, C:\Users\Jean-Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\oodoiphimccmljckplmokekgaihbihpi\1.2_0\_metadata\verified_contents.json, En cuarentena, [14770], [605550],1.0.11789
PUP.Optional.SearchMulty.Generic, C:\Users\Jean-Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\oodoiphimccmljckplmokekgaihbihpi\1.2_0\background.js, En cuarentena, [14770], [605550],1.0.11789
PUP.Optional.SearchMulty.Generic, C:\Users\Jean-Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\oodoiphimccmljckplmokekgaihbihpi\1.2_0\index.html, En cuarentena, [14770], [605550],1.0.11789
PUP.Optional.SearchMulty.Generic, C:\USERS\JEAN-PHILIPPE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, [14770], [605550],1.0.11789
PUP.Optional.SearchMulty.Generic, C:\USERS\JEAN-PHILIPPE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Sustituido, [14770], [605550],1.0.11789
PUP.Optional.SearchMulty.Generic, C:\USERS\JEAN-PHILIPPE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\HCLKGNMKGGDILJILLLNFMHMGCENCDJFD\1.2_0\MANIFEST.JSON, En cuarentena, [14770], [605550],1.0.11789
PUP.Optional.SearchMulty.Generic, C:\Users\Jean-Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclkgnmkggdiljilllnfmhmgcencdjfd\1.2_0\c\s.css, En cuarentena, [14770], [605550],1.0.11789
PUP.Optional.SearchMulty.Generic, C:\Users\Jean-Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclkgnmkggdiljilllnfmhmgcencdjfd\1.2_0\icons\button.png, En cuarentena, [14770], [605550],1.0.11789
PUP.Optional.SearchMulty.Generic, C:\Users\Jean-Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclkgnmkggdiljilllnfmhmgcencdjfd\1.2_0\icons\icon128.png, En cuarentena, [14770], [605550],1.0.11789
PUP.Optional.SearchMulty.Generic, C:\Users\Jean-Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclkgnmkggdiljilllnfmhmgcencdjfd\1.2_0\icons\icon48.png, En cuarentena, [14770], [605550],1.0.11789
PUP.Optional.SearchMulty.Generic, C:\Users\Jean-Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclkgnmkggdiljilllnfmhmgcencdjfd\1.2_0\icons\icon64.png, En cuarentena, [14770], [605550],1.0.11789
PUP.Optional.SearchMulty.Generic, C:\Users\Jean-Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclkgnmkggdiljilllnfmhmgcencdjfd\1.2_0\s\jquery.js, En cuarentena, [14770], [605550],1.0.11789
PUP.Optional.SearchMulty.Generic, C:\Users\Jean-Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclkgnmkggdiljilllnfmhmgcencdjfd\1.2_0\s\s.js, En cuarentena, [14770], [605550],1.0.11789
PUP.Optional.SearchMulty.Generic, C:\Users\Jean-Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclkgnmkggdiljilllnfmhmgcencdjfd\1.2_0\_metadata\computed_hashes.json, En cuarentena, [14770], [605550],1.0.11789
PUP.Optional.SearchMulty.Generic, C:\Users\Jean-Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclkgnmkggdiljilllnfmhmgcencdjfd\1.2_0\_metadata\verified_contents.json, En cuarentena, [14770], [605550],1.0.11789
PUP.Optional.SearchMulty.Generic, C:\Users\Jean-Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclkgnmkggdiljilllnfmhmgcencdjfd\1.2_0\background.js, En cuarentena, [14770], [605550],1.0.11789
PUP.Optional.SearchMulty.Generic, C:\Users\Jean-Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclkgnmkggdiljilllnfmhmgcencdjfd\1.2_0\index.html, En cuarentena, [14770], [605550],1.0.11789
PUP.Optional.SearchMulty, C:\USERS\JEAN-PHILIPPE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, [377], [557473],1.0.11789
PUP.Optional.SearchMulty, C:\USERS\JEAN-PHILIPPE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, [377], [557473],1.0.11789
PUP.Optional.SearchMulty, C:\USERS\JEAN-PHILIPPE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, [377], [557473],1.0.11789

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)
4 

# -------------------------------
# Malwarebytes AdwCleaner 7.4.0.0
# -------------------------------
# Build:    07-23-2019
# Database: 2019-07-22.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    07-31-2019
# Duration: 00:01:03
# OS:       Windows 10 Home
# Cleaned:  41
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted       C:\Windows\System32\Tasks\PRODUCT UPDATER

***** [ Registry ] *****

Deleted       HKCU\Software\PRODUCTSETUP
Deleted       HKCU\Software\ProductSetup\Uninstall\0B2U2Z1P0F1P1G1R1P1V0A1Q1Q0O1G
Deleted       HKCU\Software\ProductSetup\Uninstall\0S1P1T1C1R1MtT0P1C1F2X1L1Q1P1QtT1S2UtT0Y1T1M1F1F
Deleted       HKCU\Software\csastats
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E04B0172-57C4-4EA3-8E28-25696AEFDB2C} 
Deleted       HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Product Updater
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|ProductUpdater
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|ProductUpdater

***** [ Chromium (and derivatives) ] *****

Deleted       Yahoo para Chrome

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

Deleted       Preinstalled.CyberLinkLabelPrint
Deleted       Preinstalled.CyberLinkMediaEspresso
Deleted       Preinstalled.CyberLinkShellExtension
Deleted       Preinstalled.HPCleanFLC
Deleted       Preinstalled.HPSupportAssistant
Deleted       Preinstalled.LenovoPower2Go
Deleted       Preinstalled.LenovoPowerDVD
Deleted       Preinstalled.LenovoSHAREit
Deleted       Preinstalled.SonyPlayMemoriesHome
Deleted       Preinstalled.VAIOEntertainmentCommonService


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [16363 octets] - [27/07/2019 19:30:30]
AdwCleaner[S01].txt - [2588 octets] - [31/07/2019 10:59:50]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
6 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-07-2019 01
Ran by Jean-Philippe (administrator) on SALON (MEDION MS-7848) (31-07-2019 11:48:08)
Running from C:\Users\Jean-Philippe\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads
Loaded Profiles: Jean-Philippe (Available Profiles: Jean-Philippe)
Platform: Windows 10 Home Version 1803 17134.885 (X64) Language: Español (España, internacional)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.50.38.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19051.16210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Ashampoo GmbH & Co. KG -> ) C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2Service.exe
(Ashampoo GmbH & Co. KG -> ) C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.50.38.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.50.38.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\OpenWith.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.PeopleExperienceHost_cw5n1h2txyewy\PeopleExperienceHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(pdfforge GmbH -> © pdfforge GmbH.) C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe
(pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 4\creator-ws.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Sony Corporation -> Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
(Sony Corporation -> Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13647576 2013-08-27] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1100248 2013-12-10] (NVIDIA CORPORATION -> NVIDIA Corporation) [File not signed]
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [301880 2018-08-23] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [5782336 2019-07-30] (Dropbox, Inc -> Dropbox, Inc.)
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-4141171654-374504699-3676777031-1002\...\Run: [AppLauncher] => C:\Program Files (x86)\Ashampoo\Ashampoo AppLauncher\AppLauncher.exe [969632 2012-08-10] (Ashampoo GmbH & Co. KG -> Ashampoo)
HKU\S-1-5-21-4141171654-374504699-3676777031-1002\...\Run: [HP Deskjet 3050 J610 series (NET)] => C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKU\S-1-5-21-4141171654-374504699-3676777031-1002\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-03-18] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-4141171654-374504699-3676777031-1002\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2018-03-18] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-4141171654-374504699-3676777031-1002\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [34910608 2018-11-05] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-4141171654-374504699-3676777031-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [23153344 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-4141171654-374504699-3676777031-1002\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-10-19] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-10-19] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [msacm.dvacm_vspx8] => C:\Program Files (x86)\Corel\Corel VideoStudio X8\DVACM.acm [21504 2015-02-07] (Corel TW Corp.) [File not signed]
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.142\Installer\chrmstp.exe [2019-07-17] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SketchBook Snapshot.lnk [2017-11-13]
ShortcutTarget: SketchBook Snapshot.lnk -> C:\Program Files (x86)\Autodesk\Autodesk SketchBook Pro for Enterprise 2014\SketchBookSnapshot.exe (Autodesk Inc) [File not signed]

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {06F2D72A-3BC1-4CAE-9B48-828C5C26E266} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {0B14A8AA-C3EE-428B-99CE-1E03847248A4} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Jean-Philippe\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\esetonlinescanner_esl (1).exe
Task: {0BB57DB7-5DD5-4FED-A035-DBD0B5BE8DF2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe
Task: {0CC8A326-664B-49D0-88F5-015CB90F2E9A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {0E6D8863-7BEF-4747-A1CF-DA572E7B608C} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {1798AF87-A1E6-45EE-A447-082C5EB6E6DF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {334F72EF-745B-4624-8C0C-701B203E6E2E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {353E49E3-2B92-4D13-9480-73A52AA79922} - System32\Tasks\Sony Corporation\Sony Home Network Library\SOHLib SOHDms => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [495248 2014-01-16] (Sony Corporation -> Sony Corporation)
Task: {3D388E97-B7C6-49B0-B5B7-CBA28499A9D3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {415DDC38-91B7-4386-BE54-5B7C29B591D6} - System32\Tasks\HPCustParticipation HP Deskjet 3050 J610 series => C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPCustPartic.exe [4119656 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {449B13E7-8315-4E21-94B4-4789D208122A} - System32\Tasks\[email protected] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {455DFA65-174F-45FC-94B9-2E07AC3F464B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [136618864 2019-07-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {4F3FA435-6E1B-4485-A44A-086C796635EB} - \PaintTool SAI -> No File <==== ATTENTION
Task: {517DAE2E-0D13-4368-B0AF-C297B0F26640} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {5A3FB241-0B11-4EA5-BC66-0D9F1B406040} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM => {C8367320-6F85-11E0-A1F0-0800200C9A66} C:\WINDOWS\System32\BthTelemetry.dll [33280 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
Task: {5E5E28CF-C018-4B33-8A9D-AD87A29D84CB} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {606B700F-E838-4BB7-83F0-498768E79288} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {6149E6CB-ABDC-4139-87BC-BA2A7A891557} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [17184 2014-09-10] (LENOVO -> Lenovo)
Task: {637979A3-B91B-4C15-8CAF-A5C901CBD3B8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [272384 2017-07-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {63E1A3B6-6EA1-4A61-B957-53E073BEDF34} - System32\Tasks\{6553DCE7-19F1-9B1F-4F7C-28F4C10AFE6B} => C:\WINDOWS\system32\regsvr32.exe /s /n /i:"/rt" "C:\PROGRA~3\d1f4efc2\fbc8dbfc.dll" <==== ATTENTION
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {7846C997-EC78-415D-AD0C-34BA9A70EA9A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {7E007EB8-7C00-42B6-8F88-EA8D1818B605} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {805DD872-4301-4F08-BD8B-8E8F5D8E7320} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {81086163-2D01-4F26-B330-91A89F494291} - \WPD\SqmUpload_S-1-5-21-4141171654-374504699-3676777031-1002 -> No File <==== ATTENTION
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {91EE7301-1C40-4ABE-A9FB-59F6DA99C435} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {9539CE8D-15DB-4955-839E-6A24B7B8E9A9} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {95EDB3D8-BE74-4DEC-8DAD-66AD72DAAFE2} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {9738D74D-5E6D-473E-AC29-21E1AC5CB5B3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {9805F3FC-70B1-4AD5-AEB1-1B52C3802417} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {98E5670E-F4DE-4014-AD8D-BE5DF66475F3} - System32\Tasks\Baidu PC Faster Update => C:\Program Files (x86)\PC Faster\Updater.exe
Task: {9B962B9E-C51C-4375-8AF0-E0E75094F86B} - System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => C:\WINDOWS\system32\CScript.exe "C:\ProgramData\Duplicaterecord.js"
Task: {9E89259F-A118-419E-AC58-03EF620275F6} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {ADC0B7A6-C5D4-45A6-ACD1-EE13B1C39DC1} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Jean-Philippe\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\esetonlinescanner_esl (1).exe
Task: {BB4D0551-EBAD-4558-9143-82518A27C7EF} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {BC7A4F2B-F680-4CFC-8316-0512DC93D352} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe
Task: {BCB8A6C4-0B0B-453D-8D9A-FB2B1B92D878} - System32\Tasks\HPCustParticipation HP Deskjet 3050A J611 series => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPCustPartic.exe [4119656 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {C1C8A332-D358-4D78-8B4E-EB2B03E5C109} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {C755588A-4E12-4367-94F2-CBCA9F075F40} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16835256 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {CDC22D88-69AE-465F-A1BF-7B1B8AEE8C59} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-05-09] (Dropbox, Inc -> Dropbox, Inc.)
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {D0F4BCE9-6681-482E-8F86-927985731CF7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {D35BF2BD-1A21-472A-9C7C-9FF6670BF9E5} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe
Task: {DC8AD069-7509-4135-A7CC-ED02E9607142} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {DDB68581-64EB-4290-BDC4-747806425EFF} - System32\Tasks\HPCeeScheduleForJean-Philippe => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [96568 2015-06-16] (Hewlett-Packard Company -> Hewlett-Packard)
Task: {E98BC7BE-15FF-4766-9B37-C406887ED6E7} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-05-09] (Dropbox, Inc -> Dropbox, Inc.)
Task: {F4350514-81E3-431B-A175-BA67D66CE4D3} - System32\Tasks\NvNotifier_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\GFExperience.Deployer\NvNotifier.exe [2014152 2018-02-05] (NVIDIA Corporation -> )
Task: {F4C18C4B-C4C4-4E3B-9084-B99F44E753DF} - System32\Tasks\Baidu PC Faster Service => C:\Program Files (x86)\PC Faster\PCFasterSvc.exe
Task: {F59294F7-75B3-4C4A-AAB2-7DCE48A346FA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
Task: {FFAB6B6F-7860-4CB7-BBD1-0EEDDF6A4447} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForJean-Philippe.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{8718928d-cbeb-45ea-a621-800a9249001d}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{a9bf99c3-1455-44ad-8ba6-701c6da09092}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{b78e98fb-25f3-11e7-aed0-806e6f6e6963}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{bcd039e2-5306-4c71-8f85-e72a187e0f25}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{bcd039e2-5306-4c71-8f85-e72a187e0f25}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{e4f7954d-432a-489b-98af-e3fd1f6f6d40}: [DhcpNameServer] 172.20.10.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-4141171654-374504699-3676777031-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sec-surf.com/
SearchScopes: HKLM -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKU\S-1-5-21-4141171654-374504699-3676777031-1002 -> DefaultScope {476FE902-44A9-4E10-896A-2D6A1CF23639} URL = hxxp://www.sec-surf.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-4141171654-374504699-3676777031-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00
SearchScopes: HKU\S-1-5-21-4141171654-374504699-3676777031-1002 -> {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00
SearchScopes: HKU\S-1-5-21-4141171654-374504699-3676777031-1002 -> {476FE902-44A9-4E10-896A-2D6A1CF23639} URL = hxxp://www.sec-surf.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-4141171654-374504699-3676777031-1002 -> {9E2ECFEC-6BEE-4F44-8C85-A43C9D6972B3} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=foxysecurity
SearchScopes: HKU\S-1-5-21-4141171654-374504699-3676777031-1002 -> {A3881913-8962-4D44-941B-E6DE91FA2CE8} URL = hxxps://es.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO-x32: PDF Architect 4 Helper -> {38279E1A-7019-40C1-B579-E99DFB3312E8} -> C:\Program Files (x86)\PDF Architect 4\creator-ie-helper.dll [2016-01-15] (pdfforge GmbH -> pdfforge GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-12-11] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-11] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM-x32 - PDF Architect 4 Toolbar - {23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} - C:\Program Files (x86)\PDF Architect 4\creator-ie-plugin.dll [2016-01-15] (pdfforge GmbH -> pdfforge GmbH)
Toolbar: HKU\S-1-5-21-4141171654-374504699-3676777031-1002 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File

Edge: 
======
Edge HomeButtonPage: HKU\S-1-5-21-4141171654-374504699-3676777031-1002 -> about:start

FireFox:
========
FF ProfilePath: C:\Users\Jean-Philippe\AppData\Roaming\Mozilla\Firefox\Profiles\cc432675.default [2019-07-31]
FF Homepage: Mozilla\Firefox\Profiles\cc432675.default -> about:home
FF Extension: (Bitdefender QuickScan) - C:\Users\Jean-Philippe\AppData\Roaming\Mozilla\Firefox\Profiles\cc432675.default\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2016-10-06] [Legacy]
FF SearchPlugin: C:\Users\Jean-Philippe\AppData\Roaming\Mozilla\Firefox\Profiles\cc432675.default\searchplugins\yahoo-ysp.xml [2015-12-11]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension
FF Extension: (PDF Architect 4 Creator) - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension [2016-03-02] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_137.dll [2017-07-12] (Adobe Systems Incorporated -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-02-12] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_137.dll [2017-07-12] (Adobe Systems Incorporated -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-11] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-11] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-01-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-01-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN) [File not signed]
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-02-12] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: PDF Architect 4 -> C:\Program Files (x86)\PDF Architect 4\np-previewer.dll [2016-01-15] (pdfforge GmbH -> pdfforge GmbH)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]
FF Plugin HKU\S-1-5-21-4141171654-374504699-3676777031-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2013-12-19] (Ubisoft Entertainment Sweden AB -> )

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.sec-surf.com/
CHR StartupUrls: Default -> "hxxp://www.sec-surf.com/"
CHR NewTab: Default -> "active": true,
            "entry": "chrome-extension://laookkfknpbbblfpciffpaejjkokdgca/dashboard.html"
          
CHR Profile: C:\Users\Jean-Philippe\AppData\Local\Google\Chrome\User Data\Default [2019-07-31]
CHR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\Jean-Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-04-20]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Jean-Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-17]
CHR Extension: (Botón Guardar de Pinterest) - C:\Users\Jean-Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2019-07-30]
CHR Extension: (Pixlr Editor) - C:\Users\Jean-Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmaknaampgiegkcjlimdiidlhopknpk [2018-03-01]
CHR Extension: (Momentum) - C:\Users\Jean-Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\laookkfknpbbblfpciffpaejjkokdgca [2019-07-27]
CHR Extension: (Save to Pocket) - C:\Users\Jean-Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2019-07-25]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Jean-Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Chrome Media Router) - C:\Users\Jean-Philippe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-21]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACT2_Service; C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2Service.exe [1421216 2011-08-22] (Ashampoo GmbH & Co. KG -> )
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [693440 2016-01-28] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3117648 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2888272 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AHDDC2; C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe [1518504 2012-07-30] (Ashampoo GmbH & Co. KG -> )
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-08-23] (Apple Inc. -> Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6875688 2018-07-08] (BattlEye Innovations e.K. -> )
R2 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [74712 2013-03-11] (CyberLink Corp. -> CyberLink)
R2 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [316376 2013-03-11] (CyberLink Corp. -> CyberLink)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-05-09] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-05-09] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2019-07-30] (Dropbox, Inc -> Dropbox, Inc.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2017-04-24] (Disc Soft Ltd -> Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [775296 2018-04-13] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [79552 2019-06-11] (Bitdefender SRL -> Bitdefender)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-04] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [625640 2015-04-24] (LENOVO -> Lenovo)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation -> NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation -> NVIDIA Corporation)
S3 PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2417376 2016-01-15] (pdfforge GmbH -> pdfforge GmbH)
S3 PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [1038048 2016-01-15] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF Architect 4 Creator; C:\Program Files\PDF Architect 4\creator-ws.exe [851168 2016-01-15] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF Architect 4 Manager; C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe [959248 2015-10-05] (pdfforge GmbH -> © pdfforge GmbH.)
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11791704 2019-03-18] (TeamViewer GmbH -> TeamViewer GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\NisSrv.exe [2433136 2019-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MsMpEng.exe [109896 2019-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe [495720 2018-07-04] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [672024 2015-02-27] (Wacom Technology Corp. -> Wacom Technology, Corp.)
S2 HPSupportSolutionsFrameworkService; "C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe" [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
S2 PMBDeviceInfoProvider; "C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe" [X]
S2 WsDrvInst; C:\Program Files (x86)\Wondershare\dr.fone\Library\DriverInstaller\DriverInstall.exe [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACT2PM; C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2ProcessMonitor64.sys [15160 2011-06-10] (Ashampoo GmbH & Co. KG -> )
S3 avckf; C:\WINDOWS\System32\DRIVERS\avckf.sys [593144 2013-04-17] (Bitdefender SRL -> BitDefender)
S1 bdfwfpf; C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [121928 2013-07-02] (Bitdefender SRL -> Bitdefender SRL)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-06-26] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-06-26] (Disc Soft Ltd -> Disc Soft Ltd)
R1 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [148696 2013-04-22] (Bitdefender SRL -> BitDefender LLC)
S3 hidkmdf; C:\WINDOWS\System32\drivers\hidkmdf.sys [14136 2014-10-25] (Wacom Technology Corp. -> Windows (R) Win 7 DDK provider)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [199768 2019-07-31] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2016-12-21] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvmo.inf_amd64_8c02cde12f55e370\nvlddmkm.sys [17493824 2018-02-05] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [214832 2015-12-08] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2016-12-21] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [47496 2019-06-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [337632 2019-06-13] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2019-06-13] (Microsoft Windows -> Microsoft Corporation)
S3 WsAudioDevice_383; C:\WINDOWS\system32\drivers\VirtualAudio.sys [31080 2015-02-02] (Wondershare Software Co., Ltd.  -> Wondershare)
R3 WUDFWpdComp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [264192 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S1 blkstujz; \??\C:\WINDOWS\system32\drivers\blkstujz.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-31 11:31 - 2019-07-31 11:31 - 000187439 _____ C:\Users\Jean-Philippe\Desktop\ZHPCleaner (R).txt
2019-07-31 11:19 - 2019-07-31 11:19 - 000194384 _____ C:\Users\Jean-Philippe\Desktop\ZHPCleaner (S).txt
2019-07-31 11:09 - 2019-07-31 11:09 - 003115904 _____ (Nicolas Coolman) C:\Users\Jean-Philippe\ZHPCleaner.exe
2019-07-31 10:57 - 2019-07-31 11:34 - 000000000 ____D C:\Users\Jean-Philippe\Desktop\Surf_Secure
2019-07-31 10:49 - 2019-07-31 10:49 - 000188249 _____ C:\Users\Jean-Philippe\Desktop\EJ1H.ods
2019-07-31 10:35 - 2019-07-31 10:49 - 000000100 ____H C:\Users\Jean-Philippe\Desktop\.~lock.EJ1H.ods#
2019-07-31 10:33 - 2019-07-31 10:33 - 000199768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-07-31 00:00 - 2019-07-31 00:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-07-30 14:19 - 2019-07-30 14:19 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2019-07-30 14:19 - 2019-07-30 14:19 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2019-07-30 14:19 - 2019-07-30 14:19 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2019-07-30 14:19 - 2019-07-30 14:19 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2019-07-29 18:06 - 2019-07-31 11:48 - 000000000 ____D C:\FRST
2019-07-28 19:14 - 2019-07-28 19:14 - 002602519 _____ C:\Users\Jean-Philippe\Desktop\VIAJE BÉLGICA Y HOLANDA.ods
2019-07-28 12:43 - 2019-07-28 12:43 - 020891464 _____ (Piriform Software Ltd) C:\Users\Jean-Philippe\Downloads\ccsetup560.exe
2019-07-27 19:34 - 2019-07-31 11:09 - 000000781 _____ C:\Users\Jean-Philippe\Desktop\ZHPCleaner.lnk
2019-07-27 19:33 - 2019-07-31 11:31 - 000000000 ____D C:\Users\Jean-Philippe\AppData\Roaming\ZHP
2019-07-27 19:33 - 2019-07-27 19:33 - 003072384 _____ (Nicolas Coolman) C:\Users\Jean-Philippe\Downloads\ZHPCleaner.exe
2019-07-27 19:33 - 2019-07-27 19:33 - 000000000 ____D C:\Users\Jean-Philippe\AppData\Local\ZHP
2019-07-27 19:27 - 2019-07-27 19:27 - 007623880 _____ (Malwarebytes) C:\Users\Jean-Philippe\Downloads\adwcleaner_7.4.exe
2019-07-27 19:17 - 2019-07-27 19:17 - 000003974 _____ C:\WINDOWS\System32\Tasks\EOSv3 Scheduler onLogOn
2019-07-27 19:17 - 2019-07-27 19:17 - 000003532 _____ C:\WINDOWS\System32\Tasks\EOSv3 Scheduler onTime
2019-07-27 14:26 - 2019-07-27 14:26 - 000001808 _____ C:\Users\Jean-Philippe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2019-07-27 12:07 - 2019-07-27 12:07 - 006822192 _____ (EnigmaSoft Limited) C:\Users\Jean-Philippe\Downloads\sh-remover.exe
2019-07-26 11:29 - 2019-07-26 11:29 - 000001916 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-07-26 11:29 - 2019-07-26 11:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-07-26 11:29 - 2019-06-26 13:00 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-07-26 11:29 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-07-26 11:08 - 2019-07-26 11:08 - 000200130 _____ C:\Users\Jean-Philippe\Desktop\GUtestHalf.ods
2019-07-23 13:58 - 2019-07-23 13:58 - 000004304 _____ C:\Users\Jean-Philippe\Downloads\octopus-cross-forex-trading-strategy.zip
2019-07-23 13:58 - 2019-07-23 13:58 - 000000000 ____D C:\Users\Jean-Philippe\Downloads\octopus-cross-forex-trading-strategy
2019-07-21 10:27 - 2019-07-21 10:27 - 001831825 _____ C:\Users\Jean-Philippe\Downloads\R4M-Indis_19199.zip
2019-07-18 19:42 - 2019-07-18 19:42 - 000234391 _____ C:\Users\Jean-Philippe\Desktop\GUtest.ods
2019-07-17 21:00 - 2019-07-27 16:40 - 000000000 ____D C:\Users\Jean-Philippe\AppData\Local\WallpaperHd
2019-07-17 18:52 - 2019-07-17 18:52 - 000013274 _____ C:\Users\Jean-Philippe\Downloads\consecutive candles 1_02.ex4
2019-07-17 18:52 - 2019-07-17 18:52 - 000004840 _____ C:\Users\Jean-Philippe\Downloads\VolumeAndVolatility update.mq4
2019-07-17 18:52 - 2019-07-17 18:52 - 000002176 _____ C:\Users\Jean-Philippe\Downloads\williams2.tpl
2019-07-17 16:13 - 2019-07-17 16:13 - 000029861 _____ C:\Users\Jean-Philippe\Desktop\Documents\GUBreakout.ods
2019-07-17 15:27 - 2019-07-17 15:27 - 003129271 _____ C:\Users\Jean-Philippe\Downloads\Mackenzi Lee - Guide 01 - La guia del caballero para el vicio y la virtud.pdf
2019-07-16 09:35 - 2019-07-16 09:35 - 000000000 ____D C:\Users\Jean-Philippe\Downloads\R4M-Indis_19196
2019-07-16 09:32 - 2019-07-16 09:32 - 001938292 _____ C:\Users\Jean-Philippe\Downloads\R4M-Indis_19196.zip
2019-07-15 20:18 - 2019-07-15 20:18 - 000051022 _____ C:\Users\Jean-Philippe\Desktop\Documents\DailyGUEJ.ods
2019-07-15 18:59 - 2019-07-15 18:59 - 000020027 _____ C:\Users\Jean-Philippe\Desktop\Documents\MACDTest.ods
2019-07-15 18:12 - 2019-07-15 18:12 - 000022043 _____ C:\Users\Jean-Philippe\Downloads\smFractalLevels_v1.mq4
2019-07-12 23:10 - 2019-07-12 23:10 - 002856645 _____ C:\Users\Jean-Philippe\Downloads\videoplayback.mp4
2019-07-12 18:19 - 2019-07-12 18:20 - 001736254 _____ C:\Users\Jean-Philippe\Downloads\R4M-Indis_19193.zip
2019-07-12 10:53 - 2019-07-12 10:53 - 000016686 _____ C:\Users\Jean-Philippe\Desktop\Documents\lONDONcLOSE.ods
2019-07-11 10:50 - 2019-07-11 10:50 - 000009275 _____ C:\Users\Jean-Philippe\Downloads\RIB ANZIN VALENCIENNES.pdf
2019-07-10 12:11 - 2019-07-30 18:17 - 000000000 ____D C:\Users\Jean-Philippe\Downloads\BailSalma
2019-07-09 22:04 - 2019-07-04 11:40 - 021390504 _____ (Microsoft Corporation)
7 

2019-07-09 22:04 - 2019-07-04 11:40 - 021390504 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-07-09 22:04 - 2019-07-04 06:56 - 007519896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-07-09 22:04 - 2019-07-04 06:42 - 006570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-07-09 22:04 - 2019-07-04 06:37 - 025857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-07-09 22:04 - 2019-07-04 06:33 - 022017536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-07-09 22:04 - 2019-07-04 06:29 - 022717440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-07-09 22:04 - 2019-07-04 06:25 - 019372544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-07-09 22:03 - 2019-07-04 11:43 - 000094008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-07-09 22:03 - 2019-07-04 11:40 - 001631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-07-09 22:03 - 2019-07-04 11:40 - 001616840 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-07-09 22:03 - 2019-07-04 11:40 - 000790416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-07-09 22:03 - 2019-07-04 11:22 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2019-07-09 22:03 - 2019-07-04 11:22 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-07-09 22:03 - 2019-07-04 11:21 - 008627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-07-09 22:03 - 2019-07-04 11:20 - 001609216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-07-09 22:03 - 2019-07-04 11:19 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2019-07-09 22:03 - 2019-07-04 11:18 - 003614208 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-07-09 22:03 - 2019-07-04 11:18 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-07-09 22:03 - 2019-07-04 10:56 - 001453416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-07-09 22:03 - 2019-07-04 10:54 - 000662352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-07-09 22:03 - 2019-07-04 10:51 - 020384128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-07-09 22:03 - 2019-07-04 10:41 - 007990784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-07-09 22:03 - 2019-07-04 10:37 - 002882048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-07-09 22:03 - 2019-07-04 10:36 - 001471488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-07-09 22:03 - 2019-07-04 07:00 - 001035040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-07-09 22:03 - 2019-07-04 06:58 - 001328440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2019-07-09 22:03 - 2019-07-04 06:58 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-07-09 22:03 - 2019-07-04 06:58 - 000416312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2019-07-09 22:03 - 2019-07-04 06:58 - 000192824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-07-09 22:03 - 2019-07-04 06:57 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-07-09 22:03 - 2019-07-04 06:57 - 001027384 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-07-09 22:03 - 2019-07-04 06:57 - 000986128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2019-07-09 22:03 - 2019-07-04 06:57 - 000776784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-07-09 22:03 - 2019-07-04 06:57 - 000723728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-07-09 22:03 - 2019-07-04 06:57 - 000708696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-07-09 22:03 - 2019-07-04 06:57 - 000568104 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-07-09 22:03 - 2019-07-04 06:57 - 000362264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2019-07-09 22:03 - 2019-07-04 06:57 - 000209424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-07-09 22:03 - 2019-07-04 06:57 - 000194360 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-07-09 22:03 - 2019-07-04 06:57 - 000137656 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2019-07-09 22:03 - 2019-07-04 06:57 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-07-09 22:03 - 2019-07-04 06:57 - 000091776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2019-07-09 22:03 - 2019-07-04 06:56 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-07-09 22:03 - 2019-07-04 06:56 - 007436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-07-09 22:03 - 2019-07-04 06:56 - 002810680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-07-09 22:03 - 2019-07-04 06:56 - 002571640 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-07-09 22:03 - 2019-07-04 06:56 - 001566520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2019-07-09 22:03 - 2019-07-04 06:56 - 001459120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-07-09 22:03 - 2019-07-04 06:56 - 001260776 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-07-09 22:03 - 2019-07-04 06:56 - 001141496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-07-09 22:03 - 2019-07-04 06:56 - 000983936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-07-09 22:03 - 2019-07-04 06:56 - 000767536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2019-07-09 22:03 - 2019-07-04 06:56 - 000734952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-07-09 22:03 - 2019-07-04 06:56 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-07-09 22:03 - 2019-07-04 06:56 - 000604984 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-07-09 22:03 - 2019-07-04 06:56 - 000493752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2019-07-09 22:03 - 2019-07-04 06:56 - 000115512 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-07-09 22:03 - 2019-07-04 06:43 - 000832016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2019-07-09 22:03 - 2019-07-04 06:43 - 000665440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-07-09 22:03 - 2019-07-04 06:43 - 000328696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2019-07-09 22:03 - 2019-07-04 06:43 - 000287376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2019-07-09 22:03 - 2019-07-04 06:43 - 000191800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-07-09 22:03 - 2019-07-04 06:42 - 006044008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-07-09 22:03 - 2019-07-04 06:42 - 002479176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-07-09 22:03 - 2019-07-04 06:42 - 001980984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-07-09 22:03 - 2019-07-04 06:42 - 001427768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2019-07-09 22:03 - 2019-07-04 06:42 - 000573808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2019-07-09 22:03 - 2019-07-04 06:42 - 000356312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2019-07-09 22:03 - 2019-07-04 06:42 - 000097272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2019-07-09 22:03 - 2019-07-04 06:41 - 000559328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-07-09 22:03 - 2019-07-04 06:26 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-07-09 22:03 - 2019-07-04 06:26 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-07-09 22:03 - 2019-07-04 06:26 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-07-09 22:03 - 2019-07-04 06:25 - 007589888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-07-09 22:03 - 2019-07-04 06:25 - 004861440 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-07-09 22:03 - 2019-07-04 06:25 - 003401216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-07-09 22:03 - 2019-07-04 06:25 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2019-07-09 22:03 - 2019-07-04 06:25 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2019-07-09 22:03 - 2019-07-04 06:24 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2019-07-09 22:03 - 2019-07-04 06:24 - 000567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-07-09 22:03 - 2019-07-04 06:24 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2019-07-09 22:03 - 2019-07-04 06:24 - 000153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-07-09 22:03 - 2019-07-04 06:23 - 001765888 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-07-09 22:03 - 2019-07-04 06:23 - 001217536 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-07-09 22:03 - 2019-07-04 06:23 - 000786432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2019-07-09 22:03 - 2019-07-04 06:22 - 003707904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-07-09 22:03 - 2019-07-04 06:22 - 002587648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2019-07-09 22:03 - 2019-07-04 06:22 - 002176000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-07-09 22:03 - 2019-07-04 06:22 - 001561088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-07-09 22:03 - 2019-07-04 06:22 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-07-09 22:03 - 2019-07-04 06:22 - 001175552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2019-07-09 22:03 - 2019-07-04 06:22 - 000300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2019-07-09 22:03 - 2019-07-04 06:22 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2019-07-09 22:03 - 2019-07-04 06:22 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2019-07-09 22:03 - 2019-07-04 06:21 - 005784064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-07-09 22:03 - 2019-07-04 06:21 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-07-09 22:03 - 2019-07-04 06:21 - 003202560 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-07-09 22:03 - 2019-07-04 06:21 - 002166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-07-09 22:03 - 2019-07-04 06:21 - 001920000 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-07-09 22:03 - 2019-07-04 06:21 - 001220608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2019-07-09 22:03 - 2019-07-04 06:21 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-07-09 22:03 - 2019-07-04 06:21 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2019-07-09 22:03 - 2019-07-04 06:21 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2019-07-09 22:03 - 2019-07-04 06:20 - 001156608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-07-09 22:03 - 2019-07-04 06:20 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-07-09 22:03 - 2019-07-04 06:20 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-07-09 22:03 - 2019-07-04 06:20 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2019-07-09 22:03 - 2019-07-04 06:19 - 000886272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-07-09 22:03 - 2019-07-04 06:19 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-07-09 22:03 - 2019-07-04 06:18 - 002602496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-07-09 22:03 - 2019-07-04 06:18 - 001076224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-07-09 22:03 - 2019-07-04 06:18 - 000965632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2019-07-09 22:03 - 2019-07-04 06:18 - 000953344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2019-07-09 22:03 - 2019-07-04 06:18 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2019-07-09 22:03 - 2019-07-04 06:17 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-07-09 22:03 - 2019-07-04 05:01 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim
2019-07-09 22:03 - 2019-06-21 10:50 - 000280584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2019-07-09 22:03 - 2019-06-13 14:15 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-07-09 22:03 - 2019-06-13 14:12 - 002871848 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-07-09 22:03 - 2019-06-13 14:05 - 000810296 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-07-09 22:03 - 2019-06-13 14:04 - 001721144 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-07-09 22:03 - 2019-06-13 14:00 - 000464696 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-07-09 22:03 - 2019-06-13 13:59 - 000740664 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-07-09 22:03 - 2019-06-13 13:58 - 000637752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-07-09 22:03 - 2019-06-13 13:58 - 000071480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-07-09 22:03 - 2019-06-13 13:56 - 000164152 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-07-09 22:03 - 2019-06-13 13:43 - 001048480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2019-07-09 22:03 - 2019-06-13 13:42 - 004038688 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-07-09 22:03 - 2019-06-13 13:42 - 000566536 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2019-07-09 22:03 - 2019-06-13 13:40 - 000540984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-07-09 22:03 - 2019-06-13 13:38 - 000766264 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2019-07-09 22:03 - 2019-06-13 13:37 - 000101192 _____ (Microsoft Corporation) C:\WINDOWS\system32\changepk.exe
2019-07-09 22:03 - 2019-06-13 13:36 - 000251000 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2019-07-09 22:03 - 2019-06-13 13:36 - 000236520 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2019-07-09 22:03 - 2019-06-13 13:35 - 001376688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-07-09 22:03 - 2019-06-13 13:34 - 000146888 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe
2019-07-09 22:03 - 2019-06-13 13:18 - 006586880 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-07-09 22:03 - 2019-06-13 13:18 - 004847104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-07-09 22:03 - 2019-06-13 13:17 - 012756992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-07-09 22:03 - 2019-06-13 13:17 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvdsitf.dll
2019-07-09 22:03 - 2019-06-13 13:17 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2019-07-09 22:03 - 2019-06-13 13:17 - 000109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2019-07-09 22:03 - 2019-06-13 13:17 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2019-07-09 22:03 - 2019-06-13 13:16 - 000767488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2019-07-09 22:03 - 2019-06-13 13:15 - 004718080 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-07-09 22:03 - 2019-06-13 13:15 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe
2019-07-09 22:03 - 2019-06-13 13:14 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2019-07-09 22:03 - 2019-06-13 13:14 - 000900096 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2019-07-09 22:03 - 2019-06-13 13:14 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-07-09 22:03 - 2019-06-13 13:14 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DesktopSwitcherDataModel.dll
2019-07-09 22:03 - 2019-06-13 13:13 - 002920448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2019-07-09 22:03 - 2019-06-13 13:13 - 001339392 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2019-07-09 22:03 - 2019-06-13 13:13 - 000951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-07-09 22:03 - 2019-06-13 13:13 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2019-07-09 22:03 - 2019-06-13 13:13 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2019-07-09 22:03 - 2019-06-13 13:12 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2019-07-09 22:03 - 2019-06-13 13:10 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2019-07-09 22:03 - 2019-06-13 12:07 - 001027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-07-09 22:03 - 2019-06-13 12:07 - 000660496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2019-07-09 22:03 - 2019-06-13 12:07 - 000221232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2019-07-09 22:03 - 2019-06-13 12:05 - 003700160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-07-09 22:03 - 2019-06-13 11:55 - 005657088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-07-09 22:03 - 2019-06-13 11:54 - 011942912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-07-09 22:03 - 2019-06-13 11:54 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmvdsitf.dll
2019-07-09 22:03 - 2019-06-13 11:53 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2019-07-09 22:03 - 2019-06-13 11:51 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2019-07-09 22:03 - 2019-06-13 11:50 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2019-07-09 22:03 - 2019-06-13 11:49 - 002406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-07-09 22:03 - 2019-06-13 11:49 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2019-07-09 22:03 - 2019-06-13 09:48 - 000677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
2019-07-09 22:03 - 2019-06-13 09:46 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2019-07-09 22:03 - 2019-06-13 09:01 - 000513336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-07-09 22:03 - 2019-06-13 09:01 - 000511288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-07-09 22:03 - 2019-06-13 09:01 - 000036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-07-09 22:03 - 2019-06-13 08:59 - 000785264 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-07-09 22:03 - 2019-06-13 08:47 - 005625160 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-07-09 22:03 - 2019-06-13 08:47 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-07-09 22:03 - 2019-06-13 08:46 - 001076536 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2019-07-09 22:03 - 2019-06-13 08:46 - 000510296 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-07-09 22:03 - 2019-06-13 08:46 - 000093984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-07-09 22:03 - 2019-06-13 08:45 - 002421560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-07-09 22:03 - 2019-06-13 08:44 - 002769688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-07-09 22:03 - 2019-06-13 08:44 - 002546704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2019-07-09 22:03 - 2019-06-13 08:44 - 001098272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-07-09 22:03 - 2019-06-13 08:44 - 001033696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2019-07-09 22:03 - 2019-06-13 08:44 - 000607112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2019-07-09 22:03 - 2019-06-13 08:44 - 000545808 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-07-09 22:03 - 2019-06-13 08:44 - 000130624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2019-07-09 22:03 - 2019-06-13 08:17 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-07-09 22:03 - 2019-06-13 08:16 - 001626112 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-07-09 22:03 - 2019-06-13 08:16 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2019-07-09 22:03 - 2019-06-13 08:15 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-07-09 22:03 - 2019-06-13 08:15 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-07-09 22:03 - 2019-06-13 08:15 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2019-07-09 22:03 - 2019-06-13 08:15 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2019-07-09 22:03 - 2019-06-13 08:15 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\KdsCli.dll
2019-07-09 22:03 - 2019-06-13 08:14 - 003318784 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2019-07-09 22:03 - 2019-06-13 08:14 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2019-07-09 22:03 - 2019-06-13 08:14 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-07-09 22:03 - 2019-06-13 08:14 - 000302080 _____ (Microsoft Corporation) C:\WINDOWS\system32\CXHProvisioningServer.dll
2019-07-09 22:03 - 2019-06-13 08:13 - 004771840 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2019-07-09 22:03 - 2019-06-13 08:13 - 002370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-07-09 22:03 - 2019-06-13 08:13 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2019-07-09 22:03 - 2019-06-13 08:13 - 000322560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-07-09 22:03 - 2019-06-13 08:13 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2019-07-09 22:03 - 2019-06-13 08:12 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-07-09 22:03 - 2019-06-13 08:12 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-07-09 22:03 - 2019-06-13 08:12 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-07-09 22:03 - 2019-06-13 08:12 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-07-09 22:03 - 2019-06-13 08:12 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2019-07-09 22:03 - 2019-06-13 08:12 - 000501248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2019-07-09 22:03 - 2019-06-13 08:11 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-07-09 22:03 - 2019-06-13 08:11 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2019-07-09 22:03 - 2019-06-13 08:11 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2019-07-09 22:03 - 2019-06-13 08:10 - 002912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-07-09 22:03 - 2019-06-13 08:10 - 001400832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-07-09 22:03 - 2019-06-13 08:10 - 001215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-07-09 22:03 - 2019-06-13 08:10 - 000871424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2019-07-09 22:03 - 2019-06-13 08:10 - 000869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-07-09 22:03 - 2019-06-13 08:10 - 000849408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2019-07-09 22:03 - 2019-06-13 08:10 - 000523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-07-09 22:03 - 2019-06-13 08:09 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-07-09 22:03 - 2019-06-13 08:09 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-07-09 22:03 - 2019-06-13 08:09 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2019-07-09 22:03 - 2019-06-13 08:08 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-07-09 22:03 - 2019-06-13 07:14 - 000415544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-07-09 22:03 - 2019-06-13 07:08 - 000443632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-07-09 22:03 - 2019-06-13 07:07 - 000101192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2019-07-09 22:03 - 2019-06-13 07:07 - 000080744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-07-09 22:03 - 2019-06-13 07:06 - 002256768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-07-09 22:03 - 2019-06-13 07:06 - 001130776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-07-09 22:03 - 2019-06-13 07:06 - 000581600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-07-09 22:03 - 2019-06-13 06:49 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2019-07-09 22:03 - 2019-06-13 06:47 - 003554304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2019-07-09 22:03 - 2019-06-13 06:47 - 002899456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2019-07-09 22:03 - 2019-06-13 06:47 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2019-07-09 22:03 - 2019-06-13 06:46 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-07-09 22:03 - 2019-06-13 06:46 - 000331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-07-09 22:03 - 2019-06-13 06:46 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2019-07-09 22:03 - 2019-06-13 06:45 - 000602112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2019-07-09 22:03 - 2019-06-13 06:45 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-07-09 22:03 - 2019-06-13 06:44 - 001003008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-07-09 22:03 - 2019-06-13 06:44 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2019-07-09 22:03 - 2019-06-13 06:44 - 000630784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2019-07-09 22:03 - 2019-06-13 06:44 - 000582144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2019-07-09 22:03 - 2019-06-13 06:44 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-07-09 22:03 - 2019-06-13 06:43 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-07-09 22:03 - 2019-06-13 06:43 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-07-09 22:03 - 2019-06-13 06:43 - 000445952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2019-07-09 10:43 - 2019-07-09 10:43 - 000013514 _____ C:\Users\Jean-Philippe\Desktop\Documents\CertificationAdresse.odt
2019-07-09 10:26 - 2019-07-09 10:26 - 000103190 _____ C:\Users\Jean-Philippe\Downloads\Coupon reponse + pieces a fournir.pdf
2019-07-08 16:02 - 2019-07-08 16:02 - 000018546 _____ C:\Users\Jean-Philippe\Desktop\Documents\EUFiltered.ods
2019-07-08 11:36 - 2019-07-08 11:36 - 000024760 _____ C:\Users\Jean-Philippe\Desktop\H4SMA5R.ods
2019-07-07 12:23 - 2019-07-07 12:23 - 000013240 _____ C:\Users\Jean-Philippe\Desktop\Muscle.ods

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-31 11:48 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-07-31 11:45 - 2018-05-25 08:20 - 000004214 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5E8903A2-D074-4F24-AA9B-3A448FA63464}
2019-07-31 11:42 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-07-31 11:42 - 2013-12-12 11:43 - 000000000 ____D C:\Users\Jean-Philippe\AppData\Roaming\Azureus
2019-07-31 11:21 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-07-31 11:21 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-07-31 11:10 - 2014-10-11 18:19 - 000000000 ____D C:\Program Files\Common Files\Sony Shared
2019-07-31 11:09 - 2018-05-25 07:47 - 000000000 ____D C:\Users\Jean-Philippe
2019-07-31 11:04 - 2018-05-25 08:20 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-07-31 11:04 - 2017-07-13 17:44 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-07-31 11:04 - 2016-09-22 20:39 - 000000000 ____D C:\ProgramData\NVIDIA
2019-07-31 11:04 - 2016-07-27 18:05 - 000000376 _____ C:\WINDOWS\Tasks\HPCeeScheduleForJean-Philippe.job
2019-07-31 11:03 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-07-31 11:02 - 2015-10-27 13:09 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2019-07-31 11:01 - 2015-10-27 13:15 - 000000000 ____D C:\Users\Jean-Philippe\AppData\Roaming\Hewlett-Packard
2019-07-31 11:01 - 2015-10-27 13:10 - 000000000 ____D C:\Users\Jean-Philippe\AppData\Local\Hewlett-Packard
2019-07-31 11:01 - 2015-10-27 13:07 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2019-07-31 11:01 - 2015-06-11 18:12 - 000000000 ____D C:\Users\Jean-Philippe\AppData\Local\Lenovo
2019-07-31 11:01 - 2015-06-11 18:11 - 000000000 ____D C:\Program Files (x86)\Lenovo
2019-07-31 11:01 - 2014-10-11 18:12 - 000000000 ____D C:\Program Files (x86)\Sony
2019-07-31 00:00 - 2017-05-09 10:56 - 000000000 ____D C:\Program Files (x86)\Dropbox
2019-07-30 22:18 - 2014-01-03 14:25 - 000000000 ____D C:\Users\Jean-Philippe\Desktop\SalMa
2019-07-30 21:07 - 2018-05-25 07:42 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-07-30 10:43 - 2018-05-25 08:20 - 000003300 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForJean-Philippe
2019-07-29 10:28 - 2019-05-03 12:13 - 000000000 ____D C:\RealBand
2019-07-28 19:02 - 2018-06-17 18:25 - 000000000 ____D C:\Users\Jean-Philippe\AppData\Local\D3DSCache
2019-07-28 12:54 - 2017-07-13 18:29 - 000000000 ____D C:\Users\Jean-Philippe\AppData\Roaming\TeamViewer
2019-07-28 12:53 - 2018-05-24 10:56 - 000000000 ___DC C:\WINDOWS\Panther
2019-07-28 12:53 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-07-28 12:44 - 2018-05-25 08:20 - 000003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-07-28 12:44 - 2017-10-28 21:58 - 000000867 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-07-28 12:44 - 2017-10-28 21:57 - 000000000 ____D C:\Program Files\CCleaner
2019-07-27 19:30 - 2017-10-04 12:08 - 000000000 ____D C:\AdwCleaner
2019-07-27 15:40 - 2017-10-26 22:14 - 000000000 ___HD C:\ProgramData\{CB28D9D3-6B5D-4AFA-BA37-B4AFAABF70B8}
2019-07-27 15:40 - 2016-03-02 13:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 4
2019-07-27 14:26 - 2017-10-28 14:26 - 000000000 ____D C:\Users\Jean-Philippe\AppData\Local\ESET
2019-07-27 12:12 - 2019-05-01 12:17 - 000000000 ____D C:\Program Files (x86)\IK Multimedia
2019-07-27 12:12 - 2019-05-01 12:16 - 000000000 ____D C:\Users\Jean-Philippe\Desktop\Documents\IK Multimedia
2019-07-27 12:12 - 2019-05-01 12:16 - 000000000 ____D C:\Program Files (x86)\VstPlugins
2019-07-27 12:11 - 2019-05-01 12:16 - 000000000 ____D C:\Program Files (x86)\PowerTracks DirectX Plugins
2019-07-26 11:29 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-07-25 17:53 - 2018-04-15 22:08 - 000000000 ____D C:\Program Files (x86)\NCH Software
2019-07-25 17:53 - 2014-01-22 00:05 - 000000000 ____D C:\Program Files (x86)\Telltale Games
2019-07-24 10:46 - 2017-07-10 13:29 - 000000000 ____D C:\Users\Jean-Philippe\JForex
2019-07-24 10:44 - 2017-07-10 13:29 - 000000000 ____D C:\Users\Jean-Philippe\AppData\Local\JForex
2019-07-17 21:01 - 2019-06-18 18:54 - 000000000 ____D C:\Users\Jean-Philippe\AppData\Roaming\HandBrake
2019-07-17 11:47 - 2018-12-25 13:22 - 000000000 ____D C:\Users\Jean-Philippe\Desktop\Skype
2019-07-17 09:45 - 2014-03-27 17:14 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-07-17 09:45 - 2014-03-27 17:14 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-07-15 00:24 - 2016-07-17 11:24 - 000000000 ____D C:\Users\Jean-Philippe\AppData\Local\Spotify
2019-07-14 23:52 - 2016-07-17 11:23 - 000000000 ____D C:\Users\Jean-Philippe\AppData\Roaming\Spotify
2019-07-14 11:47 - 2019-03-29 09:31 - 000000099 _____ C:\Users\Jean-Philippe\Desktop\CASA-NOTAS.txt
2019-07-10 22:29 - 2018-05-25 08:20 - 000003374 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4141171654-374504699-3676777031-1002
2019-07-10 22:29 - 2018-05-25 07:47 - 000002460 _____ C:\Users\Jean-Philippe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-07-10 22:29 - 2017-06-22 17:32 - 000000000 ___RD C:\Users\Jean-Philippe\OneDrive
2019-07-10 08:11 - 2018-05-25 07:58 - 001772030 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-07-10 08:11 - 2018-04-12 18:18 - 000787540 _____ C:\WINDOWS\system32\perfh00A.dat
2019-07-10 08:11 - 2018-04-12 18:18 - 000155670 _____ C:\WINDOWS\system32\perfc00A.dat
2019-07-10 08:05 - 2018-05-25 07:42 - 000711088 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-07-10 00:12 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-07-10 00:12 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-07-10 00:12 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-07-10 00:12 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-07-10 00:12 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-07-10 00:12 - 2018-04-11 23:04 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-07-10 00:11 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-07-10 00:11 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\Provisioning
2019-07-10 00:11 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-07-09 22:12 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-07-09 22:03 - 2013-12-16 00:54 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-07-09 21:59 - 2013-12-16 00:54 - 136618864 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories ================

2019-07-31 11:09 - 2019-07-31 11:09 - 003115904 _____ (Nicolas Coolman) C:\Users\Jean-Philippe\ZHPCleaner.exe
2014-06-08 20:14 - 2014-06-08 20:14 - 000000268 ___RH () C:\Users\Jean-Philippe\AppData\Roaming\Classical
2014-06-08 20:14 - 2014-06-08 20:14 - 000000268 ___RH () C:\Users\Jean-Philippe\AppData\Roaming\Clean Electric Guitar
2014-06-08 20:14 - 2014-06-08 20:14 - 000000268 ___RH () C:\Users\Jean-Philippe\AppData\Roaming\Clips
2017-12-14 15:04 - 2018-05-25 11:38 - 000017408 _____ () C:\Users\Jean-Philippe\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-03-17 12:59 - 2019-03-17 12:59 - 000000364 _____ () C:\Users\Jean-Philippe\AppData\Local\karboncalligraphyrc
2019-03-17 13:04 - 2019-03-17 13:04 - 000000110 _____ () C:\Users\Jean-Philippe\AppData\Local\kritadisplayrc
2018-06-25 20:09 - 2019-03-17 13:04 - 000022301 _____ () C:\Users\Jean-Philippe\AppData\Local\kritarc
2018-09-28 17:35 - 2018-09-28 17:35 - 000000000 _____ () C:\Users\Jean-Philippe\AppData\Local\oobelibMkey.log

==================== FLock ================

2017-07-24 14:11 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\the sims 4 city living.lnk
2017-07-24 14:11 C:\Users\Public\Desktop\the sims 4 city living.lnk

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================
8 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-07-2019 01
Ran by Jean-Philippe (31-07-2019 11:50:36)
Running from C:\Users\Jean-Philippe\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads
Windows 10 Home Version 1803 17134.885 (X64) (2018-05-25 06:21:10)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-4141171654-374504699-3676777031-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4141171654-374504699-3676777031-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4141171654-374504699-3676777031-1004 - Limited - Enabled)
Invitado (S-1-5-21-4141171654-374504699-3676777031-501 - Limited - Disabled)
Jean-Philippe (S-1-5-21-4141171654-374504699-3676777031-1002 - Administrator - Enabled) => C:\Users\Jean-Philippe
WDAGUtilityAccount (S-1-5-21-4141171654-374504699-3676777031-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: Bitdefender Antivirus Free Edition (Enabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371}
AS: Bitdefender Antivirus Free Edition (Enabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Able MP3 OGG to WAV converter 1.00 (HKLM-x32\...\AbleMP3) (Version:  - )
Actualización de NVIDIA 10.11.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.11.15 - NVIDIA Corporation) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.5.1.209 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.137 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.23) - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
AION Free-to-Play (HKLM-x32\...\{82E73E8D-E1E7-45A4-A311-6D31492AA913}_is1) (Version:  - Gameforge)
Apple Application Support (32 bits) (HKLM-x32\...\{308F2F8C-9D33-4B22-8A6C-D9C13DBEF8C6}) (Version: 7.0.2 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{0CB84A7D-9697-4526-A819-60FB050E8F05}) (Version: 7.0.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{77F8C879-88CD-4145-945A-541C35285285}) (Version: 12.0.0.1039 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
ArtRage Studio (HKLM-x32\...\{F01FEEFA-7894-4B53-B738-A80FEF32CB4D}) (Version: 3.5.12 - Ambient Design)
Ashampoo AppLauncher v.1.0.0 (HKLM-x32\...\Ashampoo AppLauncher_is1) (Version: 1.0.0 - Ashampoo GmbH & Co. KG)
Ashampoo Burning Studio 11 v.11.0.4 (HKLM-x32\...\Ashampoo Burning Studio 11_is1) (Version: 11.0.4 - Ashampoo GmbH & Co. KG)
Ashampoo Core Tuner 2 v.2.0.1 (HKLM-x32\...\Ashampoo Core Tuner 2_is1) (Version: 2.01 - Ashampoo GmbH & Co. KG)
Ashampoo GetBack Photo v.1.0.1 (HKLM-x32\...\Ashampoo GetBack Photo_is1) (Version: 1.0.1 - Ashampoo GmbH & Co. KG)
Ashampoo HDD Control 2 v.2.1.0 (HKLM-x32\...\Ashampoo HDD Control 2_is1) (Version: 2.1.0 - Ashampoo GmbH & Co. KG)
Ashampoo Music Studio 4 v.4.0.1 (HKLM-x32\...\Ashampoo Music Studio 4_is1) (Version: 4.0.1 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Commander 10 v.10.1.3 (HKLM-x32\...\Ashampoo Photo Commander 10_is1) (Version: 10.1.3 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Optimizer 5 v.5.1.2 (HKLM-x32\...\Ashampoo Photo Optimizer 5_is1) (Version: 5.1.2 - Ashampoo GmbH & Co. KG)
Ashampoo Slideshow Studio HD 2 v.2.0.5 (HKLM-x32\...\Ashampoo Slideshow Studio HD 2_is1) (Version: 2.0.5 - Ashampoo GmbH & Co. KG)
Ashampoo Snap 5 v.5.1.5 (HKLM-x32\...\Ashampoo Snap 5_is1) (Version: 5.1.5 - Ashampoo GmbH & Co. KG)
Ashampoo UnInstaller 4 v.4.30 (HKLM-x32\...\Ashampoo UnInstaller 4_is1) (Version: 4.3.0 - Ashampoo GmbH & Co. KG)
Ashampoo Video Styler v.1.0.1 (HKLM-x32\...\Ashampoo Video Styler_is1) (Version: 1.0.1 - Ashampoo GmbH & Co. KG)
Ashampoo WinOptimizer 9 v.9.04.31 (HKLM-x32\...\Ashampoo WinOptimizer 9_is1) (Version: 9.04.31 - Ashampoo GmbH & Co. KG)
aTube Catcher versión 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Autodesk SketchBook Express 6.2 (HKLM-x32\...\{34CBACD3-040E-43D6-86C1-9FBE44B180BF}) (Version: 6.2.0000 - Autodesk)
Autodesk SketchBook Pro for Enterprise 2014 (HKLM-x32\...\{1CAC5CBC-8EDC-4874-A883-FD11CAC884D0}) (Version: 6.10.0000 - Autodesk) Hidden
Autodesk SketchBook Pro for Enterprise 2014 (HKLM-x32\...\Autodesk SketchBook Pro for Enterprise 2014) (Version: 6.10.0000 - Autodesk)
Avid License Control (HKLM-x32\...\{F187D064-F101-4E95-8D05-4027809AA0F8}) (Version: 3.0.1 - Avid Technology, Inc.)
Bitdefender Antivirus Free Edition (HKLM\...\BitDefender Gonzales) (Version: 1.0.21.1109 - Bitdefender)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
calibre (HKLM-x32\...\{1E7FE48B-D11C-4B7A-BEEE-461ECC16BAAA}) (Version: 3.44.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.60 - Piriform)
CLIP STUDIO 1.7.8 (HKLM-x32\...\{49274EB8-4598-47E6-8039-9BB7CE07627E}) (Version: 1.7.8 - CELSYS)
CLIP STUDIO PAINT 1.7.8 (HKLM-x32\...\{1E4572D2-28BC-4BC9-B743-13DC6CFD71DB}) (Version: 1.7.8 - CELSYS)
Contents (HKLM-x32\...\{1CDDC143-E149-4945-A5C9-8B366D8C2FC6}) (Version: 18.0.1.26 - Corel Corporation) Hidden
Corel VideoStudio X8 (HKLM-x32\...\_{A22A80C4-F237-4B5A-825F-0731971ECBE6}) (Version: 18.0.1.26 - Corel Corporation)
CyberLink Home Cinema 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
CyberLink PowerRecover (HKLM\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.0913 - CyberLink Corp.) Hidden
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.0913 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.1.0232 - Disc Soft Ltd)
Dropbox (HKLM-x32\...\Dropbox) (Version: 78.4.119 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.189.1 - Dropbox, Inc.) Hidden
Dukascopy MetaTrader 4 (HKLM-x32\...\Dukascopy MetaTrader 4) (Version: 4.00 - MetaQuotes Software Corp.)
EarMaster Pro 5 (HKLM-x32\...\EarMaster Pro 5_is1) (Version: 5.0 - EarMaster ApS)
Epic Games Launcher (HKLM-x32\...\{007C8EFF-D02C-45CC-B4AE-F34BD5A7ABF5}) (Version: 1.1.149.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Fotogalerie (HKLM-x32\...\{0FD66C6F-4023-4C74-AF8E-9B8B2053868E}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotogalerija (HKLM-x32\...\{BE2DE42A-6696-4EE7-9E59-B9385F339DD3}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotogalleri (HKLM-x32\...\{92E22997-3614-4ED9-9D53-C6C09B105BE9}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotogalleriet (HKLM-x32\...\{F38BCC33-D42A-44EB-B62F-B3BB89B29FAF}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (HKLM-x32\...\{06738361-EB60-40D7-84BC-7807ED7EF282}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotótár (HKLM-x32\...\{8D977EAA-DF3E-4054-A98D-F27AEB0248DD}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Freemake Video Converter versión 4.1.10.0 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.10.0 - Ellora Assets Corporation)
Galeria de Fotografias (HKLM-x32\...\{6DFF6F1B-F876-4007-AC82-42D5DDF0E090}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galería de fotos (HKLM-x32\...\{198CEF22-A27F-4DC7-9B66-2C22A4B1CA09}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galeria fotografii (HKLM-x32\...\{207DA277-6A6D-4863-B535-129931D2BB21}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galerie de photos (HKLM-x32\...\{F4D99A13-F63A-4FC1-8799-CFFDB78DDFB3}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
GeForce Experience NvStream Client Components (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC) (Version: 1.6.28 - NVIDIA Corporation) Hidden
GFExperience.Deployer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.Deployer) (Version: 3.12.0.84 - NVIDIA Corporation) Hidden
Global Prime - MetaTrader 4 (HKLM-x32\...\Global Prime - MetaTrader 4) (Version: 6.00 - MetaQuotes Software Corp.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.142 - Google LLC)
Google Earth Pro (HKLM\...\{70A0F34E-564B-4F93-ADD6-3BAEC6E44075}) (Version: 7.3.2.5776 - Google)
Google SketchUp 8 (HKLM-x32\...\{D379380A-3B00-4DB2-8F87-A6A4D07CF07E}) (Version: 3.0.14361 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Hofmann 11.1.0.9 (HKLM-x32\...\{45ED9F18-2162-4954-AF96-C43C797EACFE}) (Version: 11.1.0 - Hofmann)
HP Deskjet 3050 J610 series Ayuda (HKLM-x32\...\{F7632A9B-661E-4FD9-B1A4-3B86BC99847F}) (Version: 140.0.63.63 - Hewlett Packard)
HP Deskjet 3050 J610 series Estudio para la mejora del producto (HKLM\...\{1806B0A9-08B2-4044-9898-7B6E5E3F233D}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3050 J610 series Software básico del dispositivo (HKLM\...\{954F6D3C-A24F-4231-8885-24C1E55AF064}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3050A J611 series Ayuda (HKLM-x32\...\{97DDCAB8-B770-4089-A10F-67568069D78A}) (Version: 140.0.2.2 - Hewlett Packard)
HP Deskjet 3050A J611 series Estudio para la mejora del producto (HKLM\...\{6C20FCC8-E40D-4011-AAAD-B00DCF0BAA98}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3050A J611 series Software básico del dispositivo (HKLM\...\{143259FE-9C5D-4AA0-BC95-AADB5E8C49D7}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Support Solutions Framework (HKLM-x32\...\{1B27BDCF-4A5B-4D70-9590-7D50247DC1D4}) (Version: 12.11.27.1 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
ICA (HKLM-x32\...\{A22A80C4-F237-4B5A-825F-0731971ECBE6}) (Version: 18.0.1.26 - Corel Corporation) Hidden
iCloud (HKLM\...\{5BD11939-D2C2-4F1B-AAAF-5ECE19A801F7}) (Version: 7.4.0.111 - Apple Inc.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
IPM_VS_Pro (HKLM-x32\...\{CEE838EA-72D1-4149-91F5-5591AFE0CBBC}) (Version: 18.0 - Corel Corporation) Hidden
iTunes (HKLM\...\{1C14608E-94E0-4399-8837-A5A2810D4AFA}) (Version: 12.9.0.167 - Apple Inc.)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
JForex Platform (HKU\S-1-5-21-4141171654-374504699-3676777031-1002\...\0122-2184-6270-6925) (Version: 2.12 - Dukascopy Bank SA)
Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Krita (x64) 4.0.4 (HKLM\...\Krita_x64) (Version: 4.0.4.100 - Krita Foundation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
LibreOffice 6.1.2.1 (HKLM\...\{E5FC66AA-995A-488A-BEBE-8B5C351F939A}) (Version: 6.1.2.1 - The Document Foundation)
Los Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.25.136.1020 - Electronic Arts Inc.)
Malwarebytes versión 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Manager (HKLM-x32\...\{A11F05A4-7CAD-4F85-8C85-DCA18E3E208D}) (Version: 4.0.1.25166 - 2015 pdfforge GmbH. All rights reserved) Hidden
MediaHuman Audio Converter versión 1.9.6.4 (HKLM-x32\...\MHAudioConverter_is1) (Version: 1.9.6.4 - MediaHuman)
MediBang Paint Pro 18.0 (64-bit) (HKLM\...\MediBang Paint Pro_is1) (Version: 18.0 - Medibang)
MergeModule_x64 (HKLM\...\{3D576235-F0CE-4B50-A9C6-0775B9E50B63}) (Version: 9.0.02 - Sony Corporation) Hidden
MergeModule_x86 (HKLM-x32\...\{306CBA87-E890-4FBB-9AB8-E65C96D352B2}) (Version: 9.0.02 - Sony Corporation) Hidden
MetaTrader - Alpari UK (HKLM-x32\...\MetaTrader - Alpari UK) (Version: 4.00 - MetaQuotes Software Corp.)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4141171654-374504699-3676777031-1002\...\OneDriveSetup.exe) (Version: 19.103.0527.0003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
MotionArtist 1.1 (HKLM\...\MotionArtist11_is1) (Version: 1.1 - Smith Micro Software, Inc.)
Movie Maker (HKLM-x32\...\{0A958D81-B6FB-4BB2-82A8-67469F2D54AB}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{0FD2B9C6-DB91-48EA-9518-AB5B68CA1E28}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{2F2363F9-102C-448B-8E3E-02FCFE78A28D}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{3C5F91EF-5C0B-4D13-BCBE-0FC6FC3ED7F9}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{4FB56489-F34B-42AA-9437-FB9E0B0543F7}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{510807D0-219E-43ED-973F-A382FEA66039}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{57E9679B-A7D2-4662-A96B-B6A4F64420D8}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{5B91D34E-B583-4E08-BB48-4F18086A0DB7}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{6066D3FE-3692-4449-A3C8-D1EAA2C0E9E7}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{6E027BEA-AEFF-4AFB-9449-7CE7AE32085D}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{705C31EB-E0AB-4C1F-A834-993F9E08B085}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{7693587D-5D66-4208-ABEA-C370217D1D9B}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{8E038DF1-B140-46D6-9D82-1BDF8DC56764}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{9C82436F-F19C-42A4-B476-F87A28A95BF9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{B1865FCC-BE34-4800-AF2F-FB0120821B6A}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{E169436E-49D8-419B-A5C0-D245EAF99611}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 31.0 (x86 es-ES) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 es-ES)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MuseScore 1.3 (HKLM-x32\...\MuseScore) (Version: 1.3.0 - Werner Schweer and Others)
MuseScore 2 (HKLM-x32\...\{DC8A2B29-D9A7-4D67-A049-BC0A659A2B57}) (Version: 2.1.0 - Werner Schweer and Others)
Nikon File Uploader 2 (HKLM-x32\...\{D1E7142C-6BC3-49EB-A71A-E5D7ADAC7599}) (Version: 2.00.0001 - Nikon)
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.0.1 - Nikon)
Nostale(ES) (HKLM-x32\...\NosTale(ES)_is1) (Version:  - Gameforge 4D GmbH)
NVIDIA Controlador de 3D Vision 390.77 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 390.77 - NVIDIA Corporation)
NVIDIA Controlador de audio HD 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 390.77 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 390.77 - NVIDIA Corporation)
NVIDIA Controlador de la controladora 3D Vision 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.1 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.19 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{EFC97BC6-345A-4861-ACD5-0D3181252924}) (Version: 4.11.9775 - Apache Software Foundation)
PaintTool SAI Ver.1 (HKLM-x32\...\PaintToolSAI) (Version:  - )
Panel de control de NVIDIA 390.77 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 390.77 - NVIDIA Corporation) Hidden
PDF Architect 4 (HKLM-x32\...\PDF Architect 4) (Version: 4.0.34.26215 - pdfforge GmbH)
PDF Architect 4 Create Module (HKLM\...\{D646643B-56BD-43B2-9932-9C03D7E90FED}) (Version: 4.0.12.26604 - pdfforge GmbH) Hidden
PDF Architect 4 Edit Module (HKLM\...\{792B82BA-6895-4719-B603-E198AEE90D68}) (Version: 4.0.12.26604 - pdfforge GmbH) Hidden
PDF Architect 4 View Module (HKLM\...\{FF4FA406-055A-479E-B025-1AAA7FFAA39F}) (Version: 4.0.12.26604 - pdfforge GmbH) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.3.0 - pdfforge GmbH)
Picture Control Utility (HKLM-x32\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.2.0 - Nikon)
PMB_ModeEditor (HKLM-x32\...\{19FEBF46-AE2C-45C7-BF9F-E254A4B3E717}) (Version: 9.0.02 - Sony Corporation) Hidden
PMB_ServiceUploader (HKLM-x32\...\{D0A231B2-5921-45B7-A2FC-4EC937D6E020}) (Version: 9.0.02 - Sony Corporation) Hidden
Podstawowe programy Windows Live (HKLM-x32\...\{FA12037C-B6FA-4825-86BC-D58AA6A9CC24}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Prezi (HKLM-x32\...\{63B8F931-2BF3-4D5D-9C28-E2EF88D83DFD}) (Version: 5.2.8 - Nombre de su organización)
Prism, convertidor de archivos de vídeo (HKLM-x32\...\Prism) (Version: 4.08 - NCH Software)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Raccolta foto (HKLM-x32\...\{FA6BC7A5-85B3-4DC2-825C-D508E386151A}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.18.621.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7027 - Realtek Semiconductor Corp.)
Samsung Kies3 (HKLM-x32\...\{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.)
Setup (HKLM-x32\...\{CC55892B-B7A6-4F5F-BFB4-F69D77E2D7D5}) (Version: 18.0.1.26 - Corel Corporation) Hidden
Share (HKLM-x32\...\{3BB9B652-3725-419E-869F-7A5F7FE82C28}) (Version: 18.0.1.26 - Corel Corporation) Hidden
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 1.6.85 - NVIDIA Corporation) Hidden
Sibelius 7 OpenType Fonts (HKLM-x32\...\{623C2BD8-1B28-4F98-B578-E9D139827269}) (Version: 7.1.3 - Avid)
Sibelius 7.5 (HKLM\...\{BBADBAB3-56A4-444B-834E-D8730B574C3E}) (Version: 7.5.0.164 - Avid Technology)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype versión 8.34 (HKLM-x32\...\Skype_is1) (Version: 8.34 - Skype Technologies S.A.)
SOHLib for PlayMemories Home (HKLM\...\{F07F9109-D141-4E88-BFF5-0206D61994F5}) (Version: 1.0.3.02170 - Sony Corporation) Hidden
SPORE(TM) (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.00.0000 - Electronic Arts)
Spotify (HKU\S-1-5-21-4141171654-374504699-3676777031-1002\...\Spotify) (Version: 1.1.10.540.gfcf0430f - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Tableta Wacom (HKLM\...\Wacom Tablet Driver) (Version: 6.3.11-4 - Wacom Technology Corp.)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.2.2558 - TeamViewer)
The Sims 4 (HKLM-x32\...\The Sims 4 (c) Electronic Arts_is1) (Version: 1.2.16.10 - )
The Sims 4: City Living (HKLM\...\dGhlc2ltczRjaXR5bGl2aW5n_is1) (Version: 1 - )
Tickmill MT4 Client Terminal (HKLM-x32\...\Tickmill MT4 Client Terminal) (Version: 4.00 - MetaQuotes Software Corp.)
Transcribe! 8.40 (HKLM-x32\...\Transcribe!_is1) (Version: 8.40 - Seventh String Software)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 4.2 - Ubisoft)
Valokuvavalikoima (HKLM-x32\...\{245C4CCD-8829-469C-9278-2BA330BEB8F4}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
VidCoder 1.3.2 (x86) (HKLM-x32\...\VidCoder_is1) (Version: 1.3.2 - RandomEngy)
ViewNX 2 (HKLM-x32\...\{DDD62492-32A7-412B-8AF1-2CF032AD42E3}) (Version: 2.0.1 - Nikon)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
VSClassic (HKLM-x32\...\{C8686FE2-D759-4304-9791-66ED3C1A7789}) (Version: 18.0.1.26 - Corel Corporation) Hidden
VSPro (HKLM-x32\...\{80466AAD-8460-4DEA-B587-E57E8E3A1655}) (Version: 18.0.1.26 - Corel Corporation) Hidden
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.5.0.0 - Azureus Software, Inc.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Your Free Video Converter 1.0 (HKLM-x32\...\Your Free Video Converter_is1) (Version:  - ourfreeware Studio)
Zoo Tycoon 2 (HKLM-x32\...\Zoo Tycoon 2) (Version: 1.0 - Microsoft)
Συλλογή φωτογραφιών (HKLM-x32\...\{032CB0D7-FDBF-4CA9-901B-A4C1B01B1777}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Packages:
=========
Adobe Photoshop Express: Editor de imágenes, Ajustes, Filtros, Efectos, Bordes -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobePhotoshopExpress_3.0.316.0_x64__ynb6jyjzte8ga [2019-05-25] (Adobe Inc.)
Ashampoo ImageFX for Medion -> C:\Program Files\WindowsApps\AshampooMedion.AshampooImageFXforMedion_1.0.2.14_x64__g53hytncy48pj [2017-10-27] (Ashampoo GmbH &amp; Co. KG)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.0.2.0_x64__tf1gferkr813w [2019-05-27] (Autodesk Inc.)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1550.4.0_x86__kgqvnymyfvs32 [2019-07-15] (king.com)
Complemento de teléfono de Microsoft -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1802.311.0_x64__8wekyb3d8bbwe [2018-02-13] (Microsoft Corporation)
Convertidor de YouTube por Flvto.com -> C:\Program Files\WindowsApps\Hotger.com.YouTubeConverterbywww.flvto.com_2.0.58.0_x64__cg7p2qfgefa1a [2018-06-01] (Белов Кирилл Леонидович) [MS Ad]
Correo y Calendario -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe [2019-07-10] (Microsoft Corporation) [MS Ad]
Cut The Rope -> C:\Program Files\WindowsApps\ZeptoLabUKLimited.CutTheRope_1.2.0.43_x86__sq9zxnwrk84pj [2017-10-27] (ZeptoLab UK Limited)
Cyberlink PowerDVD_BE -> C:\Program Files\WindowsApps\CyberLinkCorp.me.PowerDVDforMedion_1.1.918.19562_x86__fyjd2029wheaw [2017-10-27] (CYBERLINK COM)
eBay -> C:\Program Files\WindowsApps\eBayInc.eBay_1.6.0.34_neutral__1618n3s9xq8tw [2017-10-27] (eBay, Inc)
Facebook -> C:\Program Files\WindowsApps\Facebook.Facebook_186.2191.46880.0_x86__8xx8rvfyw5nnt [2019-03-27] (Facebook Inc)
Fresh Paint -> C:\Program Files\WindowsApps\Microsoft.FreshPaint_3.1.10383.1000_x86__8wekyb3d8bbwe [2019-06-08] (Microsoft Corporation)
GRU. MI VILLANO FAVORITO: Minion Rush -> C:\Program Files\WindowsApps\GAMELOFTSA.DespicableMeMinionRush_4.1.3.10_x86__0pp20fcewvvtj [2019-05-31] (GAMELOFT  SA)
HP Scan and Capture -> C:\Program Files\WindowsApps\AD2F1837.HPScanandCapture_40.0.245.0_x64__v10z8vjag6ke6 [2017-10-27] (Hewlett-Packard Company)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_100.1.581.0_x64__v10z8vjag6ke6 [2019-07-20] (HP Inc.)
Instagram HD! -> C:\Program Files\WindowsApps\55667CoolStoreDevsPandora.InstagramHD_4.0.0.0_neutral__fsgj3pht8nmqt [2017-10-27] (YouTube Facebook Instagram Cool Store Devs)
Jetpack Joyride -> C:\Program Files\WindowsApps\HalfbrickStudiosPtyLtd.JetpackJoyride_1.0.3.68_x86__w77bc8x1h5kya [2017-10-27] (Halfbrick Studios Pty Ltd)
LINE -> C:\Program Files\WindowsApps\NAVER.LINEwin8_5.18.2.0_x86__8ptj331gd3tyt [2019-07-31] (LINE Corporation)
Medion Mediathek -> C:\Program Files\WindowsApps\D305113D.MedionMediathek_1.1.0.12_neutral__ka6x32c4zxtnt [2017-10-27] (Tune In)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-16] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-16] (Microsoft Corporation) [MS Ad]
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_3.9.4100.0_x64__8wekyb3d8bbwe [2019-04-19] (Microsoft Studios) [MS Ad]
Microsoft Minesweeper -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMinesweeper_2.7.4300.0_x86__8wekyb3d8bbwe [2018-05-17] (Microsoft Studios) [MS Ad]
Microsoft News: Noticias destacadas en español -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-19] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-17] (Microsoft Studios) [MS Ad]
Microsoft Ultimate Word Games -> C:\Program Files\WindowsApps\Microsoft.Studios.Wordament_3.5.3272.0_x64__8wekyb3d8bbwe [2018-04-14] (Microsoft Studios) [MS Ad]
MiTele -> C:\Program Files\WindowsApps\MediasetEspaa.MiTele_1.2.0.0_x86__kpjf710sqccx2 [2017-10-27] (MEDIASET ESPAÑA COMUNICACION)
MSN Deportes -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-19] (Microsoft Corporation) [MS Ad]
MSN Dinero -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-19] (Microsoft Corporation) [MS Ad]
MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-20] (Microsoft Corporation) [MS Ad]
MSN Recetas -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2017-10-27] (Microsoft Corporation) [MS Ad]
MSN Salud y Bienestar -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2017-10-27] (Microsoft Corporation) [MS Ad]
MSN Viajes -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2017-10-27] (Microsoft Corporation) [MS Ad]
Photo Editor -> C:\Program Files\WindowsApps\57AB5DD0.PhotoEditor_2.0.0.3_x86__6hb943tstq5q8 [2017-10-27] (Aviary, Inc.)
PhotoMontager -> C:\Program Files\WindowsApps\50476MoonlightingHK.PhotoMontager_2.1.1.0_x64__2gcjbrjjgwq7t [2017-10-27] (Moonlighting HK) [MS Ad]
Pinball FX2 -> C:\Program Files\WindowsApps\Microsoft.Studios.PinballFx2_1.8.1.957_x86__8wekyb3d8bbwe [2017-10-27] (Microsoft Studios)
Red Karaoke -> C:\Program Files\WindowsApps\PlanetaRedSL.RedKaraoke_1.0.0.13_x64__g3044w6pga2pe [2017-10-27] (Planeta Red SL)
Shazam -> C:\Program Files\WindowsApps\ShazamEntertainmentLtd.Shazam_4.7.9.0_x86__pqbynwjfrbcg4 [2017-10-27] (Shazam Entertainment Ltd)
Six-Guns -> C:\Program Files\WindowsApps\GAMELOFTSA.Six-Guns_1.0.0.5_x64__0pp20fcewvvtj [2017-10-27] (GAMELOFT  SA)
Taptiles -> C:\Program Files\WindowsApps\Microsoft.Taptiles_2.6.288.0_x86__8wekyb3d8bbwe [2018-10-25] (Microsoft Studios) [MS Ad]
Teléfono Microsoft -> C:\Program Files\WindowsApps\Microsoft.CommsPhone_3.43.20002.1000_x64__8wekyb3d8bbwe [2018-09-08] (Microsoft Corporation)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-08] (Twitter Inc.)
UNO ™ & Friends – ¡El juego clásico de cartas llega a las redes sociales! -> C:\Program Files\WindowsApps\GAMELOFTSA.UNOFriends_1.9.2.1_x86__0pp20fcewvvtj [2017-10-27] (GAMELOFT  SA)
VEVO -> C:\Program Files\WindowsApps\VEVOLLC.VEVO_1.1.1.66_x64__q6c550x48bf80 [2017-10-27] (VEVO LLC)
Viber - Free Phone Calls & Text -> C:\Program Files\WindowsApps\2414FC7A.Viber-FreePhoneCallsText_4.1.4.0_x86__p61zvh252yqyr [2017-10-27] (VIBER MEDIA S.à r.l.)
Where's My Water? 2 -> C:\Program Files\WindowsApps\Disney.WheresMyWater2_1.3.0.8_x86__6rarf9sa4v8jt [2017-10-27] (Disney)
YouTube HD! -> C:\Program Files\WindowsApps\55667CoolStoreDevsPandora.YouTubeHD_5.0.0.0_neutral__fsgj3pht8nmqt [2017-10-27] (YouTube Facebook Instagram Cool Store Devs)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4141171654-374504699-3676777031-1002_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Jean-Philippe\Dropbox [2017-05-09 11:01]
CustomCLSID: HKU\S-1-5-21-4141171654-374504699-3676777031-1002_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-01-22] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-01-22] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-01-22] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-01-22] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} =>  -> No File
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [Gonzales] -> {A50F8401-953F-4C11-8B77-1278C6C7C3F4} => C:\Program Files\Bitdefender\Antivirus Free Edition\GzShellIntegration.dll [2019-06-11] (Bitdefender SRL -> Bitdefender)
ContextMenuHandlers1: [PDFArchitect4_ManagerExt] -> {3AECFCB3-8472-48E9-BC7B-5A3CD945C886} => C:\Program Files\PDF Architect 4\creator-context-menu.dll [2016-01-15] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2016-02-19] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2018-03-18] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} =>  -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} =>  -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} =>  -> No File
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-01-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-01-22] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [Gonzales] -> {A50F8401-953F-4C11-8B77-1278C6C7C3F4} => C:\Program Files\Bitdefender\Antivirus Free Edition\GzShellIntegration.dll [2019-06-11] (Bitdefender SRL -> Bitdefender)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2013-05-11 18:45 - 2013-05-11 18:45 - 000733696 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
2011-03-31 17:52 - 2011-03-31 17:52 - 000499712 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\MSVCP71.dll
2011-03-31 17:52 - 2011-03-31 17:52 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\MSVCR71.dll
2014-01-08 00:34 - 2013-12-10 04:14 - 001100248 _____ (NVIDIA CORPORATION -> NVIDIA Corporation) [File not signed] C:\WINDOWS\system32\nvspcap64.dll
2018-05-25 07:46 - 2018-01-24 00:42 - 000877440 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll
2018-05-25 07:46 - 2018-01-24 00:42 - 000343912 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\NvStereo\_nvstapisvr64.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Public\AppData:CSM [488]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [468]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2017-10-27 22:13 - 000000876 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Common Files\Propellerhead Software\ReWire\;C:\Program Files\Common Files\Propellerhead Software\ReWire\;C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin;c:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Calibre2\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-4141171654-374504699-3676777031-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Nikon Message Center 2"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKU\S-1-5-21-4141171654-374504699-3676777031-1002\...\StartupApproved\Run: => "AppLauncher"
HKU\S-1-5-21-4141171654-374504699-3676777031-1002\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-4141171654-374504699-3676777031-1002\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-4141171654-374504699-3676777031-1002\...\StartupApproved\Run: => "HP Deskjet 3050 J610 series (NET)"
HKU\S-1-5-21-4141171654-374504699-3676777031-1002\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-4141171654-374504699-3676777031-1002\...\StartupApproved\Run: => "msnmsgr"
HKU\S-1-5-21-4141171654-374504699-3676777031-1002\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-4141171654-374504699-3676777031-1002\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-4141171654-374504699-3676777031-1002\...\StartupApproved\Run: => "Chromium"
HKU\S-1-5-21-4141171654-374504699-3676777031-1002\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-4141171654-374504699-3676777031-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-4141171654-374504699-3676777031-1002\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-4141171654-374504699-3676777031-1002\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-4141171654-374504699-3676777031-1002\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-4141171654-374504699-3676777031-1002\...\StartupApproved\Run: => "iCloudServices"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{35F6C392-B91F-4DD4-99B1-72281D824B7C}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{4B8A9330-709A-4715-94C5-AD4D36C3508C}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{F690CFB7-A420-416F-ACFF-619D51192F47}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{E95CEE39-5688-45E4-AEC8-2197BBCA5F11}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{34CCF1A7-4D4B-4382-9671-64E749F0FC77}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{D4DF2B07-F5B4-4901-8269-658EF080945D}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{00D914D5-B8DA-4462-9564-DFABA75679AA}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C8C523F4-D08E-47F2-A2EB-EC2A6A7D8681}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{5ABEF310-E2FB-4046-89A6-ADD85AFEE930}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{9768354D-16B2-4370-9E41-F9B67898EE44}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{0F90B065-59CE-4D1E-80D4-ACEBC6D0C61B}] => (Allow) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{2D4E1ED5-FA66-4DD4-984E-D96023B36D40}] => (Allow) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPNetworkCommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{4CD29DBA-E784-45BA-AB0A-FC151215CE22}] => (Allow) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{CAEDF963-9B61-49C0-876F-AC1E361DB60E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{89219585-08A6-4BFB-8DF7-E98B9FE7CA5B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{2D230933-1B95-432E-9673-AD55F7EB9697}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{521D818D-50D9-404E-B9AC-CB5BB5CFD84F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe (CyberLink Corp. -> CyberLink)
FirewallRules: [{5CF3A4BE-0F6B-4CC5-B06D-BB0061F87E77}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{3A73D5D2-B8A9-4060-86E6-B904186CD610}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{24A9893A-1DB9-4C6B-A751-9584F64F4D06}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{043A340C-8ABD-4E80-B86C-61D0CADAE82E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FEF94338-7844-41D0-B5A0-B09B06B11F17}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4DCFB67A-3BCB-4C87-8EDE-66A888CFBEFB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9B9FE25F-08DB-4F6C-BEA5-80090A3BEA45}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2F526134-8893-4B4F-B22E-3ED201C9E321}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{ED5F3EAC-C012-46BC-A4DA-F78E95808DD3}C:\program files\vuze\azureus.exe] => (Block) C:\program files\vuze\azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [UDP Query User{2A3A213C-5F1A-4FD5-80B8-BC47692094A3}C:\program files\vuze\azureus.exe] => (Block) C:\program files\vuze\azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [TCP Query User{A9115669-6A35-4CCE-86BC-5D5606184F9A}C:\program files (x86)\gameforgelive\games\esp_spa\aion\nclauncher.exe] => (Allow) C:\program files (x86)\gameforgelive\games\esp_spa\aion\nclauncher.exe (NCsoft Corp. -> NCSOFT Corporation)
FirewallRules: [UDP Query User{FF44E3B4-1234-478B-AA7B-3BC11712DD22}C:\program files (x86)\gameforgelive\games\esp_spa\aion\nclauncher.exe] => (Allow) C:\program files (x86)\gameforgelive\games\esp_spa\aion\nclauncher.exe (NCsoft Corp. -> NCSOFT Corporation)
FirewallRules: [TCP Query User{83E59873-0AA8-46A9-A521-DD6BC3E3477D}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe No File
FirewallRules: [UDP Query User{CE3E9D18-B25D-4DFC-897F-17048A0EC131}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe No File
FirewallRules: [TCP Query User{7424D194-1233-414F-A4E7-9327689744BD}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe No File
FirewallRules: [UDP Query User{C2CAE149-7218-4C6E-8D1F-E789E0BD6F0F}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe No File
FirewallRules: [{D4C0E628-B3F1-4E99-B3C7-B3E64CF331ED}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe (Sony Corporation -> Sony Corporation)
FirewallRules: [{408BF02E-DC30-4852-B590-EB7F957E818A}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe (Sony Corporation -> Sony Corporation)
FirewallRules: [{73317D2A-11D3-4554-943D-B828A05A966F}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation -> Sony Corporation)
FirewallRules: [{B1163628-060B-4B77-B773-716B78D8677A}] => (Allow) C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe No File
FirewallRules: [{D3BE322D-20AC-4B58-A3A5-50E37F8A4F1E}] => (Allow) C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe No File
FirewallRules: [{53A26048-2B47-460F-92CD-5F8B57E73B1B}] => (Allow) C:\Program Files\Vuze\Azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [{56B37F7D-448B-4A82-81F7-3E09D7E7A79C}] => (Allow) C:\Program Files\Vuze\Azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [{3029DB52-363B-4759-9EC9-0CA0127205B0}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{04F74269-159F-45D8-972B-8AD4029089A7}] => (Allow) LPort=2869
FirewallRules: [{D40ABA18-5D61-48FC-B1A0-D40F34CD4FBD}] => (Allow) LPort=1900
FirewallRules: [{595C913A-4984-4A38-9ED3-DE538284BA95}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{305B6BA0-D024-4250-8232-B21081B717D8}] => (Allow) C:\Program Files (x86)\Smith Micro\MotionArtist\MotionArtist Win32.exe (Smith Micro Software, Inc. -> Smith Micro Software, Inc.)
FirewallRules: [{229560D7-18B8-4BE9-A95A-2E76838CDF9B}] => (Allow) C:\Program Files (x86)\Smith Micro\MotionArtist\MotionArtist Win32.exe (Smith Micro Software, Inc. -> Smith Micro Software, Inc.)
FirewallRules: [{F0626723-3B73-4E44-906A-C847F843273D}] => (Allow) C:\Program Files\Smith Micro\MotionArtist\MotionArtist x64.exe (Smith Micro Software, Inc. -> Smith Micro Software, Inc.)
FirewallRules: [{8F2229CD-C869-402C-AC41-3DD709BE5553}] => (Allow) C:\Program Files\Smith Micro\MotionArtist\MotionArtist x64.exe (Smith Micro Software, Inc. -> Smith Micro Software, Inc.)
FirewallRules: [{8F81D375-2924-457C-8AC7-21B9301AE529}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe No File
FirewallRules: [{5072E1D0-7ACC-4238-A49D-D565DA629E6F}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe No File
FirewallRules: [{4EAE8361-196C-4B74-8A56-3410D1E0FBC9}] => (Block) Crogram Files (x86)Common FilesAdobeOOBEPDAppP6 No File
FirewallRules: [{E6D2B044-C493-456F-B018-072011ACD144}] => (Block) Crogram Files (x86)Common FilesAdobeOOBEPDAppP7 No File
FirewallRules: [{A04F77E2-37AA-44E7-BB20-DAC26B17807A}] => (Block) Crogram Files (x86)Common FilesAdobeOOBEPDAppP6 No File
FirewallRules: [{012F352F-18A8-444E-8E68-352CBEC7B38B}] => (Block) Crogram Files (x86)Common FilesAdobeOOBEPDAppP7 No File
FirewallRules: [TCP Query User{18A59663-F399-42EA-81A6-6BD54A0014BD}C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [UDP Query User{83F2BC19-4BDD-4D86-BC6F-6119C91B54E2}C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [TCP Query User{7C995EE6-CDF8-4250-A9ED-BB9DDDFBEB3D}C:\users\jean-philippe\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\jean-philippe\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{106D1150-DBC6-440F-9826-2340F73DC44E}C:\users\jean-philippe\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\jean-philippe\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{48AC32BE-8842-4051-8F2F-95639FCDC75F}C:\users\jean-philippe\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\jean-philippe\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{4919B285-5D50-4095-98F8-FCCC5A04CFC7}C:\users\jean-philippe\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\jean-philippe\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D31D3E46-6DE9-400D-A72B-E0CAB216E86E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D33ED498-6D64-4B78-AC05-8790796FD62B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7CAF7CD1-431F-4623-9EC8-9C3D4EB52216}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{36B46442-0DDC-4259-B484-A2B47D9EDB96}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7BCE9C08-EEFC-4D12-B26B-3C93BBCAA686}] => (Allow) C:\Program Files (x86)\Microsoft Games\Zoo Tycoon 2\zt.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{BAD92EF9-3642-43B6-A6AC-7CBC73D22CCD}] => (Allow) C:\Program Files (x86)\Microsoft Games\Zoo Tycoon 2\zt.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{0C13F1B3-8D6E-49CF-B8ED-4ED78EA30564}] => (Allow) C:\Users\Jean-Philippe\AppData\Local\Chromium\Application\chrome.exe (The Chromium Authors) [File not signed]
FirewallRules: [{0A6DD4D1-E163-4B2D-8592-9B7689BEC946}] => (Allow) C:\Program Files (x86)\The Sims 4\Game\Bin\TS4.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{5F2F22C7-A4A4-4B53-8EF3-FFB489B56A2C}] => (Allow) C:\Program Files (x86)\The Sims 4\Game\Bin\TS4.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{89DA1E96-EC92-4200-97BF-DB98BE396970}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{DFB73F74-2BDE-448C-ADEA-CB7D375C9911}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{C01FD320-750E-495A-A989-77E57370EDA8}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{80BA6039-6E6A-45F8-A57A-8AEC6DC134B9}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe (Riot Games, Inc. -> )
FirewallRules: [UDP Query User{0B6C67C3-AEA0-443D-9EEE-C8FB669B546F}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.172\deploy\leagueclient.exe (Riot Games, Inc. -> )
FirewallRules: [{5E5022FB-5DDB-4FC1-897D-F11262C273C6}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6A6F11FF-6F3E-48B0-83F3-C10A6165A05E}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9DC627D1-EF50-4C27-965E-E250620E17AA}] => (Allow) C:\Users\Jean-Philippe\AppData\Local\Temp\7zS0D74\HPDiagnosticCoreUI.exe No File
FirewallRules: [{9C3A10F8-174D-4A17-A97D-2640EF666454}] => (Allow) C:\Users\Jean-Philippe\AppData\Local\Temp\7zS0D74\HPDiagnosticCoreUI.exe No File
FirewallRules: [{07ABB677-06D3-4024-9577-FBB4E00D2641}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{35FCEDF6-1D7A-4E30-8FF4-0A4426A82D2D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{49DBA728-15C6-489C-8BF9-8A372BA72FA0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{900B4D30-4B57-43F3-8D08-26D971F48C38}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{42EBCDEE-6B3C-4653-AC3B-61A0FC7BACB7}] => (Allow) C:\bb\BBHelper\BandinaBoxServer.exe (PG Music Inc. -> PG Music Inc.)
FirewallRules: [{2780407E-CFAA-4CB3-935E-1A1235F2C8BB}] => (Allow) C:\bb\BBHelper\BandinaBoxServer.exe (PG Music Inc. -> PG Music Inc.)
FirewallRules: [{B7CFF6CD-A593-463B-B250-1045AA39D4DF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{A9A1D508-F075-42AC-8384-BE198BFB115F}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)

==================== Restore Points =========================

25-07-2019 17:54:08 Removed VirtualDJ 8
27-07-2019 19:44:10 ZHPcleaner
31-07-2019 11:20:23 ZHPcleaner
9 


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/31/2019 11:07:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: IAStorDataMgrSvc.exe, versión: 12.8.0.1016, marca de tiempo: 0x51fb0c50
Nombre del módulo con errores: KERNELBASE.dll, versión: 10.0.17134.885, marca de tiempo: 0x59816e73
Código de excepción: 0xe0434352
Desplazamiento de errores: 0x00112cf2
Identificador del proceso con errores: 0x4e8
Hora de inicio de la aplicación con errores: 0x01d5477f4bbf06d9
Ruta de acceso de la aplicación con errores: C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\System32\KERNELBASE.dll
Identificador del informe: d680a076-d253-45a9-bd17-e126fcbdac37
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (07/31/2019 11:07:52 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplicación: IAStorDataMgrSvc.exe
Versión de Framework: v4.0.30319
Descripción: el proceso terminó debido a una excepción no controlada.
Información de la excepción: System.FormatException
   en System.Text.StringBuilder.AppendFormatHelper(System.IFormatProvider, System.String, System.ParamsArray)
   en System.String.FormatHelper(System.IFormatProvider, System.String, System.ParamsArray)
   en System.String.Format(System.IFormatProvider, System.String, System.Object[])
   en IAStorDataMgr.EventRelay.formatStrings(System.String, System.Object[])
   en IAStorDataMgr.EventRelay.translateEventType(IAStorUtil.Events.DiskEventArgs, IAStorUtil.LogLevel)
   en IAStorDataMgr.EventRelay.SDM_ComprehensiveHandler(System.Object, IAStorUtil.Events.ComprehensiveEventArgs)
   en IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges()
   en IAStorUtil.SystemDataModelListener.LoadSavedSystemState()
   en IAStorDataMgr.EventRelay.<Start>b__0(System.Object)
   en System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   en System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   en System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   en System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   en System.Threading.ThreadPoolWorkQueue.Dispatch()
   en System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (07/31/2019 11:07:52 AM) (Source: IAStorDataMgrSvc) (EventID: 7001) (User: )
Description: Internal program error:  missing resource string DM_1_0_7

Error: (07/31/2019 11:04:36 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: Event-ID 1

Error: (07/31/2019 11:04:36 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: Event-ID 1

Error: (07/31/2019 11:02:06 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina QueryFullProcessImageNameW. HR = 0x80070006, Controlador no válido.
.


Operación:
   Ejecutando operación asincrónica

Contexto:
   Estado actual: DoSnapshotSet

Error: (07/31/2019 10:33:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: mbamtray.exe, versión: 3.1.0.1838, marca de tiempo: 0x5d13b12f
Nombre del módulo con errores: Qt5Core.dll, versión: 5.11.1.0, marca de tiempo: 0x5cba0161
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0018dc19
Identificador del proceso con errores: 0x33c8
Hora de inicio de la aplicación con errores: 0x01d5477a99b7fe7b
Ruta de acceso de la aplicación con errores: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Ruta de acceso del módulo con errores: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
Identificador del informe: 156930e7-016c-4464-87a8-e8935b2a69bc
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (07/31/2019 10:09:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: ProductUpdater.exe, versión: 1.0.6.0, marca de tiempo: 0x5a8d76bf
Nombre del módulo con errores: unknown, versión: 0.0.0.0, marca de tiempo: 0x00000000
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x05fc3568
Identificador del proceso con errores: 0x3bfc
Hora de inicio de la aplicación con errores: 0x01d547773912cbc0
Ruta de acceso de la aplicación con errores: C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
Ruta de acceso del módulo con errores: unknown
Identificador del informe: 95fa1ca6-391f-45b2-9337-301378c9bd0a
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:


System errors:
=============
Error: (07/31/2019 11:09:57 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la respuesta de transacción del servicio SOHDms.

Error: (07/31/2019 11:08:54 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la respuesta de transacción del servicio SOHDms.

Error: (07/31/2019 11:08:23 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la respuesta de transacción del servicio SOHDms.

Error: (07/31/2019 11:08:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Intel(R) Rapid Storage Technology se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (07/31/2019 11:07:58 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: El servidor {784E29F4-5EBE-4279-9948-1E8FE941646D} no se registró con DCOM dentro del tiempo de espera requerido.

Error: (07/31/2019 11:07:48 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la respuesta de transacción del servicio SOHDms.

Error: (07/31/2019 11:06:53 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio HP Support Solutions Framework Service no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (07/31/2019 11:06:17 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID 
Windows.SecurityCenter.WscBrokerManager
 y APPID 
No disponible
 al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.


Windows Defender:
===================================
Date: 2019-06-24 11:39:03.051
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Virus:DOS/EICAR_Test_File&threatid=2147519003&enterprise=0
Nombre: Virus:DOS/EICAR_Test_File
Id.: 2147519003
Gravedad: Grave
Categoría: Virus
Ruta de acceso: file:_C:\Windows\Temp\tmp0000048d\tmp00000002; file:_C:\Windows\Temp\tmp0000048d\tmp00000003
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Protección en tiempo real
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: C:\Program Files\Bitdefender\Antivirus Free Edition\update.exe
Versión de firma: AV: 1.295.1362.0, AS: 1.295.1362.0, NIS: 1.295.1362.0
Versión de motor: AM: 1.1.16000.6, NIS: 1.1.16000.6

Date: 2019-06-24 11:39:03.047
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Virus:DOS/EICAR_Test_File&threatid=2147519003&enterprise=0
Nombre: Virus:DOS/EICAR_Test_File
Id.: 2147519003
Gravedad: Grave
Categoría: Virus
Ruta de acceso: file:_C:\Windows\Temp\tmp0000048d\tmp00000002
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Protección en tiempo real
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: C:\Program Files\Bitdefender\Antivirus Free Edition\update.exe
Versión de firma: AV: 1.295.1362.0, AS: 1.295.1362.0, NIS: 1.295.1362.0
Versión de motor: AM: 1.1.16000.6, NIS: 1.1.16000.6

Date: 2019-06-13 08:25:40.269
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Virus:DOS/EICAR_Test_File&threatid=2147519003&enterprise=0
Nombre: Virus:DOS/EICAR_Test_File
Id.: 2147519003
Gravedad: Grave
Categoría: Virus
Ruta de acceso: file:_C:\Windows\Temp\tmp00000554\tmp00000002; file:_C:\Windows\Temp\tmp00000554\tmp00000003
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Protección en tiempo real
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: C:\Program Files\Bitdefender\Antivirus Free Edition\update.exe
Versión de firma: AV: 1.295.619.0, AS: 1.295.619.0, NIS: 1.295.619.0
Versión de motor: AM: 1.1.16000.6, NIS: 1.1.16000.6

Date: 2019-06-13 08:25:40.208
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Virus:DOS/EICAR_Test_File&threatid=2147519003&enterprise=0
Nombre: Virus:DOS/EICAR_Test_File
Id.: 2147519003
Gravedad: Grave
Categoría: Virus
Ruta de acceso: file:_C:\Windows\Temp\tmp00000554\tmp00000002
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Protección en tiempo real
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: C:\Program Files\Bitdefender\Antivirus Free Edition\update.exe
Versión de firma: AV: 1.295.619.0, AS: 1.295.619.0, NIS: 1.295.619.0
Versión de motor: AM: 1.1.16000.6, NIS: 1.1.16000.6

Date: 2019-05-15 19:01:38.724
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Virus:DOS/EICAR_Test_File&threatid=2147519003&enterprise=0
Nombre: Virus:DOS/EICAR_Test_File
Id.: 2147519003
Gravedad: Grave
Categoría: Virus
Ruta de acceso: file:_C:\Windows\Temp\tmp0000057b\tmp00000002; file:_C:\Windows\Temp\tmp0000057b\tmp00000003
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Protección en tiempo real
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: C:\Program Files\Bitdefender\Antivirus Free Edition\update.exe
Versión de firma: AV: 1.275.1140.0, AS: 1.275.1140.0, NIS: 1.275.1140.0
Versión de motor: AM: 1.1.15200.1, NIS: 1.1.15200.1

CodeIntegrity:
===================================

Date: 2019-07-31 10:54:25.858
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-07-31 10:54:20.809
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-07-31 10:53:47.347
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-07-31 10:53:18.273
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-07-31 10:46:13.511
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-07-31 10:45:37.235
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-07-31 10:45:25.895
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-07-31 10:45:24.589
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info =========================== 

BIOS: American Megatrends Inc. M7848W08.20C 09/23/2013
Motherboard: MEDION MS-7848
Processor: Intel(R) Core(TM) i7-4770 CPU @ 3.40GHz
Percentage of memory in use: 47%
Total physical RAM: 8148.35 MB
Available physical RAM: 4272.39 MB
Total Virtual: 9428.35 MB
Available Virtual: 4845.14 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:869.36 GB) (Free:239.46 GB) NTFS
Drive d: (Recover) (Fixed) (Total:60 GB) (Free:45.21 GB) NTFS
Drive g: () (Fixed) (Total:0.44 GB) (Free:0.04 GB) NTFS

\\?\Volume{c1c6ec63-dbe1-48e3-8003-c0402dfc79d2}\ () (Fixed) (Total:0.49 GB) (Free:0.13 GB) NTFS
\\?\Volume{99c904d8-d49a-416f-9c34-fc8b2c21c15f}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================
10 

ZHPCleaner v2019.7.31.110 by Nicolas Coolman (2019/07/31) ~ Run by Jean-Philippe (Administrator) (31/07/2019 13:36:30) ~ Web: https://www.nicolascoolman.com ~ Blog: https://nicolascoolman.eu/ ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Certificate ZHPCleaner: Legal ~ Type : Reparar ~ Report : C:\Users\Jean-Philippe\Desktop\ZHPCleaner (R).txt ~ Quarantine : C:\Users\Jean-Philippe\AppData\Roaming\ZHP\ZHPCleaner_Reg.txt ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 10 Home, 64-bit (Build 17134) **---\ Alternate Data Stream (ADS). (0)** ~ No malintencionados o innecesarios artículos encontrados. (ADS) **---\ Servicios (0)** ~ No malintencionados o innecesarios artículos encontrados. (Servicio) **---\ Navegadores de Internet (0)** ~ No malintencionados o innecesarios artículos encontrados. (Navegador) **---\ Hosts carpeta (1)** ~ El archivo hosts es legítimo (22) **---\ Tareas automáticas programadas. (0)** ~ No malintencionados o innecesarios artículos encontrados. (Tarea) **---\ Explorador ( Archivos, Carpetas ) (5)** MOVIDO carpeta: C:\Users\Jean-Philippe\AppData\Local\Temp\aria-debug-2504.log =>.SUP.Temporary.OneDrive MOVIDO carpeta: C:\Users\Jean-Philippe\AppData\Local\Temp\aria-debug-4376.log =>.SUP.Temporary.OneDrive MOVIDO carpeta: C:\Users\Jean-Philippe\AppData\Local\Temp\aria-debug-7252.log =>.SUP.Temporary.OneDrive MOVIDO carpeta: C:\Users\Jean-Philippe\AppData\Local\Temp\aria-debug-9476.log =>.SUP.Temporary.OneDrive MOVIDO archivo: C:\Users\Jean-Philippe\AppData\Local\\Google\Chrome\User Data\Default\Extensions\npdicihegicnhaangkdmcgbjceoemeoo =>Heuristic.Suspect **---\ Registro ( Claves, Valores, Datos) (1)** BORRADOS clave*: [X64] HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\npdicihegicnhaangkdmcgbjceoemeoo [] =>Heuristic.Suspect **---\ Resumen de elementos en su estación de trabajo (2)** https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Temporary.OneDrive https://nicolascoolman.eu/2017/01/28/heuristic-suspect/ =>Heuristic.Suspect **---\ Limpieza adicional. (3)** ~ Clave de registro Tracing borrados (3) ~ Quitar los antiguos informes de ZHPCleaner. (0) **---\ Resultado de la reparación.** ~ Reparación llevada a cabo con éxito ~ falta este navegador! (Opera Software) **---\ STATISTIQUES** ~ Items escaneado : 1043 ~ Items encontrado : 0 ~ artículos cancelados : 0 ~ Items opciones : 13/13 ~ Ahorro de espacio (bytes) : 0 ~ End of clean in 00h00mn09s **---\ Reporte (6)** ZHPCleaner-[R]-27072019-21_23_19.txt ZHPCleaner-[R]-31072019-11_31_22.txt ZHPCleaner-[S]-27072019-19_43_14.txt ZHPCleaner-[S]-31072019-11_19_21.txt ZHPCleaner-[S]-31072019-13_13_04.txt ZHPCleaner-[R]-31072019-13_36_39.txt
11

Después de pasar todo estos programas, no lo veo activo, pero suele volver a aparecer. Ya os mantengo informado cuando lo haga. Gracias !

12

Bueno, al reiniciar, sigue allí. Aunque de momento no me redirige a la pagina “goqoe.com”, como hacía antes.

13

Hola

Abrí un nuevo archivo Notepad y copia y pega este contenido:

Start
CreateRestorePoint:
CloseProcesses
(pdfforge GmbH -> © pdfforge GmbH.) C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe
(pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 4\creator-ws.exe
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKU\S-1-5-21-4141171654-374504699-3676777031-1002\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM\...\Drivers32: [msacm.dvacm_vspx8] => C:\Program Files (x86)\Corel\Corel VideoStudio X8\DVACM.acm [21504 2015-02-07] (Corel TW Corp.) [File not signed]
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]
ShortcutTarget: SketchBook Snapshot.lnk -> C:\Program Files (x86)\Autodesk\Autodesk SketchBook Pro for Enterprise 2014\SketchBookSnapshot.exe (Autodesk Inc) [File not signed]
Task: {06F2D72A-3BC1-4CAE-9B48-828C5C26E266} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {0CC8A326-664B-49D0-88F5-015CB90F2E9A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {0E6D8863-7BEF-4747-A1CF-DA572E7B608C} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {4F3FA435-6E1B-4485-A44A-086C796635EB} - \PaintTool SAI -> No File <==== ATTENTION
Task: {517DAE2E-0D13-4368-B0AF-C297B0F26640} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {5E5E28CF-C018-4B33-8A9D-AD87A29D84CB} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {606B700F-E838-4BB7-83F0-498768E79288} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {7E007EB8-7C00-42B6-8F88-EA8D1818B605} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {805DD872-4301-4F08-BD8B-8E8F5D8E7320} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {81086163-2D01-4F26-B330-91A89F494291} - \WPD\SqmUpload_S-1-5-21-4141171654-374504699-3676777031-1002 -> No File <==== ATTENTION
Task: {95EDB3D8-BE74-4DEC-8DAD-66AD72DAAFE2} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {9738D74D-5E6D-473E-AC29-21E1AC5CB5B3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {9805F3FC-70B1-4AD5-AEB1-1B52C3802417} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {98E5670E-F4DE-4014-AD8D-BE5DF66475F3} - System32\Tasks\Baidu PC Faster Update => C:\Program Files (x86)\PC Faster\Updater.exe
Task: {9B962B9E-C51C-4375-8AF0-E0E75094F86B} - System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => C:\WINDOWS\system32\CScript.exe "C:\ProgramData\Duplicaterecord.js"
Task: {9E89259F-A118-419E-AC58-03EF620275F6} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {F4C18C4B-C4C4-4E3B-9084-B99F44E753DF} - System32\Tasks\Baidu PC Faster Service => C:\Program Files (x86)\PC Faster\PCFasterSvc.exe
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-4141171654-374504699-3676777031-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sec-surf.com/
SearchScopes: HKLM -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKU\S-1-5-21-4141171654-374504699-3676777031-1002 -> DefaultScope {476FE902-44A9-4E10-896A-2D6A1CF23639} URL = hxxp://www.sec-surf.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-4141171654-374504699-3676777031-1002 -> {476FE902-44A9-4E10-896A-2D6A1CF23639} URL = hxxp://www.sec-surf.com/search?q={searchTerms}
BHO-x32: PDF Architect 4 Helper -> {38279E1A-7019-40C1-B579-E99DFB3312E8} -> C:\Program Files (x86)\PDF Architect 4\creator-ie-helper.dll [2016-01-15] (pdfforge GmbH -> pdfforge GmbH)
Toolbar: HKLM-x32 - PDF Architect 4 Toolbar - {23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} - C:\Program Files (x86)\PDF Architect 4\creator-ie-plugin.dll [2016-01-15] (pdfforge GmbH -> pdfforge GmbH)
Toolbar: HKU\S-1-5-21-4141171654-374504699-3676777031-1002 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
FF ProfilePath: C:\Users\Jean-Philippe\AppData\Roaming\Mozilla\Firefox\Profiles\cc432675.default [2019-07-31]
FF Homepage: Mozilla\Firefox\Profiles\cc432675.default -> about:home
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension
FF Extension: (PDF Architect 4 Creator) - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension [2016-03-02] [Legacy] [not signed]
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]
FF Plugin-x32: PDF Architect 4 -> C:\Program Files (x86)\PDF Architect 4\np-previewer.dll [2016-01-15] (pdfforge GmbH -> pdfforge GmbH)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]
FF Plugin HKU\S-1-5-21-4141171654-374504699-3676777031-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2013-12-19] (Ubisoft Entertainment Sweden AB -> )
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.sec-surf.com/
CHR StartupUrls: Default -> "hxxp://www.sec-surf.com/"
CHR NewTab: Default -> "active": true,
            "entry": "chrome-extension://laookkfknpbbblfpciffpaejjkokdgca/dashboard.html"       
CHR Profile: C:\Users\Jean-Philippe\AppData\Local\Google\Chrome\User Data\Default [2019-07-31]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo] - hxxps://clients2.google.com/service/update2/crx
S3 PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2417376 2016-01-15] (pdfforge GmbH -> pdfforge GmbH)
S3 PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [1038048 2016-01-15] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF Architect 4 Creator; C:\Program Files\PDF Architect 4\creator-ws.exe [851168 2016-01-15] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF Architect 4 Manager; C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe [959248 2015-10-05] (pdfforge GmbH -> © pdfforge GmbH.)
CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
  • Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.

Nota: Es necesario que el ejecutable Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no la herramienta no trabajara.

  • Ejecutas Frst.exe.
  • Presionas el botón Fix y aguardas a que termine.
  • La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).
  • Lo pegas en tu próxima respuesta.

Saludos

1 me gusta
14 

Fix result of Farbar Recovery Scan Tool (x64) Version: 30-07-2019 01
Ran by Jean-Philippe (31-07-2019 15:06:07) Run:1
Running from C:\Users\Jean-Philippe\Desktop
Loaded Profiles: Jean-Philippe (Available Profiles: Jean-Philippe)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses
(pdfforge GmbH -> © pdfforge GmbH.) C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe
(pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 4\creator-ws.exe
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKU\S-1-5-21-4141171654-374504699-3676777031-1002\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM\...\Drivers32: [msacm.dvacm_vspx8] => C:\Program Files (x86)\Corel\Corel VideoStudio X8\DVACM.acm [21504 2015-02-07] (Corel TW Corp.) [File not signed]
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]
ShortcutTarget: SketchBook Snapshot.lnk -> C:\Program Files (x86)\Autodesk\Autodesk SketchBook Pro for Enterprise 2014\SketchBookSnapshot.exe (Autodesk Inc) [File not signed]
Task: {06F2D72A-3BC1-4CAE-9B48-828C5C26E266} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {0CC8A326-664B-49D0-88F5-015CB90F2E9A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {0E6D8863-7BEF-4747-A1CF-DA572E7B608C} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {4F3FA435-6E1B-4485-A44A-086C796635EB} - \PaintTool SAI -> No File <==== ATTENTION
Task: {517DAE2E-0D13-4368-B0AF-C297B0F26640} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {5E5E28CF-C018-4B33-8A9D-AD87A29D84CB} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {606B700F-E838-4BB7-83F0-498768E79288} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {7E007EB8-7C00-42B6-8F88-EA8D1818B605} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {805DD872-4301-4F08-BD8B-8E8F5D8E7320} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {81086163-2D01-4F26-B330-91A89F494291} - \WPD\SqmUpload_S-1-5-21-4141171654-374504699-3676777031-1002 -> No File <==== ATTENTION
Task: {95EDB3D8-BE74-4DEC-8DAD-66AD72DAAFE2} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {9738D74D-5E6D-473E-AC29-21E1AC5CB5B3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {9805F3FC-70B1-4AD5-AEB1-1B52C3802417} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {98E5670E-F4DE-4014-AD8D-BE5DF66475F3} - System32\Tasks\Baidu PC Faster Update => C:\Program Files (x86)\PC Faster\Updater.exe
Task: {9B962B9E-C51C-4375-8AF0-E0E75094F86B} - System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => C:\WINDOWS\system32\CScript.exe "C:\ProgramData\Duplicaterecord.js"
Task: {9E89259F-A118-419E-AC58-03EF620275F6} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {F4C18C4B-C4C4-4E3B-9084-B99F44E753DF} - System32\Tasks\Baidu PC Faster Service => C:\Program Files (x86)\PC Faster\PCFasterSvc.exe
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-4141171654-374504699-3676777031-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sec-surf.com/
SearchScopes: HKLM -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKU\S-1-5-21-4141171654-374504699-3676777031-1002 -> DefaultScope {476FE902-44A9-4E10-896A-2D6A1CF23639} URL = hxxp://www.sec-surf.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-4141171654-374504699-3676777031-1002 -> {476FE902-44A9-4E10-896A-2D6A1CF23639} URL = hxxp://www.sec-surf.com/search?q={searchTerms}
BHO-x32: PDF Architect 4 Helper -> {38279E1A-7019-40C1-B579-E99DFB3312E8} -> C:\Program Files (x86)\PDF Architect 4\creator-ie-helper.dll [2016-01-15] (pdfforge GmbH -> pdfforge GmbH)
Toolbar: HKLM-x32 - PDF Architect 4 Toolbar - {23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} - C:\Program Files (x86)\PDF Architect 4\creator-ie-plugin.dll [2016-01-15] (pdfforge GmbH -> pdfforge GmbH)
Toolbar: HKU\S-1-5-21-4141171654-374504699-3676777031-1002 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
FF ProfilePath: C:\Users\Jean-Philippe\AppData\Roaming\Mozilla\Firefox\Profiles\cc432675.default [2019-07-31]
FF Homepage: Mozilla\Firefox\Profiles\cc432675.default -> about:home
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension
FF Extension: (PDF Architect 4 Creator) - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension [2016-03-02] [Legacy] [not signed]
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]
FF Plugin-x32: PDF Architect 4 -> C:\Program Files (x86)\PDF Architect 4\np-previewer.dll [2016-01-15] (pdfforge GmbH -> pdfforge GmbH)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]
FF Plugin HKU\S-1-5-21-4141171654-374504699-3676777031-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2013-12-19] (Ubisoft Entertainment Sweden AB -> )
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.sec-surf.com/
CHR StartupUrls: Default -> "hxxp://www.sec-surf.com/"
CHR NewTab: Default -> "active": true,
            "entry": "chrome-extension://laookkfknpbbblfpciffpaejjkokdgca/dashboard.html"       
CHR Profile: C:\Users\Jean-Philippe\AppData\Local\Google\Chrome\User Data\Default [2019-07-31]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo] - hxxps://clients2.google.com/service/update2/crx
S3 PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2417376 2016-01-15] (pdfforge GmbH -> pdfforge GmbH)
S3 PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [1038048 2016-01-15] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF Architect 4 Creator; C:\Program Files\PDF Architect 4\creator-ws.exe [851168 2016-01-15] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF Architect 4 Manager; C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe [959248 2015-10-05] (pdfforge GmbH -> © pdfforge GmbH.)
CMD: ipconfig /flushdns
CMD: ipconfig /renew
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
RemoveProxy:
EmptyTemp:
Hosts:
END
*****************

Restore point was successfully created.
CloseProcesses => Error: No automatic fix found for this entry.
[3740] C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe => process closed successfully.
[3504] C:\Program Files\PDF Architect 4\creator-ws.exe => process closed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\ConfirmFileDelete" => removed successfully
"HKU\S-1-5-21-4141171654-374504699-3676777031-1002\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoLowDiskSpaceChecks" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\\msacm.dvacm_vspx8" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\\VIDC.FMVC" => not found
C:\Program Files (x86)\Autodesk\Autodesk SketchBook Pro for Enterprise 2014\SketchBookSnapshot.exe => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{06F2D72A-3BC1-4CAE-9B48-828C5C26E266}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{06F2D72A-3BC1-4CAE-9B48-828C5C26E266}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0CC8A326-664B-49D0-88F5-015CB90F2E9A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0CC8A326-664B-49D0-88F5-015CB90F2E9A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0E6D8863-7BEF-4747-A1CF-DA572E7B608C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0E6D8863-7BEF-4747-A1CF-DA572E7B608C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4F3FA435-6E1B-4485-A44A-086C796635EB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F3FA435-6E1B-4485-A44A-086C796635EB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PaintTool SAI" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{517DAE2E-0D13-4368-B0AF-C297B0F26640}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{517DAE2E-0D13-4368-B0AF-C297B0F26640}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5E5E28CF-C018-4B33-8A9D-AD87A29D84CB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5E5E28CF-C018-4B33-8A9D-AD87A29D84CB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{606B700F-E838-4BB7-83F0-498768E79288}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{606B700F-E838-4BB7-83F0-498768E79288}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7E007EB8-7C00-42B6-8F88-EA8D1818B605}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7E007EB8-7C00-42B6-8F88-EA8D1818B605}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{805DD872-4301-4F08-BD8B-8E8F5D8E7320}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{805DD872-4301-4F08-BD8B-8E8F5D8E7320}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{81086163-2D01-4F26-B330-91A89F494291}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{81086163-2D01-4F26-B330-91A89F494291}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-4141171654-374504699-3676777031-1002" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{95EDB3D8-BE74-4DEC-8DAD-66AD72DAAFE2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{95EDB3D8-BE74-4DEC-8DAD-66AD72DAAFE2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9738D74D-5E6D-473E-AC29-21E1AC5CB5B3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9738D74D-5E6D-473E-AC29-21E1AC5CB5B3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9805F3FC-70B1-4AD5-AEB1-1B52C3802417}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9805F3FC-70B1-4AD5-AEB1-1B52C3802417}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{98E5670E-F4DE-4014-AD8D-BE5DF66475F3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{98E5670E-F4DE-4014-AD8D-BE5DF66475F3}" => removed successfully
C:\WINDOWS\System32\Tasks\Baidu PC Faster Update => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Baidu PC Faster Update" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9B962B9E-C51C-4375-8AF0-E0E75094F86B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9B962B9E-C51C-4375-8AF0-E0E75094F86B}" => removed successfully
C:\WINDOWS\System32\Tasks\060184C3-9766-46a0-B258-F4518A0B2633 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\060184C3-9766-46a0-B258-F4518A0B2633" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9E89259F-A118-419E-AC58-03EF620275F6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9E89259F-A118-419E-AC58-03EF620275F6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F4C18C4B-C4C4-4E3B-9084-B99F44E753DF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F4C18C4B-C4C4-4E3B-9084-B99F44E753DF}" => removed successfully
C:\WINDOWS\System32\Tasks\Baidu PC Faster Service => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Baidu PC Faster Service" => removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKU\S-1-5-21-4141171654-374504699-3676777031-1002\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKU\S-1-5-21-4141171654-374504699-3676777031-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-4141171654-374504699-3676777031-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{476FE902-44A9-4E10-896A-2D6A1CF23639} => removed successfully
HKLM\Software\Classes\CLSID\{476FE902-44A9-4E10-896A-2D6A1CF23639} => not found
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{38279E1A-7019-40C1-B579-E99DFB3312E8} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{38279E1A-7019-40C1-B579-E99DFB3312E8} => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{23FD9C33-A9E1-48A1-8404-E5925CF1C8E1}" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} => removed successfully
"HKU\S-1-5-21-4141171654-374504699-3676777031-1002\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => removed successfully
HKLM\Software\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => not found
C:\Users\Jean-Philippe\AppData\Roaming\Mozilla\Firefox\Profiles\cc432675.default => moved successfully
C:\Users\Jean-Philippe\AppData\Roaming\Mozilla\Firefox\Profiles\cc432675.default => path removed successfully
FF Homepage: Mozilla\Firefox\Profiles\cc432675.default -> about:home => "C:\Users\Jean-Philippe\AppData\Roaming\Mozilla\Firefox\Profiles\cc432675.default\prefs.js" not found
"HKLM\Software\Mozilla\Firefox\Extensions\\[email protected]" => removed successfully
C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension => moved successfully
HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.7 => removed successfully
HKLM\Software\MozillaPlugins\wacom.com/WacomTabletPlugin => removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\PDF Architect 4 -> C:\Program Files (x86)\PDF Architect 4\np-previewer.dll [2016-01-15] (pdfforge GmbH" => not found
C:\Program Files (x86)\PDF Architect 4\np-previewer.dll => moved successfully
HKLM\Software\Wow6432Node\MozillaPlugins\wacom.com/WacomTabletPlugin => removed successfully
HKU\S-1-5-21-4141171654-374504699-3676777031-1002\Software\MozillaPlugins\ubisoft.com/uplaypc => removed successfully
C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll => moved successfully
CHR DefaultProfile: Default => Error: No automatic fix found for this entry.
"Chrome HomePage" => removed successfully
"Chrome StartupUrls" => removed successfully
"Chrome NewTab" => removed successfully
"entry": "chrome-extension://laookkfknpbbblfpciffpaejjkokdgca/dashboard.html" => Error: No automatic fix found for this entry.

"C:\Users\Jean-Philippe\AppData\Local\Google\Chrome\User Data\Default" folder move:

Could not move "C:\Users\Jean-Philippe\AppData\Local\Google\Chrome\User Data\Default" => Scheduled to move on reboot.

HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\npdicihegicnhaangkdmcgbjceoemeoo => not found
HKLM\System\CurrentControlSet\Services\PDF Architect 4 => removed successfully
PDF Architect 4 => service removed successfully
HKLM\System\CurrentControlSet\Services\PDF Architect 4 CrashHandler => removed successfully
PDF Architect 4 CrashHandler => service removed successfully
HKLM\System\CurrentControlSet\Services\PDF Architect 4 Creator => removed successfully
PDF Architect 4 Creator => service removed successfully
HKLM\System\CurrentControlSet\Services\PDF Architect 4 Manager => removed successfully
PDF Architect 4 Manager => service removed successfully

========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows


Adaptador de Ethernet Ethernet:

   Sufijo DNS espec¡fico para la conexi¢n. . : 
   V¡nculo: direcci¢n IPv6 local. . . : fe80::c46d:b9a5:76a8:69e%12
   Direcci¢n IPv4. . . . . . . . . . . . . . : 192.168.0.108
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.0.1

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

0 out of 0 jobs canceled.

========= End of CMD: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-4141171654-374504699-3676777031-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-4141171654-374504699-3676777031-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 80457627 B
Java, Flash, Steam htmlcache => 1727 B
Windows/system/drivers => 35461 B
Edge => 128387316 B
Chrome => 36754684 B
Firefox => 9334166 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 432 B
LocalService => 912 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
Jean-Philippe => 86561405 B

RecycleBin => 256287 B
EmptyTemp: => 336 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 31-07-2019 15:32:47)

C:\Users\Jean-Philippe\AppData\Local\Google\Chrome\User Data\Default => Is moved successfully

==== End of Fixlog 15:32:47 ====
15

Hola

Descargá la herramienta Delfix a Tu escritorio.

Ejecutala, Tildá la casilla Remove disinfection tools y presioná Run

Al terminar Se abrirá un reporte llamado DelFix.txt, verifica que se hayan eliminado las herramientas usadas para desinfectar el Pc.

Nos comentas como sigue …

Saludos

1 me gusta
16

Perfecto ! Esta limpio totalmente, sois unos genios ! Tema cerrado. Muchisimas Gracias ! :slight_smile:

1 me gusta
17

Hola

Para cualquier otro problema, no dudes en volver a postear. Ya sabes dónde estamos.

Tema Solucionado

Saludos

18

Hola ! Pues ha vuelto a aparecer esta mañana en Microsoft hedge :frowning:

19

Hola

Solo en ese navegador ?

20

Si. Solo en edge. He borrado historial, pero sigue alli.

21

Hola

Vas a intentar resetear el Microsoft Edge

ara encontrar estas opciones, selecciona el botón Inicio y luego selecciona Configuración > Aplicaciones > Aplicaciones y funciones > Microsoft Edge > Opciones avanzadas.

Vas al apartado Reparar y presiona primero Reparar. reinicia el ordenador y comprueba.

Si aun así sigue, hace lo mismo, pero ahora presiona el botón Restablecer.

Reinicia el ordenador y Nos comentas como sigue.

Saludos