Muchas gracias por tu ayuda @DanielG
Utilizo Avast Free Antivirus.
El Malwarebytes lo descargué directamente del Foro.
Te dejo el reporte de FRST.txt
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-02-2023
Ran by Eder (administrator) on DESKTOP-3R77SIF (HP HP ZBook Studio G3) (18-02-2023 22:38:18)
Running from C:\Users\ZBook\Downloads
Loaded Profiles: Eder & SQLTELEMETRY$SQLEXPRESS & MSSQL$SQLEXPRESS
Platform: Microsoft Windows 10 Pro Version 22H2 19045.2604 (X64) Language: Spanish (Mexico) -> English (United States)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(ALPS ALPINE CO., LTD. -> ALPSALPINE Co., LTD.) C:\Program Files\Alps\GlidePoint\ApntEx.exe
(AO Kaspersky Lab -> AO Kaspersky Lab) C:\Users\ZBook\AppData\Local\Temp\{2c8770b8-835b-4a9b-b67f-784b680df611}\9ffb54ec.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <5>
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(C:\Program Files\Alps\GlidePoint\Apoint.exe ->) (ALPS ELECTRIC CO., LTD. -> ALPSALPINE Co., LTD.) C:\Program Files\Alps\GlidePoint\ApMsgFwd.exe
(C:\Program Files\Alps\GlidePoint\Apoint.exe ->) (ALPS ELECTRIC CO., LTD. -> ALPSALPINE CO., LTD.) C:\Program Files\Alps\GlidePoint\hidfind.exe
(C:\Program Files\Alps\GlidePoint\HidMonitorSvc.exe ->) (ALPS ALPINE CO., LTD. -> ALPSALPINE CO., LTD.) C:\Program Files\Alps\GlidePoint\Apoint.exe
(C:\Program Files\AVAST Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\BridgeCommunication.exe <2>
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\NVIDIA Corporation\nview\nviewMain64.exe ->) (Nvidia Corporation -> ) C:\Program Files\NVIDIA Corporation\nview\nviewMain.exe
(C:\Windows\CxSvc\CxMonSvc.exe ->) (Conexant Systems LLC -> Conexant) C:\Windows\System32\MicTray64.exe
(Conexant Systems LLC -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\SA3\HP-NB-AIO\SmartAudio3.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_98728bfffafc23c2\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_98728bfffafc23c2\igfxEM.exe
(DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_5c0b90ae6269072a\HotKeyServiceUWP.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_5c0b90ae6269072a\HPHotkeyNotification.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <25>
(explorer.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4478.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(Intel\DPTF\esif_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Nvidia Corporation -> ) C:\Program Files\NVIDIA Corporation\nview\nviewMain64.exe <2>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (ALPS ELECTRIC CO., LTD. -> ALPSALPINE Co., LTD.) C:\Program Files\Alps\GlidePoint\HidMonitorSvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(services.exe ->) (Conexant Systems LLC -> Conexant Systems, Inc) C:\Windows\CxSvc\CxMonSvc.exe
(services.exe ->) (Conexant Systems LLC -> Conexant Systems, Inc.) C:\Windows\CxSvc\CxUtilSvc.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_5c0b90ae6269072a\HotKeyServiceUWP.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_5c0b90ae6269072a\LanWlanWwanSwitchingServiceUWP.exe
(services.exe ->) (HP Inc. -> HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_98728bfffafc23c2\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_ba273d0ffb93e225\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_22dff82e7da0099b\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_b53c057d22ce6f37\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_b53c057d22ce6f37\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\sqlceip.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\fpCSEvtSvc.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\nvwmi64.exe <2>
(services.exe ->) (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe
(services.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(svchost.exe ->) (Auslogics) [File not signed] C:\Users\ZBook\AppData\Roaming\Win32Sync\svcupdater.exe
(svchost.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4478.0_x64__8j3eq9eme6ctt\IGCC.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [215960 2022-12-21] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [RtsCM] => C:\WINDOWS\RTSCM64.EXE [225256 2019-04-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322120 2017-06-26] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [EPPCCMON] => C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE [445800 2021-10-08] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [366944 2022-12-08] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-09-17] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [TeamsMachineUninstallerLocalAppData] => C:\Users\ZBook\AppData\Local\Microsoft\Teams\Update.exe [2576128 2022-09-21] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1310720 2020-02-10] (Seiko Epson Corporation) [File not signed]
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2015-01-29] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4517376 2014-11-11] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [1939968 2014-10-22] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [291080 2022-12-14] (Intel Corporation -> Intel)
HKLM\...\RunOnce: [d926b2c0-cf73-4a3b-9d2f-f1601332872d] => "C:\Users\ZBook\AppData\Local\Temp\{d763cb5d-944a-4dcf-8038-db0d3102f296}\d926b2c0-cf73-4a3b-9d2f-f1601332872d.cmd" (No File) <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2134584-1943924548-381409776-1001\...\Policies\Explorer: []
HKU\S-1-5-21-2134584-1943924548-381409776-1001\...\MountPoints2: {967e04a7-7995-11eb-8234-a434d9535b78} - "E:\OnePlus_setup.exe" /s
HKU\S-1-5-21-2134584-1943924548-381409776-1001\...\MountPoints2: {97bf5cce-27da-11ed-832d-a434d9535b78} - "D:\OnePlus_setup.exe" /s
HKU\S-1-5-18\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATISOE.EXE [418736 2019-08-21] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKLM\...\Windows x64\Print Processors\Canon G2000 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCX.DLL [30208 2016-03-21] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor G2000 series: C:\WINDOWS\system32\CNMLMCX.DLL [406528 2016-03-21] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS3100 series: CNMLMDR.DLL (No File)
HKLM\...\Print\Monitors\EPSON L4150 Series 64MonitorBE: C:\WINDOWS\system32\E_YLMBSOE.DLL [184832 2017-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\WINDOWS\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\110.0.5481.77\Installer\chrmstp.exe [2023-02-07] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {01812E61-9D20-47C2-9D91-6A5562AB4931} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ShowUI => cmd /c start hpdiags:
Task: {07C77020-717C-43F9-AA98-661577AAE948} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusTest => cmd /c start hpdiags://BatteryStatusTest
Task: {0B19B8B5-B485-42F0-BE5C-C59A0D91FFA5} - System32\Tasks\Microsoft\Windows\Conexant\SA3 => C:\Program Files\CONEXANT\SA3\HP-NB-AIO\SACpl.exe [1832280 2017-06-07] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
Task: {0DE3BA4F-400E-4823-954C-300A0EE48893} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2023-01-11] (Piriform Software Ltd -> Piriform)
Task: {1395F686-20EB-47AE-87A0-A69B7575ABDA} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26334160 2023-01-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {190993F0-642B-4415-8B9F-4B1B330AB7DE} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4954008 2022-12-21] (Avast Software s.r.o. -> AVAST Software)
Task: {1961B95F-B602-4FBF-A2CD-B97204412A03} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM2 => cmd /c start hpdiags://BHM2
Task: {24000A92-C0CD-469C-89C9-8CAF3C219756} - System32\Tasks\Microsoft\Windows\Conexant\MicTray => C:\Windows\System32\MicTray64.exe [2938448 2020-08-30] (Conexant Systems LLC -> Conexant)
Task: {2588D0E8-E92E-4140-A485-C36FE9BC5F90} - System32\Tasks\GoogleUpdateTaskMachineUA{6235F1A4-EB4E-43B9-A7C9-02B9C11B12A7} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2022-10-22] (Google LLC -> Google LLC)
Task: {2D92FB1C-5A6C-4F26-9D7C-88167157C2E8} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [168920 2023-01-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {480C00D0-4870-4ACD-BDCD-A3211337C629} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2022-08-17] (HP Inc. -> HP Inc.)
Task: {490A351C-08CF-460F-A57C-4598F5349C52} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [847392 2022-08-17] (HP Inc. -> HP Inc.)
Task: {4AD1718E-97A7-4D94-AB4A-38946E01EAB9} - System32\Tasks\Hewlett-Packard\HP Diagnostics\SmartCheckError => cmd /c start hpdiags://SmartCheckError
Task: {4AFEBA39-915F-4A3B-83E2-C43E2BA19946} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4713808 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "d8e5fd1f-b820-4021-b5a9-e49c9f513149" --version "6.08.10255" --silent
Task: {52FBDF47-BEA6-491A-85CD-2834F5A0A01F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [617096 2022-02-25] (Apple Inc. -> Apple Inc.)
Task: {6180F38C-F64D-4A2C-82BF-581D37A6A98F} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144280 2023-01-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {70112959-EB80-4567-BD23-372DBA174F63} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ABO => cmd /c start hpdiags://ABO
Task: {89A7295C-6957-4FE1-977A-2DE753A80B35} - System32\Tasks\CCleanerSkipUAC - Eder => C:\Program Files\CCleaner\CCleaner.exe [32617808 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {99791D16-4627-4E0E-8332-C5F0B200F42B} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [3826312 2023-01-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {9FEB7965-8571-4F06-8899-8FD96B864EFA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26334160 2023-01-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {ABF1F117-1C00-4C4A-9DED-0A9EF71F79BA} - System32\Tasks\nWizard_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [1555952 2022-09-02] (Nvidia Corporation -> )
Task: {B38C7CF5-8612-4961-A404-115E3EEBE345} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM1 => cmd /c start hpdiags://BHM1
Task: {B627EF33-BD31-4EBE-9027-16A451A137E8} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144280 2023-01-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {B9E0FBE4-EBB7-4C22-A2C0-EAC560620879} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [674720 2023-02-16] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {BA1210FC-2DC5-48A0-85EA-B5446FF05AF8} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BCF => cmd /c start hpdiags://BCF
Task: {CC9A4981-65E9-4711-BF14-4DFB8D35655B} - System32\Tasks\Hewlett-Packard\HP Diagnostics\LaunchUI => cmd /c start hpdiags://LaunchUI
Task: {D0B09B4C-0CC9-488C-96AA-18DDF2162623} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [716192 2023-02-16] (Mozilla Corporation -> Mozilla Foundation)
Task: {D723F6F7-BFAB-4149-A3CF-B9FBFD61E8DF} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusError => cmd /c start hpdiags://BatteryStatusError
Task: {D7B9D3D3-00D5-43D8-8171-32588B83D9BA} - System32\Tasks\svcupdater => C:\Users\ZBook\AppData\Roaming\Win32Sync\svcupdater.exe [1577608192 2023-02-17] (Auslogics) [File not signed] <==== ATTENTION
Task: {D83DF65F-FE90-4C24-B599-4EB05EF87A4E} - System32\Tasks\GoogleUpdateTaskMachineCore{04887D83-2128-4F6C-B61D-9B235F91B55E} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2022-10-22] (Google LLC -> Google LLC)
Task: {DAA88B87-49E8-457C-BB03-50AA27B28D2A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {EA579AC6-5F21-4DBA-BB6C-41C9AA6809D7} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (No File)
Task: {F62E4E51-078E-4920-98E5-8135CE5EB683} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1149512 2022-08-17] (HP Inc. -> HP Inc.)
Task: {F9835089-1B2C-4FBA-9DDD-0D5FF9633547} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2295192 2023-01-30] (Avast Software s.r.o. -> Avast Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{06f0791d-d18a-4562-a265-b845bdf3a9a0}: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{cfcbeafd-d6fe-4474-8ce9-c43c6574ca4c}: [DhcpNameServer] 192.168.1.254
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
FireFox:
========
FF DefaultProfile: 5wfoimoa.default-1663903243461
FF ProfilePath: C:\Users\ZBook\AppData\Roaming\Mozilla\Firefox\Profiles\5wfoimoa.default-1663903243461 [2023-02-18]
FF Extension: (Hoxx VPN Proxy) - C:\Users\ZBook\AppData\Roaming\Mozilla\Firefox\Profiles\5wfoimoa.default-1663903243461\Extensions\@hoxx-vpn.xpi [2022-11-29]
FF Extension: (Don't track me Google) - C:\Users\ZBook\AppData\Roaming\Mozilla\Firefox\Profiles\5wfoimoa.default-1663903243461\Extensions\[email protected] [2022-09-24]
FF Extension: (uBlock Origin) - C:\Users\ZBook\AppData\Roaming\Mozilla\Firefox\Profiles\5wfoimoa.default-1663903243461\Extensions\[email protected] [2022-12-24]
FF Extension: (TWP - Translate Web Pages) - C:\Users\ZBook\AppData\Roaming\Mozilla\Firefox\Profiles\5wfoimoa.default-1663903243461\Extensions\{036a55b4-5e72-4d05-a06c-cba2dfcc134a}.xpi [2022-10-12]
FF Extension: (ffCK Overlays) - C:\Users\ZBook\AppData\Roaming\Mozilla\Firefox\Profiles\5wfoimoa.default-1663903243461\Extensions\{72f01d74-e2f1-4581-b6a3-451b45523783}.xpi [2022-11-08]
FF Extension: (Absolute Right Click) - C:\Users\ZBook\AppData\Roaming\Mozilla\Firefox\Profiles\5wfoimoa.default-1663903243461\Extensions\{9350bc42-47fb-4598-ae0f-825e3dd9ceba}.xpi [2022-11-09]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2022-06-20] [Legacy] [not signed]
FF Plugin: @java.com/DTPlugin,version=11.271.2 -> C:\Program Files\Java\jre1.8.0_271\bin\dtplugin\npDeployJava1.dll [2020-10-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.271.2 -> C:\Program Files\Java\jre1.8.0_271\bin\plugin2\npjp2.dll [2020-10-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-02-13] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-11-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-11-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\autoconfig.js [2018-09-19] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\cck2.cfg [2018-09-19] <==== ATTENTION
Chrome:
=======
CHR Profile: C:\Users\ZBook\AppData\Local\Google\Chrome\User Data\Default [2023-02-18]
CHR Notifications: Default -> hxxps://message.alibaba.com; hxxps://www.alibaba.com; hxxps://www.instagram.com
CHR Extension: (uBlock Origin) - C:\Users\ZBook\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2023-01-02]
CHR Extension: (Dark Mode) - C:\Users\ZBook\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmghijelimhndkbmpgbldicpogfkceaj [2023-01-07]
CHR Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\ZBook\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2022-10-22]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\ZBook\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-10-22]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
R2 ApHidMonitorService; C:\Program Files\Alps\GlidePoint\HidMonitorSvc.exe [123664 2020-10-18] (ALPS ELECTRIC CO., LTD. -> ALPSALPINE Co., LTD.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [103280 2022-09-01] (Apple Inc. -> Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8553880 2022-12-21] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [597400 2022-12-21] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2038168 2022-12-21] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [597400 2022-12-21] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-05-31] (Avast Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8402648 2019-12-12] (BattlEye Innovations e.K. -> )
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [289792 2014-10-23] (Brother Industries, Ltd.) [File not signed]
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1003344 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12553648 2023-01-31] (Microsoft Corporation -> Microsoft Corporation)
R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [42248 2022-12-14] (Intel Corporation -> Intel)
R3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [207624 2022-12-14] (Intel Corporation -> Intel)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2019-01-07] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 EpsonCustomerResearchParticipation; C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe [685496 2020-11-03] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [145224 2019-09-18] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R2 fpCsEvtSvc; C:\WINDOWS\System32\fpCSEvtSvc.exe [22424 2019-05-05] (Microsoft Windows Hardware Compatibility Publisher -> )
R2 HotKeyServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_5c0b90ae6269072a\HotKeyServiceUWP.exe [1561032 2022-10-12] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [771088 2022-08-17] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [769568 2022-08-17] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [766504 2022-08-17] (HP Inc. -> HP Inc.)
R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1149480 2018-06-07] (HP Inc. -> HP)
R2 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [770088 2022-08-17] (HP Inc. -> HP Inc.)
R2 LanWlanWwanSwitchingServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_5c0b90ae6269072a\LanWlanWwanSwitchingServiceUWP.exe [606664 2022-10-12] (HP Inc. -> HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9002208 2023-02-18] (Malwarebytes Inc. -> Malwarebytes)
S3 mi-raysat_3dsmax2017_64; C:\Program Files\Autodesk\3ds Max 2017\raysat_3dsmax2017_64server.exe [86016 2011-09-14] () [File not signed]
S2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [479144 2023-01-25] (Microsoft Corporation -> Microsoft Corporation)
R2 NVWMI; C:\Windows\System32\nvwmi64.exe [4451928 2022-04-21] (Nvidia Corporation -> NVIDIA Corporation)
S3 OfficeSvcManagerAddons; C:\WINDOWS\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [21312 2021-03-14] (Microsoft Windows -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224184 2023-02-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [572832 2023-01-25] (Microsoft Corporation -> Microsoft Corporation)
R2 SQLTELEMETRY$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\sqlceip.exe [246696 2023-01-25] (Microsoft Corporation -> Microsoft Corporation)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182392 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 valWBFPolicyService; C:\WINDOWS\System32\valWBFPolicyService.exe [91032 2019-05-05] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\NisSrv.exe [3125112 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe [133560 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
U3 31f070bd; C:\WINDOWS\System32\Drivers\31f070bd.sys [299544 2023-02-18] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 ApHidfiltrService; C:\WINDOWS\system32\DRIVERS\ApHidFiltr.sys [229632 2020-10-18] (ALPS ELECTRIC CO., LTD. -> ALPSALPINE Co., LTD.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [31424 2022-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [229208 2022-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [391272 2022-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [297832 2022-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [95960 2022-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [25576 2022-10-13] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [39648 2022-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [267888 2022-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [555560 2022-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [105248 2022-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [80376 2022-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [852000 2022-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [695504 2023-02-01] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [212632 2022-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [318456 2022-12-21] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2023-02-18] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
U0 klupd_31f070bda_arkmon; C:\WINDOWS\System32\Drivers\klupd_31f070bda_arkmon.sys [370496 2023-02-18] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
U3 klupd_31f070bda_arkmon_43DDDD42; C:\KVRT2020_Data\Temp\43DDDD42950FE2BFD04963573405BB4D\klupd_31f070bda_arkmon.sys [370496 2023-02-18] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
U3 klupd_31f070bda_klark; C:\WINDOWS\System32\Drivers\klupd_31f070bda_klark.sys [359976 2023-02-18] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
U0 klupd_31f070bda_klbg; C:\WINDOWS\System32\Drivers\klupd_31f070bda_klbg.sys [190048 2023-02-18] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
U3 klupd_31f070bda_mark; C:\WINDOWS\System32\Drivers\klupd_31f070bda_mark.sys [270672 2023-02-18] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2023-02-18] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-02-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198112 2023-02-18] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77736 2023-02-18] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-02-18] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [181816 2023-02-18] (Malwarebytes Inc. -> Malwarebytes)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
S3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [50320 2015-01-29] (Panda Security S.L. -> Panda Security, S.L.)
S4 RsFx0501; C:\WINDOWS\System32\DRIVERS\RsFx0501.sys [261784 2023-01-25] (Microsoft Corporation -> Microsoft Corporation)
R3 SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [315392 2022-08-12] (Microsoft Windows -> Microsoft Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43640 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2017-07-28] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2017-07-21] (Valve Corp. -> )
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49576 2022-09-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [453904 2022-09-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [94480 2022-09-07] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [40104 2022-06-17] (HP Inc. -> HP)
S1 netfilter2; system32\drivers\netfilter2.sys [X]
S3 semav6msr64; \??\C:\WINDOWS\system32\drivers\semav6msr64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-02-18 22:38 - 2023-02-18 22:41 - 000041156 _____ C:\Users\ZBook\Downloads\FRST.txt
2023-02-18 22:37 - 2023-02-18 22:40 - 000000000 ____D C:\FRST
2023-02-18 22:36 - 2023-02-18 22:36 - 002378240 _____ (Farbar) C:\Users\ZBook\Downloads\FRST64.exe
2023-02-18 22:34 - 2023-02-18 22:34 - 000001688 _____ C:\Users\ZBook\Downloads\fixlist.txt
2023-02-18 21:48 - 2023-02-18 21:48 - 000000000 ____D C:\KVRT2020_Data
2023-02-18 21:47 - 2023-02-18 21:47 - 098333016 _____ (AO Kaspersky Lab) C:\Users\ZBook\Downloads\KVRT.exe
2023-02-18 21:45 - 2023-02-18 21:45 - 000181816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2023-02-18 21:45 - 2023-02-18 21:45 - 000000000 ___DC C:\Users\ZBook\AppData\LocalLow\IGDump
2023-02-18 20:43 - 2023-02-18 20:43 - 000001993 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-02-18 20:43 - 2023-02-18 20:43 - 000001981 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2023-02-18 20:42 - 2023-02-18 20:42 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-02-18 20:41 - 2023-02-18 20:42 - 000000000 ____D C:\Program Files\Malwarebytes
2023-02-18 20:40 - 2023-02-18 20:41 - 000003824 ____C C:\Users\ZBook\Desktop\Rkill.txt
2023-02-18 20:39 - 2023-02-18 20:39 - 002555248 _____ (Malwarebytes) C:\Users\ZBook\Downloads\MBSetup.exe
2023-02-18 20:39 - 2023-02-18 20:39 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\ZBook\Downloads\rkill.exe
2023-02-18 01:00 - 2018-01-16 20:33 - 000000000 ____D C:\Users\ZBook\Downloads\120 Free Light Overlays - Shutterstock
2023-02-17 17:42 - 2023-02-17 17:44 - 000000000 ____D C:\Users\ZBook\AppData\Roaming\Win32Sync
2023-02-17 17:42 - 2023-02-17 17:42 - 000003672 _____ C:\WINDOWS\system32\Tasks\svcupdater
2023-02-17 17:36 - 2023-02-17 17:41 - 761816064 _____ (Auslogics) C:\Users\ZBook\AppData\Roaming\0Lx7w94A.exe
2023-02-17 17:36 - 2023-02-17 17:36 - 000684984 ____C (Mozilla Foundation) C:\Users\ZBook\AppData\LocalLow\freebl3.dll
2023-02-17 17:36 - 2023-02-17 17:36 - 000627128 ____C (Mozilla Foundation) C:\Users\ZBook\AppData\LocalLow\mozglue.dll
2023-02-17 17:36 - 2023-02-17 17:36 - 000254392 ____C (Mozilla Foundation) C:\Users\ZBook\AppData\LocalLow\softokn3.dll
2023-02-17 17:36 - 2023-02-17 17:36 - 000054272 _____ () C:\Users\ZBook\AppData\Roaming\o7QqwhWY.exe
2023-02-17 17:36 - 2023-02-17 17:36 - 000000345 _____ C:\logs.uce
2023-02-17 17:36 - 2020-03-17 10:00 - 000000502 ___RC C:\Users\ZBook\AppData\LocalLow\t7X3slp69jUI
2023-02-17 17:31 - 2023-02-17 17:31 - 000083066 _____ C:\Users\ZBook\Downloads\dcbd30a12079f3288887eb320ee7b52b_unlocked.pdf
2023-02-17 17:21 - 2023-02-17 17:21 - 000083066 _____ C:\Users\ZBook\Downloads\dcbd30a12079f3288887eb320ee7b52b.pdf
2023-02-17 17:11 - 2023-02-17 17:40 - 000110328 ____C C:\Users\ZBook\Desktop\Invoice.pdf
2023-02-17 12:13 - 2023-02-17 12:13 - 000002021 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2023-02-17 11:50 - 2023-02-17 11:50 - 000077200 _____ C:\Users\ZBook\Downloads\acuseBuzon2172023115036.pdf
2023-02-17 11:50 - 2023-02-17 11:50 - 000076690 _____ C:\Users\ZBook\Downloads\acuseBuzon2172023115018.pdf
2023-02-17 11:37 - 2023-02-17 11:37 - 000077200 _____ C:\Users\ZBook\Downloads\acuseModificaMedio.pdf
2023-02-17 10:53 - 2023-02-17 10:53 - 000000000 ___DC C:\Users\ZBook\Desktop\FIEL_NAAE840202T59_20230217105304
2023-02-17 10:49 - 2023-02-17 10:49 - 008049466 _____ C:\Users\ZBook\Downloads\Certifica.jar
2023-02-17 10:49 - 2023-02-17 10:49 - 000000000 ____D C:\Users\ZBook\.swt
2023-02-16 13:10 - 2023-02-16 13:10 - 000000000 ___HD C:\$WinREAgent
2023-02-16 00:20 - 2023-02-16 00:20 - 000290543 _____ C:\Users\ZBook\Downloads\E3_10022017.pdf
2023-02-16 00:13 - 2023-02-16 18:21 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-02-16 00:00 - 2023-02-15 23:45 - 000396335 ____C C:\Users\ZBook\Desktop\ACBAA64C-689B-4978-9D04-E63E884A8BE4.pdf
2023-02-16 00:00 - 2023-02-15 23:45 - 000205046 ____C C:\Users\ZBook\Desktop\MiyoINE.pdf
2023-02-16 00:00 - 2023-02-15 23:45 - 000204385 ____C C:\Users\ZBook\Desktop\MiyoINEBack.pdf
2023-02-16 00:00 - 2023-02-15 23:45 - 000151705 ____C C:\Users\ZBook\Desktop\SituacionFiscal.pdf
2023-02-15 11:44 - 2023-02-15 11:44 - 001692751 _____ C:\Users\ZBook\Downloads\06092013_124319_PB_4º_2013_CR_web.pdf
2023-02-15 11:43 - 2023-02-15 11:43 - 001031974 _____ C:\Users\ZBook\Downloads\06092013_124914_PB_2º_2013_CR_web.pdf
2023-02-15 11:38 - 2023-02-15 11:39 - 050043663 _____ C:\Users\ZBook\Downloads\Guia Montenegro 4 Profesor.pdf
2023-02-13 13:15 - 2023-02-13 13:15 - 023389686 _____ C:\Users\ZBook\Downloads\Free_Lens_Flares_Photoshop_Brushes_4.zip
2023-02-05 21:05 - 2023-02-05 21:05 - 002222545 _____ C:\Users\ZBook\Downloads\express_global_customs_customer_guidelines.pdf
2023-02-03 22:01 - 2023-02-03 22:01 - 000253408 _____ C:\Users\ZBook\Downloads\Directorio de Instituciónes Educativas del tipo Medio Superior.xlsx
2023-02-02 19:29 - 2023-02-02 19:29 - 000019104 _____ C:\Users\ZBook\Downloads\bulkApply.xlsx
2023-02-01 19:29 - 2023-02-01 19:29 - 000000000 ___DC C:\Users\ZBook\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2023-01-31 21:56 - 2023-02-06 16:50 - 000000000 ___DC C:\Users\ZBook\Desktop\Gisselle
2023-01-22 23:19 - 2023-01-22 23:19 - 016729166 ____C C:\Users\ZBook\Desktop\Carta para cancelacion de Seguro[1].psd
2023-01-22 23:14 - 2023-01-22 23:19 - 001369966 ____C C:\Users\ZBook\Desktop\Carta para cancelacion de Seguro[1].pdf
2023-01-20 15:07 - 2023-01-29 17:15 - 000000000 ___DC C:\Users\ZBook\Desktop\Carlitos
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-02-18 21:56 - 2018-10-08 21:17 - 000000000 ____D C:\Program Files (x86)\Google
2023-02-18 21:50 - 2018-10-06 10:16 - 000000000 ___DC C:\Users\ZBook\AppData\Local\D3DSCache
2023-02-18 21:48 - 2019-02-20 13:06 - 000000000 ___DC C:\Users\ZBook\AppData\Local\AVAST Software
2023-02-18 21:45 - 2022-02-10 12:32 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-02-18 21:45 - 2018-10-21 22:41 - 000000000 ___DC C:\Users\ZBook\AppData\LocalLow\Mozilla
2023-02-18 21:36 - 2021-03-14 00:59 - 002340484 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-02-18 21:36 - 2019-12-07 09:02 - 000977086 _____ C:\WINDOWS\system32\perfh00A.dat
2023-02-18 21:36 - 2019-12-07 09:02 - 000232214 _____ C:\WINDOWS\system32\perfc00A.dat
2023-02-18 21:36 - 2019-12-07 03:13 - 000000000 ____D C:\WINDOWS\INF
2023-02-18 21:33 - 2021-03-14 01:01 - 000004210 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{31BBE5B7-795E-4B56-B695-C0CCB27E8192}
2023-02-18 21:31 - 2021-03-14 01:01 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2023-02-18 21:31 - 2020-10-23 13:43 - 000000000 ____D C:\Program Files\CCleaner
2023-02-18 21:31 - 2019-03-08 21:25 - 000000759 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2023-02-18 21:30 - 2019-12-07 03:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-02-18 21:29 - 2021-03-14 01:01 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-02-18 21:29 - 2021-03-14 00:51 - 000008192 ___SH C:\DumpStack.log.tmp
2023-02-18 21:29 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-02-18 21:29 - 2019-12-07 03:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-02-18 21:29 - 2019-02-20 13:02 - 000000000 ____D C:\ProgramData\AVAST Software
2023-02-18 21:29 - 2018-10-14 11:10 - 000000000 ____D C:\ProgramData\NVIDIA
2023-02-18 21:29 - 2018-10-09 08:39 - 000000000 ___DC C:\Intel
2023-02-18 21:29 - 2018-10-06 08:40 - 000000000 ____D C:\ProgramData\Synaptics
2023-02-18 21:25 - 2019-12-07 03:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-02-18 21:25 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-02-18 21:25 - 2018-10-06 05:44 - 000000000 ___DC C:\Users\ZBook\AppData\Local\Packages
2023-02-18 21:02 - 2019-02-25 01:03 - 000000000 ___DC C:\Users\ZBook\AppData\Local\CrashDumps
2023-02-18 20:55 - 2022-11-14 17:11 - 000000000 ____D C:\Users\ZBook\AppData\Roaming\uTorrent
2023-02-18 20:42 - 2019-12-07 03:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-02-18 20:18 - 2021-03-14 00:51 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-02-17 12:13 - 2022-11-29 18:18 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-02-17 12:13 - 2021-03-14 01:01 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-02-17 11:02 - 2019-12-07 03:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-02-17 10:49 - 2021-03-14 00:54 - 000000000 ____D C:\Users\ZBook
2023-02-16 18:22 - 2022-09-29 11:44 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-02-16 18:22 - 2021-03-14 00:51 - 000495472 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-02-16 18:20 - 2021-03-14 00:22 - 000000000 ____D C:\Program Files\Hyper-V
2023-02-16 18:20 - 2019-12-07 09:05 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-02-16 18:20 - 2019-12-07 03:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-02-16 18:20 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-02-16 18:20 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2023-02-16 18:20 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-02-16 18:20 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-02-16 18:20 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-02-16 18:20 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2023-02-16 18:20 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2023-02-16 18:20 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-02-16 18:20 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-02-16 13:15 - 2021-03-14 00:52 - 003015680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-02-16 12:36 - 2019-12-07 03:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2023-02-16 12:36 - 2018-12-23 22:50 - 000000000 ____D C:\WINDOWS\SysWOW64\1033
2023-02-16 12:36 - 2018-12-23 22:50 - 000000000 ____D C:\WINDOWS\system32\1033
2023-02-16 12:25 - 2022-09-22 21:20 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-02-16 12:25 - 2018-12-23 22:49 - 000000000 ____D C:\Program Files\Microsoft SQL Server
2023-02-16 12:25 - 2018-12-23 22:49 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2023-02-16 10:50 - 2018-10-21 21:23 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-02-16 10:45 - 2018-10-21 21:23 - 149955784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-02-16 10:26 - 2022-09-22 21:20 - 000000965 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-02-16 10:26 - 2022-09-22 21:20 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2023-02-15 14:35 - 2022-10-22 10:51 - 000003626 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{6235F1A4-EB4E-43B9-A7C9-02B9C11B12A7}
2023-02-15 14:35 - 2022-10-22 10:51 - 000003402 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{04887D83-2128-4F6C-B61D-9B235F91B55E}
2023-02-15 14:35 - 2022-09-29 11:44 - 000003040 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-02-15 14:35 - 2021-10-11 11:38 - 000002244 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Eder
2023-02-15 14:35 - 2021-03-14 01:01 - 000003194 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-02-15 14:35 - 2021-03-14 01:01 - 000002618 _____ C:\WINDOWS\system32\Tasks\nWizard_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-02-15 14:35 - 2021-03-14 01:01 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2023-02-11 15:26 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2023-02-07 18:11 - 2022-10-22 10:52 - 000002205 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-02-07 10:27 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-02-03 17:38 - 2021-03-14 00:54 - 000000000 ____D C:\Users\SQLTELEMETRY$SQLEXPRESS
2023-02-03 17:38 - 2021-03-14 00:54 - 000000000 ____D C:\Users\MSSQL$SQLEXPRESS
2023-02-03 16:44 - 2019-02-09 03:26 - 000000000 ___DC C:\Users\ZBook\AppData\Roaming\vlc
2023-02-01 19:29 - 2020-11-22 08:07 - 000000000 ____D C:\Users\ZBook\AppData\Roaming\Zoom
2023-02-01 12:17 - 2019-02-20 13:04 - 000695504 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2023-01-31 21:35 - 2019-03-14 10:32 - 000000000 ____D C:\Program Files\Microsoft Office
2023-01-25 19:17 - 2021-10-18 23:20 - 000253864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SQSRVRES.DLL
2023-01-25 19:16 - 2019-02-09 17:36 - 000082376 _____ (Microsoft Corporation) C:\WINDOWS\system32\fssres.dll
2023-01-25 19:07 - 2019-02-09 17:36 - 000180680 _____ (Microsoft Corporation) C:\WINDOWS\system32\hadrres.dll
2023-01-24 14:53 - 2020-10-10 04:29 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-01-24 14:46 - 2021-06-26 22:24 - 000000000 ____D C:\Users\ZBook\AppData\Roaming\HP
2023-01-24 14:46 - 2018-10-22 06:49 - 000000000 ____D C:\Program Files (x86)\HP
==================== Files in the root of some directories ========
2023-02-17 17:36 - 2023-02-17 17:41 - 761816064 _____ (Auslogics) C:\Users\ZBook\AppData\Roaming\0Lx7w94A.exe
2023-02-17 17:36 - 2023-02-17 17:36 - 000054272 _____ () C:\Users\ZBook\AppData\Roaming\o7QqwhWY.exe
2018-10-29 18:19 - 2022-09-13 13:36 - 000026035 ____C () C:\Users\ZBook\AppData\Local\oobelibMkey.log
2018-10-21 23:42 - 2022-09-13 21:27 - 000007597 ____C () C:\Users\ZBook\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================