Espero no estar violando ninguna regla del foro. Por motivos personales tuve que alejarme de esta PC por todo este tiempo. Sin embargo, ahora que la tengo de nuevo, abri en navegador y tenia este tema pineado. Recordé el problema y me metí a Google a revisar si continuaba y si, un tengo esos links que parecen búsquedas de google pero que son publicidad. Dejo los reportes y muchas gracias por la ayuda.
FRTS.txt (1/2)
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18.04.2019
Ran by b-rch_000 (administrator) on LENOVO (19-04-2019 02:22:08)
Running from C:\Users\b-rch_000\Desktop
Loaded Profiles: GRM & b-rch_000 (Available Profiles: GRM & b-rch_000)
Platform: Windows 10 Home Single Language Version 1803 17134.706 (X64) Language: Español (España, internacional)
Default browser: Opera
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(LENOVO -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel Corporation-Mobile Wireless Group -> Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(SEIKO EPSON Corporation -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Intel(R) Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Nitro Software, Inc. -> Nitro Software, Inc.) C:\Program Files\Nitro\Pro 10\NitroPDFDriverService10x64.exe
(PDFescape -> Red Software) C:\Program Files\PDFescape Desktop\creator-ws.exe
(OpenVPN Technologies, Inc. -> The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(SMART Technologies ULC -> SMART Technologies) C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTHelperService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWbioSyncSvc.exe
(Lenovo Information Products (Shenzhen) Co.,Ltd -> LENOVO INCORPORATED.) C:\Program Files\Lenovo\SystemAgent\SystemAgentService.exe
(XDisc Corp Ltd) [File not signed] C:\Users\GRM\AppData\Roaming\TopShape-B4\SoftwareUpdate.exe
(SMART Technologies ULC -> SMART Technologies ULC) C:\Program Files (x86)\SMART Technologies\SMART Response\ResponseHardwareService.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Lenovo(Japan)Ltd. -> Lenovo) C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Program Files\Synaptics\SynFP\Shared\SensorDBSynch.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tposd.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControl.exe
(Lenovo -> Lenovo) C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics Incorporated -> Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19021.18010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControl.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Program Files\Synaptics\SynFP\Shared\SensorDBSynch.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tposd.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics Incorporated -> Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(OpenVPN Technologies, Inc. -> ) C:\Program Files\OpenVPN\bin\openvpn-gui.exe
(Lenovo -> Lenovo) C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(ShareX Team) [File not signed] C:\Program Files\ShareX\ShareX.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\GRM\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Opera Software AS -> Opera Software) C:\Users\B-RCH_~1\AppData\Local\Temp\opera autoupdate\CUsersb-rch_000AppDataLocalProgramsOpera\installing\installer.exe
(Opera Software AS -> Opera Software) C:\Users\B-RCH_~1\AppData\Local\Temp\opera autoupdate\CUsersb-rch_000AppDataLocalProgramsOpera\installing\installer.exe
(Opera Software AS -> Opera Software) C:\Users\B-RCH_~1\AppData\Local\Temp\opera autoupdate\CUsersb-rch_000AppDataLocalProgramsOpera\installing\installer.exe
(Opera Software AS -> Opera Software) C:\Users\B-RCH_~1\AppData\Local\Temp\opera autoupdate\CUsersb-rch_000AppDataLocalProgramsOpera\installing\installer.exe
(Lenovo (Beijing) Limited -> Lenovo Group Limited) C:\Users\b-rch_000\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe
(Opera Software AS -> Opera Software) C:\Users\b-rch_000\AppData\Local\Programs\Opera\57.0.3098.106\opera.exe
(Opera Software AS -> Opera Software) C:\Users\b-rch_000\AppData\Local\Programs\Opera\57.0.3098.106\opera_crashreporter.exe
(Opera Software AS -> Opera Software) C:\Users\b-rch_000\AppData\Local\Programs\Opera\57.0.3098.106\opera.exe
(Opera Software AS -> Opera Software) C:\Users\b-rch_000\AppData\Local\Programs\Opera\57.0.3098.106\opera.exe
(Opera Software AS -> Opera Software) C:\Users\b-rch_000\AppData\Local\Programs\Opera\57.0.3098.106\opera.exe
(Opera Software AS -> Opera Software) C:\Users\b-rch_000\AppData\Local\Programs\Opera\57.0.3098.106\opera.exe
(Opera Software AS -> Opera Software) C:\Users\b-rch_000\AppData\Local\Programs\Opera\57.0.3098.106\opera.exe
(Opera Software AS -> Opera Software) C:\Users\b-rch_000\AppData\Local\Programs\Opera\57.0.3098.106\opera.exe
(Opera Software AS -> Opera Software) C:\Users\b-rch_000\AppData\Local\Programs\Opera\57.0.3098.106\opera.exe
(Opera Software AS -> Opera Software) C:\Users\b-rch_000\AppData\Local\Programs\Opera\57.0.3098.106\opera.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Opera Software AS -> Opera Software) C:\Users\b-rch_000\AppData\Local\Programs\Opera\57.0.3098.106\opera.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Opera Software AS -> Opera Software) C:\Users\b-rch_000\AppData\Local\Programs\Opera\58.0.3135.127\installer.exe
(Opera Software AS -> Opera Software) C:\Users\b-rch_000\AppData\Local\Programs\Opera\58.0.3135.127\installer.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [LenovoOptMouseUpdate] => C:\Program Files\Lenovo\HOTKEY\extapsup.exe [255480 2013-06-20] (LENOVO(JAPAN)LTD. -> Lenovo Group Limited)
HKLM\...\Run: [TpShocks] => C:\WINDOWS\system32\TpShocks.exe [384344 2014-02-17] (Lenovo(Japan)Ltd. -> Lenovo.)
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\LibStartStub.dll [74288 2014-03-04] (Lenovo(Japan)Ltd. -> Lenovo Corporation)
HKLM\...\Run: [SynLenovoHelper] => C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe [163936 2016-10-03] (Synaptics Incorporated -> Synaptics)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [260488 2019-03-18] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [Integrated Camera_Monitor] => C:\Program Files (x86)\Integrated Camera\monitor.exe [1720696 2013-09-27] (Sunplus Innovation Technology Inc. -> SunplusIT, Inc.) [File not signed]
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [917112 2015-09-30] (Bluestack Systems, Inc. -> BlueStack Systems, Inc.)
HKLM-x32\...\Run: [SMARTNotification] => C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTNotification.exe [197048 2015-07-16] (SMART Technologies ULC -> SMART Technologies)
HKLM-x32\...\Run: [SMART Tray Tools] => C:\Program Files (x86)\Common Files\SMART Technologies\SystemMenu\SMARTSystemMenu.exe [928696 2015-08-04] (SMART Technologies ULC -> SMART Technologies)
HKLM-x32\...\Run: [SMART Board Service] => C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTBoardService.exe [1879480 2015-07-16] (SMART Technologies ULC -> SMART Technologies)
HKLM-x32\...\Run: [sbsdk-server] => C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\sbsdk-server\NodeLauncher.exe [67512 2015-07-13] (SMART Technologies ULC -> SMART Technologies)
HKLM-x32\...\Run: [SMART Ink] => C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTInk.exe [288528 2015-07-29] (SMART Technologies ULC -> SMART Technologies) [File not signed]
HKLM-x32\...\Run: [Response Desktop Menu] => C:\Program Files (x86)\SMART Technologies\SMART Response\DesktopMenu.exe [1293216 2015-07-17] (SMART Technologies ULC -> SMART Technologies ULC)
HKLM-x32\...\Run: [ResponseConnectorService] => C:\Program Files (x86)\SMART Technologies\SMART Response\response-connector-server\NodeLauncher.exe [40448 2015-07-17] (SMART Technologies) [File not signed]
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1065024 2014-06-10] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [260488 2019-03-18] (AVAST Software s.r.o. -> AVAST Software)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2181589896-435413242-1626352173-1001\...\Run: [OPENVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [672384 2018-04-26] (OpenVPN Technologies, Inc. -> )
HKU\S-1-5-21-2181589896-435413242-1626352173-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2181589896-435413242-1626352173-1001\...\MountPoints2: {46614e19-5870-11e8-8346-e82aeabae7a7} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2181589896-435413242-1626352173-1001\...\MountPoints2: {5bf0ff86-257d-11e9-837a-54ee751a2b76} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2181589896-435413242-1626352173-1003\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe [4290240 2016-03-01] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-2181589896-435413242-1626352173-1003\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATINWE.EXE [298560 2014-03-19] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2181589896-435413242-1626352173-1003\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATINWE.EXE [298560 2014-03-19] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2181589896-435413242-1626352173-1003\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3152160 2019-04-16] (Valve -> Valve Corporation)
HKU\S-1-5-21-2181589896-435413242-1626352173-1003\...\Run: [EpicGamesLauncher] => "C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent
HKU\S-1-5-21-2181589896-435413242-1626352173-1003\...\Run: [OPENVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [672384 2018-04-26] (OpenVPN Technologies, Inc. -> )
HKU\S-1-5-21-2181589896-435413242-1626352173-1003\...\Run: [GoogleChromeAutoLaunch_CB3DD46AAD0B7A2609102874DF97FB4E] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1716720 2019-04-03] (Google LLC -> Google Inc.)
HKU\S-1-5-21-2181589896-435413242-1626352173-1003\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19589208 2018-12-10] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2181589896-435413242-1626352173-1003\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2181589896-435413242-1626352173-1003\...\MountPoints2: {807d76ed-9049-11e8-835d-e82aeabae7a7} - "E:\Lenovo_Suite.exe"
HKLM\...\Drivers32: [VIDC.LAGS] => C:\WINDOWS\system32\lagarith.dll [148992 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\WINDOWS\system32\x264vfw64.dll [3570688 2014-12-21] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\WINDOWS\system32\xvidvfw.dll [254976 2014-11-14] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\WINDOWS\SysWOW64\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3588608 2014-12-21] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\WINDOWS\SysWOW64\xvidvfw.dll [240128 2014-11-14] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112640 2015-01-13] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [vidc.tscc] => C:\Windows\SysWOW64\tsccvid.dll [110592 2003-02-14] (TechSmith Corporation) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [OpenVPN_UserSetup] -> reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /t REG_SZ /d "C:\Program Files\OpenVPN\bin\openvpn-gui.exe" /f
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\Installer\chrmstp.exe [2019-04-11] (Google LLC -> Google Inc.)
Startup: C:\Users\b-rch_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ShareX.lnk [2018-07-27]
ShortcutTarget: ShareX.lnk -> C:\Program Files\ShareX\ShareX.exe (ShareX Team) [File not signed]
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 190.113.220.18 190.113.220.51 190.113.220.54
Tcpip\..\Interfaces\{d11da338-a529-492a-8f86-806351e785b9}: [DhcpNameServer] 190.113.220.18 190.113.220.51 190.113.220.54
Tcpip\..\Interfaces\{fa75fb70-c3d3-4f1c-959f-69523e6bb4f6}: [DhcpNameServer] 190.113.220.18 190.113.220.51 190.113.220.54
Internet Explorer:
==================
HKU\S-1-5-21-2181589896-435413242-1626352173-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://login.latinaminternet.com/
HKU\S-1-5-21-2181589896-435413242-1626352173-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt=es-pe
HKU\S-1-5-21-2181589896-435413242-1626352173-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13-comm.msn.com/?pc=LNJB
HKU\S-1-5-21-2181589896-435413242-1626352173-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad
HKU\S-1-5-21-2181589896-435413242-1626352173-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13-comm.msn.com/?pc=LNJB
HKU\S-1-5-21-2181589896-435413242-1626352173-1003\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad
SearchScopes: HKU\S-1-5-21-2181589896-435413242-1626352173-1001 -> DefaultScope {1E3E8E29-2926-4497-BB84-1488D85E342C} URL =
SearchScopes: HKU\S-1-5-21-2181589896-435413242-1626352173-1001 -> {1E3E8E29-2926-4497-BB84-1488D85E342C} URL =
SearchScopes: HKU\S-1-5-21-2181589896-435413242-1626352173-1003 -> DefaultScope {1E3E8E29-2926-4497-BB84-1488D85E342C} URL =
SearchScopes: HKU\S-1-5-21-2181589896-435413242-1626352173-1003 -> {1E3E8E29-2926-4497-BB84-1488D85E342C} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2019-03-13] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-07-16] (Oracle America, Inc. -> Oracle Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-07-16] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2019-03-13] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-16] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-16] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: PDFescape Desktop Helper -> {E5F815EE-1391-4A6C-A0DD-488E9A6EC0F2} -> C:\Program Files (x86)\PDFescape Desktop\creator-ie-helper.dll [2016-08-16] (PDFescape -> Red Software)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\b-rch_000\AppData\Roaming\Mozilla\Firefox\Profiles\zb85zi22.default [2018-12-26]
FF Extension: (Avast Online Security) - C:\Users\b-rch_000\AppData\Roaming\Mozilla\Firefox\Profiles\zb85zi22.default\Extensions\[email protected] [2018-12-26]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\PDFescape Desktop\resources\pdfescapedesktopfirefoxextension
FF Extension: (PDFescape Desktop Creator) - C:\Program Files\PDFescape Desktop\resources\pdfescapedesktopfirefoxextension [2017-01-05] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_101.dll [2018-12-08] (Adobe Systems Incorporated -> )
FF Plugin: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-07-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-07-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_101.dll [2018-12-08] (Adobe Systems Incorporated -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-03] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-03] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-07-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-07-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-10-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\Program Files (x86)\Common Files\Nero\BrowserPlugin\npBrowserPlugin.dll [2016-02-29] (Nero AG -> Nero AG)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 10\npnitromozilla.dll [2016-07-22] (Nitro Software, Inc. -> Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-27] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-27] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-04] (VideoLAN) [File not signed]
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: PDFescape Desktop -> C:\Program Files (x86)\PDFescape Desktop\np-previewer.dll [2016-08-16] (PDFescape -> Red Software)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=PE&userid=266ef3ae-a2dc-3bcb-ed12-2e3715e557b3&searchtype=hp&installDate={installDate}
CHR StartupUrls: Default -> "hxxps://tweetdeck.twitter.com/","hxxps://www.facebook.com/?ref=tn_tnmn","chrome://newtab/","hxxp://www.google.com/"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\b-rch_000\AppData\Local\Google\Chrome\User Data\Default [2018-12-26]
CHR Extension: (Presentaciones) - C:\Users\b-rch_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-17]
CHR Extension: (Magic Actions for YouTube™) - C:\Users\b-rch_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2018-12-26]
CHR Extension: (Documentos) - C:\Users\b-rch_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-17]
CHR Extension: (Google Drive) - C:\Users\b-rch_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-25]
CHR Extension: (Simple Pomodoro®) - C:\Users\b-rch_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blidjjfbdbkcmegfnidmgndgdamhhelp [2016-12-24]
CHR Extension: (YouTube) - C:\Users\b-rch_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-18]
CHR Extension: (Slinky Elegante) - C:\Users\b-rch_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmanlajnpdncmhfkiccmbgeocgbncfln [2015-02-01]
CHR Extension: (plugCubed) - C:\Users\b-rch_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfeomlnnfncblkheeneahgmngbnbiaoi [2017-12-24]
CHR Extension: (Búsqueda de Google) - C:\Users\b-rch_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-25]
CHR Extension: (Tampermonkey) - C:\Users\b-rch_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2018-12-25]
CHR Extension: (Share on Rabbit) - C:\Users\b-rch_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\dplabnbcafdgpcjmibgkekpaejlfhnkl [2017-06-17]
CHR Extension: (Hojas de cálculo) - C:\Users\b-rch_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-17]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\b-rch_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-06]
CHR Extension: (Simple Notepad) - C:\Users\b-rch_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghnkdbkeniegahdcjeeikjoaapakeomf [2015-02-01]
CHR Extension: (TweetDeck by Twitter) - C:\Users\b-rch_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl [2015-10-18]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\b-rch_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-12]
CHR Extension: (4chan X) - C:\Users\b-rch_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohnjgmpcibpbafdlkimncjhflgedgpam [2018-12-09]
CHR Extension: (Click&Clean App) - C:\Users\b-rch_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2018-12-24]
CHR Extension: (Gmail) - C:\Users\b-rch_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-02]
CHR Extension: (Chrome Media Router) - C:\Users\b-rch_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-26]
CHR Profile: C:\Users\b-rch_000\AppData\Local\Google\Chrome\User Data\System Profile [2018-12-26]
CHR HKU\S-1-5-21-2181589896-435413242-1626352173-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
Opera:
=======
OPR Extension: (Tampermonkey) - C:\Users\b-rch_000\AppData\Roaming\Opera Software\Opera Stable\Extensions\mfdhdgbonjidekjkjmjaneanmdmpmidf [2019-04-19]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
U3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6570352 2019-03-18] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [360440 2019-03-18] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-03-18] (AVAST Software s.r.o. -> AVAST Software)
S3 AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [573488 2014-03-04] (Lenovo(Japan)Ltd. -> Lenovo Corporation)
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [437880 2015-09-30] (Bluestack Systems, Inc. -> BlueStack Systems, Inc.)
S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [417400 2015-09-30] (Bluestack Systems, Inc. -> BlueStack Systems, Inc.)
S3 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [855672 2015-09-30] (Bluestack Systems, Inc. -> BlueStack Systems, Inc.)
S3 Disc Soft Lite Bus Service; C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe [1444544 2016-03-01] (Disc Soft Ltd -> Disc Soft Ltd)
R2 EpsonCustomerResearchParticipation; C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe [676336 2015-06-25] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [184064 2017-01-13] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
S3 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [353768 2018-07-24] (Intel Corporation -> Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-10-13] (Intel Corporation-Mobile Wireless Group -> Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-03] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
S2 Lenovo QuickSnip Service; C:\Program Files\lenovo\QuickSnipService\QuickSnipService.exe [219976 2013-12-02] (Lenovo Information Products (Shenzhen) Co.,Ltd -> LENOVO INCORPORATED.)
S2 Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2085184 2014-03-04] (Lenovo(Japan)Ltd. -> Lenovo Group Limited)
R2 Lenovo System Agent Service; C:\Program Files\lenovo\SystemAgent\SystemAgentService.exe [585032 2013-12-02] (Lenovo Information Products (Shenzhen) Co.,Ltd -> LENOVO INCORPORATED.)
S3 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [702512 2014-03-04] (Lenovo(Japan)Ltd. -> Lenovo Corporation)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [136288 2012-08-10] (Lenovo(Japan)Ltd. -> Lenovo Group Limited)
R2 lnvDiscoveryWinSvc; C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe [22576 2014-02-17] (Lenovo(Japan)Ltd. -> Lenovo)
S2 LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [468288 2013-12-11] (Lenovo(Japan)Ltd. -> )
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273544 2016-12-07] (LENOVO -> Lenovo)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268968 2018-02-07] (Intel(R) Wireless Connectivity Solutions -> )
R2 NitroDriverReadSpool10; C:\Program Files\Nitro\Pro 10\NitroPDFDriverService10x64.exe [327320 2016-07-22] (Nitro Software, Inc. -> Nitro Software, Inc.)
S3 NitroUpdateService; C:\Program Files\Nitro\Pro 10\Nitro_UpdateService.exe [417944 2016-07-22] (Nitro Software, Inc. -> )
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv2.exe [24192 2018-03-06] (OpenVPN Technologies, Inc. -> )
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [75392 2018-04-26] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 OpenVPNServiceLegacy; C:\Program Files\OpenVPN\bin\openvpnserv.exe [75392 2018-04-26] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 PDFescape Desktop; C:\Program Files\PDFescape Desktop\ws.exe [2142184 2016-08-16] (PDFescape -> Red Software)
S3 PDFescape Desktop CrashHandler; C:\Program Files\PDFescape Desktop\crash-handler-ws.exe [926184 2016-08-16] (PDFescape -> Red Software)
R2 PDFescape Desktop Creator; C:\Program Files\PDFescape Desktop\creator-ws.exe [733672 2016-08-16] (PDFescape -> Red Software)
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2013-09-13] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
S2 QuickControlMasterSvc; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe [59440 2014-02-12] (Lenovo(Japan)Ltd. -> Lenovo Group Limited)
R3 QuickControlService; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe [322608 2014-02-12] (Lenovo(Japan)Ltd. -> Lenovo Group Limited)
R2 Response Hardware; C:\Program Files (x86)\SMART Technologies\SMART Response\ResponseHardwareService.exe [20384 2015-07-17] (SMART Technologies ULC -> SMART Technologies ULC)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [333296 2017-09-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 SMARTHelperService; C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTHelperService.exe [617912 2015-07-16] (SMART Technologies ULC -> SMART Technologies)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [259176 2016-10-03] (Synaptics Incorporated -> Synaptics Incorporated)
S3 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer -> TeamViewer GmbH)
R2 TopShape-B4 Service; C:\Users\GRM\AppData\Roaming\TopShape-B4\SoftwareUpdate.exe [917504 2018-08-13] (XDisc Corp Ltd) [File not signed]
R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [86544 2016-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
R2 valWbioSyncSvc; C:\WINDOWS\system32\valWbioSyncSvc.exe [56848 2016-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe [3880120 2018-12-26] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MsMpEng.exe [114208 2018-12-26] (Microsoft Corporation -> Microsoft Corporation)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3851432 2018-02-07] (Intel(R) Wireless Connectivity Solutions -> Intel® Corporation)
S3 Power Manager DBC Service; "C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE" [X]