Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-09-2019 Ran by Micael (administrator) on PC-MICA (Hewlett-Packard h8-1403es) (14-09-2019 10:10:31) Running from C:\Users\Micael\Desktop Loaded Profiles: Micael (Available Profiles: Micael) Platform: Windows 10 Home Version 1903 18362.356 (X64) Language: Español (España, internacional) Default browser: FF Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) () [File not signed] C:\Program Files (x86)\EmvSmartCardReader\BePCSC.exe () [File not signed] C:\Program Files (x86)\EmvSmartCardReader\SmartMON.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe (Autodesk, Inc.) [File not signed] C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe (Flexera Software LLC -> Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Hauppauge Computer Works) [File not signed] C:\Program Files (x86)\WinTV\TVServer\CaptureGenUSB.exe (Hauppauge Computer Works) [File not signed] C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe (Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe (Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe (Hewlett Packard -> Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (Hewlett-Packard ) [File not signed] C:\Program Files\IDT\WDM\Beats64.exe (Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Hewlett-Packard) [File not signed] C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\BATINDICATOR.exe (Hewlett-Packard) [File not signed] C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\BATINDICATOR_HIDList.exe (Hewlett-Packard) [File not signed] C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\CNYHKEY.exe (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe (Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_service.exe (Kaspersky Lab -> Kaspersky Lab AO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\plugin-nm-server.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19061.18920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1906.53.0_x64__8wekyb3d8bbwe\Calculator.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11909.1001.7.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19071.901.0_x64__8wekyb3d8bbwe\YourPhone.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeApp.exe (Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe (SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe (Support.com, Inc. -> SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-30] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) HKLM\...\Run: [Windows Mobile Device Center] => C:\WINDOWS\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation -> Microsoft Corporation) HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2012-09-19] (Hewlett-Packard ) [File not signed] HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-07-19] (Apple Inc. -> Apple Inc.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech -> Logitech, Inc.) HKLM-x32\...\Run: [BATINDICATOR] => C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\BATINDICATOR.exe [2068992 2011-12-14] (Hewlett-Packard) [File not signed] HKLM-x32\...\Run: [BATINDICATORHL] => C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\BATINDICATOR_HIDList.exe [557056 2010-07-23] (Hewlett-Packard) [File not signed] HKLM-x32\...\Run: [OSDTool] => C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\CNYHKEY.exe [2101248 2012-06-13] (Hewlett-Packard) [File not signed] HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [76600 2019-07-19] (Apple Inc. -> Apple Inc.) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard Company -> Hewlett-Packard) HKLM-x32\...\Run: [BePCSC] => C:\Program Files (x86)\EmvSmartCardReader\BePCSC.exe [130560 2007-05-03] () [File not signed] HKLM-x32\...\Run: [SmartMon] => C:\Program Files (x86)\EmvSmartCardReader\SmartMON.exe [234496 2006-12-18] () [File not signed] HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5007408 2019-07-31] (Adobe Inc. -> Adobe Systems Inc.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [644552 2019-07-04] (Oracle America, Inc. -> Oracle Corporation) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2623032 2019-07-05] (Adobe Inc. -> Adobe Inc.) HKU\S-1-5-21-100295893-3780060295-1151518389-1001 Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <==== ATTENTION HKU\S-1-5-21-100295893-3780060295-1151518389-1001 Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <==== ATTENTION HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKU\S-1-5-21-100295893-3780060295-1151518389-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2019-05-08] (Apple Inc. -> Apple Inc.) HKU\S-1-5-21-100295893-3780060295-1151518389-1001\...\Run: [Dropbox Update] => C:\Users\Micael\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc -> Dropbox, Inc.) HKU\S-1-5-21-100295893-3780060295-1151518389-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22714912 2019-08-15] (Piriform Software Ltd -> Piriform Ltd) HKU\S-1-5-21-100295893-3780060295-1151518389-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [9198512 2019-09-11] (Support.com, Inc. -> SUPERAntiSpyware) HKU\S-1-5-21-100295893-3780060295-1151518389-1001\...\Run: [kpm.exe] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm.exe [597680 2019-09-12] (Kaspersky Lab -> AO Kaspersky Lab) HKU\S-1-5-21-100295893-3780060295-1151518389-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-09-04] (Adobe Inc. -> Adobe Systems Incorporated) HKU\S-1-5-21-100295893-3780060295-1151518389-1001\...\Policies\Explorer: [] HKU\S-1-5-21-100295893-3780060295-1151518389-1001\...\Policies\Explorer: [BlockRunList] *chrome.exe" HKLM\...\Drivers32: [VIDC.LAGS] => C:\WINDOWS\system32\lagarith.dll [148992 2011-12-07] ( ) [File not signed] HKLM\...\Drivers32: [VIDC.X264] => C:\WINDOWS\system32\x264vfw64.dll [3554304 2013-03-17] (x264vfw project) [File not signed] HKLM\...\Drivers32: [VIDC.XVID] => C:\WINDOWS\system32\xvidvfw.dll [258560 2011-06-24] () [File not signed] HKLM\...\Drivers32: [VIDC.FFDS] => C:\WINDOWS\system32\ff_vfw.dll [127488 2013-09-12] () [File not signed] HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed] HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] ( ) [File not signed] HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3649536 2013-03-17] (x264vfw project) [File not signed] HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [243200 2011-06-24] () [File not signed] HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112640 2013-09-12] () [File not signed] HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed] HKLM\...\Drivers32: [msacm.lhacm] => C:\Windows\SysWOW64\lhacm.acm [34064 2015-08-21] (Microsoft Corporation) [File not signed] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.132\Installer\chrmstp.exe [2019-08-27] (Google LLC -> Google LLC) IFEO\SppExtComObj.exe: [Debugger] C:\WINDOWS\SECOH-QAD.exe Lsa: [Authentication Packages] msv1_0 SshdPinAuthLsa Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Eyes Relax.lnk [2016-02-01] ShortcutTarget: Eyes Relax.lnk -> C:\Windows\Installer\{9C890D28-9671-4DC2-B017-D5327B9062C8}\EyeIcon.ico () [File not signed] Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2013-09-26] ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.) Startup: C:\Users\Micael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2019-09-05] ShortcutTarget: Dropbox.lnk -> C:\Users\Micael\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.) Startup: C:\Users\Micael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2019-09-09] ShortcutTarget: MEGAsync.lnk -> C:\Users\Micael\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited) GroupPolicy: Restriction ? <==== ATTENTION GroupPolicy\User: Restriction ? <==== ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION CHR HKU\S-1-5-21-100295893-3780060295-1151518389-1001\SOFTWARE\Policies\Google: Restriction <==== ATTENTION ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {06B6877C-87BF-4279-8B35-E01F39FE2C7E} - System32\Tasks\SUPERAntiSpyware Scheduled Task 31478637-893d-449f-821d-5b65e857cce4 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [49944 2013-11-07] (SUPERAntiSpyware.com -> SUPERAdBlocker.com) Task: {0A539F4F-AFF9-4DCA-8D7F-C8B6337A5A10} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {0BAFFBC4-E42F-4445-977F-535B3E82835E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16585328 2019-08-15] (Piriform Software Ltd -> Piriform Ltd) Task: {0CE970FA-682F-4F1F-A02B-27B43DED3B95} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION Task: {0DC0AFEB-B664-4F97-B105-092C4C8CE06B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-100295893-3780060295-1151518389-1001UA => C:\Users\Micael\AppData\Local\Google\Update\GoogleUpdate.exe Task: {0DDB73BB-E9A8-48C7-85F5-43E1321ED4B3} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969} Task: {12D056BC-67FF-4E49-AFB4-27A7AB945F50} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe Task: {1D95E379-13A1-42F8-9DDE-B0A571E4A453} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {1EEE5C9B-9442-4021-9C33-A87C66D4B7FB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1236048 2019-07-24] (Adobe Inc. -> Adobe Systems) Task: {2642624B-12CB-42D5-8DC7-E7A646F17FAE} - System32\Tasks\Red Giant Link => C:\Program Files (x86)\Red Giant Link\Red Giant Link.exe Task: {2739ED6B-6107-420E-BE8B-79D295D17112} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe Task: {2946DB70-E06D-4A29-B079-00F734FEDEF5} - System32\Tasks\{96D1D3C2-2B4E-4424-B511-DC6B73DB0472} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\Micael\Desktop\Navman_N40i_Unlock\Setup.exe -d C:\Users\Micael\Desktop\Navman_N40i_Unlock Task: {2A8D31B5-3165-4157-ACF1-004BAC764702} - System32\Tasks\{7A13DB15-2C8C-4E74-BF2E-420E2B79F63A} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\Wondershare\drfoneios\unins000.exe" Task: {2AA14A61-986B-4D13-8B63-F82BC253156C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-100295893-3780060295-1151518389-1001Core => C:\Users\Micael\AppData\Local\Google\Update\GoogleUpdate.exe Task: {2E2E7232-0216-4206-9BEA-939FB93886BD} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [67896 2019-07-22] (Apple Inc. -> Apple Inc.) Task: {3141AAC7-DE44-4B29-9D2D-F58CA6F46ABD} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1} Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe Task: {4BBC03AE-EDD7-4515-9113-0A5595DCD621} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation) Task: {4C234D86-FB63-45DD-AFA5-8453A6663C44} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913448 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation) Task: {4EA4664B-087F-4A7F-9852-3C99A6A2BAA4} - \WPD\SqmUpload_S-1-5-21-100295893-3780060295-1151518389-1001 -> No File <==== ATTENTION Task: {4F271FB1-876B-4782-822D-B7F3C90E01B4} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation) Task: {4F3ADC7C-723F-48E6-9CFC-F5D6F1CDC155} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {50A718C1-F320-4ED9-A34F-5CDBECDF1B52} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {526617D9-61E0-4B51-9360-E4DCE3D139E1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe Task: {5A3FB241-0B11-4EA5-BC66-0D9F1B406040} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM => {C8367320-6F85-11E0-A1F0-0800200C9A66} C:\WINDOWS\System32\BthTelemetry.dll [32256 2019-03-19] (Microsoft Windows -> Microsoft Corporation) Task: {5D96B04E-D482-4516-90E5-998AAF56868C} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653864 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation) Task: {6170D0BB-7357-463A-A0A9-B1D7FB34E585} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation) Task: {6C7286F6-5961-41DA-A386-76A809466EB3} - System32\Tasks\{36496DA7-4371-467D-ADE9-7DB7D764EEDF} => C:\windows\system32\pcalua.exe -a "C:\Program Files (x86)\NCH Swift Sound\BMS\uninst.exe" Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Task: {6E7887DF-109C-40F8-BDFB-CF338AE9F16A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe Task: {6ECA87F8-49B2-45A9-814E-5653C38D7EA6} - System32\Tasks\SUPERAntiSpyware Scheduled Task d2f6be15-b44d-408b-87dd-d4fc2965c1c7 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [49944 2013-11-07] (SUPERAntiSpyware.com -> SUPERAdBlocker.com) Task: {714097CE-1F5A-438D-95D5-8F9D48642A32} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation) Task: {76AA434A-79A9-4C49-AB46-67D670179A11} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-micaelfortes@gmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {770D5B2E-C481-4921-A831-24FD73EA74AD} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} Task: {7C0C03ED-4D20-4255-B657-BB8A2195D44E} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E} Task: {7D351E22-35C9-4D0D-932D-DE338AB439A4} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-08-15] (Piriform Software Ltd -> Piriform Software Ltd) Task: {7ECB738C-AE8A-4359-809A-CBD58A61912A} - System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-micaelfortes@gmail.com => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {7F536C73-C3AB-4448-A70D-FD7DB1D4A37E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {80F2DF76-2222-4E79-B490-8F123354F937} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: {83B6B3A2-B9B2-4013-907A-D131D40A4773} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {8720F399-6746-46CB-AC42-4301D2B36DEF} - System32\Tasks\HPCeeScheduleForMicael => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [96568 2015-06-16] (Hewlett-Packard Company -> Hewlett-Packard) Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE} Task: {8EF27ABD-5BA3-453B-B008-9D94A8ACCCB5} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {90F4E69C-668A-427F-AE19-A7AB7CA09D07} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION Task: {94CD9053-54E4-4574-ADC3-46C128E1EEF8} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61} Task: {9A97C0AB-43DC-4851-841D-7EE5E9A07F1F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {9FC42C28-00D5-46FF-8F0B-CECF72538924} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-09-11] (Adobe Inc. -> Adobe) Task: {A2AD9A45-DC44-4E52-B5A0-EDFCAC9D8636} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {A4FB20E4-6408-43A7-AB49-DD737FAE4FB5} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913448 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation) Task: {AB51A8AA-0EB3-4045-8A25-F87202BF3A1A} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3310688 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation) Task: {B4822785-7D94-497B-8B3B-5D06E639F9EE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.) Task: {B71FCAB5-B66E-4795-A03C-F452424CA21D} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation) Task: {B8057EDC-EA8B-4D6B-884C-F40B1CBE7EE5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation) Task: {BBAD4F20-F2B0-47D1-9CAB-1E3F652CEF3D} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe Task: {BBC3E509-5CB1-442F-BAD1-5348A5540D49} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [134272480 2019-08-14] (Microsoft Corporation -> Microsoft Corporation) Task: {BF4E359C-2939-4766-B11E-9D2940F5F8CC} - System32\Tasks\{45FB5D6E-01DC-4A9E-AE37-6C36CBD504E3} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\Micael\AppData\Local\Microsoft\Windows\INetCache\IE\MRM3LXQP\Setup[1].exe Task: {C82F246E-2BD0-4A29-8F78-279A5A4181BF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-100295893-3780060295-1151518389-1001Core1d257fe429ed464 => C:\Users\Micael\AppData\Local\Google\Update\GoogleUpdate.exe Task: {CAD14698-1A3E-4D18-B883-449AD9D4EFDC} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_255_Plugin.exe [1457720 2019-09-11] (Adobe Inc. -> Adobe) Task: {CBA5D123-4747-4583-BD0F-8F793D4A1F2E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371} Task: {CFCD9DC0-7C66-4B89-BF37-C7E021E8EFBD} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA} Task: {DB5BF9DE-182D-49E1-8D33-7ADEB0681628} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-100295893-3780060295-1151518389-1001UA1d257fe42a947d1 => C:\Users\Micael\AppData\Local\Google\Update\GoogleUpdate.exe Task: {E2A9543B-1090-458E-9EBC-6E8487E1EA55} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe Task: {E6541BBC-6AD4-448F-AD8D-1F35CFD1222E} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation) Task: {E749E2DD-CF7F-4DD4-8211-3DF403A4AAE0} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-100295893-3780060295-1151518389-1001UA1d236e52e4818e3 => C:\Users\Micael\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc -> Dropbox, Inc.) Task: {E9E06227-EF72-4267-A2CF-52AA972878F8} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation) Task: {EAF82AA8-64F2-4191-BCEE-4C88BA1BA8F0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Task: {EB29166C-1C16-4492-89E8-ADE9FCB7065A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation) Task: {ECA96EE9-E96A-4F0D-8FD1-E2F3F354730D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION Task: {F13BE5E7-6783-4DA7-A0A8-D82D8051099E} - System32\Tasks\{1454D69F-3B41-471E-AB69-E6C2E4EE2E2B} => C:\windows\system32\pcalua.exe -a "C:\Users\Micael\Downloads\NBA 2K13 [PCDVD+Crack][Multi7 Español][2012]\NBA 2K13\setup.exe" -d "C:\Users\Micael\Downloads\NBA 2K13 [PCDVD+Crack][Multi7 Español][2012]\NBA 2K13" Task: {F50F9C5A-8AB7-403A-AEC2-E4D19BF05AAA} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316} Task: {F7AEA11C-061B-4137-A356-31A2F5524894} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-100295893-3780060295-1151518389-1001Core1d236e52e24d687 => C:\Users\Micael\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc -> Dropbox, Inc.) Task: {FAEAFBA6-3D80-4FD5-B0B2-A8CD40748290} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-100295893-3780060295-1151518389-1001Core1d236e52e24d687.job => C:\Users\Micael\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-100295893-3780060295-1151518389-1001UA1d236e52e4818e3.job => C:\Users\Micael\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-100295893-3780060295-1151518389-1001Core.job => C:\Users\Micael\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-100295893-3780060295-1151518389-1001UA.job => C:\Users\Micael\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\HPCeeScheduleForMicael.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 31478637-893d-449f-821d-5b65e857cce4.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task d2f6be15-b44d-408b-87dd-d4fc2965c1c7.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe Task: C:\WINDOWS\Tasks\WebReg HP Officejet 4500 G510n-z.job => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqwrg.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) ProxyEnable: [S-1-5-19] => Proxy is enabled. ProxyServer: [S-1-5-19] => 127.0.0.1:8080 ProxyEnable: [S-1-5-20] => Proxy is enabled. ProxyServer: [S-1-5-20] => 127.0.0.1:8080 Tcpip\..\Interfaces\{46635ca7-c4d2-48b7-b5db-011996426e7a}: [DhcpNameServer] 80.58.61.250 80.58.61.254 Tcpip\..\Interfaces\{551219f1-0cf4-402c-b52b-9bee7c32f965}: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{fa8b4b45-d5d2-4346-9d33-76097254562a}: [NameServer] 213.166.69.3,185.143.221.60,80.58.61.250,80.58.61.254 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCON13/31 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON13/31 HKU\S-1-5-21-100295893-3780060295-1151518389-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-100295893-3780060295-1151518389-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON13/31 HKU\S-1-5-21-100295893-3780060295-1151518389-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad SearchScopes: HKLM -> {B3D0B008-B703-4ECF-8DBA-7C227214E419} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/1185-154363-12092-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = SearchScopes: HKU\S-1-5-21-100295893-3780060295-1151518389-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-100295893-3780060295-1151518389-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-100295893-3780060295-1151518389-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2019-07-18] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_221\bin\ssv.dll [2019-09-01] (Oracle America, Inc. -> Oracle Corporation) BHO: Kaspersky Protection -> {9F904093-6E18-4536-BF5F-B03689CF00F0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\IEExt\ie_plugin.dll [2019-09-11] (Kaspersky Lab -> AO Kaspersky Lab) BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2018-12-19] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-09-01] (Oracle America, Inc. -> Oracle Corporation) BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2018-12-19] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO: Kaspersky Password Manager -> {F710F7E5-A520-471D-989C-F653AC328FB2} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\x64\ie_engine.dll [2019-09-12] (Kaspersky Lab -> AO Kaspersky Lab) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2019-07-18] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: No Name -> {31FF080D-12A3-439A-A2EF-4BA95A3148E8} -> No File BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\ssv.dll [2019-09-01] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Kaspersky Protection -> {9F904093-6E18-4536-BF5F-B03689CF00F0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\IEExt\ie_plugin.dll [2019-09-11] (Kaspersky Lab -> AO Kaspersky Lab) BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2018-12-19] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-09-01] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2018-12-19] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO-x32: Kaspersky Password Manager -> {F710F7E5-A520-471D-989C-F653AC328FB2} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\ie_engine.dll [2019-09-12] (Kaspersky Lab -> AO Kaspersky Lab) Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2018-12-19] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Toolbar: HKLM - Kaspersky Protection Toolbar - {EF293C5A-9F37-49FD-91C4-2B867063FC54} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\IEExt\ie_plugin.dll [2019-09-11] (Kaspersky Lab -> AO Kaspersky Lab) Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2018-12-19] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {EF293C5A-9F37-49FD-91C4-2B867063FC54} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\IEExt\ie_plugin.dll [2019-09-11] (Kaspersky Lab -> AO Kaspersky Lab) Toolbar: HKU\S-1-5-21-100295893-3780060295-1151518389-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File Toolbar: HKU\S-1-5-21-100295893-3780060295-1151518389-1001 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2018-12-19] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation -> Microsoft Corporation) FireFox: ======== FF DefaultProfile: 5imofo1h.default FF ProfilePath: C:\Users\Micael\AppData\Roaming\Mozilla\Firefox\Profiles\5imofo1h.default [2019-09-14] FF user.js: detected! => C:\Users\Micael\AppData\Roaming\Mozilla\Firefox\Profiles\5imofo1h.default\user.js [2019-09-11] FF DownloadDir: C:\Users\Micael\Desktop FF Homepage: Mozilla\Firefox\Profiles\5imofo1h.default -> hxxps://www.google.fr/ FF NewTab: Mozilla\Firefox\Profiles\5imofo1h.default -> about:blank FF NetworkProxy: Mozilla\Firefox\Profiles\5imofo1h.default -> ftp", "182.48.71.142" FF Extension: (Best Proxy Switcher) - C:\Users\Micael\AppData\Roaming\Mozilla\Firefox\Profiles\5imofo1h.default\Extensions\bestproxyswitcher@bestproxyswitcher.com.xpi [2018-01-12] FF Extension: (Enhancer for YouTube™) - C:\Users\Micael\AppData\Roaming\Mozilla\Firefox\Profiles\5imofo1h.default\Extensions\enhancerforyoutube@maximerf.addons.mozilla.org.xpi [2019-09-05] FF Extension: (YouTube Video and Audio Downloader) - C:\Users\Micael\AppData\Roaming\Mozilla\Firefox\Profiles\5imofo1h.default\Extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi [2017-05-21] [Legacy] FF Extension: (Firebug) - C:\Users\Micael\AppData\Roaming\Mozilla\Firefox\Profiles\5imofo1h.default\Extensions\firebug@software.joehewitt.com.xpi [2017-03-02] [Legacy] FF Extension: (MEGA) - C:\Users\Micael\AppData\Roaming\Mozilla\Firefox\Profiles\5imofo1h.default\Extensions\firefox@mega.co.nz.xpi [2019-09-13] [UpdateUrl:hxxps://mega.nz/firefox-web-extension-updates.json] FF Extension: (FoxyProxy Standard) - C:\Users\Micael\AppData\Roaming\Mozilla\Firefox\Profiles\5imofo1h.default\Extensions\foxyproxy@eric.h.jung.xpi [2019-07-12] FF Extension: (Groove Shredder) - C:\Users\Micael\AppData\Roaming\Mozilla\Firefox\Profiles\5imofo1h.default\Extensions\grooveshredder@code.argee.org.xpi [2016-05-02] [Legacy] FF Extension: (Proxy VPN gratis Hotspot Shield: desbloqueo de sitios) - C:\Users\Micael\AppData\Roaming\Mozilla\Firefox\Profiles\5imofo1h.default\Extensions\hotspot-shield@anchorfree.com.xpi [2018-10-11] FF Extension: (Kaspersky Password Manager) - C:\Users\Micael\AppData\Roaming\Mozilla\Firefox\Profiles\5imofo1h.default\Extensions\kpm_win_add_on_9.0@kaspersky.xpi [2019-07-09] [UpdateUrl:hxxps://special.s.kaspersky-labs.com/firefox_extensions/kpm_win_add_on/update.json] FF Extension: (FlashGot) - C:\Users\Micael\AppData\Roaming\Mozilla\Firefox\Profiles\5imofo1h.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2016-12-01] [Legacy] FF Extension: (ColorZilla) - C:\Users\Micael\AppData\Roaming\Mozilla\Firefox\Profiles\5imofo1h.default\Extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}.xpi [2017-03-08] FF Extension: (User-Agent Switcher) - C:\Users\Micael\AppData\Roaming\Mozilla\Firefox\Profiles\5imofo1h.default\Extensions\{75afe46a-7a50-4c6b-b866-c43a1075b071}.xpi [2019-07-04] FF Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\Micael\AppData\Roaming\Mozilla\Firefox\Profiles\5imofo1h.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-08-23] FF SearchPlugin: C:\Users\Micael\AppData\Roaming\Mozilla\Firefox\Profiles\5imofo1h.default\searchplugins\bsqueda-de-vdeos-en-youtube.xml [2015-03-03] FF ProfilePath: C:\Users\Micael\AppData\Roaming\finalefireworks.com\FINALE Fireworks\Profiles\8lodpm6p.default [2015-07-07] FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-05-02] FF HKLM\...\Firefox\Extensions: [light_plugin_B29D4AD94F82454BBC9215BCBD7E80AE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\FFExt\light_plugin_firefox\addon.xpi FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\FFExt\light_plugin_firefox\addon.xpi [2019-09-11] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi FF HKLM-x32\...\Firefox\Extensions: [light_plugin_B29D4AD94F82454BBC9215BCBD7E80AE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\FFExt\light_plugin_firefox\addon.xpi FF HKU\S-1-5-21-100295893-3780060295-1151518389-1001\...\Firefox\Extensions: [acewebextension_unlisted@acestream.org] - C:\Users\Micael\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => not found FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_255.dll [2019-09-11] (Adobe Inc. -> ) FF Plugin: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-09-01] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-09-01] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-07-05] (Adobe Inc. -> Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_255.dll [2019-09-11] (Adobe Inc. -> ) FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1213153.dll [No File] FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-02-13] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-02-13] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-09-01] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-09-01] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-07-28] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-12-19] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-12-19] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] FF Plugin-x32: @Sibelius.com/Scorch Plugin,version=6.2.0.88 -> C:\Program Files (x86)\Sibelius Software\Scorch\npsibelius.dll [2013-03-11] (Avid Technology, Inc. -> ) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [No File] FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [No File] FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2019-07-31] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-07-31] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-07-05] (Adobe Inc. -> Adobe Systems) FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [No File] FF Plugin HKU\S-1-5-21-100295893-3780060295-1151518389-1001: @acestream.net/acestreamplugin,version=3.0.11 -> C:\Users\Micael\AppData\Roaming\ACEStream\player\npace_plugin.dll [No File] FF Plugin HKU\S-1-5-21-100295893-3780060295-1151518389-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Micael\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google Inc -> Google) FF Plugin HKU\S-1-5-21-100295893-3780060295-1151518389-1001: @talk.google.com/O1DPlugin -> C:\Users\Micael\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google Inc -> Google) FF Plugin HKU\S-1-5-21-100295893-3780060295-1151518389-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Micael\AppData\Local\Google\Update\1.3.34.11\npGoogleUpdate3.dll [No File] FF Plugin HKU\S-1-5-21-100295893-3780060295-1151518389-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Micael\AppData\Local\Google\Update\1.3.34.11\npGoogleUpdate3.dll [No File] FF Plugin HKU\S-1-5-21-100295893-3780060295-1151518389-1001: hp.com/HPDetect -> C:\Users\Micael\AppData\Roaming\HewlettPackard\HPDetect\1.0.0.0\npHPDetect.dll [2012-08-30] (HP) [File not signed] FF Plugin ProgramFiles/Appdata: C:\Users\Micael\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-16] FF Plugin ProgramFiles/Appdata: C:\Users\Micael\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-16] FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2019-09-11] <==== ATTENTION (Points to *.cfg file) FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2019-09-11] <==== ATTENTION Chrome: ======= CHR DefaultProfile: Default CHR HomePage: Default -> hxxp://www.google.es/ CHR Profile: C:\Users\Micael\AppData\Local\Google\Chrome\User Data\default [2019-09-14] CHR Extension: (Documentos) - C:\Users\Micael\AppData\Local\Google\Chrome\User Data\default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-12] CHR Extension: (Google Drive) - C:\Users\Micael\AppData\Local\Google\Chrome\User Data\default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-26] CHR Extension: (YouTube) - C:\Users\Micael\AppData\Local\Google\Chrome\User Data\default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28] CHR Extension: (Búsqueda de Google) - C:\Users\Micael\AppData\Local\Google\Chrome\User Data\default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-31] CHR Extension: (Adobe Acrobat) - C:\Users\Micael\AppData\Local\Google\Chrome\User Data\default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-09-06] CHR Extension: (Block Yourself from Analytics) - C:\Users\Micael\AppData\Local\Google\Chrome\User Data\default\Extensions\fadgflmigmogfionelcpalhohefbnehm [2018-10-31] CHR Extension: (Documentos de Google sin conexión) - C:\Users\Micael\AppData\Local\Google\Chrome\User Data\default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-02] CHR Extension: (Eye Dropper) - C:\Users\Micael\AppData\Local\Google\Chrome\User Data\default\Extensions\hmdcmlfkchdmnmnmheododdhjedfccka [2019-06-14] CHR Extension: (WhatFont) - C:\Users\Micael\AppData\Local\Google\Chrome\User Data\default\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm [2017-05-16] CHR Extension: (Download Master) - C:\Users\Micael\AppData\Local\Google\Chrome\User Data\default\Extensions\mcceagdollnkjlogmdckgjakjapmkdjf [2014-09-14] CHR Extension: (Ace Script) - C:\Users\Micael\AppData\Local\Google\Chrome\User Data\default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2019-01-15] CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Micael\AppData\Local\Google\Chrome\User Data\default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-10] CHR Extension: (Chrome Update Tool) - C:\Users\Micael\AppData\Local\Google\Chrome\User Data\default\Extensions\ofjdblhobihaknilfmfjfpidfblgajmk [2019-09-11] CHR Extension: (Evernote Web Clipper) - C:\Users\Micael\AppData\Local\Google\Chrome\User Data\default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2019-07-01] CHR Extension: (Gmail) - C:\Users\Micael\AppData\Local\Google\Chrome\User Data\default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-06-14] CHR Extension: (Chrome Media Router) - C:\Users\Micael\AppData\Local\Google\Chrome\User Data\default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-08-07] CHR Extension: (Enhancer for YouTube™) - C:\Users\Micael\AppData\Local\Google\Chrome\User Data\default\Extensions\ponfpcnoihfmfllpaingbgckeeldkhle [2019-09-06] CHR Profile: C:\Users\Micael\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-09-14] CHR Profile: C:\Users\Micael\AppData\Local\Google\Chrome\User Data\System Profile [2019-09-14] CHR HKLM\...\Chrome\Extension: [elhpdacimkjpccooodognopfhbdgnpbk] - hxxps://chrome.google.com/webstore/detail/elhpdacimkjpccooodognopfhbdgnpbk CHR HKU\S-1-5-21-100295893-3780060295-1151518389-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhnkblpjbkfklfloegejegedcafpliaa] - hxxps://chrome.google.com/webstore/detail/dhnkblpjbkfklfloegejegedcafpliaa CHR HKU\S-1-5-21-100295893-3780060295-1151518389-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [elhpdacimkjpccooodognopfhbdgnpbk] - hxxps://chrome.google.com/webstore/detail/elhpdacimkjpccooodognopfhbdgnpbk CHR HKLM-x32\...\Chrome\Extension: [hcjdanpjacpeeppdjkppebobilhaglfo] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [lecopdllcadfbliodgfpfbhgoaohmlfe] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-31] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com) R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1162616 2018-12-01] (Autodesk, Inc. -> Autodesk Inc.) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [816184 2019-07-05] (Adobe Inc. -> Adobe Inc.) R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3117648 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2888272 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-04-29] (Apple Inc. -> Apple Inc.) R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [File not signed] S2 AVP20.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\avp.exe [357416 2019-03-21] (Kaspersky Lab -> AO Kaspersky Lab) S3 BMSService; C:\Program Files (x86)\NCH Swift Sound\BMS\bms.exe [860164 2014-09-30] (NCH Software) [File not signed] S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2019-03-19] (Microsoft Windows -> Microsoft Corporation) S2 CLKMSVC10_38F51D56; c:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [243728 2012-07-16] (CyberLink -> CyberLink) S3 GSService; C:\windows\SysWOW64\GSService.exe [505056 2013-09-09] (cyan soft ltd -> ) R2 HauppaugeTVServer; C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe [577536 2012-08-24] (Hauppauge Computer Works) [File not signed] R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed] S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed] R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Trusted Connect Service -> Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2014-02-13] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) S3 klvssbridge64_20.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\vssbridge64.exe [438928 2019-03-21] (Kaspersky Lab -> AO Kaspersky Lab) R2 kpm_launch_service; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_service.exe [354008 2019-02-08] (Kaspersky Lab -> AO Kaspersky Lab) S2 KSDE4.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 4.0\ksde.exe [619752 2019-03-21] (Kaspersky Lab -> AO Kaspersky Lab) S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes) S3 MsMpiLaunchSvc; C:\Program Files\Microsoft MPI\Bin\msmpilaunchsvc.exe [27760 2016-06-13] (AzureEngBuildCodeSign -> ) [File not signed] R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed] R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation) R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed] S3 sshd; C:\WINDOWS\System32\OpenSSH\sshd.exe [974848 2019-08-20] (Microsoft Windows -> ) S3 SshdBroker; C:\WINDOWS\System32\SshdBroker.dll [290816 2019-08-20] (Microsoft Windows -> Microsoft Corporation) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12001112 2019-08-29] (TeamViewer GmbH -> TeamViewer GmbH) S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [145512 2018-01-23] (Microsoft Corporation -> Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation) S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.1.7.1\WsAppService.exe [404480 2016-02-17] (Wondershare) [File not signed] S2 2C712B7E; C:\ProgramData\2C712B7E\0AB6B89F.dll [X] S2 HPRegistrationSvc; "c:\Program Files (x86)\Hewlett-Packard\HP Registration Service\HPRegistrationService.exe" [X] S2 HPSupportSolutionsFrameworkService; "C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe" [X] S2 HPTouchpointAnalyticsService; "C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe" [X] R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink -> CyberLink) R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [246912 2019-02-16] (Kaspersky Lab -> AO Kaspersky Lab) S3 EMVSCARD; C:\WINDOWS\System32\Drivers\EMVSCARD.sys [28544 2006-12-13] (Microsoft Windows Hardware Compatibility Publisher -> USB Smart Card Reader) R3 hcw17bda; C:\WINDOWS\system32\drivers\hcw17bda.sys [75184 2012-06-05] (Hauppauge Computer Works -> Hauppauge Computer Works, Inc.) S3 kinonivd; C:\WINDOWS\System32\drivers\kinonivd.sys [2782848 2013-02-26] (Kinoni Oy -> Windows (R) Win 7 DDK provider) R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [76624 2019-03-19] (Kaspersky Lab -> AO Kaspersky Lab) R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [129152 2019-07-29] (Kaspersky Lab -> AO Kaspersky Lab) R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [93312 2019-03-12] (Kaspersky Lab -> AO Kaspersky Lab) S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [37816 2019-01-24] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab) R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [251520 2019-08-02] (Kaspersky Lab -> AO Kaspersky Lab) R1 klgse; C:\WINDOWS\System32\DRIVERS\klgse.sys [514688 2019-06-13] (Kaspersky Lab -> AO Kaspersky Lab) R1 klhk; C:\WINDOWS\system32\DRIVERS\klhk.sys [1101136 2019-06-13] (Kaspersky Lab -> AO Kaspersky Lab) R3 klids; C:\ProgramData\Kaspersky Lab\AVP20.0\Bases\klids.sys [197760 2019-09-11] (Kaspersky Lab -> AO Kaspersky Lab) R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [996992 2019-08-02] (Kaspersky Lab -> AO Kaspersky Lab) R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [58192 2019-03-19] (Kaspersky Lab -> AO Kaspersky Lab) R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [79184 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab) R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [59512 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab) R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [51328 2019-03-13] (Kaspersky Lab -> AO Kaspersky Lab) S3 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [45904 2019-03-10] (Kaspersky Lab -> AO Kaspersky Lab) R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [48592 2018-03-16] (AnchorFree Inc -> The OpenVPN Project) R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [245272 2019-09-11] (Kaspersky Lab -> AO Kaspersky Lab) R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [99152 2019-09-11] (Kaspersky Lab -> AO Kaspersky Lab) S3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [302368 2019-09-11] (Kaspersky Lab -> AO Kaspersky Lab) R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [116104 2019-09-11] (Kaspersky Lab -> AO Kaspersky Lab) R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [198768 2019-09-11] (Kaspersky Lab -> AO Kaspersky Lab) R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [105600 2019-03-05] (Kaspersky Lab -> AO Kaspersky Lab) R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [210280 2019-03-13] (Kaspersky Lab -> AO Kaspersky Lab) R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [232272 2019-03-19] (Kaspersky Lab -> AO Kaspersky Lab) R3 L1C; C:\WINDOWS\System32\drivers\L1C63x64.sys [121344 2019-03-19] (Microsoft Windows -> Qualcomm Atheros Co., Ltd.) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2014-02-13] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) S3 MP4ConverterAudio; C:\WINDOWS\system32\drivers\MP4ConverterAudio.sys [34528 2013-09-09] (cyan soft ltd -> Windows (R) Win 7 DDK provider) S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2013-07-25] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.) R3 netr28x; C:\WINDOWS\System32\drivers\netr28x.sys [2537984 2019-03-19] (Microsoft Windows -> MediaTek Inc.) R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvhdc.inf_amd64_2707c70d42c54b4e\nvlddmkm.sys [17036560 2018-02-01] (NVIDIA Corporation -> NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-07-23] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation) R0 PxHlpa64; C:\WINDOWS\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation -> Corel Corporation) R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com) R3 STHDA; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [551936 2013-11-20] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [40664 2013-08-22] (OpenVPN Technologies, Inc. -> The OpenVPN Project) S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation) R3 WsAudioDevice_383; C:\WINDOWS\system32\drivers\VirtualAudio.sys [31080 2013-05-30] (Wondershare Software Co., Ltd. -> Wondershare) S3 WinDivert1.1; \??\C:\Program Files\KMSpico\WinDivert.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)