Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19.04.2024 01 Ran by fflor (administrator) on AMDG-ICM (Gigabyte Technology Co., Ltd. X570 AORUS PRO WIFI) (11-05-2024 13:37:46) Running from C:\Users\fflor\Desktop\FRST64.exe Loaded Profiles: fflor Platform: Microsoft Windows 10 Pro Version 22H2 19045.4291 (X64) Language: Spanish (Spain, International Sort) -> English (United States) Default browser: Brave Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2> (Athena Smartcard Solutions -> Athena Smartcard Solutions) C:\Program Files (x86)\Athena\IDProtect Client\Utils\IDProtect Monitor.exe (Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\1.3.361.149\BraveCrashHandler.exe (Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\1.3.361.149\BraveCrashHandler64.exe (C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe ->) (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe (C:\Program Files\Logitech\Flight Rudder Pedals\RudderPedals_Profiler.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\Flight Rudder Pedals\LAClient\laclient.exe (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3> (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\vkise.exe (explorer.exe ->) (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe <23> (explorer.exe ->) (Logitech) [File not signed] C:\Program Files\Logitech\Flight Rudder Pedals\RudderPedals_Profiler.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) C:\Program Files (x86)\GIGABYTE\AppCenter\ApCent.exe (Logitech Inc -> Logitech,Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LogiFEPluginforLync2010\4.0\LogiFEC.exe (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (rundll32.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe <5> (services.exe ->) () [File not signed] C:\Program Files (x86)\GIGABYTE\AppCenter\AdjustService.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe (services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (services.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\isesrv.exe (services.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe <2> (services.exe ->) (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (services.exe ->) (Flexera Software LLC -> Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe (services.exe ->) (Glarysoft Ltd -> Glarysoft Ltd) C:\Program Files (x86)\Common Files\Glarysoft\StartupManager\1.0\GUBootService.exe (services.exe ->) (Glarysoft Ltd -> Glarysoft Ltd) D:\Glary Utilities\x64\MemfilesService.exe (services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (services.exe ->) (Logitech Inc -> Logitech) C:\Program Files (x86)\Logitech\Pro Flight XPlugin\xplservice.exe (services.exe ->) (Logitech Inc -> Logitech) C:\Program Files\Logitech\LogiCapture\bin\Service\LogiFacecamService.exe (services.exe ->) (Magic Control Technology Corp. -> ) C:\Windows\System32\mlpatch.exe (services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpDefenderCoreService.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\NisSrv.exe (services.exe ->) (ND_Apps -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3> (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_84b2c943d6816eb7\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (PACE Anti-Piracy, Inc. -> PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe (services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe (services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe (services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe (services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe (services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe (services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe (services.exe ->) (Razer USA Ltd. -> Razer) C:\Windows\System32\RZTHXService.exe (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_ee6fe91a35eb809c\RtkAudUService64.exe <2> (services.exe ->) (Samsung Electronics CO., LTD. -> ) C:\Program Files\Samsung\Easy Connection to Screen\Service.exe (services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (services.exe ->) (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe (services.exe ->) (SEAGATE TECHNOLOGY LLC -> Seagate Technology LLC) C:\ProgramData\Toolkit\SeagateSecureService.exe (services.exe ->) (SEIKO EPSON Corporation -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe (svchost.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe (svchost.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe (svchost.exe ->) (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <3> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Windows.Media.BackgroundPlayback.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.4289_none_7e26f6bc7c7a4793\TiWorker.exe (svchost.exe ->) (Softdeluxe) [File not signed] C:\Program Files\Softdeluxe\Free Download Manager\helperservice.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_ee6fe91a35eb809c\RtkAudUService64.exe [3450728 2022-02-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [4096992 2023-11-07] (Adobe Inc. -> Adobe Systems, Incorporated) HKLM\...\Run: [Flight Rudder Pedals] => C:\Program Files\Logitech\Flight Rudder Pedals\RudderPedals_Profiler.exe [19968 2018-09-04] (Logitech) [File not signed] HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO) HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2020-05-31] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [670856 2020-05-31] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [896136 2020-05-31] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [4187856 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO) HKLM-x32\...\Run: [IDProtect Monitor] => C:\Program Files (x86)\Athena\IDProtect Client\Utils\IDProtect Monitor.exe [514360 2016-01-10] (Athena Smartcard Solutions -> Athena Smartcard Solutions) HKLM-x32\...\Run: [LogiFEPluginforLync2010] => C:\Program Files (x86)\Common Files\LogiShrd\LogiFEPluginforLync2010\4.0\LogiFEC.exe [296216 2018-02-12] (Logitech Inc -> Logitech,Inc.) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [11551624 2024-04-02] (Dropbox, Inc -> Dropbox, Inc.) HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> ) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [1131488 2024-03-13] (Adobe Inc. -> Adobe Inc.) HKLM-x32\...\RunOnce: [PreRun] => C:\Program Files (x86)\Gigabyte\AppCenter\PreRun.exe [14632 2016-02-26] (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) HKLM\...\Policies\Explorer: [AllowOnlineTips] 0 HKLM\Software\Policies\...\system: [PublishUserActivities] 0 HKU\S-1-5-21-2411154662-1222630629-2652977314-1001\...\Run: [Agente GAUDI] => C:\Users\fflor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Banco Central de Costa Rica\Agente GAUDI.appref-ms [428 2023-12-20] () [File not signed] HKU\S-1-5-21-2411154662-1222630629-2652977314-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45380000 2024-04-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) HKU\S-1-5-21-2411154662-1222630629-2652977314-1001\...\Policies\Explorer: [] HKU\S-1-5-21-2411154662-1222630629-2652977314-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [39936 2019-12-07] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Print\Monitors\EPSON L575 Series 64MonitorBE: C:\Windows\system32\E_YLMBMTE.DLL [180224 2020-05-31] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION) HKLM\...\Print\Monitors\EpsonNet Print Port: C:\Windows\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [File not signed] HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\124.1.65.132\Installer\chrmstp.exe [2024-05-10] (Brave Software, Inc. -> Brave Software, Inc.) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.99\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level IFEO\CompatTelRunner.exe: [Debugger] %windir%\System32\taskkill.exe IFEO\DeviceCensus.exe: [Debugger] %windir%\System32\taskkill.exe IFEO\software_reporter_tool.exe: [Debugger] %windir%\System32\taskkill.exe BootExecute: autocheck autochk * GroupPolicy: Restriction - Edge <==== ATTENTION Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION ==================== Scheduled Tasks (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {42824F63-653A-4C98-9689-97CE91558E75} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO) Task: {84DFE493-8A4B-41F2-885D-826D537D4273} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.) Task: {FEC853A2-F288-4DED-8962-FDD114BD0A64} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [4096992 2023-11-07] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {6176C7C9-3723-42C3-A6E2-722E55EB0282} - System32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [4434400 2023-11-07] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {798A303F-F456-4336-8EFC-CD320367B146} - System32\Tasks\AMDAutoUpdate => C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe [672064 2022-12-02] (Advanced Micro Devices Inc. -> ) Task: {BB78CEB7-199C-4C22-A14B-B3F38A901CCC} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [1645240 2020-09-25] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {7D439C17-2D46-4DE9-8C06-9A123E894A00} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162384 2021-01-14] (Brave Software, Inc. -> BraveSoftware Inc.) Task: {01E1FDA8-BFC5-47CF-ADE3-66ED68155D8D} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162384 2021-01-14] (Brave Software, Inc. -> BraveSoftware Inc.) Task: {E697B96A-9B3A-404A-8D5B-9CDC53E02871} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2024-04-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) Task: {F00127DB-2A72-4080-A372-45CFC3A913F0} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5074848 2024-04-10] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc. All rights reserved.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "8850c5f0-5d08-478f-ba5b-8e3a6f4739e9" --version "6.23.11010" --silent Task: {0893CE14-8686-4EE2-B2AA-257417339892} - System32\Tasks\CCleanerSkipUAC - fflor => C:\Program Files\CCleaner\CCleaner.exe [39118752 2024-04-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) Task: {8503A6A4-C4BC-4F04-9459-8E18EF96BFF3} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO) Task: {7484190A-5A92-4879-82D9-5215CFAEB1E1} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO) Task: {008CADCB-D417-4D74-9B33-2BC882EEDD7C} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO) Task: {D9516EB1-110A-4332-AB7D-A652DE848F5F} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO) Task: {7397F0E0-BA69-4E6D-A06F-8208E56B2FCA} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO) Task: {77EE21F2-D9DD-4094-BDD0-5968B210AE80} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO) Task: {27CB4623-5744-45AF-AE58-2DBAF0C739E5} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO) Task: {C3B55D91-54C0-4F00-9B60-F6537C2D80F1} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [5656192 2024-04-11] (Microsoft Windows -> Microsoft Corporation) Task: {177ED820-F4D1-454D-B709-32C380BB7790} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.) Task: {8FCBC686-9C03-4005-9CA3-B8CB1AD43CBD} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.) Task: {6551A6DA-039E-4C57-A5CB-EB7BBBD699B4} - System32\Tasks\FreeDownloadManagerHelperService => C:\Program Files\Softdeluxe\Free Download Manager\helperservice.exe [129536 2023-05-19] (Softdeluxe) [File not signed] Task: {02531CD9-B4C8-4E01-B2F2-9050B83912DA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-13] (Google LLC -> Google LLC) Task: {458AFF5C-827E-4FC1-AD25-653C3771B30F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-13] (Google LLC -> Google LLC) Task: {343EF809-11D9-404F-BE18-CBE9620D0908} - System32\Tasks\GUSkipUAC => D:\Glary Utilities\Integrator.exe [920984 2024-04-02] (Glarysoft Ltd -> Glarysoft Ltd) Task: {CFC92FF1-2B0A-49E9-B469-5D51B3D5A079} - System32\Tasks\iTop BLACK FRIDAY Task (One-Time) => "C:\Program Files\iTop Screen Recorder\Pub\isrbfr.exe" -> C:\Program Files\iTop Screen Recorder\Pub\\/isr Task: {24A5D1F3-EC7F-473B-AC80-60086D8D598C} - System32\Tasks\iTop Screen Recorder SkipUAC (fflor) => C:\Program Files\iTop Screen Recorder\IScrRec.exe [15653632 2023-01-06] (ORANGE VIEW LIMITED -> iTop Inc.) -> C:\Program Files\iTop Screen Recorder\\/skipuac Task: {4015B18E-CBF4-4FD2-9093-F1B216D8E18C} - System32\Tasks\iTop Screen Recorder UAC => C:\Program Files\iTop Screen Recorder\iScrInit.exe [1386240 2022-12-26] (ORANGE VIEW LIMITED -> iTop Inc.) -> C:\Program Files\iTop Screen Recorder\\/UAC Task: {6A96E6EE-23FC-4935-9BC6-56F579DC00BA} - System32\Tasks\iTop Screen Recorder Update => C:\Program Files\iTop Screen Recorder\AutoUpdate.exe [3246848 2022-11-02] (ORANGE VIEW LIMITED -> iTop Inc.) -> C:\Program Files\iTop Screen Recorder\\/auto Task: {9D5F09AF-518D-4528-A6B8-0F5DFA7BEF69} - System32\Tasks\iTop Screenshot SkipUAC (defaultuser100000) => C:\Program Files\iTop Screenshot\iScrShot.exe [7622400 2023-05-11] (ORANGE VIEW LIMITED -> iTop Inc.) -> C:\Program Files\iTop Screenshot\\/skipuac Task: {B7EB3EA5-8B74-4B77-BEF3-735815956955} - System32\Tasks\iTop Screenshot SkipUAC (fflor) => C:\Program Files\iTop Screenshot\iScrShot.exe [7622400 2023-05-11] (ORANGE VIEW LIMITED -> iTop Inc.) -> C:\Program Files\iTop Screenshot\\/skipuac Task: {6778C52E-5086-4A0E-8027-A02D91FC60CE} - System32\Tasks\iTop Screenshot Startup => C:\Program Files\iTop Screenshot\iScrShot.exe [7622400 2023-05-11] (ORANGE VIEW LIMITED -> iTop Inc.) -> C:\Program Files\iTop Screenshot\\/autorun Task: {DF36B9C5-5927-45C9-BE13-AECD38448397} - System32\Tasks\iTop Screenshot Update => C:\Program Files\iTop Screenshot\AutoUpdate.exe [3081472 2023-05-17] (ORANGE VIEW LIMITED -> iTop Inc.) -> C:\Program Files\iTop Screenshot\\/auto Task: {D10B9BB0-4773-4586-BC63-09D084451C6E} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-2411154662-1222630629-2652977314-1001 => C:\Users\fflor\AppData\Local\MEGAsync\MEGAupdater.exe [1303800 2020-11-17] (Mega Limited -> Mega Limited) Task: {8A5E4747-2D25-4337-8CCC-791991CF3ED8} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26919912 2024-04-08] (Microsoft Corporation -> Microsoft Corporation) Task: {75249A7C-98A5-4851-9AA7-41FF749837FD} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26919912 2024-04-08] (Microsoft Corporation -> Microsoft Corporation) Task: {A9046161-9C4E-4135-867D-7617493D854C} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158872 2024-04-20] (Microsoft Corporation -> Microsoft Corporation) Task: {51535138-9699-4D28-975E-EEA0EA74799F} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158872 2024-04-20] (Microsoft Corporation -> Microsoft Corporation) Task: {FD508B03-9840-4625-96F0-9A088A85B4FB} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [167976 2024-04-20] (Microsoft Corporation -> Microsoft Corporation) Task: {A6AB078F-6F67-462E-9FBC-96421D7A74B0} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [64936 2021-03-01] (Microsoft Corporation -> Microsoft) Task: {0FDD0D86-6DDE-4375-A260-FA06C88B5948} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\Microsoft.Security.ApplicationId.PolicyManagement.PSE32 => C:\Windows\system32\RUNDLL32.EXE [71680 2023-11-18] (Microsoft Windows -> Microsoft Corporation) -> C:\Users\fflor\AppData\Local\RecognitionMetadata\DrawProceby\CIM37mMedietdvt.dll dhbpsCeeularMAR Task: {34DC0E71-7135-466A-9EB0-77668108D56B} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [1645240 2020-09-25] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {7BBEB827-1C47-4234-A83B-A1D31F5D6E4E} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [6885240 2017-08-10] (Nero AG -> Nero AG) Task: {8C7269F7-6D3A-4249-94D4-D4E314E7A77D} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1005096 2023-11-01] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {56998B69-1C58-4D4A-B26B-ADBD429ECBD1} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3345448 2023-11-01] (NVIDIA Corporation -> NVIDIA Corporation) Task: {9E5D083D-C937-4F72-BE44-F628CF3BA5F6} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2023-11-01] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler Task: {821769E1-5425-420D-831F-FBBDC07E3C95} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-01] (NVIDIA Corporation -> NVIDIA Corporation) Task: {84AEB13A-EE8E-4330-BA23-A4C6DDE95C93} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-01] (NVIDIA Corporation -> NVIDIA Corporation) Task: {A33A1009-67CD-4554-98A4-920E4F156E75} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-01] (NVIDIA Corporation -> NVIDIA Corporation) Task: {302BCE73-9998-40B1-A322-E5BFEE9E4B57} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-01] (NVIDIA Corporation -> NVIDIA Corporation) Task: {5EE47A24-619D-41A7-B14A-C3642A8BE07D} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-01] (NVIDIA Corporation -> NVIDIA Corporation) Task: {0FE50804-32B6-4C9C-8DAE-B36C3D8ADE5A} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-01] (NVIDIA Corporation -> NVIDIA Corporation) Task: {F80D996F-E059-46B0-98B1-E70BDB16D85D} - System32\Tasks\Reality XP\RealityXP Garmin GNS v2 (X-Plane) Updates => C:\Windows\system32\rundll32.exe [71680 2023-11-18] (Microsoft Windows -> Microsoft Corporation) -> "C:\ProgramData\Reality XP\WinSparkle.dll",_DllCheck@16 -f -a "RealityXP Garmin GNS v2 (X-Plane)" -v "2.5.1.0" "hxxp://www.reality-xp.com/appcast/rxpGNS-XP.xml" Task: {9E5C3A52-6F25-4740-A982-AFBF7ADA7DAD} - System32\Tasks\SIV => C:\Program Files (x86)\GIGABYTE\SIV\Thermald.exe [392296 2023-01-09] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) Task: {05F65298-0BFD-4C96-A816-886B6E33E0BA} - System32\Tasks\SIV-VGA => C:\Program Files (x86)\GIGABYTE\SIV\Sensord.exe [257408 2021-06-29] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) Task: {98B079AE-0456-4074-BF5F-6AEC1E03C1AD} - System32\Tasks\Uninstaller_SkipUac_fflor => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [9410568 2022-10-25] (IObit CO., LTD -> IObit) -> C:\Program Files (x86)\IObit\IObit Uninstaller\\/UninstallExplorer (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-31] (Apple Inc. -> Apple Inc.) Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-31] (Apple Inc. -> Apple Inc.) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\..\Interfaces\{b806c916-eaf0-4124-85c0-4df69e518e63}: [DhcpNameServer] 192.168.5.1 192.168.0.1 Tcpip\..\Interfaces\{f45f4f23-e63e-456b-9cd9-7bce3a1e63a0}: [DhcpNameServer] 192.168.0.1 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\fflor\AppData\Local\Microsoft\Edge\User Data\Default [2024-05-10] Edge Extension: (Documentos de Google sin conexión) - C:\Users\fflor\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-02] Edge Extension: (Edge relevant text changes) - C:\Users\fflor\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-04-02] FireFox: ======== FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2021-11-01] [Legacy] [not signed] FF Plugin: @java.com/DTPlugin,version=11.411.2 -> D:\Java\Runtime\bin\dtplugin\npDeployJava1.dll [2024-03-13] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.411.2 -> D:\Java\Runtime\bin\plugin2\npjp2.dll [2024-03-13] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-01-15] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.15 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.19 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-05-04] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2024-03-13] (Adobe Inc. -> Adobe Systems) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-01-15] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2024-03-13] (Adobe Inc. -> Adobe Systems) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\fflor\AppData\Local\Google\Chrome\User Data\Default [2024-05-10] CHR StartupUrls: Default -> "hxxps://sites.google.com/site/capellaniahsjd/" CHR DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms} CHR DefaultSearchKeyword: Default -> duckduckgo.com CHR DefaultNewTabURL: Default -> hxxps://duckduckgo.com/chrome_newtab CHR DefaultSuggestURL: Default -> hxxps://duckduckgo.com/ac/?q={searchTerms}&type=list CHR Extension: (DuckDuckGo) - C:\Users\fflor\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2021-01-14] CHR Extension: (Adblock para Youtube™) - C:\Users\fflor\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2020-10-10] CHR Extension: (Clipchamp –convertir, comprimir y grabar vídeo) - C:\Users\fflor\AppData\Local\Google\Chrome\User Data\Default\Extensions\delkpojpfkkfgmknffmblbhmlamkjioi [2020-06-01] CHR Extension: (Adobe Acrobat) - C:\Users\fflor\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-12-15] CHR Extension: (Video Downloader professional) - C:\Users\fflor\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2020-07-25] CHR Extension: (AdBlock: el mejor bloqueador de anuncios) - C:\Users\fflor\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-12-16] CHR Extension: (Botón Guardar de Pinterest) - C:\Users\fflor\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2020-12-09] CHR Extension: (vGet Extension (Video Downloader, DLNA)) - C:\Users\fflor\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniladkejehjfchadikcbjmgjaogciic [2020-06-01] CHR Extension: (Aeropost Plug-in) - C:\Users\fflor\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikghdpjeomecocjlnookmmgpegfaamgl [2020-12-08] CHR Extension: (Safe Torrent Scanner) - C:\Users\fflor\AppData\Local\Google\Chrome\User Data\Default\Extensions\makcojoppodhcgmmchohadhpkicoafka [2020-08-21] CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\fflor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-05-30] CHR Extension: (ImTranslator: Traductor, Diccionario, Voz) - C:\Users\fflor\AppData\Local\Google\Chrome\User Data\Default\Extensions\noaijdpnepcgjemiklgfkcfbkokogabh [2020-12-26] CHR Extension: (Chrome Media Router) - C:\Users\fflor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-20] CHR Profile: C:\Users\fflor\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-05-10] CHR Profile: C:\Users\fflor\AppData\Local\Google\Chrome\User Data\System Profile [2024-05-10] CHR HKU\.DEFAULT\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKU\S-1-5-21-2411154662-1222630629-2652977314-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [makcojoppodhcgmmchohadhpkicoafka] Brave: ======= BRA DefaultProfile: Default BRA Profile: C:\Users\fflor\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2024-05-11] BRA Notifications: Default -> hxxps://www.facebook.com; hxxps://www.pinterest.com; hxxps://www.youtube.com BRA StartupUrls: Default -> "hxxps://sites.google.com/site/capellaniahsjd/" BRA DefaultSearchURL: Default -> hxxps://search.brave.com/search?q={searchTerms}&source=desktop BRA DefaultSearchKeyword: Default -> :br BRA DefaultSuggestURL: Default -> hxxps://search.brave.com/api/suggest?q={searchTerms} BRA Session Restore: Default -> is enabled. BRA Extension: (Google Translate) - C:\Users\fflor\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2023-03-22] BRA Extension: (DuckDuckGo) - C:\Users\fflor\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2024-03-13] BRA Extension: (Universal Video Downloader) - C:\Users\fflor\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\cogmkaeijeflocngklepoknelfjpdjng [2022-05-17] BRA Extension: (uBlock Origin Lite) - C:\Users\fflor\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ddkjiahejlhfcafbddmgiahcphecmpfh [2024-04-28] BRA Extension: (Video Downloader Professional) - C:\Users\fflor\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2024-04-11] BRA Extension: (Speak Subtitles for YouTube) - C:\Users\fflor\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\fjoiihoancoimepbgfcmopaciegpigpa [2023-06-07] BRA Extension: (Save to Pinterest) - C:\Users\fflor\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2024-05-10] BRA Extension: (Video Downloader Plus) - C:\Users\fflor\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\hkdmdpdhfaamhgaojpelccmeehpfljgf [2024-04-03] BRA Extension: (Office - Enable Copy and Paste) - C:\Users\fflor\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ifbmcpbgkhlpfcodhjhdbllhiaomkdej [2023-09-22] BRA Extension: (ImTranslator: Translator, Dictionary, TTS) - C:\Users\fflor\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\noaijdpnepcgjemiklgfkcfbkokogabh [2024-04-30] BRA Extension: (Flash Player for Chrome) - C:\Users\fflor\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\oakbcaafbicdddpdlhbchhpblmhefngh [2024-02-08] BRA Extension: (Adblock for You) - C:\Users\fflor\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ogcaehilgakehloljjmajoempaflmdci [2023-07-22] BRA Profile: C:\Users\fflor\AppData\Local\BraveSoftware\Brave-Browser\User Data\Guest Profile [2024-05-10] BRA Profile: C:\Users\fflor\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 1 [2024-05-11] BRA DefaultSearchURL: Profile 1 -> hxxps://search.brave.com/search?q={searchTerms}&source=desktop BRA DefaultSearchKeyword: Profile 1 -> :br BRA DefaultSuggestURL: Profile 1 -> hxxps://search.brave.com/api/suggest?q={searchTerms} BRA Extension: (Google Translate) - C:\Users\fflor\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 1\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2023-03-25] BRA Extension: (DuckDuckGo) - C:\Users\fflor\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 1\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2024-03-18] BRA Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\fflor\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-05-11] BRA Extension: (Video Downloader Plus) - C:\Users\fflor\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 1\Extensions\hkdmdpdhfaamhgaojpelccmeehpfljgf [2024-04-06] BRA Extension: (ImTranslator: Translator, Dictionary, TTS) - C:\Users\fflor\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 1\Extensions\noaijdpnepcgjemiklgfkcfbkokogabh [2024-05-01] BRA Profile: C:\Users\fflor\AppData\Local\BraveSoftware\Brave-Browser\User Data\System Profile [2024-05-11] BRA Extension: (Brave Ad Block Updater (Brave Ad Block First Party Filters (plaintext))) - C:\Users\fflor\AppData\Local\BraveSoftware\Brave-Browser\User Data\adcocjohghhfpidemphmcmlmhnfgikei [2024-05-10] BRA Extension: (Brave Local Data Files Updater) - C:\Users\fflor\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2024-05-10] BRA Extension: (Brave NTP background images) - C:\Users\fflor\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2024-02-01] BRA Extension: (Brave Ad Block Updater (Fanboy's Mobile Notifications (plaintext))) - C:\Users\fflor\AppData\Local\BraveSoftware\Brave-Browser\User Data\bfpgedeaaibpoidldhjcknekahbikncb [2024-05-11] BRA Extension: (Wallet Data Files Updater) - C:\Users\fflor\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2024-01-23] BRA Extension: (Brave Ad Block Updater (EasyList Cookie (plaintext))) - C:\Users\fflor\AppData\Local\BraveSoftware\Brave-Browser\User Data\cdbbhgbmjhfnhnmgeddbliobbofkgdhe [2024-05-11] BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\fflor\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2022-12-01] BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\fflor\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2024-01-09] BRA Extension: (Brave Ads Resources) - C:\Users\fflor\AppData\Local\BraveSoftware\Brave-Browser\User Data\elecgkckipdmnkkgndidemmdhdcdfhnp [2024-04-18] BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\fflor\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2024-04-25] BRA Extension: (Brave NTP sponsored images) - C:\Users\fflor\AppData\Local\BraveSoftware\Brave-Browser\User Data\hhbebcdhndppaeoepejhlhnmpcnekngl [2024-05-11] BRA Extension: (Brave Ad Block Updater (Brave Ad Block Updater (plaintext))) - C:\Users\fflor\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2024-05-11] BRA Extension: (Brave SpeedReader Updater) - C:\Users\fflor\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2022-03-10] BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\fflor\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2024-05-02] BRA Extension: (Brave Ads Resources) - C:\Users\fflor\AppData\Local\BraveSoftware\Brave-Browser\User Data\ocilmpijebaopmdifcomolmpigakocmo [2024-05-11] BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\fflor\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2023-10-25] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1046904 2020-03-04] (Autodesk, Inc. -> Autodesk Inc.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [944096 2024-03-13] (Adobe Inc. -> Adobe Inc.) R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [4555744 2023-11-07] (Adobe Inc. -> Adobe Systems, Incorporated) S3 AvidHubService; C:\Program Files\Avid\Cloud Client Services\Hub.exe [2299208 2017-11-09] (Avid Technology, Inc. -> Avid Technology, Inc.) S3 AvidTransportClient; C:\Program Files\Avid\Cloud Client Services\TransportClient.exe [7067464 2017-11-09] (Avid Technology, Inc. -> Avid Technology, Inc.) S3 Backupper Service; C:\Program Files (x86)\AOMEI(3)\ABService.exe [1102328 2023-02-24] (AOMEI International Network Limited -> AOMEI International Network Limited) S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162384 2021-01-14] (Brave Software, Inc. -> BraveSoftware Inc.) S3 BraveElevationService1d9bb6b1a36ab7a; C:\Program Files\BraveSoftware\Brave-Browser\Application\124.1.65.132\elevation_service.exe [2680344 2024-05-09] (Brave Software, Inc. -> Brave Software, Inc.) S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162384 2021-01-14] (Brave Software, Inc. -> BraveSoftware Inc.) S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1085856 2024-04-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11824848 2024-04-08] (Microsoft Corporation -> Microsoft Corporation) R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334144 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO) R2 CmdAgentProt; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334144 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO) S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2675504 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO) S3 Creative Media Toolbox 6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\MT6Licensing.exe [79360 2020-07-19] (Creative Labs) [File not signed] R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2012-10-08] (Creative Technology Ltd) [File not signed] R2 CtHdaSvc; C:\Windows\sysWow64\CtHdaSvc.exe [133080 2021-01-11] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd) S3 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.) R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [46824 2024-04-02] (Dropbox, Inc -> Dropbox, Inc.) R2 Easy Connection to Screen; C:\Program Files\Samsung\Easy Connection to Screen\Service.exe [302352 2021-06-08] (Samsung Electronics CO., LTD. -> ) S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934368 2021-10-01] (Epic Games Inc. -> Epic Games, Inc.) S3 EpsonCustomerResearchParticipation; C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe [678328 2020-05-31] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2020-05-31] (SEIKO EPSON Corporation -> Seiko Epson Corporation) R2 GUBootService; C:\Program Files (x86)\Common Files\Glarysoft\StartupManager\1.0\GUBootService.exe [888216 2023-11-19] (Glarysoft Ltd -> Glarysoft Ltd) R2 GUMemfilesService; D:\Glary Utilities\x64\MemfilesService.exe [433560 2024-04-02] (Glarysoft Ltd -> Glarysoft Ltd) S3 GUPMService; D:\Glary Utilities\GUPMService.exe [76696 2024-04-02] (Glarysoft Ltd -> Glarysoft Ltd) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed] S3 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [167432 2022-10-20] (IObit CO., LTD -> IObit) R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [1044176 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO) R2 LogiFacecamService; C:\Program Files\Logitech\LogiCapture\bin\Service\LogiFacecamService.exe [499336 2020-05-18] (Logitech Inc -> Logitech) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8887264 2024-05-07] (Malwarebytes Inc. -> Malwarebytes) R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpDefenderCoreService.exe [1459968 2024-05-09] (Microsoft Windows Publisher -> Microsoft Corporation) R2 MlPatch; C:\Windows\system32\MlPatch.exe [2244912 2014-08-22] (Magic Control Technology Corp. -> ) R2 MyService1; C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe [18944 2021-04-08] () [File not signed] S3 NeroBackItUpBackgroundService2018; C:\Program Files (x86)\Nero\Nero 2018\Nero BackItUp\NBService.exe [287096 2017-12-15] (Nero AG -> Nero AG) R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_84b2c943d6816eb7\Display.NvContainer\NVDisplay.Container.exe [1275440 2024-04-12] (NVIDIA Corporation -> NVIDIA Corporation) R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [1995200 2022-12-21] (Razer USA Ltd. -> Razer Inc.) R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [485312 2022-12-21] (Razer USA Ltd. -> Razer Inc.) R2 Razer Chroma Stream Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe [1354192 2022-10-12] (Razer USA Ltd. -> Razer Inc.) R3 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [254224 2021-11-15] (Razer USA Ltd. -> Razer Inc) R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [300552 2023-01-05] (Razer USA Ltd. -> Razer Inc.) S3 Razer Update Service; C:\Program Files (x86)\Razer\RzUpdateEngineService\RzUpdateEngineService.exe [408912 2020-04-01] (Razer USA Ltd. -> Razer) R3 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [537912 2022-10-23] (Razer USA Ltd. -> Razer Inc.) R2 RzThxSrv; C:\Windows\system32\RZTHXService.exe [357104 2020-04-26] (Razer USA Ltd. -> Razer) R2 SeagateSecure; C:\ProgramData\Toolkit\SeagateSecureService.exe [375360 2022-07-11] (SEAGATE TECHNOLOGY LLC -> Seagate Technology LLC) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [522184 2024-04-11] (Microsoft Windows Publisher -> Microsoft Corporation) R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2022-10-04] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) R2 ss_conn_service2; C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [920768 2022-10-04] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) S3 vMixService; C:\Program Files (x86)\vMix\drivers\vMixService.exe [19968 2018-03-19] () [File not signed] R2 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [147392 2019-05-01] (Microsoft Corporation -> Microsoft Corporation) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\NisSrv.exe [3199648 2024-05-09] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MsMpEng.exe [133576 2024-05-09] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WsaService; C:\Users\fflor\WsaManagerForWindows\WsaService\WsaService.exe [281600 2023-04-19] () [File not signed] R2 XSaiSvc; C:\Program Files (x86)\Logitech\Pro Flight XPlugin\xplservice.exe [91256 2017-05-09] (Logitech Inc -> Logitech) S2 OCButtonService; no ImagePath R2 PaceLicenseDServices; "C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe" -u hxxps://activation.paceap.com/InitiateActivation S3 ZoomCptService; "C:\Program Files\Common Files\Zoom\Support\CptService.exe" -user_path "C:\Users\fflor\AppData\Roaming\Zoom" ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R0 ambakdrv; C:\Windows\System32\ambakdrv.sys [51120 2019-05-14] (CHENGDU AOMEI Tech Co., Ltd. -> ) R3 AmdTools64; C:\Windows\System32\drivers\AmdTools64.sys [63392 2020-06-15] (Microsoft Windows Hardware Compatibility Publisher -> ) R2 ammntdrv; C:\Windows\system32\ammntdrv.sys [172928 2023-02-28] (AOMEI International Network Limited -> ) S3 ampa; C:\Windows\system32\ampa.sys [17008 2013-12-18] (ChengDu AoMei Tech Co., Ltd -> ) [File not signed] R2 amwrtdrv; C:\Windows\system32\amwrtdrv.sys [32176 2023-02-28] (AOMEI International Network Limited -> ) S0 cmdboot; C:\Windows\System32\DRIVERS\cmdboot.sys [17576 2019-10-22] (Microsoft Windows Early Launch Anti-malware Publisher -> COMODO) R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [38880 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO) R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [844000 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO) R3 cthda; C:\Windows\system32\drivers\cthda.sys [1090416 2021-01-11] (Creative Technology Ltd -> Creative Technology Ltd) R3 cthdb; C:\Windows\system32\DRIVERS\cthdb.sys [53616 2021-01-11] (Creative Technology Ltd -> Creative Technology Ltd) R1 CTIIO; C:\Windows\system32\drivers\CtiIo64.sys [32296 2023-02-02] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.) S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2022-10-04] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R2 Dokan2; C:\Windows\system32\drivers\dokan2.sys [395400 2023-12-22] (Microsoft Windows Hardware Compatibility Publisher -> Dokan Project) R3 DroidCam; C:\Windows\System32\drivers\droidcam.sys [32240 2020-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Dev47Apps) R3 DroidCamVideo; C:\Windows\System32\drivers\droidcamvideo.sys [33768 2020-04-18] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) S3 DynCal; C:\Windows\SysWOW64\drivers\Dyncal.sys [8192 2003-11-14] (Windows (R) 2000 DDK provider) [File not signed] S3 evserial9; C:\Windows\System32\DRIVERS\evserial9.sys [47952 2023-03-29] (Electronic Team, Inc. -> Electronic Team, Inc.) R3 gdrv3; C:\Windows\System32\drivers\gdrv3.sys [52016 2024-02-29] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [23568 2023-07-19] (Microsoft Windows Hardware Compatibility Publisher -> Glarysoft Ltd) R2 inpoutx64; C:\Windows\System32\Drivers\inpoutx64.sys [15008 2023-02-11] (Red Fox UK Limited -> Highresolution Enterprises [www.highrez.co.uk]) R1 isedrv; C:\Windows\system32\drivers\isedrv.sys [63256 2018-08-29] (Comodo Security Solutions, Inc. -> COMODO) R3 LSaiMini; C:\Windows\System32\drivers\LSaiMini.sys [20720 2018-09-04] (WDKTestCert SYSTEM,131245371151827277 -> Logitech) R3 LSaiNtBus; C:\Windows\system32\drivers\LSaiBus.sys [60336 2018-09-04] (WDKTestCert SYSTEM,131245371151827277 -> Logitech) R2 mbamchameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223184 2024-05-11] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2024-05-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239576 2024-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [17424 2023-02-02] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd) R3 NewTek_AudioPortClass; C:\Windows\System32\drivers\NewTek_AudioPortClass.sys [33336 2020-05-07] (Microsoft Windows Hardware Compatibility Publisher -> NewTek) R3 NewTek_WDM_KS; C:\Windows\System32\drivers\NewTek_WDM_KS.sys [27832 2020-05-07] (Microsoft Windows Hardware Compatibility Publisher -> NewTek) R3 NvModuleTracker; C:\Windows\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-13] (Nvidia Corporation -> NVIDIA Corporation) S3 SaiH0C2D; C:\Windows\system32\DRIVERS\SaiH0C2D.sys [176128 2007-07-02] (Saitek -> Saitek) R3 SaiK0763; C:\Windows\system32\DRIVERS\SaiK0763.sys [217408 2018-09-04] (WDKTestCert SYSTEM,131245371151827277 -> Logitech) S3 SaiK0bac; C:\Windows\system32\DRIVERS\SaiK0bac.sys [217408 2018-09-04] (WDKTestCert SYSTEM,131245371151827277 -> Logitech) S3 SaiU0bac; C:\Windows\system32\DRIVERS\SaiU0bac.sys [24816 2018-09-04] (WDKTestCert SYSTEM,131245371151827277 -> Logitech) S3 sershare; C:\Windows\System32\DRIVERS\sershare.sys [47952 2023-03-29] (Electronic Team, Inc. -> Electronic Team, Inc.) R3 SerSw; C:\Windows\System32\drivers\sersw.sys [62624 2023-03-29] (Electronic Team, Inc -> ELTIMA Software) R3 SPBUS; C:\Windows\System32\drivers\spbus.sys [112976 2023-03-29] (Electronic Team, Inc. -> Electronic Team, Inc.) R3 sRZTHXSpatial; C:\Windows\System32\drivers\RZTHXSpatial.sys [172024 2020-04-25] (Razer USA Ltd. -> Windows (R) Win 7 DDK provider) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174112 2022-10-04] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S3 ss_conn_usb_driver2; C:\Windows\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-10-04] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R3 t6sta; C:\Windows\System32\Drivers\t6sta.sys [166696 2022-05-31] (MAGIC CONTROL TECHNOLOGY CORPORATION -> Magic Control Technology Corporation) R3 VBAudioVACMME; C:\Windows\System32\drivers\vbaudio_cable64_win7.sys [41192 2014-09-02] (Vincent Burel -> Windows (R) Win 7 DDK provider) R3 VSBC9; C:\Windows\System32\drivers\evsbc9.sys [136720 2023-03-29] (Electronic Team, Inc. -> Electronic Team, Inc.) S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [20936 2024-05-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [601376 2024-05-09] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105760 2024-05-09] (Microsoft Windows -> Microsoft Corporation) U4 DcpSvc; no ImagePath U4 NvTelemetryContainer; no ImagePath U4 xbgm; no ImagePath ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) (Whitelisted) ========= (If an entry is included in the fixlist, the file/folder will be moved.) 2024-05-11 13:37 - 2024-05-11 13:38 - 000058466 _____ C:\Users\fflor\Desktop\FRST.txt 2024-05-11 13:00 - 2024-05-11 13:00 - 000003098 _____ C:\Windows\system32\Tasks\AMDLinkUpdate 2024-05-11 12:28 - 2024-05-11 13:38 - 000000000 ____D C:\FRST 2024-05-11 12:23 - 2024-05-11 12:24 - 002394112 _____ (Farbar) C:\Users\fflor\Desktop\FRST64.exe 2024-05-11 11:07 - 2024-05-11 11:07 - 000586498 _____ C:\Users\fflor\Documents\cc_20240511_100708.reg 2024-05-10 13:33 - 2024-05-10 13:33 - 000092944 _____ C:\Windows\system32\lc.dat 2024-05-10 12:39 - 2024-05-10 12:39 - 000000000 ____D C:\ProgramData\Piriform 2024-05-10 12:36 - 2024-05-11 13:03 - 000004210 _____ C:\Windows\system32\Tasks\CCleaner Update 2024-05-10 12:36 - 2024-05-11 10:53 - 000000000 ____D C:\Program Files\CCleaner 2024-05-10 12:36 - 2024-05-10 13:34 - 000000666 _____ C:\Windows\Tasks\CCleanerCrashReporting.job 2024-05-10 12:36 - 2024-05-10 12:36 - 000003382 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting 2024-05-10 12:36 - 2024-05-10 12:36 - 000002890 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - fflor 2024-05-10 12:36 - 2024-05-10 12:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2024-05-07 21:52 - 2024-05-11 13:01 - 000000000 ____D C:\Users\fflor\AppData\Local\Malwarebytes 2024-05-07 21:52 - 2024-05-07 21:52 - 000002037 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2024-05-07 21:52 - 2024-05-07 21:52 - 000000000 ____D C:\Users\fflor\AppData\Local\mbam 2024-05-07 21:50 - 2024-05-07 21:51 - 000000000 ____D C:\ProgramData\Malwarebytes 2024-05-07 21:50 - 2024-05-07 21:51 - 000000000 ____D C:\Program Files\Malwarebytes 2024-05-07 21:47 - 2024-05-07 21:47 - 002394112 _____ (Farbar) C:\Users\fflor\Downloads\FRSTEnglish.exe 2024-05-05 20:00 - 2024-05-05 20:00 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task 2024-05-05 20:00 - 2024-05-05 20:00 - 000002083 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk 2024-05-03 11:04 - 2024-05-03 11:04 - 000000000 ____D C:\Users\fflor\AppData\LocalLow\BLUM Entertainment 2024-05-02 00:21 - 2024-05-02 00:28 - 000000000 ____D C:\Users\fflor\Downloads\Iberdesign 2024-04-30 23:14 - 2024-04-30 23:59 - 000000000 ____D C:\Users\fflor\Downloads\Telegram Desktop 2024-04-29 06:15 - 2024-05-03 04:13 - 000000000 ____D C:\Users\fflor\Documents\Plantillas personalizadas de Office 2024-04-28 03:37 - 2024-04-28 03:37 - 000000000 ____D C:\Users\fflor\AppData\Local\Vivaland 2024-04-26 14:22 - 2024-04-26 14:22 - 000001316 _____ C:\Users\fflor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\QGIS3.lnk 2024-04-26 14:22 - 2024-04-26 14:22 - 000000000 ____D C:\Users\fflor\AppData\Roaming\QGIS 2024-04-26 14:22 - 2024-04-26 14:22 - 000000000 ____D C:\Users\fflor\AppData\Roaming\GRASS7 2024-04-26 14:22 - 2024-04-26 14:22 - 000000000 ____D C:\Users\fflor\AppData\Local\QGIS 2024-04-26 03:45 - 2024-04-26 03:45 - 000001181 _____ C:\Users\fflor\Desktop\autoortho_0.7.1_XP12.lnk 2024-04-21 02:52 - 2024-04-12 14:22 - 002031488 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe 2024-04-21 02:52 - 2024-04-12 14:22 - 002031488 _____ C:\Windows\system32\vulkaninfo.exe 2024-04-21 02:52 - 2024-04-12 14:22 - 001578872 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2024-04-21 02:52 - 2024-04-12 14:22 - 001578872 _____ C:\Windows\SysWOW64\vulkaninfo.exe 2024-04-21 02:52 - 2024-04-12 14:22 - 001488024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2024-04-21 02:52 - 2024-04-12 14:22 - 001445128 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll 2024-04-21 02:52 - 2024-04-12 14:22 - 001445128 _____ C:\Windows\system32\vulkan-1.dll 2024-04-21 02:52 - 2024-04-12 14:22 - 001295120 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll 2024-04-21 02:52 - 2024-04-12 14:22 - 001295120 _____ C:\Windows\SysWOW64\vulkan-1.dll 2024-04-21 02:52 - 2024-04-12 14:22 - 001226776 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2024-04-21 02:52 - 2024-04-12 14:18 - 001543296 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2024-04-21 02:52 - 2024-04-12 14:18 - 001199752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2024-04-21 02:52 - 2024-04-12 14:18 - 001046168 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll 2024-04-21 02:52 - 2024-04-12 14:18 - 000842288 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe 2024-04-21 02:52 - 2024-04-12 14:18 - 000670360 _____ (NVIDIA Corporation) C:\Windows\system32\nvofapi64.dll 2024-04-21 02:52 - 2024-04-12 14:18 - 000505480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvofapi.dll 2024-04-21 02:52 - 2024-04-12 14:17 - 002174512 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2024-04-21 02:52 - 2024-04-12 14:17 - 001626664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2024-04-21 02:52 - 2024-04-12 14:17 - 001024552 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2024-04-21 02:52 - 2024-04-12 14:17 - 000787480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2024-04-21 02:52 - 2024-04-12 14:17 - 000459928 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe 2024-04-21 02:52 - 2024-04-12 14:16 - 016034968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2024-04-21 02:52 - 2024-04-12 14:16 - 012930200 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2024-04-21 02:52 - 2024-04-12 14:16 - 006780552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2024-04-21 02:52 - 2024-04-12 14:16 - 005913752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2024-04-21 02:52 - 2024-04-12 14:16 - 005772824 _____ (NVIDIA Corporation) C:\Windows\system32\nvcudadebugger.dll 2024-04-21 02:52 - 2024-04-12 14:16 - 003721352 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2024-04-21 02:52 - 2024-04-12 14:15 - 000853016 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe 2024-04-21 02:52 - 2024-04-12 14:14 - 006948656 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2024-04-21 02:52 - 2024-04-12 14:14 - 006035152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2024-04-21 02:52 - 2024-04-11 21:05 - 000119466 _____ C:\Windows\system32\nvinfo.pb 2024-04-20 23:02 - 2024-04-20 23:03 - 003575712 _____ C:\Users\fflor\Downloads\FichaTecnica_HyundaiCreta.pdf 2024-04-20 20:10 - 2024-04-20 20:10 - 000003708 _____ C:\Users\fflor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Office Remote.lnk 2024-04-20 11:10 - 2024-04-20 11:10 - 000001365 _____ C:\Users\fflor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk 2024-04-20 11:10 - 2024-04-20 11:10 - 000000000 ____D C:\Users\fflor\AppData\Local\PCHealthCheck 2024-04-19 06:16 - 2024-04-19 06:16 - 000003560 _____ C:\Users\fflor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Appstore de Amazon.lnk 2024-04-19 06:15 - 2024-05-11 13:00 - 000001134 _____ C:\Windows\system32\config\VSMIDK 2024-04-19 06:14 - 2024-05-09 20:05 - 000000000 ____D C:\Program Files\Hyper-V 2024-04-19 06:14 - 2024-04-19 06:14 - 000000000 ____D C:\Windows\system32\BestPractices 2024-04-18 22:08 - 2024-04-18 22:08 - 000000000 ____D C:\Users\fflor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom 2024-04-18 22:06 - 2024-04-18 22:06 - 000000777 _____ C:\Users\Public\Desktop\Hasleo WinToUSB.lnk 2024-04-18 22:06 - 2024-04-18 22:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hasleo WinToUSB 2024-04-18 21:08 - 2024-04-18 21:08 - 000000000 ____D C:\Users\fflor\AppData\Roaming\Sun 2024-04-18 21:07 - 2024-04-18 21:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2024-04-18 21:07 - 2024-04-18 21:07 - 000000000 ____D C:\Program Files\Common Files\Oracle 2024-04-18 21:07 - 2024-03-13 08:48 - 000200320 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2024-04-18 20:56 - 2024-04-18 21:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit 2024-04-18 20:39 - 2024-04-18 20:39 - 000002982 _____ C:\Windows\system32\Tasks\GUSkipUAC 2024-04-18 19:41 - 2024-04-18 19:41 - 000002271 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk 2024-04-15 04:44 - 2024-04-15 04:44 - 000000000 ____D C:\Users\fflor\.android 2024-04-15 04:41 - 2024-04-15 04:41 - 000000000 ____D C:\Users\fflor\WsaManagerForWindows 2024-04-15 03:09 - 2024-04-15 03:09 - 031304692 _____ C:\Users\fflor\Downloads\cinetv_magisfilm-site.apk 2024-04-13 00:56 - 2024-04-13 00:56 - 002237647 _____ C:\Users\fflor\Downloads\tasas.pdf 2024-04-13 00:53 - 2024-04-13 00:53 - 000207107 _____ C:\Users\fflor\Downloads\Términos y Condiciones APE.pdf 2024-04-11 23:48 - 2024-04-11 23:48 - 000020861 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json 2024-04-11 23:47 - 2024-04-11 23:47 - 000020861 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2024-05-11 13:31 - 2020-05-30 04:24 - 000000000 ____D C:\Users\fflor\AppData\Local\Packages 2024-05-11 13:31 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\AppReadiness 2024-05-11 13:31 - 2019-12-07 04:03 - 000000000 ____D C:\Windows\CbsTemp 2024-05-11 13:30 - 2021-06-15 01:54 - 001474832 _____ C:\Windows\system32\Drivers\sfi.dat 2024-05-11 13:29 - 2020-05-30 04:25 - 000000000 ____D C:\Users\fflor\AppData\Roaming\Microsoft\Spelling 2024-05-11 13:29 - 2019-12-07 04:14 - 000000000 ___HD C:\Program Files\WindowsApps 2024-05-11 13:28 - 2019-12-07 04:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2024-05-11 13:25 - 2020-05-30 05:11 - 000000000 ____D C:\ProgramData\NVIDIA 2024-05-11 13:10 - 2020-10-22 15:37 - 000000439 _____ C:\Windows\system32\Drivers\etc\hosts.ics 2024-05-11 13:06 - 2020-05-30 04:14 - 001766302 _____ C:\Windows\system32\PerfStringBackup.INI 2024-05-11 13:06 - 2019-12-07 09:55 - 000785304 _____ C:\Windows\system32\perfh00A.dat 2024-05-11 13:06 - 2019-12-07 09:55 - 000153328 _____ C:\Windows\system32\perfc00A.dat 2024-05-11 13:06 - 2019-12-07 04:13 - 000000000 ____D C:\Windows\INF 2024-05-11 13:02 - 2021-12-17 12:32 - 000000000 ____D C:\Windows\SystemTemp 2024-05-11 13:01 - 2021-04-20 17:54 - 000000000 ____D C:\Users\fflor\AppData\Local\Deployment 2024-05-11 13:01 - 2020-05-30 22:13 - 000000000 ____D C:\Users\fflor\AppData\Local\CrashDumps 2024-05-11 13:00 - 2023-06-01 18:21 - 000000000 ____D C:\Users\fflor\Documents\Assassin's Creed Unity 2024-05-11 13:00 - 2020-07-13 10:26 - 000008192 ___SH C:\DumpStack.log.tmp 2024-05-11 13:00 - 2020-05-30 04:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2024-05-11 13:00 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\ServiceState 2024-05-11 12:59 - 2019-12-07 04:03 - 001048576 _____ C:\Windows\system32\config\BBI 2024-05-11 12:51 - 2020-07-11 00:22 - 000000000 ____D C:\Users\fflor\AppData\Roaming\Microsoft\Excel 2024-05-11 12:04 - 2020-12-22 01:13 - 000000000 ____D C:\Users\Public\Logi 2024-05-11 10:40 - 2020-05-30 23:50 - 000000000 ____D C:\Users\fflor\AppData\Local\D3DSCache 2024-05-11 10:39 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\es-MX 2024-05-11 10:39 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\PolicyDefinitions 2024-05-11 10:39 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\IME 2024-05-11 00:10 - 2020-08-06 10:23 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData 2024-05-10 15:05 - 2019-12-07 09:57 - 000000000 ____D C:\Windows\OCR 2024-05-10 14:45 - 2021-01-14 01:41 - 000002380 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk 2024-05-10 14:23 - 2020-06-07 13:23 - 000000000 ____D C:\Users\fflor\AppData\Roaming\IObit 2024-05-10 14:23 - 2020-06-07 13:23 - 000000000 ____D C:\ProgramData\IObit 2024-05-10 14:23 - 2020-06-07 13:23 - 000000000 ____D C:\Program Files (x86)\IObit 2024-05-10 13:29 - 2020-06-20 16:00 - 000000000 ____D C:\Program Files (x86)\Steam 2024-05-10 13:16 - 2020-05-31 02:16 - 000000000 ____D C:\Windows\system32\MRT 2024-05-10 13:12 - 2020-05-31 02:16 - 192651728 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2024-05-10 12:32 - 2020-05-30 23:47 - 000000000 ____D C:\Users\fflor\AppData\Roaming\Microsoft\Word 2024-05-10 12:02 - 2020-06-07 13:23 - 000000000 ____D C:\ProgramData\ProductData 2024-05-10 00:50 - 2024-02-15 12:49 - 000000000 ____D C:\Users\fflor\AppData\Local\RecognitionMetadata 2024-05-09 23:27 - 2021-01-19 20:17 - 000000000 ____D C:\Users\fflor\AppData\Roaming\Telegram Desktop 2024-05-09 20:05 - 2019-12-07 09:58 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2024-05-09 20:05 - 2019-12-07 09:58 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2024-05-09 20:05 - 2019-12-07 09:58 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2024-05-09 20:05 - 2019-12-07 09:55 - 000000000 ____D C:\Windows\SysWOW64\winrm 2024-05-09 20:05 - 2019-12-07 09:55 - 000000000 ____D C:\Windows\SysWOW64\WCN 2024-05-09 20:05 - 2019-12-07 09:55 - 000000000 ____D C:\Windows\SysWOW64\slmgr 2024-05-09 20:05 - 2019-12-07 09:55 - 000000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts 2024-05-09 20:05 - 2019-12-07 09:55 - 000000000 ____D C:\Windows\system32\winrm 2024-05-09 20:05 - 2019-12-07 09:55 - 000000000 ____D C:\Windows\system32\WCN 2024-05-09 20:05 - 2019-12-07 09:55 - 000000000 ____D C:\Windows\system32\slmgr 2024-05-09 20:05 - 2019-12-07 09:55 - 000000000 ____D C:\Windows\system32\Printing_Admin_Scripts 2024-05-09 20:05 - 2019-12-07 04:14 - 000000000 ___SD C:\Windows\SysWOW64\F12 2024-05-09 20:05 - 2019-12-07 04:14 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs 2024-05-09 20:05 - 2019-12-07 04:14 - 000000000 ___SD C:\Windows\system32\F12 2024-05-09 20:05 - 2019-12-07 04:14 - 000000000 ___SD C:\Windows\system32\dsc 2024-05-09 20:05 - 2019-12-07 04:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs 2024-05-09 20:05 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns 2024-05-09 20:05 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\SystemResetPlatform 2024-05-09 20:05 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\PerceptionSimulation 2024-05-09 20:05 - 2019-12-07 04:14 - 000000000 ____D C:\Program Files\Windows Defender 2024-05-09 20:05 - 2019-12-07 04:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender 2024-05-09 20:05 - 2019-12-07 04:03 - 000000000 ____D C:\Windows\servicing 2024-05-09 19:55 - 2020-05-30 04:42 - 000000000 ____D C:\Users\fflor\AppData\Local\PlaceholderTileLogoFolder 2024-05-09 18:49 - 2020-05-30 04:08 - 000000000 ____D C:\Windows\system32\Drivers\wd 2024-05-09 01:03 - 2020-05-30 22:31 - 000000000 ____D C:\Windows\SysWOW64\XPSViewer 2024-05-09 01:03 - 2019-12-07 04:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel 2024-05-09 01:03 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\SysWOW64\oobe 2024-05-09 01:03 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\SysWOW64\MUI 2024-05-09 01:03 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\SysWOW64\Dism 2024-05-09 01:03 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\SysWOW64\Com 2024-05-09 01:03 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\Sysprep 2024-05-09 01:03 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\oobe 2024-05-09 01:03 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\MUI 2024-05-09 01:03 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\migwiz 2024-05-09 01:03 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\Dism 2024-05-09 01:03 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\Com 2024-05-09 01:02 - 2019-12-07 04:14 - 000000000 ____D C:\Program Files\Common Files\System 2024-05-08 14:04 - 2020-05-31 01:23 - 000000000 ____D C:\Users\fflor\AppData\Roaming\vlc 2024-05-07 22:16 - 2020-08-30 13:28 - 000000000 ____D C:\Program Files (x86)\YouTube By Click 2024-05-07 21:52 - 2023-02-09 19:20 - 000002049 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2024-05-07 19:38 - 2020-05-30 04:14 - 000000000 ____D C:\Users\fflor\AppData\Roaming\Microsoft\Windows 2024-05-07 18:20 - 2022-01-17 02:51 - 000000000 ____D C:\Users\fflor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2024-05-07 18:18 - 2020-06-20 16:17 - 000000000 ____D C:\Users\fflor\AppData\Local\Steam 2024-05-05 21:26 - 2020-05-31 01:45 - 000000000 ____D C:\Users\fflor\AppData\Local\Firestorm_x64 2024-05-05 19:39 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\SysWOW64\es-MX 2024-05-03 14:37 - 2022-12-04 13:21 - 000000013 _____ C:\Users\fflor\AppData\Local\X-Plane_drm_12.prf 2024-05-03 14:18 - 2020-12-10 19:20 - 000000000 ____D C:\Users\fflor\AppData\Roaming\ABarthel 2024-05-03 12:08 - 2023-12-31 05:09 - 000001800 _____ C:\Users\fflor\.autoortho 2024-05-03 08:25 - 2020-09-29 21:13 - 000000112 _____ C:\Users\fflor\AppData\Local\X-Plane_drm_11.prf 2024-05-03 08:17 - 2020-10-25 02:03 - 000000102 _____ C:\Users\fflor\AppData\Local\X-Plane_xdd_11.prf 2024-05-03 07:25 - 2020-05-30 04:24 - 000000000 ____D C:\ProgramData\Packages 2024-05-02 00:38 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\LiveKernelReports 2024-05-01 14:59 - 2020-06-07 05:46 - 000000000 ____D C:\Users\fflor\AppData\Roaming\Microsoft\Skype for Desktop 2024-05-01 05:19 - 2024-03-02 20:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Little Navmap 64-bit 2024-05-01 02:12 - 2020-12-21 21:51 - 000000000 ____D C:\Program Files\SPAD.neXt 2024-04-28 03:37 - 2021-06-12 14:37 - 000000000 ____D C:\Users\fflor\AppData\Local\UnrealEngine 2024-04-28 03:37 - 2021-06-12 14:37 - 000000000 ____D C:\ProgramData\Epic 2024-04-27 23:48 - 2020-06-10 05:19 - 000000000 ____D C:\Users\fflor\AppData\Roaming\Microsoft\Publisher Building Blocks 2024-04-27 23:41 - 2020-06-10 05:18 - 000000000 ____D C:\Users\fflor\AppData\Roaming\Microsoft\Publisher 2024-04-27 12:46 - 2020-08-13 16:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Congregazione per il Clero 2024-04-27 12:18 - 2020-08-13 16:05 - 000000638 _____ C:\Users\Public\Desktop\BIBLIA CLERUS.lnk 2024-04-27 10:11 - 2020-08-11 09:56 - 000000000 ____D C:\Program Files\Blender Foundation 2024-04-27 01:16 - 2020-06-10 04:12 - 000000000 ____D C:\ProgramData\RevitInterProcess 2024-04-26 14:32 - 2021-04-01 13:53 - 000000000 ____D C:\Program Files\inPixio 2024-04-26 14:13 - 2020-05-31 00:08 - 000000000 ____D C:\Users\fflor\AppData\Local\Ubisoft Game Launcher 2024-04-26 13:59 - 2020-05-30 20:13 - 000000000 ____D C:\Users\fflor\AppData\Local\InPixio 2024-04-26 13:59 - 2020-05-30 20:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InPixio 2024-04-26 02:20 - 2020-05-30 04:35 - 000000000 ____D C:\ProgramData\Package Cache 2024-04-21 02:56 - 2020-05-30 05:12 - 000000000 ____D C:\Users\fflor\AppData\Local\NVIDIA 2024-04-20 10:27 - 2020-05-30 20:43 - 000000000 ____D C:\Program Files\Microsoft Office 2024-04-19 06:14 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\schemas 2024-04-19 05:02 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\registration 2024-04-18 22:08 - 2020-06-02 02:59 - 000000000 ____D C:\Users\fflor\AppData\Roaming\Zoom 2024-04-18 21:30 - 2021-01-19 20:17 - 000000000 ____D C:\Users\fflor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop 2024-04-18 21:10 - 2020-06-07 05:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2024-04-18 21:07 - 2020-12-23 14:33 - 000000000 ____D C:\Program Files\Java 2024-04-18 21:03 - 2024-01-03 20:17 - 000000000 ____D C:\Users\fflor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.12 2024-04-18 21:03 - 2020-10-25 00:59 - 000000000 ____D C:\Users\fflor\AppData\Local\Package Cache 2024-04-18 20:57 - 2020-11-06 02:00 - 000000000 ____D C:\ProgramData\Oracle 2024-04-18 20:39 - 2023-10-31 19:57 - 000000627 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities.lnk 2024-04-18 20:36 - 2023-10-31 19:56 - 000000000 ____D C:\Program Files (x86)\Glary Utilities_ 2024-04-18 19:41 - 2020-05-30 04:34 - 000000000 ____D C:\Program Files (x86)\Google 2024-04-15 04:44 - 2020-05-30 04:14 - 000000000 ____D C:\Users\fflor 2024-04-13 01:02 - 2020-05-31 23:39 - 000000000 ____D C:\Users\fflor\AppData\Local\Adobe 2024-04-12 04:40 - 2020-05-30 04:08 - 005352960 _____ C:\Windows\system32\FNTCACHE.DAT 2024-04-12 04:38 - 2023-12-03 01:32 - 000000000 ____D C:\Windows\InboxApps 2024-04-12 04:38 - 2019-12-07 04:14 - 000000000 ___RD C:\Windows\PrintDialog 2024-04-12 04:38 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\SystemResources 2024-04-12 04:38 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates 2024-04-12 04:38 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\DDFs 2024-04-12 04:38 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\system32\appraiser 2024-04-12 04:38 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\Provisioning 2024-04-12 04:38 - 2019-12-07 04:14 - 000000000 ____D C:\Windows\bcastdvr 2024-04-11 23:47 - 2020-05-30 04:11 - 003017216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll ==================== Files in the root of some directories ======== 2020-05-30 22:17 - 2020-06-04 12:54 - 000000004 _____ () C:\ProgramData\lock.dat 2020-05-30 22:18 - 2020-06-04 12:54 - 000000004 _____ () C:\ProgramData\rc.dat 2020-05-30 22:17 - 2020-05-30 22:17 - 000000008 _____ () C:\ProgramData\ts.dat 2020-11-05 22:47 - 2020-11-05 22:46 - 000613376 _____ () C:\Program Files\mappuzzle.exe 2022-02-09 11:32 - 2022-02-09 11:25 - 000000052 _____ () C:\Program Files\XPlane11_KN.txt 2023-02-28 18:58 - 2022-08-31 20:20 - 000497096 ___SH (AOMEI International Network Limited) C:\Program Files (x86)\ABLaucher.exe 2023-02-28 18:58 - 2022-08-31 20:20 - 000497096 _____ (AOMEI International Network Limited) C:\Program Files (x86)\ABLauncher.exe 2023-10-25 13:57 - 2011-01-24 15:43 - 000089056 _____ () C:\Program Files (x86)\piAeroSOFT.ico 2023-02-28 18:58 - 2021-03-19 16:11 - 000018432 _____ () C:\Program Files (x86)\Uninstall.exe 2020-07-19 23:39 - 2020-07-19 23:43 - 002379144 _____ () C:\Users\fflor\AppData\Roaming\AvidLink_Install.log 2020-07-19 21:24 - 2020-07-19 21:27 - 000018544 _____ () C:\Users\fflor\AppData\Roaming\Avid_CCS_Service_Stop.log 2021-10-26 00:23 - 2021-10-27 09:08 - 000000015 _____ () C:\Users\fflor\AppData\Roaming\obs-virtualcam.txt 2020-10-24 14:51 - 2021-02-21 12:31 - 000000379 _____ () C:\Users\fflor\AppData\Roaming\OpenSceneryX Installer.plist 2021-02-22 00:38 - 2024-02-11 18:04 - 000003292 _____ () C:\Users\fflor\AppData\Roaming\plugin_scan_state_VST2_x32.scan 2021-02-22 00:38 - 2024-02-11 18:04 - 000002207 _____ () C:\Users\fflor\AppData\Roaming\plugin_scan_state_VST2_x64.scan 2021-02-22 00:38 - 2024-02-11 18:04 - 000000059 _____ () C:\Users\fflor\AppData\Roaming\plugin_scan_state_VST3_x32.scan 2021-02-22 00:38 - 2024-02-11 18:04 - 000000059 _____ () C:\Users\fflor\AppData\Roaming\plugin_scan_state_VST3_x64.scan 2020-08-27 22:20 - 2020-08-27 22:20 - 000000132 _____ () C:\Users\fflor\AppData\Roaming\Prefs. de formato GIF de Adobe CS6 2020-08-06 15:14 - 2020-08-27 22:49 - 000000132 _____ () C:\Users\fflor\AppData\Roaming\Prefs. de formato PNG de Adobe CS6 2020-05-30 22:16 - 2020-05-30 22:16 - 000000401 _____ () C:\Users\fflor\AppData\Roaming\wconf.log 2020-10-25 18:16 - 2022-10-09 08:02 - 000002852 _____ () C:\Users\fflor\AppData\Roaming\WED.prefs 2020-08-27 22:28 - 2020-08-27 22:45 - 000001456 _____ () C:\Users\fflor\AppData\Local\Adobe Guardar para Web 13.0 Prefs 2020-08-06 11:01 - 2020-08-06 11:01 - 000000000 _____ () C:\Users\fflor\AppData\Local\oobelibMkey.log 2023-09-18 00:12 - 2023-09-18 00:12 - 000003483 _____ () C:\Users\fflor\AppData\Local\recently-used.xbel 2023-10-10 21:36 - 2023-10-10 21:44 - 000007600 _____ () C:\Users\fflor\AppData\Local\Resmon.ResmonCfg 2020-09-29 11:39 - 2020-09-29 21:29 - 000000093 _____ () C:\Users\fflor\AppData\Local\X-Plane 11 Preferences.prf 2022-12-04 13:19 - 2023-06-11 13:05 - 000000120 _____ () C:\Users\fflor\AppData\Local\X-Plane 12 Preferences.prf 2020-09-29 21:13 - 2023-12-14 15:58 - 000000037 _____ () C:\Users\fflor\AppData\Local\X-Plane Installer.prf 2020-09-29 21:13 - 2024-05-03 08:25 - 000000112 _____ () C:\Users\fflor\AppData\Local\X-Plane_drm_11.prf 2022-12-04 13:21 - 2024-05-03 14:37 - 000000013 _____ () C:\Users\fflor\AppData\Local\X-Plane_drm_12.prf 2020-09-29 11:41 - 2020-11-13 23:50 - 000000076 _____ () C:\Users\fflor\AppData\Local\x-plane_install_11.txt 2022-12-04 13:19 - 2022-12-04 13:19 - 000000046 _____ () C:\Users\fflor\AppData\Local\x-plane_install_12.txt 2020-10-25 02:03 - 2024-05-03 08:17 - 000000102 _____ () C:\Users\fflor\AppData\Local\X-Plane_xdd_11.prf ==================== FCheck ================================ (If an entry is included in the fixlist, the file/folder will be moved.) FCheck: C:\Windows\SysWOW64\version_IObitDel.dll [2022-10-15] <==== ATTENTION (zero byte File/Folder) ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ========================