Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-04-2020 Ran by David (administrator) on DXM-PARAISO (Cartimex H61H2-MV) (28-04-2020 17:43:28) Running from C:\Users\David\Desktop Loaded Profiles: David (Available Profiles: David & Visitante & DefaultAppPool) Platform: Microsoft Windows 8.1 Pro (Update) (X86) Language: Inglés (Estados Unidos) Default browser: FF Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) () [File not signed] C:\ProgramData\HandSetService\HuaweiHiSuiteService.exe () [File not signed] C:\Windows\System32\dxconfig.exe <2> (ABBYY SOLUTIONS LIMITED -> ABBYY) C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (AnchorFree Inc -> AnchorFree Inc.) C:\Program Files\Hotspot Shield\bin\cmw_srv.exe (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (DEVGURU CO LTD -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <16> (Huawei Technologies Co., Ltd. -> ) C:\ProgramData\HiSuiteOuc\HiSuiteOuc.exe (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe (Lagerkvist Teknisk Rådgivning i Borås HB -> Olof Lagerkvist) C:\Windows\System32\imdsksvc.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE (Nero AG -> Nero AG) C:\Program Files\Nero\Update\NASvc.exe (Piriform Software Ltd -> Piriform Software) C:\Program Files\CCleaner Browser\Update\1.7.848.0\CCleanerBrowserCrashHandler.exe (Scarlet.Crush Productions) [File not signed] C:\Users\David\Downloads\Emulador de control de PS4\mando ps3 (ScpServer)\DS3Tool\bin\ScpService.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_JT50RP.EXE (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe (SEIKO EPSON Corporation -> Seiko Epson Corporation) C:\Windows\System32\escsvc.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\w32x86\3\E_TATII4E.EXE (Shanghai Microvirt Software Technology Co., Ltd. -> ) C:\Program Files\Microvirt\MEmu\MemuService.exe (StarWind Software) [File not signed] C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\tv_w32.exe (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files\Wondershare\WAF\2.4.3.237\WsAppService.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [265016 2020-03-22] (Apple Inc. -> Apple Inc.) HKU\S-1-5-21-4086702095-999177479-789094387-1002\...\Run: [AlcoholAutomount] => C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft -> Alcohol Soft Development Team) HKU\S-1-5-21-4086702095-999177479-789094387-1002\...\Run: [Spotify Web Helper] => C:\Users\David\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1431664 2016-11-27] (Spotify AB -> Spotify Ltd) HKU\S-1-5-21-4086702095-999177479-789094387-1002\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-4086702095-999177479-789094387-1002\...\Run: [Mobile Partner] => C:\Program Files\HiSuite\HiSuite.exe [583488 2013-07-11] (Huawei Technologies Co., Ltd. -> ) HKU\S-1-5-21-4086702095-999177479-789094387-1002\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [3924024 2016-01-05] (Tonec Inc.) [File not signed] HKU\S-1-5-21-4086702095-999177479-789094387-1002\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TATII4E.EXE [249440 2012-02-27] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) HKU\S-1-5-21-4086702095-999177479-789094387-1002\...\Run: [SiDiary Auto-Import] => C:\Program Files\SINOVO\SiDiary6\SiDiary6.exe [10122248 2020-01-08] (SINOVO GmbH & Co. KG -> SINOVO GmbH & Co. KG) HKU\S-1-5-21-4086702095-999177479-789094387-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [18227896 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-4086702095-999177479-789094387-1002\...\Run: [CCleanerBrowserAutoLaunch_5BA5164DD8F38CE23F51EAA85BC0ACF2] => C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe [1887992 2020-04-02] (Piriform Software Ltd -> Piriform Software) HKU\S-1-5-21-4086702095-999177479-789094387-1002\...\MountPoints2: U - "U:\sources\SetupError.exe" x64 HKU\S-1-5-21-4086702095-999177479-789094387-1002\...\MountPoints2: {0dea5145-0926-11e7-977a-c03fd5a1bd90} - "G:\HiSuiteDownLoader.exe" HKU\S-1-5-21-4086702095-999177479-789094387-1002\...\MountPoints2: {4f32ef9b-cdb2-11e8-9781-c03fd5a1bd90} - "G:\HiSuiteDownLoader.exe" HKU\S-1-5-21-4086702095-999177479-789094387-1002\...\MountPoints2: {60b6ffcd-0873-11e7-9779-c03fd5a1bd90} - "G:\HiSuiteDownLoader.exe" HKU\S-1-5-21-4086702095-999177479-789094387-1002\...\MountPoints2: {8c8d3d37-96a0-11e4-973b-c03fd5a1bd90} - "G:\CMADownloader.exe" HKU\S-1-5-21-4086702095-999177479-789094387-1002\...\MountPoints2: {ca9aaded-d90b-11e4-973d-c03fd5a1bd90} - "G:\WD SmartWare.exe" autoplay=true HKU\S-1-5-21-4086702095-999177479-789094387-1002\...\MountPoints2: {fb3742d6-5cec-11ea-979f-c03fd5a1bd90} - "I:\HiSuiteDownLoader.exe" HKU\S-1-5-21-4086702095-999177479-789094387-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282020130659286\...\Run: [AlcoholAutomount] => C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft -> Alcohol Soft Development Team) HKU\S-1-5-21-4086702095-999177479-789094387-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282020130659286\...\Run: [Spotify Web Helper] => C:\Users\David\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1431664 2016-11-27] (Spotify AB -> Spotify Ltd) HKU\S-1-5-21-4086702095-999177479-789094387-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282020130659286\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-4086702095-999177479-789094387-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282020130659286\...\Run: [Mobile Partner] => C:\Program Files\HiSuite\HiSuite.exe [583488 2013-07-11] (Huawei Technologies Co., Ltd. -> ) HKU\S-1-5-21-4086702095-999177479-789094387-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282020130659286\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [3924024 2016-01-05] (Tonec Inc.) [File not signed] HKU\S-1-5-21-4086702095-999177479-789094387-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282020130659286\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TATII4E.EXE [249440 2012-02-27] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) HKU\S-1-5-21-4086702095-999177479-789094387-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282020130659286\...\Run: [SiDiary Auto-Import] => C:\Program Files\SINOVO\SiDiary6\SiDiary6.exe [10122248 2020-01-08] (SINOVO GmbH & Co. KG -> SINOVO GmbH & Co. KG) HKU\S-1-5-21-4086702095-999177479-789094387-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282020130659286\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [18227896 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-4086702095-999177479-789094387-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282020130659286\...\Run: [CCleanerBrowserAutoLaunch_5BA5164DD8F38CE23F51EAA85BC0ACF2] => C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe [1887992 2020-04-02] (Piriform Software Ltd -> Piriform Software) HKU\S-1-5-21-4086702095-999177479-789094387-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282020130659286\...\MountPoints2: U - "U:\sources\SetupError.exe" x64 HKU\S-1-5-21-4086702095-999177479-789094387-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282020130659286\...\MountPoints2: {0dea5145-0926-11e7-977a-c03fd5a1bd90} - "G:\HiSuiteDownLoader.exe" HKU\S-1-5-21-4086702095-999177479-789094387-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282020130659286\...\MountPoints2: {4f32ef9b-cdb2-11e8-9781-c03fd5a1bd90} - "G:\HiSuiteDownLoader.exe" HKU\S-1-5-21-4086702095-999177479-789094387-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282020130659286\...\MountPoints2: {60b6ffcd-0873-11e7-9779-c03fd5a1bd90} - "G:\HiSuiteDownLoader.exe" HKU\S-1-5-21-4086702095-999177479-789094387-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282020130659286\...\MountPoints2: {8c8d3d37-96a0-11e4-973b-c03fd5a1bd90} - "G:\CMADownloader.exe" HKU\S-1-5-21-4086702095-999177479-789094387-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282020130659286\...\MountPoints2: {ca9aaded-d90b-11e4-973d-c03fd5a1bd90} - "G:\WD SmartWare.exe" autoplay=true HKU\S-1-5-21-4086702095-999177479-789094387-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282020130659286\...\MountPoints2: {fb3742d6-5cec-11ea-979f-c03fd5a1bd90} - "I:\HiSuiteDownLoader.exe" HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files\CCleaner Browser\Application\80.1.3901.165\Installer\chrmstp.exe [2020-04-27] (Piriform Software Ltd -> Piriform Software) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\81.0.4044.129\Installer\chrmstp.exe [2020-04-27] (Google LLC -> Google LLC) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Asistente del gestor de contenido para PlayStation(R).lnk [2015-02-08] ShortcutTarget: Asistente del gestor de contenido para PlayStation(R).lnk -> C:\Program Files\Sony\Content Manager Assistant\CMA.exe (Sony Computer Entertainment Inc.) [File not signed] Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ESet NOD32.lnk [2020-04-27] ShortcutTarget: ESet NOD32.lnk -> C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET, spol. s r.o. -> ESET) Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2019-07-18] ShortcutTarget: MEGAsync.lnk -> C:\Users\David\Downloads\Mega Downloader\MEGAsync 2.1.0\MEGAsync.exe (Mega Limited -> Mega Limited) [File not signed] ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {02B0670D-5915-4F7F-8659-80591D79502F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18227896 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd) Task: {02E6FDEA-17E5-4790-855E-A80D0573F3B9} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200416 2020-04-27] (Piriform Software Ltd -> Piriform Software) Task: {278F495B-639C-488E-ABC9-E21B522A7357} - \Optimize Start Menu Cache Files-S-1-5-21-4086702095-999177479-789094387-1001 -> No File <==== ATTENTION Task: {474A8A04-BA45-4C34-99D3-3A72804464BB} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd) Task: {55A8FC13-2217-4016-A512-F09A9E05D715} - System32\Tasks\GoogleUpdateTaskMachineCore1d0bf489dc348c7 => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.) Task: {5C413B52-B169-48F4-98DB-378C5EDEC795} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [110792 2020-04-10] (Mozilla Corporation -> Mozilla Foundation) Task: {5FD0BE69-8C3A-4DBA-B983-EF086FB29B87} - System32\Tasks\GoogleUpdateTaskMachineCore1d0f398e0550f25 => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.) Task: {756EEAEF-B953-420F-A844-1CF4B47788CA} - System32\Tasks\GoogleUpdateTaskMachineCore1d15b7be40b4c8c => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.) Task: {7AA184E8-7161-413C-9397-C5AF8C4546CA} - System32\Tasks\GoogleUpdateTaskMachineUA1d09133bde75b53 => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.) Task: {821B987E-B272-4E75-BE2C-4F9544763B15} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656 2015-12-13] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Task: {8D8125FE-9C34-4FD0-B2A9-64A426F11435} - System32\Tasks\GoogleUpdateTaskMachineCore1d043f3159e52a6 => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.) Task: {958DDE1E-63C3-4778-BD2D-2126C3DC331A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.) Task: {969D9320-411A-449A-932A-E5D2607F3730} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200416 2020-04-27] (Piriform Software Ltd -> Piriform Software) Task: {97A86B2C-6838-4E0C-8392-50EEBC802812} - System32\Tasks\TSUpd4 => C:\Program Files\ThinkSky\iTools 4\TSUpd4.exe Task: {A65047CA-F576-49BE-AA88-BA3544970991} - System32\Tasks\GoogleUpdateTaskMachineUA1d12fce706c8606 => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.) Task: {AFC12B49-0202-4AE5-ABD2-BFF30AC13EFF} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe [1887992 2020-04-02] (Piriform Software Ltd -> Piriform Software) Task: {B149A59B-CD92-4740-BD94-5975FAB18A10} - System32\Tasks\GoogleUpdateTaskMachineUA1d0e22ac7255184 => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.) Task: {B3C86D2F-BF2A-4B4F-81E4-CBEF99C9C8E3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.) Task: {C10753B5-E0CF-4067-A5E3-C76D7E2F854A} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\David\Downloads\esetonlinescanner.exe [14566496 2020-04-26] (ESET, spol. s r.o. -> ESET spol. s r.o.) Task: {C36D9510-267C-4F5F-BF91-A90E6DCCDB57} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\David\Downloads\esetonlinescanner.exe [14566496 2020-04-26] (ESET, spol. s r.o. -> ESET spol. s r.o.) Task: {D42534B3-82AD-4B4E-BAEE-160A9006130E} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe [1887992 2020-04-02] (Piriform Software Ltd -> Piriform Software) Task: {DF2DFE87-1F99-4C91-A2DF-D8F427B6B58F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-04-15] (Adobe Inc. -> Adobe) Task: {EA611310-3605-49AC-8ADE-68D57F738175} - System32\Tasks\ESET Windows 10 upgrade – Refresh settings => C:\Program Files\Common Files\AV\ESET NOD32 Antivirus 8.0\upgrade.exe [577544 2020-02-28] (ESET, spol. s r.o. -> ESET) Task: {F0100E57-C06E-496E-9D3F-13903A324A58} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.) Task: {F50DB62E-F266-40AF-925F-E2DC170157FC} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_32_0_0_363_pepper.exe [1454136 2020-04-15] (Adobe Inc. -> Adobe) Task: {FAC4EFDC-209D-4CB9-87D8-67089C328087} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate -nolegacy (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d043f3159e52a6.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0bf489dc348c7.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0f398e0550f25.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d09133bde75b53.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0e22ac7255184.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\TSUpd4.job => C:\Program Files\ThinkSky\iTools 4\TSUpd4.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{358AE724-5B2D-4019-931A-F8A769CE3A77}: [DhcpNameServer] 8.8.8.8 Tcpip\..\Interfaces\{E108FA4F-0F76-4583-BCA4-827CA340FEDD}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKU\S-1-5-21-4086702095-999177479-789094387-1002\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-xl/?ocid=iehp HKU\S-1-5-21-4086702095-999177479-789094387-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282020130659286\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-xl/?ocid=iehp BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll [2015-12-08] (Tonec Inc. -> Internet Download Manager, Tonec Inc.) BHO: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-01-01] (Oracle America, Inc. -> Oracle Corporation) BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-01-01] (Oracle America, Inc. -> Oracle Corporation) BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) Toolbar: HKLM - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation) FireFox: ======== FF DefaultProfile: xdd6wtqy.default-1538759158187 FF ProfilePath: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\xdd6wtqy.default-1538759158187 [2020-04-28] FF Homepage: Mozilla\Firefox\Profiles\xdd6wtqy.default-1538759158187 -> hxxps://www.google.com FF Notifications: Mozilla\Firefox\Profiles\xdd6wtqy.default-1538759158187 -> hxxps://my.jdownloader.org; hxxps://mail.google.com; hxxps://www4a.bethanyharrell.pro FF Extension: (AdGuard AdBlocker) - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\xdd6wtqy.default-1538759158187\Extensions\adguardadblocker@adguard.com.xpi [2020-04-11] FF Extension: (Ant Video downloader) - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\xdd6wtqy.default-1538759158187\Extensions\anttoolbar@ant.com.xpi [2020-04-21] FF Extension: (FreeNet VPN - Fast and Secure VPN) - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\xdd6wtqy.default-1538759158187\Extensions\firefox@freenetvpn.com.xpi [2019-11-26] FF Extension: (download-helper) - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\xdd6wtqy.default-1538759158187\Extensions\jid1-i6dUGvCrz2WZu8@jetpack.xpi [2020-04-13] FF Extension: (Video DownloadHelper) - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\xdd6wtqy.default-1538759158187\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2020-03-31] FF Extension: (Ultimate QR-code Generator) - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\xdd6wtqy.default-1538759158187\Extensions\{e4f9e020-98d8-4b9d-a117-3e40184de553}.xpi [2018-10-20] FF HKLM\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2016-04-10] [Legacy] FF HKLM\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files\Epson Software\E-Web Print\Firefox Add-on FF Extension: (E-Web Print) - C:\Program Files\Epson Software\E-Web Print\Firefox Add-on [2015-07-10] [Legacy] [not signed] FF HKU\S-1-5-21-4086702095-999177479-789094387-1002\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi FF Extension: (IDM integration) - C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2015-12-09] [Legacy] FF HKU\S-1-5-21-4086702095-999177479-789094387-1002\...\Firefox\Extensions: [{6EBED4D8-13D9-4270-8D44-B57DDB7A787C}] - C:\Program Files\Allavsoft\Video Downloader Converter\extensions\3.16.6.6899\BVDFirefoxExt FF Extension: (Allavsoft Video Downloader Firefox Extension) - C:\Program Files\Allavsoft\Video Downloader Converter\extensions\3.16.6.6899\BVDFirefoxExt [2018-12-07] [Legacy] FF HKU\S-1-5-21-4086702095-999177479-789094387-1002\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\David\AppData\Roaming\IDM\idmmzcc5 FF Extension: (IDM CC) - C:\Users\David\AppData\Roaming\IDM\idmmzcc5 [2020-04-28] [Legacy] [not signed] FF HKU\S-1-5-21-4086702095-999177479-789094387-1002\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi FF HKU\S-1-5-21-4086702095-999177479-789094387-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282020130659286\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi FF HKU\S-1-5-21-4086702095-999177479-789094387-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282020130659286\...\Firefox\Extensions: [{6EBED4D8-13D9-4270-8D44-B57DDB7A787C}] - C:\Program Files\Allavsoft\Video Downloader Converter\extensions\3.16.6.6899\BVDFirefoxExt FF HKU\S-1-5-21-4086702095-999177479-789094387-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282020130659286\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\David\AppData\Roaming\IDM\idmmzcc5 FF HKU\S-1-5-21-4086702095-999177479-789094387-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282020130659286\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi FF Plugin: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-15] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-15] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-01-01] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-01-01] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files\CCleaner Browser\Update\1.7.848.0\npCCleanerBrowserUpdate3.dll [2020-04-27] (Piriform Software Ltd -> Piriform Software) FF Plugin: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files\CCleaner Browser\Update\1.7.848.0\npCCleanerBrowserUpdate3.dll [2020-04-27] (Piriform Software Ltd -> Piriform Software) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2016-02-27] (Adobe Systems, Incorporated -> Adobe Systems Inc.) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems Incorporated -> Adobe Systems) FF Plugin HKU\S-1-5-21-4086702095-999177479-789094387-1002: @citrixonline.com/appdetectorplugin -> C:\Users\David\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-11-03] (Citrix Online -> Citrix Online) FF Plugin HKU\S-1-5-21-4086702095-999177479-789094387-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282020130659286: @citrixonline.com/appdetectorplugin -> C:\Users\David\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-11-03] (Citrix Online -> Citrix Online) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Default [2020-04-28] CHR Notifications: Default -> hxxps://www-ssl.bestbuy.com CHR Extension: (Presentaciones) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-28] CHR Extension: (Documentos) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-28] CHR Extension: (Google Drive) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21] CHR Extension: (HLS Downloader) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\apomkbibleomoihlhhdbeghnfioffbej [2020-04-26] CHR Extension: (Video Downloader professional) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\bacakpdjpomjaelpkpkabmedhkoongbi [2020-03-24] CHR Extension: (YouTube) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26] CHR Extension: (Chrome YouTube Downloader) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbdjiinahkdjdcdlgfimlcolkjpbooja [2015-06-05] [UpdateUrl:hxxps://dl.dropbox.com/u/9278456/Chrome_YouTube_Downloader/update.xml] <==== ATTENTION CHR Extension: (Búsqueda de Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-01] CHR Extension: (Adobe Acrobat) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-03-19] CHR Extension: (Hojas de cálculo) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-28] CHR Extension: (OUO.IO links skipper) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhnjhlbdbophhjmehljnhpgoncngpfch [2017-01-31] CHR Extension: (Documentos de Google sin conexión) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-26] CHR Extension: (AdBlock: el mejor bloqueador de anuncios) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-04-20] CHR Extension: (IDM Integration Module) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn [2016-05-24] CHR Extension: (Tag Assistant (by Google)) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\kejbdjndbnbjgmefkgdddjlbokphdefk [2020-03-24] CHR Extension: (Video DownloadHelper) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2020-04-09] CHR Extension: (IDM Integration Module) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2020-02-24] CHR Extension: (Hotspot Shield Free VPN Proxy - Unlimited VPN) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbejmccbhkncgokjcmghpfloaajcffj [2020-04-26] CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-24] CHR Extension: (Gmail) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-07-14] CHR Extension: (Chrome Media Router) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-26] CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\System Profile [2020-04-27] CHR HKLM\...\Chrome\Extension: [dhancbnhabhandieicagelcddkdfgoif] - C:\Program Files\Allavsoft\Video Downloader Converter\extensions\3.16.6.6899\BVDChromeExt.crx [2018-12-07] CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2015-12-17] CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2015-12-29] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY SOLUTIONS LIMITED -> ABBYY) S2 AxAutoMntSrv; C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft -> Alcohol Soft Development Team) S2 ccleaner; C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200416 2020-04-27] (Piriform Software Ltd -> Piriform Software) S3 CCleanerBrowserElevationService; C:\Program Files\CCleaner Browser\Application\80.1.3901.165\elevation_service.exe [973760 2020-04-02] (Piriform Software Ltd -> Piriform Software) S3 ccleanerm; C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200416 2020-04-27] (Piriform Software Ltd -> Piriform Software) S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [279024 2013-11-18] (Intel Corporation - Software and Firmware Products -> Intel Corporation) R2 Ds3Service; C:\Users\David\Downloads\Emulador de control de PS4\mando ps3 (ScpServer)\DS3Tool\bin\ScpService.exe [381952 2014-03-13] (Scarlet.Crush Productions) [File not signed] R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [1349576 2014-10-01] (ESET, spol. s r.o. -> ESET) R2 EpsonCustomerParticipation; C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe [539744 2012-05-10] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) R2 EpsonScanSvc; C:\Windows\system32\EscSvc.exe [122000 2011-12-12] (SEIKO EPSON Corporation -> Seiko Epson Corporation) R2 EPSON_PM_RPCV4_05; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_JT50RP.EXE [142432 2012-02-27] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) S2 FA_Scheduler; C:\Program Files\Fortinet\FortiClient\scheduler.exe [120720 2020-03-10] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.) R2 ftpsvc; C:\Windows\system32\inetsrv\ftpsvc.dll [322048 2020-03-24] (Microsoft Windows -> Microsoft Corporation) R2 HiSuiteOuc.exe; C:\ProgramData\HiSuiteOuc\HiSuiteOuc.exe [116032 2013-07-11] (Huawei Technologies Co., Ltd. -> ) R2 hshld; C:\Program Files\Hotspot Shield\bin\cmw_srv.exe [2718840 2016-10-13] (AnchorFree Inc -> AnchorFree Inc.) S3 HssTrayService; C:\Program Files\Hotspot Shield\bin\HssTrayService.exe [103168 2016-10-13] (AnchorFree Inc -> ) R2 HuaweiHiSuiteService.exe; C:\ProgramData\HandSetService\HuaweiHiSuiteService.exe [158208 2013-05-01] () [File not signed] S3 ICCS; C:\Program Files\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [169752 2012-04-24] (Intel Corporation -> Intel Corporation) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [281488 2014-10-01] (Intel Corporation - pGFX -> Intel Corporation) R2 ImDskSvc; C:\Windows\system32\imdsksvc.exe [30520 2019-01-19] (Lagerkvist Teknisk Rådgivning i Borås HB -> Olof Lagerkvist) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [595968 2013-08-27] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [642520 2013-08-27] (Intel® Trusted Connect Service -> Intel(R) Corporation) R2 jhi_service; C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-15] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [5547464 2020-04-27] (Malwarebytes Inc -> Malwarebytes) R2 MEmuSVC; C:\Program Files\Microvirt\MEmu\MemuService.exe [85304 2019-07-02] (Shanghai Microvirt Software Technology Co., Ltd. -> ) R2 Microsoft DirectX Configuration Service; C:\Windows\system32\dxconfig.exe [64512 2016-02-28] () [File not signed] R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [786256 2014-07-14] (Nero AG -> Nero AG) R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU CO LTD -> DEVGURU Co., LTD.) R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed] S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed] R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [13252624 2020-04-23] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [288128 2014-11-21] (Microsoft Corporation -> Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [22192 2014-11-21] (Microsoft Corporation -> Microsoft Corporation) R2 WsAppService; C:\Program Files\Wondershare\WAF\2.4.3.237\WsAppService.exe [495720 2018-07-04] (Wondershare Technology Co.,Ltd -> Wondershare) ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 AFTrafMgr1.1; C:\Program Files\Hotspot Shield\bin\TrafMgr_1_1_32.sys [47544 2016-10-04] (AnchorFree Inc -> AnchorFree Inc.) R2 AWEAlloc; C:\Windows\system32\DRIVERS\awealloc.sys [29856 2019-01-19] (Lagerkvist Teknisk Rådgivning i Borås HB -> Olof Lagerkvist) U3 axscsidrv; C:\Windows\System32\Drivers\axscsidrv.sys [252416 2014-12-15] (Disc Soft Ltd -> Alcohol Soft Development Team) R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [191928 2014-10-10] (ESET, spol. s r.o. -> ESET) R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [190368 2014-10-10] (ESET, spol. s r.o. -> ESET) R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [135296 2014-10-10] (ESET, spol. s r.o. -> ESET) R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [123424 2014-10-10] (ESET, spol. s r.o. -> ESET) S3 ew_usbccgpfilter; C:\Windows\System32\drivers\ew_usbccgpfilter.sys [15360 2016-02-16] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) R1 FortiFilter; C:\Windows\system32\DRIVERS\FortiFilter.sys [30792 2020-03-10] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc) S3 Fortips; C:\Windows\System32\drivers\fortips.sys [138280 2020-03-10] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc) R3 ftsvnic; C:\Windows\system32\DRIVERS\ftsvnic.sys [64080 2020-03-10] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.) R3 ft_vnic; C:\Windows\system32\DRIVERS\ftvnic.sys [58760 2020-03-10] (Fortinet Technologies (Canada) Inc. -> Fortinet Corporation) S3 HWHandSet; C:\Windows\system32\DRIVERS\hw_quusbmdm.sys [195200 2016-02-16] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [102272 2016-02-16] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) R2 ImDisk; C:\Windows\system32\DRIVERS\imdisk.sys [52888 2019-01-19] (Lagerkvist Teknisk Rådgivning i Borås HB -> Olof Lagerkvist) S3 intaud_WaveExtensible; C:\Windows\system32\drivers\intelaud.sys [32152 2014-08-01] (Intel Wireless Display -> Intel Corporation) R3 iwdbus; C:\Windows\System32\drivers\iwdbus.sys [23448 2013-10-28] (Intel Wireless Display -> Intel Corporation) S3 libusb0; C:\Windows\system32\DRIVERS\libusb0.sys [42592 2014-06-28] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net) S3 libusbK; C:\Windows\System32\drivers\libusbK.sys [41696 2020-04-18] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net) R3 MEI; C:\Windows\system32\DRIVERS\TeeDriver.sys [85464 2013-09-15] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) R1 MEmuDrv; C:\Windows\system32\DRIVERS\MEmuDrv.sys [257472 2019-09-21] (Shanghai Microvirt Software Technology Co., Ltd. -> Maiwei Corporation) S3 Netaapl; C:\Windows\system32\DRIVERS\netaapl.sys [18944 2014-08-15] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.) R3 netr28u; C:\Windows\system32\DRIVERS\netr28u.sys [1696528 2013-06-18] (Mediatek Inc. -> Ralink Technology Corp.) R3 pppop; C:\Windows\system32\DRIVERS\pppop.sys [47696 2020-03-10] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.) R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [33024 2013-05-19] (Bruce James -> Scarlet.Crush Productions) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [324096 2014-12-15] (Disc Soft Ltd -> Duplex Secure Ltd.) S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [184192 2014-10-13] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr)) R3 tap0901; C:\Windows\system32\DRIVERS\tap0901.sys [35288 2013-08-22] (OpenVPN Technologies, Inc. -> The OpenVPN Project) R3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [36944 2016-06-28] (AnchorFree Inc -> Anchorfree Inc.) R3 teamviewervpn; C:\Windows\system32\DRIVERS\teamviewervpn.sys [25088 2014-11-06] (Microsoft Windows Hardware Compatibility Publisher -> TeamViewer GmbH) S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2020-01-15] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.) S3 ViGEmBus; C:\Windows\System32\drivers\ViGEmBus.sys [66096 2019-04-04] (Microsoft Windows Hardware Compatibility Publisher -> Benjamin Höglinger-Stelzer) S3 vjoy; C:\Windows\System32\drivers\vjoy.sys [51760 2017-04-06] (Shaul Eizikovich -> Shaul Eizikovich) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [29688 2014-11-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [219968 2014-11-21] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [84800 2014-11-21] (Microsoft Windows -> Microsoft Corporation) R3 WUDFWpdMtp; C:\Windows\system32\DRIVERS\WUDFRd.sys [190976 2014-11-21] (Microsoft Windows -> Microsoft Corporation) R3 xusb22; C:\Windows\System32\drivers\xusb22.sys [69632 2014-11-21] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) =================== (If an entry is included in the fixlist, the file/folder will be moved.) 2020-04-28 17:43 - 2020-04-28 17:44 - 000042568 _____ C:\Users\David\Desktop\FRST.txt 2020-04-28 17:43 - 2020-04-28 17:44 - 000000000 ____D C:\FRST 2020-04-28 17:42 - 2020-04-28 17:42 - 002011136 _____ (Farbar) C:\Users\David\Desktop\FRST.exe 2020-04-28 14:40 - 2020-04-28 14:40 - 000697390 _____ C:\Users\David\Desktop\Sin título-1.pdf 2020-04-28 07:19 - 2020-04-28 07:19 - 000000796 _____ C:\Users\David\Desktop\JRT.txt 2020-04-27 15:34 - 2020-04-27 15:34 - 000003714 _____ C:\Windows\system32\Tasks\CCleaner Browser Heartbeat Task (Hourly) 2020-04-27 15:34 - 2020-04-27 15:34 - 000003132 _____ C:\Windows\system32\Tasks\CCleaner Browser Heartbeat Task (Logon) 2020-04-27 15:34 - 2020-04-27 15:34 - 000002358 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Browser.lnk 2020-04-27 15:34 - 2020-04-27 15:34 - 000000000 ____D C:\Users\David\AppData\Local\CCleaner Browser 2020-04-27 15:34 - 2020-04-27 15:34 - 000000000 ____D C:\ProgramData\CCleaner Browser 2020-04-27 15:33 - 2020-04-27 15:34 - 000000000 ____D C:\Program Files\CCleaner Browser 2020-04-27 15:33 - 2020-04-27 15:33 - 000003508 _____ C:\Windows\system32\Tasks\CCleanerUpdateTaskMachineUA 2020-04-27 15:33 - 2020-04-27 15:33 - 000003380 _____ C:\Windows\system32\Tasks\CCleanerUpdateTaskMachineCore 2020-04-27 15:32 - 2020-04-27 15:32 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update 2020-04-27 15:32 - 2020-04-27 15:32 - 000002814 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC 2020-04-27 15:32 - 2020-04-27 15:32 - 000000989 _____ C:\Users\Public\Desktop\CCleaner.lnk 2020-04-27 15:32 - 2020-04-27 15:32 - 000000989 _____ C:\ProgramData\Desktop\CCleaner.lnk 2020-04-27 15:32 - 2020-04-27 15:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2020-04-27 15:32 - 2020-04-27 15:32 - 000000000 ____D C:\Program Files\CCleaner 2020-04-27 15:20 - 2020-04-28 14:17 - 000000000 ____D C:\Users\David\AppData\LocalLow\IGDump 2020-04-27 15:12 - 2020-04-27 15:16 - 000000000 ____D C:\AdwCleaner 2020-04-27 15:12 - 2020-04-27 13:59 - 008196784 _____ (Malwarebytes) C:\Users\David\Desktop\adwcleaner_8.0.4.exe 2020-04-27 15:04 - 2020-04-27 15:09 - 000000258 __RSH C:\ProgramData\ntuser.pol 2020-04-27 14:06 - 2020-04-27 14:06 - 000001988 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2020-04-27 14:06 - 2020-04-27 14:06 - 000001976 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2020-04-27 14:06 - 2020-04-27 14:06 - 000001976 _____ C:\ProgramData\Desktop\Malwarebytes.lnk 2020-04-27 14:06 - 2020-04-27 14:06 - 000000000 ____D C:\Users\David\AppData\Local\mbamtray 2020-04-27 14:06 - 2020-04-27 14:06 - 000000000 ____D C:\Users\David\AppData\Local\mbam 2020-04-27 14:06 - 2020-04-27 14:06 - 000000000 ____D C:\ProgramData\Malwarebytes 2020-04-27 14:06 - 2020-04-27 14:05 - 000129056 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae.sys 2020-04-27 14:05 - 2020-04-27 14:05 - 000000000 ____D C:\Program Files\Malwarebytes 2020-04-26 20:49 - 2020-04-26 20:49 - 000003714 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onLogOn 2020-04-26 20:49 - 2020-04-26 20:49 - 000003274 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onTime 2020-04-26 20:08 - 2020-04-26 20:08 - 000000803 _____ C:\Users\David\Desktop\ESET Online Scanner.lnk 2020-04-26 20:06 - 2020-04-26 20:07 - 014566496 _____ (ESET spol. s r.o.) C:\Users\David\Downloads\esetonlinescanner.exe 2020-04-21 18:00 - 2020-04-21 18:00 - 000000000 ____D C:\ProgramData\Nefarius Software Solutions e.U 2020-04-20 17:53 - 2020-04-20 17:53 - 000000953 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk 2020-04-19 13:21 - 2020-04-19 13:21 - 002619607 _____ C:\Users\David\Downloads\snes9x-1.60-win32.zip 2020-04-19 09:23 - 2020-04-19 09:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\vJoy 2020-04-19 09:23 - 2020-04-19 09:23 - 000000000 ____D C:\Program Files\vJoy 2020-04-19 08:27 - 2017-04-06 09:14 - 000051760 _____ (Shaul Eizikovich) C:\Windows\system32\Drivers\vjoy.sys 2020-04-19 08:27 - 2017-04-06 09:14 - 000008840 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\hidkmdf.sys 2020-04-18 18:01 - 2013-01-07 15:56 - 001461992 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll 2020-04-18 17:13 - 2020-04-18 17:13 - 000000000 ____D C:\Windows\USB Vibration 2020-04-18 17:12 - 2020-04-18 17:12 - 000000000 ____D C:\Program Files\USB Vibration 2020-04-18 15:02 - 2017-09-03 02:13 - 000048576 _____ (Benjamin Höglinger-Stelzer) C:\Windows\system32\ViGEmBus.sys 2020-04-18 15:02 - 2017-09-03 02:13 - 000011117 _____ C:\Windows\system32\vigembus.cat 2020-04-18 15:01 - 2017-09-03 02:13 - 000011117 _____ C:\Windows\system32\Drivers\vigembus.cat 2020-04-18 14:58 - 2017-05-04 23:34 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\devcon.exe 2020-04-18 14:57 - 2020-04-19 07:19 - 000000000 ____D C:\Users\David\Downloads\Emulador de control de PS4 2020-04-18 14:46 - 2020-04-18 14:46 - 000000000 ____D C:\ProgramData\Nefarius Software Solutions 2020-04-18 14:29 - 2020-04-18 14:29 - 000083552 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\system32\libusbK.dll 2020-04-18 14:29 - 2020-04-18 14:29 - 000041696 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\system32\Drivers\libusbK.sys 2020-04-18 14:20 - 2020-04-18 14:20 - 000000000 ____D C:\Users\David\AppData\Local\Sony Corporation 2020-04-18 14:16 - 2020-04-18 14:19 - 000002077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uso a distancia de PS4.lnk 2020-04-18 14:16 - 2020-04-18 14:19 - 000002065 _____ C:\Users\Public\Desktop\Uso a distancia de PS4.lnk 2020-04-18 14:16 - 2020-04-18 14:19 - 000002065 _____ C:\ProgramData\Desktop\Uso a distancia de PS4.lnk 2020-04-18 14:14 - 2020-04-18 14:14 - 019901680 _____ (Sony Interactive Entertainment Inc.) C:\Users\David\Downloads\RemotePlayInstaller.exe 2020-04-10 11:42 - 2020-04-10 11:42 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla 2020-04-10 05:59 - 2020-04-18 16:02 - 000000000 ____D C:\Program Files\Mozilla Firefox 2020-04-07 11:32 - 2020-04-28 13:45 - 000000000 ____D C:\Users\DefaultAppPool 2020-04-07 11:32 - 2020-04-07 11:32 - 000000020 ___SH C:\Users\DefaultAppPool\ntuser.ini 2020-04-07 11:32 - 2016-10-27 21:44 - 000000000 ____D C:\Users\DefaultAppPool\AppData\Local\CrashRpt 2020-04-07 11:32 - 2014-12-23 22:24 - 000000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Macromedia 2020-04-07 11:32 - 2014-03-18 03:02 - 000000369 _____ C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk 2020-04-07 11:32 - 2014-03-18 03:02 - 000000369 _____ C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk 2020-04-06 17:41 - 2020-04-06 17:41 - 000103424 _____ C:\Users\David\Downloads\PlaylistExtractor.exe 2020-04-06 17:37 - 2020-04-06 17:37 - 000000000 ____D C:\Users\David\Documents\M3UExportTool 2020-04-06 17:36 - 2020-04-06 17:36 - 002116235 _____ (M3UExportTool) C:\Users\David\Downloads\M3UExportTool.exe 2020-04-06 15:52 - 2020-04-17 16:44 - 000000000 ____D C:\Users\David\Downloads\MEmu Download 2020-04-06 15:52 - 2020-04-06 15:52 - 000001063 _____ C:\Users\David\Desktop\MEmu.lnk 2020-04-06 15:52 - 2020-04-06 15:52 - 000000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEmu 2020-04-06 15:51 - 2020-04-17 16:28 - 000000000 ____D C:\Users\David\.MemuHyperv 2020-04-06 15:51 - 2020-04-11 12:45 - 000000000 ____D C:\Users\David\AppData\Roaming\WhatsApp 2020-04-06 15:51 - 2020-04-06 15:52 - 000000000 ____D C:\Users\David\AppData\Local\WhatsApp 2020-04-06 15:51 - 2020-04-06 15:51 - 000002185 _____ C:\Users\David\Desktop\WhatsApp.lnk 2020-04-06 15:51 - 2020-04-06 15:51 - 000000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp 2020-04-06 15:51 - 2019-09-21 01:05 - 000257472 _____ (Maiwei Corporation) C:\Windows\system32\Drivers\MEmuDrv.sys 2020-04-06 15:50 - 2020-04-06 15:52 - 000000000 ____D C:\Users\David\AppData\Local\SquirrelTemp 2020-04-06 15:50 - 2020-04-06 15:51 - 000000000 ____D C:\Program Files\Microvirt 2020-04-06 15:49 - 2020-04-06 15:52 - 000000000 ____D C:\Users\David\AppData\Local\Microvirt 2020-03-31 12:41 - 2020-03-31 12:41 - 000000000 ____D C:\Users\David\AppData\Roaming\Ant.com 2020-03-31 12:40 - 2020-03-31 12:40 - 017870848 _____ C:\Users\David\Downloads\AVD-NativeApp-4.6.7-Release.msi ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2020-04-28 17:42 - 2018-10-05 12:05 - 000000000 ____D C:\Users\David\AppData\LocalLow\Mozilla 2020-04-28 17:38 - 2015-08-29 02:17 - 000000918 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0e22ac7255184.job 2020-04-28 17:32 - 2014-12-15 04:56 - 000000918 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2020-04-28 16:57 - 2015-02-08 18:00 - 000000914 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d043f3159e52a6.job 2020-04-28 16:44 - 2018-10-07 17:06 - 000000318 _____ C:\Windows\Tasks\TSUpd4.job 2020-04-28 16:00 - 2014-12-15 04:59 - 000003594 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4086702095-999177479-789094387-1002 2020-04-28 14:41 - 2017-02-28 14:07 - 000000000 ____D C:\Users\David\AppData\Local\CrashDumps 2020-04-28 14:39 - 2014-12-23 22:44 - 000000034 _____ C:\Users\David\AppData\Roaming\AdobeWLCMCache.dat 2020-04-28 14:39 - 2014-12-15 04:49 - 000000000 ____D C:\Users\David 2020-04-28 14:27 - 2015-09-20 06:38 - 000000914 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0f398e0550f25.job 2020-04-28 14:27 - 2015-07-15 16:52 - 000000914 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0bf489dc348c7.job 2020-04-28 14:27 - 2014-12-15 04:56 - 000000914 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2020-04-28 14:15 - 2014-12-15 00:53 - 000000000 ____D C:\Users\David\AppData\Roaming\DMCache 2020-04-28 14:11 - 2014-12-19 19:55 - 000000000 ____D C:\Users\David\AppData\Local\Spotify 2020-04-28 14:01 - 2014-12-19 19:54 - 000000000 ____D C:\Users\David\AppData\Roaming\Spotify 2020-04-28 13:45 - 2015-10-31 21:12 - 000000000 ____D C:\Users\Visitante 2020-04-28 13:05 - 2014-12-15 18:51 - 000000000 ____D C:\Program Files\TeamViewer 2020-04-28 13:05 - 2013-08-22 02:23 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2020-04-28 13:02 - 2018-10-06 12:15 - 000000000 ____D C:\Users\David\Downloads\KMSpico Install 2020-04-28 07:47 - 2013-08-22 01:21 - 000000000 ____D C:\Windows\inf 2020-04-27 22:46 - 2015-10-04 21:25 - 000000000 ____D C:\RESPALDO 2020-04-27 20:50 - 2019-11-25 21:37 - 000003990 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{3D470B91-5735-4362-81C2-1468D6A4F302} 2020-04-27 20:08 - 2014-12-15 20:26 - 000000000 ____D C:\Users\David\AppData\Roaming\TeamViewer 2020-04-27 19:59 - 2014-12-15 04:56 - 000002202 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2020-04-27 15:45 - 2017-02-06 03:40 - 000000000 ____D C:\Users\David\AppData\Roaming\IDM 2020-04-27 15:45 - 2014-12-16 23:29 - 000000000 ____D C:\Users\David\AppData\Roaming\XnView 2020-04-27 15:42 - 2014-11-21 23:37 - 000000000 ____D C:\Windows\Panther 2020-04-27 15:42 - 2013-08-22 03:17 - 000000000 ____D C:\Windows\ModemLogs 2020-04-27 15:16 - 2015-05-30 13:13 - 000000000 ____D C:\Users\David\AppData\Roaming\Samsung 2020-04-27 15:16 - 2015-05-30 12:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung 2020-04-27 15:16 - 2015-05-30 12:27 - 000000000 ____D C:\Program Files\Samsung 2020-04-27 15:05 - 2013-08-22 01:13 - 000262144 ___SH C:\Windows\system32\config\BBI 2020-04-27 15:03 - 2018-10-06 12:15 - 000000000 ____D C:\Program Files\KMSpico 2020-04-27 09:36 - 2015-05-22 11:15 - 000000000 ____D C:\Program Files\SourceTec 2020-04-27 09:35 - 2013-08-22 03:17 - 000000000 ____D C:\Windows\AppReadiness 2020-04-27 09:34 - 2014-12-16 23:58 - 000000000 ____D C:\ProgramData\Package Cache 2020-04-27 09:31 - 2020-03-26 10:09 - 000000000 ____D C:\Users\David\AppData\Roaming\Zoom 2020-04-27 09:30 - 2014-12-15 04:50 - 000000000 ____D C:\Users\David\AppData\Local\Packages 2020-04-27 09:21 - 2013-08-22 03:17 - 000000000 ___HD C:\Program Files\WindowsApps 2020-04-27 09:19 - 2020-02-28 21:38 - 000003350 _____ C:\Windows\system32\Tasks\ESET Windows 10 upgrade – Refresh settings 2020-04-26 20:07 - 2014-12-15 00:23 - 000000000 ____D C:\Users\David\AppData\Local\ESET 2020-04-26 18:54 - 2014-12-14 09:38 - 000885224 _____ C:\Windows\system32\perfh010.dat 2020-04-26 18:54 - 2014-12-14 09:38 - 000190998 _____ C:\Windows\system32\perfc010.dat 2020-04-26 18:54 - 2014-12-14 09:33 - 000897274 _____ C:\Windows\system32\perfh00A.dat 2020-04-26 18:54 - 2014-12-14 09:33 - 000202512 _____ C:\Windows\system32\perfc00A.dat 2020-04-26 18:54 - 2014-03-18 02:59 - 003149236 _____ C:\Windows\system32\PerfStringBackup.INI 2020-04-24 22:11 - 2014-12-15 05:02 - 000000000 ____D C:\Users\David\AppData\Local\JDownloader v2.0 2020-04-22 16:58 - 2016-08-05 22:51 - 000000000 ____D C:\Users\David\dwhelper 2020-04-21 20:49 - 2016-05-24 22:08 - 000000000 ____D C:\Users\David\AppData\Local\BetterDS3 2020-04-21 17:22 - 2014-12-15 04:50 - 000000000 ____D C:\Users\David\AppData\Local\VirtualStore 2020-04-21 09:38 - 2020-03-25 12:45 - 000000000 ____D C:\Users\David\AppData\Local\FortiClient 2020-04-20 23:17 - 2020-03-17 09:53 - 000000000 ____D C:\Users\David\Desktop\TRABAJO 2020-04-20 19:45 - 2013-08-22 02:22 - 000874352 _____ C:\Windows\system32\FNTCACHE.DAT 2020-04-20 17:53 - 2014-12-17 19:25 - 000000000 ____D C:\Users\David\AppData\Local\TeamViewer 2020-04-19 07:30 - 2016-05-23 21:55 - 000000000 ____D C:\Program Files\Nefarius Software Solutions 2020-04-18 22:22 - 2014-12-14 23:56 - 000000000 ____D C:\Users\David\AppData\Local\ElevatedDiagnostics 2020-04-18 17:41 - 2014-12-14 23:51 - 000000000 ___HD C:\Program Files\InstallShield Installation Information 2020-04-18 16:02 - 2015-10-10 16:39 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service 2020-04-18 14:19 - 2015-02-08 22:03 - 000000000 ____D C:\Program Files\Sony 2020-04-16 16:25 - 2016-01-21 20:28 - 000000000 ____D C:\Users\David\AppData\Roaming\AIMP 2020-04-15 09:40 - 2015-09-28 20:13 - 000004296 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater 2020-04-15 09:40 - 2014-12-20 17:29 - 000004432 _____ C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier 2020-04-15 09:40 - 2013-08-22 03:17 - 000000000 ____D C:\Windows\system32\Macromed 2020-04-10 16:56 - 2014-12-15 04:50 - 000000000 ____D C:\Users\David\AppData\Roaming\Adobe 2020-04-10 11:42 - 2014-12-15 04:58 - 000001141 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2020-04-07 16:42 - 2016-06-12 22:11 - 000167928 _____ C:\Users\David\AppData\Local\GDIPFONTCACHEV1.DAT 2020-04-06 15:51 - 2016-06-09 23:26 - 000000000 ____D C:\Users\David\.android ==================== Files in the root of some directories ======== 2014-12-23 22:44 - 2020-04-28 14:39 - 000000034 _____ () C:\Users\David\AppData\Roaming\AdobeWLCMCache.dat 2017-02-21 23:44 - 2017-02-28 15:15 - 000000600 _____ () C:\Users\David\AppData\Roaming\winscp.rnd 2014-12-31 14:42 - 2020-03-20 19:02 - 000001456 _____ () C:\Users\David\AppData\Local\Adobe Guardar para Web 13.0 Prefs 2014-12-16 23:14 - 2014-12-16 23:14 - 000000017 _____ () C:\Users\David\AppData\Local\resmon.resmoncfg ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) LastRegBack: 2020-04-28 14:51 ==================== End of FRST.txt ========================