iMacg3 helped me clean my newer computer.
https://www.techsupportforum.com/for...w-1238070.html
The date in it was transferred from this one, which is behaving strange and slow. Some of the problems are identical like the script to do with the calendar that keeps propping up. There may be problems with the hardware abut I would be very happy if you could have a look at eventual infections.
Thank you
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-09-2019
Ran by Camilo (administrator) on CAMILO-PC (SAMSUNG ELECTRONICS CO., LTD. RC530/RC730) (14-09-2019 09:25:17)
Running from C:\Users\Camilo\Desktop
Loaded Profiles: Camilo (Available Profiles: Camilo & UpdatusUser)
Platform: Windows 10 Home Version 1809 17763.678 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(Esumsoft -> Esumsoft) C:\Program Files (x86)\POP Peeper\POPPeeper.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation -> © 2015 Microsoft Corporation) C:\Users\Camilo\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Camilo\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19071.901.0_x64__8wekyb3d8bbwe\YourPhone.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1907.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1907.4-0\NisSrv.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(Spotify AB -> Spotify Ltd) C:\Users\Camilo\AppData\Roaming\Spotify\Spotify.exe
(Spotify AB -> Spotify Ltd) C:\Users\Camilo\AppData\Roaming\Spotify\Spotify.exe
(Spotify AB -> Spotify Ltd) C:\Users\Camilo\AppData\Roaming\Spotify\Spotify.exe
(Spotify AB -> Spotify Ltd) C:\Users\Camilo\AppData\Roaming\Spotify\Spotify.exe
(Spotify AB -> Spotify Ltd) C:\Users\Camilo\AppData\Roaming\Spotify\Spotify.exe
(Spotify AB -> Spotify Ltd) C:\Users\Camilo\AppData\Roaming\Spotify\Spotify.exe
(Wondershare software CO., LIMITED -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.3.1.1\WsAppService.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242200 2016-11-11] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14030080 2015-08-05] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1880512 2017-02-23] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe [1971856 2016-10-24] (Wondershare software CO., LIMITED -> )
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [144520 2017-07-19] (Panda Security S.L. -> Panda Security, S.L.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [644552 2019-07-04] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2665017104-2237686660-164763984-1000\...\Run: [BingSvc] => C:\Users\Camilo\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (Microsoft Corporation -> © 2015 Microsoft Corporation)
HKU\S-1-5-21-2665017104-2237686660-164763984-1000\...\Run: [POP Peeper] => C:\Program Files (x86)\POP Peeper\POPPeeper.exe [2777776 2018-09-07] (Esumsoft -> Esumsoft)
HKU\S-1-5-21-2665017104-2237686660-164763984-1000\...\Run: [Spotify] => C:\Users\Camilo\AppData\Roaming\Spotify\Spotify.exe [24194464 2019-09-01] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-2665017104-2237686660-164763984-1000\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Camilo\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-2665017104-2237686660-164763984-1000\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Camilo\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-2665017104-2237686660-164763984-1000\...\RunOnce: [Uninstall 19.152.0801.0007\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Camilo\AppData\Local\Microsoft\OneDrive\19.152.0801.0007\amd64"
HKU\S-1-5-21-2665017104-2237686660-164763984-1000\...\RunOnce: [Uninstall 19.152.0801.0007] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Camilo\AppData\Local\Microsoft\OneDrive\19.152.0801.0007"
HKU\S-1-5-21-2665017104-2237686660-164763984-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Bubbles.scr [807424 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\77.0.3865.75\Installer\chrmstp.exe [2019-09-13] (Google LLC -> Google LLC)
AppInit_DLLs: C:\WINDOWS\system32\DriverStore\FileRepository\nvsmwu.inf_amd64_40e2f893a8ddfad8\nvinitx.dll => C:\WINDOWS\system32\DriverStore\FileRepository\nvsmwu.inf_amd64_40e2f893a8ddfad8\nvinitx.dll [183144 2017-01-17] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\system32\DriverStore\FileRepository\nvsmwu.inf_amd64_40e2f893a8ddfad8\nvinit.dll => C:\WINDOWS\system32\DriverStore\FileRepository\nvsmwu.inf_amd64_40e2f893a8ddfad8\nvinit.dll [161016 2017-01-17] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {00A17185-AFB2-49F3-87F5-8DAEFF13B0E5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [655736 2019-07-31] (HP Inc. -> HP Inc.)
Task: {04331B45-FE3B-468B-AED7-9436394B4B5A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1236048 2019-07-24] (Adobe Inc. -> Adobe Systems)
Task: {06691E5B-ED6F-4FDA-BE91-B0BF33D43C81} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {07074861-508E-4E4E-B1B7-C0E88FD11726} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [25128 2017-11-27] (HP Inc. -> )
Task: {07A15E74-75CD-44B7-B559-E323663D233C} - System32\Tasks\{38652DDC-AE93-49AD-B712-C253BA416318} => C:\WINDOWS\system32\pcalua.exe -a D:\SETUP.EXE -d D:\ -c /AUTORUN
Task: {0983BFC6-D3B7-4AC8-8E13-69AA63838D2B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {1658AF2D-336E-4002-B1E7-DAA7ACC22471} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1094008 2019-08-21] (HP Inc. -> HP Inc.)
Task: {25405CCD-DE28-4D7A-9E3A-7E3322934BD4} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [646592 2017-02-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3694259C-6765-49A7-9923-2E2C8340F4DD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-02-25] (Google Inc -> Google Inc.)
Task: {4579ECAF-FC91-4DD5-97CD-37A92B79D9CE} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Camilo\Downloads\esetonlinescanner_enu (3).exe [7657592 2019-02-02] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {4E7D0C60-AC89-4551-B47F-2AECEF94E9E0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {51247A5B-3A95-490D-B808-E5F58BB209C1} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [717248 2017-02-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {58C4D71A-A364-4DD5-8186-68C3EE8AF2EB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [136056 2019-01-02] (HP Inc. -> HP Inc.)
Task: {6262A7E5-80B3-47D2-8710-5710F250556C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [249720 2019-08-19] (HP Inc. -> HP Inc.)
Task: {68814BD6-0307-4CFB-B61D-E497C57CC851} - System32\Tasks\HPCeeScheduleForCamilo => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [96568 2015-06-16] (Hewlett-Packard Company -> Hewlett-Packard)
Task: {75372F51-BA4A-47E4-8CFE-605EC291DF4D} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Camilo\Downloads\esetonlinescanner_enu (3).exe [7657592 2019-02-02] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {75D02743-4BCC-49A2-A7E0-BFA84FFE9E53} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {7DAF959A-A7A8-4FE7-BA14-FB3B2AC1288D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-02-25] (Google Inc -> Google Inc.)
Task: {7F4A4F96-152D-4DA6-B11B-59A546D01944} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {90022E33-C203-4FD7-B364-8D52D38FE9EC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [655736 2019-07-31] (HP Inc. -> HP Inc.)
Task: {BACA4D64-C40D-46A8-A12C-DCA9C0B98895} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BF19A091-1332-400A-84AD-1CAAE60CD214} - System32\Tasks\HPCustParticipation HP DeskJet 3630 series => C:\Program Files\HP\HP DeskJet 3630 series\Bin\HPCustPartic.exe [6438536 2017-02-08] (Hewlett Packard -> HP Inc.)
Task: {C347B51B-1B79-4C2A-B664-4A5642694E11} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [945600 2017-02-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CCFB195C-BCA8-4E64-9732-F7AAAC6A341E} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [436160 2017-02-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D353BA47-69EB-4D99-845D-CE59CA5EA41F} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [717248 2017-02-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D461DC29-09DF-4BC2-AF8F-24967E22A278} - System32\Tasks\Opera scheduled Autoupdate 1444456389 => C:\Program Files (x86)\Opera\launcher.exe [1348632 2019-09-12] (Opera Software AS -> Opera Software)
Task: {E7DAD4D5-8B18-4294-83C5-15B4FC65588C} - System32\Tasks\HPCustParticipation HP Deskjet 1510 series => C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPCustPartic.exe [5745672 2014-03-06] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {F28B8E84-3D28-4912-8604-F5A61F884E98} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [646592 2017-02-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FFDF1B86-401D-4327-993A-0BE3D4987FFB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\HPCeeScheduleForCamilo.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{11679750-d21a-44d1-8891-44048bbd542c}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{8808ba8a-d705-48d3-a16e-dff1c958c936}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-2665017104-2237686660-164763984-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.co.uk/
BHO-x32: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [2001-04-16] (Adobe Systems, Incorporated -> )
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\ssv.dll [2019-09-01] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-09-01] (Oracle America, Inc. -> Oracle Corporation)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-2665017104-2237686660-164763984-1000 -> hxxp://google.co.uk/
FireFox:
========
FF DefaultProfile: 1jggpe4f.default
FF ProfilePath: C:\Users\Camilo\AppData\Roaming\Mozilla\Firefox\Profiles\1jggpe4f.default [2019-07-14]
FF Homepage: Mozilla\Firefox\Profiles\1jggpe4f.default -> hxxps://www.google.co.uk/?gws_rd=ssl
FF Extension: (Firebug) - C:\Users\Camilo\AppData\Roaming\Mozilla\Firefox\Profiles\1jggpe4f.default\Extensions\firebug@software.joehewitt.com.xpi [2017-03-08] [Legacy]
FF Extension: (Valence) - C:\Users\Camilo\AppData\Roaming\Mozilla\Firefox\Profiles\1jggpe4f.default\Extensions\fxdevtools-adapters@mozilla.org [2017-08-07] [Legacy]
FF HKLM-x32\...\Firefox\Extensions: [WSVCU@Wondershare.com] - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com_xpi
FF Extension: (Wondershare Video Converter Ultimate) - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com_xpi [2016-11-18] [Legacy]
FF Plugin-x32: @Java.com/DTPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-09-01] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Java.com/JavaPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-09-01] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-07-31] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2665017104-2237686660-164763984-1000: SkypePlugin -> C:\Users\Camilo\AppData\Local\SkypePlugin\7.32.6.278\npGatewayNpapi.dll [2017-04-18] (Microsoft Corporation -> Skype Technologies S.A.)
FF Plugin HKU\S-1-5-21-2665017104-2237686660-164763984-1000: SkypePlugin64 -> C:\Users\Camilo\AppData\Local\SkypePlugin\7.32.6.278\npGatewayNpapi-x64.dll [2017-04-18] (Microsoft Corporation -> Skype Technologies S.A.)
Chrome:
=======
CHR HomePage: Default -> msn.com
CHR StartupUrls: Default -> "hxxps://www.google.pt/search?q=google+chrome+start+page&oq=google+chrome+start+page&aqs=chrome..69i57j0l5.6076j0j4&sourceid=chrome&ie=UTF-8","hxxps://support.google.com/chrome/answer/2765944","chrome://settings/cleanup","hxxps://www.google.pt/search?ei=tGxCW7LgEsfKwALB473wAQ&q=how+to+set+chrome+homepage&oq=how+to+set+chrome+homepage&gs_l=psy-ab.3..0i7i30i19k1l5j0i7i10i30i19k1j0i7i30i19k1l3j0i19k1.4298.4868.0.5762.3.3.0.0.0.0.150.416.0j3.3.0....0...1c.1.64.psy-ab..0.3.415...0i7i30k1j0i7i10i30k1.0.y_B7Yw1FRwM","hxxps://support.google.com/chromebook/answer/95314?hl=en"
CHR Profile: C:\Users\Camilo\AppData\Local\Google\Chrome\User Data\Default [2019-09-14]
CHR Extension: (Google Drive) - C:\Users\Camilo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-22]
CHR Extension: (YouTube) - C:\Users\Camilo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-25]
CHR Extension: (Transfer data mozillaZine Forums) - C:\Users\Camilo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmfgeiaighlaenofogaceniecknhlakn [2018-03-03]
CHR Extension: (Adobe Acrobat) - C:\Users\Camilo\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-08-29]
CHR Extension: (Google Play Music) - C:\Users\Camilo\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2018-10-01]
CHR Extension: (MSN Homepage & Bing Search Engine) - C:\Users\Camilo\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2019-07-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Camilo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\Camilo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-02]
CHR Extension: (Chrome Media Router) - C:\Users\Camilo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-08-14]
CHR HKU\S-1-5-21-2665017104-2237686660-164763984-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [129752 2016-11-11] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [358264 2019-08-07] (HP Inc. -> HP Inc.)
R2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-27] (HP Inc. -> HP Inc.)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [109024 2017-07-19] (Panda Security S.L. -> Panda Security, S.L.)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [84176 2019-02-19] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [48784 2017-07-19] (Panda Security S.L. -> Panda Security, S.L.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\NisSrv.exe [2552416 2019-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MsMpEng.exe [108832 2019-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.3.1.1\WsAppService.exe [437392 2016-10-10] (Wondershare software CO., LIMITED -> Wondershare)
R2 NvContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000
S3 NvContainerNetworkService; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 ETDSMBus; C:\WINDOWS\system32\DRIVERS\ETDSMBus.sys [32328 2015-09-21] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.)
R1 NNSALPC; C:\WINDOWS\system32\DRIVERS\NNSALPC.sys [106976 2017-04-07] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSHTTP; C:\WINDOWS\system32\DRIVERS\NNSHTTP.sys [211936 2017-04-07] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSHTTPS; C:\WINDOWS\system32\DRIVERS\NNSHTTPS.sys [121312 2017-04-07] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSIDS; C:\WINDOWS\system32\DRIVERS\NNSIDS.sys [125920 2017-04-07] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSNAHSL; C:\WINDOWS\system32\DRIVERS\NNSNAHSL.sys [89960 2017-03-17] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPICC; C:\WINDOWS\system32\DRIVERS\NNSPICC.sys [118240 2017-04-07] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPIHSW; C:\WINDOWS\system32\DRIVERS\NNSPIHSW.sys [91104 2017-04-07] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPOP3; C:\WINDOWS\system32\DRIVERS\NNSPOP3.sys [135648 2017-04-07] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPROT; C:\WINDOWS\system32\DRIVERS\NNSPROT.sys [336352 2017-04-07] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPRV; C:\WINDOWS\system32\DRIVERS\NNSPRV.sys [226272 2017-04-07] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSSMTP; C:\WINDOWS\system32\DRIVERS\NNSSMTP.sys [123360 2017-04-07] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSSTRM; C:\WINDOWS\system32\DRIVERS\NNSSTRM.sys [280032 2017-04-07] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSTLSC; C:\WINDOWS\system32\DRIVERS\NNSTLSC.sys [125408 2017-04-07] (Panda Security S.L. -> Panda Security, S.L.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvsmwu.inf_amd64_40e2f893a8ddfad8\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-02-23] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2017-02-23] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-02-23] (NVIDIA Corporation -> NVIDIA Corporation)
R2 PSINAflt; C:\WINDOWS\system32\DRIVERS\PSINAflt.sys [179168 2017-07-19] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINFile; C:\WINDOWS\System32\DRIVERS\PSINFile.sys [140256 2017-07-19] (Panda Security S.L. -> Panda Security, S.L.)
R1 PSINKNC; C:\WINDOWS\system32\DRIVERS\PSINKNC.sys [207328 2017-07-19] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINProc; C:\WINDOWS\System32\DRIVERS\PSINProc.sys [133600 2017-07-19] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINProt; C:\WINDOWS\system32\DRIVERS\PSINProt.sys [146912 2017-07-19] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINReg; C:\WINDOWS\system32\DRIVERS\PSINReg.sys [117216 2017-07-19] (Panda Security S.L. -> Panda Security, S.L.)
S3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [72648 2017-05-22] (Panda Security S.L. -> Panda Security, S.L.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [711968 2019-06-04] (Realtek Semiconductor Corp. -> Realtek )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [47496 2019-08-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [344288 2019-08-30] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54496 2019-08-30] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-09-14 09:25 - 2019-09-14 09:27 - 000032363 _____ C:\Users\Camilo\Desktop\FRST.txt
2019-09-14 09:24 - 2019-09-14 09:23 - 001614848 _____ (Farbar) C:\Users\Camilo\Desktop\FRST64 (2).exe
2019-09-14 09:23 - 2019-09-14 09:23 - 001614848 _____ (Farbar) C:\Users\Camilo\Downloads\FRST64 (2).exe
2019-09-06 12:54 - 2019-09-06 12:54 - 000000107 _____ C:\Users\Camilo\Desktop\jazzy.txt
2019-09-01 08:35 - 2019-09-01 08:35 - 010186969 _____ C:\Users\Camilo\Downloads\Corto .webm
2019-09-01 08:35 - 2019-09-01 08:35 - 010186969 _____ C:\Users\Camilo\Downloads\Corto (1).webm
2019-09-01 08:26 - 2019-09-01 08:25 - 000133002 _____ C:\Users\Camilo\Desktop\Yahoo Mail - EDP - Copy.pdf
2019-09-01 08:25 - 2019-09-01 08:25 - 000133002 _____ C:\Users\Camilo\Desktop\Yahoo Mail - EDP.pdf
2019-09-01 08:23 - 2019-09-01 08:23 - 000008725 _____ C:\Users\Camilo\Downloads\Untitled (2)
2019-09-01 08:23 - 2019-09-01 08:23 - 000008725 _____ C:\Users\Camilo\Downloads\Untitled (1)
2019-09-01 08:22 - 2019-09-01 08:22 - 000008725 _____ C:\Users\Camilo\Downloads\Untitled
2019-09-01 08:20 - 2019-09-01 08:20 - 000133002 _____ C:\Users\Camilo\Downloads\Yahoo Mail - EDP.pdf
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-09-14 09:25 - 2018-03-21 08:42 - 000000000 ____D C:\FRST
2019-09-14 09:15 - 2019-04-09 22:36 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-09-14 01:34 - 2018-11-27 13:42 - 000000000 ____D C:\Users\Camilo\AppData\Roaming\Spotify
2019-09-13 22:34 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-09-13 21:14 - 2019-08-14 15:14 - 000000356 _____ C:\WINDOWS\Tasks\HPCeeScheduleForCamilo.job
2019-09-13 13:03 - 2017-02-25 13:51 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-09-13 12:56 - 2018-09-15 08:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-09-13 12:52 - 2017-06-29 20:13 - 000001149 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk
2019-09-13 12:52 - 2015-08-23 12:52 - 000000000 ____D C:\Program Files (x86)\Opera
2019-09-13 12:49 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-09-13 12:44 - 2019-04-09 22:43 - 000002366 _____ C:\Users\Camilo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-09-13 12:44 - 2015-11-17 17:50 - 000000000 ____D C:\ProgramData\NVIDIA
2019-09-13 12:44 - 2015-08-05 01:03 - 000000000 ___RD C:\Users\Camilo\OneDrive
2019-09-08 09:25 - 2016-12-30 16:36 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2019-09-08 09:25 - 2015-08-06 18:44 - 000001266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2019-09-08 09:25 - 2015-08-06 18:44 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-09-08 09:20 - 2019-04-09 23:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-09-06 10:37 - 2019-04-09 22:56 - 001672192 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-09-06 10:37 - 2019-04-09 18:46 - 000742444 _____ C:\WINDOWS\system32\prfh0816.dat
2019-09-06 10:37 - 2019-04-09 18:46 - 000144514 _____ C:\WINDOWS\system32\prfc0816.dat
2019-09-06 10:37 - 2018-09-15 08:31 - 000000000 ____D C:\WINDOWS\INF
2019-09-01 08:09 - 2016-03-31 14:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-09-01 08:09 - 2016-03-31 14:39 - 000000000 ____D C:\Program Files (x86)\Java
2019-09-01 08:07 - 2016-03-31 14:39 - 000098288 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2019-09-01 08:02 - 2018-11-27 13:43 - 000000000 ____D C:\Users\Camilo\AppData\Local\Spotify
2019-08-30 17:36 - 2018-05-26 06:38 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-08-30 16:28 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-08-29 22:35 - 2019-04-09 16:33 - 000000000 ___DC C:\WINDOWS\Panther
2019-08-29 21:37 - 2019-04-09 23:10 - 000028578 _____ C:\WINDOWS\diagwrn.xml
2019-08-29 21:37 - 2019-04-09 23:10 - 000028578 _____ C:\WINDOWS\diagerr.xml
2019-08-29 18:14 - 2018-09-15 07:09 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-08-29 17:57 - 2019-03-19 08:02 - 000000000 ___HD C:\$WINDOWS.~BT
2019-08-29 15:14 - 2019-08-14 15:14 - 000003252 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForCamilo
2019-08-29 14:21 - 2015-11-18 08:53 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-08-29 14:20 - 2015-08-05 19:27 - 000741432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2019-08-29 14:05 - 2019-04-09 22:43 - 000000000 ____D C:\Users\Camilo
2019-08-25 08:02 - 2019-04-09 23:12 - 000004156 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{8CA0EB1A-2769-4A1E-A7D9-792AE159DF1B}
2019-08-16 14:01 - 2015-08-05 17:10 - 000000000 ____D C:\Users\Camilo\AppData\Roaming\POP Peeper
==================== Files in the root of some directories ================
2018-03-02 19:16 - 2018-03-02 19:16 - 000003584 _____ () C:\Users\Camilo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-07-07 09:50 - 2018-07-07 09:50 - 000004096 ____H () C:\Users\Camilo\AppData\Local\keyfile3.drm
2018-08-27 12:24 - 2018-08-27 12:24 - 000000218 _____ () C:\Users\Camilo\AppData\Local\recently-used.xbel
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================
https://www.techsupportforum.com/for...w-1238070.html
The date in it was transferred from this one, which is behaving strange and slow. Some of the problems are identical like the script to do with the calendar that keeps propping up. There may be problems with the hardware abut I would be very happy if you could have a look at eventual infections.
Thank you
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-09-2019
Ran by Camilo (administrator) on CAMILO-PC (SAMSUNG ELECTRONICS CO., LTD. RC530/RC730) (14-09-2019 09:25:17)
Running from C:\Users\Camilo\Desktop
Loaded Profiles: Camilo (Available Profiles: Camilo & UpdatusUser)
Platform: Windows 10 Home Version 1809 17763.678 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(Esumsoft -> Esumsoft) C:\Program Files (x86)\POP Peeper\POPPeeper.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation -> © 2015 Microsoft Corporation) C:\Users\Camilo\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Camilo\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19071.901.0_x64__8wekyb3d8bbwe\YourPhone.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1907.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1907.4-0\NisSrv.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(Spotify AB -> Spotify Ltd) C:\Users\Camilo\AppData\Roaming\Spotify\Spotify.exe
(Spotify AB -> Spotify Ltd) C:\Users\Camilo\AppData\Roaming\Spotify\Spotify.exe
(Spotify AB -> Spotify Ltd) C:\Users\Camilo\AppData\Roaming\Spotify\Spotify.exe
(Spotify AB -> Spotify Ltd) C:\Users\Camilo\AppData\Roaming\Spotify\Spotify.exe
(Spotify AB -> Spotify Ltd) C:\Users\Camilo\AppData\Roaming\Spotify\Spotify.exe
(Spotify AB -> Spotify Ltd) C:\Users\Camilo\AppData\Roaming\Spotify\Spotify.exe
(Wondershare software CO., LIMITED -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.3.1.1\WsAppService.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242200 2016-11-11] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14030080 2015-08-05] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1880512 2017-02-23] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe [1971856 2016-10-24] (Wondershare software CO., LIMITED -> )
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [144520 2017-07-19] (Panda Security S.L. -> Panda Security, S.L.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [644552 2019-07-04] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2665017104-2237686660-164763984-1000\...\Run: [BingSvc] => C:\Users\Camilo\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (Microsoft Corporation -> © 2015 Microsoft Corporation)
HKU\S-1-5-21-2665017104-2237686660-164763984-1000\...\Run: [POP Peeper] => C:\Program Files (x86)\POP Peeper\POPPeeper.exe [2777776 2018-09-07] (Esumsoft -> Esumsoft)
HKU\S-1-5-21-2665017104-2237686660-164763984-1000\...\Run: [Spotify] => C:\Users\Camilo\AppData\Roaming\Spotify\Spotify.exe [24194464 2019-09-01] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-2665017104-2237686660-164763984-1000\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Camilo\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-2665017104-2237686660-164763984-1000\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Camilo\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-2665017104-2237686660-164763984-1000\...\RunOnce: [Uninstall 19.152.0801.0007\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Camilo\AppData\Local\Microsoft\OneDrive\19.152.0801.0007\amd64"
HKU\S-1-5-21-2665017104-2237686660-164763984-1000\...\RunOnce: [Uninstall 19.152.0801.0007] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Camilo\AppData\Local\Microsoft\OneDrive\19.152.0801.0007"
HKU\S-1-5-21-2665017104-2237686660-164763984-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Bubbles.scr [807424 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\77.0.3865.75\Installer\chrmstp.exe [2019-09-13] (Google LLC -> Google LLC)
AppInit_DLLs: C:\WINDOWS\system32\DriverStore\FileRepository\nvsmwu.inf_amd64_40e2f893a8ddfad8\nvinitx.dll => C:\WINDOWS\system32\DriverStore\FileRepository\nvsmwu.inf_amd64_40e2f893a8ddfad8\nvinitx.dll [183144 2017-01-17] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\system32\DriverStore\FileRepository\nvsmwu.inf_amd64_40e2f893a8ddfad8\nvinit.dll => C:\WINDOWS\system32\DriverStore\FileRepository\nvsmwu.inf_amd64_40e2f893a8ddfad8\nvinit.dll [161016 2017-01-17] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {00A17185-AFB2-49F3-87F5-8DAEFF13B0E5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [655736 2019-07-31] (HP Inc. -> HP Inc.)
Task: {04331B45-FE3B-468B-AED7-9436394B4B5A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1236048 2019-07-24] (Adobe Inc. -> Adobe Systems)
Task: {06691E5B-ED6F-4FDA-BE91-B0BF33D43C81} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {07074861-508E-4E4E-B1B7-C0E88FD11726} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [25128 2017-11-27] (HP Inc. -> )
Task: {07A15E74-75CD-44B7-B559-E323663D233C} - System32\Tasks\{38652DDC-AE93-49AD-B712-C253BA416318} => C:\WINDOWS\system32\pcalua.exe -a D:\SETUP.EXE -d D:\ -c /AUTORUN
Task: {0983BFC6-D3B7-4AC8-8E13-69AA63838D2B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {1658AF2D-336E-4002-B1E7-DAA7ACC22471} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1094008 2019-08-21] (HP Inc. -> HP Inc.)
Task: {25405CCD-DE28-4D7A-9E3A-7E3322934BD4} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [646592 2017-02-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3694259C-6765-49A7-9923-2E2C8340F4DD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-02-25] (Google Inc -> Google Inc.)
Task: {4579ECAF-FC91-4DD5-97CD-37A92B79D9CE} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Camilo\Downloads\esetonlinescanner_enu (3).exe [7657592 2019-02-02] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {4E7D0C60-AC89-4551-B47F-2AECEF94E9E0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {51247A5B-3A95-490D-B808-E5F58BB209C1} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [717248 2017-02-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {58C4D71A-A364-4DD5-8186-68C3EE8AF2EB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [136056 2019-01-02] (HP Inc. -> HP Inc.)
Task: {6262A7E5-80B3-47D2-8710-5710F250556C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [249720 2019-08-19] (HP Inc. -> HP Inc.)
Task: {68814BD6-0307-4CFB-B61D-E497C57CC851} - System32\Tasks\HPCeeScheduleForCamilo => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [96568 2015-06-16] (Hewlett-Packard Company -> Hewlett-Packard)
Task: {75372F51-BA4A-47E4-8CFE-605EC291DF4D} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Camilo\Downloads\esetonlinescanner_enu (3).exe [7657592 2019-02-02] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {75D02743-4BCC-49A2-A7E0-BFA84FFE9E53} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {7DAF959A-A7A8-4FE7-BA14-FB3B2AC1288D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-02-25] (Google Inc -> Google Inc.)
Task: {7F4A4F96-152D-4DA6-B11B-59A546D01944} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2017-02-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {90022E33-C203-4FD7-B364-8D52D38FE9EC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [655736 2019-07-31] (HP Inc. -> HP Inc.)
Task: {BACA4D64-C40D-46A8-A12C-DCA9C0B98895} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BF19A091-1332-400A-84AD-1CAAE60CD214} - System32\Tasks\HPCustParticipation HP DeskJet 3630 series => C:\Program Files\HP\HP DeskJet 3630 series\Bin\HPCustPartic.exe [6438536 2017-02-08] (Hewlett Packard -> HP Inc.)
Task: {C347B51B-1B79-4C2A-B664-4A5642694E11} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [945600 2017-02-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CCFB195C-BCA8-4E64-9732-F7AAAC6A341E} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [436160 2017-02-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D353BA47-69EB-4D99-845D-CE59CA5EA41F} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [717248 2017-02-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D461DC29-09DF-4BC2-AF8F-24967E22A278} - System32\Tasks\Opera scheduled Autoupdate 1444456389 => C:\Program Files (x86)\Opera\launcher.exe [1348632 2019-09-12] (Opera Software AS -> Opera Software)
Task: {E7DAD4D5-8B18-4294-83C5-15B4FC65588C} - System32\Tasks\HPCustParticipation HP Deskjet 1510 series => C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPCustPartic.exe [5745672 2014-03-06] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {F28B8E84-3D28-4912-8604-F5A61F884E98} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [646592 2017-02-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FFDF1B86-401D-4327-993A-0BE3D4987FFB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MpCmdRun.exe [469960 2019-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\HPCeeScheduleForCamilo.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{11679750-d21a-44d1-8891-44048bbd542c}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{8808ba8a-d705-48d3-a16e-dff1c958c936}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-2665017104-2237686660-164763984-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.co.uk/
BHO-x32: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [2001-04-16] (Adobe Systems, Incorporated -> )
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\ssv.dll [2019-09-01] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-09-01] (Oracle America, Inc. -> Oracle Corporation)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-2665017104-2237686660-164763984-1000 -> hxxp://google.co.uk/
FireFox:
========
FF DefaultProfile: 1jggpe4f.default
FF ProfilePath: C:\Users\Camilo\AppData\Roaming\Mozilla\Firefox\Profiles\1jggpe4f.default [2019-07-14]
FF Homepage: Mozilla\Firefox\Profiles\1jggpe4f.default -> hxxps://www.google.co.uk/?gws_rd=ssl
FF Extension: (Firebug) - C:\Users\Camilo\AppData\Roaming\Mozilla\Firefox\Profiles\1jggpe4f.default\Extensions\firebug@software.joehewitt.com.xpi [2017-03-08] [Legacy]
FF Extension: (Valence) - C:\Users\Camilo\AppData\Roaming\Mozilla\Firefox\Profiles\1jggpe4f.default\Extensions\fxdevtools-adapters@mozilla.org [2017-08-07] [Legacy]
FF HKLM-x32\...\Firefox\Extensions: [WSVCU@Wondershare.com] - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com_xpi
FF Extension: (Wondershare Video Converter Ultimate) - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com_xpi [2016-11-18] [Legacy]
FF Plugin-x32: @Java.com/DTPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-09-01] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Java.com/JavaPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-09-01] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-07-31] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2665017104-2237686660-164763984-1000: SkypePlugin -> C:\Users\Camilo\AppData\Local\SkypePlugin\7.32.6.278\npGatewayNpapi.dll [2017-04-18] (Microsoft Corporation -> Skype Technologies S.A.)
FF Plugin HKU\S-1-5-21-2665017104-2237686660-164763984-1000: SkypePlugin64 -> C:\Users\Camilo\AppData\Local\SkypePlugin\7.32.6.278\npGatewayNpapi-x64.dll [2017-04-18] (Microsoft Corporation -> Skype Technologies S.A.)
Chrome:
=======
CHR HomePage: Default -> msn.com
CHR StartupUrls: Default -> "hxxps://www.google.pt/search?q=google+chrome+start+page&oq=google+chrome+start+page&aqs=chrome..69i57j0l5.6076j0j4&sourceid=chrome&ie=UTF-8","hxxps://support.google.com/chrome/answer/2765944","chrome://settings/cleanup","hxxps://www.google.pt/search?ei=tGxCW7LgEsfKwALB473wAQ&q=how+to+set+chrome+homepage&oq=how+to+set+chrome+homepage&gs_l=psy-ab.3..0i7i30i19k1l5j0i7i10i30i19k1j0i7i30i19k1l3j0i19k1.4298.4868.0.5762.3.3.0.0.0.0.150.416.0j3.3.0....0...1c.1.64.psy-ab..0.3.415...0i7i30k1j0i7i10i30k1.0.y_B7Yw1FRwM","hxxps://support.google.com/chromebook/answer/95314?hl=en"
CHR Profile: C:\Users\Camilo\AppData\Local\Google\Chrome\User Data\Default [2019-09-14]
CHR Extension: (Google Drive) - C:\Users\Camilo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-22]
CHR Extension: (YouTube) - C:\Users\Camilo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-25]
CHR Extension: (Transfer data mozillaZine Forums) - C:\Users\Camilo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmfgeiaighlaenofogaceniecknhlakn [2018-03-03]
CHR Extension: (Adobe Acrobat) - C:\Users\Camilo\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-08-29]
CHR Extension: (Google Play Music) - C:\Users\Camilo\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2018-10-01]
CHR Extension: (MSN Homepage & Bing Search Engine) - C:\Users\Camilo\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2019-07-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Camilo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\Camilo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-02]
CHR Extension: (Chrome Media Router) - C:\Users\Camilo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-08-14]
CHR HKU\S-1-5-21-2665017104-2237686660-164763984-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [129752 2016-11-11] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [358264 2019-08-07] (HP Inc. -> HP Inc.)
R2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-27] (HP Inc. -> HP Inc.)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [109024 2017-07-19] (Panda Security S.L. -> Panda Security, S.L.)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [84176 2019-02-19] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [48784 2017-07-19] (Panda Security S.L. -> Panda Security, S.L.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\NisSrv.exe [2552416 2019-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MsMpEng.exe [108832 2019-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.3.1.1\WsAppService.exe [437392 2016-10-10] (Wondershare software CO., LIMITED -> Wondershare)
R2 NvContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000
S3 NvContainerNetworkService; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 ETDSMBus; C:\WINDOWS\system32\DRIVERS\ETDSMBus.sys [32328 2015-09-21] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.)
R1 NNSALPC; C:\WINDOWS\system32\DRIVERS\NNSALPC.sys [106976 2017-04-07] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSHTTP; C:\WINDOWS\system32\DRIVERS\NNSHTTP.sys [211936 2017-04-07] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSHTTPS; C:\WINDOWS\system32\DRIVERS\NNSHTTPS.sys [121312 2017-04-07] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSIDS; C:\WINDOWS\system32\DRIVERS\NNSIDS.sys [125920 2017-04-07] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSNAHSL; C:\WINDOWS\system32\DRIVERS\NNSNAHSL.sys [89960 2017-03-17] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPICC; C:\WINDOWS\system32\DRIVERS\NNSPICC.sys [118240 2017-04-07] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPIHSW; C:\WINDOWS\system32\DRIVERS\NNSPIHSW.sys [91104 2017-04-07] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPOP3; C:\WINDOWS\system32\DRIVERS\NNSPOP3.sys [135648 2017-04-07] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPROT; C:\WINDOWS\system32\DRIVERS\NNSPROT.sys [336352 2017-04-07] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPRV; C:\WINDOWS\system32\DRIVERS\NNSPRV.sys [226272 2017-04-07] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSSMTP; C:\WINDOWS\system32\DRIVERS\NNSSMTP.sys [123360 2017-04-07] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSSTRM; C:\WINDOWS\system32\DRIVERS\NNSSTRM.sys [280032 2017-04-07] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSTLSC; C:\WINDOWS\system32\DRIVERS\NNSTLSC.sys [125408 2017-04-07] (Panda Security S.L. -> Panda Security, S.L.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvsmwu.inf_amd64_40e2f893a8ddfad8\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-02-23] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2017-02-23] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-02-23] (NVIDIA Corporation -> NVIDIA Corporation)
R2 PSINAflt; C:\WINDOWS\system32\DRIVERS\PSINAflt.sys [179168 2017-07-19] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINFile; C:\WINDOWS\System32\DRIVERS\PSINFile.sys [140256 2017-07-19] (Panda Security S.L. -> Panda Security, S.L.)
R1 PSINKNC; C:\WINDOWS\system32\DRIVERS\PSINKNC.sys [207328 2017-07-19] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINProc; C:\WINDOWS\System32\DRIVERS\PSINProc.sys [133600 2017-07-19] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINProt; C:\WINDOWS\system32\DRIVERS\PSINProt.sys [146912 2017-07-19] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINReg; C:\WINDOWS\system32\DRIVERS\PSINReg.sys [117216 2017-07-19] (Panda Security S.L. -> Panda Security, S.L.)
S3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [72648 2017-05-22] (Panda Security S.L. -> Panda Security, S.L.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [711968 2019-06-04] (Realtek Semiconductor Corp. -> Realtek )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [47496 2019-08-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [344288 2019-08-30] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54496 2019-08-30] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-09-14 09:25 - 2019-09-14 09:27 - 000032363 _____ C:\Users\Camilo\Desktop\FRST.txt
2019-09-14 09:24 - 2019-09-14 09:23 - 001614848 _____ (Farbar) C:\Users\Camilo\Desktop\FRST64 (2).exe
2019-09-14 09:23 - 2019-09-14 09:23 - 001614848 _____ (Farbar) C:\Users\Camilo\Downloads\FRST64 (2).exe
2019-09-06 12:54 - 2019-09-06 12:54 - 000000107 _____ C:\Users\Camilo\Desktop\jazzy.txt
2019-09-01 08:35 - 2019-09-01 08:35 - 010186969 _____ C:\Users\Camilo\Downloads\Corto .webm
2019-09-01 08:35 - 2019-09-01 08:35 - 010186969 _____ C:\Users\Camilo\Downloads\Corto (1).webm
2019-09-01 08:26 - 2019-09-01 08:25 - 000133002 _____ C:\Users\Camilo\Desktop\Yahoo Mail - EDP - Copy.pdf
2019-09-01 08:25 - 2019-09-01 08:25 - 000133002 _____ C:\Users\Camilo\Desktop\Yahoo Mail - EDP.pdf
2019-09-01 08:23 - 2019-09-01 08:23 - 000008725 _____ C:\Users\Camilo\Downloads\Untitled (2)
2019-09-01 08:23 - 2019-09-01 08:23 - 000008725 _____ C:\Users\Camilo\Downloads\Untitled (1)
2019-09-01 08:22 - 2019-09-01 08:22 - 000008725 _____ C:\Users\Camilo\Downloads\Untitled
2019-09-01 08:20 - 2019-09-01 08:20 - 000133002 _____ C:\Users\Camilo\Downloads\Yahoo Mail - EDP.pdf
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-09-14 09:25 - 2018-03-21 08:42 - 000000000 ____D C:\FRST
2019-09-14 09:15 - 2019-04-09 22:36 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-09-14 01:34 - 2018-11-27 13:42 - 000000000 ____D C:\Users\Camilo\AppData\Roaming\Spotify
2019-09-13 22:34 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-09-13 21:14 - 2019-08-14 15:14 - 000000356 _____ C:\WINDOWS\Tasks\HPCeeScheduleForCamilo.job
2019-09-13 13:03 - 2017-02-25 13:51 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-09-13 12:56 - 2018-09-15 08:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-09-13 12:52 - 2017-06-29 20:13 - 000001149 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk
2019-09-13 12:52 - 2015-08-23 12:52 - 000000000 ____D C:\Program Files (x86)\Opera
2019-09-13 12:49 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-09-13 12:44 - 2019-04-09 22:43 - 000002366 _____ C:\Users\Camilo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-09-13 12:44 - 2015-11-17 17:50 - 000000000 ____D C:\ProgramData\NVIDIA
2019-09-13 12:44 - 2015-08-05 01:03 - 000000000 ___RD C:\Users\Camilo\OneDrive
2019-09-08 09:25 - 2016-12-30 16:36 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2019-09-08 09:25 - 2015-08-06 18:44 - 000001266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2019-09-08 09:25 - 2015-08-06 18:44 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-09-08 09:20 - 2019-04-09 23:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-09-06 10:37 - 2019-04-09 22:56 - 001672192 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-09-06 10:37 - 2019-04-09 18:46 - 000742444 _____ C:\WINDOWS\system32\prfh0816.dat
2019-09-06 10:37 - 2019-04-09 18:46 - 000144514 _____ C:\WINDOWS\system32\prfc0816.dat
2019-09-06 10:37 - 2018-09-15 08:31 - 000000000 ____D C:\WINDOWS\INF
2019-09-01 08:09 - 2016-03-31 14:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-09-01 08:09 - 2016-03-31 14:39 - 000000000 ____D C:\Program Files (x86)\Java
2019-09-01 08:07 - 2016-03-31 14:39 - 000098288 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2019-09-01 08:02 - 2018-11-27 13:43 - 000000000 ____D C:\Users\Camilo\AppData\Local\Spotify
2019-08-30 17:36 - 2018-05-26 06:38 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-08-30 16:28 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-08-29 22:35 - 2019-04-09 16:33 - 000000000 ___DC C:\WINDOWS\Panther
2019-08-29 21:37 - 2019-04-09 23:10 - 000028578 _____ C:\WINDOWS\diagwrn.xml
2019-08-29 21:37 - 2019-04-09 23:10 - 000028578 _____ C:\WINDOWS\diagerr.xml
2019-08-29 18:14 - 2018-09-15 07:09 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-08-29 17:57 - 2019-03-19 08:02 - 000000000 ___HD C:\$WINDOWS.~BT
2019-08-29 15:14 - 2019-08-14 15:14 - 000003252 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForCamilo
2019-08-29 14:21 - 2015-11-18 08:53 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-08-29 14:20 - 2015-08-05 19:27 - 000741432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2019-08-29 14:05 - 2019-04-09 22:43 - 000000000 ____D C:\Users\Camilo
2019-08-25 08:02 - 2019-04-09 23:12 - 000004156 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{8CA0EB1A-2769-4A1E-A7D9-792AE159DF1B}
2019-08-16 14:01 - 2015-08-05 17:10 - 000000000 ____D C:\Users\Camilo\AppData\Roaming\POP Peeper
==================== Files in the root of some directories ================
2018-03-02 19:16 - 2018-03-02 19:16 - 000003584 _____ () C:\Users\Camilo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-07-07 09:50 - 2018-07-07 09:50 - 000004096 ____H () C:\Users\Camilo\AppData\Local\keyfile3.drm
2018-08-27 12:24 - 2018-08-27 12:24 - 000000218 _____ () C:\Users\Camilo\AppData\Local\recently-used.xbel
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================