I installed a trojan and i think my pc is infected - Virus, Trojan, Spyware, and Malware Removal Help - BleepingComputer

After installing a trojan my pc is being so laggy, i get my emails and accounts stealed, but im recovering it, then my cpu was in 100%, i run malware bytes and moved all to quarantine but i still thinking my pc is lagged and sometimes freeze.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-07-2021 01

Ran by User (administrator) on RAFLAKE (30-07-2021 13:50:38)

Running from C:\Users\User\Desktop

Loaded Profiles: User

Platform: Windows 10 Home Version 20H2 19042.1110 (X64) Language: Português (Portugal)

Default browser: Chrome

Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe

(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe

(Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe

(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

(ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe

(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe

(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe

(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\ASUSRelayWS.exe

(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\File Transfer Server.exe

(ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe

(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.76\AsusFanControlService.exe

(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.02.06\atkexComSvc.exe

(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe

(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe

(ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.UserSessionHelper.exe

(ASUSTEK COMPUTER INCORPORATION -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe

(Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe

(Autodesk, Inc. -> Autodesk Inc.) C:\Windows\Temp\AdAppMgrUpdater.exe

(Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\9.2.2.2501\AdskLicensingService\AdskLicensingService.exe

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Cleanup\TuneupSvc.exe

(Discord Inc. -> Discord Inc.) C:\Users\User\AppData\Local\Discord\app-1.0.9002\Discord.exe <6>

(DTS, Inc. -> DTS, Inc.) C:\Program Files (x86)\DTS, Inc\DTS Custom\APO3GUI.exe

(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe

(Flexera Software LLC -> Flexera) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe

(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <38>

(INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe

(INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt\IGCC.exe

(Intel Corporation -> Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe

(Intel Corporation) [File not signed] C:\Windows\System32\IPROSetMonitor.exe

(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe

(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_c52b34f1b30918c5\RstMwService.exe

(Invincea, Inc. -> Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe

(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe

(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe

(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe

(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe

(McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe <2>

(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.53.17002.0_x64__8wekyb3d8bbwe\GamingServices.exe

(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.53.17002.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>

(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe

(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>

(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>

(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe

(Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_9dda6a81a12e6ac4\Display.NvContainer\NVDisplay.Container.exe <2>

(Parsec Cloud, Inc. -> Parsec) C:\Program Files\Parsec\pservice.exe

(Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe

(Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe

(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe

(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe

(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

(Scarlet.Crush Productions) [File not signed] C:\Users\User\Desktop\All\Programas\ScpServer\bin\ScpService.exe

(Skillbrains) [File not signed] C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\Lightshot.exe

(Skutta, Kristjan -> ) E:\Jogos Rafa\steamapps\common\wallpaper_engine\wallpaper32.exe

(SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesGG.exe

(TEFINCOM S.A. -> TEFINCOM S.A.) C:\Program Files\NordVPN\nordvpn-service.exe

(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe

(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>

(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9246656 2018-01-03] (Realtek Semiconductor Corp. -> Realtek Semiconductor)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [123672 2021-06-28] (Avast Software s.r.o. -> AVAST Software)

HKLM\...\Run: [TuneupUI.exe] => C:\Program Files\Avast Software\Cleanup\TuneupUI.exe [2429664 2021-03-11] (Avast Software s.r.o. -> AVAST Software)

HKLM\...\Run: [SteelSeriesGG] => C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesGG.exe [15181136 2021-06-17] (SteelSeries ApS -> SteelSeries ApS)

HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2017-04-11] (OOO Lightshot -> )

HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2410968 2019-01-22] (Adobe Systems Incorporated -> Adobe Inc.)

HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [664872 2020-03-04] (Autodesk, Inc. -> Autodesk, Inc.)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation)

HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION

HKU\S-1-5-21-2912089951-2960547922-1568280926-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33251808 2021-07-28] (Epic Games Inc. -> Epic Games, Inc.)

HKU\S-1-5-21-2912089951-2960547922-1568280926-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3513072 2020-06-12] (Razer USA Ltd. -> Razer Inc.)

HKU\S-1-5-21-2912089951-2960547922-1568280926-1001\...\Run: [Spotify] => C:\Users\User\AppData\Roaming\Spotify\Spotify.exe [23597640 2021-02-13] (Spotify AB -> Spotify Ltd)

HKU\S-1-5-21-2912089951-2960547922-1568280926-1001\...\Run: [FACEIT] => C:\Users\User\AppData\Local\FACEITApp\update.exe [2204616 2020-05-01] (FACE IT LIMITED -> )

HKU\S-1-5-21-2912089951-2960547922-1568280926-1001\...\Run: [uTorrent] => C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe [2132520 2021-05-29] (BitTorrent Inc -> BitTorrent Inc.)

HKU\S-1-5-21-2912089951-2960547922-1568280926-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [3672920 2020-02-20] (Invincea, Inc. -> Sandboxie Holdings, LLC)

HKU\S-1-5-21-2912089951-2960547922-1568280926-1001\...\Run: [NordVPN] => C:\Program Files\NordVPN\NordVPN.exe [274176 2020-10-16] (TEFINCOM S.A. -> TEFINCOM S.A.)

HKU\S-1-5-21-2912089951-2960547922-1568280926-1001\...\Run: [DiscordPTB] => C:\Users\User\AppData\Local\DiscordPTB\Update.exe [1512760 2020-11-24] (Discord Inc. -> GitHub)

HKU\S-1-5-21-2912089951-2960547922-1568280926-1001\...\Run: [Opera GX Browser Assistant] => C:\Users\User\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software)

HKU\S-1-5-21-2912089951-2960547922-1568280926-1001\...\Run: [Discord] => C:\Users\User\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)

HKU\S-1-5-21-2912089951-2960547922-1568280926-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4273896 2021-07-30] (Valve -> Valve Corporation)

HKU\S-1-5-21-2912089951-2960547922-1568280926-1001\...\Run: [WallpaperEngine] => E:\Jogos Rafa\steamapps\common\wallpaper_engine\wallpaper32.exe [2652832 2021-06-21] (Skutta, Kristjan -> )

HKU\S-1-5-21-2912089951-2960547922-1568280926-1001\...\Run: [Parsec.App.0] => C:\Program Files\Parsec\parsecd.exe [430272 2021-06-09] (Parsec Cloud, Inc. -> Parsec)

HKU\S-1-5-21-2912089951-2960547922-1568280926-1001\...\Run: [DiscordCanary] => C:\Users\User\AppData\Local\DiscordCanary\Update.exe [1512104 2021-06-28] (Discord Inc. -> GitHub)

HKU\S-1-5-21-2912089951-2960547922-1568280926-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\User\AppData\Local\Microsoft\Teams\Update.exe [2453728 2021-04-09] (Microsoft 3rd Party Application Component -> Microsoft Corporation)

HKU\S-1-5-21-2912089951-2960547922-1568280926-1001\...\RunOnce: [Application Restart #2] => C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\Common7\IDE\devenv.exe [747936 2020-03-21] (Microsoft Corporation -> Microsoft Corporation)

HKU\S-1-5-21-2912089951-2960547922-1568280926-1001\...\Policies\Explorer: [] 

HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\92.0.4515.107\Installer\chrmstp.exe [2021-07-20] (Google LLC -> Google LLC)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\DTS Custom.lnk [2019-02-12]

ShortcutTarget: DTS Custom.lnk -> C:\Program Files (x86)\DTS, Inc\DTS Custom\APO3GUI.exe (DTS, Inc. -> DTS, Inc.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ROCCAT Swarm Monitor.lnk [2019-03-06]

ShortcutTarget: ROCCAT Swarm Monitor.lnk -> C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\ROCCAT_Swarm_Monitor.exe (Voyetra Turtle Beach, Inc. -> ROCCAT)

Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GenuineService.lnk [2020-10-14]

ShortcutTarget: GenuineService.lnk -> C:\Users\User\Autodesk\Genuine Service\GenuineService.exe (Autodesk, Inc. -> Autodesk)

BootExecute: autocheck autochk * icarus_rvrt.exe

Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0488A15F-0D63-43D2-8852-4972ADF46838} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

Task: {08B6C7B9-C03C-4ABB-9EDC-A9C64BB06034} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {177FF0D4-83A2-4EDB-8DF3-E2FCAB7D5D13} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log

Task: {222C54D1-AB6C-460A-B3B8-14CB49BF1D08} - System32\Tasks\WpsExternal_User_20210722203329 => C:\Users\User\AppData\Local\Kingsoft\WPS Office\11.2.0.10223\office6\wpscloudsvr.exe [1666816 2021-07-22] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)

Task: {25AE59A2-21BC-4BB5-8E23-2F38C7578B86} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)

Task: {28F4C4DD-E91A-4740-A43A-B1C83292F1E4} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {2DD634CD-6318-4C37-BCA7-EED8A8387AE5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-02-09] (Google Inc -> Google Inc.)

Task: {2E01D7B2-CB18-4A6D-88C5-CCF5811D1441} - System32\Tasks\ASUS\GpuFanHelper => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe [4329008 2019-04-09] (ASUSTeK Computer Inc. -> TODO: <Company name>)

Task: {2FE59016-2A21-4BBA-8DC0-1653336BC5E2} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\8.4.0\AutoUpdate.exe [2285592 2021-04-09] (IObit CO., LTD -> IObit)

Task: {33FD5353-5F46-42BD-B022-2F6EB5C40CC6} - System32\Tasks\WpsUpdateTask_User => C:\Users\User\AppData\Local\Kingsoft\WPS Office\11.2.0.10223\office6\wpsupdate.exe [164608 2021-07-22] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)

Task: {3D5A3D0D-B2CA-41C0-BC0E-A542C9E2A70B} - System32\Tasks\Avast Software\Avast Cleanup Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\icarus.exe [5493472 2021-03-08] (Avast Software s.r.o. -> Avast Software)

Task: {3F165B91-DAA5-4591-9252-491A762D5485} - System32\Tasks\update-S-1-5-21-2912089951-2960547922-1568280926-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)

Task: {44D42BFE-9B8D-4FC1-A0AC-12A1DABEBCA4} - System32\Tasks\ROCCAT DEVICE SERVICE => C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\ROCCAT_dev_service.exe [442872 2021-01-25] (Voyetra Turtle Beach, Inc. -> ROCCAT)

Task: {4817E38C-32F8-4203-9A52-EF9C584987DF} - System32\Tasks\Services32 => C:\Users\User\AppData\Local\Temp\Services32.exe <==== ATTENTION

Task: {4AE4C8D1-C8DE-4107-AA1B-5368B5D81C42} - System32\Tasks\System\SecurityHealthsysTray => C:\Users\User\AppData\Roaming\Microsoft\Windows\SecurityHealthsysTray.exe <==== ATTENTION

Task: {574CA7FB-5724-4211-8E93-C7BC18048C9C} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [1456688 2019-04-09] (ASUSTeK Computer Inc. -> )

Task: {5A7268B5-5810-4BEA-BFDF-7965ADC932D7} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {632071C4-F88D-4FCF-9B7E-038729555344} - System32\Tasks\ASUS\Ez Update => C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe [1509424 2019-04-09] (ASUSTeK Computer Inc. -> )

Task: {6CDB1FC0-F5E5-4BB0-A113-D1D851438B2B} - System32\Tasks\Opera GX scheduled Autoupdate 1614992286 => C:\Users\User\AppData\Local\Programs\Opera GX\launcher.exe [1896656 2021-07-21] (Opera Software AS -> Opera Software)

Task: {738BF0CF-A6DD-4570-8388-C95DFD86519A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {79BC1A0F-740D-4426-914C-48C872ED166A} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [168520 2021-01-22] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)

Task: {7B0B735C-9547-40F1-9E8A-8D0031AF95B8} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [65648 2020-03-21] (Microsoft Corporation -> Microsoft)

Task: {7D73DAAC-F64C-4125-B641-E946B0266FD3} - System32\Tasks\ASUS\ASUS File Transfer Server Launcher => C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\File Transfer Server Launcher.exe [1898480 2017-09-19] (ASUSTeK Computer Inc. -> TODO: <Company name>)

Task: {7F8C2EDA-9536-4BBB-9631-A3DF62974D7B} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)

Task: {85A97713-C3A2-4E25-BEE6-5ADCE328AA5B} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1790184 2021-04-29] (Avast Software s.r.o. -> Avast Software)

Task: {99382CF0-65C3-4D1C-A060-97D6451A2FD8} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2489176 2021-01-24] (Overwolf Ltd -> Overwolf LTD)

Task: {A1FE0774-DB26-4A32-BD9F-429BA0074749} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {A3B14301-BA6D-47AC-A560-B9761E547087} - System32\Tasks\dts_apo_service_task => C:\Program Files (x86)\DTS, Inc\DTS Custom\dts_apo_task.exe [18872 2017-10-13] (DTS, Inc. -> )

Task: {A53EF05E-B093-4A92-A6B0-9FD9E3B6E6AD} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2110000 2019-04-09] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)

Task: {B40AA517-F4FA-483F-A424-356D0E477135} - System32\Tasks\Avast Software\Avast Cleanup BugReport => C:\Program Files\Avast Software\Cleanup\AvBugReport.exe [4665568 2021-03-11] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 62 --programpath "C:\Program Files\Avast Software\Cleanup\Setup\.." --configpath "C:\Program Files\Avast Software\Cleanup\Setup" --path "C:\ProgramData\Avast Software\Cleanup\log"  --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid fd2dc64b-d236-4046-9127-a492a46eb190

Task: {BAD8BF20-9FDE-41C2-9FDB-67410DA403C0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-02-09] (Google Inc -> Google Inc.)

Task: {BD1BB25A-3255-4513-866C-BD27D0B495C3} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [694256 2021-03-10] (Mozilla Corporation -> Mozilla Foundation)

Task: {C704035E-6228-474C-91B5-726F51186830} - System32\Tasks\PCI Subsystem => C:\Users\User\Desktop\SteamAccountPrimeGenerator.exe

Task: {C9E10CED-EA66-462F-A883-02A5EC0CB53B} - System32\Tasks\PCI Subsystem Task => C:\Program Files (x86)\PCI Subsystem\pciss.exe

Task: {CB0DA2D6-A7D1-4C8D-8426-AFF41DA50F67} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\8.4.0\Scheduler.exe [156696 2021-04-09] (IObit CO., LTD -> IObit)

Task: {CD0DB621-11EC-4189-8DF3-15DEA8E77819} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK

Task: {CDFB98B0-FEB0-4609-955F-D5E97DB4A62B} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {CE14C6EA-F85B-4C6D-AEC3-697732F12A7D} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {D1422F63-B388-4981-80D6-F94C0B30C04D} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel® Trust Services -> Intel® Corporation)

Task: {D31A34DD-62F6-4418-968E-6BB2C8A63102} - System32\Tasks\ProtonVPN Update => C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe [61760 2020-10-06] (ProtonVPN AG -> )

Task: {D43DB622-EBF2-4B0D-83EC-F62901C43501} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [168520 2021-01-22] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)

Task: {D8095E48-315F-412A-950E-5232DD95C8C2} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log

Task: {DCC85452-0093-46FB-A76F-84B0EED70F9B} - System32\Tasks\Driver Booster SkipUAC (User) => C:\Program Files (x86)\IObit\Driver Booster\8.4.0\DriverBooster.exe [8243224 2021-04-22] (IObit CO., LTD -> IObit)

Task: {FCE0E417-A4E4-4AA0-8B37-325ADBCCE408} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4903192 2021-06-28] (Avast Software s.r.o. -> AVAST Software)

Task: {FEF0F3D1-EC9D-4E8E-8BC6-F8F33F64F463} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {FFA2EE86-6F92-4DBE-9AF0-7E0CFEB43D2B} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1616969719 => C:\Users\User\AppData\Local\Programs\Opera GX\launcher.exe [1896656 2021-07-21] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\User\AppData\Local\Programs\Opera GX\assistant" $(Arg0)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

Task: C:\WINDOWS\Tasks\Intel PTT EK Recertification.job => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe

Task: C:\WINDOWS\Tasks\update-S-1-5-21-2912089951-2960547922-1568280926-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

Task: C:\WINDOWS\Tasks\WpsExternal_User_20210722203329.job => C:\Users\User\AppData\Local\Kingsoft\WPS Office\11.2.0.10223\office6\wpscloudsvr.exe/wpscloudlaunch /run_plugin /plugin_name=ktaskschdtool /plugin_entry=ktaskschdtool.dll

Task: C:\WINDOWS\Tasks\WpsUpdateTask_User.job => C:\Users\User\AppData\Local\Kingsoft\WPS Office\11.2.0.10223\office6\wpsupdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-2912089951-2960547922-1568280926-1001] => 127.0.0.1:8080

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

Tcpip\Parameters: [DhcpNameServer] 62.169.70.160 212.113.177.241 192.168.1.1

Tcpip\..\Interfaces\{2fdda249-300e-409f-8f93-3816be76ee1c}: [DhcpNameServer] 192.168.0.1 0.0.0.0

Tcpip\..\Interfaces\{80eed547-2e04-4fc4-af3c-d275121b1d74}: [DhcpNameServer] 8.8.8.8

Tcpip\..\Interfaces\{f40d5ea9-c7af-49ed-94d2-357a6e67bd94}: [NameServer] 8.8.8.8,8.8.4.4

Tcpip\..\Interfaces\{f40d5ea9-c7af-49ed-94d2-357a6e67bd94}: [DhcpNameServer] 62.169.70.160 212.113.177.241 192.168.1.1

DownloadDir: C:\Users\User\Downloads

Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]

Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]

Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]

Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]

Edge DefaultProfile: Default

Edge Profile: C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default [2021-07-20]

Edge HomePage: Default -> hxxp://www.google.com/

FF DefaultProfile: zp9wzgri.default

FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\zp9wzgri.default [2021-03-18]

FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0lkrl5ds.default-release [2021-05-23]

FF NetworkProxy: Mozilla\Firefox\Profiles\0lkrl5ds.default-release -> backup.ftp", ""

FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi => not found

FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi => not found

FF Plugin: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-04-26] (Oracle America, Inc. -> Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-04-26] (Oracle America, Inc. -> Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)

FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)

FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)

FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)

FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)

FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)

FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)

FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-01-22] (Adobe Systems Incorporated -> Adobe Systems)

FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1234204.dll [2018-06-06] (Adobe Systems, Inc.) [File not signed]

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-02-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-01-22] (Adobe Systems Incorporated -> Adobe Systems)

CHR DefaultProfile: Default

CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2021-07-30]

CHR HomePage: Default -> hxxp://www.google.com/

CHR StartupUrls: Default -> "hxxp://www.google.com/"

CHR Extension: (Easy Auto Refresh) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc [2021-04-12]

CHR Extension: (BetterTTV) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2021-07-26]

CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-22]

CHR Extension: (MEGA) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2021-07-29]

CHR Extension: (Night Mode for Instagram) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkiiljdcpccihhoigelmohcfkehdnjej [2021-07-29]

CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-02-10]

CHR Extension: (AutoDraw for skribbl.io) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpnefockcbbpkbahgkkacjmebfheacjb [2021-02-18]

CHR Extension: (Tampermonkey) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2021-06-10]

CHR Extension: (Avast Passwords) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2020-02-11]

CHR Extension: (AdBlock – O melhor ad block) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-06-23]

CHR Extension: (Night Messenger) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjhnmilbfdehpgfcojlmmooknnkhgdmh [2020-06-30]

CHR Extension: (Pagamentos via Chrome Web Store) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]

CHR Extension: (SAG) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\piljlfgibadchadlhlcfoecfbpdeiemd [2021-02-04]

CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]

CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-21]

CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-03-17]

CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3 [2021-03-04]

CHR Extension: (Apresentações) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-03-17]

CHR Extension: (Documentos) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2020-03-17]

CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-03-03]

CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-03-17]

CHR Extension: (Folhas de cálculo) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-03-17]

CHR Extension: (Google Docs offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-03]

CHR Extension: (Avast Online Security) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gomekmidlodglbbmalcneegieacbdmki [2021-03-03]

CHR Extension: (Pagamentos via Chrome Web Store) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-03]

CHR Extension: (SAG) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\piljlfgibadchadlhlcfoecfbpdeiemd [2021-03-03]

CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-03-03]

CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-03]

CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\System Profile [2020-03-18]

CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]

CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]

StartMenuInternet: (HKU\S-1-5-21-2912089951-2960547922-1568280926-1001) Opera GXStable - "C:\Users\User\AppData\Local\Programs\Opera GX\Launcher.exe"

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1046904 2020-03-04] (Autodesk, Inc. -> Autodesk Inc.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [83984 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128 2019-01-22] (Adobe Systems Incorporated -> Adobe Inc.)

R2 AdskLicensingService; C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe [16926864 2019-08-08] (Autodesk, Inc. -> Autodesk)

R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3548360 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)

R2 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe [348280 2021-03-24] (ASUSTeK COMPUTER INC. -> ASUSTeK COMPUTER INC.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.02.06\atkexComSvc.exe [456008 2021-06-28] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)

R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-04-24] (ASUSTeK Computer Inc. -> ) [File not signed]

S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [168520 2021-01-22] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)

R2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [313008 2021-06-28] (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.)

R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.76\AsusFanControlService.exe [2061872 2019-04-09] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)

S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [168520 2021-01-22] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)

S2 AsusROGLSLService; C:\Program Files (x86)\ASUS\AsusROGLSLService\AsusROGLSLService.exe [590872 2021-01-22] (ASUSTeK Computer Inc. -> )

S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8249936 2021-06-28] (Avast Software s.r.o. -> AVAST Software)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [625432 2021-06-28] (Avast Software s.r.o. -> AVAST Software)

R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [373528 2021-06-28] (Avast Software s.r.o. -> AVAST Software)

R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-05-31] (Avast Software s.r.o. -> AVAST Software)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8901968 2021-06-12] (BattlEye Innovations e.K. -> )

R2 CleanupPSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [12414176 2021-03-11] (Avast Software s.r.o. -> AVAST Software)

R2 Ds3Service; C:\Users\User\Desktop\All\Programas\ScpServer\bin\ScpService.exe [381952 2014-04-02] (Scarlet.Crush Productions) [File not signed]

S3 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Custom\dts_apo_service.exe [26560 2017-10-13] (DTS, Inc. -> )

S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [781440 2021-07-04] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)

R2 Intel® PROSet Monitoring Service; C:\WINDOWS\system32\IProsetMonitor.exe [505856 2018-01-31] (Intel Corporation) [File not signed]

R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [3210232 2021-03-03] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)

R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7477704 2021-07-30] (Malwarebytes Inc -> Malwarebytes)

S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [359888 2018-02-23] (McAfee, Inc. -> McAfee, LLC)

R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [512976 2018-02-23] (McAfee, Inc. -> McAfee, LLC)

R2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [473040 2018-02-23] (McAfee, Inc. -> McAfee, LLC)

R2 nordvpn-service; C:\Program Files\NordVPN\nordvpn-service.exe [275200 2020-10-16] (TEFINCOM S.A. -> TEFINCOM S.A.)

S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2556048 2021-07-29] (Electronic Arts, Inc. -> Electronic Arts)

R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3474584 2021-07-29] (Electronic Arts, Inc. -> Electronic Arts)

S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2489176 2021-01-24] (Overwolf Ltd -> Overwolf LTD)

R2 Parsec; C:\Program Files\Parsec\pservice.exe [395968 2021-05-21] (Parsec Cloud, Inc. -> Parsec)

S3 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [99136 2020-10-06] (ProtonVPN AG -> )

S3 ProtonVPN Update Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe [61760 2020-10-06] (ProtonVPN AG -> )

R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [253776 2019-12-12] (Razer USA Ltd. -> Razer Inc)

R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [291056 2020-06-12] (Razer USA Ltd. -> Razer Inc.)

S3 Rockstar Service; E:\Jogos Rafa\Launcher\RockstarService.exe [1848624 2021-07-24] (Rockstar Games, Inc. -> Rockstar Games)

R2 ROG Live Service; C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe [5632232 2021-06-18] (ASUSTEK COMPUTER INCORPORATION -> ASUSTek COMPUTER INC.)

R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [532864 2020-06-06] (Razer USA Ltd. -> Razer Inc.)

R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [319320 2020-02-20] (Invincea, Inc. -> Sandboxie Holdings, LLC)

S3 SteelSeriesUpdateService; C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesUpdateService.exe [31568 2021-06-17] (SteelSeries ApS -> )

S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [147392 2019-05-01] (Microsoft Corporation -> Microsoft Corporation)

S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\NisSrv.exe [2665432 2021-07-12] (Microsoft Windows Publisher -> Microsoft Corporation)

S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MsMpEng.exe [136640 2021-07-12] (Microsoft Windows Publisher -> Microsoft Corporation)

S3 wpscloudsvr; C:\ProgramData\Kingsoft\office6\wpscloudsvr.exe [1666816 2021-07-12] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)

R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_9dda6a81a12e6ac4\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_9dda6a81a12e6ac4\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)

S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2017-12-26] (ASUSTeK Computer Inc. -> )

R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2017-...