CreateRestorePoint:
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
ShortcutTarget: Dropbox.lnk -> C:\Users\Sofiaa\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)
ShortcutTarget: Dropbox.lnk -> C:\Users\Sofiaa\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)
GroupPolicy\User: Restriction <==== ATTENTION
BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> C:\Program Files (x86)\Arc\plugins\ArcPluginIE.dll => No File
Handler: WSWSVCUchrome - No CLSID Value
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> C:\Program Files (x86)\Arc\plugins\npArcPluginFF.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [No File]
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
S4 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [X]
S3 DrvAgent64; \??\C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [X]
S3 MBfilt; system32\drivers\MBfilt64.sys [X]
S3 NTIOLib_1_0_4; \??\C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [X]
S3 VBAudioVMVAIOMME; system32\DRIVERS\vbaudio_vmvaio64_win7.sys [X]
S3 WacHidRouterPro; system32\DRIVERS\wachidrouter.sys [X]
S3 wacomrouterfilter; system32\DRIVERS\wacomrouterfilter.sys [X]
2018-04-09 15:31 - 2018-04-09 15:32 - 000000000 ____D C:\Users\Familia Silva\Desktop\keygen
2018-04-09 15:31 - 2018-04-09 15:32 - 000000000 ____D C:\Users\Familia Silva\Desktop\Image-Line FL Studio Producer Edition 12.5.1 Build 5 + Patch [SadeemPC]
2018-04-09 15:26 - 2018-04-09 15:27 - 000068720 _____ C:\Users\Sofiaa\Desktop\untitled.flp
2018-04-09 15:26 - 2018-04-09 15:26 - 000068720 _____ C:\Users\Sofiaa\Desktop\q3we.flp
2018-04-09 15:10 - 2018-04-09 15:34 - 000002004 _____ C:\Users\Public\Desktop\FL Studio 12 (64bit).lnk
2018-04-09 15:10 - 2018-04-09 15:34 - 000001988 _____ C:\Users\Public\Desktop\FL Studio 12.lnk
2018-04-09 15:10 - 2018-04-09 15:10 - 000000000 ____D C:\Users\Familia Silva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2018-04-09 15:10 - 2018-04-09 15:10 - 000000000 ____D C:\Users\Familia Silva\AppData\Roaming\Image-Line
2018-03-25 12:01 - 2018-03-25 22:46 - 000000004 _____ C:\ProgramData\lock.dat
2018-03-25 12:01 - 2018-03-25 14:34 - 000000008 _____ C:\ProgramData\rwi.jhad
2018-03-25 11:33 - 2018-03-25 11:33 - 000000000 ____D C:\Users\Sofiaa\AppData\Roaming\WidModule
2018-03-25 11:31 - 2018-04-15 18:08 - 000000280 ____H C:\Windows\Tasks\{09EFC5AB-D230-AB81-74D2-4D2309EFC5AB}.job
2018-03-25 11:31 - 2018-03-25 22:48 - 000000000 ____D C:\ProgramData\dahjService
2018-03-25 11:31 - 2018-03-25 11:31 - 000003642 _____ C:\Windows\System32\Tasks\{DA409434-5703-FFF2-6EF2-C96686C95FC8}
2018-03-25 11:31 - 2018-03-25 11:31 - 000003476 _____ C:\Windows\System32\Tasks\{312B53AD-E943-9D18-CF8F-B118EE1C3B74}
2018-03-25 11:31 - 2018-03-25 11:31 - 000000003 _____ C:\Users\Sofiaa\AppData\Local\wbem.ini
2018-03-25 11:29 - 2018-03-25 11:29 - 000000000 ____D C:\Users\Sofiaa\AppData\Roaming\Lavasoft
2018-03-25 11:29 - 2018-03-25 11:29 - 000000000 ____D C:\Users\Sofiaa\AppData\Local\Lavasoft
2018-03-25 11:29 - 2018-03-25 11:29 - 000000000 ____D C:\ProgramData\Lavasoft
2018-03-25 11:29 - 2018-03-25 11:29 - 000000000 ____D C:\Program Files (x86)\Lavasoft
1623-04-04 11:37 - 1623-04-04 11:37 - 000073216 ____N (Microsoft Corporation) C:\Users\Sofiaa\AppData\Roaming\niZHaUI.exe
1623-04-04 11:37 - 1623-04-04 11:37 - 000186368 ____N (Microsoft Corporation) C:\Users\Sofiaa\AppData\Roaming\rCEajDayOvQ.exe
CustomCLSID: HKU\S-1-5-21-1268683879-3191997658-603331031-1023_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Common Files\Autodesk Shared\DirectConnect2015 (64-bit)\bin\Aruba\Inventor Server\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-1268683879-3191997658-603331031-1023_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Common Files\Autodesk Shared\DirectConnect2015 (64-bit)\bin\Aruba\Inventor Server\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-1268683879-3191997658-603331031-1023_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Common Files\Autodesk Shared\DirectConnect2015 (64-bit)\bin\Aruba\Inventor Server\Bin\TestServer.dll => No File
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  -> No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  -> No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  -> No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  -> No File
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  -> No File
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  -> No File
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Users\Sofiaa\Desktop\Notepad++\NppShell_06.dll -> No File
Task: {3073252B-F0A6-4A54-BB02-15451E7214A1} - \{09EFC5AB-D230-AB81-74D2-4D2309EFC5AB} -> No File <==== ATTENTION
Task: {59BCBE78-917D-4846-8829-4E33C36C529C} - System32\Tasks\{312B53AD-E943-9D18-CF8F-B118EE1C3B74} => C:\Users\Sofiaa\AppData\Roaming\niZHaUI.exe [1623-04-04] (Microsoft Corporation) <==== ATTENTION
Task: {F4D3DA7E-C319-4BB0-A762-63164B22F620} - System32\Tasks\{DA409434-5703-FFF2-6EF2-C96686C95FC8} => C:\Windows\SysWOW64\PfeUpEF.exe [1623-04-04] (Microsoft Corporation)
MSCONFIG\startupreg: Web Companion => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
FirewallRules: [{D0916C3F-08C2-4F63-8D0D-57A67788CA43}] => (Allow) C:\Program Files (x86)\Yeahseed\Application\chrome.exe
C:\Program Files (x86)\Yeahseed
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state on
Hosts:
EmptyTemp: