Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-07-2019 01
Ran by Galeón (administrator) on DESKTOP-BJN8JE1 (ASUSTeK COMPUTER INC. K55VD) (18-07-2019 21:42:11)
Running from C:\Users\Galeón\Desktop
Loaded Profiles: Galeón (Available Profiles: Galeón)
Platform: Windows 10 Pro Version 1903 18362.239 (X64) Language: Español (España, internacional)
Default browser not detected!
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files\WindowsApps\microsoft.windows.photos_2019.19051.16210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() [File not signed] C:\Program Files\WindowsApps\microsoft.yourphone_1.19062.451.0_x64__8wekyb3d8bbwe\YourPhone.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG TuneUp\TuneupSvc.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG TuneUp\TuneupUI.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\avp.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\avpui.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\microsoft.windowsstore_11905.1001.4.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LsaIso.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vmcompute.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Opera Software AS -> Opera Software) C:\Users\Galeón\AppData\Local\Programs\Opera\62.0.3331.72\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Galeón\AppData\Local\Programs\Opera\62.0.3331.72\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Galeón\AppData\Local\Programs\Opera\62.0.3331.72\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Galeón\AppData\Local\Programs\Opera\62.0.3331.72\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Galeón\AppData\Local\Programs\Opera\62.0.3331.72\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Galeón\AppData\Local\Programs\Opera\62.0.3331.72\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Galeón\AppData\Local\Programs\Opera\62.0.3331.72\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Galeón\AppData\Local\Programs\Opera\62.0.3331.72\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Galeón\AppData\Local\Programs\Opera\62.0.3331.72\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Galeón\AppData\Local\Programs\Opera\62.0.3331.72\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Galeón\AppData\Local\Programs\Opera\62.0.3331.72\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Galeón\AppData\Local\Programs\Opera\62.0.3331.72\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Galeón\AppData\Local\Programs\Opera\62.0.3331.72\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Galeón\AppData\Local\Programs\Opera\62.0.3331.72\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Galeón\AppData\Local\Programs\Opera\62.0.3331.72\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Galeón\AppData\Local\Programs\Opera\62.0.3331.72\opera_crashreporter.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Samsung Electronics Co., Ltd. -> Samsung Electronics Co. Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe
(Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
(Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Windows\System32\RAPID\SamsungRapidSvc.exe
Failed to access process -> vmmem
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SamsungRapidApp] => C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [124000 2018-06-20] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-3614753453-3577306082-2466023204-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [23153344 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.142\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVG TuneUp.lnk [2019-07-17]
ShortcutTarget: AVG TuneUp.lnk -> C:\Program Files (x86)\AVG\AVG TuneUp\TuneupUI.exe (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {13DE86F8-3159-440B-AFDA-734F78F6D322} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-17] (Google Inc -> Google LLC)
Task: {2CDFD1FC-3865-4DAA-AE6F-EB3FDFF81398} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-17] (Google Inc -> Google LLC)
Task: {3205ECCE-3BFF-4D8F-BD4D-C72B2BD77AEA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner64.exe [23153344 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {780F1E11-12EE-4112-A2E6-C6E14A1E8B97} - System32\Tasks\Opera scheduled Autoupdate 1563437851 => C:\Users\Galeón\AppData\Local\Programs\Opera\launcher.exe [1519640 2019-07-11] (Opera Software AS -> Opera Software)
Task: {964F4B48-44CF-4DCC-AA98-E637BB442A6E} - System32\Tasks\Microsoft\Windows\RetailDemo\CleanupOfflineContent => {61f77d5e-afe9-400b-a5e6-e9e80fc8e601} C:\Windows\System32\RDXTaskFactory.dll [415744 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Task: {9E2486D6-2396-4A59-A241-44088EB1CB69} - System32\Tasks\AVG TuneUp Update => C:\Program Files (x86)\AVG\AVG TuneUp\TUNEUpdate.exe [1706528 2019-07-17] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {D171218D-C44D-4FDA-B503-02ED4179FF96} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [1146000 2019-03-14] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co. Ltd.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 80.58.61.250 80.58.61.254
Tcpip\..\Interfaces\{f6e520cb-4e5b-4da8-a1f1-dfef513259e6}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{f6e520cb-4e5b-4da8-a1f1-dfef513259e6}: [DhcpNameServer] 80.58.61.250 80.58.61.254
Internet Explorer:
==================
FireFox:
========
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\FFExt\light_plugin_firefox\addon.xpi [2019-07-17]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-07-17] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-07-17] (Google Inc -> Google LLC)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AVP19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\avp.exe [619640 2018-02-28] (Kaspersky Lab -> AO Kaspersky Lab)
R2 CleanupPSvc; C:\Program Files (x86)\AVG\AVG TuneUp\TuneupSvc.exe [10300120 2019-07-17] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 CmService; C:\WINDOWS\System32\CmService.dll [815632 2019-07-18] (Microsoft Windows -> Microsoft Corporation)
S4 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [40016 2019-07-01] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
S3 gcs; C:\WINDOWS\system32\vmcomputeagent.exe [1381176 2019-07-18] (Microsoft Windows -> Microsoft Corporation)
R3 hns; C:\WINDOWS\System32\HostNetSvc.dll [3380224 2019-07-18] (Microsoft Windows -> Microsoft Corporation)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [316760 2019-06-15] (Intel(R) pGFX -> Intel Corporation)
S3 klvssbridge64_19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\vssbridge64.exe [414352 2019-07-17] (Kaspersky Lab -> AO Kaspersky Lab)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R3 nvagent; C:\WINDOWS\System32\NvAgent.dll [41992 2019-07-18] (Microsoft Windows -> Microsoft Corporation)
R2 SamsungRapidSvc; C:\WINDOWS\System32\RAPID\SamsungRapidSvc.exe [29280 2018-06-20] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5773384 2019-07-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 vmcompute; C:\WINDOWS\system32\vmcompute.exe [3488568 2019-07-18] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AsusTP; C:\WINDOWS\System32\drivers\AsusTP.sys [110544 2017-12-12] (ASUSTeK Computer Inc. -> ASUS Corporation)
R3 athr; C:\WINDOWS\System32\drivers\athw10x.sys [4321160 2019-07-17] (Qualcomm Atheros -> Qualcomm Atheros Communications, Inc.)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [243400 2018-01-27] (Kaspersky Lab -> AO Kaspersky Lab)
R0 EUBAKUP; C:\WINDOWS\System32\drivers\eubakup.sys [73448 2018-10-08] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
R0 EUBKMON; C:\WINDOWS\System32\drivers\EUBKMON.sys [53504 2018-10-08] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 EUDSKACS; C:\WINDOWS\system32\drivers\eudskacs.sys [22784 2018-10-08] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
R1 EUFDDISK; C:\WINDOWS\system32\drivers\EuFdDisk.sys [341760 2018-10-08] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [34232 2019-01-16] (ASUSTek Computer Inc. -> ASUS)
R3 hvsocketcontrol; C:\WINDOWS\system32\drivers\hvsocketcontrol.sys [36368 2019-07-18] (Microsoft Windows -> Microsoft Corporation)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [75600 2019-07-17] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [125568 2019-07-17] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [91472 2019-07-17] (Kaspersky Lab -> AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [29208 2017-03-30] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [236672 2019-07-17] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [1093248 2019-07-17] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klids; C:\ProgramData\Kaspersky Lab\AVP19.0.0\Bases\klids.sys [197760 2019-07-18] (Kaspersky Lab -> AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1168000 2019-07-17] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [58704 2019-07-17] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [60536 2019-07-17] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [60784 2019-07-17] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [50304 2019-07-17] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [46416 2019-07-17] (Kaspersky Lab -> AO Kaspersky Lab)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [245272 2019-07-17] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [99152 2019-07-17] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [302368 2019-07-17] (Kaspersky Lab -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [116104 2019-07-17] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [198768 2019-07-17] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [104576 2019-07-17] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [184960 2019-07-17] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [218240 2019-07-17] (Kaspersky Lab -> AO Kaspersky Lab)
S3 l2bridge; C:\WINDOWS\System32\drivers\l2bridge.sys [58384 2019-07-18] (Microsoft Windows -> Microsoft Corporation)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_disp.inf_amd64_1474122a0ce2f241\nvlddmkm.sys [17544792 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
R0 nvpciflt; C:\WINDOWS\System32\DriverStore\FileRepository\nv_disp.inf_amd64_1474122a0ce2f241\nvpciflt.sys [48480 2019-06-18] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1154336 2019-07-17] (Realtek Semiconductor Corp. -> Realtek )
R0 SamsungRapidDiskFltr; C:\WINDOWS\System32\DRIVERS\SamsungRapidDiskFltr.sys [288864 2018-06-28] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\WINDOWS\System32\DRIVERS\SamsungRapidFSFltr.sys [119400 2018-06-28] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 VfpExt; C:\WINDOWS\System32\drivers\vfpext.sys [1409024 2019-07-18] (Microsoft Windows -> Microsoft Corporation)
R0 VMSNPXY; C:\WINDOWS\System32\drivers\VmsProxyHNic.sys [39952 2019-07-18] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
NETSVC: hns -> C:\Windows\System32\HostNetSvc.dll (Microsoft Corporation)
NETSVC: nvagent -> C:\Windows\System32\NvAgent.dll (Microsoft Corporation)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-07-18 21:42 - 2019-07-18 21:42 - 000019006 _____ C:\Users\Galeón\Desktop\FRST.txt
2019-07-18 21:29 - 2019-07-18 21:29 - 000001093 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2019-07-18 21:29 - 2019-07-18 21:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2019-07-18 21:29 - 2019-07-18 21:29 - 000000000 ____D C:\Program Files\VS Revo Group
2019-07-18 21:26 - 2019-07-18 21:26 - 000000102 _____ C:\Users\Galeón\Desktop\Infectado por Malware Adware.MailRu.BatBitRst - Eliminar Malwares - ForoSpyware.url
2019-07-18 21:16 - 2019-07-18 21:16 - 002095104 _____ (Farbar) C:\Users\Galeón\Desktop\FRST64.exe
2019-07-18 19:06 - 2019-07-18 19:12 - 000000000 ___RD C:\Users\Galeón\Desktop\Folderico
2019-07-18 18:59 - 2019-07-18 18:59 - 000000000 ____D C:\ProgramData\Teorex
2019-07-18 18:59 - 2019-07-18 18:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FolderIco
2019-07-18 18:59 - 2019-07-18 18:59 - 000000000 ____D C:\Program Files\FolderIco
2019-07-18 18:57 - 2019-07-18 18:57 - 011145960 _____ (teorex ) C:\Users\Galeón\Downloads\FolderIcoSetup.exe
2019-07-18 17:01 - 2019-07-18 17:01 - 000000000 ____D C:\Users\Galeón\AppData\Local\CrystalDiskMark
2019-07-18 16:22 - 2019-07-18 16:22 - 000295656 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-07-18 16:02 - 2019-07-18 16:02 - 000000255 _____ C:\DelFix.txt
2019-07-18 16:02 - 2019-07-18 16:02 - 000000000 ____D C:\WINDOWS\ERUNT
2019-07-18 15:59 - 2019-07-18 15:59 - 000797760 _____ C:\Users\Galeón\Downloads\delfix.exe
2019-07-18 14:54 - 2019-07-18 14:54 - 000000000 ____D C:\Users\Galeón\Intel
2019-07-18 10:38 - 2019-07-18 10:38 - 000000781 _____ C:\Users\Galeón\Desktop\Descargas - Acceso directo.lnk
2019-07-18 10:37 - 2019-07-18 10:37 - 000004096 ___SH C:\{FEFD8B6B-00C7-4B53-AA90-70C9B82492C1}.CBM
2019-07-18 10:34 - 2019-07-18 10:34 - 000287744 ___SH C:\EUMONBMP.SYS
2019-07-18 10:34 - 2019-07-18 10:34 - 000000000 ____D C:\WINDOWS\system32\config\regsave
2019-07-18 10:32 - 2019-07-18 10:32 - 000000000 ____D C:\Users\Galeón\.QtWebEngineProcess
2019-07-18 10:32 - 2019-07-18 10:32 - 000000000 ____D C:\Users\Galeón\.AdvertisingPopup
2019-07-18 10:22 - 2019-07-18 10:22 - 000000000 ____D C:\WINDOWS\system32\RAPID
2019-07-18 10:22 - 2018-06-28 01:38 - 000288864 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\SamsungRapidDiskFltr.sys
2019-07-18 10:20 - 2019-07-18 10:21 - 000000000 ____D C:\Program Files (x86)\Samsung
2019-07-18 10:20 - 2019-07-18 10:20 - 000003354 _____ C:\WINDOWS\System32\Tasks\SamsungMagician
2019-07-18 10:20 - 2019-07-18 10:20 - 000000000 ____D C:\ProgramData\Samsung
2019-07-18 10:20 - 2019-07-18 10:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
2019-07-18 10:17 - 2019-07-18 10:18 - 000004222 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1563437851
2019-07-18 10:17 - 2019-07-18 10:18 - 000001480 _____ C:\Users\Galeón\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navegador Opera.lnk
2019-07-18 10:17 - 2019-07-18 10:17 - 000000000 ____D C:\Users\Galeón\AppData\Roaming\Opera Software
2019-07-18 10:17 - 2019-07-18 10:17 - 000000000 ____D C:\Users\Galeón\AppData\Local\Opera Software
2019-07-18 10:15 - 2019-07-18 16:19 - 000000032 _____ C:\WINDOWS\SysWOW64\Eu(12-20190422).OD
2019-07-18 10:15 - 2019-07-18 10:15 - 000000000 ____D C:\ProgramData\SystemAcCrux
2019-07-18 10:14 - 2019-07-18 10:14 - 000001426 _____ C:\Users\Public\Desktop\EaseUS Todo Backup Home 11.5.lnk
2019-07-18 10:14 - 2019-07-18 10:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Todo Backup 11.5
2019-07-18 10:14 - 2018-10-08 17:17 - 000341760 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\WINDOWS\system32\Drivers\EuFdDisk.sys
2019-07-18 10:14 - 2018-10-08 17:17 - 000073448 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\WINDOWS\system32\Drivers\eubakup.sys
2019-07-18 10:14 - 2018-10-08 17:17 - 000053504 _____ C:\WINDOWS\system32\Drivers\EUBKMON.sys
2019-07-18 10:14 - 2018-10-08 17:17 - 000022784 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\WINDOWS\system32\Drivers\eudskacs.sys
2019-07-18 10:13 - 2019-07-18 10:13 - 000000000 ____D C:\Program Files (x86)\EaseUS
2019-07-18 10:13 - 2019-04-22 16:55 - 000026192 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\WINDOWS\system32\fbnative.exe
2019-07-18 09:59 - 2019-07-18 09:59 - 000480176 _____ (Intel(R) Corporation) C:\WINDOWS\system32\Drivers\IntcDAud.sys
2019-07-18 09:56 - 2019-07-18 09:57 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2019-07-18 09:56 - 2019-07-18 09:56 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2019-07-18 09:45 - 2019-07-18 09:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Easy
2019-07-18 09:44 - 2019-07-18 09:44 - 005074168 _____ (Easeware ) C:\Users\Galeón\Downloads\DriverEasy_Setup.exe
2019-07-18 09:43 - 2019-07-18 09:43 - 000000000 ____D C:\Users\Galeón\AppData\Roaming\Easeware
2019-07-18 09:40 - 2019-07-18 09:52 - 000018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2019-07-18 09:40 - 2019-07-18 09:40 - 000063096 _____ (Logitech, Inc.) C:\WINDOWS\system32\LMouFiltCoInst.dll
2019-07-18 09:39 - 2019-07-18 09:40 - 001854072 _____ (Logitech, Inc.) C:\WINDOWS\system32\LkmdfCoInst.dll
2019-07-18 09:39 - 2019-07-18 09:39 - 000086648 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LHidFilt.Sys
2019-07-18 09:39 - 2019-07-18 09:39 - 000069240 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LMouFilt.Sys
2019-07-18 09:39 - 2019-07-18 09:39 - 000048080 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\ICCWDT.sys
2019-07-18 09:35 - 2019-07-18 09:35 - 000632168 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaStorA.sys
2019-07-18 09:31 - 2019-07-18 09:45 - 000001026 _____ C:\Users\Public\Desktop\Driver Easy.lnk
2019-07-18 09:31 - 2019-07-18 09:31 - 000000000 ____D C:\Program Files\Easeware
2019-07-18 09:30 - 2019-07-18 09:30 - 000000000 ____D C:\WINDOWS\system32\Drivers\etc\BACKUP
2019-07-18 09:25 - 2019-07-18 09:25 - 000000000 ____D C:\Users\Galeón\AppData\Roaming\Obsidium
2019-07-18 09:09 - 2019-07-18 09:09 - 000000599 _____ C:\Users\Galeón\Downloads\Auto Generated Inline Image 1
2019-07-18 04:36 - 2019-07-18 04:36 - 000002894 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-07-18 04:31 - 2019-07-18 04:31 - 000000877 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-07-18 04:31 - 2019-07-18 04:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-07-18 04:31 - 2019-07-18 04:31 - 000000000 ____D C:\Program Files\CCleaner
2019-07-18 04:29 - 2019-07-18 04:29 - 000000000 ____D C:\Users\Galeón\Downloads\CC-PRO-5.60 [MXN9]
2019-07-18 04:24 - 2019-07-18 04:24 - 014701230 _____ C:\Users\Galeón\Downloads\CC-PRO-5.60 [MXN9].rar
2019-07-18 03:52 - 2019-07-18 03:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandizip
2019-07-18 03:52 - 2019-07-18 03:52 - 000000000 ____D C:\Program Files\Bandizip
2019-07-18 03:51 - 2019-07-18 03:51 - 006547368 _____ (Bandisoft) C:\Users\Galeón\Downloads\BANDIZIP-SETUP v6.24.EXE
2019-07-18 03:48 - 2019-07-18 18:35 - 000001899 _____ C:\Users\Galeón\Desktop\CrystalDiskMark 6.lnk
2019-07-18 03:48 - 2019-07-18 03:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskMark6
2019-07-18 03:48 - 2019-07-18 03:48 - 000000000 ____D C:\Program Files\CrystalDiskMark6
2019-07-18 03:25 - 2019-07-18 21:42 - 000000000 ____D C:\FRST
2019-07-18 03:13 - 2019-07-18 15:14 - 000000000 ____D C:\Users\Galeón\AppData\Local\D3DSCache
2019-07-18 02:39 - 2019-07-18 19:20 - 000001134 _____ C:\WINDOWS\system32\config\VSMIDK
2019-07-18 02:39 - 2019-07-18 02:39 - 000000000 ___SD C:\WINDOWS\system32\containers
2019-07-18 01:41 - 2019-07-18 01:41 - 001790024 _____ (Malwarebytes) C:\Users\Galeón\Downloads\JRT.exe
2019-07-18 01:17 - 2019-07-18 01:19 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-07-18 01:17 - 2019-07-18 01:17 - 136618864 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-07-17 22:35 - 2019-07-18 02:17 - 000000000 ____D C:\ProgramData\AVG
2019-07-17 22:35 - 2019-07-18 02:17 - 000000000 ____D C:\Program Files (x86)\AVG
2019-07-17 22:35 - 2019-07-17 22:35 - 000003972 _____ C:\WINDOWS\System32\Tasks\AVG TuneUp Update
2019-07-17 22:35 - 2019-07-17 22:35 - 000001202 _____ C:\Users\Public\Desktop\AVG TuneUp.lnk
2019-07-17 22:35 - 2019-07-17 22:35 - 000000000 ____D C:\Users\Galeón\AppData\Roaming\AVG
2019-07-17 22:35 - 2019-07-17 22:35 - 000000000 ____D C:\Users\Galeón\AppData\Local\CEF
2019-07-17 22:35 - 2019-07-17 22:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Technologies
2019-07-17 22:28 - 2019-07-18 20:33 - 000000000 ____D C:\Users\Galeón\AppData\LocalLow\Mozilla
2019-07-17 22:28 - 2019-07-17 22:28 - 000000927 _____ C:\Users\Galeón\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2019-07-17 22:28 - 2019-07-17 22:28 - 000000879 _____ C:\Users\Galeón\Desktop\Start Tor Browser.lnk
2019-07-17 22:27 - 2019-07-17 22:32 - 000000000 ___RD C:\Users\Galeón\Desktop\Tor Browser
2019-07-17 22:25 - 2019-07-11 03:16 - 057613696 _____ C:\Users\Galeón\torbrowser-install-win64-8.5.4_es-ES.exe
2019-07-17 22:07 - 2019-07-18 18:35 - 000002284 _____ C:\Users\Galeón\Desktop\WhatsApp.lnk
2019-07-17 22:07 - 2019-07-17 22:09 - 000000000 ____D C:\Users\Galeón\AppData\Roaming\WhatsApp
2019-07-17 22:07 - 2019-07-17 22:07 - 000000000 ____D C:\Users\Galeón\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2019-07-17 22:07 - 2019-07-17 22:07 - 000000000 ____D C:\Users\Galeón\AppData\Local\WhatsApp
2019-07-17 22:06 - 2019-07-17 22:07 - 000000000 ____D C:\Users\Galeón\AppData\Local\SquirrelTemp
2019-07-17 21:57 - 2019-07-17 21:57 - 000000000 ____D C:\Users\Galeón\AppData\Roaming\OpenOffice
2019-07-17 21:56 - 2019-07-17 21:56 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.6
2019-07-17 21:56 - 2019-07-17 21:56 - 000000000 ____D C:\Program Files (x86)\OpenOffice 4
2019-07-17 21:53 - 2019-07-17 21:54 - 130827497 _____ C:\Users\Galeón\Downloads\Apache_OpenOffice_4.1.6_Win_x86_install_es (1).exe
2019-07-17 21:53 - 2019-07-17 21:54 - 012435726 _____ C:\Users\Galeón\Downloads\Apache_OpenOffice_4.1.6_Win_x86_langpack_es.exe
2019-07-17 20:03 - 2019-07-18 21:34 - 000000000 ____D C:\Users\Galeón\AppData\Local\Google
2019-07-17 20:03 - 2019-07-18 21:34 - 000000000 ____D C:\Program Files (x86)\Google
2019-07-17 20:03 - 2019-07-17 20:03 - 000003620 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-07-17 20:03 - 2019-07-17 20:03 - 000003496 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-07-17 18:40 - 2019-07-17 18:40 - 000000000 ____D C:\Users\Galeón\AppData\Local\PeerDistRepub
2019-07-17 18:35 - 2019-07-17 18:35 - 000302368 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys
2019-07-17 18:33 - 2019-07-17 18:33 - 000245272 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
2019-07-17 18:33 - 2019-07-17 18:33 - 000198768 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys
2019-07-17 18:33 - 2019-07-17 18:33 - 000116104 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys
2019-07-17 18:33 - 2019-07-17 18:33 - 000099152 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_kimul.sys
2019-07-17 18:33 - 2019-07-17 18:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2019-07-17 18:33 - 2019-07-17 18:33 - 000000000 ____D C:\Program Files\Common Files\AV
2019-07-17 18:32 - 2019-07-18 21:32 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2019-07-17 18:32 - 2019-07-17 18:49 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2019-07-17 18:32 - 2019-07-17 18:34 - 001168000 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
2019-07-17 18:32 - 2019-07-17 18:34 - 000236672 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klflt.sys
2019-07-17 18:32 - 2013-05-06 08:13 - 000110176 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\klfphc.dll
2019-07-17 18:28 - 2019-07-17 18:31 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-07-17 18:28 - 2019-07-17 18:28 - 000000000 ____D C:\Users\Galeón\AppData\Local\mbamtray
2019-07-17 18:28 - 2019-07-17 18:28 - 000000000 ____D C:\Users\Galeón\AppData\Local\mbam
2019-07-17 18:28 - 2019-07-17 18:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-07-17 18:28 - 2019-07-17 18:28 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-07-17 18:28 - 2019-07-17 18:28 - 000000000 ____D C:\Program Files\Malwarebytes
2019-07-17 18:28 - 2019-02-01 11:20 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-07-17 18:27 - 2019-07-18 01:55 - 000000000 ____D C:\WINDOWS\Panther
2019-07-17 18:26 - 2019-07-17 18:26 - 000000000 ____D C:\ProgramData\SetupTPDriver
2019-07-17 18:25 - 2019-07-18 19:26 - 000753744 _____ C:\WINDOWS\system32\perfh00A.dat
2019-07-17 18:25 - 2019-07-18 19:26 - 000148288 _____ C:\WINDOWS\system32\perfc00A.dat
2019-07-17 18:25 - 2019-07-17 18:25 - 000346834 _____ C:\WINDOWS\system32\perfi00A.dat
2019-07-17 18:25 - 2019-07-17 18:25 - 000043954 _____ C:\WINDOWS\system32\perfd00A.dat
2019-07-17 18:25 - 2019-07-17 18:25 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2019-07-17 18:25 - 2019-07-17 18:25 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2019-07-17 18:25 - 2019-07-17 18:25 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2019-07-17 18:25 - 2019-07-17 18:25 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep
2019-07-17 18:25 - 2019-07-17 18:25 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2019-07-17 18:25 - 2019-07-17 18:25 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2019-07-17 18:25 - 2019-07-17 18:25 - 000000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
2019-07-17 18:25 - 2019-07-17 18:25 - 000000000 ____D C:\WINDOWS\SysWOW64\es
2019-07-17 18:25 - 2019-07-17 18:25 - 000000000 ____D C:\WINDOWS\SysWOW64\0409
2019-07-17 18:25 - 2019-07-17 18:25 - 000000000 ____D C:\WINDOWS\system32\winrm
2019-07-17 18:25 - 2019-07-17 18:25 - 000000000 ____D C:\WINDOWS\system32\WCN
2019-07-17 18:25 - 2019-07-17 18:25 - 000000000 ____D C:\WINDOWS\system32\slmgr
2019-07-17 18:25 - 2019-07-17 18:25 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2019-07-17 18:25 - 2019-07-17 18:25 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2019-07-17 18:25 - 2019-07-17 18:25 - 000000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2019-07-17 18:25 - 2019-07-17 18:25 - 000000000 ____D C:\WINDOWS\system32\es
2019-07-17 18:25 - 2019-07-17 18:25 - 000000000 ____D C:\WINDOWS\system32\0409
2019-07-17 18:25 - 2019-07-17 18:25 - 000000000 ____D C:\WINDOWS\Setup
2019-07-17 18:25 - 2019-07-17 18:25 - 000000000 ____D C:\WINDOWS\OCR
2019-07-17 18:25 - 2019-07-17 18:25 - 000000000 ____D C:\WINDOWS\DigitalLocker
2019-07-17 18:25 - 2019-07-17 18:25 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2019-07-17 18:24 - 2019-07-09 03:51 - 000835688 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-07-17 18:24 - 2019-07-09 03:51 - 000179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-07-17 18:23 - 2019-07-18 20:13 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-07-17 18:23 - 2019-07-18 19:37 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-07-17 18:23 - 2019-07-18 10:20 - 000000000 ___RD C:\Program Files (x86)
2019-07-17 18:23 - 2019-07-18 03:09 - 000000000 ____D C:\WINDOWS\appcompat