Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10.10.2018 Ran by Antonio (administrator) on PCANTONIO (15-10-2018 17:43:12) Running from C:\Users\Antonio\Downloads Loaded Profiles: Antonio (Available Profiles: Antonio & SANDRA & CLAUDIA & ARACELI) Platform: Windows 8.1 Enterprise (Update) (X64) Language: Español (España, internacional) Internet Explorer Version 11 (Default browser: "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" -- "%1") Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe () C:\Windows\SysWOW64\ASGT.exe (AVerMedia) C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe () C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe (AVerMedia TECHNOLOGIES, Inc.) C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe () C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe (Nero AG) C:\Program Files (x86)\Nero\Nero 2018\Nero BackItUp\NBService.exe (Nitro Software, Inc.) C:\Program Files\Nitro\Pro 11\NitroPDFDriverService11x64.exe () C:\Program Files\Nitro\Pro 11\Nitro_UpdateService.exe (arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe () C:\Program Files (x86)\Photodex\ProShow Producer\scsiaccess.exe (AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler.exe (AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler64.exe (CyberLink) C:\Program Files\CyberLink\Shared files\RichVideo64.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe (CyberLink Corp.) C:\Program Files\CyberLink\PowerDirector16\PDRStyleAgent.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe () C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\CNext\CCCSlim\MOM.exe (Sony Corporation) C:\Program Files (x86)\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\CNext\CCCSlim\CCC.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-08-30] (AVAST Software) HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [652624 2007-10-25] (CANON INC.) HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [1840720 2007-09-13] (CANON INC.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2670056 2018-09-10] (Adobe Systems, Incorporated) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-12-13] (Realtek Semiconductor) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-09-20] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Nero BackItUp] => C:\Program Files (x86)\Nero\Nero 2018\Nero BackItup\BackItUp.exe [1164664 2017-09-12] (Nero AG) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1871344 2018-09-20] (Adobe Systems Inc.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-07-07] (Oracle Corporation) HKU\S-1-5-21-1492494534-3052034158-2930290983-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [44016 2018-02-02] (Glarysoft Ltd) HKU\S-1-5-21-1492494534-3052034158-2930290983-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4836032 2017-08-14] (Disc Soft Ltd) HKU\S-1-5-21-1492494534-3052034158-2930290983-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\system32\StikyNot.exe [479744 2014-11-21] (Microsoft Corporation) HKU\S-1-5-21-1492494534-3052034158-2930290983-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18594760 2018-09-19] (Piriform Ltd) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVer HID Receiver.lnk [2017-12-06] ShortcutTarget: AVer HID Receiver.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVerQuick.lnk [2017-12-06] ShortcutTarget: AVerQuick.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe (AVerMedia TECHNOLOGIES, Inc.) Startup: C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Herramienta de búsqueda de soportes de PMB.lnk [2017-12-06] ShortcutTarget: Herramienta de búsqueda de soportes de PMB.lnk -> C:\Program Files (x86)\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe (Sony Corporation) BootExecute: autocheck autochk * ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{D7FB5DE6-8084-4520-A659-E95B2440C89D}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKU\S-1-5-21-1492494534-3052034158-2930290983-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-es/?ocid=iehp SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-10-11] (Microsoft Corporation) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-12-06] (Google Inc.) BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-11-04] (Adobe Systems Incorporated) BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-11-04] (Adobe Systems Incorporated) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\ssv.dll [2018-07-20] (Oracle Corporation) BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2017-12-06] (Google Inc.) BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-11-04] (Adobe Systems Incorporated) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-07-20] (Oracle Corporation) BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-11-04] (Adobe Systems Incorporated) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-12-06] (Google Inc.) Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-11-04] (Adobe Systems Incorporated) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2017-12-06] (Google Inc.) Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-11-04] (Adobe Systems Incorporated) Toolbar: HKU\S-1-5-21-1492494534-3052034158-2930290983-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-12-06] (Google Inc.) DPF: HKLM-x32 {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} hxxp://download.gigabyte.com.tw/object/Dldrv.ocx Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-04] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-04] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-04] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-04] (Microsoft Corporation) StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF DefaultProfile: 5lcoj2jk.default-1521276150882 FF ProfilePath: C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\5lcoj2jk.default-1521276150882 [2018-10-15] FF Homepage: Mozilla\Firefox\Profiles\5lcoj2jk.default-1521276150882 -> hxxps://www.malwarebytes.org/restorebrowser/ FF Extension: (AdBlock) - C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\5lcoj2jk.default-1521276150882\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2018-10-13] FF Extension: (OSI: Servicio AntiBotnet) - C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\5lcoj2jk.default-1521276150882\Extensions\servicioantibotnet@osi.es.xpi [2018-09-01] FF Extension: (Avast Online Security) - C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\5lcoj2jk.default-1521276150882\Extensions\wrc@avast.com.xpi [2018-10-13] FF Extension: (Malwarebytes Browser Extension) - C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\5lcoj2jk.default-1521276150882\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2018-09-29] FF Extension: (Video DownloadHelper) - C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\5lcoj2jk.default-1521276150882\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2018-09-07] FF Extension: (Telemetry coverage) - C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\5lcoj2jk.default-1521276150882\features\{b1381698-e6b8-4534-b6c2-13f04ead2ed1}\telemetry-coverage-bug1487578@mozilla.org.xpi [2018-10-13] [Legacy] FF SearchPlugin: C:\Users\Antonio\AppData\Roaming\Mozilla\Firefox\Profiles\5lcoj2jk.default-1521276150882\searchplugins\bing-lavasoft-ff59.xml [2018-05-12] FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2018-09-20] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-04] ( Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-09-20] (Adobe Systems) FF Plugin-x32: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-07-20] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-07-20] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-09-10] (Microsoft Corporation) FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 11\npnitromozilla.dll [2017-03-09] (Nitro PDF) FF Plugin-x32: @photodex.com/PhotodexPresenter -> C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll [2017-12-09] ( ) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2018-09-20] (Adobe Systems Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-09-20] (Adobe Systems) Chrome: ======= CHR Profile: C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default [2018-10-15] CHR Extension: (Presentaciones) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-03-17] CHR Extension: (Documentos) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-03-17] CHR Extension: (Google Drive) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-03-17] CHR Extension: (Pop up blocker for Chrome™ - Poper Blocker) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2018-05-14] CHR Extension: (YouTube) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-03-17] CHR Extension: (Dog and Cat) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\elnglhfdppjbphpefmijnblkjibihhbo [2018-09-19] CHR Extension: (Hojas de cálculo) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-03-17] CHR Extension: (Documentos de Google sin conexión) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-21] CHR Extension: (Avast Online Security) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-09-26] CHR Extension: (OSI: Servicio AntiBotnet) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhljghnmjahiaofikeljkjnhbeoiclbh [2018-07-28] CHR Extension: (Malwarebytes Browser Extension) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2018-09-26] CHR Extension: (Player para ver Movistar+) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\kenfcfndncbbggmafjjeihkdclggbojn [2018-07-05] CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03] CHR Extension: (Gmail) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-03-17] CHR Extension: (Chrome Media Router) - C:\Users\Antonio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-09-18] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx Opera: ======= OPR Extension: (uTorrent easy client) - C:\Users\Antonio\AppData\Roaming\Opera Software\Opera Stable\Extensions\ccobhfmlehfonhlhjjcnalkafhhcjocn [2018-06-05] ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [817760 2017-09-20] (Adobe Systems Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2704872 2018-09-10] (Adobe Systems, Incorporated) R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-04] (Advanced Micro Devices, Inc.) [File not signed] R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [File not signed] R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7994520 2018-08-30] (AVAST Software) S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-09-01] (AVAST Software) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-08-30] (AVAST Software) S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-09-01] (AVAST Software) R2 AVerRemote; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [360448 2011-08-19] (AVerMedia) [File not signed] R2 AVerScheduleService; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [403456 2011-04-01] () [File not signed] R2 AVerUpdateServer; C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe [167936 2011-10-31] (AVerMedia TECHNOLOGIES, Inc.) [File not signed] S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7252656 2018-09-07] () S3 CCALib8; C:\Program Files (x86)\Canon\CAL\CALMAIN.exe [96341 2005-09-30] (Canon Inc.) [File not signed] R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9677088 2018-09-29] (Microsoft Corporation) R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-03-22] (Digital Wave Ltd.) S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291904 2017-08-14] (Disc Soft Ltd) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [780928 2018-06-30] (EasyAntiCheat Ltd) S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed] S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed] R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [103808 2008-01-22] () R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes) R2 NeroBackItUpBackgroundService2018; C:\Program Files (x86)\Nero\Nero 2018\Nero BackItUp\NBService.exe [287096 2017-09-12] (Nero AG) R2 NitroDriverReadSpool11; C:\Program Files\Nitro\Pro 11\NitroPDFDriverService11x64.exe [327368 2017-03-09] (Nitro Software, Inc.) R2 NitroUpdateService; C:\Program Files\Nitro\Pro 11\Nitro_UpdateService.exe [419016 2017-03-09] () R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (arvato digital services llc) R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2015-09-23] (CyberLink) R2 ScsiAccess; C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe [186760 2017-12-09] () S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.) R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-20] (Advanced Micro Devices) R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22240 2013-10-28] () R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [199712 2018-08-30] (AVAST Software) R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [229384 2018-08-30] (AVAST Software) R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [201320 2018-08-30] (AVAST Software) R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [346664 2018-08-30] (AVAST Software) R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [59568 2018-08-30] (AVAST Software) R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [249016 2018-08-30] (AVAST Software) S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46968 2018-08-30] (AVAST Software) R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [163392 2018-09-11] (AVAST Software) R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111864 2018-08-30] (AVAST Software) R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [87904 2018-08-30] (AVAST Software) R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1027720 2018-08-30] (AVAST Software) R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [467320 2018-09-07] (AVAST Software) R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [215920 2018-09-12] (AVAST Software) R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [381560 2018-08-30] (AVAST Software) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [118848 2016-08-09] (Advanced Micro Devices) R3 AVerIT13x; C:\Windows\System32\Drivers\AVerIT13x_x64.sys [198272 2012-12-06] (AVerMedia TECHNOLOGIES, Inc.) S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.) R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2017-12-07] (Disc Soft Ltd) R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2017-12-07] (Disc Soft Ltd) R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2017-12-06] (Glarysoft Ltd) S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2017-12-07] () S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [55232 2018-06-03] () R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-01-01] (REALiX(tm)) R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (EZB Systems, Inc.) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [260384 2018-10-15] (Malwarebytes) R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3737304 2018-01-01] (Realtek Semiconductor Corporation ) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.) S3 tapwindscribe0901; C:\Windows\system32\DRIVERS\tapwindscribe0901.sys [45560 2018-02-01] (The OpenVPN Project) S1 UsbCharger; C:\Windows\System32\DRIVERS\UsbCharger.sys [22240 2013-10-24] () S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-10-15 17:43 - 2018-10-15 17:43 - 000027134 _____ C:\Users\Antonio\Downloads\FRST.txt 2018-10-15 17:43 - 2018-10-15 17:43 - 000000000 ____D C:\FRST 2018-10-15 17:42 - 2018-10-15 17:42 - 000001445 _____ C:\Users\Antonio\Desktop\FRST64.exe - Acceso directo.lnk 2018-10-15 17:41 - 2018-10-15 17:42 - 002414592 _____ (Farbar) C:\Users\Antonio\Downloads\FRST64.exe 2018-10-15 17:15 - 2018-10-15 17:15 - 000260384 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys 2018-10-15 17:13 - 2018-10-15 17:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2018-10-15 17:13 - 2018-09-11 13:18 - 000152688 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys 2018-10-14 17:37 - 2018-10-14 17:37 - 016796856 _____ (Piriform Ltd) C:\Users\Antonio\Downloads\ccsetup547.exe 2018-10-13 23:13 - 2018-10-15 17:28 - 000000000 ____D C:\Users\Antonio\Desktop\FOROSPYWARE 2018-10-13 22:59 - 2018-10-13 22:59 - 000000722 _____ C:\Users\Antonio\Desktop\FOTOS CRACOVIA - Acceso directo.lnk 2018-10-12 10:57 - 2018-10-02 19:59 - 000835152 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2018-10-12 10:57 - 2018-10-02 19:59 - 000179792 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2018-10-11 23:27 - 2018-10-11 23:27 - 000018477 _____ C:\Users\Antonio\Downloads\estatmarquespc.xlsx 2018-10-11 23:26 - 2018-10-11 23:26 - 000042581 _____ C:\Users\Antonio\Downloads\estatmarquesalpromocio.xlsx 2018-10-11 22:59 - 2018-10-11 22:59 - 000018270 _____ C:\Users\Antonio\Downloads\Platoon-(torrent0).torrent 2018-10-11 21:29 - 2018-10-11 21:29 - 000002474 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk 2018-10-11 21:29 - 2018-10-11 21:29 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk 2018-10-11 21:29 - 2018-10-11 21:29 - 000002437 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk 2018-10-11 21:29 - 2018-10-11 21:29 - 000002430 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk 2018-10-11 21:29 - 2018-10-11 21:29 - 000002428 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk 2018-10-11 21:29 - 2018-10-11 21:29 - 000002386 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk 2018-10-11 21:29 - 2018-10-11 21:29 - 000002382 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk 2018-10-11 21:29 - 2018-10-11 21:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Herramientas de Microsoft Office 2018-10-11 17:34 - 2018-10-11 17:34 - 000000000 ____D C:\Users\Antonio\Downloads\Platoon [MicroHD 1080 px][DTS 5.1-AC3 5.1-Castellano-AC3 5.1 Ingles+Subs][ES-EN] 2018-10-11 17:33 - 2018-10-11 17:33 - 000030935 _____ C:\Users\Antonio\Downloads\Platoon_MicroHD_1080_px.torrent 2018-10-11 17:32 - 2018-10-11 17:32 - 001137863 _____ C:\Users\Antonio\Downloads\Platoon_MicroHD_1080_px.torrent.zip 2018-10-11 14:09 - 2018-10-12 11:28 - 000635367 _____ C:\Users\SANDRA\Desktop\Trabajo ingles.pptx 2018-10-11 13:47 - 2018-10-11 13:47 - 000323096 _____ C:\Users\SANDRA\Downloads\david-kerkhoff_dk-crayon-crumble.zip 2018-10-10 16:41 - 2018-09-18 07:52 - 025735168 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2018-10-10 16:41 - 2018-09-18 07:25 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2018-10-10 16:41 - 2018-09-18 07:14 - 005779456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2018-10-10 16:41 - 2018-09-18 07:14 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2018-10-10 16:41 - 2018-09-18 06:49 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2018-10-10 16:41 - 2018-09-18 06:42 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2018-10-10 16:41 - 2018-09-18 06:39 - 015283712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2018-10-10 16:41 - 2018-09-18 06:35 - 004510720 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2018-10-10 16:41 - 2018-09-18 06:33 - 020278784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2018-10-10 16:41 - 2018-09-18 06:23 - 001555968 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2018-10-10 16:41 - 2018-09-18 06:21 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2018-10-10 16:41 - 2018-09-18 06:13 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2018-10-10 16:41 - 2018-09-18 06:10 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2018-10-10 16:41 - 2018-09-18 05:57 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2018-10-10 16:41 - 2018-09-18 05:55 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2018-10-10 16:41 - 2018-09-18 05:53 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2018-10-10 16:41 - 2018-09-18 05:51 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2018-10-10 16:41 - 2018-09-18 05:37 - 004037632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2018-10-10 16:41 - 2018-09-18 05:34 - 001330176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2018-10-10 16:41 - 2018-09-18 05:31 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2018-10-10 16:41 - 2018-09-18 02:26 - 000343552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll 2018-10-10 16:41 - 2018-09-11 18:38 - 004168704 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2018-10-10 16:41 - 2018-09-08 22:53 - 002532552 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2018-10-10 16:41 - 2018-09-08 20:40 - 007372224 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2018-10-10 16:41 - 2018-09-08 20:40 - 002014136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2018-10-10 16:41 - 2018-09-08 20:33 - 001368776 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2018-10-10 16:41 - 2018-09-08 20:22 - 001737696 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2018-10-10 16:41 - 2018-09-08 19:58 - 001902936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2018-10-10 16:41 - 2018-09-08 17:43 - 001085440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2018-10-10 16:41 - 2018-09-08 04:12 - 001549040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2018-10-10 16:41 - 2018-09-08 04:12 - 000388336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys 2018-10-10 16:41 - 2018-09-07 19:39 - 002902528 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll 2018-10-10 16:41 - 2018-09-07 18:51 - 002849280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll 2018-10-10 16:41 - 2018-09-01 18:43 - 000401920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2018-10-10 16:41 - 2018-08-29 15:51 - 002451800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2018-10-10 16:41 - 2018-08-26 05:13 - 015441920 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2018-10-10 16:41 - 2018-08-26 05:08 - 013321728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2018-10-10 16:41 - 2018-08-14 21:04 - 004171264 _____ (Gracenote, Inc.) C:\Windows\SysWOW64\gnsdk_fp.dll 2018-10-10 16:41 - 2018-08-12 22:25 - 000149632 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2018-10-10 16:41 - 2018-08-12 19:07 - 000179200 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll 2018-10-10 16:41 - 2018-08-12 18:32 - 000151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll 2018-10-10 16:41 - 2018-08-12 16:21 - 001633008 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll 2018-10-10 16:41 - 2018-08-09 15:16 - 004876800 _____ (Gracenote, Inc.) C:\Windows\system32\gnsdk_fp.dll 2018-10-10 16:40 - 2018-09-08 20:22 - 001676152 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2018-10-10 16:40 - 2018-09-08 20:22 - 001536216 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2018-10-10 16:40 - 2018-09-08 20:22 - 001500528 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2018-10-10 16:40 - 2018-09-08 20:22 - 001371448 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2018-10-10 16:40 - 2018-08-26 06:07 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx 2018-10-10 16:40 - 2018-08-26 06:07 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll 2018-10-07 17:57 - 2018-10-07 17:57 - 000020658 _____ C:\Users\Antonio\Downloads\1538278190-Familia a la Fuerza [1080p][Castellano][wWw.EliteTorrent.BiZ].torrent 2018-10-07 17:56 - 2018-10-07 17:56 - 000020077 _____ C:\Users\Antonio\Downloads\1538573568-Operation Finale [1080p][Castellano][wWw.EliteTorrent.BiZ].torrent 2018-10-06 14:12 - 2018-10-06 14:13 - 000045115 _____ C:\Users\SANDRA\Downloads\ImpressioVisita (3).pdf 2018-10-03 16:56 - 2015-07-30 16:04 - 000124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2018-10-03 16:56 - 2015-07-30 15:48 - 000103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2018-10-03 16:03 - 2014-06-10 00:13 - 000035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe 2018-10-03 16:03 - 2014-06-10 00:13 - 000035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe 2018-10-02 23:06 - 2018-10-02 23:06 - 000000000 ____D C:\Users\Antonio\AppData\Local\Alma IT Systems 2018-10-02 23:06 - 2018-10-02 23:06 - 000000000 ____D C:\ProgramData\Alma IT Systems 2018-10-02 23:03 - 2018-10-02 23:03 - 000000000 ____D C:\Windows\SysWOW64\XPSViewer 2018-10-02 23:03 - 2018-10-02 23:03 - 000000000 ____D C:\Program Files\Reference Assemblies 2018-10-02 23:03 - 2018-10-02 23:03 - 000000000 ____D C:\Program Files\MSBuild 2018-10-02 23:03 - 2018-10-02 23:03 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies 2018-10-02 23:03 - 2018-10-02 23:03 - 000000000 ____D C:\Program Files (x86)\MSBuild 2018-10-02 23:00 - 2013-08-03 06:48 - 001166520 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll 2018-10-02 23:00 - 2013-08-03 06:41 - 000778936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll 2018-10-02 22:32 - 2018-10-02 22:32 - 000000000 ____D C:\Users\Antonio\Downloads\dvdshrink32setup 2018-10-02 22:32 - 2018-10-02 22:32 - 000000000 ____D C:\ProgramData\DVD Shrink 2018-10-02 22:32 - 2004-07-26 03:16 - 001117491 _____ (DVD Shrink ) C:\Users\Antonio\Downloads\dvdshrink32setup.exe 2018-10-02 22:31 - 2018-10-02 22:31 - 001094021 _____ C:\Users\Antonio\Downloads\dvdshrink32setup.zip 2018-10-02 22:30 - 2018-09-19 23:32 - 000195888 _____ (Microsoft Corporation) C:\Windows\system32\msvcp140_2.dll 2018-09-30 16:38 - 2018-09-30 16:38 - 000727313 _____ C:\Users\SANDRA\Downloads\Presentació.m4a 2018-09-29 22:49 - 2018-09-29 22:49 - 001142414 _____ C:\Users\Antonio\Downloads\Oceans-8-[BluRay-1080p]-(torrent0) (2).torrent 2018-09-29 22:49 - 2018-09-29 22:49 - 001142414 _____ C:\Users\Antonio\Downloads\Oceans-8-[BluRay-1080p]-(torrent0) (1).torrent 2018-09-29 22:48 - 2018-09-29 22:48 - 001142414 _____ C:\Users\Antonio\Downloads\Oceans-8-[BluRay-1080p]-(torrent0).torrent 2018-09-27 18:16 - 2018-09-27 18:16 - 000000000 ____D C:\Users\SANDRA\AppData\Local\mbamtray 2018-09-26 23:12 - 2018-09-26 23:12 - 000000000 ____D C:\Users\Antonio\AppData\Local\mbam 2018-09-26 23:06 - 2018-09-26 23:06 - 000000000 ____D C:\Users\Antonio\AppData\Local\mbamtray 2018-09-24 16:48 - 2018-10-08 20:15 - 000000000 ____D C:\Users\Antonio\Desktop\2018_09_24 2018-09-24 15:58 - 2018-09-24 15:58 - 000427114 _____ C:\Users\CLAUDIA\Downloads\Task1-AliciaQuintanaFernandez.pdf 2018-09-24 15:56 - 2018-09-24 15:56 - 000083321 _____ C:\Users\CLAUDIA\Downloads\Unit 1 ANSWERS.ppsx 2018-09-24 15:49 - 2018-09-24 15:49 - 001702095 _____ C:\Users\CLAUDIA\Downloads\Nuevo doc 2018-06-07 12.49.35-20180607125209.pdf 2018-09-24 15:49 - 2018-09-24 15:49 - 001702095 _____ C:\Users\CLAUDIA\Downloads\Nuevo doc 2018-06-07 12.49.35-20180607125209 (1).pdf 2018-09-24 15:16 - 2018-09-24 15:16 - 009222827 _____ C:\Users\CLAUDIA\Downloads\Dialnet-InfluenciaDeLosFactoresSocioculturalesEnLosGustosY-48474.pdf 2018-09-24 14:34 - 2018-09-24 14:34 - 003260545 _____ C:\Users\CLAUDIA\Desktop\TFM_ Maria Suarez Diaz.pdf 2018-09-24 14:28 - 2018-09-24 14:28 - 014980381 _____ C:\Users\CLAUDIA\Downloads\02_Memòria.pdf 2018-09-23 23:22 - 2018-09-23 23:22 - 007571152 _____ (Malwarebytes) C:\Users\Antonio\Downloads\adwcleaner_7.2.3.1.exe 2018-09-23 23:20 - 2018-09-23 23:20 - 000293776 _____ C:\Users\Antonio\Downloads\factura_jaztel_J612571738 (1).pdf 2018-09-23 23:15 - 2018-09-23 23:15 - 000189754 _____ C:\Users\Antonio\Downloads\factura_jaztel_J618853061.pdf 2018-09-23 23:06 - 2018-09-23 23:06 - 001577536 _____ (Opera Software) C:\Users\Antonio\Downloads\OperaSetup.exe 2018-09-20 17:38 - 2018-09-20 17:38 - 000045419 _____ C:\Users\SANDRA\Downloads\ImpressioVisita (2).pdf 2018-09-20 17:32 - 2018-09-20 17:32 - 000045881 _____ C:\Users\SANDRA\Downloads\ImpressioVisita.pdf 2018-09-20 17:32 - 2018-09-20 17:32 - 000045881 _____ C:\Users\SANDRA\Downloads\ImpressioVisita (1).pdf 2018-09-19 20:12 - 2018-09-19 20:12 - 006563740 _____ C:\Users\SANDRA\Downloads\Tema I - Univers i Terra.pdf 2018-09-19 20:12 - 2018-09-19 20:12 - 002840345 _____ C:\Users\SANDRA\Downloads\Tema II - Humans.pdf 2018-09-16 17:17 - 2018-09-16 17:17 - 000294222 _____ C:\Users\Antonio\Downloads\2018_res_travmasc.pdf ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-10-15 17:34 - 2017-12-09 00:29 - 000000000 ____D C:\Users\Antonio\AppData\Local\CrashDumps 2018-10-15 17:34 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf 2018-10-15 17:18 - 2017-12-06 17:57 - 000003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1492494534-3052034158-2930290983-1001 2018-10-15 17:14 - 2017-12-09 01:11 - 000000000 ___RD C:\Users\Antonio\Desktop\LIMPIEZA 2018-10-15 17:13 - 2017-12-06 19:55 - 000000000 ____D C:\ProgramData\Malwarebytes 2018-10-15 17:02 - 2017-12-06 20:02 - 000000000 ____D C:\Users\Antonio\AppData\LocalLow\Mozilla 2018-10-15 17:01 - 2018-08-25 17:25 - 000003606 _____ C:\Windows\System32\Tasks\AutoKMS 2018-10-15 17:01 - 2018-07-17 19:42 - 000000000 ____D C:\Users\Antonio\AppData\Local\AVAST Software 2018-10-15 17:00 - 2017-12-06 17:56 - 000000000 ___DO C:\Users\Antonio\OneDrive 2018-10-15 16:50 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2018-10-15 16:49 - 2018-06-13 15:20 - 000000000 ____D C:\Users\Antonio\Downloads\Nueva carpeta 2018-10-15 16:48 - 2017-12-06 23:54 - 000000000 ____D C:\Users\CLAUDIA 2018-10-15 16:48 - 2017-12-06 23:49 - 000000000 ____D C:\Users\ARACELI 2018-10-15 13:00 - 2017-12-06 18:01 - 000003990 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{F137229A-FB15-4425-97AB-B9B652A2D758} 2018-10-14 23:19 - 2017-12-06 17:51 - 000000000 ____D C:\Users\Antonio 2018-10-14 19:13 - 2018-06-17 00:17 - 000000000 _____ C:\Windows\SysWOW64\last.dump 2018-10-14 17:38 - 2017-12-06 21:59 - 000003870 _____ C:\Windows\System32\Tasks\CCleaner Update 2018-10-14 12:50 - 2013-08-22 17:20 - 000000000 ____D C:\Windows\CbsTemp 2018-10-13 23:54 - 2017-12-07 18:21 - 000003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1492494534-3052034158-2930290983-1004 2018-10-13 23:33 - 2013-08-22 17:36 - 000000000 ___HD C:\Windows\ELAMBKUP 2018-10-13 23:32 - 2018-06-04 11:22 - 000000000 ____D C:\Program Files\Common Files\AV 2018-10-13 22:47 - 2017-12-06 22:04 - 000000000 ____D C:\Users\Antonio\AppData\Roaming\vlc 2018-10-13 19:27 - 2017-12-16 18:14 - 000003986 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{71B25F3B-0A1F-4206-8482-916831445966} 2018-10-13 17:42 - 2018-09-01 20:00 - 000003168 _____ C:\Windows\System32\Tasks\PDRStyleAgent 2018-10-13 17:42 - 2018-08-19 22:13 - 000003142 _____ C:\Windows\System32\Tasks\CorelUpdateHelperTask-2C15EA3CA01D3E5FDCE170D20D43DD1D 2018-10-13 17:42 - 2018-06-05 12:43 - 000003844 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1528195391 2018-10-13 17:42 - 2018-05-30 11:13 - 000003464 _____ C:\Windows\System32\Tasks\AdobeGCInvoker-1.0-PCANTONIO-CLAUDIA 2018-10-13 17:42 - 2018-05-18 23:12 - 000003160 _____ C:\Windows\System32\Tasks\StartCN 2018-10-13 17:42 - 2018-02-15 12:58 - 000003176 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1492494534-3052034158-2930290983-1004 2018-10-13 17:42 - 2018-02-02 23:49 - 000003464 _____ C:\Windows\System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-blancoweb@hotmail.com 2018-10-13 17:42 - 2018-02-01 22:32 - 000003462 _____ C:\Windows\System32\Tasks\AdobeGCInvoker-1.0-PCANTONIO-SANDRA 2018-10-13 17:42 - 2017-12-11 21:05 - 000003990 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{90C2676F-5F50-4938-B436-F1179AD1ECA3} 2018-10-13 17:42 - 2017-12-10 18:05 - 000003714 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1492494534-3052034158-2930290983-1001UA 2018-10-13 17:42 - 2017-12-10 18:05 - 000003442 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1492494534-3052034158-2930290983-1001Core 2018-10-13 17:42 - 2017-12-09 23:15 - 000003508 _____ C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-blancoweb@hotmail.com 2018-10-13 17:42 - 2017-12-08 01:19 - 000003178 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1492494534-3052034158-2930290983-1001 2018-10-13 17:42 - 2017-12-07 21:20 - 000003322 _____ C:\Windows\System32\Tasks\CorelUpdateHelperTaskCore 2018-10-13 17:42 - 2017-12-06 21:59 - 000002796 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC 2018-10-13 17:42 - 2017-12-06 21:58 - 000002978 _____ C:\Windows\System32\Tasks\GU5SkipUAC 2018-10-13 17:42 - 2017-12-06 20:08 - 000004506 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier 2018-10-13 17:42 - 2017-12-06 20:08 - 000004332 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2018-10-13 17:42 - 2017-12-06 20:06 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2018-10-13 17:42 - 2017-12-06 18:04 - 000003534 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2018-10-13 17:42 - 2017-12-06 18:04 - 000003406 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2018-10-13 17:42 - 2017-12-06 18:03 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software 2018-10-13 15:36 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\rescache 2018-10-12 11:15 - 2018-06-30 12:15 - 000000000 ____D C:\Users\SANDRA\Desktop\Fortnite 2018-10-12 10:56 - 2013-08-22 16:44 - 000550560 _____ C:\Windows\system32\FNTCACHE.DAT 2018-10-12 10:55 - 2017-12-06 20:02 - 000000000 ____D C:\Program Files\Mozilla Firefox 2018-10-12 10:55 - 2017-12-06 20:02 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2018-10-12 00:25 - 2017-12-06 18:16 - 000065536 _____ C:\Windows\system32\spu_storage.bin 2018-10-12 00:25 - 2013-08-22 15:25 - 000524288 ___SH C:\Windows\system32\config\BBI 2018-10-11 23:55 - 2017-12-10 20:16 - 000000000 ____D C:\Users\Antonio\AppData\Roaming\Spotify 2018-10-11 23:28 - 2017-12-06 17:51 - 000000000 ____D C:\Users\Antonio\AppData\Local\Packages 2018-10-11 23:21 - 2017-12-06 20:09 - 000000000 ____D C:\Users\Antonio\AppData\Roaming\uTorrent 2018-10-11 23:20 - 2017-12-10 20:17 - 000000000 ____D C:\Users\Antonio\AppData\Local\Spotify 2018-10-11 23:08 - 2018-06-05 12:43 - 000001021 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navegador Opera.lnk 2018-10-11 23:08 - 2018-06-05 12:43 - 000000000 ____D C:\Program Files\Opera 2018-10-11 21:33 - 2013-08-22 17:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2018-10-11 21:28 - 2017-12-06 19:02 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2018-10-11 10:43 - 2018-09-01 21:01 - 000002439 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk 2018-10-11 10:35 - 2017-12-07 20:03 - 000000000 ____D C:\Windows\system32\MRT 2018-10-11 10:29 - 2017-12-07 20:03 - 136745976 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2018-10-10 16:39 - 2017-12-06 23:58 - 000002337 _____ C:\Users\SANDRA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive para la Empresa.lnk 2018-10-09 22:11 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2018-10-09 22:11 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\system32\Macromed 2018-10-09 17:25 - 2017-12-06 21:50 - 000002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk 2018-10-09 17:25 - 2017-12-06 21:50 - 000002057 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk 2018-10-08 21:57 - 2017-12-11 12:14 - 000003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1492494534-3052034158-2930290983-1005 2018-10-08 18:58 - 2017-12-06 20:06 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2018-10-08 13:49 - 2017-12-06 23:54 - 000000000 ____D C:\Users\CLAUDIA\AppData\Local\Packages 2018-10-07 18:02 - 2017-12-06 18:55 - 000000000 ____D C:\ProgramData\CanonIJPLM 2018-10-06 19:48 - 2017-12-06 20:02 - 000000948 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2018-10-06 17:01 - 2014-11-21 01:03 - 001832546 _____ C:\Windows\system32\PerfStringBackup.INI 2018-10-06 17:01 - 2014-11-21 00:21 - 000810810 _____ C:\Windows\system32\perfh00A.dat 2018-10-06 17:01 - 2014-11-21 00:21 - 000167046 _____ C:\Windows\system32\perfc00A.dat 2018-10-05 19:05 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\AppReadiness 2018-10-02 23:03 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\SysWOW64\MUI 2018-10-02 23:03 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\system32\MUI 2018-09-29 11:20 - 2017-12-06 20:04 - 000000000 ____D C:\Users\Antonio\AppData\Local\Adobe 2018-09-26 16:19 - 2017-12-06 23:58 - 000000000 ____D C:\Users\SANDRA\AppData\Local\Packages 2018-09-24 21:51 - 2018-08-31 22:45 - 000000000 ____D C:\Users\Antonio\Downloads\Familia del Norte [1080p][Castellano][wWw.EliteTorrent.BiZ] 2018-09-24 13:34 - 2013-08-22 17:36 - 000000000 ___HD C:\Program Files\WindowsApps 2018-09-24 13:27 - 2018-09-10 21:01 - 000000000 ____D C:\Users\CLAUDIA\AppData\Local\AVAST Software 2018-09-23 15:58 - 2017-12-06 19:08 - 000002340 _____ C:\Users\Antonio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive para la Empresa.lnk 2018-09-18 21:02 - 2018-03-17 18:18 - 000002242 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2018-09-15 19:37 - 2017-12-06 23:58 - 000000000 ____D C:\Users\SANDRA ==================== Files in the root of some directories ======= 2017-12-09 00:28 - 2017-12-09 00:28 - 000000198 _____ () C:\Users\Antonio\AppData\Roaming\PCANTONIO.MTBF.txt 2018-09-29 11:25 - 2018-09-29 11:25 - 000000000 _____ () C:\Users\Antonio\AppData\Local\oobelibMkey.log Some files in TEMP: ==================== 2018-05-20 19:37 - 2014-11-21 01:18 - 001040384 _____ (Microsoft Corporation) C:\Users\CLAUDIA\AppData\Local\Temp\kernel32.dll 2018-05-16 15:36 - 2014-11-21 01:18 - 001040384 _____ (Microsoft Corporation) C:\Users\SANDRA\AppData\Local\Temp\kernel32.dll ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2018-10-11 21:10 ==================== End of FRST.txt ============================