Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10.10.2018 Ran by Manuel (administrator) on MANOLO (23-10-2018 23:48:21) Running from C:\Users\Manuel\Desktop Loaded Profiles: UpdatusUser & Manuel & NeroMediaHomeUser.4 (Available Profiles: UpdatusUser & Manuel & NeroMediaHomeUser.4) Platform: Windows 10 Home Version 1809 17763.55 (X64) Language: Español (España, internacional) Internet Explorer Version 11 (Default browser: IE) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (ESET) C:\Program Files\ESET\ESET Security\ekrn.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe (Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe (Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe (Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe (Nero AG) C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe (Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe (Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe () C:\Windows\System32\igfxTray.exe (Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe (Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Intel Corporation) C:\Windows\System32\igfxext.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Corporation) C:\Windows\System32\SecurityHealthSystray.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (ESET) C:\Program Files\ESET\ESET Security\egui.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe (Microsoft Corporation) C:\Windows\SysWOW64\systeminfo.exe (Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Program Files\internet explorer\iexplore.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SecurityHealth] => C:\WINDOWS\system32\SecurityHealthSystray.exe [83968 2018-09-15] (Microsoft Corporation) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16405744 2015-08-23] (Realtek Semiconductor) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [177928 2018-10-03] (ESET) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1403136 2015-08-23] (Realtek Semiconductor) HKLM-x32\...\Run: [Nero MediaHome 4] => C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe [5179880 2012-12-20] (Nero AG) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle Corporation) HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2018-09-15] (Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2018-09-15] (Microsoft Corporation) HKU\S-1-5-21-137577715-180173904-379872953-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2018-09-15] (Microsoft Corporation) HKU\S-1-5-21-137577715-180173904-379872953-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50615936 2016-01-19] (Skype Technologies S.A.) HKU\S-1-5-21-137577715-180173904-379872953-1002\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [46281248 2018-05-30] () HKU\S-1-5-21-137577715-180173904-379872953-1002\...\Run: [308bc600] => C:\ProgramData\308bc600\308bc600.exe [0 ] (AutoIt Team) HKU\S-1-5-21-137577715-180173904-379872953-1002\...\Run: [308bc6002] => C:\ProgramData\WfTbDw\308bc600.exe [937776 2018-10-23] (AutoIt Team) HKU\S-1-5-21-137577715-180173904-379872953-1006\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2018-09-15] (Microsoft Corporation) Startup: C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\b308bc6004a0193d79dd2eb422d9c028.lnk [2018-10-23] ShortcutTarget: b308bc6004a0193d79dd2eb422d9c028.lnk -> C:\MANOLO\dqnxikrkcv.exe (AutoIt Team) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 212.40.224.73 62.42.230.24 Tcpip\..\Interfaces\{a7ab02c3-99df-4f48-a477-c97ecc606e8a}: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{a7ab02c3-99df-4f48-a477-c97ecc606e8a}: [DhcpNameServer] 212.40.224.73 62.42.230.24 Tcpip\..\Interfaces\{c2e34e45-8e00-4032-b7bc-3d544ad78e3c}: [DhcpNameServer] 212.40.224.73 62.42.230.24 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-137577715-180173904-379872953-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-137577715-180173904-379872953-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB HKU\S-1-5-21-137577715-180173904-379872953-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.es/ HKU\S-1-5-21-137577715-180173904-379872953-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB SearchScopes: HKLM -> DefaultScope {F27B97C1-B509-4401-9947-538D77DA4608} URL = SearchScopes: HKLM -> {F27B97C1-B509-4401-9947-538D77DA4608} URL = SearchScopes: HKU\S-1-5-21-137577715-180173904-379872953-1002 -> {23B30821-B369-4D47-B193-3D2CF8CE76D9} URL = SearchScopes: HKU\S-1-5-21-137577715-180173904-379872953-1002 -> {F27B97C1-B509-4401-9947-538D77DA4608} URL = BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll [2018-10-18] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-10-18] (Oracle Corporation) Edge: ====== Edge Extension: (BookReader) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets [2018-09-15] Edge Extension: (PinJSAPI) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [2018-09-15] FireFox: ======== FF DefaultProfile: w0cj0xdy.default FF ProfilePath: C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\w0cj0xdy.default [2018-10-23] FF Extension: (Telemetry coverage) - C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\w0cj0xdy.default\features\{9bae5cc0-3429-4e57-bb38-10b49846d5a9}\telemetry-coverage-bug1487578@mozilla.org.xpi [2018-10-17] [Legacy] FF HKU\S-1-5-21-137577715-180173904-379872953-1002\...\Firefox\Extensions: [acewebextension_unlisted@acestream.org] - C:\Users\Manuel\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => not found FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-10-18] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-10-18] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-22] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-22] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [2015-05-20] () FF Plugin HKU\S-1-5-21-137577715-180173904-379872953-1002: @acestream.net/acestreamplugin,version=3.1.2 -> C:\Users\Manuel\AppData\Roaming\ACEStream\player\npace_plugin.dll [No File] Chrome: ======= CHR Profile: C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default [2018-10-23] CHR Extension: (Presentaciones) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-31] CHR Extension: (Documentos) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-31] CHR Extension: (Google Drive) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-01-31] CHR Extension: (YouTube) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-01-31] CHR Extension: (Hojas de cálculo) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-31] CHR Extension: (Documentos de Google sin conexión) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-18] CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2018-04-07] CHR Extension: (Ace Script) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2018-01-31] CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-07] CHR Extension: (Gmail) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-01-31] CHR Extension: (Chrome Media Router) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-09-18] CHR HKU\S-1-5-21-137577715-180173904-379872953-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-137577715-180173904-379872953-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 BrokerInfrastructure; C:\WINDOWS\System32\psmsrv.dll [241664 2018-09-15] (Microsoft Corporation) S3 cbdhsvc; C:\WINDOWS\System32\cbdhsvc.dll [961024 2018-09-15] (Microsoft Corporation) S3 ConsentUxUserSvc; C:\WINDOWS\System32\ConsentUxClient.dll [157696 2018-09-15] (Microsoft Corporation) R3 DisplayEnhancementService; C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll [914944 2018-09-15] (Microsoft Corporation) R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2260144 2018-10-03] (ESET) R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2260144 2018-10-03] (ESET) R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated) R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [370064 2015-09-30] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) S3 Intel(R) TA SAM; C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-08-12] (Intel Corporation) R2 Intel(R) TechnologyAccessLegacyCSLoader; C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe [153296 2016-04-26] (Intel(R) Corporation) R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe [478416 2016-04-26] (Intel(R) Corporation) S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation) R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes) R2 NeroMediaHomeService.4; C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe [518632 2012-12-20] (Nero AG) S3 perceptionsimulation; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [78848 2018-09-15] (Microsoft Corporation) R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate) R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] () S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [384512 2018-09-15] () S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [234240 2014-07-15] (acer) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3830488 2018-09-15] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [110944 2018-09-15] (Microsoft Corporation) S3 WManSvc; C:\WINDOWS\system32\Windows.Management.Service.dll [370176 2018-09-15] (Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 BasicDisplay; C:\WINDOWS\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_5103ac179273be89\BasicDisplay.sys [68096 2018-09-15] (Microsoft Corporation) R1 BasicRender; C:\WINDOWS\System32\DriverStore\FileRepository\basicrender.inf_amd64_0b8d03c3bc0e7fd9\BasicRender.sys [37376 2018-09-15] (Microsoft Corporation) S3 BthMini; C:\WINDOWS\System32\drivers\BTHMINI.sys [34816 2018-09-15] (Microsoft Corporation) R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [141512 2018-10-03] (ESET) R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [109232 2018-10-03] (ESET) S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15872 2018-04-12] (ESET) R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [188824 2018-10-03] (ESET) R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [50144 2018-10-03] (ESET) R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [82304 2018-10-03] (ESET) R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [109864 2018-10-03] (ESET) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152688 2018-09-11] (Malwarebytes) S3 hidspi; C:\WINDOWS\System32\drivers\hidspi.sys [60928 2018-09-15] (Microsoft Corporation) S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [55232 2018-10-22] () S3 iaLPSS2i_GPIO2_CNL; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [112128 2018-09-15] (Intel Corporation) S3 iaLPSS2i_GPIO2_GLK; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [96256 2018-09-15] (Intel Corporation) S3 iaLPSS2i_I2C_CNL; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [180736 2018-09-15] (Intel Corporation) S3 iaLPSS2i_I2C_GLK; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [177664 2018-09-15] (Intel Corporation) R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-15] (Acer Incorporated) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [200232 2018-10-18] (Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [118584 2018-10-23] (Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [58400 2018-10-23] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [260384 2018-10-23] (Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [110424 2018-10-23] (Malwarebytes) S3 MbbCx; C:\WINDOWS\System32\drivers\MbbCx.sys [290816 2018-09-15] (Microsoft Corporation) R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation) S3 Microsoft_Bluetooth_AvrcpTransport; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [53760 2018-09-15] (Microsoft Corporation) R1 ndisrd; C:\WINDOWS\system32\DRIVERS\ndisrfl.sys [50448 2015-07-28] (Intel Corporation) R3 NetTap630; C:\WINDOWS\system32\DRIVERS\nettap630.sys [67800 2015-04-30] (Intel Corporation) R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvacwu.inf_amd64_31f4ef4821269ebb\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation) S3 PktMon; C:\WINDOWS\System32\drivers\PktMon.sys [85504 2018-09-15] (Microsoft Corporation) R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-15] (Acer Incorporated) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-07-22] (Realtek ) R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [761600 2015-06-24] (Realsil Semiconductor Corporation) S0 SmartSAMD; C:\WINDOWS\System32\drivers\SmartSAMD.sys [219960 2018-09-15] (Microsemi Corportation) R3 SynRMIHID; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [42224 2014-02-19] (Synaptics Incorporated) S3 UcmUcsiAcpiClient; C:\WINDOWS\System32\drivers\UcmUcsiAcpiClient.sys [31232 2018-09-15] (Microsoft Corporation) S3 UcmUcsiCx0101; C:\WINDOWS\System32\Drivers\UcmUcsiCx.sys [99840 2018-09-15] (Microsoft Corporation) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46584 2018-09-15] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [340008 2018-09-15] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [61992 2018-09-15] (Microsoft Corporation) R3 WinQuic; C:\WINDOWS\System32\drivers\winquic.sys [156984 2018-09-15] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) NETSVC: WManSvc -> C:\Windows\system32\Windows.Management.Service.dll (Microsoft Corporation) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-10-23 23:52 - 2018-10-23 23:52 - 000000000 ____D C:\ProgramData\JdKJzc 2018-10-23 23:48 - 2018-10-23 23:51 - 000023130 _____ C:\Users\Manuel\Desktop\FRST.txt 2018-10-23 23:48 - 2018-10-23 23:48 - 000000000 ____D C:\FRST 2018-10-23 23:42 - 2018-10-23 23:42 - 002414592 _____ (Farbar) C:\Users\Manuel\Desktop\FRST64.exe 2018-10-23 03:22 - 2018-10-23 23:41 - 000110424 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2018-10-23 03:22 - 2018-10-23 03:22 - 000260384 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2018-10-23 03:22 - 2018-10-23 03:22 - 000118584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2018-10-23 03:22 - 2018-10-23 03:22 - 000058400 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2018-10-23 03:11 - 2018-10-23 03:13 - 000000000 ____D C:\AdwCleaner 2018-10-23 02:17 - 2018-10-23 02:17 - 007592144 _____ (Malwarebytes) C:\Users\Manuel\Desktop\adwcleaner_7.2.4.0.exe 2018-10-22 01:26 - 2018-10-22 01:26 - 000000000 _____ C:\Users\Manuel\Desktop\lunes 22 0.45.txt 2018-10-22 01:10 - 2018-10-22 01:10 - 000002194 _____ C:\WINDOWS\system32\.crusader 2018-10-22 00:50 - 2018-10-22 01:12 - 000055232 _____ C:\WINDOWS\system32\Drivers\hitmanpro37.sys 2018-10-22 00:49 - 2018-10-22 01:11 - 000000000 ____D C:\ProgramData\HitmanPro 2018-10-21 15:31 - 2018-10-21 15:31 - 006986872 _____ (ESET spol. s r.o.) C:\Users\Manuel\Downloads\esetonlinescanner_esl.exe 2018-10-21 15:28 - 2018-10-22 01:25 - 000000018 _____ C:\Users\Manuel\Desktop\Nuevo documento de texto.txt 2018-10-18 05:06 - 2018-10-18 05:06 - 000000000 ____D C:\Users\Manuel\AppData\LocalLow\Temp 2018-10-18 03:54 - 2018-10-18 03:54 - 000000000 ____D C:\Users\Manuel\AppData\Local\mbam 2018-10-18 03:53 - 2018-10-18 03:53 - 000200232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2018-10-18 03:53 - 2018-10-18 03:53 - 000000000 ____D C:\Users\Manuel\AppData\Local\mbamtray 2018-10-18 03:52 - 2018-10-18 03:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2018-10-18 03:52 - 2018-09-11 13:18 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2018-10-17 23:58 - 2018-10-17 23:46 - 000835152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2018-10-17 23:58 - 2018-10-17 23:46 - 000179792 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2018-10-17 23:51 - 2018-10-17 23:51 - 020809216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2018-10-17 23:51 - 2018-10-17 23:51 - 019024384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2018-10-17 23:51 - 2018-10-17 23:51 - 012857856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2018-10-17 23:51 - 2018-10-17 23:51 - 012151296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2018-10-17 23:51 - 2018-10-17 23:51 - 011744256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll 2018-10-17 23:51 - 2018-10-17 23:51 - 009951744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll 2018-10-17 23:51 - 2018-10-17 23:51 - 007861248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2018-10-17 23:51 - 2018-10-17 23:51 - 006062592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2018-10-17 23:51 - 2018-10-17 23:51 - 005440016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2018-10-17 23:51 - 2018-10-17 23:51 - 002469648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll 2018-10-17 23:51 - 2018-10-17 23:51 - 002323904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll 2018-10-17 23:51 - 2018-10-17 23:51 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll 2018-10-17 23:51 - 2018-10-17 23:51 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll 2018-10-17 23:51 - 2018-10-17 23:51 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll 2018-10-17 23:50 - 2018-10-17 23:50 - 026805248 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2018-10-17 23:50 - 2018-10-17 23:50 - 023440384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2018-10-17 23:50 - 2018-10-17 23:50 - 022112072 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2018-10-17 23:50 - 2018-10-17 23:50 - 009696768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2018-10-17 23:50 - 2018-10-17 23:50 - 007645600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2018-10-17 23:50 - 2018-10-17 23:50 - 006543224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2018-10-17 23:50 - 2018-10-17 23:50 - 005584056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2018-10-17 23:50 - 2018-10-17 23:50 - 004588032 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe 2018-10-17 23:50 - 2018-10-17 23:50 - 003981312 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll 2018-10-17 23:50 - 2018-10-17 23:50 - 003662336 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2018-10-17 23:50 - 2018-10-17 23:50 - 003556864 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2018-10-17 23:50 - 2018-10-17 23:50 - 003380736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2018-10-17 23:50 - 2018-10-17 23:50 - 003378176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2018-10-17 23:50 - 2018-10-17 23:50 - 002927096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2018-10-17 23:50 - 2018-10-17 23:50 - 002893312 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll 2018-10-17 23:50 - 2018-10-17 23:50 - 002832896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll 2018-10-17 23:50 - 2018-10-17 23:50 - 002721280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2018-10-17 23:50 - 2018-10-17 23:50 - 002625552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2018-10-17 23:50 - 2018-10-17 23:50 - 002488320 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2018-10-17 23:50 - 2018-10-17 23:50 - 002435488 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2018-10-17 23:50 - 2018-10-17 23:50 - 002186752 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2018-10-17 23:50 - 2018-10-17 23:50 - 002020560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2018-10-17 23:50 - 2018-10-17 23:50 - 001884672 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2018-10-17 23:50 - 2018-10-17 23:50 - 001863168 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2018-10-17 23:50 - 2018-10-17 23:50 - 001830912 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll 2018-10-17 23:50 - 2018-10-17 23:50 - 001797128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll 2018-10-17 23:50 - 2018-10-17 23:50 - 001762816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2018-10-17 23:50 - 2018-10-17 23:50 - 001672072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2018-10-17 23:50 - 2018-10-17 23:50 - 001590288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll 2018-10-17 23:50 - 2018-10-17 23:50 - 001520208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll 2018-10-17 23:50 - 2018-10-17 23:50 - 001495552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2018-10-17 23:50 - 2018-10-17 23:50 - 001466992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2018-10-17 23:50 - 2018-10-17 23:50 - 001360896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys 2018-10-17 23:50 - 2018-10-17 23:50 - 001255952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2018-10-17 23:50 - 2018-10-17 23:50 - 001050640 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2018-10-17 23:50 - 2018-10-17 23:50 - 000918496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll 2018-10-17 23:50 - 2018-10-17 23:50 - 000863752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2018-10-17 23:50 - 2018-10-17 23:50 - 000850960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll 2018-10-17 23:50 - 2018-10-17 23:50 - 000582248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll 2018-10-17 23:50 - 2018-10-17 23:50 - 000535040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2018-10-17 23:50 - 2018-10-17 23:50 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll 2018-10-17 23:50 - 2018-10-17 23:50 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll 2018-10-17 23:50 - 2018-10-17 23:50 - 000439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2018-10-17 23:50 - 2018-10-17 23:50 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll 2018-10-17 23:50 - 2018-10-17 23:50 - 000402376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll 2018-10-17 23:50 - 2018-10-17 23:50 - 000398208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll 2018-10-17 23:26 - 2018-10-17 23:26 - 000000000 ____D C:\Users\Manuel\Downloads\Wolfcop [1080p][Castellano][wWw.EliteTorrent.BiZ] 2018-10-08 08:06 - 2018-10-08 08:06 - 000000000 ____D C:\Users\Manuel\Downloads\Aterrados [HDRip][Latino][wWw.EliteTorrent.BiZ] 2018-10-08 08:05 - 2018-10-23 23:48 - 000000000 ____D C:\Users\Manuel\AppData\Roaming\3fea81258d2844d38df6f3ab2c969fd8 2018-10-08 08:05 - 2018-10-23 04:43 - 000000000 ___HD C:\MANOLO 2018-10-03 08:08 - 2018-10-03 08:08 - 000000000 ___HD C:\OneDriveTemp 2018-10-03 06:19 - 2018-10-03 06:19 - 000000000 ____D C:\ProgramData\Microsoft OneDrive 2018-10-03 06:14 - 2018-10-03 06:14 - 000000020 ___SH C:\Users\Manuel\ntuser.ini 2018-10-03 06:13 - 2018-10-23 23:39 - 000004198 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{7C84B02F-9997-445C-BEFC-2BEF61ACE168} 2018-10-03 06:13 - 2018-10-23 03:22 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2018-10-03 06:13 - 2018-10-21 05:50 - 000003356 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-137577715-180173904-379872953-1002 2018-10-03 06:13 - 2018-10-18 00:14 - 000003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update 2018-10-03 06:13 - 2018-10-03 06:13 - 000004154 _____ C:\WINDOWS\System32\Tasks\Software Update Application 2018-10-03 06:13 - 2018-10-03 06:13 - 000003742 _____ C:\WINDOWS\System32\Tasks\ACCAgent 2018-10-03 06:13 - 2018-10-03 06:13 - 000003548 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2018-10-03 06:13 - 2018-10-03 06:13 - 000003324 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2018-10-03 06:13 - 2018-10-03 06:13 - 000003094 _____ C:\WINDOWS\System32\Tasks\IntelTA-Upgrade-56460984-97c2-4bc7-a632-d776cf817f5d 2018-10-03 06:13 - 2018-10-03 06:13 - 000003042 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 2018-10-03 06:13 - 2018-10-03 06:13 - 000002806 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-137577715-180173904-379872953-1002 2018-10-03 06:13 - 2018-10-03 06:13 - 000002796 _____ C:\WINDOWS\System32\Tasks\ACC 2018-10-03 06:13 - 2018-10-03 06:13 - 000002762 _____ C:\WINDOWS\System32\Tasks\BacKGroundAgent 2018-10-03 06:13 - 2018-10-03 06:13 - 000002744 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-137577715-180173904-379872953-500 2018-10-03 06:13 - 2018-10-03 06:13 - 000002728 _____ C:\WINDOWS\System32\Tasks\IntelTA-Upgrade-56460984-97c2-4bc7-a632-d776cf817f5d-Logon 2018-10-03 06:13 - 2018-10-03 06:13 - 000002680 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon 2018-10-03 06:13 - 2018-10-03 06:13 - 000002634 _____ C:\WINDOWS\System32\Tasks\SweetLabs App Platform 2018-10-03 06:13 - 2018-10-03 06:13 - 000002550 _____ C:\WINDOWS\System32\Tasks\abDocsDllLoader 2018-10-03 06:13 - 2018-10-03 06:13 - 000002274 _____ C:\WINDOWS\System32\Tasks\DolbySelectorTask 2018-10-03 06:13 - 2018-10-03 06:13 - 000002214 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC 2018-10-03 06:13 - 2018-10-03 06:13 - 000002182 _____ C:\WINDOWS\System32\Tasks\Quick Access Quick Launcher 2018-10-03 06:13 - 2018-10-03 06:13 - 000002096 _____ C:\WINDOWS\System32\Tasks\Power Management 2018-10-03 06:13 - 2018-10-03 06:13 - 000002070 _____ C:\WINDOWS\System32\Tasks\Launch Manager 2018-10-03 06:13 - 2018-10-03 06:13 - 000002062 _____ C:\WINDOWS\System32\Tasks\Quick Access 2018-10-03 06:13 - 2018-10-03 06:13 - 000000000 ____D C:\WINDOWS\System32\Tasks\WPD 2018-10-03 06:13 - 2018-10-03 06:13 - 000000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking 2018-10-03 06:13 - 2018-10-03 06:13 - 000000000 ____D C:\WINDOWS\System32\Tasks\Recovery Management 2018-10-03 06:13 - 2018-10-03 06:13 - 000000000 ____D C:\WINDOWS\System32\Tasks\McAfee 2018-10-03 06:13 - 2018-10-03 06:13 - 000000000 ____D C:\WINDOWS\System32\Tasks\Intel 2018-10-03 06:13 - 2014-08-15 14:11 - 000003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2750107229-3055373040-2973296793-500 2018-10-03 06:13 - 2014-07-25 22:41 - 000003592 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-729939966-155158532-1426229192-500 2018-10-03 06:11 - 2018-10-03 06:13 - 000015243 _____ C:\WINDOWS\diagwrn.xml 2018-10-03 06:11 - 2018-10-03 06:13 - 000015243 _____ C:\WINDOWS\diagerr.xml 2018-10-03 06:01 - 2018-10-23 03:28 - 001773362 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2018-10-03 06:01 - 2018-10-03 06:01 - 000000020 ___SH C:\Users\UpdatusUser\ntuser.ini 2018-10-03 05:58 - 2018-10-03 05:58 - 000000020 ___SH C:\Users\NeroMediaHomeUser.4.Manolo\ntuser.ini 2018-10-03 05:54 - 2018-10-03 05:54 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2018-10-03 05:52 - 2018-10-03 05:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby 2018-10-03 05:52 - 2018-10-03 05:52 - 000000000 ____D C:\Program Files\Dolby Digital Plus 2018-10-03 05:51 - 2018-10-03 05:51 - 000000000 ____D C:\Program Files (x86)\VulkanRT 2018-10-03 05:51 - 2016-09-09 19:25 - 000269600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2018-10-03 05:51 - 2016-09-09 19:25 - 000261920 _____ C:\WINDOWS\system32\vulkan-1.dll 2018-10-03 05:51 - 2016-09-09 19:25 - 000110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2018-10-03 05:51 - 2016-09-09 19:24 - 000125216 _____ C:\WINDOWS\system32\vulkaninfo.exe 2018-10-03 05:50 - 2018-10-03 05:50 - 000000000 ____D C:\ProgramData\USOShared 2018-10-03 05:49 - 2018-09-15 08:28 - 002864640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2018-10-03 05:49 - 2015-09-30 21:39 - 000105472 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL 2018-10-03 05:49 - 2015-09-30 21:39 - 000099856 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL 2018-10-03 05:44 - 2018-10-23 11:10 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2018-10-03 05:43 - 2018-10-17 23:56 - 000275744 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2018-10-03 04:57 - 2018-10-03 05:42 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate 2018-10-03 04:54 - 2018-10-21 05:49 - 000002436 _____ C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2018-10-03 04:54 - 2018-10-03 06:14 - 000000000 ____D C:\Users\Manuel 2018-10-03 04:54 - 2018-10-03 06:05 - 000000000 ____D C:\Users\UpdatusUser 2018-10-03 04:54 - 2018-10-03 06:01 - 000000000 ____D C:\Users\NeroMediaHomeUser.4.Manolo 2018-10-03 04:54 - 2018-10-03 04:54 - 000000000 _SHDL C:\Users\UpdatusUser\Reciente 2018-10-03 04:54 - 2018-10-03 04:54 - 000000000 _SHDL C:\Users\UpdatusUser\Plantillas 2018-10-03 04:54 - 2018-10-03 04:54 - 000000000 _SHDL C:\Users\UpdatusUser\Mis documentos 2018-10-03 04:54 - 2018-10-03 04:54 - 000000000 _SHDL C:\Users\UpdatusUser\Menú Inicio 2018-10-03 04:54 - 2018-10-03 04:54 - 000000000 _SHDL C:\Users\UpdatusUser\Impresoras 2018-10-03 04:54 - 2018-10-03 04:54 - 000000000 _SHDL C:\Users\UpdatusUser\Entorno de red 2018-10-03 04:54 - 2018-10-03 04:54 - 000000000 _SHDL C:\Users\UpdatusUser\Documents\Mis vídeos 2018-10-03 04:54 - 2018-10-03 04:54 - 000000000 _SHDL C:\Users\UpdatusUser\Documents\Mis imágenes 2018-10-03 04:54 - 2018-10-03 04:54 - 000000000 _SHDL C:\Users\UpdatusUser\Documents\Mi música 2018-10-03 04:54 - 2018-10-03 04:54 - 000000000 _SHDL C:\Users\UpdatusUser\Datos de programa 2018-10-03 04:54 - 2018-10-03 04:54 - 000000000 _SHDL C:\Users\UpdatusUser\Configuración local 2018-10-03 04:54 - 2018-10-03 04:54 - 000000000 _SHDL C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programas 2018-10-03 04:54 - 2018-10-03 04:54 - 000000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Historial 2018-10-03 04:54 - 2018-10-03 04:54 - 000000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Datos de programa 2018-10-03 04:54 - 2018-10-03 04:54 - 000000000 _SHDL C:\Users\UpdatusUser\AppData\Local\Archivos temporales de Internet 2018-10-03 04:54 - 2018-10-03 04:54 - 000000000 _SHDL C:\Users\NeroMediaHomeUser.4.Manolo\Reciente 2018-10-03 04:54 - 2018-10-03 04:54 - 000000000 _SHDL C:\Users\NeroMediaHomeUser.4.Manolo\Plantillas 2018-10-03 04:54 - 2018-10-03 04:54 - 000000000 _SHDL C:\Users\NeroMediaHomeUser.4.Manolo\Mis documentos 2018-10-03 04:54 - 2018-10-03 04:54 - 000000000 _SHDL C:\Users\NeroMediaHomeUser.4.Manolo\Menú Inicio 2018-10-03 04:54 - 2018-10-03 04:54 - 000000000 _SHDL C:\Users\NeroMediaHomeUser.4.Manolo\Impresoras 2018-10-03 04:54 - 2018-10-03 04:54 - 000000000 _SHDL C:\Users\NeroMediaHomeUser.4.Manolo\Entorno de red 2018-10-03 04:54 - 2018-10-03 04:54 - 000000000 _SHDL C:\Users\NeroMediaHomeUser.4.Manolo\Documents\Mis vídeos 2018-10-03 04:54 - 2018-10-03 04:54 - 000000000 _SHDL C:\Users\NeroMediaHomeUser.4.Manolo\Documents\Mis imágenes 2018-10-03 04:54 - 2018-10-03 04:54 - 000000000 _SHDL C:\Users\NeroMediaHomeUser.4.Manolo\Documents\Mi música 2018-10-03 04:54 - 2018-10-03 04:54 - 000000000 _SHDL C:\Users\NeroMediaHomeUser.4.Manolo\Datos de programa 2018-10-03 04:54 - 2018-10-03 04:54 - 000000000 _SHDL C:\Users\NeroMediaHomeUser.4.Manolo\Configuración local 2018-10-03 04:54 - 2018-10-03 04:54 - 000000000 _SHDL C:\Users\NeroMediaHomeUser.4.Manolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programas 2018-10-03 04:54 - 2018-10-03 04:54 - 000000000 _SHDL C:\Users\NeroMediaHomeUser.4.Manolo\AppData\Local\Historial 2018-10-03 04:54 - 2018-10-03 04:54 - 000000000 _SHDL C:\Users\NeroMediaHomeUser.4.Manolo\AppData\Local\Datos de programa 2018-10-03 04:54 - 2018-10-03 04:54 - 000000000 _SHDL C:\Users\NeroMediaHomeUser.4.Manolo\AppData\Local\Archivos temporales de Internet 2018-10-03 04:54 - 2018-10-03 04:54 - 000000000 _SHDL C:\Users\Manuel\Reciente 2018-10-03 04:54 - 2018-10-03 04:54 - 000000000 _SHDL C:\Users\Manuel\Plantillas 2018-10-03 04:54 - 2018-10-03 04:54 - 000000000 _SHDL C:\Users\Manuel\Mis documentos 2018-10-03 04:54 - 2018-10-03 04:54 - 000000000 _SHDL C:\Users\Manuel\Menú Inicio 2018-10-03 04:54 - 2018-10-03 04:54 - 000000000 _SHDL C:\Users\Manuel\Impresoras 2018-10-03 04:54 - 2018-10-03 04:54 - 000000000 _SHDL C:\Users\Manuel\Entorno de red 2018-10-03 04:54 - 2018-10-03 04:54 - 000000000 _SHDL C:\Users\Manuel\Datos de programa 2018-10-03 04:54 - 2018-10-03 04:54 - 000000000 _SHDL C:\Users\Manuel\Configuración local 2018-10-03 04:54 - 2018-10-03 04:54 - 000000000 _SHDL C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programas 2018-10-03 04:54 - 2018-10-03 04:54 - 000000000 _SHDL C:\Users\Manuel\AppData\Local\Historial 2018-10-03 04:54 - 2018-10-03 04:54 - 000000000 _SHDL C:\Users\Manuel\AppData\Local\Datos de programa 2018-10-03 04:54 - 2018-10-03 04:54 - 000000000 _SHDL C:\Users\Manuel\AppData\Local\Archivos temporales de Internet 2018-10-03 04:54 - 2018-09-15 08:29 - 000001105 _____ C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2018-10-03 04:54 - 2018-09-15 08:29 - 000001105 _____ C:\Users\NeroMediaHomeUser.4.Manolo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2018-10-03 04:52 - 2018-10-03 04:57 - 000000000 ____D C:\WINDOWS\ServiceProfiles 2018-10-03 04:50 - 2018-10-03 04:50 - 004488192 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe 2018-10-03 04:50 - 2018-10-03 04:50 - 003442176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe 2018-10-03 04:50 - 2018-10-03 04:50 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsFilt.dll 2018-10-03 04:50 - 2018-10-03 04:50 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsFilt.dll 2018-10-03 04:50 - 2018-10-03 04:50 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\XPSSHHDR.dll 2018-10-03 04:50 - 2018-10-03 04:50 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XPSSHHDR.dll 2018-10-03 04:50 - 2018-10-03 04:50 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml 2018-10-03 04:50 - 2018-10-03 04:50 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml 2018-10-03 04:49 - 2018-10-03 04:49 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer 2018-10-03 04:49 - 2018-10-03 04:49 - 000000000 ____D C:\Program Files\Reference Assemblies 2018-10-03 04:49 - 2018-10-03 04:49 - 000000000 ____D C:\Program Files\MSBuild 2018-10-03 04:49 - 2018-10-03 04:49 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies 2018-10-03 04:49 - 2018-10-03 04:49 - 000000000 ____D C:\Program Files (x86)\MSBuild 2018-10-03 04:48 - 2018-10-03 04:48 - 001167960 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll 2018-10-03 04:48 - 2018-10-03 04:48 - 000780376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll 2018-10-03 04:48 - 2018-10-03 04:48 - 000126064 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll 2018-10-03 04:48 - 2018-10-03 04:48 - 000104560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2018-10-03 04:48 - 2018-10-03 04:48 - 000036896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe 2018-10-03 04:48 - 2018-10-03 04:48 - 000035440 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe 2018-10-03 04:30 - 2018-10-03 04:30 - 000008192 _____ C:\WINDOWS\system32\config\userdiff 2018-10-03 03:20 - 2018-10-18 00:20 - 000000000 ___DC C:\WINDOWS\Panther ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-10-23 23:35 - 2017-09-25 04:51 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2018-10-23 23:35 - 2015-03-11 20:12 - 000000000 __SHD C:\Users\Manuel\IntelGraphicsProfiles 2018-10-23 11:45 - 2017-08-05 14:32 - 000000000 ____D C:\Users\Manuel\AppData\Roaming\vlc 2018-10-23 03:48 - 2015-05-30 19:57 - 000000000 ____D C:\Users\Manuel\AppData\Roaming\uTorrent 2018-10-23 03:47 - 2018-09-15 08:31 - 000000000 ____D C:\WINDOWS\INF 2018-10-23 03:45 - 2015-05-15 23:41 - 000000000 ____D C:\Users\Manuel\Desktop\neo 2018-10-23 03:28 - 2018-09-15 17:36 - 000789634 _____ C:\WINDOWS\system32\perfh00A.dat 2018-10-23 03:28 - 2018-09-15 17:36 - 000155888 _____ C:\WINDOWS\system32\perfc00A.dat 2018-10-23 03:26 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2018-10-23 03:22 - 2016-09-29 16:20 - 000000000 ____D C:\ProgramData\NVIDIA 2018-10-23 03:21 - 2018-09-15 07:09 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2018-10-23 03:14 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated 2018-10-23 00:22 - 2018-09-18 14:52 - 000000000 ____D C:\Users\Manuel\AppData\LocalLow\Mozilla 2018-10-22 23:46 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps 2018-10-22 23:46 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\AppReadiness 2018-10-22 23:41 - 2018-07-10 21:58 - 000000000 ____D C:\ProgramData\Packages 2018-10-22 23:32 - 2018-04-09 15:41 - 000000000 ____D C:\Users\Manuel\AppData\LocalLow\uTorrent 2018-10-22 03:07 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\appcompat 2018-10-21 15:32 - 2016-04-15 02:41 - 000000000 ____D C:\Users\Manuel\AppData\Local\ESET 2018-10-21 06:22 - 2018-04-14 16:10 - 000000000 ____D C:\Users\Manuel\AppData\Roaming\dvdcss 2018-10-21 05:50 - 2016-01-19 05:52 - 000000000 ___RD C:\Users\Manuel\OneDrive 2018-10-18 03:24 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\Macromed 2018-10-18 03:14 - 2017-01-29 16:03 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2018-10-18 01:25 - 2018-09-15 08:23 - 000000000 ____D C:\WINDOWS\CbsTemp 2018-10-18 01:25 - 2018-09-15 07:09 - 000000000 ____D C:\WINDOWS\servicing 2018-10-18 01:01 - 2016-01-26 06:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2018-10-18 01:01 - 2016-01-26 06:25 - 000000000 ____D C:\Program Files (x86)\Java 2018-10-18 00:58 - 2016-01-26 06:26 - 000098680 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2018-10-18 00:21 - 2016-11-09 01:04 - 000000000 ____D C:\Users\Manuel\AppData\Roaming\VSO 2018-10-18 00:21 - 2016-11-09 01:04 - 000000000 ____D C:\ProgramData\VSO 2018-10-18 00:01 - 2017-10-20 04:18 - 000000000 ___RD C:\Users\Manuel\3D Objects 2018-10-18 00:01 - 2015-03-12 02:13 - 000000000 __RHD C:\Users\Public\AccountPictures 2018-10-17 23:54 - 2018-09-15 17:38 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2018-10-17 23:54 - 2018-09-15 17:38 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2018-10-17 23:54 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\appraiser 2018-10-17 23:54 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\bcastdvr 2018-10-17 23:46 - 2015-03-15 20:30 - 000000000 ____D C:\WINDOWS\system32\MRT 2018-10-17 23:21 - 2015-03-15 20:30 - 136745976 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2018-10-08 08:04 - 2015-03-15 22:43 - 000000000 ____D C:\Users\Manuel\AppData\Local\JDownloader v2.0 2018-10-08 07:35 - 2018-09-18 14:51 - 000000000 ____D C:\Program Files\Mozilla Firefox 2018-10-08 07:35 - 2018-09-18 14:51 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2018-10-08 05:49 - 2017-05-19 21:25 - 000000000 ____D C:\Users\Manuel\Documents\ConvertXToDVD 2018-10-08 03:40 - 2018-09-18 14:51 - 000001009 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2018-10-03 06:34 - 2017-10-20 03:43 - 000000000 ____D C:\Users\Manuel\AppData\Local\Packages 2018-10-03 06:18 - 2017-10-20 04:20 - 000000000 ___HD C:\Users\Manuel\MicrosoftEdgeBackups 2018-10-03 06:15 - 2016-09-30 01:03 - 000000000 ____D C:\Users\Manuel\AppData\Local\ConnectedDevicesPlatform 2018-10-03 06:13 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\Registration 2018-10-03 06:13 - 2018-09-15 08:33 - 000000000 ____D C:\Program Files\windows nt 2018-10-03 06:13 - 2018-09-15 08:33 - 000000000 ____D C:\Program Files\Windows Defender 2018-10-03 06:13 - 2018-09-15 07:09 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2018-10-03 06:07 - 2018-09-15 08:33 - 000000000 ___RD C:\WINDOWS\PrintDialog 2018-10-03 06:05 - 2016-01-19 05:40 - 000023172 _____ C:\WINDOWS\system32\emptyregdb.dat 2018-10-03 06:01 - 2018-01-31 02:21 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2018-10-03 05:51 - 2017-09-25 04:52 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM 2018-10-03 05:51 - 2017-09-25 04:52 - 000000000 ____D C:\WINDOWS\system32\DAX2 2018-10-03 05:50 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\USOPrivate 2018-10-03 05:50 - 2017-09-25 04:52 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2018-10-03 05:50 - 2017-09-25 04:51 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat 2018-10-03 05:49 - 2017-09-25 04:51 - 000000000 ____D C:\WINDOWS\SysWOW64\sda 2018-10-03 05:47 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\ServiceState 2018-10-03 05:43 - 2018-09-15 08:31 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template 2018-10-03 05:42 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase 2018-10-03 05:42 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\spool 2018-10-03 05:42 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\oobe 2018-10-03 05:42 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\NDF 2018-10-03 05:42 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\InputMethod 2018-10-03 05:42 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\AppLocker 2018-10-03 05:42 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2018-10-03 05:42 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\InputMethod 2018-10-03 05:42 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\Help 2018-10-03 05:42 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\Cursors 2018-10-03 05:42 - 2018-09-15 08:33 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2018-10-03 05:42 - 2018-04-07 13:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google 2018-10-03 05:42 - 2017-12-06 03:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDisplay 2018-10-03 05:42 - 2017-10-24 04:12 - 000000000 ____D C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2018-10-03 05:42 - 2017-10-24 04:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2018-10-03 05:42 - 2017-09-25 04:51 - 000000000 ____D C:\Program Files\Intel 2018-10-03 05:42 - 2017-08-05 14:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2018-10-03 05:42 - 2017-07-11 13:37 - 000000000 ____D C:\Program Files\UNP 2018-10-03 05:42 - 2017-01-29 07:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2018-10-03 05:42 - 2016-09-26 15:34 - 000000000 ____D C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Isla de Mouro 2018-10-03 05:42 - 2016-01-28 00:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee 2018-10-03 05:42 - 2016-01-26 06:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2018-10-03 05:42 - 2015-10-21 03:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2018-10-03 05:42 - 2015-03-21 07:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 2018-10-03 05:42 - 2015-03-16 02:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Auto Shutdown 2018-10-03 05:42 - 2015-03-15 22:46 - 000000000 ____D C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader 2018-10-03 05:42 - 2015-03-15 19:56 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 12 2018-10-03 05:42 - 2015-03-11 20:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net 2018-10-03 05:42 - 2015-03-11 20:13 - 000000000 ____D C:\WINDOWS\oem 2018-10-03 05:42 - 2014-07-25 22:24 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2018-10-03 05:42 - 2014-07-25 22:23 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 10 2018-10-03 05:42 - 2014-07-25 22:22 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PhotoDirector 3 2018-10-03 05:42 - 2014-07-25 22:21 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer 2018-10-03 05:42 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared 2018-10-03 05:42 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared 2018-10-03 05:23 - 2018-09-15 08:36 - 000000000 ____D C:\WINDOWS\Setup 2018-10-03 05:05 - 2018-09-15 08:33 - 000000000 __RHD C:\Users\Public\Libraries 2018-10-03 05:05 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\InfusedApps 2018-10-03 05:01 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV 2018-10-03 05:01 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT 2018-10-03 05:01 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE 2018-10-03 05:01 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2018-10-03 05:01 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\lv-LV 2018-10-03 05:01 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2018-10-03 05:01 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\et-EE 2018-10-03 04:57 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\Resources 2018-10-03 04:57 - 2018-06-06 05:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET 2018-10-03 04:57 - 2017-09-25 04:52 - 000000000 ____D C:\Program Files\Realtek 2018-10-03 04:57 - 2017-05-19 21:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSO 2018-10-03 04:57 - 2015-03-14 11:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel 2018-10-03 04:50 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX 2018-10-03 04:50 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\es-MX 2018-10-03 04:49 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI 2018-10-03 04:49 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\MUI 2018-10-03 03:03 - 2018-07-01 21:35 - 000000000 ____D C:\Users\Manuel\Desktop\nuevo 2018-10-03 02:47 - 2018-04-12 16:26 - 000188824 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys 2018-10-03 02:47 - 2018-04-12 16:26 - 000141512 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys 2018-10-03 02:47 - 2018-04-12 16:26 - 000109864 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys 2018-10-03 02:47 - 2018-04-12 16:26 - 000109232 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys 2018-10-03 02:47 - 2018-04-12 16:26 - 000082304 _____ (ESET) C:\WINDOWS\system32\Drivers\epfw.sys 2018-10-03 02:47 - 2018-04-12 16:26 - 000050144 _____ (ESET) C:\WINDOWS\system32\Drivers\ekbdflt.sys ==================== Files in the root of some directories ======= 2016-01-25 16:41 - 2016-01-25 16:41 - 000000112 _____ () C:\Users\Manuel\DISABLEWP.BAT 2016-11-09 01:04 - 2017-05-19 21:26 - 000099384 _____ () C:\Users\Manuel\AppData\Roaming\inst.exe 2016-11-09 01:04 - 2017-05-19 21:26 - 000007859 _____ () C:\Users\Manuel\AppData\Roaming\pcouffin.cat 2016-11-09 01:04 - 2017-05-19 21:26 - 000001167 _____ () C:\Users\Manuel\AppData\Roaming\pcouffin.inf 2016-11-09 01:04 - 2017-05-19 21:26 - 000000055 _____ () C:\Users\Manuel\AppData\Roaming\pcouffin.log 2016-11-09 01:04 - 2017-05-19 21:26 - 000082816 _____ (VSO Software) C:\Users\Manuel\AppData\Roaming\pcouffin.sys 2016-01-26 05:51 - 2016-01-26 05:51 - 000000001 _____ () C:\Users\Manuel\AppData\Local\llftool.4.40.agreement ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End of FRST.txt ============================