Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.03.2019 Ran by Carolina (administrator) on LAPTOP-A6AK8O9F (27-03-2019 15:31:16) Running from C:\Users\Carolina\Downloads Loaded Profiles: Carolina & openpgsvc (Available Profiles: Carolina & openpgsvc) Platform: Windows 10 Home Version 1809 17763.379 (X64) Language: Español (España, internacional) Default browser: Chrome Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6d34ac0763025a06\igfxCUIService.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6d34ac0763025a06\IntelCpHDCPSvc.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (Tim Kosse -> FileZilla Project) C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe (Lenovo -> Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe (SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\ibtsiva.exe (Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1902.2-0\MsMpEng.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6d34ac0763025a06\IntelCpHeciSvc.exe (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\11.2.0\server\bin\TNSLSNR.EXE (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe () [File not signed] C:\Program Files (x86)\Odoo 10.0\service\win32_service.exe (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\11.2.0\server\bin\oracle.exe () [File not signed] C:\Program Files\MySQL\MySQL Server 8.0\bin\mysqld.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (PostgreSQL Global Development Group) [File not signed] C:\Program Files (x86)\Odoo 10.0\PostgreSQL\bin\pg_ctl.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe () [File not signed] C:\Program Files (x86)\Odoo 10.0\server\odoo-bin.exe (PostgreSQL Global Development Group) [File not signed] C:\Program Files (x86)\Odoo 10.0\PostgreSQL\bin\postgres.exe () [File not signed] C:\Program Files\MySQL\MySQL Server 8.0\bin\mysqld.exe (PostgreSQL Global Development Group) [File not signed] C:\Program Files (x86)\Odoo 10.0\PostgreSQL\bin\postgres.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (PostgreSQL Global Development Group) [File not signed] C:\Program Files (x86)\Odoo 10.0\PostgreSQL\bin\postgres.exe (PostgreSQL Global Development Group) [File not signed] C:\Program Files (x86)\Odoo 10.0\PostgreSQL\bin\postgres.exe (PostgreSQL Global Development Group) [File not signed] C:\Program Files (x86)\Odoo 10.0\PostgreSQL\bin\postgres.exe (PostgreSQL Global Development Group) [File not signed] C:\Program Files (x86)\Odoo 10.0\PostgreSQL\bin\postgres.exe (PostgreSQL Global Development Group) [File not signed] C:\Program Files (x86)\Odoo 10.0\PostgreSQL\bin\postgres.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1902.2-0\NisSrv.exe (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe (Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe (Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Lenovo -> Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_6d34ac0763025a06\igfxEM.exe (Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe () [File not signed] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19031.57.0_x64__8wekyb3d8bbwe\YourPhone.exe () [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.41.54.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD14\PDVD14Serv.exe (Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.41.54.0_x64__kzf8qxf38zg5c\SkypeApp.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (LENOVO -> Lenovo(beijing) Limited) C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe (Dolby Laboratories, Inc. -> ) C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe (Microsoft Corporation -> Microsoft Corporation) C:\Users\Carolina\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe (Support.com, Inc. -> SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Apple Inc. -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.41.54.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe (CyberLink Corp. -> CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1882168 2017-02-23] (NVIDIA Corporation -> NVIDIA Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391088 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506376 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506376 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [LenovoUtility] => C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe [894376 2017-07-05] (LENOVO -> Lenovo(beijing) Limited) HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [829632 2016-06-24] (Dolby Laboratories, Inc. -> ) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard) HKLM-x32\...\Run: [FileZilla Server Interface] => C:\Program Files (x86)\FileZilla Server\FileZilla Server Interface.exe [2770088 2017-02-08] (Tim Kosse -> FileZilla Project) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601928 2018-12-15] (Oracle America, Inc. -> Oracle Corporation) HKU\S-1-5-21-3264493433-3611251206-197929902-1001\...\Run: [HP Photosmart 5520 series (NET)] => C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.) HKU\S-1-5-21-3264493433-3611251206-197929902-1001\...\Run: [Discord] => C:\Users\Carolina\AppData\Local\Discord\app-0.0.304\Discord.exe [81747288 2019-01-15] (Discord Inc. -> Discord Inc.) HKU\S-1-5-21-3264493433-3611251206-197929902-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22488952 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-3264493433-3611251206-197929902-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [9001904 2019-02-11] (Support.com, Inc. -> SUPERAntiSpyware) HKU\S-1-5-21-3264493433-3611251206-197929902-1004\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2018-09-15] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.86\Installer\chrmstp.exe [2019-03-26] (Google LLC -> Google Inc.) Startup: C:\Users\Carolina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Enviar a OneNote.lnk [2018-10-17] ShortcutTarget: Enviar a OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 62.81.16.148 62.81.16.213 Tcpip\..\Interfaces\{d906360d-784a-47f7-a5d0-357d2654310e}: [DhcpNameServer] 192.168.28.1 Tcpip\..\Interfaces\{ee5df3d1-0c83-4d1e-bb2a-591c1e7dea8b}: [DhcpNameServer] 62.81.16.148 62.81.16.213 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-3264493433-3611251206-197929902-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE HKU\S-1-5-21-3264493433-3611251206-197929902-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE HKU\S-1-5-21-3264493433-3611251206-197929902-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com SearchScopes: HKU\S-1-5-21-3264493433-3611251206-197929902-1001 -> DefaultScope {287912D9-2B15-40A4-A319-9AEF892ED64F} URL = SearchScopes: HKU\S-1-5-21-3264493433-3611251206-197929902-1001 -> {287912D9-2B15-40A4-A319-9AEF892ED64F} URL = BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2019-03-16] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_201\bin\ssv.dll [2019-02-10] (Oracle America, Inc. -> Oracle Corporation) BHO: No Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> No File BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-02-10] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-03-07] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-01-21] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: No Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> No File BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-01-21] (Oracle America, Inc. -> Oracle Corporation) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-07] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-03-16] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-07] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-03-16] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-07] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-03-16] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-07] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-03-16] (Microsoft Corporation -> Microsoft Corporation) FireFox: ======== FF Plugin: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-02-10] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-02-10] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-03-07] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-01-21] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-01-21] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-03-07] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-03-07] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc -> Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc -> Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems, Incorporated -> Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Default CHR StartupUrls: Default -> "hxxps://www.google.es/" CHR Profile: C:\Users\Carolina\AppData\Local\Google\Chrome\User Data\Default [2019-03-27] CHR Extension: (Presentaciones) - C:\Users\Carolina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-21] CHR Extension: (Documentos) - C:\Users\Carolina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-21] CHR Extension: (Google Drive) - C:\Users\Carolina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17] CHR Extension: (YouTube) - C:\Users\Carolina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-01-21] CHR Extension: (Hojas de cálculo) - C:\Users\Carolina\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-21] CHR Extension: (Documentos de Google sin conexión) - C:\Users\Carolina\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-09] CHR Extension: (Avast Online Security) - C:\Users\Carolina\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-02-22] CHR Extension: (Player para ver Movistar+) - C:\Users\Carolina\AppData\Local\Google\Chrome\User Data\Default\Extensions\kenfcfndncbbggmafjjeihkdclggbojn [2019-03-07] CHR Extension: (Discord Screen Sharing) - C:\Users\Carolina\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcbhdgefieegnkbopmgklhlpjjdgmbog [2018-05-22] CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Carolina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04] CHR Extension: (Gmail) - C:\Users\Carolina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-01-21] CHR Extension: (Chrome Media Router) - C:\Users\Carolina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-27] CHR Profile: C:\Users\Carolina\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-03-14] CHR Profile: C:\Users\Carolina\AppData\Local\Google\Chrome\User Data\System Profile [2019-03-14] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-31] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7013384 2018-03-24] (BattlEye Innovations e.K. -> ) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11129928 2019-03-06] (Microsoft Corporation -> Microsoft Corporation) R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2018-09-25] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [774272 2018-03-24] (EasyAntiCheat Oy -> EasyAntiCheat Ltd) R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144608 2017-01-23] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) R2 FileZilla Server; C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe [859304 2017-02-08] (Tim Kosse -> FileZilla Project) R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [507000 2017-04-27] (Intel Corporation - pGFX -> Intel Corporation) R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [71336 2019-01-07] (Lenovo -> Lenovo Group Ltd.) R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21304 2017-09-28] (Microsoft Corporation -> Microsoft Corporation) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes) R2 MySQL80; C:\Program Files\MySQL\MySQL Server 8.0\bin\mysqld.exe [45210624 2018-06-28] () [File not signed] S3 MySQLRouter; C:\Program Files\MySQL\MySQL Router 8.0\bin\mysqlrouter.exe [538112 2018-06-27] () [File not signed] R2 odoo-server-10.0; C:\Program Files (x86)\Odoo 10.0\service\win32_service.exe [23552 2019-01-30] () [File not signed] S4 OracleJobSchedulerXE; c:\oraclexe\app\oracle\product\11.2.0\server\Bin\extjob.exe [45568 2014-05-29] () [File not signed] S3 OracleMTSRecoveryService; C:\oraclexe\app\oracle\product\11.2.0\server\BIN\omtsreco.exe [81408 2014-05-29] (Oracle Corporation) [File not signed] R2 OracleServiceXE; c:\oraclexe\app\oracle\product\11.2.0\server\bin\ORACLE.EXE [147110912 2014-05-30] (Oracle Corporation) [File not signed] S3 OracleXEClrAgent; C:\oraclexe\app\oracle\product\11.2.0\server\bin\OraClrAgnt.exe [83968 2014-05-29] (Oracle Corporation) [File not signed] R2 OracleXETNSListener; C:\oraclexe\app\oracle\product\11.2.0\server\BIN\tnslsnr.exe [522240 2014-05-29] (Oracle Corporation) [File not signed] R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [268336 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor) S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [187904 2017-09-28] (Microsoft Corporation) [File not signed] S3 wampapache64; c:\wamp64\bin\apache\apache2.4.35\bin\httpd.exe [29696 2018-09-19] (Apache Software Foundation) [File not signed] S3 wampmariadb64; c:\wamp64\bin\mariadb\mariadb10.3.9\bin\mysqld.exe [15788968 2018-08-14] (MariaDB Corporation Ab -> ) S3 wampmysqld64; c:\wamp64\bin\mysql\mysql5.7.23\bin\mysqld.exe [39626752 2018-06-08] () [File not signed] R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\NisSrv.exe [4098064 2019-02-22] (Microsoft Corporation -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MsMpEng.exe [113992 2019-02-22] (Microsoft Corporation -> Microsoft Corporation) S3 NvContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 S3 NvContainerNetworkService; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000 R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin" R2 PostgreSQL_For_Odoo; "C:\Program Files (x86)\Odoo 10.0\PostgreSQL\bin\pg_ctl.exe" runservice -N "PostgreSQL_For_Odoo" -D "C:\Program Files (x86)\Odoo 10.0\PostgreSQL\data" -w ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R3 ETDHCF; C:\WINDOWS\System32\drivers\ETDHCF.sys [28752 2017-01-23] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [244744 2017-04-27] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [274416 2019-03-24] (Malwarebytes Corporation -> Malwarebytes) R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [8614464 2018-05-02] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvlt.inf_amd64_a061a5d566db3269\nvlddmkm.sys [17038280 2018-03-16] (NVIDIA Corporation -> NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [29240 2017-02-23] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [47672 2017-02-23] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [59448 2017-02-23] (NVIDIA Corporation -> NVIDIA Corporation) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [950784 2017-02-06] (Realtek Semiconductor Corp. -> Realtek ) S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [418784 2016-10-27] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation) R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3224576 2016-12-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46472 2019-02-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [333792 2019-02-22] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62432 2019-02-22] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-03-27 15:31 - 2019-03-27 15:33 - 000028553 _____ C:\Users\Carolina\Downloads\FRST.txt 2019-03-27 15:30 - 2019-03-27 15:31 - 000000000 ____D C:\FRST 2019-03-27 15:25 - 2019-03-27 15:25 - 002434048 _____ (Farbar) C:\Users\Carolina\Downloads\FRST64.exe 2019-03-24 18:46 - 2019-03-24 18:46 - 000000000 ___HD C:\OneDriveTemp 2019-03-24 16:14 - 2019-03-24 16:14 - 000274416 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2019-03-24 15:33 - 2019-03-24 15:33 - 000000000 ____D C:\Users\Carolina\Apple 2019-03-24 15:26 - 2019-03-24 15:26 - 000000000 ____D C:\ProgramData\Apple Computer 2019-03-24 15:26 - 2019-03-24 15:26 - 000000000 ____D C:\ProgramData\Apple 2019-03-18 20:01 - 2019-03-18 20:01 - 000219562 _____ C:\Users\Carolina\Downloads\De la toile au nuage qu'est ce que le Cloud computing.pdf 2019-03-18 19:15 - 2019-03-18 19:16 - 022340390 _____ C:\Users\Carolina\Downloads\abc_DELF_B2_corrig_233_s(1).pdf 2019-03-15 17:00 - 2019-03-15 17:00 - 000039213 _____ C:\Users\Carolina\Desktop\Compromiso de confidencialidad fct nuevo.pdf 2019-03-15 16:55 - 2019-03-15 16:55 - 000226849 _____ C:\Users\Carolina\Downloads\Compromiso de confidencialidad fct nuevo.pdf 2019-03-14 18:48 - 2019-03-14 18:48 - 000343203 _____ C:\Users\Carolina\Desktop\WhatsApp Image 2019-03-14 at 18.43.54.jpeg 2019-03-14 18:48 - 2019-03-14 18:48 - 000161635 _____ C:\Users\Carolina\Desktop\WhatsApp Image 2019-03-14 at 18.44.29.jpeg 2019-03-14 17:05 - 2019-03-14 17:05 - 007316688 _____ (Malwarebytes) C:\Users\Carolina\Downloads\adwcleaner_7.2.7.0 (1).exe 2019-03-14 16:07 - 2019-03-14 18:17 - 000524654 _____ C:\WINDOWS\ntbtlog.txt 2019-03-14 15:30 - 2019-03-14 15:30 - 021205512 _____ (Piriform Software Ltd) C:\Users\Carolina\Downloads\ccsetup555.exe 2019-03-12 20:34 - 2019-03-12 20:35 - 002476544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d12SDKLayers.dll 2019-03-12 20:34 - 2019-03-12 20:34 - 024616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll 2019-03-12 20:34 - 2019-03-12 20:34 - 020814848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2019-03-12 20:34 - 2019-03-12 20:34 - 019284480 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll 2019-03-12 20:34 - 2019-03-12 20:34 - 007897088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2019-03-12 20:34 - 2019-03-12 20:34 - 005436184 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2019-03-12 20:34 - 2019-03-12 20:34 - 004920832 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2019-03-12 20:34 - 2019-03-12 20:34 - 003744256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2019-03-12 20:34 - 2019-03-12 20:34 - 003566080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2019-03-12 20:34 - 2019-03-12 20:34 - 003551408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2019-03-12 20:34 - 2019-03-12 20:34 - 003179008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d12SDKLayers.dll 2019-03-12 20:34 - 2019-03-12 20:34 - 002752360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2019-03-12 20:34 - 2019-03-12 20:34 - 002469440 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll 2019-03-12 20:34 - 2019-03-12 20:34 - 002323688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll 2019-03-12 20:34 - 2019-03-12 20:34 - 002278240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll 2019-03-12 20:34 - 2019-03-12 20:34 - 001706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2019-03-12 20:34 - 2019-03-12 20:34 - 001521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll 2019-03-12 20:34 - 2019-03-12 20:34 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll 2019-03-12 20:34 - 2019-03-12 20:34 - 001294856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2019-03-12 20:34 - 2019-03-12 20:34 - 001289192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll 2019-03-12 20:34 - 2019-03-12 20:34 - 001258808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2019-03-12 20:34 - 2019-03-12 20:34 - 001200920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll 2019-03-12 20:34 - 2019-03-12 20:34 - 001077912 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll 2019-03-12 20:34 - 2019-03-12 20:34 - 001072720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2019-03-12 20:34 - 2019-03-12 20:34 - 000866152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll 2019-03-12 20:34 - 2019-03-12 20:34 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll 2019-03-12 20:34 - 2019-03-12 20:34 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2019-03-12 20:34 - 2019-03-12 20:34 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll 2019-03-12 20:34 - 2019-03-12 20:34 - 000573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfh264enc.dll 2019-03-12 20:34 - 2019-03-12 20:34 - 000560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfh264enc.dll 2019-03-12 20:34 - 2019-03-12 20:34 - 000453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys 2019-03-12 20:34 - 2019-03-12 20:34 - 000421688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll 2019-03-12 20:34 - 2019-03-12 20:34 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll 2019-03-12 20:34 - 2019-03-12 20:34 - 000263360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2019-03-12 20:33 - 2019-03-12 20:34 - 006069760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2019-03-12 20:33 - 2019-03-12 20:33 - 026810368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2019-03-12 20:33 - 2019-03-12 20:33 - 023440896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2019-03-12 20:33 - 2019-03-12 20:33 - 019023872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2019-03-12 20:33 - 2019-03-12 20:33 - 012857856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2019-03-12 20:33 - 2019-03-12 20:33 - 012151296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2019-03-12 20:33 - 2019-03-12 20:33 - 008875008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2019-03-12 20:33 - 2019-03-12 20:33 - 007882240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2019-03-12 20:33 - 2019-03-12 20:33 - 006548168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2019-03-12 20:33 - 2019-03-12 20:33 - 005588184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2019-03-12 20:33 - 2019-03-12 20:33 - 004883968 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2019-03-12 20:33 - 2019-03-12 20:33 - 004689408 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2019-03-12 20:33 - 2019-03-12 20:33 - 003923456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2019-03-12 20:33 - 2019-03-12 20:33 - 003656192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll 2019-03-12 20:33 - 2019-03-12 20:33 - 003108864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2019-03-12 20:33 - 2019-03-12 20:33 - 002942464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll 2019-03-12 20:33 - 2019-03-12 20:33 - 002447360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll 2019-03-12 20:33 - 2019-03-12 20:33 - 002275680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2019-03-12 20:33 - 2019-03-12 20:33 - 002127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll 2019-03-12 20:33 - 2019-03-12 20:33 - 001782272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll 2019-03-12 20:33 - 2019-03-12 20:33 - 001760768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2019-03-12 20:33 - 2019-03-12 20:33 - 001590072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll 2019-03-12 20:33 - 2019-03-12 20:33 - 001572176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll 2019-03-12 20:33 - 2019-03-12 20:33 - 001506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll 2019-03-12 20:33 - 2019-03-12 20:33 - 001484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2019-03-12 20:33 - 2019-03-12 20:33 - 001387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll 2019-03-12 20:33 - 2019-03-12 20:33 - 001332224 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll 2019-03-12 20:33 - 2019-03-12 20:33 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll 2019-03-12 20:33 - 2019-03-12 20:33 - 001224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2019-03-12 20:33 - 2019-03-12 20:33 - 001221944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll 2019-03-12 20:33 - 2019-03-12 20:33 - 001131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll 2019-03-12 20:33 - 2019-03-12 20:33 - 001072640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll 2019-03-12 20:33 - 2019-03-12 20:33 - 001047040 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll 2019-03-12 20:33 - 2019-03-12 20:33 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll 2019-03-12 20:33 - 2019-03-12 20:33 - 000908800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl 2019-03-12 20:33 - 2019-03-12 20:33 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2019-03-12 20:33 - 2019-03-12 20:33 - 000793088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll 2019-03-12 20:33 - 2019-03-12 20:33 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll 2019-03-12 20:33 - 2019-03-12 20:33 - 000772608 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll 2019-03-12 20:33 - 2019-03-12 20:33 - 000772408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Services.TargetedContent.dll 2019-03-12 20:33 - 2019-03-12 20:33 - 000762880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll 2019-03-12 20:33 - 2019-03-12 20:33 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2019-03-12 20:33 - 2019-03-12 20:33 - 000652824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2019-03-12 20:33 - 2019-03-12 20:33 - 000642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll 2019-03-12 20:33 - 2019-03-12 20:33 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll 2019-03-12 20:33 - 2019-03-12 20:33 - 000621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll 2019-03-12 20:33 - 2019-03-12 20:33 - 000599040 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll 2019-03-12 20:33 - 2019-03-12 20:33 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll 2019-03-12 20:33 - 2019-03-12 20:33 - 000549376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll 2019-03-12 20:33 - 2019-03-12 20:33 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2019-03-12 20:33 - 2019-03-12 20:33 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe 2019-03-12 20:33 - 2019-03-12 20:33 - 000495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll 2019-03-12 20:33 - 2019-03-12 20:33 - 000489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResourceMapper.dll 2019-03-12 20:33 - 2019-03-12 20:33 - 000480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll 2019-03-12 20:33 - 2019-03-12 20:33 - 000427520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll 2019-03-12 20:33 - 2019-03-12 20:33 - 000411136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll 2019-03-12 20:33 - 2019-03-12 20:33 - 000361984 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageHandlers.dll 2019-03-12 20:33 - 2019-03-12 20:33 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll 2019-03-12 20:33 - 2019-03-12 20:33 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys 2019-03-12 20:33 - 2019-03-12 20:33 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll 2019-03-12 20:33 - 2019-03-12 20:33 - 000322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll 2019-03-12 20:33 - 2019-03-12 20:33 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MbbCx.sys 2019-03-12 20:33 - 2019-03-12 20:33 - 000180736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll 2019-03-12 20:33 - 2019-03-12 20:33 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll 2019-03-12 20:33 - 2019-03-12 20:33 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll 2019-03-12 20:33 - 2019-03-12 20:33 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys 2019-03-12 20:33 - 2019-03-12 20:33 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll 2019-03-12 20:33 - 2019-03-12 20:33 - 000134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageLiveTileTask.exe 2019-03-12 20:33 - 2019-03-12 20:33 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll 2019-03-12 20:33 - 2019-03-12 20:33 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys 2019-03-12 20:33 - 2019-03-12 20:33 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys 2019-03-12 20:33 - 2019-03-12 20:33 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll 2019-03-12 20:33 - 2019-03-12 20:33 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe 2019-03-12 20:33 - 2019-03-12 20:33 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll 2019-03-12 20:33 - 2019-03-12 20:33 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecureBioSysprep.dll 2019-03-12 20:32 - 2019-03-12 20:32 - 015224320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2019-03-12 20:32 - 2019-03-12 20:32 - 007251456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll 2019-03-12 20:32 - 2019-03-12 20:32 - 006440960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2019-03-12 20:32 - 2019-03-12 20:32 - 006309040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2019-03-12 20:32 - 2019-03-12 20:32 - 005915936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll 2019-03-12 20:32 - 2019-03-12 20:32 - 003761664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll 2019-03-12 20:32 - 2019-03-12 20:32 - 003729808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2019-03-12 20:32 - 2019-03-12 20:32 - 003652656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll 2019-03-12 20:32 - 2019-03-12 20:32 - 003504128 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2019-03-12 20:32 - 2019-03-12 20:32 - 003427840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll 2019-03-12 20:32 - 2019-03-12 20:32 - 002926904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2019-03-12 20:32 - 2019-03-12 20:32 - 002871312 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe 2019-03-12 20:32 - 2019-03-12 20:32 - 002776712 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2019-03-12 20:32 - 2019-03-12 20:32 - 002700792 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2019-03-12 20:32 - 2019-03-12 20:32 - 002689536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll 2019-03-12 20:32 - 2019-03-12 20:32 - 002626360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2019-03-12 20:32 - 2019-03-12 20:32 - 002073240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2019-03-12 20:32 - 2019-03-12 20:32 - 002001408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll 2019-03-12 20:32 - 2019-03-12 20:32 - 001994760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2019-03-12 20:32 - 2019-03-12 20:32 - 001969464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys 2019-03-12 20:32 - 2019-03-12 20:32 - 001899160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll 2019-03-12 20:32 - 2019-03-12 20:32 - 001860608 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2019-03-12 20:32 - 2019-03-12 20:32 - 001711616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll 2019-03-12 20:32 - 2019-03-12 20:32 - 001701376 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2019-03-12 20:32 - 2019-03-12 20:32 - 001697744 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2019-03-12 20:32 - 2019-03-12 20:32 - 001644048 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2019-03-12 20:32 - 2019-03-12 20:32 - 001481488 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2019-03-12 20:32 - 2019-03-12 20:32 - 001468440 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2019-03-12 20:32 - 2019-03-12 20:32 - 001457544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll 2019-03-12 20:32 - 2019-03-12 20:32 - 001360696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys 2019-03-12 20:32 - 2019-03-12 20:32 - 001341880 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2019-03-12 20:32 - 2019-03-12 20:32 - 001272552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdrecordcpu.dll 2019-03-12 20:32 - 2019-03-12 20:32 - 001180248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll 2019-03-12 20:32 - 2019-03-12 20:32 - 001179168 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2019-03-12 20:32 - 2019-03-12 20:32 - 001098128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2019-03-12 20:32 - 2019-03-12 20:32 - 001001472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl 2019-03-12 20:32 - 2019-03-12 20:32 - 000981816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys 2019-03-12 20:32 - 2019-03-12 20:32 - 000918032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll 2019-03-12 20:32 - 2019-03-12 20:32 - 000823296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll 2019-03-12 20:32 - 2019-03-12 20:32 - 000808464 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2019-03-12 20:32 - 2019-03-12 20:32 - 000782968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll 2019-03-12 20:32 - 2019-03-12 20:32 - 000769536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys 2019-03-12 20:32 - 2019-03-12 20:32 - 000764216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll 2019-03-12 20:32 - 2019-03-12 20:32 - 000735760 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2019-03-12 20:32 - 2019-03-12 20:32 - 000726416 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll 2019-03-12 20:32 - 2019-03-12 20:32 - 000723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll 2019-03-12 20:32 - 2019-03-12 20:32 - 000655160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys 2019-03-12 20:32 - 2019-03-12 20:32 - 000649272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll 2019-03-12 20:32 - 2019-03-12 20:32 - 000619832 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2019-03-12 20:32 - 2019-03-12 20:32 - 000591832 _____ C:\WINDOWS\SysWOW64\InputHost.dll 2019-03-12 20:32 - 2019-03-12 20:32 - 000553784 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll 2019-03-12 20:32 - 2019-03-12 20:32 - 000548864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll 2019-03-12 20:32 - 2019-03-12 20:32 - 000519992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe 2019-03-12 20:32 - 2019-03-12 20:32 - 000497664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsound.dll 2019-03-12 20:32 - 2019-03-12 20:32 - 000474936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS 2019-03-12 20:32 - 2019-03-12 20:32 - 000460304 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2019-03-12 20:32 - 2019-03-12 20:32 - 000453944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys 2019-03-12 20:32 - 2019-03-12 20:32 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys 2019-03-12 20:32 - 2019-03-12 20:32 - 000449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll 2019-03-12 20:32 - 2019-03-12 20:32 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll 2019-03-12 20:32 - 2019-03-12 20:32 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2019-03-12 20:32 - 2019-03-12 20:32 - 000383288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys 2019-03-12 20:32 - 2019-03-12 20:32 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll 2019-03-12 20:32 - 2019-03-12 20:32 - 000322576 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2019-03-12 20:32 - 2019-03-12 20:32 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys 2019-03-12 20:32 - 2019-03-12 20:32 - 000279376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll 2019-03-12 20:32 - 2019-03-12 20:32 - 000272648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdwriter.dll 2019-03-12 20:32 - 2019-03-12 20:32 - 000262456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2019-03-12 20:32 - 2019-03-12 20:32 - 000147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll 2019-03-12 20:32 - 2019-03-12 20:32 - 000147256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2019-03-12 20:32 - 2019-03-12 20:32 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatialAudioLicenseSrv.exe 2019-03-12 20:32 - 2019-03-12 20:32 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll 2019-03-12 20:32 - 2019-03-12 20:32 - 000071184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll 2019-03-12 20:32 - 2019-03-12 20:32 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll 2019-03-12 20:32 - 2019-03-12 20:32 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll 2019-03-12 20:31 - 2019-03-12 20:31 - 022114960 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2019-03-12 20:31 - 2019-03-12 20:31 - 017520640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2019-03-12 20:31 - 2019-03-12 20:31 - 009683256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2019-03-12 20:31 - 2019-03-12 20:31 - 009670656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll 2019-03-12 20:31 - 2019-03-12 20:31 - 007883776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2019-03-12 20:31 - 2019-03-12 20:31 - 007647256 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll 2019-03-12 20:31 - 2019-03-12 20:31 - 007645392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2019-03-12 20:31 - 2019-03-12 20:31 - 007556392 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll 2019-03-12 20:31 - 2019-03-12 20:31 - 005566464 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll 2019-03-12 20:31 - 2019-03-12 20:31 - 005296640 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll 2019-03-12 20:31 - 2019-03-12 20:31 - 004588744 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe 2019-03-12 20:31 - 2019-03-12 20:31 - 004245280 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2019-03-12 20:31 - 2019-03-12 20:31 - 003983360 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll 2019-03-12 20:31 - 2019-03-12 20:31 - 003660288 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2019-03-12 20:31 - 2019-03-12 20:31 - 003399168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll 2019-03-12 20:31 - 2019-03-12 20:31 - 003382272 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2019-03-12 20:31 - 2019-03-12 20:31 - 003378488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2019-03-12 20:31 - 2019-03-12 20:31 - 002842112 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll 2019-03-12 20:31 - 2019-03-12 20:31 - 002637312 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe 2019-03-12 20:31 - 2019-03-12 20:31 - 002630656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll 2019-03-12 20:31 - 2019-03-12 20:31 - 002488320 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2019-03-12 20:31 - 2019-03-12 20:31 - 002437344 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2019-03-12 20:31 - 2019-03-12 20:31 - 002187776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2019-03-12 20:31 - 2019-03-12 20:31 - 002044416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll 2019-03-12 20:31 - 2019-03-12 20:31 - 001884672 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2019-03-12 20:31 - 2019-03-12 20:31 - 001844448 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll 2019-03-12 20:31 - 2019-03-12 20:31 - 001830200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll 2019-03-12 20:31 - 2019-03-12 20:31 - 001715712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll 2019-03-12 20:31 - 2019-03-12 20:31 - 001656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll 2019-03-12 20:31 - 2019-03-12 20:31 - 001641400 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2019-03-12 20:31 - 2019-03-12 20:31 - 001604096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2019-03-12 20:31 - 2019-03-12 20:31 - 001563336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdrecordcpu.dll 2019-03-12 20:31 - 2019-03-12 20:31 - 001479480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll 2019-03-12 20:31 - 2019-03-12 20:31 - 001267712 _____ (Microsoft Corporation) C:\WINDOWS\system32\APMon.dll 2019-03-12 20:31 - 2019-03-12 20:31 - 001256448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll 2019-03-12 20:31 - 2019-03-12 20:31 - 001199104 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2019-03-12 20:31 - 2019-03-12 20:31 - 001176064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll 2019-03-12 20:31 - 2019-03-12 20:31 - 001087800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll 2019-03-12 20:31 - 2019-03-12 20:31 - 001078072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll 2019-03-12 20:31 - 2019-03-12 20:31 - 001056272 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll 2019-03-12 20:31 - 2019-03-12 20:31 - 001054200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe 2019-03-12 20:31 - 2019-03-12 20:31 - 001052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll 2019-03-12 20:31 - 2019-03-12 20:31 - 001008128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll 2019-03-12 20:31 - 2019-03-12 20:31 - 000926208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll 2019-03-12 20:31 - 2019-03-12 20:31 - 000902144 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll 2019-03-12 20:31 - 2019-03-12 20:31 - 000888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll 2019-03-12 20:31 - 2019-03-12 20:31 - 000888120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pidgenx.dll 2019-03-12 20:31 - 2019-03-12 20:31 - 000860160 _____ C:\WINDOWS\system32\MBR2GPT.EXE 2019-03-12 20:31 - 2019-03-12 20:31 - 000836096 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll 2019-03-12 20:31 - 2019-03-12 20:31 - 000833064 _____ C:\WINDOWS\system32\InputHost.dll 2019-03-12 20:31 - 2019-03-12 20:31 - 000745984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll 2019-03-12 20:31 - 2019-03-12 20:31 - 000714240 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll 2019-03-12 20:31 - 2019-03-12 20:31 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll 2019-03-12 20:31 - 2019-03-12 20:31 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll 2019-03-12 20:31 - 2019-03-12 20:31 - 000593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2019-03-12 20:31 - 2019-03-12 20:31 - 000572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll 2019-03-12 20:31 - 2019-03-12 20:31 - 000566272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll 2019-03-12 20:31 - 2019-03-12 20:31 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2019-03-12 20:31 - 2019-03-12 20:31 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2019-03-12 20:31 - 2019-03-12 20:31 - 000479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll 2019-03-12 20:31 - 2019-03-12 20:31 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll 2019-03-12 20:31 - 2019-03-12 20:31 - 000435712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll 2019-03-12 20:31 - 2019-03-12 20:31 - 000407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll 2019-03-12 20:31 - 2019-03-12 20:31 - 000330464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdwriter.dll 2019-03-12 20:31 - 2019-03-12 20:31 - 000271360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll 2019-03-12 20:31 - 2019-03-12 20:31 - 000246584 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll 2019-03-12 20:31 - 2019-03-12 20:31 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\smbwmiv2.dll 2019-03-12 20:31 - 2019-03-12 20:31 - 000196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll 2019-03-12 20:31 - 2019-03-12 20:31 - 000190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll 2019-03-12 20:31 - 2019-03-12 20:31 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngctasks.dll 2019-03-12 20:31 - 2019-03-12 20:31 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll 2019-03-12 20:31 - 2019-03-12 20:31 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll 2019-03-12 20:31 - 2019-03-12 20:31 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe 2019-03-12 20:31 - 2019-03-12 20:31 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys 2019-03-12 20:31 - 2019-03-12 20:31 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll 2019-03-12 20:31 - 2019-03-12 20:31 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msfs.sys 2019-03-12 20:30 - 2019-03-12 20:30 - 007688088 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2019-03-12 20:30 - 2019-03-12 20:30 - 002766648 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll 2019-03-12 20:30 - 2019-03-12 20:30 - 002720768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2019-03-12 20:30 - 2019-03-12 20:30 - 002021584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2019-03-12 20:30 - 2019-03-12 20:30 - 001931264 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2019-03-12 20:30 - 2019-03-12 20:30 - 001893888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll 2019-03-12 20:30 - 2019-03-12 20:30 - 001742104 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll 2019-03-12 20:30 - 2019-03-12 20:30 - 001496064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2019-03-12 20:30 - 2019-03-12 20:30 - 001331536 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2019-03-12 20:30 - 2019-03-12 20:30 - 001296576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2019-03-12 20:30 - 2019-03-12 20:30 - 001259320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys 2019-03-12 20:30 - 2019-03-12 20:30 - 001208320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll 2019-03-12 20:30 - 2019-03-12 20:30 - 001191512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll 2019-03-12 20:30 - 2019-03-12 20:30 - 001022616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll 2019-03-12 20:30 - 2019-03-12 20:30 - 000955392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll 2019-03-12 20:30 - 2019-03-12 20:30 - 000895048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2019-03-12 20:30 - 2019-03-12 20:30 - 000883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2019-03-12 20:30 - 2019-03-12 20:30 - 000871792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll 2019-03-12 20:30 - 2019-03-12 20:30 - 000865568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2019-03-12 20:30 - 2019-03-12 20:30 - 000850760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll 2019-03-12 20:30 - 2019-03-12 20:30 - 000790328 _____ (Microsoft Corporation) C:\WINDOWS\system32\upshared.dll 2019-03-12 20:30 - 2019-03-12 20:30 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll 2019-03-12 20:30 - 2019-03-12 20:30 - 000757664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe 2019-03-12 20:30 - 2019-03-12 20:30 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2019-03-12 20:30 - 2019-03-12 20:30 - 000741888 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll 2019-03-12 20:30 - 2019-03-12 20:30 - 000680184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll 2019-03-12 20:30 - 2019-03-12 20:30 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll 2019-03-12 20:30 - 2019-03-12 20:30 - 000646632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll 2019-03-12 20:30 - 2019-03-12 20:30 - 000605496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll 2019-03-12 20:30 - 2019-03-12 20:30 - 000604336 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2019-03-12 20:30 - 2019-03-12 20:30 - 000593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsound.dll 2019-03-12 20:30 - 2019-03-12 20:30 - 000511800 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2019-03-12 20:30 - 2019-03-12 20:30 - 000508216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe 2019-03-12 20:30 - 2019-03-12 20:30 - 000505656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll 2019-03-12 20:30 - 2019-03-12 20:30 - 000484976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll 2019-03-12 20:30 - 2019-03-12 20:30 - 000463672 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2019-03-12 20:30 - 2019-03-12 20:30 - 000449368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll 2019-03-12 20:30 - 2019-03-12 20:30 - 000444728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe 2019-03-12 20:30 - 2019-03-12 20:30 - 000419128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys 2019-03-12 20:30 - 2019-03-12 20:30 - 000404792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys 2019-03-12 20:30 - 2019-03-12 20:30 - 000402944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys 2019-03-12 20:30 - 2019-03-12 20:30 - 000387832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll 2019-03-12 20:30 - 2019-03-12 20:30 - 000386872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2019-03-12 20:30 - 2019-03-12 20:30 - 000383288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll 2019-03-12 20:30 - 2019-03-12 20:30 - 000367616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll 2019-03-12 20:30 - 2019-03-12 20:30 - 000355360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll 2019-03-12 20:30 - 2019-03-12 20:30 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioCredProv.dll 2019-03-12 20:30 - 2019-03-12 20:30 - 000336744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll 2019-03-12 20:30 - 2019-03-12 20:30 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll 2019-03-12 20:30 - 2019-03-12 20:30 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll 2019-03-12 20:30 - 2019-03-12 20:30 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BioCredProv.dll 2019-03-12 20:30 - 2019-03-12 20:30 - 000264192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll 2019-03-12 20:30 - 2019-03-12 20:30 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32tm.exe 2019-03-12 20:30 - 2019-03-12 20:30 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ptpprov.dll 2019-03-12 20:30 - 2019-03-12 20:30 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll 2019-03-12 20:30 - 2019-03-12 20:30 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\w32tm.exe 2019-03-12 20:30 - 2019-03-12 20:30 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecureTimeAggregator.dll 2019-03-12 20:30 - 2019-03-12 20:30 - 000202552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll 2019-03-12 20:30 - 2019-03-12 20:30 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbio.dll 2019-03-12 20:30 - 2019-03-12 20:30 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe 2019-03-12 20:30 - 2019-03-12 20:30 - 000169784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys 2019-03-12 20:30 - 2019-03-12 20:30 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll 2019-03-12 20:30 - 2019-03-12 20:30 - 000156984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys 2019-03-12 20:30 - 2019-03-12 20:30 - 000138960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll 2019-03-12 20:30 - 2019-03-12 20:30 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbio.dll 2019-03-12 20:30 - 2019-03-12 20:30 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll 2019-03-12 20:30 - 2019-03-12 20:30 - 000115152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll 2019-03-12 20:30 - 2019-03-12 20:30 - 000104248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys 2019-03-12 20:30 - 2019-03-12 20:30 - 000035640 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe 2019-03-12 20:30 - 2019-03-12 20:30 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll 2019-03-12 20:30 - 2019-03-12 20:30 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll 2019-03-12 20:30 - 2019-03-12 20:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin 2019-03-12 20:30 - 2019-03-12 20:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin 2019-03-12 20:30 - 2019-03-12 20:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin 2019-03-12 20:30 - 2019-03-12 20:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin 2019-03-12 20:30 - 2019-03-12 20:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin 2019-03-12 20:30 - 2019-03-12 20:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin 2019-03-12 20:30 - 2019-03-12 20:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin 2019-03-12 20:30 - 2019-03-12 20:30 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin 2019-03-12 20:29 - 2019-03-12 20:29 - 002013696 _____ C:\WINDOWS\system32\rdpnano.dll 2019-03-12 20:29 - 2019-03-12 20:29 - 001672704 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2019-03-12 20:29 - 2019-03-12 20:29 - 001253688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2019-03-12 20:29 - 2019-03-12 20:29 - 001221120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys 2019-03-12 20:29 - 2019-03-12 20:29 - 001043256 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2019-03-12 20:29 - 2019-03-12 20:29 - 000661816 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll 2019-03-12 20:29 - 2019-03-12 20:29 - 000651576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys 2019-03-12 20:29 - 2019-03-12 20:29 - 000607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll 2019-03-12 20:29 - 2019-03-12 20:29 - 000195896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys 2019-03-12 20:29 - 2019-03-12 20:29 - 000095544 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2019-03-12 20:29 - 2019-03-12 20:29 - 000095544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storqosflt.sys 2019-03-12 20:29 - 2019-03-12 20:29 - 000090424 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll 2019-03-12 20:29 - 2019-03-12 20:29 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys 2019-03-12 20:29 - 2019-03-12 20:29 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys 2019-03-12 08:35 - 2019-03-12 08:38 - 000000000 ____D C:\AdwCleaner 2019-03-12 08:35 - 2019-03-12 08:35 - 007316688 _____ (Malwarebytes) C:\Users\Carolina\Downloads\adwcleaner_7.2.7.0.exe 2019-03-11 22:29 - 2019-03-11 22:29 - 000001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2019-03-11 22:29 - 2019-03-11 22:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2019-03-11 22:29 - 2019-02-01 11:20 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2019-03-11 22:29 - 2019-01-08 15:32 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2019-03-11 20:14 - 2019-03-27 15:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware 2019-03-11 20:14 - 2019-03-11 20:14 - 000001856 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk 2019-03-11 20:14 - 2019-03-11 20:14 - 000000000 ____D C:\Users\Carolina\AppData\Roaming\SUPERAntiSpyware.com 2019-03-11 20:14 - 2019-03-11 20:14 - 000000000 ____D C:\ProgramData\SUPERAntiSpyware.com 2019-03-11 20:14 - 2019-03-11 20:14 - 000000000 ____D C:\Program Files\SUPERAntiSpyware 2019-03-11 20:13 - 2019-03-11 20:13 - 038849448 _____ (SUPERAntiSpyware) C:\Users\Carolina\Downloads\SUPERAntiSpywarePro.exe 2019-03-11 19:28 - 2019-03-11 19:28 - 000000000 ____D C:\WINDOWS\pss 2019-03-11 19:18 - 2019-03-11 19:18 - 007127416 _____ (VS Revo Group ) C:\Users\Carolina\Downloads\revosetup.exe 2019-03-11 19:18 - 2019-03-11 19:18 - 000001086 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk 2019-03-11 19:18 - 2019-03-11 19:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2019-03-11 19:18 - 2019-03-11 19:18 - 000000000 ____D C:\Program Files\VS Revo Group 2019-03-01 16:41 - 2019-03-17 16:22 - 000004210 _____ C:\WINDOWS\System32\Tasks\CCleaner Update 2019-03-01 16:41 - 2019-03-14 15:35 - 000000870 _____ C:\Users\Public\Desktop\CCleaner.lnk 2019-03-01 16:41 - 2019-03-01 16:41 - 000002894 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC 2019-03-01 16:41 - 2019-03-01 16:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2019-03-01 16:41 - 2019-03-01 16:41 - 000000000 ____D C:\Program Files\CCleaner ==================== One month (modified) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-03-27 15:30 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2019-03-27 15:17 - 2019-02-01 23:53 - 000004224 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{26787922-5776-46D0-B890-B319B69D0FDA} 2019-03-27 15:16 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps 2019-03-27 15:16 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\AppReadiness 2019-03-27 15:16 - 2018-01-20 18:22 - 000000000 ___RD C:\Users\Carolina\OneDrive 2019-03-27 15:14 - 2018-01-20 18:17 - 000000000 __SHD C:\Users\Carolina\IntelGraphicsProfiles 2019-03-26 19:29 - 2017-10-13 04:01 - 000000000 ____D C:\ProgramData\NVIDIA 2019-03-26 18:08 - 2018-01-21 12:45 - 000002306 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2019-03-26 18:08 - 2018-01-21 12:45 - 000002265 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2019-03-24 21:08 - 2018-03-08 16:20 - 000000000 ____D C:\Users\Carolina\AppData\Roaming\WhatsApp 2019-03-24 20:20 - 2019-02-01 23:16 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2019-03-24 18:49 - 2018-05-19 21:02 - 000000000 ____D C:\Users\Carolina\Desktop\libros 2019-03-24 18:45 - 2018-01-20 22:47 - 000000000 ____D C:\Users\Carolina\AppData\Local\Packages 2019-03-24 16:36 - 2018-09-15 08:31 - 000000000 ____D C:\WINDOWS\INF 2019-03-24 16:14 - 2018-01-20 18:17 - 000000000 ____D C:\Users\Carolina\AppData\Local\ConnectedDevicesPlatform 2019-03-24 16:12 - 2019-02-01 23:53 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2019-03-24 16:11 - 2019-02-01 23:23 - 000000000 ____D C:\Users\Carolina 2019-03-24 16:11 - 2018-09-15 07:09 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2019-03-24 15:31 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\ServiceState 2019-03-24 15:26 - 2018-03-04 13:11 - 000000000 ____D C:\Users\Carolina\AppData\Local\PlaceholderTileLogoFolder 2019-03-24 15:25 - 2018-06-14 08:34 - 000000000 ____D C:\ProgramData\Packages 2019-03-23 11:35 - 2018-09-17 15:12 - 000000000 ____D C:\Users\Carolina\Documents\2ºDAM 2019-03-22 14:54 - 2019-02-01 23:23 - 000000000 ____D C:\Users\openpgsvc.LAPTOP-A6AK8O9F 2019-03-19 19:45 - 2018-11-06 19:15 - 000000000 ____D C:\Users\Carolina\Documents\frances 2019-03-17 16:45 - 2019-02-01 23:37 - 001777406 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2019-03-17 16:45 - 2018-09-15 17:36 - 000789634 _____ C:\WINDOWS\system32\perfh00A.dat 2019-03-17 16:45 - 2018-09-15 17:36 - 000155888 _____ C:\WINDOWS\system32\perfc00A.dat 2019-03-16 21:26 - 2018-01-21 18:59 - 000000000 ____D C:\Program Files\Microsoft Office 2019-03-14 17:17 - 2019-02-01 21:30 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2019-03-14 15:25 - 2018-01-20 23:07 - 000000000 ___RD C:\Users\Carolina\3D Objects 2019-03-14 15:25 - 2017-03-23 18:27 - 000000000 __RHD C:\Users\Public\AccountPictures 2019-03-14 15:21 - 2019-02-01 23:16 - 000437576 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2019-03-12 21:52 - 2018-09-15 08:33 - 000000000 ___RD C:\Program Files\Windows Defender 2019-03-12 21:52 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\TextInput 2019-03-12 21:52 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\oobe 2019-03-12 21:52 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\appraiser 2019-03-12 21:52 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\ShellExperiences 2019-03-12 21:52 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\bcastdvr 2019-03-12 20:39 - 2018-09-15 08:23 - 000000000 ____D C:\WINDOWS\CbsTemp 2019-03-12 20:29 - 2019-02-01 23:20 - 002865152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2019-03-12 20:25 - 2018-06-20 15:00 - 000000000 ____D C:\Users\Carolina\Documents\1ºDAM 2019-03-12 20:03 - 2018-09-15 08:36 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2019-03-12 20:03 - 2018-09-15 08:36 - 000179608 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2019-03-12 20:03 - 2018-01-20 21:06 - 000000000 ____D C:\WINDOWS\system32\MRT 2019-03-12 19:59 - 2018-01-20 21:06 - 127411920 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2019-03-12 08:38 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated 2019-03-11 22:29 - 2018-09-15 08:33 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2019-03-10 12:58 - 2018-05-20 09:07 - 000002283 _____ C:\Users\Carolina\Desktop\WhatsApp.lnk 2019-03-10 12:58 - 2018-05-20 09:07 - 000000000 ____D C:\Users\Carolina\AppData\Local\WhatsApp 2019-03-10 12:58 - 2018-03-08 16:20 - 000000000 ____D C:\Users\Carolina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp 2019-03-07 19:33 - 2018-09-15 08:33 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2019-03-07 18:36 - 2019-02-01 23:53 - 000003382 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3264493433-3611251206-197929902-1001 2019-03-07 18:36 - 2019-02-01 23:23 - 000002413 _____ C:\Users\Carolina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk ==================== Files in the root of some directories ======= 2018-05-07 16:37 - 2018-05-07 16:37 - 000000000 _____ () C:\Users\Carolina\.mongorc.js 2018-03-08 16:24 - 2018-03-08 16:24 - 000000746 _____ () C:\Users\Carolina\AppData\Local\recently-used.xbel 2018-10-02 18:05 - 2018-10-02 18:05 - 000007605 _____ () C:\Users\Carolina\AppData\Local\Resmon.ResmonCfg ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\dllhost.exe => File is digitally signed C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End of FRST.txt ============================