Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.03.2019 Ran by Xargon (administrator) on ASUS2-PC (02-04-2019 17:20:03) Running from C:\Users\Xargon\Desktop Loaded Profiles: Xargon (Available Profiles: Xargon) Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Español (España, internacional) Internet Explorer Version 8 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe (Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler.exe (Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler64.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Microsoft Windows Hardware Compatibility Publisher -> PixArt Imaging Incorporation) C:\Windows\PixArt\PAC7302\Monitor.exe (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Glarysoft LTD -> Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\Integrator.exe (Newsoft Technology Company -> NewSoft) C:\Program Files (x86)\NewSoft\Presto! PVR\Monitor.exe (Realtek) [File not signed] C:\Program Files (x86)\Realtek\REALTEK DVB-T USB DEVICE\IR_SERVER.exe () [File not signed] C:\Program Files (x86)\Winamp\winampa.exe (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-09-13] (NVIDIA Corporation -> NVIDIA Corporation) HKLM\...\Run: [PAC7302_Monitor] => C:\Windows\PixArt\PAC7302\Monitor.exe [323584 2007-12-10] (Microsoft Windows Hardware Compatibility Publisher -> PixArt Imaging Incorporation) HKLM-x32\...\Run: [ChangeFilterMerit] => C:\Program Files (x86)\NewSoft\Presto! PVR\ChangeFilterMerit.exe [51280 2007-06-08] (Newsoft Technology Company -> NewSoft) HKLM-x32\...\Run: [Presto! PVR Monitor] => C:\Program Files (x86)\NewSoft\Presto! PVR\Monitor.exe [153424 2008-09-11] (Newsoft Technology Company -> NewSoft) HKLM-x32\...\Run: [IR_SERVER] => C:\Program Files (x86)\Realtek\REALTEK DVB-T USB DEVICE\IR_SERVER.exe [159744 2007-12-20] (Realtek) [File not signed] HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\Winampa.exe [10752 2001-04-30] () [File not signed] HKU\S-1-5-21-3378852282-1290396273-2425413037-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [43984 2016-10-09] (Glarysoft LTD -> Glarysoft Ltd) HKU\S-1-5-21-3378852282-1290396273-2425413037-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4557504 2016-10-06] (Disc Soft Ltd -> Disc Soft Ltd) HKU\S-1-5-21-3378852282-1290396273-2425413037-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [53540200 2019-03-26] (Skype Software Sarl -> Skype Technologies S.A.) HKU\S-1-5-21-3378852282-1290396273-2425413037-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22488952 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-3378852282-1290396273-2425413037-1001\...\MountPoints2: {9b65a7fe-9212-11e6-bf99-806e6f6e6963} - D:\autorun.exe HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.86\Installer\chrmstp.exe [2019-03-26] (Google LLC -> Google Inc.) BootExecute: autocheck autochk * ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{056338E7-F29C-4DAE-84FD-9E9544A4FA7D}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-3378852282-1290396273-2425413037-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-3378852282-1290396273-2425413037-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-es/?ocid=iehp Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Windows -> Microsoft Corporation) Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Windows -> Microsoft Corporation) Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Windows -> Microsoft Corporation) Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Windows -> Microsoft Corporation) FireFox: ======== FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-09-12] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-09-12] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-30] (Google Inc -> Google LLC) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-30] (Google Inc -> Google LLC) FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN -> VideoLAN) Chrome: ======= CHR HomePage: Default -> hxxp://www.google.com/ig/redirectdomain?brand=ASUT&bmod=ASUT CHR Profile: C:\Users\Xargon\AppData\Local\Google\Chrome\User Data\Default [2019-04-02] CHR Extension: (Presentaciones) - C:\Users\Xargon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-02] CHR Extension: (Documentos) - C:\Users\Xargon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-02] CHR Extension: (Google Drive) - C:\Users\Xargon\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-13] CHR Extension: (YouTube) - C:\Users\Xargon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-13] CHR Extension: (uVPN - Gratis e ilimitada VPN para todos) - C:\Users\Xargon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog [2019-04-01] CHR Extension: (BlockSite: Bloquea sitios web en Chrome™) - C:\Users\Xargon\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimnmioipafcokbfikbljfdeojpcgbh [2019-03-26] CHR Extension: (Hojas de cálculo) - C:\Users\Xargon\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-02] CHR Extension: (Documentos de Google sin conexión) - C:\Users\Xargon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-03-26] CHR Extension: (AdBlock) - C:\Users\Xargon\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-03-26] CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Xargon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04] CHR Extension: (Gmail) - C:\Users\Xargon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-13] CHR Extension: (Chrome Media Router) - C:\Users\Xargon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-26] ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1468608 2016-10-06] (Disc Soft Ltd -> Disc Soft Ltd) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163712 2016-09-13] (NVIDIA Corporation -> NVIDIA Corporation) R2 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [79552 2016-03-02] (Bitdefender SRL -> Bitdefender) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-09-13] (NVIDIA Corporation -> NVIDIA Corporation) R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-09-13] (NVIDIA Corporation -> NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-09-13] (NVIDIA Corporation -> NVIDIA Corporation) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Windows -> Microsoft Corporation) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 AtcL001; C:\Windows\System32\DRIVERS\l160x64.sys [58368 2009-06-25] (Microsoft Windows -> Atheros Communications, Inc.) R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [718840 2013-04-17] (Bitdefender SRL -> BitDefender) U5 avchv; C:\Windows\System32\Drivers\avchv.sys [261056 2016-11-22] (Bitdefender SRL -> BitDefender) R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [593144 2013-04-17] (Bitdefender SRL -> BitDefender) R1 bdfwfpf; C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [121928 2013-07-02] (Bitdefender SRL -> Bitdefender SRL) R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-10-18] (Disc Soft Ltd -> Disc Soft Ltd) R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-10-18] (Disc Soft Ltd -> Disc Soft Ltd) R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes) R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2016-10-13] (Glarysoft Ltd -> Glarysoft Ltd) R1 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [148696 2013-04-22] (Bitdefender SRL -> BitDefender LLC) R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [198512 2019-03-30] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [127136 2019-04-02] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [73912 2019-04-02] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [274416 2019-04-02] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [104784 2019-04-02] (Malwarebytes Corporation -> Malwarebytes) R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] (Microsoft Windows Hardware Compatibility Publisher -> ) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-09-13] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [56376 2016-09-13] (NVIDIA Corporation -> NVIDIA Corporation) R3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [532480 2009-04-28] (Microsoft Windows Hardware Compatibility Publisher -> PixArt Imaging Inc.) R3 RTL2831UBDA; C:\Windows\System32\drivers\RTL2831UBDA.sys [116000 2009-08-28] (Realtek Semiconductor Corp -> REALTEK SEMICONDUCTOR Corp.) R3 RTL2831UUSB; C:\Windows\System32\Drivers\RTL2831UUSB.sys [39968 2009-08-28] (Realtek Semiconductor Corp -> REALTEK SEMICONDUCTOR Corp.) R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [382536 2013-05-28] (Bitdefender SRL -> BitDefender S.R.L.) S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X] S3 tsusbhub; system32\drivers\tsusbhub.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-04-02 17:20 - 2019-04-02 17:26 - 000015062 _____ C:\Users\Xargon\Desktop\FRST.txt 2019-04-02 17:12 - 2019-04-02 17:12 - 000073912 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2019-04-02 17:11 - 2019-04-02 17:11 - 000127136 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys 2019-04-02 17:11 - 2019-04-02 17:11 - 000104784 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys 2019-04-02 16:57 - 2019-04-02 17:11 - 000274416 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys 2019-04-01 20:52 - 2019-04-01 20:58 - 000026924 _____ C:\Users\Xargon\Downloads\Addition.txt 2019-04-01 20:45 - 2019-04-01 20:58 - 000023359 _____ C:\Users\Xargon\Downloads\FRST.txt 2019-04-01 20:44 - 2019-04-02 17:20 - 000000000 ____D C:\FRST 2019-04-01 20:43 - 2019-04-01 20:43 - 002434048 _____ (Farbar) C:\Users\Xargon\Desktop\FRST64.exe 2019-03-31 21:52 - 2019-03-31 21:52 - 000000000 ____D C:\Users\Xargon\Desktop\Nueva carpeta (2) 2019-03-31 21:27 - 2019-03-31 22:45 - 000000000 ____D C:\Users\Xargon\AppData\Roaming\ZHP 2019-03-31 21:27 - 2019-03-31 21:27 - 000000831 _____ C:\Users\Xargon\Desktop\ZHPCleaner.lnk 2019-03-31 21:27 - 2019-03-31 21:27 - 000000000 ____D C:\Users\Xargon\AppData\Local\ZHP 2019-03-31 21:09 - 2019-03-31 21:10 - 000000000 ____D C:\AdwCleaner 2019-03-31 14:27 - 2019-03-31 14:27 - 000001034 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk 2019-03-31 14:27 - 2019-03-31 14:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2019-03-31 14:27 - 2019-03-31 14:27 - 000000000 ____D C:\Program Files\VS Revo Group 2019-03-30 21:26 - 2019-03-30 21:26 - 000000000 ____D C:\Users\Xargon\AppData\Local\mbam 2019-03-30 21:24 - 2019-03-30 21:24 - 000198512 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys 2019-03-30 21:24 - 2019-03-30 21:24 - 000001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2019-03-30 21:24 - 2019-03-30 21:24 - 000000000 ____D C:\Users\Xargon\AppData\Local\mbamtray 2019-03-30 21:24 - 2019-03-30 21:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2019-03-30 21:24 - 2019-03-30 21:24 - 000000000 ____D C:\Program Files\Malwarebytes 2019-03-30 21:24 - 2019-01-08 17:32 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys 2019-03-30 21:07 - 2019-03-30 21:20 - 000001891 _____ C:\Users\Xargon\Desktop\UsbFix Anti-Malware.lnk 2019-03-30 21:07 - 2019-03-30 21:20 - 000000000 ____D C:\Program Files (x86)\UsbFix 2019-03-30 20:56 - 2019-03-30 20:56 - 000003870 _____ C:\Windows\System32\Tasks\CCleaner Update 2019-03-30 20:56 - 2019-03-30 20:56 - 000002810 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC 2019-03-30 20:56 - 2019-03-30 20:56 - 000000822 _____ C:\Users\Public\Desktop\CCleaner.lnk 2019-03-30 20:56 - 2019-03-30 20:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2019-03-30 20:56 - 2019-03-30 20:56 - 000000000 ____D C:\Program Files\CCleaner 2019-03-30 20:55 - 2019-03-31 14:25 - 000000000 ____D C:\Users\Xargon\Downloads\herramientas desinfeccion ==================== One month (modified) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-04-02 17:18 - 2009-07-14 06:45 - 000014192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2019-04-02 17:18 - 2009-07-14 06:45 - 000014192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2019-04-02 17:17 - 2009-07-14 11:31 - 000745448 _____ C:\Windows\system32\perfh00A.dat 2019-04-02 17:17 - 2009-07-14 11:31 - 000157948 _____ C:\Windows\system32\perfc00A.dat 2019-04-02 17:17 - 2009-07-14 07:13 - 001671442 _____ C:\Windows\system32\PerfStringBackup.INI 2019-04-02 17:17 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf 2019-04-02 17:13 - 2016-10-13 17:58 - 000000000 ____D C:\Program Files (x86)\Glary Utilities 5 2019-04-02 17:11 - 2016-10-13 17:59 - 000000000 ____D C:\Program Files (x86)\Glarysoft 2019-04-02 17:11 - 2016-10-13 17:19 - 000000000 ____D C:\ProgramData\NVIDIA 2019-04-02 17:11 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2019-04-02 17:05 - 2016-10-13 17:59 - 000000000 ____D C:\ProgramData\Glarysoft 2019-04-02 17:00 - 2016-10-13 16:10 - 000003982 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{63189270-0226-4A67-A225-E861751CF738} 2019-03-31 21:37 - 2016-10-13 18:41 - 000000000 ____D C:\Users\Xargon\AppData\Local\CrashDumps 2019-03-30 21:24 - 2016-10-13 18:01 - 000000000 ____D C:\ProgramData\Malwarebytes 2019-03-30 21:21 - 2018-06-01 21:37 - 000001310 _____ C:\Users\Public\Desktop\Skype.lnk 2019-03-30 21:21 - 2018-03-01 10:56 - 000000000 ____D C:\Users\Xargon\AppData\Roaming\Skype 2019-03-30 21:21 - 2018-03-01 10:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2019-03-30 21:04 - 2016-10-18 14:43 - 000000000 ____D C:\Users\Xargon\AppData\Roaming\DAEMON Tools Lite 2019-03-30 21:04 - 2016-10-13 16:58 - 000000000 ____D C:\Windows\Panther 2019-03-30 20:52 - 2016-10-13 16:11 - 000003532 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2019-03-30 20:52 - 2016-10-13 16:11 - 000003404 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2019-03-30 20:45 - 2016-10-13 18:01 - 000000000 ____D C:\Users\Xargon\AppData\Roaming\vlc 2019-03-26 01:43 - 2016-10-13 16:12 - 000002222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2019-03-26 01:43 - 2016-10-13 16:12 - 000002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk ==================== Files in the root of some directories ======= 2002-01-01 01:01 - 2002-01-01 01:01 - 000000000 _____ () C:\Users\Xargon\AppData\Local\{107DDF89-7F99-4B81-99E5-008487D80E7C} ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\dllhost.exe => File is digitally signed C:\Windows\SysWOW64\dllhost.exe => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2019-03-31 00:32 ==================== End of FRST.txt ============================