Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 17-03-2019 Ran by Canaimita (administrator) on CANAIMITA-PC (25-03-2019 15:24:09) Running from C:\Users\Canaimita\Desktop Loaded Profiles: Canaimita (Available Profiles: Canaimita) Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Language: Español (España, internacional) Internet Explorer Version 11 (Default browser: "C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe" -- "%1") Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\hkcmd.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner.exe (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Google Inc -> Google Inc.) C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.) C:\Program Files\Google\Update\1.3.33.23\GoogleCrashHandler.exe (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Telegram Messenger LLP -> Telegram Messenger LLP) C:\Users\Canaimita\AppData\Roaming\Telegram Desktop\Telegram.exe (Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Windows Mobile-based device management] => C:\Windows\WindowsMobile\wmdcBase.exe [648072 2007-05-31] (Microsoft Corporation -> Microsoft Corporation) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation) HKU\S-1-5-21-1797319538-611075417-2455431110-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [16494464 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-1797319538-611075417-2455431110-1000\...\Run: [strdat] => C:\Windows\system32\cmd.exe /c start C:\streamer\streamer.exe /AutoIt3ExecuteScript "C:\streamer\stream.txt" & exit HKU\S-1-5-21-1797319538-611075417-2455431110-1000\...\Policies\system: [LogonHoursAction] 2 HKU\S-1-5-21-1797319538-611075417-2455431110-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 HKU\S-1-5-21-1797319538-611075417-2455431110-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1 HKU\S-1-5-21-1797319538-611075417-2455431110-1000\...\MountPoints2: {37d3b8e8-2593-11e4-9159-909d8a652722} - E:\DriverPackSolution.exe HKU\S-1-5-21-1797319538-611075417-2455431110-1000\...\MountPoints2: {46d9234c-5f5e-11e8-925b-00accd338151} - E:\Setup.exe HKU\S-1-5-21-1797319538-611075417-2455431110-1000\...\MountPoints2: {5ce6c020-177b-11e4-b345-95b3faf56722} - G:\application\Setup.exe HKU\S-1-5-21-1797319538-611075417-2455431110-1000\...\MountPoints2: {b5d4bb22-4a4f-11e9-898c-00accd338151} - F:\HiSuiteDownLoader.exe HKU\S-1-5-21-1797319538-611075417-2455431110-1000\...\MountPoints2: {d48f6f32-6ccf-11e8-90fb-00accd338151} - F:\Setup.exe HKU\S-1-5-21-1797319538-611075417-2455431110-1000\...\MountPoints2: {f2055992-c3ea-11e8-9de3-00accd338151} - F:\Setup.exe HKU\S-1-5-21-1797319538-611075417-2455431110-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [878592 2010-11-20] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\system32\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed] HKLM\...\Drivers32: [vidc.dvsd] => C:\Windows\system32\pdvcodec.dll [265797 2010-03-12] (Matsushita Electric Industrial Co., Ltd.) [File not signed] HKLM\...\Drivers32: [vidc.tscc] => C:\Windows\system32\tsccvid.dll [102400 2005-06-15] (TechSmith Corporation) [File not signed] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\73.0.3683.86\Installer\chrmstp.exe [2019-03-21] (Google LLC -> Google Inc.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2018-09-20] (Adobe Systems, Incorporated -> Adobe Systems, Inc.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\73.0.61.52\Installer\chrmstp.exe [2019-03-21] (Brave Software, Inc.) [File not signed] GroupPolicy: Restriction ? <==== ATTENTION GroupPolicy\User: Restriction ? <==== ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) ProxyServer: [S-1-5-21-1797319538-611075417-2455431110-1000] => rosa:80 AutoConfigURL: [S-1-5-21-1797319538-611075417-2455431110-1000] => rosa:80 Hosts: 127.0.0.1 validation.sls.microsoft.com Tcpip\Parameters: [DhcpNameServer] 10.1.192.12 10.1.192.13 Tcpip\..\Interfaces\{16E05183-17CD-4C37-B7B8-9497F0203159}: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{E0D44671-3DE1-45B4-B335-1F2EE98C8735}: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{E0D44671-3DE1-45B4-B335-1F2EE98C8735}: [DhcpNameServer] 10.1.192.12 10.1.192.13 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com URLSearchHook: HKU\S-1-5-21-1797319538-611075417-2455431110-1000 - (No Name) - {D8278076-BC68-4484-9233-6E7F1628B56C} - No File SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1797319538-611075417-2455431110-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_201\bin\ssv.dll [2019-02-16] (Oracle America, Inc. -> Oracle Corporation) BHO: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File BHO: No Name -> {D5FEC983-01DB-414a-9456-AF95AC9ED7B5} -> No File BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-02-16] (Oracle America, Inc. -> Oracle Corporation) IE Session Restore: HKU\S-1-5-21-1797319538-611075417-2455431110-1000 -> is enabled. StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF DefaultProfile: FF HKLM\...\Firefox\Extensions: [{3f963a5b-e555-4543-90e2-c3908898db71}] - C:\Program Files\AVG\AVG10\Firefox => not found FF Plugin: @adobe.com/AuthorwarePlayer -> C:\Windows\system32\Macromed\AUTHORWA\np32asw.dll [2004-07-02] (Macromedia, Inc. -> Macromedia, Inc.) FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_31_0_0_153.dll [2018-11-20] (Adobe Systems Incorporated -> ) FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1234204.dll [2018-06-06] (Adobe Systems, Inc.) [File not signed] FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2013-07-03] (Foxit Corporation -> Foxit Corporation) FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2013-07-03] (Foxit Corporation -> Foxit Corporation) FF Plugin: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-02-16] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-02-16] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\4.0.50524.0\npctrl.dll [2010-05-24] ( Microsoft Corporation) [File not signed] FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @tools.brave.com/BraveSoftware Update;version=3 -> C:\Program Files\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-03-15] (Brave Software, Inc. -> BraveSoftware Inc.) FF Plugin: @tools.brave.com/BraveSoftware Update;version=9 -> C:\Program Files\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-03-15] (Brave Software, Inc. -> BraveSoftware Inc.) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-26] (Google Inc -> Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-26] (Google Inc -> Google Inc.) FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-12-04] (Adobe Systems, Incorporated -> Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Profile 5 CHR HomePage: Profile 5 -> presearch.org CHR NewTab: Profile 5 -> "active": true, "entry": "chrome-extension://fbknefhkjhbolemlchjhacbgckdjggod/newtab.html" CHR DefaultSearchURL: Profile 5 -> hxxps://www.presearch.org/favicon.ico CHR Profile: C:\Users\Canaimita\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-03-25] CHR Profile: C:\Users\Canaimita\AppData\Local\Google\Chrome\User Data\Profile 5 [2019-03-25] CHR Extension: (Presearch) - C:\Users\Canaimita\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\cakppacehfeghjoiefiejlboennoajba [2018-11-18] CHR Extension: (Rebecca Taylor) - C:\Users\Canaimita\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\eahpkkfpjpdcfdkbpeoibdhfadicnhdj [2018-05-09] CHR Extension: (Presearch.org Start With Us) - C:\Users\Canaimita\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\fbknefhkjhbolemlchjhacbgckdjggod [2018-11-10] CHR Extension: (Hotspot Shield VPN Free Proxy – Unblock Sites) - C:\Users\Canaimita\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nlbejmccbhkncgokjcmghpfloaajcffj [2019-02-15] CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Canaimita\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03] CHR Extension: (Browsec VPN - Free and Unlimited VPN) - C:\Users\Canaimita\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\omghfjlpggmjjaagoclmmobgdodcjboh [2019-03-19] CHR Extension: (Gmail) - C:\Users\Canaimita\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-07-29] CHR Extension: (TeaserFast) - C:\Users\Canaimita\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\pjnejlbfaoikfmdbnghlecdcooheipml [2019-03-22] CHR Extension: (Chrome Media Router) - C:\Users\Canaimita\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-22] CHR Profile: C:\Users\Canaimita\AppData\Local\Google\Chrome\User Data\System Profile [2019-03-25] CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx Opera: ======= OPR Extension: (Messenger for Google™ Hangouts) - C:\Users\Canaimita\AppData\Roaming\Opera Software\Opera Stable\Extensions\inhkpalejbhichakldobdjfcacgcabjj [2017-07-30] ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S2 brave; C:\Program Files\BraveSoftware\Update\BraveUpdate.exe [154056 2019-03-15] (Brave Software, Inc. -> BraveSoftware Inc.) S3 bravem; C:\Program Files\BraveSoftware\Update\BraveUpdate.exe [154056 2019-03-15] (Brave Software, Inc. -> BraveSoftware Inc.) S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [290224 2018-04-15] (Intel Corporation - pGFX -> Intel Corporation) S3 ICCS; C:\Program Files\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [169752 2012-04-24] (Intel Corporation -> Intel Corporation) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [5247944 2019-02-01] (Malwarebytes Corporation -> Malwarebytes) S3 npggsvc; C:\Windows\system32\GameMon.des [4362656 2016-02-24] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.) [File not signed] R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 acpials; C:\Windows\System32\DRIVERS\acpials.sys [7680 2009-07-13] (Microsoft Windows -> Microsoft Corporation) R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [251728 2010-12-08] (AVG Technologies -> AVG Technologies CZ, s.r.o.) R1 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [34384 2010-09-07] (AVG Technologies -> AVG Technologies CZ, s.r.o.) S3 DFX11_1; C:\Windows\System32\drivers\dfx11_1.sys [24424 2015-08-31] (Power Technology -> Windows (R) Win 7 DDK provider) S3 DFX12; C:\Windows\System32\drivers\dfx12.sys [26104 2015-11-12] (Power Technology -> Windows (R) Win 7 DDK provider) S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [109456 2018-04-15] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae.sys [128552 2019-01-08] (Malwarebytes Corporation -> Malwarebytes) R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2018-04-15] (Martin Malik - REALiX -> REALiX(tm)) R0 iaStorA; C:\Windows\System32\DRIVERS\iaStorA.sys [489832 2013-11-16] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [24424 2013-11-16] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) R3 igfx; C:\Windows\System32\DRIVERS\igdkmd32.sys [3788752 2018-04-15] (Intel Corporation - pGFX -> Intel Corporation) R3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [289792 2013-11-06] (Intel(R) Corporation) [File not signed] R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [172280 2019-03-25] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [107168 2019-03-25] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [64088 2019-03-25] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [240440 2019-03-25] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [85232 2019-03-25] (Malwarebytes Corporation -> Malwarebytes) R3 MEI; C:\Windows\System32\DRIVERS\TeeDriver.sys [157752 2018-04-15] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) R3 Neo_VPN; C:\Windows\System32\DRIVERS\Neo_0124.sys [37920 2016-09-08] (SoftEther Corporation -> SoftEther Corporation) S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [657408 2009-07-13] (Microsoft Windows -> Ralink Technology Corp.) R3 NETwNs32; C:\Windows\System32\DRIVERS\NETwsn01.sys [10387216 2018-04-15] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) S3 REN2CAP_DRIVER; C:\Windows\System32\drivers\ren2cap.sys [39048 2012-01-05] (4Front Technologies, Inc. -> ) S3 RimUsb; C:\Windows\System32\Drivers\RimUsb.sys [22656 2007-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Research In Motion Limited) R3 RTSUER; C:\Windows\System32\Drivers\RtsUer.sys [311744 2018-11-05] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation) S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [147344 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [147344 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 tap-tb-0901; C:\Windows\System32\DRIVERS\tap-tb-0901.sys [33280 2017-09-06] (TunnelBear, Inc. -> The OpenVPN Project) R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [26624 2016-05-26] (The OpenVPN Project) [File not signed] S3 tapwindscribe0901; C:\Windows\System32\DRIVERS\tapwindscribe0901.sys [41976 2017-09-13] (Windscribe Limited -> The OpenVPN Project) S1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [113432 2017-04-18] (Oracle Corporation -> Oracle Corporation) S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [128704 2018-04-15] (NGO -> MBB) S3 cpuz143; \??\C:\Windows\temp\cpuz143\cpuz143_x32.sys [X] S4 IMFMBRProtect; \??\C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\IMFMBRProtect.sys [X] S4 IMFSafeBox; \??\C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\IMFSafeBox.sys [X] S4 IUFileFilter; \??\C:\Program Files\IObit\IObit Uninstaller\drivers\win7_x86\IUFileFilter.sys [X] S3 NAVENG; \??\C:\Program Files\Norton AntiVirus\NortonData\22.8.0.50\Definitions\SDSDefs\20161202.009\NAVENG.SYS [X] S3 NAVEX15; \??\C:\Program Files\Norton AntiVirus\NortonData\22.8.0.50\Definitions\SDSDefs\20161202.009\NAVEX15.SYS [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-03-25 15:24 - 2019-03-25 15:28 - 000022961 _____ C:\Users\Canaimita\Desktop\FRST.txt 2019-03-25 15:23 - 2019-03-25 15:24 - 000000000 ____D C:\FRST 2019-03-25 15:21 - 2019-03-25 15:22 - 001793024 _____ (Farbar) C:\Users\Canaimita\Desktop\FRST.exe 2019-03-25 13:35 - 2019-03-25 13:35 - 000107168 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys 2019-03-25 13:35 - 2019-03-25 13:35 - 000085232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys 2019-03-25 13:35 - 2019-03-25 13:35 - 000064088 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2019-03-25 13:34 - 2019-03-25 13:34 - 000240440 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys 2019-03-25 13:30 - 2019-03-25 13:30 - 000009197 _____ C:\Users\Canaimita\Desktop\informe malwarebytes.txt 2019-03-25 13:30 - 2019-03-25 13:06 - 000003962 _____ C:\Users\Canaimita\Desktop\AdwCleaner[C00].txt 2019-03-25 13:26 - 2019-03-25 13:26 - 000004558 _____ C:\Users\Canaimita\Desktop\cc_20190325_132633.reg 2019-03-25 13:24 - 2019-03-25 13:24 - 000069670 _____ C:\Users\Canaimita\Desktop\cc_20190325_132436.reg 2019-03-25 13:19 - 2019-03-25 13:19 - 000000965 _____ C:\Users\Public\Desktop\CCleaner.lnk 2019-03-25 13:15 - 2019-03-25 13:18 - 021205512 _____ (Piriform Software Ltd) C:\Users\Canaimita\Desktop\ccsetup555.exe 2019-03-25 13:04 - 2019-03-25 13:06 - 000000000 ____D C:\AdwCleaner 2019-03-25 13:02 - 2019-03-25 13:03 - 007316688 _____ (Malwarebytes) C:\Users\Canaimita\Desktop\adwcleaner_7.2.7.0.exe 2019-03-25 11:37 - 2019-03-25 11:37 - 000000000 ____D C:\Users\Canaimita\AppData\Local\mbam 2019-03-25 11:36 - 2019-03-25 11:36 - 000172280 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys 2019-03-25 11:36 - 2019-03-25 11:36 - 000000000 ____D C:\Users\Canaimita\AppData\Local\mbamtray 2019-03-25 11:35 - 2019-03-25 11:35 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2019-03-25 11:35 - 2019-03-25 11:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2019-03-25 11:35 - 2019-03-25 11:35 - 000000000 ____D C:\ProgramData\Malwarebytes 2019-03-25 11:35 - 2019-03-25 11:35 - 000000000 ____D C:\Program Files\Malwarebytes 2019-03-25 11:35 - 2019-01-08 16:32 - 000128552 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae.sys 2019-03-25 11:25 - 2019-03-25 11:34 - 062402408 _____ (Malwarebytes ) C:\Users\Canaimita\Desktop\mb3-setup-consumer-3.7.1.2839-1.0.563-1.0.9800.exe 2019-03-25 11:23 - 2019-03-25 13:00 - 000000559 _____ C:\Users\Canaimita\Desktop\DelFix.txt 2019-03-25 10:58 - 2019-03-25 10:58 - 000000000 ____D C:\Windows\ERUNT 2019-03-25 02:46 - 2019-03-25 11:50 - 000613882 _____ C:\Windows\system32\perfh015.dat 2019-03-25 02:46 - 2019-03-25 11:50 - 000604368 _____ C:\Windows\system32\perfh019.dat 2019-03-25 02:46 - 2019-03-25 11:50 - 000542814 _____ C:\Windows\system32\perfh01F.dat 2019-03-25 02:46 - 2019-03-25 11:50 - 000133460 _____ C:\Windows\system32\perfc015.dat 2019-03-25 02:46 - 2019-03-25 11:50 - 000130638 _____ C:\Windows\system32\perfc019.dat 2019-03-25 02:46 - 2019-03-25 11:50 - 000119642 _____ C:\Windows\system32\perfc01F.dat 2019-03-25 02:46 - 2019-03-24 19:34 - 000337158 _____ C:\Windows\system32\perfi015.dat 2019-03-25 02:46 - 2019-03-24 19:34 - 000038710 _____ C:\Windows\system32\perfd015.dat 2019-03-25 02:46 - 2019-03-24 18:43 - 000336704 _____ C:\Windows\system32\perfi019.dat 2019-03-25 02:46 - 2019-03-24 18:43 - 000039446 _____ C:\Windows\system32\perfd019.dat 2019-03-25 02:46 - 2019-03-24 17:17 - 000285034 _____ C:\Windows\system32\perfi01F.dat 2019-03-25 02:46 - 2019-03-24 17:17 - 000037160 _____ C:\Windows\system32\perfd01F.dat 2019-03-25 00:28 - 2019-03-25 00:28 - 000000000 ____D C:\Windows\system32\pl 2019-03-25 00:27 - 2019-03-25 00:27 - 000000000 ____D C:\Windows\system32\ru 2019-03-25 00:25 - 2019-03-25 00:25 - 000000000 ____D C:\Windows\system32\tr 2019-03-25 00:24 - 2019-03-25 00:28 - 000000000 ____D C:\Program Files\Windows Journal 2019-03-25 00:24 - 2019-03-25 00:24 - 000000000 ____D C:\Windows\system32\0409 2019-03-23 20:40 - 2019-03-23 20:53 - 000000238 _____ C:\Users\Canaimita\Downloads\Settings.ini 2019-03-23 20:40 - 2019-03-23 20:40 - 000000000 ____D C:\Users\Canaimita\Downloads\DataChrom 2019-03-23 20:40 - 2018-09-17 03:35 - 004109824 _____ (RuCaptcha [rucaptcha.com]) C:\Users\Canaimita\Downloads\2CaptchaBot.exe 2019-03-23 20:31 - 2019-03-23 20:40 - 056958976 _____ C:\Users\Canaimita\Downloads\CaptchaBotEN.zip 2019-03-23 18:34 - 2019-03-23 18:34 - 000000000 ____D C:\Users\Canaimita\Desktop\Sd 2019-03-22 00:19 - 2019-03-22 00:19 - 000000123 _____ C:\Users\Canaimita\Desktop\ygjhg.txt 2019-03-21 20:00 - 2019-03-21 20:00 - 000000141 _____ C:\Users\Canaimita\Desktop\Llamar.txt 2019-03-20 00:06 - 2019-03-20 00:06 - 000000105 _____ C:\Users\Canaimita\Desktop\Frase para foto.txt 2019-03-17 22:48 - 2019-03-17 22:48 - 000085018 _____ C:\Users\Canaimita\Desktop\Beauty_and_the_Beast.pdf 2019-03-17 19:37 - 2019-03-19 22:40 - 000000000 ____D C:\Users\Canaimita\Desktop\Trabajo 2019-03-16 00:06 - 2019-03-21 20:13 - 000002295 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk 2019-03-15 23:50 - 2019-03-16 00:06 - 000000000 ____D C:\Users\Canaimita\AppData\Local\BraveSoftware 2019-03-15 23:50 - 2019-03-16 00:05 - 000000000 ____D C:\Program Files\BraveSoftware 2019-03-12 19:44 - 2019-03-05 23:04 - 004055784 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe 2019-03-12 19:44 - 2019-03-05 23:04 - 003960552 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2019-03-12 19:44 - 2019-03-05 23:04 - 000189672 _____ (Microsoft Corporation) C:\Windows\system32\halmacpi.dll 2019-03-12 19:44 - 2019-03-05 23:04 - 000189672 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll 2019-03-12 19:44 - 2019-03-05 23:04 - 000137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2019-03-12 19:44 - 2019-03-05 23:04 - 000136424 _____ (Microsoft Corporation) C:\Windows\system32\halacpi.dll 2019-03-12 19:44 - 2019-03-05 23:04 - 000067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2019-03-12 19:44 - 2019-03-05 23:02 - 001310520 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2019-03-12 19:44 - 2019-03-05 23:01 - 001072640 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2019-03-12 19:44 - 2019-03-05 23:01 - 000872448 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2019-03-12 19:44 - 2019-03-05 23:01 - 000655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2019-03-12 19:44 - 2019-03-05 23:01 - 000556032 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2019-03-12 19:44 - 2019-03-05 23:01 - 000400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2019-03-12 19:44 - 2019-03-05 23:01 - 000294400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2019-03-12 19:44 - 2019-03-05 23:01 - 000261120 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2019-03-12 19:44 - 2019-03-05 23:01 - 000254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2019-03-12 19:44 - 2019-03-05 23:01 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2019-03-12 19:44 - 2019-03-05 23:01 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2019-03-12 19:44 - 2019-03-05 23:01 - 000171008 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2019-03-12 19:44 - 2019-03-05 23:01 - 000167936 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll 2019-03-12 19:44 - 2019-03-05 23:01 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2019-03-12 19:44 - 2019-03-05 23:01 - 000141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll 2019-03-12 19:44 - 2019-03-05 23:01 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2019-03-12 19:44 - 2019-03-05 23:01 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2019-03-12 19:44 - 2019-03-05 23:01 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2019-03-12 19:44 - 2019-03-05 23:01 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2019-03-12 19:44 - 2019-03-05 23:01 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2019-03-12 19:44 - 2019-03-05 23:01 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2019-03-12 19:44 - 2019-03-05 23:00 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2019-03-12 19:44 - 2019-03-05 23:00 - 000644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2019-03-12 19:44 - 2019-03-05 23:00 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll 2019-03-12 19:44 - 2019-03-05 23:00 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2019-03-12 19:44 - 2019-03-05 23:00 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2019-03-12 19:44 - 2019-03-05 23:00 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2019-03-12 19:44 - 2019-03-05 23:00 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2019-03-12 19:44 - 2019-03-05 23:00 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2019-03-12 19:44 - 2019-03-05 23:00 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2019-03-12 19:44 - 2019-03-05 23:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2019-03-12 19:44 - 2019-03-05 23:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2019-03-12 19:44 - 2019-03-05 23:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2019-03-12 19:44 - 2019-03-05 23:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2019-03-12 19:44 - 2019-03-05 23:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2019-03-12 19:44 - 2019-03-05 23:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2019-03-12 19:44 - 2019-03-05 23:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2019-03-12 19:44 - 2019-03-05 23:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2019-03-12 19:44 - 2019-03-05 23:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2019-03-12 19:44 - 2019-03-05 23:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2019-03-12 19:44 - 2019-03-05 23:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2019-03-12 19:44 - 2019-03-05 23:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2019-03-12 19:44 - 2019-03-05 23:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2019-03-12 19:44 - 2019-03-05 23:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2019-03-12 19:44 - 2019-03-05 23:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2019-03-12 19:44 - 2019-03-05 23:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2019-03-12 19:44 - 2019-03-05 23:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2019-03-12 19:44 - 2019-03-05 23:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2019-03-12 19:44 - 2019-03-05 23:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2019-03-12 19:44 - 2019-03-05 23:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2019-03-12 19:44 - 2019-03-05 23:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2019-03-12 19:44 - 2019-03-05 23:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2019-03-12 19:44 - 2019-03-05 22:41 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2019-03-12 19:44 - 2019-03-05 22:41 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2019-03-12 19:44 - 2019-03-05 22:41 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2019-03-12 19:44 - 2019-03-05 22:41 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2019-03-12 19:44 - 2019-03-05 22:41 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll 2019-03-12 19:44 - 2019-03-05 22:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2019-03-12 19:44 - 2019-03-05 22:39 - 002405376 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2019-03-12 19:44 - 2019-03-05 22:39 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2019-03-12 19:44 - 2019-03-05 22:39 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2019-03-12 19:44 - 2019-03-05 22:39 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys 2019-03-12 19:44 - 2019-03-05 22:37 - 000317440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys 2019-03-12 19:44 - 2019-03-05 22:37 - 000314880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys 2019-03-12 19:44 - 2019-03-05 22:37 - 000226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2019-03-12 19:44 - 2019-03-05 22:37 - 000126464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2019-03-12 19:44 - 2019-03-05 22:37 - 000117248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys 2019-03-12 19:44 - 2019-03-05 22:37 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2019-03-12 19:44 - 2019-03-05 22:36 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2019-03-12 19:44 - 2019-03-05 22:36 - 000055296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys 2019-03-12 19:44 - 2019-03-05 22:36 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys 2019-03-12 19:44 - 2019-03-05 22:36 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\viac7.sys 2019-03-12 19:44 - 2019-03-05 22:36 - 000052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys 2019-03-12 19:44 - 2019-03-05 22:36 - 000052224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys 2019-03-12 19:44 - 2019-03-05 22:36 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2019-03-12 19:44 - 2019-03-05 22:36 - 000035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys 2019-03-12 19:44 - 2019-03-05 22:36 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2019-03-12 19:44 - 2019-03-05 22:36 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2019-03-12 19:44 - 2019-03-05 22:36 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2019-03-12 19:44 - 2019-03-05 22:36 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2019-03-12 19:44 - 2019-03-05 22:36 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2019-03-12 19:44 - 2019-03-05 22:36 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2019-03-12 19:44 - 2019-03-04 22:40 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys 2019-03-12 19:44 - 2019-03-04 22:40 - 000026368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys 2019-03-12 19:44 - 2019-03-04 22:40 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys 2019-03-12 19:44 - 2019-02-26 17:47 - 000348984 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2019-03-12 19:44 - 2019-02-26 03:25 - 020281856 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2019-03-12 19:44 - 2019-02-26 03:19 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2019-03-12 19:44 - 2019-02-26 03:19 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2019-03-12 19:44 - 2019-02-26 03:07 - 000498176 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2019-03-12 19:44 - 2019-02-26 03:07 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2019-03-12 19:44 - 2019-02-26 03:06 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2019-03-12 19:44 - 2019-02-26 03:06 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2019-03-12 19:44 - 2019-02-26 03:05 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2019-03-12 19:44 - 2019-02-26 03:04 - 002295808 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2019-03-12 19:44 - 2019-02-26 03:01 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2019-03-12 19:44 - 2019-02-26 03:00 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2019-03-12 19:44 - 2019-02-26 02:58 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2019-03-12 19:44 - 2019-02-26 02:57 - 000663040 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2019-03-12 19:44 - 2019-02-26 02:57 - 000620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2019-03-12 19:44 - 2019-02-26 02:57 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2019-03-12 19:44 - 2019-02-26 02:57 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2019-03-12 19:44 - 2019-02-26 02:51 - 000668160 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2019-03-12 19:44 - 2019-02-26 02:49 - 000416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2019-03-12 19:44 - 2019-02-26 02:44 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2019-03-12 19:44 - 2019-02-26 02:44 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2019-03-12 19:44 - 2019-02-26 02:43 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2019-03-12 19:44 - 2019-02-26 02:41 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2019-03-12 19:44 - 2019-02-26 02:41 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2019-03-12 19:44 - 2019-02-26 02:39 - 000279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2019-03-12 19:44 - 2019-02-26 02:38 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2019-03-12 19:44 - 2019-02-26 02:35 - 004494848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2019-03-12 19:44 - 2019-02-26 02:33 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2019-03-12 19:44 - 2019-02-26 02:31 - 002059776 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2019-03-12 19:44 - 2019-02-26 02:31 - 000696320 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2019-03-12 19:44 - 2019-02-26 02:31 - 000692224 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2019-03-12 19:44 - 2019-02-26 02:30 - 001155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2019-03-12 19:44 - 2019-02-26 02:29 - 013681664 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2019-03-12 19:44 - 2019-02-26 02:12 - 004386304 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2019-03-12 19:44 - 2019-02-26 02:09 - 001332224 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2019-03-12 19:44 - 2019-02-26 02:07 - 000710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2019-03-12 19:44 - 2019-02-21 22:56 - 000004608 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll 2019-03-12 19:44 - 2019-02-21 22:55 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll 2019-03-12 19:44 - 2019-02-21 22:35 - 000313344 _____ (Microsoft Corporation) C:\Windows\system32\msrd2x40.dll 2019-03-12 19:44 - 2019-02-16 01:50 - 001425920 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2019-03-12 19:44 - 2019-02-16 01:50 - 000781824 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2019-03-12 19:44 - 2019-02-16 01:50 - 000583680 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2019-03-12 19:44 - 2019-02-16 01:50 - 000380928 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll 2019-03-12 19:44 - 2019-02-16 01:50 - 000321536 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv 2019-03-12 19:44 - 2019-02-16 01:50 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll 2019-03-12 19:44 - 2019-02-16 01:33 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll 2019-03-12 19:44 - 2019-02-15 11:58 - 000382976 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2019-03-12 19:44 - 2019-02-15 11:58 - 000320512 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll 2019-03-12 19:44 - 2019-02-15 11:38 - 000360960 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe 2019-03-12 19:44 - 2019-02-15 11:38 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe 2019-03-12 19:44 - 2019-02-15 11:38 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe 2019-03-12 19:44 - 2019-02-15 11:38 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll 2019-03-12 19:44 - 2019-02-10 12:43 - 001214176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2019-03-12 19:44 - 2019-02-10 12:18 - 000247296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys 2019-03-12 19:44 - 2019-02-10 12:18 - 000148992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys 2019-03-12 19:44 - 2019-02-10 12:18 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys 2019-03-12 19:44 - 2019-02-10 12:18 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys 2019-03-12 19:44 - 2019-02-08 11:59 - 001391104 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2019-03-12 19:44 - 2019-02-08 11:59 - 001241088 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2019-03-12 19:44 - 2019-02-08 11:59 - 000805376 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll 2019-03-12 19:44 - 2019-02-08 11:59 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll 2019-03-12 19:44 - 2019-02-08 11:59 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2019-03-12 19:44 - 2019-02-07 11:57 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\bridgeres.dll 2019-03-12 19:44 - 2019-02-07 11:53 - 000078336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys 2019-03-12 19:44 - 2019-02-07 11:42 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\brdgcfg.dll 2019-03-12 19:44 - 2019-02-07 11:42 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\bridgeunattend.exe 2019-03-12 19:44 - 2019-02-03 11:34 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msfs.sys 2019-03-12 19:44 - 2019-01-04 12:00 - 000122600 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2019-03-12 19:44 - 2019-01-04 11:56 - 000593408 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2019-03-12 19:44 - 2019-01-04 10:04 - 002703872 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe 2019-03-12 19:44 - 2019-01-04 10:04 - 001387520 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2019-03-12 19:44 - 2019-01-04 10:04 - 000617984 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2019-03-12 19:44 - 2019-01-04 10:04 - 000524800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2019-03-12 19:44 - 2019-01-04 10:04 - 000377856 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll 2019-03-12 19:44 - 2019-01-04 10:04 - 000361472 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2019-03-12 19:44 - 2019-01-04 10:04 - 000254464 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2019-03-12 19:44 - 2019-01-04 10:04 - 000205312 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2019-03-12 19:44 - 2019-01-03 11:55 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2019-03-12 19:03 - 2019-02-10 12:43 - 000078560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys 2019-03-12 19:03 - 2019-02-10 12:41 - 012574208 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2019-03-12 19:03 - 2019-02-10 12:41 - 011411968 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2019-03-12 19:03 - 2019-02-10 12:41 - 003207168 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2019-03-12 19:03 - 2019-02-10 12:41 - 001329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2019-03-12 19:03 - 2019-02-10 12:41 - 001177088 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2019-03-12 19:03 - 2019-02-10 12:41 - 001005056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll 2019-03-12 19:03 - 2019-02-10 12:41 - 000988160 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll 2019-03-12 19:03 - 2019-02-10 12:41 - 000744960 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll 2019-03-12 19:03 - 2019-02-10 12:41 - 000617984 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll 2019-03-12 19:03 - 2019-02-10 12:41 - 000519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2019-03-12 19:03 - 2019-02-10 12:41 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll 2019-03-12 19:03 - 2019-02-10 12:41 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll 2019-03-12 19:03 - 2019-02-10 12:41 - 000474624 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2019-03-12 19:03 - 2019-02-10 12:41 - 000442368 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2019-03-12 19:03 - 2019-02-10 12:41 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll 2019-03-12 19:03 - 2019-02-10 12:41 - 000373248 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2019-03-12 19:03 - 2019-02-10 12:41 - 000354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2019-03-12 19:03 - 2019-02-10 12:41 - 000276480 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2019-03-12 19:03 - 2019-02-10 12:41 - 000265216 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll 2019-03-12 19:03 - 2019-02-10 12:41 - 000195072 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2019-03-12 19:03 - 2019-02-10 12:41 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2019-03-12 19:03 - 2019-02-10 12:41 - 000157184 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll 2019-03-12 19:03 - 2019-02-10 12:41 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2019-03-12 19:03 - 2019-02-10 12:41 - 000106496 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2019-03-12 19:03 - 2019-02-10 12:41 - 000103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2019-03-12 19:03 - 2019-02-10 12:41 - 000080896 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll 2019-03-12 19:03 - 2019-02-10 12:41 - 000046592 _____ (Microsoft Corporation) C:\Windows\system32\mssign32.dll 2019-03-12 19:03 - 2019-02-10 12:41 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll 2019-03-12 19:03 - 2019-02-10 12:41 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll 2019-03-12 19:03 - 2019-02-10 12:37 - 000593920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys 2019-03-12 19:03 - 2019-02-10 12:29 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll 2019-03-12 19:03 - 2019-02-10 12:29 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx 2019-03-12 19:03 - 2019-02-10 12:29 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll 2019-03-12 19:03 - 2019-02-10 12:28 - 000100352 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe 2019-03-12 19:03 - 2019-02-10 12:28 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe 2019-03-12 19:03 - 2019-02-10 12:28 - 000023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe 2019-03-12 19:03 - 2019-02-10 12:24 - 000010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll 2019-03-12 19:03 - 2019-02-10 12:19 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll 2019-03-12 19:03 - 2019-02-10 12:19 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe 2019-03-12 19:03 - 2019-02-10 12:19 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe 2019-03-12 18:56 - 2019-02-16 01:30 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe 2019-03-07 16:56 - 2019-03-25 00:16 - 000000000 ____D C:\Users\Canaimita\Desktop\Fotos para el celular ==================== One month (modified) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-03-25 15:06 - 2018-11-05 23:33 - 000000000 ____D C:\Users\Canaimita\AppData\Roaming\Telegram Desktop 2019-03-25 13:42 - 2009-07-14 00:34 - 000014192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2019-03-25 13:42 - 2009-07-14 00:34 - 000014192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2019-03-25 13:34 - 2016-08-16 18:14 - 000065536 _____ C:\Windows\system32\Ikeext.etl 2019-03-25 13:34 - 2015-08-05 18:06 - 000000000 ____D C:\ProgramData\AVAST Software 2019-03-25 13:34 - 2009-07-14 00:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2019-03-25 13:27 - 2009-07-13 22:37 - 000000000 ____D C:\Windows\inf 2019-03-25 13:09 - 2017-11-19 10:25 - 000000000 ____D C:\Users\Canaimita\AppData\Local\AVAST Software 2019-03-25 13:06 - 2018-04-15 21:32 - 000000000 ____D C:\Program Files\Common Files\IObit 2019-03-25 13:06 - 2018-04-15 20:35 - 000000000 ____D C:\Users\Canaimita\AppData\LocalLow\IObit 2019-03-25 13:06 - 2018-04-15 20:33 - 000000000 ____D C:\Users\Canaimita\AppData\Roaming\IObit 2019-03-25 12:52 - 2009-07-13 22:37 - 000000000 ____D C:\Windows\tracing 2019-03-25 11:50 - 2014-07-03 01:47 - 003793062 _____ C:\Windows\system32\PerfStringBackup.INI 2019-03-25 11:50 - 2009-07-14 04:48 - 000696640 _____ C:\Windows\system32\perfh00A.dat 2019-03-25 11:50 - 2009-07-14 04:48 - 000144836 _____ C:\Windows\system32\perfc00A.dat 2019-03-25 10:25 - 2009-07-13 22:37 - 000000000 ____D C:\Windows\rescache 2019-03-25 10:10 - 2019-01-08 23:44 - 000000000 _RSHD C:\streamer 2019-03-25 00:28 - 2009-07-14 04:48 - 000000000 ____D C:\Windows\system32\XPSViewer 2019-03-25 00:28 - 2009-07-14 04:48 - 000000000 ____D C:\Windows\system32\winrm 2019-03-25 00:28 - 2009-07-14 04:48 - 000000000 ____D C:\Windows\system32\WCN 2019-03-25 00:28 - 2009-07-14 04:48 - 000000000 ____D C:\Windows\system32\slmgr 2019-03-25 00:28 - 2009-07-14 04:48 - 000000000 ____D C:\Windows\system32\Printing_Admin_Scripts 2019-03-25 00:28 - 2009-07-14 00:52 - 000000000 ____D C:\Program Files\Windows Sidebar 2019-03-25 00:28 - 2009-07-14 00:52 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2019-03-25 00:28 - 2009-07-14 00:52 - 000000000 ____D C:\Program Files\Windows Defender 2019-03-25 00:28 - 2009-07-14 00:52 - 000000000 ____D C:\Program Files\DVD Maker 2019-03-25 00:28 - 2009-07-13 22:37 - 000000000 ____D C:\Windows\system32\sysprep 2019-03-25 00:28 - 2009-07-13 22:37 - 000000000 ____D C:\Windows\system32\oobe 2019-03-25 00:28 - 2009-07-13 22:37 - 000000000 ____D C:\Windows\system32\MUI 2019-03-25 00:28 - 2009-07-13 22:37 - 000000000 ____D C:\Windows\system32\migwiz 2019-03-25 00:28 - 2009-07-13 22:37 - 000000000 ____D C:\Windows\system32\Dism 2019-03-25 00:28 - 2009-07-13 22:37 - 000000000 ____D C:\Windows\system32\com 2019-03-25 00:28 - 2009-07-13 22:37 - 000000000 ____D C:\Windows\servicing 2019-03-25 00:28 - 2009-07-13 22:37 - 000000000 ____D C:\Windows\PolicyDefinitions 2019-03-25 00:28 - 2009-07-13 22:37 - 000000000 ____D C:\Windows\IME 2019-03-25 00:28 - 2009-07-13 22:37 - 000000000 ____D C:\Program Files\Common Files\System 2019-03-25 00:24 - 2009-07-14 04:48 - 000000000 ____D C:\Windows\DigitalLocker 2019-03-25 00:24 - 2009-07-13 22:37 - 000000000 ____D C:\Windows\system32\Setup 2019-03-23 18:49 - 2014-07-14 19:24 - 000000000 ____D C:\Users\Canaimita\AppData\Roaming\vlc 2019-03-23 17:37 - 2018-11-21 21:33 - 000000000 ____D C:\Users\Canaimita\Downloads\Telegram Desktop 2019-03-21 21:28 - 2018-07-10 14:20 - 000002168 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2019-03-21 15:08 - 2017-06-07 14:28 - 000000000 ____D C:\Users\Canaimita\Desktop\Hablemos de Amor y de Celos, Consejos para Ti 2019-03-21 11:58 - 2009-07-13 22:37 - 000000000 ____D C:\Windows\system32\NDF 2019-03-19 19:32 - 2019-01-25 21:46 - 000000000 ____D C:\Users\Canaimita\Desktop\video 2019-03-19 19:19 - 2016-03-26 16:16 - 000000000 ____D C:\Users\Canaimita\Downloads\Tarjetas y Programas 2019-03-17 19:49 - 2018-05-25 14:08 - 000000000 ____D C:\Users\Canaimita\Desktop\Transferencias 2019-03-12 20:49 - 2009-07-14 00:33 - 000419424 _____ C:\Windows\system32\FNTCACHE.DAT 2019-03-12 20:46 - 2017-08-19 00:00 - 000000000 ___SD C:\Windows\system32\CompatTel 2019-03-12 20:46 - 2017-08-19 00:00 - 000000000 ____D C:\Windows\system32\appraiser 2019-03-12 20:23 - 2017-08-14 21:01 - 000000000 ____D C:\Windows\system32\MRT 2019-03-12 20:09 - 2017-08-14 21:01 - 124382624 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2019-03-12 19:34 - 2016-08-28 15:16 - 000000000 ____D C:\Users\Canaimita\AppData\Local\osu! 2019-03-12 00:05 - 2014-07-03 01:50 - 000000000 ____D C:\Users\Canaimita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2019-03-12 00:05 - 2014-07-03 01:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2019-03-12 00:05 - 2014-07-03 01:50 - 000000000 ____D C:\Program Files\Winrar 2019-03-11 23:05 - 2009-07-14 00:53 - 000032636 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2019-03-05 20:41 - 2014-07-18 13:37 - 000000000 ____D C:\Users\Canaimita\AppData\Local\ElevatedDiagnostics 2019-03-02 18:14 - 2016-04-05 15:08 - 000000000 ____D C:\Users\Canaimita\AppData\Local\CrashDumps 2019-02-26 16:55 - 2019-01-08 23:44 - 000000000 _RSHD C:\streamerdata 2019-02-25 07:47 - 2019-01-28 16:30 - 000000000 ____D C:\Users\Canaimita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc 2019-02-25 07:47 - 2019-01-28 16:30 - 000000000 ____D C:\Users\Canaimita\AppData\Roaming\Discord 2019-02-25 07:42 - 2019-02-22 00:54 - 000000000 ____D C:\Program Files\Common Files\WebM Project 2019-02-24 16:05 - 2018-04-15 20:52 - 000000000 ____D C:\ProgramData\ProductData ==================== Files in the root of some directories ======= 2016-08-30 10:15 - 2016-07-04 00:08 - 000024080 ___SH () C:\Users\Canaimita\AppData\Roaming\NgaCLGSgTEcG 2014-07-29 20:55 - 2014-07-29 20:55 - 000000320 _____ () C:\Users\Canaimita\AppData\Local\FSCache.dat 2016-04-05 14:24 - 2016-04-05 14:24 - 000000036 _____ () C:\Users\Canaimita\AppData\Local\housecall.guid.cache 2019-02-11 14:20 - 2019-02-11 14:20 - 000000000 _____ () C:\Users\Canaimita\AppData\Local\{DD9BF916-6C68-4950-9326-444F38C4B0E3} ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\system32\dllhost.exe => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2019-03-24 20:21 ==================== End of FRST.txt ============================