Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 30-01-2019 Ran by Chirstopher (administrator) on CHIRSTOPHER-PC (31-01-2019 13:39:42) Running from C:\Users\Chirstopher\Desktop Loaded Profiles: Chirstopher (Available Profiles: Chirstopher) Platform: Microsoft Windows 7 Professional (X86) Language: Español (España, internacional) Internet Explorer Version 8 (Default browser: Chrome) Boot Mode: Safe Mode (with Networking) Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2015-04-10] (Oracle Corporation) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated) HKLM\...\RunOnce: [GrpConv] => grpconv -o HKLM\...\RunOnce: [{997FC6B4-B63A-497C-A6D4-A8136CE68D95}] => C:\Users\Chirstopher\AppData\Local\Temp\{9D20E041-734E-4931-A9FD-EC02F515CA69}\{997FC6B4-B63A-497C-A6D4-A8136CE68D95}.cmd [294 2019-01-30] () <==== ATTENTION HKLM\...\Winlogon: [Shell] C:\Windows\explorer.exe, [x ] () HKU\S-1-5-21-2681442001-3343462214-529195435-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [14679256 2019-01-10] (Piriform Software Ltd) HKU\S-1-5-21-2681442001-3343462214-529195435-1000\...\Run: [CCleaner] => C:\Program Files\CCleaner\CCleaner.exe [14679256 2019-01-10] (Piriform Software Ltd) HKLM\...\Drivers32: [VIDC.FICV] => C:\Windows\system32\ficvdec_x86.dll [641024 2013-05-28] () HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2019-01-25] (Google Inc.) Startup: C:\Users\Chirstopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2019-01-25] ShortcutTarget: MEGAsync.lnk -> C:\Users\Chirstopher\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 200.109.78.12 200.44.32.12 Tcpip\..\Interfaces\{7EBA8BE4-61BB-44A7-88B4-1C84D493FAA5}: [DhcpNameServer] 200.109.78.12 200.44.32.12 Internet Explorer: ================== HKU\S-1-5-21-2681442001-3343462214-529195435-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-ve/?ocid=iehp BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2019-01-23] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2019-01-23] (Oracle Corporation) FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll [2019-01-23] () FF Plugin: @java.com/DTPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2019-01-23] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2019-01-23] (Oracle Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-01-25] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-01-25] (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-05-11] (Adobe Systems Inc.) Chrome: ======= CHR StartupUrls: Default -> "hxxp://www.como-eliminarvirus.com/mrsys-exe-eliminacion/" CHR Profile: C:\Users\Chirstopher\AppData\Local\Google\Chrome\User Data\Default [2019-01-31] CHR Extension: (Deadpool) - C:\Users\Chirstopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihiehkcaajaipjpoeeolnnacomapnng [2019-01-24] CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Chirstopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-01-25] CHR Extension: (Chrome Media Router) - C:\Users\Chirstopher\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-01-25] ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S2 cmcore; c:\program files\cmcm\Clean Master\cmcore.exe [366456 2019-01-23] (Cheetah Mobile,Inc.) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [5073376 2018-09-19] (Malwarebytes) S2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [36496 2019-01-27] (VIA Technologies, Inc.) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-13] (Microsoft Corporation) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [34680 2019-01-30] (AVAST Software) S1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [169216 2019-01-30] (AVAST Software) S1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [185848 2019-01-30] (AVAST Software) S0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [158288 2019-01-30] (AVAST Software) S0 aswblog; C:\Windows\System32\drivers\aswblog.sys [255416 2019-01-30] (AVAST Software) S0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [51320 2019-01-30] (AVAST Software) S1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [183160 2019-01-30] (AVAST Software) S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [42928 2019-01-30] (AVAST Software) S1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [40888 2019-01-30] (AVAST Software) S2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [138272 2019-01-30] (AVAST Software) R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [101176 2019-01-30] (AVAST Software) S0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [72992 2019-01-30] (AVAST Software) S1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [785776 2019-01-30] (AVAST Software) S1 aswSP; C:\Windows\System32\drivers\aswSP.sys [401832 2019-01-30] (AVAST Software) S2 aswStm; C:\Windows\System32\drivers\aswStm.sys [163344 2019-01-30] (AVAST Software) S0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [310400 2019-01-30] (AVAST Software) R0 B500FF42; C:\Windows\System32\drivers\B500FF42.sys [153784 2019-01-30] (Kaspersky Lab ZAO) S3 ksapi; C:\Windows\system32\drivers\ksapi.sys [124592 2019-01-23] (Kingsoft Corporation) R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [172280 2019-01-30] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [230120 2019-01-31] (Malwarebytes) S3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [575696 2019-01-27] (VIA Technologies, Inc.) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-01-31 13:39 - 2019-01-31 13:39 - 000009580 _____ C:\Users\Chirstopher\Desktop\FRST.txt 2019-01-31 13:39 - 2019-01-31 13:39 - 000000000 ____D C:\FRST 2019-01-31 13:38 - 2019-01-31 13:39 - 001788416 _____ (Farbar) C:\Users\Chirstopher\Desktop\FRST.exe 2019-01-31 13:37 - 2019-01-31 13:37 - 000000529 _____ C:\DelFix.txt 2019-01-31 11:11 - 2019-01-31 11:11 - 000230120 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys 2019-01-30 18:18 - 2019-01-30 18:18 - 000000000 _____ C:\Windows\system32\Drivers\OLD934F.tmp 2019-01-30 18:14 - 2019-01-30 18:14 - 000000304 _____ C:\Windows\Tasks\EOSv3 Scheduler onTime.job 2019-01-30 18:14 - 2019-01-30 18:14 - 000000304 _____ C:\Windows\Tasks\EOSv3 Scheduler onLogOn.job 2019-01-30 18:12 - 2019-01-30 18:12 - 000000356 _____ C:\Users\Chirstopher\Desktop\eset scaner virus resultados.txt 2019-01-30 17:23 - 2019-01-31 11:11 - 000077816 _____ C:\Windows\ntbtlog.txt 2019-01-30 17:23 - 2019-01-30 17:23 - 000153784 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\B500FF42.sys 2019-01-30 17:22 - 2019-01-30 17:23 - 000000000 ____D C:\KVRT_Data 2019-01-30 17:19 - 2019-01-30 17:19 - 000000000 ____D C:\Users\Chirstopher\AppData\Local\ESET 2019-01-30 17:16 - 2019-01-30 17:18 - 007666296 _____ (ESET spol. s r.o.) C:\Users\Chirstopher\Desktop\ESETOnlineScanner_ESL.exe 2019-01-30 16:22 - 2019-01-30 17:22 - 158466856 _____ (AO Kaspersky Lab) C:\Users\Chirstopher\Desktop\KVRT.exe 2019-01-30 15:55 - 2019-01-30 15:55 - 000003076 _____ C:\Users\Chirstopher\Desktop\virus malware 2.txt 2019-01-30 15:38 - 2019-01-30 15:38 - 000187248 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys.154887893387909 2019-01-30 15:36 - 2019-01-30 15:35 - 000312200 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2019-01-30 15:12 - 2019-01-30 19:24 - 000001722 _____ C:\Users\Chirstopher\Desktop\virus malware.txt 2019-01-30 14:46 - 2019-01-30 15:39 - 000138272 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2019-01-30 14:46 - 2019-01-30 15:37 - 000000342 ____H C:\Windows\Tasks\Avast Emergency Update.job 2019-01-30 14:46 - 2019-01-30 15:35 - 000401832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2019-01-30 14:46 - 2019-01-30 15:35 - 000310400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys 2019-01-30 14:46 - 2019-01-30 15:35 - 000183160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys 2019-01-30 14:46 - 2019-01-30 15:35 - 000169216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys 2019-01-30 14:46 - 2019-01-30 15:35 - 000163344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2019-01-30 14:46 - 2019-01-30 15:35 - 000101176 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2019-01-30 14:46 - 2019-01-30 15:35 - 000072992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys 2019-01-30 14:46 - 2019-01-30 15:35 - 000042928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys 2019-01-30 14:46 - 2019-01-30 15:35 - 000040888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys 2019-01-30 14:46 - 2019-01-30 15:34 - 000785776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2019-01-30 14:46 - 2019-01-30 15:34 - 000255416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswblog.sys 2019-01-30 14:46 - 2019-01-30 15:34 - 000185848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys 2019-01-30 14:46 - 2019-01-30 15:34 - 000158288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys 2019-01-30 14:46 - 2019-01-30 15:34 - 000051320 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys 2019-01-30 14:46 - 2019-01-30 15:34 - 000034680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys 2019-01-30 14:19 - 2019-01-30 14:21 - 007450264 _____ (AVAST Software) C:\Users\Chirstopher\Downloads\avast_free_antivirus_setup_online_a3a.exe 2019-01-29 23:01 - 2019-01-29 23:01 - 000000740 _____ C:\Users\Public\Desktop\Action!.lnk 2019-01-29 20:40 - 2019-01-29 20:40 - 000000000 __RSH C:\MSDOS.SYS 2019-01-29 20:40 - 2019-01-29 20:40 - 000000000 __RSH C:\IO.SYS 2019-01-29 19:39 - 2019-01-29 19:39 - 000211962 __RSH C:\Users\Chirstopher\AppData\Local\stsys.exe 2019-01-29 19:23 - 2019-01-29 19:23 - 000211959 __RSH C:\Windows\system\explorer.exe 2019-01-29 19:23 - 2019-01-29 19:23 - 000211942 __RSH C:\Windows\system\spoolsv.exe 2019-01-29 19:23 - 2019-01-29 19:23 - 000211833 __RSH C:\Windows\system\svchost.exe 2019-01-29 19:23 - 2019-01-29 19:23 - 000000000 ____N C:\Windows\system\cmsys.cmn 2019-01-29 19:19 - 2019-01-30 18:19 - 000172280 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys 2019-01-29 19:11 - 2019-01-29 19:11 - 000001010 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2019-01-29 19:08 - 2019-01-29 19:08 - 000211788 __RSH C:\Users\Chirstopher\AppData\Roaming\mrsys.exe 2019-01-29 18:57 - 2019-01-29 18:57 - 000000000 ____D C:\Users\Chirstopher\AppData\Local\mbam 2019-01-29 18:56 - 2019-01-29 19:18 - 000129248 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae.sys 2019-01-29 18:56 - 2019-01-29 18:56 - 000002020 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2019-01-29 18:56 - 2019-01-29 18:56 - 000000000 ____D C:\Users\Chirstopher\AppData\Local\mbamtray 2019-01-29 18:56 - 2019-01-29 18:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2019-01-29 18:56 - 2019-01-29 18:56 - 000000000 ____D C:\ProgramData\Malwarebytes 2019-01-29 18:56 - 2019-01-29 18:56 - 000000000 ____D C:\Program Files\Malwarebytes 2019-01-29 18:08 - 2019-01-29 19:08 - 000000000 ____D C:\rei 2019-01-29 17:38 - 2019-01-29 17:38 - 000000000 ____D C:\Users\Chirstopher\AppData\Roaming\WinThruster 2019-01-29 17:38 - 2019-01-29 17:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinThruster 2019-01-28 17:08 - 2019-01-28 17:10 - 001862572 _____ C:\Users\Chirstopher\Downloads\d3dx9_40.dll.zip 2019-01-27 17:36 - 2019-01-27 17:36 - 019341880 ___SH (Piriform Software Ltd) C:\Users\Chirstopher\Downloads\ccsetup552.exe  2019-01-27 17:36 - 2019-01-27 17:36 - 000000965 _____ C:\Users\Public\Desktop\CCleaner.lnk 2019-01-27 17:36 - 2019-01-27 17:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2019-01-27 17:36 - 2019-01-27 17:36 - 000000000 ____D C:\Program Files\CCleaner 2019-01-27 17:15 - 2019-01-27 17:15 - 000000000 ____D C:\ProgramData\Package Cache 2019-01-27 17:14 - 2019-01-27 17:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Strogino CS Portal 2019-01-27 17:08 - 2019-01-27 17:08 - 002546896 _____ (VIA Technologies, Inc.) C:\Windows\system32\VIAPropPageExt.dll 2019-01-27 17:08 - 2019-01-27 17:08 - 001752904 _____ (Creative Technology Ltd.) C:\Windows\system32\VMAPO232.DLL 2019-01-27 17:08 - 2019-01-27 17:08 - 001722776 _____ (VIA Technologies, Inc.) C:\Windows\system32\ViaMicArrayAPO.dll 2019-01-27 17:08 - 2019-01-27 17:08 - 001104440 _____ (VIA Technologies, Inc.) C:\Windows\system32\VIASysFx.dll 2019-01-27 17:08 - 2019-01-27 17:08 - 001039504 _____ (VIA Technologies, Inc.) C:\Windows\system32\ViaKaraokeApo.dll 2019-01-27 17:08 - 2019-01-27 17:08 - 000754760 _____ (Creative Technology Ltd.) C:\Windows\system32\VMAPO32.DLL 2019-01-27 17:08 - 2019-01-27 17:08 - 000575696 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\viahduaa.sys 2019-01-27 17:08 - 2019-01-27 17:08 - 000568304 _____ (Creative Technology Ltd.) C:\Windows\system32\VMTHX32.DLL 2019-01-27 17:08 - 2019-01-27 17:08 - 000333848 _____ (Creative Technology Ltd.) C:\Windows\system32\VMWRP32.DLL 2019-01-27 17:08 - 2019-01-27 17:08 - 000120984 _____ (VIA Technologies,Inc.) C:\Windows\system32\ViaKaraokePropPageExt.dll 2019-01-27 17:08 - 2019-01-27 17:08 - 000095384 _____ (VIA Technologies,Inc.) C:\Windows\system32\ViaMicArrayPropPageExt.dll 2019-01-27 17:08 - 2019-01-27 17:08 - 000072608 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\VtSrdAPO.dll 2019-01-27 17:08 - 2019-01-27 17:08 - 000056472 _____ (TODO: ) C:\Windows\system32\PropPageExt.dll 2019-01-27 17:08 - 2019-01-27 17:08 - 000056416 _____ (Creative Technology Ltd.) C:\Windows\system32\VMPPLD32.DLL 2019-01-27 17:08 - 2019-01-27 17:08 - 000053304 _____ (Creative Technology Ltd.) C:\Windows\system32\VMPPCN32.DLL 2019-01-27 17:08 - 2019-01-27 17:08 - 000036496 _____ (VIA Technologies, Inc.) C:\Windows\system32\ViakaraokeSrv.exe 2019-01-27 17:08 - 2019-01-27 17:08 - 000034512 _____ (Creative Technology Ltd.) C:\Windows\system32\Drivers\VMfilt32.sys 2019-01-27 17:07 - 2019-01-27 17:05 - 000051856 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2019-01-27 17:07 - 2015-01-30 20:19 - 003982144 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2019-01-27 17:07 - 2015-01-30 20:19 - 002858824 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc.dll 2019-01-27 17:07 - 2015-01-30 20:18 - 002556560 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2019-01-27 17:07 - 2015-01-30 20:18 - 000633672 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2019-01-27 17:07 - 2015-01-30 20:18 - 000107848 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2019-01-27 17:07 - 2015-01-30 20:18 - 000061768 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2019-01-27 17:05 - 2019-01-27 17:05 - 019916432 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll 2019-01-27 17:05 - 2019-01-27 17:05 - 017559184 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2019-01-27 17:05 - 2019-01-27 17:05 - 015373760 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dum.dll 2019-01-27 17:05 - 2019-01-27 17:05 - 010964624 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2019-01-27 17:05 - 2019-01-27 17:05 - 007755632 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2019-01-27 17:05 - 2019-01-27 17:05 - 006295288 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2019-01-27 17:05 - 2019-01-27 17:05 - 002576200 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2019-01-27 17:05 - 2019-01-27 17:05 - 002447000 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi.dll 2019-01-27 17:05 - 2019-01-27 17:05 - 001867920 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll 2019-01-27 17:05 - 2019-01-27 17:05 - 001009296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3230908.dll 2019-01-27 17:05 - 2019-01-27 17:05 - 000953856 _____ (NVIDIA Corporation) C:\Windows\system32\fdco2.dll 2019-01-27 17:05 - 2019-01-27 17:05 - 000892560 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3230908.dll 2019-01-27 17:05 - 2019-01-27 17:05 - 000758784 _____ (NVIDIA Corporation) C:\Windows\system32\cohelper.dll 2019-01-27 17:05 - 2019-01-27 17:05 - 000604776 _____ (NVIDIA Corporation) C:\Windows\system32\nvuninst.exe 2019-01-27 17:05 - 2019-01-27 17:05 - 000453152 _____ (NVIDIA Corporation) C:\Windows\system32\nvusmb.exe 2019-01-27 17:05 - 2019-01-27 17:05 - 000298216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvmf6232.sys 2019-01-27 17:05 - 2019-01-27 17:05 - 000240232 _____ (NVIDIA Corporation) C:\Windows\system32\nvconrm.dll 2019-01-27 17:05 - 2019-01-27 17:05 - 000122880 _____ (NVIDIA Corporation) C:\Windows\system32\NVCOSMB.DLL 2019-01-27 17:05 - 2019-01-27 17:05 - 000013235 _____ C:\Windows\system32\nvinfo.pb 2019-01-27 17:05 - 2019-01-27 17:05 - 000011164 _____ C:\Windows\system32\Drivers\nvphy.bin 2019-01-27 17:05 - 2019-01-27 17:05 - 000002344 _____ C:\Windows\system32\nvsmb.nvu 2019-01-27 16:29 - 2019-01-27 16:29 - 000000000 ____D C:\Windows\Tasks\ImCleanDisabled 2019-01-27 16:29 - 2019-01-27 16:29 - 000000000 ____D C:\ProgramData\{F86B0233-9A85-4589-8AAF-524CC4F8211B} 2019-01-27 16:29 - 2019-01-27 16:29 - 000000000 ____D C:\Program Files\Common Files\IObit 2019-01-27 16:19 - 2019-01-29 22:30 - 000000000 ____D C:\Users\Chirstopher\AppData\Roaming\IObit 2019-01-27 16:19 - 2019-01-29 22:30 - 000000000 ____D C:\ProgramData\ProductData 2019-01-27 16:19 - 2019-01-27 17:10 - 000000000 ____D C:\Users\Chirstopher\AppData\LocalLow\IObit 2019-01-27 16:19 - 2019-01-27 16:29 - 000000000 ____D C:\ProgramData\IObit 2019-01-27 16:07 - 2019-01-27 16:09 - 000000000 ____D C:\Users\Chirstopher\AppData\Roaming\DRPSu 2019-01-26 21:10 - 2019-01-26 21:12 - 003171849 _____ C:\Users\Chirstopher\Downloads\algo sobre kirby super star ultra.3gp 2019-01-26 20:59 - 2019-01-30 17:54 - 000000000 ____D C:\Users\Chirstopher\Desktop\ver pantallazos azules windows 7 2019-01-26 17:05 - 2019-01-29 19:08 - 000000000 ___HD C:\Windows\rss 2019-01-25 19:41 - 2013-05-28 15:52 - 000641024 _____ C:\Windows\system32\ficvdec_x86.dll 2019-01-25 17:48 - 2019-01-29 22:00 - 000000000 ____D C:\Windows\Minidump 2019-01-25 16:34 - 2012-06-02 17:49 - 001933848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2019-01-25 16:34 - 2012-06-02 17:49 - 000053784 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2019-01-25 16:34 - 2012-06-02 17:49 - 000045080 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2019-01-25 16:34 - 2012-06-02 17:42 - 002422272 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2019-01-25 16:34 - 2012-06-02 15:19 - 000171904 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2019-01-25 16:34 - 2012-06-02 15:12 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2019-01-25 16:32 - 2019-01-25 16:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirillis 2019-01-25 13:29 - 2019-01-25 13:29 - 000001076 _____ C:\Users\Chirstopher\Desktop\MEGAsync.lnk 2019-01-25 13:16 - 2018-12-10 17:34 - 000499424 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2019-01-25 13:14 - 2019-01-25 13:14 - 000001567 _____ C:\Users\Chirstopher\Desktop\Sony Vegas Pro 10.0.lnk 2019-01-25 13:13 - 2019-01-25 13:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony 2019-01-25 13:13 - 2019-01-25 13:13 - 000000000 ____D C:\Program Files\Sony 2019-01-25 13:11 - 2019-01-25 13:11 - 000002240 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2019-01-25 13:11 - 2019-01-25 13:11 - 000002199 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2019-01-25 13:06 - 2019-01-25 13:10 - 000000000 ____D C:\Program Files\Google 2019-01-25 13:05 - 2019-01-25 13:06 - 000000000 ____D C:\Users\Chirstopher\AppData\Local\Deployment 2019-01-25 13:05 - 2019-01-25 13:05 - 000000000 ____D C:\Users\Chirstopher\AppData\Local\Apps\2.0 2019-01-25 13:02 - 2019-01-25 13:02 - 000000000 ____D C:\Users\Chirstopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2019-01-25 11:06 - 2019-01-25 12:55 - 000057560 _____ C:\Users\Chirstopher\AppData\Local\GDIPFONTCACHEV1.DAT 2019-01-24 20:47 - 2019-01-24 20:47 - 000000000 ____D C:\Users\Chirstopher\AppData\Roaming\Macromedia 2019-01-24 19:20 - 2019-01-25 12:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraISO 2019-01-24 19:20 - 2019-01-24 19:20 - 000000000 ____D C:\Users\Chirstopher\Documents\My ISO Files 2019-01-24 17:42 - 2019-01-28 17:48 - 000000000 ____D C:\Users\Chirstopher\Documents\MEGAsync Downloads 2019-01-24 17:23 - 2019-01-24 17:23 - 000000000 ____D C:\Users\Chirstopher\Documents\MEGA 2019-01-24 17:20 - 2019-01-24 17:20 - 000000022 _____ C:\Users\Chirstopher\Downloads\MEGA-RECOVERYKEY.txt 2019-01-24 17:17 - 2019-01-24 17:17 - 000000000 ____D C:\Users\Chirstopher\AppData\Roaming\Google 2019-01-24 17:11 - 2019-01-24 17:11 - 000000000 ____D C:\Users\Chirstopher\AppData\Local\Mega Limited 2019-01-24 17:10 - 2019-01-25 16:35 - 000000000 ____D C:\Users\Chirstopher\AppData\Local\MEGAsync 2019-01-24 17:10 - 2019-01-25 13:29 - 000000000 ____D C:\Users\Chirstopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync 2019-01-23 22:13 - 2019-01-23 22:13 - 000000000 ___HD C:\$AV_ASW 2019-01-23 20:30 - 2019-01-29 22:00 - 000000000 ____D C:\Users\Chirstopher\AppData\Roaming\IDM 2019-01-23 20:30 - 2019-01-29 21:58 - 000000000 ____D C:\Users\Chirstopher\AppData\Roaming\DMCache 2019-01-23 20:30 - 2019-01-23 20:30 - 000000000 ____D C:\ProgramData\IDM 2019-01-23 20:00 - 2019-01-25 12:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software 2019-01-23 20:00 - 2019-01-23 20:00 - 000000000 ____D C:\Users\Chirstopher\AppData\Roaming\AVAST Software 2019-01-23 20:00 - 2019-01-23 20:00 - 000000000 ____D C:\Users\Chirstopher\AppData\Local\CEF 2019-01-23 20:00 - 2019-01-23 20:00 - 000000000 ____D C:\Users\Chirstopher\AppData\Local\AVAST Software 2019-01-23 19:45 - 2019-01-23 19:45 - 000000000 ____D C:\Program Files\Common Files\AVAST Software 2019-01-23 19:44 - 2019-01-29 19:57 - 000003390 _____ C:\Users\Chirstopher\AppData\Local\icsys.icn 2019-01-23 19:31 - 2019-01-23 19:45 - 000000000 ____D C:\ProgramData\AVAST Software 2019-01-23 19:11 - 2019-01-23 19:11 - 000000000 ____D C:\Users\Chirstopher\AppData\Roaming\Mirillis 2019-01-23 19:11 - 2019-01-23 19:11 - 000000000 ____D C:\Users\Chirstopher\AppData\Local\Mirillis 2019-01-23 18:50 - 2019-01-23 18:50 - 000000000 ____D C:\Users\Chirstopher\Documents\Action! 2019-01-23 18:50 - 2019-01-23 18:50 - 000000000 ____D C:\ProgramData\Mirillis 2019-01-23 18:15 - 2019-01-25 13:16 - 000002462 _____ C:\Users\Chirstopher\Documents\Registrar Vegas Pro.htm 2019-01-23 18:15 - 2019-01-23 18:15 - 000000000 ____D C:\Users\Chirstopher\AppData\Roaming\Publish Providers 2019-01-23 18:10 - 2019-01-23 18:14 - 000000000 ____D C:\Users\Chirstopher\AppData\Local\Sony 2019-01-23 17:54 - 2019-01-23 17:54 - 000000000 ____D C:\ProgramData\Sony 2019-01-23 17:53 - 2019-01-25 13:11 - 000000000 ____D C:\Users\Chirstopher\AppData\Roaming\Sony 2019-01-23 17:53 - 2019-01-23 17:53 - 000000000 ____D C:\Users\Chirstopher\AppData\Roaming\WinRAR 2019-01-23 17:34 - 2019-01-29 16:39 - 000000000 ____D C:\Users\Chirstopher\AppData\Roaming\vlc 2019-01-23 17:32 - 2019-01-23 17:32 - 000000000 ____D C:\Users\Chirstopher\AppData\Roaming\kcleaner 2019-01-23 16:30 - 2019-01-23 16:30 - 000000000 ____D C:\Users\Chirstopher\AppData\Local\Microsoft Help 2019-01-23 16:30 - 2019-01-23 16:30 - 000000000 ____D C:\Program Files\Microsoft Analysis Services 2019-01-23 16:30 - 2019-01-23 16:02 - 000000000 ____D C:\Program Files\Microsoft Office 2019-01-23 16:29 - 2019-01-27 18:20 - 000000000 ___HD C:\Windows\msdownld.tmp 2019-01-23 16:29 - 2019-01-25 13:06 - 000000000 ____D C:\Users\Chirstopher\AppData\Local\Google 2019-01-23 16:29 - 2019-01-25 12:52 - 000000000 ____D C:\Program Files\GUM496E.tmp 2019-01-23 16:29 - 2019-01-25 12:51 - 000000000 ____D C:\Windows\system32\directx 2019-01-23 16:28 - 2019-01-23 16:28 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2019-01-23 16:28 - 2019-01-23 16:28 - 000000000 ____D C:\Program Files\Common Files\Adobe 2019-01-23 16:28 - 2019-01-23 16:28 - 000000000 ____D C:\Program Files\Adobe 2019-01-23 16:27 - 2019-01-31 11:15 - 000004564 _____ C:\Windows\system32\PerfStringBackup.INI 2019-01-23 16:27 - 2019-01-23 16:28 - 000000000 ____D C:\ProgramData\Adobe 2019-01-23 16:27 - 2019-01-23 16:27 - 000132832 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\ksapi_ev.sys 2019-01-23 16:27 - 2019-01-23 16:27 - 000124592 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\ksapi.sys 2019-01-23 16:27 - 2019-01-23 16:27 - 000089776 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\ksapi64_ev.sys 2019-01-23 16:27 - 2019-01-23 16:27 - 000081584 _____ (Kingsoft Corporation) C:\Windows\system32\Drivers\ksapi64.sys 2019-01-23 16:27 - 2019-01-23 16:27 - 000000000 ____D C:\Users\Chirstopher\AppData\Roaming\kingsoft 2019-01-23 16:27 - 2019-01-23 16:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Clean Master 2019-01-23 16:27 - 2019-01-23 16:27 - 000000000 ____D C:\ProgramData\Kingsoft 2019-01-23 16:27 - 2019-01-23 16:27 - 000000000 ____D C:\ProgramData\cmcm 2019-01-23 16:27 - 2019-01-23 16:27 - 000000000 ____D C:\Program Files\cmcm 2019-01-23 16:26 - 2019-01-27 17:08 - 000000000 ____D C:\Program Files\VIA 2019-01-23 16:26 - 2019-01-25 12:51 - 000000000 ____D C:\Windows\system32\Macromed 2019-01-23 16:26 - 2019-01-23 16:26 - 000404640 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2019-01-23 16:26 - 2019-01-23 16:26 - 000272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2019-01-23 16:26 - 2019-01-23 16:26 - 000176040 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2019-01-23 16:26 - 2019-01-23 16:26 - 000176040 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2019-01-23 16:26 - 2019-01-23 16:26 - 000096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll 2019-01-23 16:26 - 2019-01-23 16:26 - 000000000 ____D C:\Users\Chirstopher\AppData\LocalLow\Sun 2019-01-23 16:26 - 2019-01-23 16:26 - 000000000 ____D C:\Users\Chirstopher\AppData\Local\ElevatedDiagnostics 2019-01-23 16:26 - 2019-01-23 16:26 - 000000000 ____D C:\ProgramData\Sun 2019-01-23 16:26 - 2019-01-23 16:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2019-01-23 16:26 - 2019-01-23 16:26 - 000000000 ____D C:\Program Files\Java 2019-01-23 16:26 - 2019-01-23 16:26 - 000000000 ____D C:\Program Files\Common Files\Java 2019-01-23 16:25 - 2019-01-23 16:25 - 000001397 _____ C:\Users\Chirstopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2019-01-23 16:25 - 2019-01-23 16:25 - 000000000 ____D C:\Users\Chirstopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2019-01-23 16:25 - 2019-01-23 16:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2019-01-23 16:25 - 2019-01-23 16:25 - 000000000 ____D C:\Program Files\WinRAR 2019-01-23 16:24 - 2019-01-25 12:53 - 000000000 ____D C:\Users\Chirstopher 2019-01-23 16:24 - 2019-01-23 19:28 - 000000000 ____D C:\Users\Chirstopher\AppData\Local\VirtualStore 2019-01-23 16:24 - 2019-01-23 16:24 - 000000020 ___SH C:\Users\Chirstopher\ntuser.ini 2019-01-23 16:24 - 2019-01-23 16:24 - 000000000 _SHDL C:\Users\Public\Documents\Mis vídeos 2019-01-23 16:24 - 2019-01-23 16:24 - 000000000 _SHDL C:\Users\Public\Documents\Mis imágenes 2019-01-23 16:24 - 2019-01-23 16:24 - 000000000 _SHDL C:\Users\Public\Documents\Mi música 2019-01-23 16:24 - 2019-01-23 16:24 - 000000000 _SHDL C:\Users\Default\Reciente 2019-01-23 16:24 - 2019-01-23 16:24 - 000000000 _SHDL C:\Users\Default\Plantillas 2019-01-23 16:24 - 2019-01-23 16:24 - 000000000 _SHDL C:\Users\Default\Mis documentos 2019-01-23 16:24 - 2019-01-23 16:24 - 000000000 _SHDL C:\Users\Default\Menú Inicio 2019-01-23 16:24 - 2019-01-23 16:24 - 000000000 _SHDL C:\Users\Default\Impresoras 2019-01-23 16:24 - 2019-01-23 16:24 - 000000000 _SHDL C:\Users\Default\Entorno de red 2019-01-23 16:24 - 2019-01-23 16:24 - 000000000 _SHDL C:\Users\Default\Documents\Mis vídeos 2019-01-23 16:24 - 2019-01-23 16:24 - 000000000 _SHDL C:\Users\Default\Documents\Mis imágenes 2019-01-23 16:24 - 2019-01-23 16:24 - 000000000 _SHDL C:\Users\Default\Documents\Mi música 2019-01-23 16:24 - 2019-01-23 16:24 - 000000000 _SHDL C:\Users\Default\Datos de programa 2019-01-23 16:24 - 2019-01-23 16:24 - 000000000 _SHDL C:\Users\Default\Configuración local 2019-01-23 16:24 - 2019-01-23 16:24 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programas 2019-01-23 16:24 - 2019-01-23 16:24 - 000000000 _SHDL C:\Users\Default\AppData\Local\Historial 2019-01-23 16:24 - 2019-01-23 16:24 - 000000000 _SHDL C:\Users\Default\AppData\Local\Datos de programa 2019-01-23 16:24 - 2019-01-23 16:24 - 000000000 _SHDL C:\Users\Default\AppData\Local\Archivos temporales de Internet 2019-01-23 16:24 - 2019-01-23 16:24 - 000000000 _SHDL C:\Users\Default User\Documents\Mis vídeos 2019-01-23 16:24 - 2019-01-23 16:24 - 000000000 _SHDL C:\Users\Default User\Documents\Mis imágenes 2019-01-23 16:24 - 2019-01-23 16:24 - 000000000 _SHDL C:\Users\Default User\Documents\Mi música 2019-01-23 16:24 - 2019-01-23 16:24 - 000000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programas 2019-01-23 16:24 - 2019-01-23 16:24 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Historial 2019-01-23 16:24 - 2019-01-23 16:24 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Datos de programa 2019-01-23 16:24 - 2019-01-23 16:24 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Archivos temporales de Internet 2019-01-23 16:24 - 2019-01-23 16:24 - 000000000 _SHDL C:\Users\Chirstopher\Reciente 2019-01-23 16:24 - 2019-01-23 16:24 - 000000000 _SHDL C:\Users\Chirstopher\Plantillas 2019-01-23 16:24 - 2019-01-23 16:24 - 000000000 _SHDL C:\Users\Chirstopher\Mis documentos 2019-01-23 16:24 - 2019-01-23 16:24 - 000000000 _SHDL C:\Users\Chirstopher\Menú Inicio 2019-01-23 16:24 - 2019-01-23 16:24 - 000000000 _SHDL C:\Users\Chirstopher\Impresoras 2019-01-23 16:24 - 2019-01-23 16:24 - 000000000 _SHDL C:\Users\Chirstopher\Entorno de red 2019-01-23 16:24 - 2019-01-23 16:24 - 000000000 _SHDL C:\Users\Chirstopher\Documents\Mis vídeos 2019-01-23 16:24 - 2019-01-23 16:24 - 000000000 _SHDL C:\Users\Chirstopher\Documents\Mis imágenes 2019-01-23 16:24 - 2019-01-23 16:24 - 000000000 _SHDL C:\Users\Chirstopher\Documents\Mi música 2019-01-23 16:24 - 2019-01-23 16:24 - 000000000 _SHDL C:\Users\Chirstopher\Datos de programa 2019-01-23 16:24 - 2019-01-23 16:24 - 000000000 _SHDL C:\Users\Chirstopher\Configuración local 2019-01-23 16:24 - 2019-01-23 16:24 - 000000000 _SHDL C:\Users\Chirstopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programas 2019-01-23 16:24 - 2019-01-23 16:24 - 000000000 _SHDL C:\Users\Chirstopher\AppData\Local\Historial 2019-01-23 16:24 - 2019-01-23 16:24 - 000000000 _SHDL C:\Users\Chirstopher\AppData\Local\Datos de programa 2019-01-23 16:24 - 2019-01-23 16:24 - 000000000 _SHDL C:\Users\Chirstopher\AppData\Local\Archivos temporales de Internet 2019-01-23 16:24 - 2019-01-23 16:24 - 000000000 _SHDL C:\ProgramData\Plantillas 2019-01-23 16:24 - 2019-01-23 16:24 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programas 2019-01-23 16:24 - 2019-01-23 16:24 - 000000000 _SHDL C:\ProgramData\Menú Inicio 2019-01-23 16:24 - 2019-01-23 16:24 - 000000000 _SHDL C:\ProgramData\Favoritos 2019-01-23 16:24 - 2019-01-23 16:24 - 000000000 _SHDL C:\ProgramData\Escritorio 2019-01-23 16:24 - 2019-01-23 16:24 - 000000000 _SHDL C:\ProgramData\Documentos 2019-01-23 16:24 - 2019-01-23 16:24 - 000000000 _SHDL C:\ProgramData\Datos de programa 2019-01-23 16:24 - 2019-01-23 16:24 - 000000000 _SHDL C:\Program Files\Archivos comunes 2019-01-23 16:24 - 2019-01-23 16:24 - 000000000 _SHDL C:\Archivos de programa 2019-01-23 16:24 - 2019-01-23 16:24 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf 2019-01-23 16:24 - 2009-07-14 04:37 - 000000000 ____D C:\Users\Chirstopher\AppData\Roaming\Media Center Programs 2019-01-23 16:22 - 2019-01-23 16:22 - 000001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk 2019-01-23 16:22 - 2019-01-23 16:22 - 000001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk 2019-01-23 16:13 - 2019-01-27 17:10 - 000000000 ____D C:\ProgramData\NVIDIA 2019-01-23 16:12 - 2019-01-27 17:07 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2019-01-23 16:12 - 2019-01-23 16:12 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2019-01-23 16:02 - 2019-01-23 16:02 - 000000000 ____D C:\Windows\PCHEALTH 2019-01-23 16:02 - 2019-01-23 16:02 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2019-01-23 10:49 - 2019-01-23 19:18 - 000000000 ____D C:\Windows\Panther ==================== One month (modified) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-01-31 11:15 - 2009-07-14 04:18 - 000809588 _____ C:\Windows\system32\perfh00A.dat 2019-01-31 11:15 - 2009-07-14 04:18 - 000171266 _____ C:\Windows\system32\perfc00A.dat 2019-01-30 18:18 - 2009-07-13 22:07 - 000000000 ____D C:\Windows\inf 2019-01-29 22:09 - 2009-07-14 00:04 - 000009600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2019-01-29 22:09 - 2009-07-14 00:04 - 000009600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2019-01-29 22:05 - 2009-07-14 00:23 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2019-01-29 19:23 - 2009-07-13 22:07 - 000000000 ____D C:\Windows\system 2019-01-27 17:07 - 2009-07-13 22:07 - 000000000 ____D C:\Windows\Help 2019-01-26 16:25 - 2009-07-13 22:07 - 000000000 ____D C:\Windows\system32\NDF 2019-01-25 12:51 - 2009-07-14 00:22 - 000000000 ____D C:\Windows\Downloaded Program Files 2019-01-25 12:51 - 2009-07-13 22:07 - 000000000 ____D C:\Windows\system32\MUI 2019-01-25 12:51 - 2009-07-13 22:07 - 000000000 ____D C:\Windows\rescache 2019-01-25 12:51 - 2009-07-13 22:07 - 000000000 ____D C:\Windows\PolicyDefinitions 2019-01-25 12:51 - 2009-07-13 22:07 - 000000000 ____D C:\Windows\AppCompat 2019-01-25 12:50 - 2009-07-13 22:07 - 000000000 ____D C:\Windows\registration 2019-01-25 12:47 - 2009-07-13 22:07 - 000000000 ____D C:\Program Files\Common Files\System 2019-01-23 16:27 - 2009-07-13 22:07 - 000000000 __RHD C:\Users\Public\Libraries 2019-01-23 16:24 - 2009-07-14 00:03 - 000265944 _____ C:\Windows\system32\FNTCACHE.DAT 2019-01-23 16:24 - 2009-07-13 22:07 - 000000000 ____D C:\Program Files\Windows NT 2019-01-23 16:22 - 2009-07-13 22:07 - 000000000 ____D C:\Windows\system32\sysprep 2019-01-23 16:20 - 2009-07-14 04:38 - 000000000 ____D C:\Windows\CSC 2019-01-23 10:49 - 2009-07-14 00:22 - 000028672 _____ C:\Windows\system32\config\BCD-Template ==================== Files in the root of some directories ======= 2019-01-29 19:08 - 2019-01-29 19:08 - 000211788 __RSH () C:\Users\Chirstopher\AppData\Roaming\mrsys.exe 2019-01-23 19:44 - 2019-01-29 19:57 - 000003390 _____ () C:\Users\Chirstopher\AppData\Local\icsys.icn 2019-01-29 19:39 - 2019-01-29 19:39 - 000211962 __RSH () C:\Users\Chirstopher\AppData\Local\stsys.exe Files to move or delete: ==================== C:\Users\CHIRST~1\AppData\Local\Temp\{9D20E041-734E-4931-A9FD-EC02F515CA69}\{997FC6B4-B63A-497C-A6D4-A8136CE68D95}.cmd ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\system32\dllhost.exe => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2019-01-24 12:04 ==================== End of FRST.txt ============================