Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-12-2019 Ran by SergioJG (administrator) on DESKTOP-CBJOO85 (Micro-Star International Co., Ltd. GP72 7RDX) (15-12-2019 12:44:17) Running from C:\Users\SergioJG\Desktop Loaded Profiles: SergioJG & MSSQL$P3D (Available Profiles: SergioJG & MSSQL$P3D) Platform: Windows 10 Pro Version 1709 16299.15 (X64) Language: Español (España, internacional) Default browser: FF Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (Adobe Inc. -> Adobe Systems Inc.) D:\Adobe\Acrobat DC\Acrobat\acrotray.exe (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Adobe Inc. -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe (Advanced International Translations -> Advanced International Translations) [File not signed] C:\ProgramData\AIT\Projetex 3D\Projetex Server\Services\Projetex3DFileServer.exe (Advanced International Translations -> Advanced International Translations) [File not signed] C:\ProgramData\AIT\Projetex 3D\Projetex Server\Services\Projetex3DGuardService.exe (Astonsoft Ltd. -> Astonsoft) D:\_Portables\Essential PIM Pro - ver 8.56 - portable\EssentialPIM.exe (Astonsoft Ltd. -> Astonsoft) D:\_Portables\Essential PIM Pro - ver 8.56 - portable\EssentialPIM.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe (Binary Fortress Software Ltd. -> Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe (Binary Fortress Software Ltd. -> Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionHookApp32.exe (Binary Fortress Software Ltd. -> Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionHookApp64.exe (Binary Fortress Software Ltd. -> Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrYNSvc.exe (Code Sector -> Code Sector) C:\Program Files\TeraCopy\TeraCopyService.exe (Dalian CZUR TECH CO., LTD. -> CZUR) C:\Program Files (x86)\CZUR Scanner\CzurService.exe (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\86.4.146\QtWebEngineProcess.exe (Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\86.4.146\QtWebEngineProcess.exe (Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\86.4.146\QtWebEngineProcess.exe (Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe (Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe (Greatis Software LLC -> Greatis Software, LLC) C:\Program Files (x86)\BootRacer\BootRacerServ.exe (Greatis Software LLC -> Greatis Software, LLC) D:\_Portables\Stop Windows 10 Updates - ver 2.0.32 - portable\SU10Guard.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_2caf76dbce56546d\igfxCUIService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_2caf76dbce56546d\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_520ffd05714dab67\IntelCpHDCPSvc.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_520ffd05714dab67\IntelCpHeciSvc.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL12.P3D\MSSQL\Binn\sqlservr.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\InputMethod\CHS\ChsIME.exe (Microsoft) [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe (Microsoft) [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) [File not signed] C:\Program Files (x86)\MSI\Dragon Center\Dragon Center.exe (Micro-Star International Co., Ltd.) [File not signed] C:\Windows\SysWOW64\MSIService.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Notepad++ -> Don HO don.h@free.fr) C:\Program Files\Notepad++\notepad++.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Rivet Networks LLC -> Rivet Networks) C:\Program Files\Killer Networking\Killer Control Center\KillerControlCenter.exe (Rivet Networks LLC -> Rivet Networks) C:\Program Files\Killer Networking\Killer Control Center\KillerNetworkService.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPHelper.exe (Sync.com Inc. -> ) C:\Users\SergioJG\AppData\Local\Programs\Sync\sync-worker.exe (Sync.com Inc. -> ) C:\Users\SergioJG\AppData\Local\Programs\Sync\sync-worker.exe (Sync.com Inc. -> ) C:\Users\SergioJG\AppData\Local\Programs\Sync\sync-worker.exe (Sync.com Inc. -> ) C:\Users\SergioJG\AppData\Local\Programs\Sync\sync-worker.exe (Sync.com Inc. -> ) C:\Users\SergioJG\AppData\Local\Programs\Sync\sync-worker.exe (Sync.com Inc. -> Sync.com Inc.) C:\Users\SergioJG\AppData\Local\Programs\Sync\sync-taskbar.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (Xeric Design, Ltd. -> Xeric Design, Ltd.) C:\Program Files (x86)\XericDesign\EarthDesk\EarthDesk7.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321096 2017-06-09] (Intel(R) Rapid Storage Technology -> Intel Corporation) HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed] HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-10-02] (AVAST Software s.r.o. -> AVAST Software) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [6260544 2019-12-05] (Dropbox, Inc -> Dropbox, Inc.) HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2622520 2019-05-19] (Adobe Inc. -> Adobe Inc.) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => D:\Adobe\Acrobat DC\Acrobat\Acrotray.exe [4992048 2019-05-03] (Adobe Inc. -> Adobe Systems Inc.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2976256 2018-01-19] (Brother Industries, Ltd.) [File not signed] HKLM-x32\...\Run: [BrotherSoftwareUpdateNotification] => C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe [3581952 2017-04-05] (Brother Industries, Ltd.) [File not signed] HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645648 2019-10-05] (Oracle America, Inc. -> Oracle Corporation) HKLM\...\Policies\Explorer\Run: [BootRacer] => C:\Program Files (x86)\BootRacer\bootrace.exe [5405592 2017-12-25] (Greatis Software LLC -> Greatis Software) HKLM\...\Policies\Explorer: [NoThumbnailCache] 1 HKLM\...\Policies\Explorer: [DisableThumbnailCache] 1 HKLM\...\Policies\Explorer: [NoInstrumentation] 1 HKLM\...\Policies\Explorer: [NoWindowsUpdate] 1 HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKU\S-1-5-21-3252720332-746923214-1690960025-1001\...\Run: [DontSleep] => D:\_Portables\Don't Sleep - ver 5.66 - x64 portable\DontSleep_x64_p.exe [346488 2019-09-14] (Nenad Hrg -> Nenad Hrg (SoftwareOK.com)) HKU\S-1-5-21-3252720332-746923214-1690960025-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [47774856 2019-10-24] (Google LLC -> ) HKU\S-1-5-21-3252720332-746923214-1690960025-1001\...\Run: [EarthDesk] => C:\Program Files (x86)\XericDesign\EarthDesk\EarthDesk7.exe [37812864 2019-03-30] (Xeric Design, Ltd. -> Xeric Design, Ltd.) HKU\S-1-5-21-3252720332-746923214-1690960025-1001\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-3252720332-746923214-1690960025-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91503680 2019-12-10] (Skype Software Sarl -> Skype Technologies S.A.) HKU\S-1-5-21-3252720332-746923214-1690960025-1001\...\Run: [DisplayFusion] => C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe [10531216 2019-05-22] (Binary Fortress Software Ltd. -> Binary Fortress Software) HKU\S-1-5-21-3252720332-746923214-1690960025-1001\...\Run: [uTorrent] => D:\_Portables\uTorrentPortable - ver 2.2.1 build 25302\App\uTorrent\uTorrent.exe [399736 2016-12-05] (BitTorrent Inc -> BitTorrent, Inc.) HKU\S-1-5-21-3252720332-746923214-1690960025-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd) HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.79\Installer\chrmstp.exe [2019-12-13] (Google LLC -> Google LLC) IFEO\EOSNOTIFY.EXE: [Debugger] * IFEO\InstallAgent.exe: [Debugger] * IFEO\MusNotification.exe: [Debugger] * IFEO\MUSNOTIFICATIONUX.EXE: [Debugger] * IFEO\remsh.exe: [Debugger] * IFEO\SIHClient.exe: [Debugger] * IFEO\UpdateAssistant.exe: [Debugger] * IFEO\UsoClient.exe: [Debugger] * IFEO\WaaSMedic.exe: [Debugger] * IFEO\WaasMedicAgent.exe: [Debugger] * IFEO\Windows10Upgrade.exe: [Debugger] * IFEO\WINDOWS10UPGRADERAPP.EXE: [Debugger] * GroupPolicy: Restriction ? <==== ATTENTION FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{602e150b-884b-4c84-9161-0ae330dc6536}: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{602e150b-884b-4c84-9161-0ae330dc6536}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{79b67ab2-aba1-4067-9b4f-8fe4459a9085}: [DhcpNameServer] 192.168.43.1 HKLM\System\...\Parameters\PersistentRoutes: [104.87.88.177,255.255.255.255,0.0.0.0,1] HKLM\System\...\Parameters\PersistentRoutes: [104.89.242.39,255.255.255.255,0.0.0.0,1] HKLM\System\...\Parameters\PersistentRoutes: [104.96.147.3,255.255.255.255,0.0.0.0,1] HKLM\System\...\Parameters\PersistentRoutes: [111.221.29.177,255.255.255.255,0.0.0.0,1] HKLM\System\...\Parameters\PersistentRoutes: [111.221.29.253,255.255.255.255,0.0.0.0,1] HKLM\System\...\Parameters\PersistentRoutes: [131.253.34.230,255.255.255.255,0.0.0.0,1] HKLM\System\...\Parameters\PersistentRoutes: [131.253.40.37,255.255.255.255,0.0.0.0,1] HKLM\System\...\Parameters\PersistentRoutes: [131.253.61.100,255.255.255.255,0.0.0.0,1] HKLM\System\...\Parameters\PersistentRoutes: [131.253.61.64,255.255.255.255,0.0.0.0,1] HKLM\System\...\Parameters\PersistentRoutes: [131.253.61.68,255.255.255.255,0.0.0.0,1] PersistentRoutes: There are 82 PersistentRoutes. Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION SearchScopes: HKU\S-1-5-21-3252720332-746923214-1690960025-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2018-03-13] (Microsoft Corporation -> Microsoft Corporation) BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed] BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2019-05-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2017-07-11] (Microsoft Corporation -> Microsoft Corporation) BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed] BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2019-05-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2018-03-13] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed] BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\ssv.dll [2019-12-07] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2019-05-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2017-07-11] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\jp2ssv.dll [2019-12-07] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed] BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2019-05-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed] Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2019-05-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft) [File not signed] Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2019-05-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2018-03-13] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2018-03-13] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2018-03-13] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2018-03-13] (Microsoft Corporation -> Microsoft Corporation) FireFox: ======== FF DefaultProfile: 2hdbly6f.default FF ProfilePath: C:\Users\SergioJG\AppData\Roaming\www.kiwix.org\Kiwix\Profiles\b9xdm4q3.default [2019-11-09] FF ProfilePath: C:\Users\SergioJG\AppData\Roaming\Mozilla\Firefox\Profiles\2hdbly6f.default [2019-12-15] FF Homepage: Mozilla\Firefox\Profiles\2hdbly6f.default -> www.google.com FF Session Restore: Mozilla\Firefox\Profiles\2hdbly6f.default -> is enabled. FF Notifications: Mozilla\Firefox\Profiles\2hdbly6f.default -> hxxps://www.facebook.com; hxxps://aoah.aningintorop.info; hxxps://aningintorop.info; hxxps://www24.zippyshare.com; hxxps://ouo.io; hxxps://maranhesduve.club; hxxps://arcadepunks.os.tc; hxxps://mail.google.com; hxxps://decrypt2.safelinkconverter.com; hxxps://www.pccomponentes.com; hxxps://get.cryptobrowser.site; hxxps://www.contasimple.com FF Extension: (Raindrop.io) - C:\Users\SergioJG\AppData\Roaming\Mozilla\Firefox\Profiles\2hdbly6f.default\Extensions\jid0-adyhmvsP91nUO8pRv0Mn2VKeB84@jetpack.xpi [2019-12-10] FF Extension: (Word Count Tool) - C:\Users\SergioJG\AppData\Roaming\Mozilla\Firefox\Profiles\2hdbly6f.default\Extensions\jid0-YHLk2psjhEWXNJqMKTU7dDcMJcN@jetpack.xpi [2019-08-11] FF Extension: (MyJDownloader Browser Extension) - C:\Users\SergioJG\AppData\Roaming\Mozilla\Firefox\Profiles\2hdbly6f.default\Extensions\jid1-OY8Xu5BsKZQa6A@jetpack.xpi [2019-10-23] [UpdateUrl:hxxps://my.jdownloader.org/extensions/firefox.json] FF Extension: (Rename Tab Title) - C:\Users\SergioJG\AppData\Roaming\Mozilla\Firefox\Profiles\2hdbly6f.default\Extensions\renametabtitle@mozilla.org.xpi [2019-07-26] FF Extension: (Download Manager (S3)) - C:\Users\SergioJG\AppData\Roaming\Mozilla\Firefox\Profiles\2hdbly6f.default\Extensions\s3download@statusbar.xpi [2019-07-09] FF Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\SergioJG\AppData\Roaming\Mozilla\Firefox\Profiles\2hdbly6f.default\Extensions\sp@avast.com.xpi [2019-11-25] FF Extension: (Tree Style Tab) - C:\Users\SergioJG\AppData\Roaming\Mozilla\Firefox\Profiles\2hdbly6f.default\Extensions\treestyletab@piro.sakura.ne.jp.xpi [2019-11-16] FF Extension: (Worldwide Radio) - C:\Users\SergioJG\AppData\Roaming\Mozilla\Firefox\Profiles\2hdbly6f.default\Extensions\worldwide@radio.xpi [2019-09-09] FF Extension: (Avast Online Security) - C:\Users\SergioJG\AppData\Roaming\Mozilla\Firefox\Profiles\2hdbly6f.default\Extensions\wrc@avast.com.xpi [2019-10-02] [UpdateUrl:hxxps://firefoxext.avcdn.net/firefoxext/avast/aos/update.json] FF Extension: (Flagfox) - C:\Users\SergioJG\AppData\Roaming\Mozilla\Firefox\Profiles\2hdbly6f.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2019-12-02] FF Extension: (YouTube Downloader) - C:\Users\SergioJG\AppData\Roaming\Mozilla\Firefox\Profiles\2hdbly6f.default\Extensions\{307f416a-39c0-49e0-8e96-cf802290e33c}.xpi [2019-07-24] FF Extension: (Word Counter) - C:\Users\SergioJG\AppData\Roaming\Mozilla\Firefox\Profiles\2hdbly6f.default\Extensions\{91164e40-3de8-4619-a381-3cc95b083c5b}.xpi [2019-08-11] FF Extension: (Video DownloadHelper) - C:\Users\SergioJG\AppData\Roaming\Mozilla\Firefox\Profiles\2hdbly6f.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2019-11-12] FF Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\SergioJG\AppData\Roaming\Mozilla\Firefox\Profiles\2hdbly6f.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-10-22] FF Extension: (FoxClocks) - C:\Users\SergioJG\AppData\Roaming\Mozilla\Firefox\Profiles\2hdbly6f.default\Extensions\{d37dc5d0-431d-44e5-8c91-49419370caa1}.xpi [2019-07-10] FF Extension: (Greasemonkey) - C:\Users\SergioJG\AppData\Roaming\Mozilla\Firefox\Profiles\2hdbly6f.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2019-08-24] FF Extension: (Tab ReTitle) - C:\Users\SergioJG\AppData\Roaming\Mozilla\Firefox\Profiles\2hdbly6f.default\Extensions\{e855175b-f84a-429d-85d6-a61831c8291c}.xpi [2019-04-19] FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - D:\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi FF Extension: (Adobe Acrobat) - D:\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-05-02] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - D:\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_303.dll [2019-12-11] (Adobe Inc. -> ) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-05-19] (Adobe Inc. -> Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_303.dll [2019-12-11] (Adobe Inc. -> ) FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1235205.dll [2019-03-15] (Adobe Systems, Inc.) [File not signed] FF Plugin-x32: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2019-12-07] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2019-12-07] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-03-13] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC) FF Plugin-x32: Adobe Acrobat -> D:\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-05-19] (Adobe Inc. -> Adobe Systems) FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\nsis-pref.js [2019-03-22] Chrome: ======= CHR HomePage: Default -> hxxp://www.google.com/ CHR StartupUrls: Default -> "hxxps://www.google.com/" CHR Session Restore: Default -> is enabled. CHR Profile: C:\Users\SergioJG\AppData\Local\Google\Chrome\User Data\Default [2019-12-15] CHR DownloadDir: D:\_Portables\GoldenDict - ver 1.5.0 RC2 - 372 gc3ff15f QT_5123 - 64bit - 2019 04 27\content CHR Extension: (Presentaciones) - C:\Users\SergioJG\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-01-17] CHR Extension: (Documentos) - C:\Users\SergioJG\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-01-18] CHR Extension: (Google Drive) - C:\Users\SergioJG\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-01-18] CHR Extension: (YouTube) - C:\Users\SergioJG\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-01-18] CHR Extension: (Adobe Acrobat) - C:\Users\SergioJG\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-10-16] CHR Extension: (Hojas de cálculo) - C:\Users\SergioJG\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-01-17] CHR Extension: (Documentos de Google sin conexión) - C:\Users\SergioJG\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-01-18] CHR Extension: (Avast Online Security) - C:\Users\SergioJG\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-07-19] CHR Extension: (anonymoX) - C:\Users\SergioJG\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpklikeghomkemdellmmkoifgfbakio [2019-09-22] CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\SergioJG\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2019-01-18] CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\SergioJG\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-16] CHR Extension: (Gmail) - C:\Users\SergioJG\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-16] CHR Extension: (Chrome Media Router) - C:\Users\SergioJG\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-13] CHR HKU\S-1-5-21-3252720332-746923214-1690960025-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [816184 2019-05-19] (Adobe Inc. -> Adobe Inc.) R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated) R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6085360 2019-10-02] (AVAST Software s.r.o. -> AVAST Software) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2019-10-02] (AVAST Software s.r.o. -> AVAST Software) R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [417536 2019-10-02] (AVAST Software s.r.o. -> AVAST Software) R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-10-02] (AVAST Software s.r.o. -> AVAST Software) R2 BootRacerServ; C:\Program Files (x86)\BootRacer\BootRacerServ.exe [87992 2016-05-10] (Greatis Software LLC -> Greatis Software, LLC) R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [314368 2018-01-18] (Brother Industries, Ltd.) [File not signed] R2 CzurService; C:\Program Files (x86)\CZUR Scanner\CzurService.exe [46944 2018-06-27] (Dalian CZUR TECH CO., LTD. -> CZUR) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-01-17] (Dropbox, Inc -> Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-01-17] (Dropbox, Inc -> Dropbox, Inc.) R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51024 2019-12-05] (Dropbox, Inc -> Dropbox, Inc.) R2 DisplayFusionService; C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe [7037344 2019-05-22] (Binary Fortress Software Ltd. -> Binary Fortress Software) R2 ibtsiva; C:\Windows\system32\ibtsiva.exe [529696 2019-07-11] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [742704 2017-10-11] (Intel(R) Trust Services -> Intel(R) Corporation) S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe [668472 2017-10-11] (Intel(R) Trust Services -> Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [213648 2017-11-09] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) R2 Killer Network Service x64; C:\Program Files\Killer Networking\Killer Control Center\KillerNetworkService.exe [2193088 2017-05-04] (Rivet Networks LLC -> Rivet Networks) S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6960640 2019-12-04] (Malwarebytes Inc -> Malwarebytes) R2 Micro Star SCM; C:\Windows\SysWOW64\MSIService.exe [160768 2009-07-09] (Micro-Star International Co., Ltd.) [File not signed] R2 MSSQL$P3D; C:\Program Files (x86)\Microsoft SQL Server\MSSQL12.P3D\MSSQL\Binn\sqlservr.exe [197824 2014-02-21] (Microsoft Corporation -> Microsoft Corporation) S2 Projetex3DBackupSrv; C:\ProgramData\AIT\Projetex 3D\Projetex Server\Services\Projetex3DBackupService.exe [4787088 2018-05-23] (Advanced International Translations -> Advanced International Translations) [File not signed] R2 Projetex3DFileSrv; C:\ProgramData\AIT\Projetex 3D\Projetex Server\Services\Projetex3DFileServer.exe [6503824 2018-05-02] (Advanced International Translations -> Advanced International Translations) [File not signed] R2 Projetex3DGuardSrv; C:\ProgramData\AIT\Projetex 3D\Projetex Server\Services\Projetex3DGuardService.exe [4625296 2018-05-29] (Advanced International Translations -> Advanced International Translations) [File not signed] S2 Projetex3DMailNotifierSrv; C:\ProgramData\AIT\Projetex 3D\Projetex Server\Services\Projetex3DMailNotifier.exe [4817296 2018-05-02] (Advanced International Translations -> Advanced International Translations) [File not signed] S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4297920 2017-09-30] (Microsoft Windows Publisher -> Microsoft Corporation) S2 SetupARService; C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe [10752 2019-03-28] () [File not signed] S4 SQLAgent$P3D; C:\Program Files (x86)\Microsoft SQL Server\MSSQL12.P3D\MSSQL\Binn\SQLAGENT.EXE [454848 2014-02-21] (Microsoft Corporation -> Microsoft Corporation) R2 SU10Guard; D:\_Portables\Stop Windows 10 Updates - ver 2.0.32 - portable\SU10Guard.exe [67480 2018-11-06] (Greatis Software LLC -> Greatis Software, LLC) R2 SynTPEnhService; C:\Windows\System32\SynTPEnhService.exe [399368 2018-05-23] (Synaptics Incorporated -> Synaptics Incorporated) R2 TeraCopyService; C:\Program Files\TeraCopy\TeraCopyService.exe [110416 2017-05-05] (Code Sector -> Code Sector) R2 USBAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe [12288 2019-05-17] (Microsoft) [File not signed] S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [744968 2019-12-10] (Oracle Corporation -> Oracle Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation -> Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation -> Microsoft Corporation) R2 WorkflowAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe [20480 2019-05-17] (Microsoft) [File not signed] S2 HG52 AMC; C:\Program Files\HomeGuard_x64\vglsetw.exe [X] R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 ampa; C:\Windows\system32\ampa.sys [38320 2017-02-28] (CHENGDU AOMEI Tech Co., Ltd. -> ) R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [204824 2019-10-02] (AVAST Software s.r.o. -> AVAST Software) R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [274456 2019-10-02] (AVAST Software s.r.o. -> AVAST Software) R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [209552 2019-10-02] (AVAST Software s.r.o. -> AVAST Software) R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [65120 2019-10-02] (AVAST Software s.r.o. -> AVAST Software) R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [16304 2019-10-02] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software) R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42736 2019-10-02] (AVAST Software s.r.o. -> AVAST Software) R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [161544 2019-11-02] (AVAST Software s.r.o. -> AVAST Software) R1 aswNetSec; C:\Windows\System32\drivers\aswNetSec.sys [552848 2019-10-02] (AVAST Software s.r.o. -> AVAST Software) R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [110320 2019-10-02] (AVAST Software s.r.o. -> AVAST Software) R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [83792 2019-10-02] (AVAST Software s.r.o. -> AVAST Software) R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [848432 2019-10-02] (AVAST Software s.r.o. -> AVAST Software) R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [460448 2019-10-02] (AVAST Software s.r.o. -> AVAST Software) R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [236024 2019-10-02] (AVAST Software s.r.o. -> AVAST Software) R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [316528 2019-10-02] (AVAST Software s.r.o. -> AVAST Software) S3 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv.sys [313112 2019-07-29] (Bluestack Systems, Inc. -> Bluestack System Inc. ) S3 ddmdrv; C:\Windows\system32\ddmdrv.sys [35760 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> ) S2 DgiVecp; C:\Windows\SysWOW64\Drivers\DgiVecp.sys [38400 2009-06-09] (Samsung Electronics Co., Ltd.) [File not signed] R3 e2xw10x64; C:\Windows\System32\drivers\e2xw10x64.sys [164592 2017-04-17] (Rivet Networks LLC -> Qualcomm Atheros, Inc.) R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [186144 2019-07-11] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) S3 KillerEth; C:\Windows\System32\drivers\e2xw10x64.sys [164592 2017-04-17] (Rivet Networks LLC -> Qualcomm Atheros, Inc.) S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [20936 2019-12-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 Netwtw04; C:\Windows\System32\drivers\Netwtw04.sys [7689728 2017-09-29] (Microsoft Windows -> Intel Corporation) R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvmii.inf_amd64_e064f95a14dfa08a\nvlddmkm.sys [21858904 2019-07-18] (NVIDIA Corporation -> NVIDIA Corporation) R2 RfeCoSvc; C:\Windows\system32\DRIVERS\RfeCo10X64.sys [123624 2017-05-04] (Rivet Networks LLC -> Rivet Networks, LLC.) R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [433096 2018-05-23] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation) R3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [56840 2018-05-23] (Synaptics Incorporated -> Synaptics Incorporated) S3 usbrndis6; C:\Windows\System32\drivers\usb80236.sys [23040 2017-09-29] (Microsoft Windows -> Microsoft Corporation) R3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [237320 2019-12-10] (Oracle Corporation -> Oracle Corporation) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Windows -> Microsoft Corporation) R3 WINIO; C:\Program Files (x86)\MSI\Dragon Center\winio64.sys [15160 2015-06-11] (Micro-Star Int'l Co. Ltd. -> ) U4 DiagTrack; no ImagePath S3 HWiNFO; \??\C:\Users\SergioJG\AppData\Local\Temp\HWiNFO64A.SYS [X] <==== ATTENTION S3 IntcAzAudAddService; \SystemRoot\system32\drivers\RTKVHD64.sys [X] S2 SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [X] U4 WaasMedicSvc; no ImagePath ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) =================== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-12-15 12:42 - 2019-12-15 12:45 - 000043395 _____ C:\Users\SergioJG\Desktop\FRST.txt 2019-12-15 12:42 - 2019-12-15 12:43 - 000000000 ____D C:\FRST 2019-12-15 12:19 - 2019-12-15 12:42 - 000000000 ____D C:\Users\SergioJG\AppData\Roaming\ZHP 2019-12-15 12:19 - 2019-12-15 12:19 - 000000004 ____H C:\ProgramData\cm-lock 2019-12-15 12:19 - 2019-12-15 12:19 - 000000000 ____D C:\Users\SergioJG\AppData\Local\ZHP 2019-12-15 12:07 - 2019-12-15 12:07 - 003326336 _____ (Nicolas Coolman) C:\Users\SergioJG\Desktop\ZHPCleaner 2019.exe 2019-12-15 12:02 - 2019-12-15 12:02 - 002264064 _____ (Farbar) C:\Users\SergioJG\Desktop\Farbar Recovery Scan Tool - 64 bits.exe 2019-12-15 11:45 - 2019-12-15 12:11 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2019-12-15 11:45 - 2019-12-15 11:45 - 000255928 _____ (Malwarebytes) C:\Windows\system32\Drivers\63642190.sys 2019-12-15 11:37 - 2019-12-15 11:37 - 000000000 _____ C:\Users\SergioJG\AppData\Roaming\kiwix.session 2019-12-15 11:34 - 2019-12-15 11:34 - 014178840 _____ (Malwarebytes Corp.) C:\Users\SergioJG\Desktop\Malware Anti-Rootkit - ver 1.10.3.1001.exe 2019-12-15 11:30 - 2019-12-15 12:13 - 000000000 ____D C:\AdwCleaner 2019-12-15 11:30 - 2019-12-15 11:30 - 008218800 _____ (Malwarebytes) C:\Users\SergioJG\Desktop\ADW Cleaner - ver 8.0.0.exe 2019-12-15 10:58 - 2019-12-15 12:22 - 000000068 __RSH C:\Windows\system32\Drivers\WUDFRd.winsecurity 2019-12-15 10:58 - 2019-12-15 12:19 - 000000068 __RSH C:\Windows\system32\Drivers\wof.winsecurity 2019-12-15 10:57 - 2019-12-15 11:33 - 000000000 ____D C:\Users\SergioJG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optimización Windows 2019-12-15 10:57 - 2019-12-15 11:33 - 000000000 ____D C:\ProgramData\CodeMeter 2019-12-15 10:57 - 2019-12-15 10:57 - 000000000 ____D C:\Program Files\CodeMeter 2019-12-15 10:57 - 2019-12-15 10:57 - 000000000 ____D C:\Program Files (x86)\CodeMeter 2019-12-15 10:57 - 2018-07-02 23:42 - 001013624 _____ (WIBU-SYSTEMS AG) C:\Windows\system32\WibuCm64.dll 2019-12-15 10:57 - 2018-07-02 23:42 - 000838520 _____ (WIBU-SYSTEMS AG) C:\Windows\SysWOW64\WibuCm32.dll 2019-12-15 10:51 - 2019-12-15 10:53 - 000000000 ____D C:\ProgramData\Firesage 2019-12-15 10:51 - 2019-12-15 10:51 - 000000000 ____D C:\Program Files (x86)\Firesage 2019-12-15 00:11 - 2019-12-15 00:11 - 000001765 _____ C:\Users\Public\Desktop\Defraggler.lnk 2019-12-15 00:11 - 2019-12-15 00:11 - 000000000 ____D C:\Program Files\Defraggler 2019-12-14 23:57 - 2019-12-14 23:57 - 000000000 ___RD C:\Users\SergioJG\Desktop\MEGAsync 2019-12-14 23:23 - 2019-12-15 12:40 - 000000000 ____D C:\Users\SergioJG\Desktop\Optimización Windows 2019-12-14 23:13 - 2019-12-14 23:13 - 000000000 ____D C:\Users\SergioJG\Desktop\Audiobooks 2019-12-14 23:07 - 2019-12-14 23:09 - 000000000 ____D C:\Users\SergioJG\Desktop\Grado Fil. japonesa 2019-12-14 23:04 - 2019-12-14 23:28 - 000000000 ____D C:\Users\SergioJG\Desktop\Videojuegos 2019-12-14 23:03 - 2019-12-14 23:03 - 000000875 _____ C:\Users\SergioJG\Desktop\2019-20 - Vacante en Huelva.lnk 2019-12-14 22:59 - 2019-12-14 23:04 - 000000000 ____D C:\Users\SergioJG\Desktop\Deporte y salud 2019-12-14 22:55 - 2019-12-14 22:59 - 000000000 ____D C:\Users\SergioJG\Desktop\Anime 2019-12-14 22:54 - 2019-12-14 23:21 - 000000000 ____D C:\Users\SergioJG\Desktop\Cosas de casa 2019-12-14 22:54 - 2019-12-14 23:14 - 000000000 ____D C:\Users\SergioJG\Desktop\Películas 2019-12-14 22:52 - 2019-12-15 00:57 - 000000000 ____D C:\Users\SergioJG\Desktop\Ebooks 2019-12-14 22:52 - 2019-12-14 23:09 - 000000000 ____D C:\Users\SergioJG\Desktop\Imágenes 2019-12-14 21:50 - 2019-12-14 21:50 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update 2019-12-14 21:50 - 2019-12-14 21:50 - 000002894 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC 2019-12-14 21:50 - 2019-12-14 21:50 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk 2019-12-14 21:50 - 2019-12-14 21:50 - 000000000 ____D C:\Program Files\CCleaner 2019-12-14 21:38 - 2019-12-14 21:38 - 000000000 ____D C:\Users\SergioJG\AppData\Local\fontconfig 2019-12-14 21:38 - 2019-12-14 21:38 - 000000000 ____D C:\Users\SergioJG\.cache 2019-12-14 21:35 - 2019-12-14 21:35 - 000000000 ____D C:\Users\SergioJG\.dbus-keyrings 2019-12-14 19:55 - 2019-12-14 23:06 - 000001505 _____ C:\Users\SergioJG\Desktop\Projetex 3D Server Administrator.lnk 2019-12-14 19:54 - 2019-12-14 23:06 - 000001370 _____ C:\Users\SergioJG\Desktop\Projetex 3D Workstation.lnk 2019-12-13 20:06 - 2019-12-13 20:25 - 000000000 ____D C:\Windows\system32\MRT 2019-12-13 20:06 - 2019-12-13 20:06 - 129221664 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2019-12-13 20:05 - 2019-12-14 03:25 - 000000000 ____D C:\Program Files\CUAssistant 2019-12-13 20:05 - 2019-12-13 20:05 - 000000000 ____D C:\Program Files\rempl 2019-12-13 20:05 - 2017-12-07 23:13 - 001008640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallService.dll 2019-12-13 20:05 - 2017-12-07 23:10 - 001313792 _____ (Microsoft Corporation) C:\Windows\system32\InstallService.dll 2019-12-13 19:53 - 2019-12-14 23:06 - 000001144 _____ C:\Users\SergioJG\Desktop\CATCount 4.lnk 2019-12-13 19:49 - 2018-06-29 09:09 - 000170496 _____ (Microsoft Corporation) C:\Windows\system32\wuuhosdeployment.dll 2019-12-13 19:49 - 2018-06-29 08:58 - 000462336 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll 2019-12-13 19:49 - 2018-06-13 22:14 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2019-12-13 19:49 - 2018-06-13 22:02 - 002786304 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2019-12-13 19:49 - 2018-06-08 07:07 - 000400896 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe 2019-12-13 19:49 - 2018-06-08 07:02 - 000253440 _____ (Microsoft Corporation) C:\Windows\system32\domgmt.dll 2019-12-13 19:49 - 2018-06-08 06:57 - 001345024 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll 2019-12-13 19:49 - 2018-05-11 22:54 - 001300992 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll 2019-12-13 19:49 - 2018-05-03 07:19 - 000496640 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll 2019-12-13 19:49 - 2018-03-30 04:44 - 000030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2019-12-13 19:49 - 2018-03-30 04:43 - 000067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2019-12-13 19:49 - 2018-03-30 04:36 - 000825856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2019-12-13 19:49 - 2018-03-30 04:35 - 000858112 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll 2019-12-13 19:49 - 2018-03-30 04:35 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe 2019-12-13 19:49 - 2018-03-30 04:33 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2019-12-13 19:49 - 2018-03-30 04:33 - 000065024 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2019-12-13 19:49 - 2018-03-30 04:25 - 001055744 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2019-12-13 19:49 - 2018-03-13 06:25 - 001346560 _____ (Microsoft Corporation) C:\Windows\system32\qmgr.dll 2019-12-13 19:49 - 2018-03-01 08:30 - 000264040 _____ (Microsoft Corporation) C:\Windows\system32\MusNotifyIcon.exe 2019-12-13 19:49 - 2018-03-01 07:03 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usoapi.dll 2019-12-13 19:49 - 2018-03-01 06:53 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\musdialoghandlers.dll 2019-12-13 19:49 - 2018-03-01 06:53 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\usoapi.dll 2019-12-13 19:49 - 2018-03-01 06:53 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\UsoClient.exe 2019-12-13 19:49 - 2018-02-10 05:45 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll 2019-12-13 19:49 - 2018-02-10 05:42 - 000098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll 2019-12-13 19:49 - 2017-11-26 14:26 - 000048112 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2019-12-13 19:49 - 2017-11-26 13:35 - 000057856 _____ (Microsoft Corporation) C:\Windows\system32\wuautoappupdate.dll 2019-12-13 19:48 - 2019-12-13 20:04 - 000000000 ___HD C:\$WINDOWS.~BT 2019-12-13 19:48 - 2018-05-04 10:37 - 000278448 _____ (Microsoft Corporation) C:\Windows\system32\Notifier.exe 2019-12-13 19:47 - 2019-02-13 07:33 - 001909560 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll 2019-12-13 18:24 - 2014-07-25 08:47 - 000589824 _____ C:\Windows\SysWOW64\ac7menu.dll 2019-12-13 18:24 - 2014-07-25 08:47 - 000040960 _____ (Kryloff Technologies, Inc.) C:\Windows\SysWOW64\ac7grid.dll 2019-12-13 18:24 - 2014-07-25 08:47 - 000030720 _____ C:\Windows\SysWOW64\AM6tract.exe 2019-12-13 18:22 - 2019-12-13 18:22 - 000000020 ___SH C:\Users\MSSQL$P3D\ntuser.ini 2019-12-13 18:22 - 2019-12-13 18:22 - 000000000 _SHDL C:\Users\MSSQL$P3D\Reciente 2019-12-13 18:22 - 2019-12-13 18:22 - 000000000 _SHDL C:\Users\MSSQL$P3D\Plantillas 2019-12-13 18:22 - 2019-12-13 18:22 - 000000000 _SHDL C:\Users\MSSQL$P3D\Mis documentos 2019-12-13 18:22 - 2019-12-13 18:22 - 000000000 _SHDL C:\Users\MSSQL$P3D\Menú Inicio 2019-12-13 18:22 - 2019-12-13 18:22 - 000000000 _SHDL C:\Users\MSSQL$P3D\Impresoras 2019-12-13 18:22 - 2019-12-13 18:22 - 000000000 _SHDL C:\Users\MSSQL$P3D\Entorno de red 2019-12-13 18:22 - 2019-12-13 18:22 - 000000000 _SHDL C:\Users\MSSQL$P3D\Documents\Mis vídeos 2019-12-13 18:22 - 2019-12-13 18:22 - 000000000 _SHDL C:\Users\MSSQL$P3D\Documents\Mis imágenes 2019-12-13 18:22 - 2019-12-13 18:22 - 000000000 _SHDL C:\Users\MSSQL$P3D\Documents\Mi música 2019-12-13 18:22 - 2019-12-13 18:22 - 000000000 _SHDL C:\Users\MSSQL$P3D\Datos de programa 2019-12-13 18:22 - 2019-12-13 18:22 - 000000000 _SHDL C:\Users\MSSQL$P3D\Configuración local 2019-12-13 18:22 - 2019-12-13 18:22 - 000000000 _SHDL C:\Users\MSSQL$P3D\AppData\Roaming\Microsoft\Windows\Start Menu\Programas 2019-12-13 18:22 - 2019-12-13 18:22 - 000000000 _SHDL C:\Users\MSSQL$P3D\AppData\Local\Historial 2019-12-13 18:22 - 2019-12-13 18:22 - 000000000 _SHDL C:\Users\MSSQL$P3D\AppData\Local\Datos de programa 2019-12-13 18:22 - 2019-12-13 18:22 - 000000000 _SHDL C:\Users\MSSQL$P3D\AppData\Local\Archivos temporales de Internet 2019-12-13 18:22 - 2019-12-13 18:22 - 000000000 ____D C:\Users\MSSQL$P3D 2019-12-13 18:22 - 2019-04-20 01:10 - 000000000 ____D C:\Users\MSSQL$P3D\AppData\Local\Google 2019-12-13 18:22 - 2014-02-21 05:20 - 000088768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perf-MSSQL$P3D-sqlctr12.0.2000.8.dll 2019-12-13 18:22 - 2014-02-21 05:20 - 000046784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perf-MSSQL12.P3D-sqlagtctr.dll 2019-12-13 18:21 - 2014-02-21 05:26 - 000155328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hadrres.dll 2019-12-13 18:21 - 2014-02-21 05:26 - 000073408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fssres.dll 2019-12-13 18:20 - 2019-12-13 18:20 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 10.0 2019-12-13 18:17 - 2019-12-13 19:53 - 000000000 ____D C:\Program Files (x86)\AIT 2019-12-13 18:03 - 2017-09-28 19:06 - 002963968 _____ (Microsoft Corporation) C:\Windows\system32\NL7Models0804.dll 2019-12-13 18:03 - 2017-09-28 19:05 - 007702016 _____ (Microsoft Corporation) C:\Windows\system32\NL7Models0011.dll 2019-12-13 18:03 - 2017-09-28 19:05 - 002454528 _____ (Microsoft Corporation) C:\Windows\system32\NL7Lexicons0011.dll 2019-12-13 18:03 - 2017-09-28 19:05 - 000409600 _____ (Microsoft Corporation) C:\Windows\system32\NL7Lexicons0804.dll 2019-12-13 18:03 - 2017-09-28 19:02 - 007407616 _____ (Microsoft Corporation) C:\Windows\system32\NL7Data0011.dll 2019-12-13 18:03 - 2017-09-28 19:02 - 000708096 _____ (Microsoft Corporation) C:\Windows\system32\MSWB70804.dll 2019-12-13 18:03 - 2017-09-28 19:02 - 000708096 _____ (Microsoft Corporation) C:\Windows\system32\MSWB70011.dll 2019-12-13 18:03 - 2017-09-28 19:00 - 003424256 _____ (Microsoft Corporation) C:\Windows\system32\NL7Data0804.dll 2019-12-13 18:03 - 2017-09-28 18:42 - 000517120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSWB70804.dll 2019-12-13 18:03 - 2017-09-28 18:42 - 000517120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSWB70011.dll 2019-12-13 18:03 - 2017-09-28 18:41 - 007246336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NL7Data0011.dll 2019-12-13 18:03 - 2017-09-28 18:40 - 003352576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NL7Data0804.dll 2019-12-13 18:03 - 2017-09-28 15:50 - 000002060 _____ C:\Windows\system32\noise.jpn 2019-12-13 18:03 - 2017-09-28 15:50 - 000001696 _____ C:\Windows\system32\NOISE.CHS 2019-12-13 17:55 - 2019-12-13 17:55 - 000000000 ____D C:\Windows\SysWOW64\XPSViewer 2019-12-13 17:55 - 2019-12-13 17:55 - 000000000 ____D C:\Windows\SysWOW64\BestPractices 2019-12-13 17:55 - 2019-12-13 17:55 - 000000000 ____D C:\Windows\system32\BestPractices 2019-12-13 17:55 - 2019-12-13 17:55 - 000000000 ____D C:\Program Files\Reference Assemblies 2019-12-13 17:55 - 2019-12-13 17:55 - 000000000 ____D C:\Program Files\MSBuild 2019-12-13 17:55 - 2019-12-13 17:55 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies 2019-12-13 17:55 - 2019-12-13 17:55 - 000000000 ____D C:\Program Files (x86)\MSBuild 2019-12-13 17:55 - 2019-12-13 17:55 - 000000000 ____D C:\inetpub 2019-12-13 17:53 - 2017-09-28 15:50 - 001166520 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll 2019-12-13 17:53 - 2017-09-28 15:50 - 000124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2019-12-13 17:53 - 2017-09-28 15:50 - 000035456 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe 2019-12-13 17:53 - 2017-09-22 18:19 - 000778936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll 2019-12-13 17:53 - 2017-09-22 18:19 - 000103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2019-12-13 17:53 - 2017-09-22 18:19 - 000035456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe 2019-12-12 23:05 - 2019-12-13 17:24 - 000000000 ____D C:\Users\SergioJG\.VirtualBox 2019-12-12 23:05 - 2019-12-12 23:05 - 000001149 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk 2019-12-12 23:05 - 2019-12-12 23:05 - 000000000 ____D C:\ProgramData\VirtualBox 2019-12-12 23:04 - 2019-12-12 23:04 - 000000000 ____D C:\Program Files\Oracle 2019-12-12 23:04 - 2019-12-10 10:28 - 000186424 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys 2019-12-12 23:04 - 2019-12-10 10:27 - 001028496 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys 2019-12-12 22:34 - 2019-12-13 18:20 - 000000000 ____D C:\Windows\SysWOW64\1033 2019-12-12 22:34 - 2019-12-13 18:20 - 000000000 ____D C:\Windows\system32\1033 2019-12-12 22:34 - 2019-12-13 18:20 - 000000000 ____D C:\Program Files\Microsoft SQL Server 2019-12-12 22:32 - 2019-12-13 18:21 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server 2019-12-12 14:42 - 2019-12-15 01:19 - 000000056 ____H C:\Windows\SysWOW64\p15asergiojg.sys 2019-12-12 14:42 - 2019-12-13 19:54 - 000000000 ____D C:\Users\SergioJG\AppData\Local\AIT 2019-12-12 14:42 - 2019-12-12 14:42 - 000000000 ____D C:\Users\SergioJG\AppData\Roaming\Neos Eureka S.r.l 2019-12-12 14:35 - 2019-12-13 18:24 - 000000000 ____D C:\ProgramData\AIT 2019-12-11 23:35 - 2019-12-11 23:35 - 000000000 ____D C:\Windows\system32\appmgmt 2019-12-11 23:33 - 2019-12-11 23:33 - 000000000 ____D C:\Users\SergioJG\AppData\Local\Microsoft_Corporation 2019-12-11 20:36 - 2019-12-11 20:36 - 000000000 ____D C:\Program Files\Firebird 2019-12-11 20:28 - 2019-12-11 20:28 - 000000054 ____H C:\Windows\SysWOW64\pwsergiojg.sys 2019-12-11 20:27 - 2019-12-11 23:34 - 000000000 ____D C:\Program Files (x86)\Projetex 2006 Workstation 2019-12-11 20:23 - 2019-12-11 20:23 - 000000058 _____ C:\Windows\SysWOW64\aliases.conf 2019-12-11 20:22 - 2019-12-11 23:34 - 000000000 ____D C:\Projetex 2006 Server 2019-12-11 20:22 - 2006-08-14 04:07 - 000296448 _____ (Borland Software Corporation) C:\Windows\SysWOW64\midas.dll 2019-12-11 20:05 - 2019-12-11 20:05 - 000000000 ____D C:\ProgramData\VS Revo Group 2019-12-10 10:28 - 2019-12-10 10:28 - 000247224 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetLwf.sys 2019-12-10 10:28 - 2019-12-10 10:28 - 000237320 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp6.sys 2019-12-07 20:07 - 2019-12-07 20:07 - 000001504 _____ C:\Users\SergioJG\Desktop\calibre.lnk 2019-12-07 00:15 - 2019-12-09 16:29 - 000000000 ____D C:\Users\SergioJG\Documents\My Digital Editions 2019-12-07 00:15 - 2019-12-07 00:15 - 000002223 _____ C:\Users\SergioJG\Desktop\Adobe Digital Editions 4.5.lnk 2019-12-07 00:15 - 2019-12-07 00:15 - 000000000 ____D C:\Users\SergioJG\AppData\Local\Adobe_Systems_Incorporate 2019-12-06 23:57 - 2019-12-06 23:57 - 000000000 ____D C:\Windows\system32\Tasks\S-1-5-21-3252720332-746923214-1690960025-1001 2019-12-05 02:23 - 2019-12-05 02:23 - 000051024 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe 2019-12-05 02:23 - 2019-12-05 02:23 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys 2019-12-05 02:23 - 2019-12-05 02:23 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys 2019-12-05 02:23 - 2019-12-05 02:23 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys 2019-11-30 23:04 - 2005-01-22 01:53 - 000055296 _____ C:\Windows\system32\huffyuv.dll 2019-11-30 14:46 - 2019-11-30 14:46 - 000000000 ____D C:\Users\SergioJG\AppData\Local\UnrealEngine 2019-11-30 14:30 - 2019-11-30 14:30 - 000000607 _____ C:\Users\Public\Desktop\Octopath Traveler.lnk 2019-11-29 22:31 - 2019-11-29 22:31 - 000000000 ____D C:\Users\SergioJG\AppData\Roaming\Yamicsoft 2019-11-29 22:17 - 2019-11-29 22:19 - 072340750 _____ C:\microsoft-windows-netfx3-ondemand-package.cab 2019-11-29 22:11 - 2019-11-29 22:11 - 002869264 _____ (Microsoft Corporation) C:\dotNetFx35setup.exe 2019-11-28 18:00 - 2019-11-28 18:00 - 000000000 ____D C:\Users\SergioJG\Scrivener ScratchPad 2019-11-28 00:01 - 2019-11-28 00:01 - 000772176 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase_clr0400.dll 2019-11-28 00:01 - 2019-11-28 00:01 - 000702400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase_clr0400.dll 2019-11-28 00:01 - 2019-11-28 00:01 - 000622832 _____ (Microsoft Corporation) C:\Windows\system32\msvcp140_clr0400.dll 2019-11-28 00:01 - 2019-11-28 00:01 - 000433448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp140_clr0400.dll 2019-11-28 00:01 - 2019-11-28 00:01 - 000087296 _____ (Microsoft Corporation) C:\Windows\system32\vcruntime140_clr0400.dll 2019-11-28 00:01 - 2019-11-28 00:01 - 000083768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vcruntime140_clr0400.dll 2019-11-28 00:01 - 2019-11-28 00:01 - 000017968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll 2019-11-28 00:01 - 2019-11-28 00:01 - 000017968 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100_clr0400.dll 2019-11-28 00:00 - 2019-11-28 00:00 - 000032816 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll 2019-11-28 00:00 - 2019-11-28 00:00 - 000029232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll 2019-11-26 13:25 - 2019-11-26 13:26 - 000000000 ____D C:\Users\SergioJG\AppData\Roaming\Meda MP3 Joiner 1.2 2019-11-26 13:25 - 2019-11-26 13:25 - 000001012 _____ C:\Users\Public\Desktop\Meda MP3 Joiner.lnk 2019-11-26 13:25 - 2019-11-26 13:25 - 000000000 ____D C:\Program Files (x86)\Meda MP3 Joiner 2019-11-26 13:18 - 2019-11-26 13:18 - 000000000 ____D C:\Users\SergioJG\Desktop\Formación 2018-2019 2019-11-16 11:37 - 2019-11-16 11:37 - 000000000 ____D C:\Users\SergioJG\AppData\Local\KutoolsforExcel 2019-11-16 11:36 - 2019-11-16 11:36 - 000000000 ____D C:\Users\SergioJG\Documents\Kutools for Excel 2019-11-16 11:36 - 2019-11-16 11:36 - 000000000 ____D C:\Users\SergioJG\AppData\Roaming\Kutools for Excel 2019-11-16 11:36 - 2019-11-16 11:36 - 000000000 ____D C:\Users\Public\Documents\Kutools for Excel ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-12-15 12:42 - 2019-01-17 00:41 - 000000000 ____D C:\Users\SergioJG\AppData\LocalLow\Mozilla 2019-12-15 12:40 - 2019-08-14 23:25 - 000000000 ____D C:\Users\SergioJG\AppData\Local\Sync.Logs 2019-12-15 12:40 - 2019-02-09 19:05 - 000000000 ____D C:\Program Files (x86)\Advanced Diary 2019-12-15 12:33 - 2019-03-22 15:39 - 000000000 ____D C:\ProgramData\firebird 2019-12-15 12:22 - 2019-01-16 23:54 - 007925300 _____ C:\Windows\system32\PerfStringBackup.INI 2019-12-15 12:22 - 2017-09-30 15:42 - 004001640 _____ C:\Windows\system32\perfh00A.dat 2019-12-15 12:22 - 2017-09-30 15:42 - 001119360 _____ C:\Windows\system32\perfc00A.dat 2019-12-15 12:19 - 2019-01-17 00:46 - 000000000 ____D C:\Users\SergioJG\AppData\Local\AVAST Software 2019-12-15 12:18 - 2019-10-02 18:08 - 000000000 ____D C:\Users\SergioJG\AppData\Roaming\uTorrent 2019-12-15 12:18 - 2019-01-17 00:14 - 000720896 _____ C:\Users\Public\Documents\bootracer.his 2019-12-15 12:18 - 2019-01-17 00:01 - 000000538 _____ C:\Users\Public\Documents\bootracer.ini 2019-12-15 12:18 - 2019-01-17 00:01 - 000000000 ____D C:\ProgramData\BootRacer 2019-12-15 12:18 - 2019-01-16 23:58 - 000000000 __SHD C:\Users\SergioJG\IntelGraphicsProfiles 2019-12-15 12:17 - 2019-01-17 00:06 - 000000000 ____D C:\ProgramData\NVIDIA 2019-12-15 12:17 - 2019-01-17 00:01 - 000000000 ____D C:\Program Files (x86)\BootRacer 2019-12-15 12:17 - 2019-01-16 23:47 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2019-12-15 12:14 - 2017-09-29 09:45 - 000262144 _____ C:\Windows\system32\config\BBI 2019-12-15 12:12 - 2019-06-20 12:44 - 000000000 ____D C:\Users\SergioJG\.afirma 2019-12-15 12:02 - 2019-04-22 23:31 - 000000000 ____D C:\Users\SergioJG\Documents\ShareX 2019-12-15 11:57 - 2019-01-17 01:00 - 000000000 ____D C:\Users\SergioJG\AppData\Local\ClassicShell 2019-12-15 11:45 - 2019-01-17 00:33 - 000000000 ____D C:\ProgramData\Malwarebytes 2019-12-15 11:41 - 2019-01-17 00:46 - 000004264 _____ C:\Windows\system32\Tasks\Avast Emergency Update 2019-12-15 11:37 - 2019-08-27 19:42 - 000000000 ____D C:\Users\SergioJG\AppData\Local\JDownloader 2.0 2019-12-15 11:37 - 2019-01-17 00:44 - 000000000 ____D C:\Users\SergioJG\AppData\Local\CrashDumps 2019-12-15 11:37 - 2019-01-17 00:20 - 000000000 ____D C:\Users\SergioJG\Desktop\Programas 2019-12-15 11:09 - 2019-02-08 22:39 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ofimática 2019-12-15 10:05 - 2019-11-08 15:57 - 000008189 _____ C:\Windows\GA_OF.dat 2019-12-15 10:04 - 2019-11-08 15:58 - 000001024 ____H C:\AMTAG.BIN 2019-12-15 10:04 - 2019-11-08 15:57 - 000000000 ____D C:\Program Files (x86)\AOMEI Partition Assistant 2019-12-15 09:53 - 2019-01-16 23:46 - 000000000 ____D C:\Windows\system32\SleepStudy 2019-12-15 00:59 - 2019-02-09 19:23 - 000000000 ____D C:\ProgramData\TEMP 2019-12-15 00:07 - 2019-08-23 15:48 - 000000000 ____D C:\Users\SergioJG\AppData\Local\Nox 2019-12-15 00:07 - 2019-01-16 23:50 - 000000000 ____D C:\Users\SergioJG 2019-12-15 00:07 - 2017-09-29 14:44 - 000000000 ____D C:\Windows\INF 2019-12-15 00:05 - 2019-01-17 00:15 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2019-12-14 23:56 - 2019-11-02 10:53 - 000000000 ____D C:\Program Files (x86)\Interactive Calendar 2019-12-14 23:56 - 2019-01-17 01:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimización Windows 2019-12-14 23:50 - 2019-01-17 13:06 - 000001028 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job 2019-12-14 23:50 - 2019-01-17 13:06 - 000001024 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job 2019-12-14 23:50 - 2019-01-16 23:46 - 005101768 _____ C:\Windows\system32\FNTCACHE.DAT 2019-12-14 23:49 - 2019-01-17 01:46 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2019-12-14 23:49 - 2019-01-17 00:41 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2019-12-14 23:47 - 2017-09-29 14:46 - 000000000 ____D C:\Windows\DeliveryOptimization 2019-12-14 23:43 - 2019-03-23 21:43 - 000003568 _____ C:\Users\SergioJG\AppData\Local\kdenliverc 2019-12-14 23:31 - 2019-01-20 20:31 - 000000000 ___HD C:\ProgramData\CanonIJScan 2019-12-14 23:31 - 2019-01-20 20:30 - 000000000 ____D C:\Users\SergioJG\AppData\Roaming\Canon 2019-12-14 23:31 - 2019-01-20 20:26 - 000000000 ____D C:\Program Files (x86)\Canon 2019-12-14 23:21 - 2019-10-27 09:17 - 000000000 ____D C:\Users\SergioJG\Desktop\Torrents 2019-12-14 23:06 - 2019-09-28 22:15 - 000002192 _____ C:\Users\SergioJG\Desktop\Atom.lnk 2019-12-14 23:06 - 2019-08-12 10:59 - 000001183 _____ C:\Users\SergioJG\Desktop\Premiere Pro 2019.lnk 2019-12-14 23:06 - 2019-02-09 19:05 - 000001143 _____ C:\Users\SergioJG\Desktop\Advanced Diary.lnk 2019-12-14 23:05 - 2019-01-17 01:29 - 000000000 ____D C:\Users\SergioJG\AppData\Roaming\MPC-HC 2019-12-14 23:03 - 2019-09-10 16:41 - 000000000 ____D C:\Users\SergioJG\Desktop\Vacantes y sustituciones 2019-12-14 22:59 - 2019-07-24 20:22 - 000000000 ____D C:\Users\SergioJG\Desktop\Formación 2019-2020 2019-12-14 22:35 - 2019-05-02 22:06 - 000000000 ____D C:\Temp 2019-12-14 22:30 - 2017-09-29 14:46 - 000000000 ____D C:\Windows\rescache 2019-12-14 21:57 - 2019-02-10 17:17 - 000000000 ____D C:\Program Files (x86)\Steam 2019-12-14 21:53 - 2019-01-16 23:46 - 000000000 ____D C:\Windows\Panther 2019-12-14 21:47 - 2019-08-23 15:52 - 000000000 ____D C:\Users\SergioJG\.android 2019-12-14 21:46 - 2019-08-23 15:51 - 000000000 ____D C:\Users\SergioJG\vmlogs 2019-12-14 21:46 - 2019-08-23 15:51 - 000000000 ____D C:\Users\SergioJG\AppData\Local\NoxSrv 2019-12-14 21:41 - 2019-08-13 06:12 - 000000000 ____D C:\Users\SergioJG\AppData\Roaming\TeamViewer 2019-12-14 21:26 - 2019-08-13 06:11 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2019-12-14 21:23 - 2019-01-19 00:32 - 000000000 ____D C:\Program Files (x86)\VideoLAN 2019-12-14 21:15 - 2019-09-28 22:15 - 000000000 ____D C:\Users\SergioJG\AppData\Roaming\Atom 2019-12-14 21:15 - 2019-09-28 22:15 - 000000000 ____D C:\Users\SergioJG\.atom 2019-12-14 16:36 - 2019-03-31 13:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Traducción 2019-12-14 15:54 - 2019-07-16 09:08 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys 2019-12-14 04:29 - 2019-01-17 00:46 - 000003622 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA 2019-12-14 04:29 - 2019-01-17 00:46 - 000003498 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore 2019-12-13 23:05 - 2019-10-17 21:00 - 000002380 _____ C:\Windows\system32\Tasks\Ejecutar EssentialPIM 15 minutos después 2019-12-13 23:05 - 2019-10-03 18:53 - 000002608 _____ C:\Windows\system32\Tasks\AdobeGCInvoker-1.0 2019-12-13 23:05 - 2019-08-23 15:15 - 000003000 _____ C:\Windows\system32\Tasks\BlueStacksHelper 2019-12-13 23:05 - 2019-06-13 22:23 - 000003482 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task 2019-12-13 23:05 - 2019-03-20 13:23 - 000003780 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier 2019-12-13 23:05 - 2019-03-20 13:23 - 000003454 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater 2019-12-13 23:05 - 2019-03-19 22:27 - 000002778 _____ C:\Windows\system32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-CBJOO85-SergioJG 2019-12-13 23:05 - 2019-02-08 21:25 - 000002942 _____ C:\Windows\system32\Tasks\Dragon_Center_updater 2019-12-13 23:05 - 2019-02-08 21:25 - 000002262 _____ C:\Windows\system32\Tasks\MSI_Dragon Center 2019-12-13 23:05 - 2019-01-17 13:06 - 000003542 _____ C:\Windows\system32\Tasks\DropboxUpdateTaskMachineUA 2019-12-13 23:05 - 2019-01-17 13:06 - 000003318 _____ C:\Windows\system32\Tasks\DropboxUpdateTaskMachineCore 2019-12-13 23:05 - 2019-01-17 00:47 - 000003180 _____ C:\Windows\system32\Tasks\klcp_update 2019-12-13 23:05 - 2019-01-17 00:46 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software 2019-12-13 23:05 - 2019-01-17 00:12 - 000003118 _____ C:\Windows\system32\Tasks\Intel PTT EK Recertification 2019-12-13 23:05 - 2019-01-17 00:07 - 000002984 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-12-13 23:05 - 2019-01-17 00:07 - 000002744 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-12-13 20:05 - 2017-09-29 14:37 - 000000000 ____D C:\Windows\CbsTemp 2019-12-13 19:53 - 2019-03-31 13:09 - 000000000 ____D C:\Users\Public\Documents\AIT 2019-12-13 18:22 - 2019-01-17 00:12 - 007855436 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2019-12-13 18:04 - 2017-09-30 15:43 - 000000000 ____D C:\Windows\OCR 2019-12-13 17:55 - 2017-09-29 14:46 - 000000000 ____D C:\Windows\SysWOW64\MUI 2019-12-13 17:55 - 2017-09-29 14:46 - 000000000 ____D C:\Windows\SysWOW64\inetsrv 2019-12-13 17:55 - 2017-09-29 14:46 - 000000000 ____D C:\Windows\system32\MUI 2019-12-13 17:55 - 2017-09-29 14:46 - 000000000 ____D C:\Windows\system32\inetsrv 2019-12-13 17:55 - 2017-09-29 14:43 - 000204288 _____ (Microsoft Corporation) C:\Windows\system32\iisRtl.dll 2019-12-13 17:55 - 2017-09-29 14:43 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisRtl.dll 2019-12-13 17:55 - 2017-09-29 14:43 - 000052736 _____ (Microsoft Corporation) C:\Windows\system32\ahadmin.dll 2019-12-13 17:55 - 2017-09-29 14:43 - 000048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admwprox.dll 2019-12-13 17:55 - 2017-09-29 14:43 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ahadmin.dll 2019-12-13 17:55 - 2017-09-29 14:43 - 000016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisreset.exe 2019-12-13 17:55 - 2017-09-29 14:43 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\cngkeyhelper.dll 2019-12-13 17:55 - 2017-09-29 14:43 - 000011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wamregps.dll 2019-12-13 17:55 - 2017-09-29 14:43 - 000011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngkeyhelper.dll 2019-12-13 17:55 - 2017-09-29 14:43 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisrstap.dll 2019-12-13 17:55 - 2017-09-29 14:42 - 000054272 _____ (Microsoft Corporation) C:\Windows\system32\admwprox.dll 2019-12-13 17:55 - 2017-09-29 14:42 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\iisreset.exe 2019-12-13 17:55 - 2017-09-29 14:42 - 000015360 _____ (Microsoft Corporation) C:\Windows\system32\wamregps.dll 2019-12-13 17:55 - 2017-09-29 14:42 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\iisrstap.dll 2019-12-13 17:50 - 2019-01-16 23:50 - 000000000 ____D C:\Users\SergioJG\AppData\Local\Packages 2019-12-13 17:40 - 2017-09-29 14:46 - 000000000 ____D C:\Windows\system32\NDF 2019-12-13 07:06 - 2019-01-17 00:47 - 000002218 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2019-12-12 21:37 - 2019-10-03 18:53 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData 2019-12-12 00:15 - 2019-08-14 11:23 - 000000000 ____D C:\Users\SergioJG\AppData\Roaming\WhatsApp 2019-12-11 16:09 - 2019-11-04 13:37 - 000001084 _____ C:\Users\Public\Desktop\CZUR Scanner.lnk 2019-12-11 16:09 - 2019-11-04 13:36 - 000000000 ____D C:\Program Files (x86)\CZUR Scanner 2019-12-11 15:01 - 2019-01-17 15:00 - 000000000 ___RD C:\Users\SergioJG\Dropbox 2019-12-11 10:36 - 2017-09-29 14:46 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2019-12-11 10:36 - 2017-09-29 14:46 - 000000000 ____D C:\Windows\system32\Macromed 2019-12-11 01:20 - 2019-11-04 13:39 - 000000000 ____D C:\Users\SergioJG\Documents\CzurDoc 2019-12-09 17:19 - 2019-08-25 23:19 - 000000000 ____D C:\ProgramData\boost_interprocess 2019-12-07 19:03 - 2019-01-19 19:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet - Correo electrónico 2019-12-07 18:41 - 2019-06-20 12:17 - 000000000 ____D C:\Program Files (x86)\Java 2019-12-07 18:39 - 2019-06-20 12:17 - 000114232 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2019-12-07 18:38 - 2019-05-26 18:51 - 000000000 ____D C:\ProgramData\Oracle 2019-12-07 18:15 - 2019-01-17 00:41 - 000000000 ____D C:\Program Files\Mozilla Firefox 2019-12-07 14:21 - 2019-01-22 11:52 - 000000000 ____D C:\Users\SergioJG\AppData\Local\Microsoft Help 2019-12-07 00:15 - 2019-03-23 21:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe 2019-12-07 00:15 - 2019-03-11 13:54 - 000000000 ____D C:\Program Files (x86)\Adobe 2019-12-07 00:05 - 2019-11-02 14:34 - 000097510 _____ C:\Users\SergioJG\AppData\Roaming\library.xml 2019-12-07 00:05 - 2019-11-02 14:34 - 000001468 _____ C:\Users\SergioJG\AppData\Roaming\library.bookmarks.xml 2019-12-06 13:41 - 2019-02-08 22:51 - 000000592 __RSH C:\ProgramData\ntuser.pol 2019-12-05 20:07 - 2019-01-17 13:06 - 000000000 ____D C:\Program Files (x86)\Dropbox 2019-12-05 13:39 - 2019-02-08 22:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fansub 2019-12-04 14:52 - 2019-07-16 09:08 - 000020936 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys 2019-12-04 14:52 - 2019-07-16 09:08 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2019-12-04 14:52 - 2019-03-23 21:43 - 000000000 ____D C:\Users\SergioJG\AppData\Local\cache 2019-12-03 23:15 - 2019-11-02 10:53 - 000001175 _____ C:\Users\SergioJG\Desktop\Interactive Calendar.lnk 2019-12-03 23:15 - 2019-08-27 20:50 - 000002248 _____ C:\Users\SergioJG\Desktop\Discord.lnk 2019-12-03 23:15 - 2019-08-27 19:48 - 000002171 _____ C:\Users\SergioJG\Desktop\JDownloader 2.lnk 2019-12-03 23:15 - 2019-08-12 11:00 - 000001092 _____ C:\Users\SergioJG\Desktop\HotPotatoes 7.lnk 2019-12-03 23:15 - 2019-06-01 10:31 - 000002552 _____ C:\Users\SergioJG\Desktop\Illustrator CC 2019.lnk 2019-12-03 23:15 - 2019-05-26 23:27 - 000001091 _____ C:\Users\SergioJG\Desktop\Animate CC 2019.lnk 2019-12-03 23:15 - 2019-03-23 19:14 - 000002307 _____ C:\Users\SergioJG\Desktop\kindle.lnk 2019-12-03 01:06 - 2019-04-22 23:31 - 000000000 ____D C:\Program Files\ShareX 2019-12-01 10:36 - 2019-04-13 16:10 - 000000000 ____D C:\Users\SergioJG\AppData\Roaming\audacity 2019-12-01 10:36 - 2019-04-13 16:10 - 000000000 ____D C:\Program Files (x86)\Audacity 2019-11-30 23:06 - 2019-01-17 00:47 - 000000000 ____D C:\Program Files (x86)\K-Lite Codec Pack 2019-11-30 20:07 - 2019-02-08 22:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Videojuegos 2019-11-30 14:46 - 2019-02-10 17:34 - 000000000 ____D C:\Users\SergioJG\Documents\My Games 2019-11-30 14:40 - 2019-04-04 22:53 - 000000000 ____D C:\Windows\SysWOW64\directx 2019-11-30 11:19 - 2019-05-01 22:16 - 000000000 ____D C:\Users\SergioJG\AppData\Roaming\Notepad++ 2019-11-29 21:11 - 2019-08-14 11:23 - 000000000 ____D C:\Users\SergioJG\AppData\Local\WhatsApp 2019-11-23 08:12 - 2019-09-16 08:24 - 000000000 ____D C:\Users\SergioJG\AppData\Local\DisplayFusion 2019-11-19 11:21 - 2019-01-17 00:25 - 000000436 _____ C:\Users\SergioJG\Desktop\Mi PC.lnk 2019-11-15 18:42 - 2019-03-23 13:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ebooks ==================== Files in the root of some directories ======== 2019-02-09 19:59 - 2003-03-21 12:45 - 000250544 _____ (KeyWorks Software) C:\Program Files (x86)\Common Files\keyhelp.ocx 2019-12-15 11:37 - 2019-12-15 11:37 - 000000000 _____ () C:\Users\SergioJG\AppData\Roaming\kiwix.session 2019-11-02 14:34 - 2019-12-07 00:05 - 000001468 _____ () C:\Users\SergioJG\AppData\Roaming\library.bookmarks.xml 2019-11-02 14:34 - 2019-12-07 00:05 - 000097510 _____ () C:\Users\SergioJG\AppData\Roaming\library.xml 2019-06-20 12:13 - 2019-09-17 21:30 - 000537088 _____ (Dirección General de la Policía) C:\Users\SergioJG\AppData\Local\DNIeService.exe 2019-03-23 21:43 - 2019-12-14 23:43 - 000003568 _____ () C:\Users\SergioJG\AppData\Local\kdenliverc 2019-03-12 13:56 - 2019-03-12 23:16 - 000000205 _____ () C:\Users\SergioJG\AppData\Local\oobelibMkey.log 2019-03-23 22:49 - 2019-03-23 22:51 - 000000928 _____ () C:\Users\SergioJG\AppData\Local\skroogerc 2019-03-24 12:42 - 2019-03-24 12:42 - 000000000 _____ () C:\Users\SergioJG\AppData\Local\slcA26D.tmp 2019-03-23 21:43 - 2019-03-23 21:43 - 000000539 _____ () C:\Users\SergioJG\AppData\Local\user-places.xbel 2019-03-23 21:43 - 2019-03-23 21:43 - 000000000 _____ () C:\Users\SergioJG\AppData\Local\user-places.xbel.tbcache ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== BCD ================================ Administrador de arranque de Windows ---------------------------------- Identificador {bootmgr} device partition=C: description Windows Boot Manager locale es-ES inherit {globalsettings} default {current} resumeobject {84665b0d-19e0-11e9-9d41-f2b629bdc630} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Cargador de arranque de Windows ----------------------------- Identificador {current} device partition=C: path \Windows\system32\winload.exe description Windows 10 locale es-ES inherit {bootloadersettings} recoverysequence {84665b0f-19e0-11e9-9d41-f2b629bdc630} displaymessageoverride Recovery recoveryenabled Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \Windows resumeobject {84665b0d-19e0-11e9-9d41-f2b629bdc630} nx OptIn bootmenupolicy Standard Cargador de arranque de Windows ----------------------------- Identificador {84665b0f-19e0-11e9-9d41-f2b629bdc630} device ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{84665b10-19e0-11e9-9d41-f2b629bdc630} path \windows\system32\winload.exe description Windows Recovery Environment locale es-es inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{84665b10-19e0-11e9-9d41-f2b629bdc630} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Reanudar tras hibernaci�n ------------------------- Identificador {84665b0d-19e0-11e9-9d41-f2b629bdc630} device partition=C: path \Windows\system32\winresume.exe description Windows Resume Application locale es-ES inherit {resumeloadersettings} recoverysequence {84665b0f-19e0-11e9-9d41-f2b629bdc630} recoveryenabled Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Herramienta de comprobaci�n de memoria de Windows ------------------------------------------------- Identificador {memdiag} device partition=C: path \boot\memtest.exe description Herramienta de diagn�stico de memoria de Windows locale es-ES inherit {globalsettings} badmemoryaccess Yes Configuraci�n de EMS -------------------- Identificador {emssettings} bootems No Configuraci�n del depurador --------------------------- Identificador {dbgsettings} debugtype Local Defectos de RAM --------------- Identificador {badmemory} Configuraci�n global -------------------- Identificador {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} Configuraci�n del cargador de arranque ------------------------------------ Identificador {bootloadersettings} inherit {globalsettings} {hypervisorsettings} Configuraci�n de hipervisor ------------------- Identificador {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 Reanudar la configuraci�n del cargador -------------------------------------- Identificador {resumeloadersettings} inherit {globalsettings} Opciones de dispositivo ----------------------- Identificador {84665b10-19e0-11e9-9d41-f2b629bdc630} description Windows Recovery ramdisksdidevice partition=C: ramdisksdipath \Recovery\WindowsRE\boot.sdi LastRegBack: 2019-12-11 04:28 ==================== End of FRST.txt ========================