Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-07-2019 01 Ran by F. Javier (administrator) on PCJCALA (18-07-2019 19:29:15) Running from F:\Descargas Loaded Profiles: F. Javier (Available Profiles: defaultuser0 & F. Javier) Platform: Windows 10 Pro Version 1903 18362.175 (X64) Language: Español (España, internacional) Default browser: FF Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) () [File not signed] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19053.13.0_x64__8wekyb3d8bbwe\YourPhone.exe (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (ICEpower a/s -> ICEpower) C:\Windows\System32\ICEsoundService64.exe (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Photodex Corporation -> ) E:\Program Files (x86)\Photodex\ProShow Producer\scsiaccess.exe (Piriform Software Ltd -> Piriform Software Ltd) E:\Program Files\CCleaner\CCleaner64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Safer-Networking Ltd. -> Safer-Networking Ltd.) E:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd. -> Safer-Networking Ltd.) E:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (TomTom International BV -> TomTom) E:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe (Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe (Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe (Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe (Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe (Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe (Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe (Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppService.exe (Wondershare Technology Co.,Ltd -> Wondershare) E:\Program Files (x86)\Wondershare\dr.fone\Library\DriverInstaller\DriverInstall.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9269120 2019-03-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated) HKLM-x32\...\Run: [SDTray] => E:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [6788032 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation) HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [588288 2016-01-08] (Nikon Corporation) [File not signed] HKLM\...\Policies\Explorer: [NoViewContextMenu] 0 HKLM\...\Policies\Explorer: [NoFind] 0 HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-21-4055168685-874566943-3237835349-1001\...\Run: [CCleaner Smart Cleaning] => E:\Program Files\CCleaner\CCleaner64.exe [23153344 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-4055168685-874566943-3237835349-1001\...\Policies\Explorer: [] Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\hueyTray.lnk [2016-11-12] ShortcutTarget: hueyTray.lnk -> E:\Program Files (x86)\Pantone\huey\hueyTray.exe (Pantone & GretagMacbeth) [File not signed] GroupPolicy: Restriction - Windows Defender <==== ATTENTION FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {00BE8384-40E5-4643-9030-A9EAE459741B} - System32\Tasks\Driver Easy Scheduled Scan => E:\Program Files\Easeware\DriverEasy\DriverEasy.exe [3617760 2019-06-04] (Easeware Technology Limited -> Easeware) Task: {07E88183-293A-49CD-BAE4-68C42863392F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Task: {38A644E2-4731-4FDD-A6E3-B543788AF3D5} - System32\Tasks\Defraggler Volume E Task => E:\Program Files\Defraggler\df64.exe [1624120 2018-05-02] (Piriform Ltd -> Piriform Ltd) Task: {3EC27890-DBA6-43DD-86FC-D5C159314644} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation) Task: {4255A691-3813-43D1-8EBA-068981A4E13B} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2018-12-06] (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {441AED7E-29CC-4065-8602-9A61766752E9} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [960448 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation) Task: {4960C7F6-A64F-4A89-AD14-CE98C18956F8} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [436160 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation) Task: {5A483D34-925B-4286-B238-C781DF21B1D2} - System32\Tasks\R@1n-KMS\Windows64Professional => wmic path SoftwareLicensingProduct where (ID="2de67392-b7a7-462a-b1ca-108dd189f588") call Activate Task: {5EF5F2C4-0F08-4ED4-BA5A-2D9D249455D8} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [1542080 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation) Task: {5F14F1AA-69B3-4B19-9E1A-D348BA69733D} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe Task: {60790D2A-2429-491D-B3F8-DCE2B6548634} - System32\Tasks\CCleaner Update => E:\Program Files\CCleaner\CCUpdate.exe [619416 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd) Task: {63B0FCBB-EBC8-47D5-999A-FD05A61648D5} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2281944 2019-06-04] (AVAST Software s.r.o. -> AVAST Software) Task: {648CF22A-420A-4993-8935-08042BD01067} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [655296 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation) Task: {6AD7B249-7451-41B3-9D19-FCB75BEFBF95} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK Task: {879D16C9-CF47-44C7-BB5B-B7B095728345} - System32\Tasks\AdobeGCInvoker-1.0-PCJCALA-F. Javier => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {919A237F-CD73-4CEA-946D-0BE1E876A6E3} - System32\Tasks\CCleanerSkipUAC => E:\Program Files\CCleaner\CCleaner.exe [16835256 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd) Task: {A001F14B-EE1A-4153-93D4-7EC27022F2AD} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [728000 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation) Task: {A4BDD390-EB80-4A95-8F1C-A7B1FA80BC68} - System32\Tasks\Defraggler Volume F Task => E:\Program Files\Defraggler\df64.exe [1624120 2018-05-02] (Piriform Ltd -> Piriform Ltd) Task: {AC761CA7-F4DE-40B5-8375-F77B16D941E2} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => E:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [7192192 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.) Task: {C19CAD9D-613E-49AA-A170-BC4250A7BBE5} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [655296 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation) Task: {C3AE99C3-EBB4-40C9-9310-1B0E94E7D77B} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => E:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [7651984 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.) Task: {C580882D-A5E8-48FF-9EC6-8E84B12B8F28} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [728000 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation) Task: {C62D5AE8-90D9-4688-A6BD-74EB5DF96A2A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => E:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [6944304 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.) Task: {CEF4CFCD-8AC8-42C2-A364-BD70EFA55EDE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-11-11] (Google Inc -> Google Inc.) Task: {D8ECC542-4E98-4487-BD35-388E5DF2B353} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-11-11] (Google Inc -> Google Inc.) Task: {F1ACFB9C-2EF7-473B-9E17-348ABC85601D} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_101_Plugin.exe [1456128 2018-12-06] (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {F604916B-83FE-4488-94E7-EA27E7ADD7DF} - System32\Tasks\Defraggler Volume G Task => E:\Program Files\Defraggler\df64.exe [1624120 2018-05-02] (Piriform Ltd -> Piriform Ltd) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\Defraggler Volume E Task.job => E:\Program Files\Defraggler\df64.exe Task: C:\WINDOWS\Tasks\Defraggler Volume F Task.job => E:\Program Files\Defraggler\df64.exe Task: C:\WINDOWS\Tasks\Defraggler Volume G Task.job => E:\Program Files\Defraggler\df64.exe Task: C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job => E:\Program Files\Easeware\DriverEasy\DriverEasy.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Hosts: 127.0.0.1 app.drivereasy.com Tcpip\Parameters: [DhcpNameServer] 87.216.1.65 87.216.1.66 Tcpip\..\Interfaces\{4a900015-fd3c-4129-8e4c-6a6a236c0bea}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{8168bfac-b3d4-11e7-adcc-806e6f6e6963}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{93e941fa-cf47-44a5-8df7-ee7c73bd9b64}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{93e941fa-cf47-44a5-8df7-ee7c73bd9b64}: [DhcpNameServer] 87.216.1.65 87.216.1.66 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-1e3d976e HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = SearchScopes: HKU\S-1-5-21-4055168685-874566943-3237835349-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2019-03-29] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-03-29] (Oracle America, Inc. -> Oracle Corporation) FireFox: ======== FF DefaultProfile: rt063q7p.default FF DefaultProfile: 7o2cgt9d.default-1561186929524 FF ProfilePath: C:\Users\jotak\AppData\Roaming\TomTom\HOME\Profiles\t6dsa7eh.default [2019-07-06] FF Extension: (Map status indicator) - E:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [2019-04-08] [Legacy] [not signed] FF ProfilePath: C:\Users\jotak\AppData\Roaming\Oxylane\ONconnect\Profiles\rt063q7p.default [2019-06-30] FF ProfilePath: C:\Users\jotak\AppData\Roaming\Mozilla\Firefox\Profiles\7o2cgt9d.default-1561186929524 [2019-07-18] FF Homepage: Mozilla\Firefox\Profiles\7o2cgt9d.default-1561186929524 -> hxxps://www.google.es/ FF Extension: (signTextJS plus) - C:\Users\jotak\AppData\Roaming\Mozilla\Firefox\Profiles\7o2cgt9d.default-1561186929524\Extensions\jid1-FkPKYIvh3ElkQO@jetpack.xpi [2019-06-22] FF Extension: (MyJDownloader Browser Extension) - C:\Users\jotak\AppData\Roaming\Mozilla\Firefox\Profiles\7o2cgt9d.default-1561186929524\Extensions\jid1-OY8Xu5BsKZQa6A@jetpack.xpi [2019-06-24] [UpdateUrl:hxxps://my.jdownloader.org/extensions/firefox.json] FF Extension: (Google Translator for Firefox) - C:\Users\jotak\AppData\Roaming\Mozilla\Firefox\Profiles\7o2cgt9d.default-1561186929524\Extensions\translator@zoli.bod.xpi [2019-06-22] FF Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\jotak\AppData\Roaming\Mozilla\Firefox\Profiles\7o2cgt9d.default-1561186929524\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-06-22] FF Extension: (No Name) - C:\Program Files\Mozilla Firefox\browser\features\{1189C9DF-3038-4787-9592-8C6E41CC7F94}.xpi [2019-06-22] [not signed] FF HKLM\...\Firefox\Extensions: [{b84eec0c-f44b-420f-b2ee-db2a585be7fc}] - C:\Program Files (x86)\vondos\smartdefender\FF\smart_defender-1.0.0-an+fx.xpi => not found FF HKLM-x32\...\Firefox\Extensions: [{b84eec0c-f44b-420f-b2ee-db2a585be7fc}] - C:\Program Files (x86)\vondos\smartdefender\FF\smart_defender-1.0.0-an+fx.xpi => not found FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_101.dll [2018-12-06] (Adobe Systems Incorporated -> ) FF Plugin: @videolan.org/vlc,version=2.2.4 -> E:\Program Files\VideoLAN\VLC\npvlc.dll [No File] FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed] FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed] FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-01-22] (Adobe Systems Incorporated -> Adobe Systems) FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed] FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_101.dll [2018-12-06] (Adobe Systems Incorporated -> ) FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-03-29] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-03-29] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @photodex.com/PhotodexPresenter -> C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll [2019-02-24] ( ) [File not signed] FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC) FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> E:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> E:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> E:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> E:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> E:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> E:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN) FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.2 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [No File] FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-01-22] (Adobe Systems Incorporated -> Adobe Systems) FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [No File] FF Plugin HKU\S-1-5-21-4055168685-874566943-3237835349-1001: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed] FF ExtraCheck: C:\Program Files\mozilla firefox\browser\defaults\preferences\firefox.js [2019-03-01] Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128 2019-01-22] (Adobe Systems Incorporated -> Adobe Inc.) R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3117648 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2888272 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated) R2 ICEsoundService; C:\WINDOWS\system32\ICEsoundService64.exe [806144 2019-01-06] (ICEpower a/s -> ICEpower) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed] R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes) R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation) R2 ScsiAccess; E:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe [186760 2019-02-24] (Photodex Corporation -> ) R2 SDScannerService; E:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3892256 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.) R2 SDUpdateService; E:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [3943664 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.) S2 SDWSCService; E:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233712 2018-02-06] (Safer-Networking Ltd. -> Safer-Networking Ltd.) R2 TomTomHOMEService; E:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [99704 2019-02-11] (TomTom International BV -> TomTom) R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppService.exe [493792 2017-11-07] (Wondershare Technology Co.,Ltd -> Wondershare) R2 WsDrvInst; E:\Program Files (x86)\Wondershare\dr.fone\Library\DriverInstaller\DriverInstall.exe [120096 2017-11-08] (Wondershare Technology Co.,Ltd -> Wondershare) R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [656664 2014-08-19] (Wacom Technology Corp. -> Wacom Technology, Corp.) R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [730304 2016-01-11] (Wacom Technology Corp. -> Wacom Technology, Corp.) U3 wuauserv; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL) U3 wuauserv; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL) R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-09-09] (ASUSTeK Computer Inc. -> ) S3 cmshusbser; C:\WINDOWS\system32\DRIVERS\cmshusbser.sys [127232 2016-04-25] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated) R3 hidkmdf; C:\WINDOWS\System32\drivers\hidkmdf.sys [39912 2018-12-19] (Wacom Technology Corporation -> Windows (R) Win 7 DDK provider) R0 iaStorAC; C:\WINDOWS\System32\drivers\iaStorAC.sys [1033288 2019-07-06] (Intel(R) Rapid Storage Technology -> Intel Corporation) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [199768 2019-07-17] (Malwarebytes Corporation -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2019-07-17] (Malwarebytes Corporation -> Malwarebytes) R3 MEIx64; C:\WINDOWS\System32\DriverStore\FileRepository\heci.inf_amd64_85021432489d6a1c\x64\TeeDriverW8x64.sys [266128 2019-05-16] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) R3 NVHDA; C:\WINDOWS\system32\drivers\nvhda64v.sys [212368 2019-04-29] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation) R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b49751b9038af669\nvlddmkm.sys [21836032 2019-06-28] (NVIDIA Corporation -> NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-04-29] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation) S3 qcusbser; C:\WINDOWS\system32\DRIVERS\qcusbser.sys [242688 2016-05-18] (Xiaomi Technology Inc -> QUALCOMM Incorporated) R3 RSUSBCCID; C:\WINDOWS\system32\DRIVERS\RtsUCcid.sys [66816 2015-11-25] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1141752 2019-05-16] (Realtek Semiconductor Corp. -> Realtek ) R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [451792 2019-07-06] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation) R3 WacHidRouter; C:\WINDOWS\System32\drivers\wachidrouter.sys [115608 2018-12-19] (Microsoft Windows Hardware Compatibility Publisher -> Wacom Technology, Corp.) S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-07-18 19:28 - 2019-07-18 19:29 - 000000000 ____D C:\FRST 2019-07-17 10:02 - 2019-07-17 10:02 - 000000221 _____ C:\Users\Public\Desktop\Ashampoo Deals.url 2019-07-17 10:02 - 2019-07-17 10:02 - 000000000 ____D C:\Users\jotak\AppData\Local\Ashampoo 2019-07-17 09:30 - 2019-07-17 09:37 - 000000000 ____D C:\Users\jotak\AppData\Roaming\ZHP 2019-07-17 09:30 - 2019-07-17 09:30 - 000000914 _____ C:\Users\jotak\Desktop\ZHPCleaner.lnk 2019-07-17 09:30 - 2019-07-17 09:30 - 000000000 ____D C:\Users\jotak\AppData\Local\ZHP 2019-07-17 09:29 - 2019-07-17 09:29 - 000275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2019-07-17 09:26 - 2019-07-17 09:28 - 000000000 ____D C:\AdwCleaner 2019-07-17 09:26 - 2019-07-17 09:26 - 000199768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2019-07-17 09:26 - 2019-07-17 09:26 - 000001920 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2019-07-17 09:26 - 2019-07-17 09:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2019-07-17 09:26 - 2019-07-17 09:26 - 000000000 ____D C:\Program Files\Malwarebytes 2019-07-17 09:26 - 2019-06-26 13:00 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2019-07-17 09:26 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2019-07-17 09:22 - 2019-07-17 09:22 - 000003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update 2019-07-15 13:56 - 2019-07-15 13:56 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2019-07-12 08:31 - 2019-07-15 11:25 - 000000000 ____D C:\Program Files\Mozilla Firefox 2019-07-10 12:46 - 2019-07-10 12:46 - 000001661 _____ C:\Users\jotak\Desktop\Resolve.lnk 2019-07-10 12:46 - 2019-07-10 12:46 - 000000000 ____D C:\Users\jotak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blackmagic Design 2019-07-09 12:10 - 2019-07-09 12:10 - 000000676 _____ C:\Users\Public\Desktop\AIMP.lnk 2019-07-09 12:10 - 2019-07-09 12:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP 2019-07-06 12:34 - 2019-07-06 12:36 - 009908792 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RsCRIcon.dll 2019-07-06 12:34 - 2019-07-06 12:34 - 001033288 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaStorAC.sys 2019-07-06 12:34 - 2019-07-06 12:34 - 000451792 _____ (Realsil Semiconductor Corporation) C:\WINDOWS\system32\Drivers\RtsUer.sys 2019-07-03 12:24 - 2005-05-08 17:54 - 000626688 _____ (The cURL library, hxxp://curl.haxx.se/) C:\WINDOWS\system32\libcurl.dll 2019-06-30 17:52 - 2019-06-30 17:52 - 000000902 _____ C:\Users\jotak\Desktop\Capture One 12.lnk 2019-06-30 10:47 - 2019-06-30 10:47 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom 2019-06-30 10:47 - 2014-08-19 21:12 - 001991448 _____ (Wacom Technology, Corp.) C:\WINDOWS\system32\Pen_Tablet.dll 2019-06-30 10:47 - 2014-08-19 21:12 - 001984792 _____ (Wacom Technology, Corp.) C:\WINDOWS\system32\Pen_Touch_Tablet.dll 2019-06-30 10:47 - 2014-08-19 21:12 - 001614104 _____ (Wacom Technology, Corp.) C:\WINDOWS\SysWOW64\Pen_Tablet.dll 2019-06-30 10:47 - 2014-08-19 21:12 - 001607448 _____ (Wacom Technology, Corp.) C:\WINDOWS\SysWOW64\Pen_Touch_Tablet.dll 2019-06-28 13:28 - 2019-06-28 13:28 - 000000000 ____D C:\WINDOWS\LastGood.Tmp 2019-06-28 13:28 - 2019-05-23 00:01 - 000125240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll 2019-06-28 13:25 - 2019-06-28 13:25 - 000286624 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe 2019-06-28 13:25 - 2019-06-28 13:25 - 000286624 _____ C:\WINDOWS\system32\vulkaninfo.exe 2019-06-28 13:25 - 2019-06-28 13:25 - 000260512 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2019-06-28 13:25 - 2019-06-28 13:25 - 000260512 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2019-06-28 13:24 - 2019-06-28 13:25 - 000870304 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll 2019-06-28 13:24 - 2019-06-28 13:25 - 000870304 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2019-06-28 13:24 - 2019-06-28 13:24 - 001007008 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll 2019-06-28 13:24 - 2019-06-28 13:24 - 001007008 _____ C:\WINDOWS\system32\vulkan-1.dll 2019-06-28 13:07 - 2019-06-28 13:08 - 011051968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll 2019-06-28 13:05 - 2019-06-28 13:07 - 009487240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll 2019-06-28 12:49 - 2019-06-28 12:49 - 000821120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll 2019-06-28 12:49 - 2019-06-28 12:49 - 000675016 _____ C:\WINDOWS\system32\nvofapi64.dll 2019-06-28 12:49 - 2019-06-28 12:49 - 000541904 _____ C:\WINDOWS\SysWOW64\nvofapi.dll 2019-06-28 12:45 - 2019-06-28 12:45 - 001467864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6443086.dll 2019-06-28 12:45 - 2019-06-28 12:45 - 001162200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll 2019-06-28 12:45 - 2019-06-28 12:45 - 000912472 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll 2019-06-28 12:45 - 2019-06-28 12:45 - 000052456 _____ C:\WINDOWS\system32\nvinfo.pb 2019-06-28 12:44 - 2019-06-28 12:45 - 001722456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6443086.dll 2019-06-28 12:35 - 2019-06-28 12:36 - 005422040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2019-06-28 12:35 - 2019-06-28 12:35 - 004759640 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2019-06-28 12:34 - 2019-06-28 12:35 - 020190808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2019-06-28 12:32 - 2019-06-28 12:34 - 017467024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2019-06-28 12:28 - 2019-06-28 12:32 - 040412576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll 2019-06-28 12:24 - 2019-06-28 12:28 - 035269592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll 2019-06-28 12:23 - 2019-06-28 12:24 - 005085672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2019-06-28 12:23 - 2019-06-28 12:23 - 004340480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2019-06-28 12:23 - 2019-06-28 12:23 - 000808408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2019-06-28 12:23 - 2019-06-28 12:23 - 000654752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2019-06-28 12:22 - 2019-06-28 12:22 - 000552352 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2019-06-28 12:22 - 2019-06-28 12:22 - 000457304 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2019-06-28 12:21 - 2019-06-28 12:21 - 001470856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2019-06-28 12:21 - 2019-06-28 12:21 - 001133824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2019-06-28 12:21 - 2019-06-28 12:21 - 000631224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll 2019-06-28 12:21 - 2019-06-28 12:21 - 000522120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2019-06-28 12:20 - 2019-06-28 12:21 - 002039768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2019-06-28 12:20 - 2019-06-28 12:20 - 001542232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2019-06-28 11:44 - 2019-06-28 11:44 - 000042544 _____ (Wacom Technology, Corp.) C:\WINDOWS\system32\Drivers\wacomrouterfilter.sys 2019-06-28 11:30 - 2019-06-28 11:30 - 000000873 _____ C:\Users\Public\Desktop\Driver Easy.lnk 2019-06-28 11:30 - 2019-06-28 11:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Easy 2019-06-24 12:19 - 2019-06-24 12:19 - 000001139 _____ C:\Users\jotak\Desktop\run_j2se.bat - Acceso directo.lnk 2019-06-24 11:53 - 2019-07-06 14:48 - 000000000 ____D C:\WINDOWS\Panther 2019-06-24 08:06 - 2019-06-24 08:10 - 000000000 ____D C:\Users\jotak\AppData\Local\{003ACA6A-C058-424D-B955-A82DE5375C64} 2019-06-22 12:40 - 2019-06-22 12:40 - 000000235 _____ C:\Users\jotak\Desktop\How to download - CrackzSoft.URL 2019-06-22 12:38 - 2019-06-22 12:38 - 000000232 _____ C:\Users\jotak\Desktop\CRACK.MS - All CRACKs and SERIAL.URL 2019-06-22 12:18 - 2019-06-22 12:18 - 000002173 _____ C:\Users\jotak\Desktop\JDownloader 2.lnk 2019-06-22 12:17 - 2019-07-18 11:33 - 000000000 ____D C:\Users\jotak\AppData\Local\JDownloader 2.0 2019-06-22 11:17 - 2019-07-17 09:35 - 001773362 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2019-06-22 11:14 - 2019-06-22 11:14 - 000000000 ____D C:\ProgramData\Microsoft OneDrive 2019-06-22 11:12 - 2019-07-17 09:29 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2019-06-22 11:12 - 2019-06-22 11:12 - 000011433 _____ C:\WINDOWS\diagwrn.xml 2019-06-22 11:12 - 2019-06-22 11:12 - 000011433 _____ C:\WINDOWS\diagerr.xml 2019-06-22 11:12 - 2019-06-22 11:12 - 000005468 __RSH C:\ProgramData\ntuser.pol 2019-06-22 11:12 - 2019-06-22 11:12 - 000003840 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier 2019-06-22 11:12 - 2019-06-22 11:12 - 000003554 _____ C:\WINDOWS\System32\Tasks\Driver Easy Scheduled Scan 2019-06-22 11:12 - 2019-06-22 11:12 - 000003548 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2019-06-22 11:12 - 2019-06-22 11:12 - 000003496 _____ C:\WINDOWS\System32\Tasks\Defraggler Volume G Task 2019-06-22 11:12 - 2019-06-22 11:12 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2019-06-22 11:12 - 2019-06-22 11:12 - 000003458 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-06-22 11:12 - 2019-06-22 11:12 - 000003346 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2019-06-22 11:12 - 2019-06-22 11:12 - 000003324 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2019-06-22 11:12 - 2019-06-22 11:12 - 000003236 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-06-22 11:12 - 2019-06-22 11:12 - 000003044 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-06-22 11:12 - 2019-06-22 11:12 - 000003016 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-06-22 11:12 - 2019-06-22 11:12 - 000002974 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-06-22 11:12 - 2019-06-22 11:12 - 000002898 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-06-22 11:12 - 2019-06-22 11:12 - 000002846 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-06-22 11:12 - 2019-06-22 11:12 - 000002810 _____ C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0-PCJCALA-F. Javier 2019-06-22 11:12 - 2019-06-22 11:12 - 000002804 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-06-22 11:12 - 2019-06-22 11:12 - 000002768 _____ C:\WINDOWS\System32\Tasks\Defraggler Volume E Task 2019-06-22 11:12 - 2019-06-22 11:12 - 000002764 _____ C:\WINDOWS\System32\Tasks\Defraggler Volume F Task 2019-06-22 11:12 - 2019-06-22 11:12 - 000002588 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask 2019-06-22 11:12 - 2019-06-22 11:12 - 000002540 _____ C:\WINDOWS\System32\Tasks\AutoPico Daily Restart 2019-06-22 11:12 - 2019-06-22 11:12 - 000002218 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC 2019-06-22 11:12 - 2019-06-22 11:12 - 000000282 __RSH C:\Users\jotak\ntuser.pol 2019-06-22 11:12 - 2019-06-22 11:12 - 000000020 ___SH C:\Users\jotak\ntuser.ini 2019-06-22 11:12 - 2019-06-22 11:12 - 000000000 ____D C:\WINDOWS\System32\Tasks\UpdateTask 2019-06-22 11:12 - 2019-06-22 11:12 - 000000000 ____D C:\WINDOWS\System32\Tasks\System 2019-06-22 11:12 - 2019-06-22 11:12 - 000000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking 2019-06-22 11:12 - 2019-06-22 11:12 - 000000000 ____D C:\WINDOWS\System32\Tasks\S-1-5-21-4055168685-874566943-3237835349-1001 2019-06-22 11:12 - 2019-06-22 11:12 - 000000000 ____D C:\WINDOWS\System32\Tasks\R@1n-KMS 2019-06-22 11:12 - 2019-06-22 11:12 - 000000000 ____D C:\WINDOWS\System32\Tasks\NCH Software 2019-06-22 11:12 - 2019-06-22 11:12 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software 2019-06-22 11:12 - 2019-06-22 11:12 - 000000000 ____D C:\ProgramData\USOShared 2019-06-22 11:09 - 2019-06-12 03:30 - 002874368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2019-06-22 11:08 - 2019-07-17 11:49 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2019-06-22 11:07 - 2019-06-22 11:07 - 000066064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WinSetupBoot.sys 2019-06-22 11:03 - 2019-06-22 11:03 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate 2019-06-22 11:02 - 2019-06-30 19:10 - 000000000 ____D C:\Users\jotak 2019-06-22 11:02 - 2019-06-22 11:11 - 000000000 ____D C:\Users\defaultuser0 2019-06-22 11:02 - 2019-06-22 11:02 - 000000000 _SHDL C:\Users\jotak\Reciente 2019-06-22 11:02 - 2019-06-22 11:02 - 000000000 _SHDL C:\Users\jotak\Plantillas 2019-06-22 11:02 - 2019-06-22 11:02 - 000000000 _SHDL C:\Users\jotak\Mis documentos 2019-06-22 11:02 - 2019-06-22 11:02 - 000000000 _SHDL C:\Users\jotak\Menú Inicio 2019-06-22 11:02 - 2019-06-22 11:02 - 000000000 _SHDL C:\Users\jotak\Impresoras 2019-06-22 11:02 - 2019-06-22 11:02 - 000000000 _SHDL C:\Users\jotak\Entorno de red 2019-06-22 11:02 - 2019-06-22 11:02 - 000000000 _SHDL C:\Users\jotak\Documents\Mis vídeos 2019-06-22 11:02 - 2019-06-22 11:02 - 000000000 _SHDL C:\Users\jotak\Documents\Mis imágenes 2019-06-22 11:02 - 2019-06-22 11:02 - 000000000 _SHDL C:\Users\jotak\Documents\Mi música 2019-06-22 11:02 - 2019-06-22 11:02 - 000000000 _SHDL C:\Users\jotak\Datos de programa 2019-06-22 11:02 - 2019-06-22 11:02 - 000000000 _SHDL C:\Users\jotak\Configuración local 2019-06-22 11:02 - 2019-06-22 11:02 - 000000000 _SHDL C:\Users\jotak\AppData\Roaming\Microsoft\Windows\Start Menu\Programas 2019-06-22 11:02 - 2019-06-22 11:02 - 000000000 _SHDL C:\Users\jotak\AppData\Local\Historial 2019-06-22 11:02 - 2019-06-22 11:02 - 000000000 _SHDL C:\Users\jotak\AppData\Local\Datos de programa 2019-06-22 11:02 - 2019-06-22 11:02 - 000000000 _SHDL C:\Users\jotak\AppData\Local\Archivos temporales de Internet 2019-06-22 11:02 - 2019-06-22 11:02 - 000000000 _SHDL C:\Users\defaultuser0\Reciente 2019-06-22 11:02 - 2019-06-22 11:02 - 000000000 _SHDL C:\Users\defaultuser0\Plantillas 2019-06-22 11:02 - 2019-06-22 11:02 - 000000000 _SHDL C:\Users\defaultuser0\Mis documentos 2019-06-22 11:02 - 2019-06-22 11:02 - 000000000 _SHDL C:\Users\defaultuser0\Menú Inicio 2019-06-22 11:02 - 2019-06-22 11:02 - 000000000 _SHDL C:\Users\defaultuser0\Impresoras 2019-06-22 11:02 - 2019-06-22 11:02 - 000000000 _SHDL C:\Users\defaultuser0\Entorno de red 2019-06-22 11:02 - 2019-06-22 11:02 - 000000000 _SHDL C:\Users\defaultuser0\Documents\Mis vídeos 2019-06-22 11:02 - 2019-06-22 11:02 - 000000000 _SHDL C:\Users\defaultuser0\Documents\Mis imágenes 2019-06-22 11:02 - 2019-06-22 11:02 - 000000000 _SHDL C:\Users\defaultuser0\Documents\Mi música 2019-06-22 11:02 - 2019-06-22 11:02 - 000000000 _SHDL C:\Users\defaultuser0\Datos de programa 2019-06-22 11:02 - 2019-06-22 11:02 - 000000000 _SHDL C:\Users\defaultuser0\Configuración local 2019-06-22 11:02 - 2019-06-22 11:02 - 000000000 _SHDL C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programas 2019-06-22 11:02 - 2019-06-22 11:02 - 000000000 _SHDL C:\Users\defaultuser0\AppData\Local\Historial 2019-06-22 11:02 - 2019-06-22 11:02 - 000000000 _SHDL C:\Users\defaultuser0\AppData\Local\Datos de programa 2019-06-22 11:02 - 2019-06-22 11:02 - 000000000 _SHDL C:\Users\defaultuser0\AppData\Local\Archivos temporales de Internet 2019-06-22 11:02 - 2019-03-19 06:46 - 000001105 _____ C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2019-06-22 11:01 - 2019-06-22 11:02 - 000000000 ____D C:\WINDOWS\ServiceProfiles 2019-06-22 11:01 - 2019-06-22 11:01 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe 2019-06-22 11:01 - 2019-06-22 11:01 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer 2019-06-22 11:00 - 2019-06-22 11:00 - 000000000 ____D C:\Program Files\Reference Assemblies 2019-06-22 11:00 - 2019-06-22 11:00 - 000000000 ____D C:\Program Files\MSBuild 2019-06-22 11:00 - 2019-06-22 11:00 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies 2019-06-22 11:00 - 2019-06-22 11:00 - 000000000 ____D C:\Program Files (x86)\MSBuild 2019-06-22 11:00 - 2019-03-18 19:21 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\XPSSHHDR.dll 2019-06-22 11:00 - 2019-03-18 19:20 - 004470272 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe 2019-06-22 11:00 - 2019-03-18 19:16 - 000903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsFilt.dll 2019-06-22 11:00 - 2019-03-18 18:15 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XPSSHHDR.dll 2019-06-22 11:00 - 2019-03-18 18:09 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsFilt.dll 2019-06-22 11:00 - 2019-03-01 17:33 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml 2019-06-22 11:00 - 2019-03-01 17:31 - 001166488 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll 2019-06-22 11:00 - 2019-03-01 17:31 - 000124568 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll 2019-06-22 11:00 - 2019-03-01 17:31 - 000035592 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe 2019-06-22 11:00 - 2019-02-05 18:41 - 000778912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll 2019-06-22 11:00 - 2019-02-05 18:41 - 000103072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2019-06-22 11:00 - 2019-02-05 18:41 - 000035592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe 2019-06-22 11:00 - 2018-08-09 14:53 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml 2019-06-22 10:47 - 2019-06-22 10:47 - 000008192 _____ C:\WINDOWS\system32\config\userdiff 2019-06-22 10:32 - 2019-06-22 10:38 - 000000000 ____D C:\ESD 2019-06-22 10:31 - 2019-06-22 10:31 - 000000000 ___HD C:\$Windows.~WS 2019-06-22 09:01 - 2019-06-22 10:02 - 000000000 ____D C:\Users\jotak\AppData\Local\c3d3ba78-cce2-4b8c-b533-0858dd4d3aa5 2019-06-22 09:01 - 2019-06-22 09:01 - 000000000 ____D C:\SystemID 2019-06-22 09:01 - 2019-06-22 09:01 - 000000000 ____D C:\ProgramData\Pader 2019-06-22 09:01 - 2019-06-22 09:01 - 000000000 ____D C:\ProgramData\ecR0dl4pvAo7mUP 2019-06-22 09:00 - 2019-06-22 09:00 - 000000000 ____D C:\ProgramData\31D51F5UH1P8MEMNNHRCLDPUS 2019-06-22 08:59 - 2019-07-15 13:46 - 000000000 ___RD C:\ProgramData\cf4620d67a 2019-06-22 08:59 - 2019-06-22 10:03 - 000000000 ____D C:\Users\jotak\AppData\Roaming\Intel Rapid 2019-06-22 08:59 - 2019-06-22 08:59 - 000000000 ____D C:\ProgramData\9SQT8H4LUT76482K1IMFP2NKM 2019-06-22 08:59 - 2019-06-22 08:59 - 000000000 _____ C:\ProgramData\0 2019-06-22 08:58 - 2019-06-22 08:58 - 000000000 ____D C:\ProgramData\H23745R4QD6E0IFI3S02BSKK2 2019-06-21 13:19 - 2019-06-21 13:19 - 000003716 _____ C:\Users\jotak\Documents\1click.cmd 2019-06-21 12:04 - 2019-06-22 11:12 - 000000000 ____D C:\Users\jotak\AppData\Local\PackageStaging 2019-06-21 11:45 - 2019-06-22 10:50 - 001239728 _____ (Dirección General de la Policía) C:\WINDOWS\system32\DNIeCMx64.dll 2019-06-19 07:41 - 2019-06-22 11:08 - 000000000 ____D C:\Program Files\UNP ==================== One month (modified) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-07-18 19:26 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2019-07-18 19:26 - 2016-11-16 13:02 - 000000000 ____D C:\Users\jotak\AppData\LocalLow\Mozilla 2019-07-18 19:26 - 2016-11-11 10:19 - 000000000 ____D C:\ProgramData\NVIDIA 2019-07-18 19:24 - 2016-11-11 12:06 - 000000000 ____D C:\Users\jotak\AppData\Roaming\vlc 2019-07-17 12:37 - 2016-12-22 10:38 - 000000000 ____D C:\Users\jotak\AppData\Local\CaptureOne 2019-07-17 10:03 - 2017-11-08 07:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo 2019-07-17 10:02 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF 2019-07-17 10:02 - 2017-11-07 14:08 - 000000000 ____D C:\ProgramData\Ashampoo 2019-07-17 10:02 - 2016-12-27 10:12 - 000000000 ____D C:\Users\jotak\AppData\LocalLow\Temp 2019-07-17 09:35 - 2019-03-19 13:59 - 000788396 _____ C:\WINDOWS\system32\perfh00A.dat 2019-07-17 09:35 - 2019-03-19 13:59 - 000155686 _____ C:\WINDOWS\system32\perfc00A.dat 2019-07-17 09:28 - 2019-03-19 06:37 - 000262144 _____ C:\WINDOWS\system32\config\BBI 2019-07-17 09:26 - 2019-03-19 06:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2019-07-17 09:22 - 2017-04-20 08:53 - 000000744 _____ C:\Users\Public\Desktop\CCleaner.lnk 2019-07-15 13:38 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness 2019-07-15 13:38 - 2017-10-18 08:19 - 000000000 ____D C:\Users\jotak\AppData\Local\Packages 2019-07-15 13:37 - 2019-03-20 13:05 - 000000000 ____D C:\Program Files (x86)\TabletPlugins 2019-07-15 11:25 - 2019-03-01 12:25 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2019-07-14 19:55 - 2016-11-26 12:01 - 000001456 _____ C:\Users\jotak\AppData\Local\Adobe Guardar para Web 13.0 Prefs 2019-07-12 10:36 - 2019-03-01 12:25 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2019-07-09 12:35 - 2016-12-28 12:04 - 000000000 ____D C:\Users\jotak\AppData\Roaming\AIMP 2019-07-09 12:09 - 2017-03-03 20:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BQ USB driver 2019-07-09 12:08 - 2017-04-11 14:51 - 000000000 ____D C:\Users\jotak\AppData\Local\CrashDumps 2019-07-04 10:05 - 2018-05-01 10:12 - 000000000 ____D C:\Users\jotak\AppData\Local\D3DSCache 2019-06-30 19:29 - 2017-05-31 18:54 - 000000000 ____D C:\temp 2019-06-30 19:20 - 2017-04-12 10:14 - 000000000 ____D C:\Users\jotak\AppData\Roaming\audacity 2019-06-30 10:47 - 2016-11-12 11:54 - 000000000 ____D C:\Program Files\Tablet 2019-06-26 07:24 - 2016-11-11 10:28 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2019-06-25 08:03 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp 2019-06-23 08:35 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\appcompat 2019-06-22 14:24 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps 2019-06-22 12:46 - 2019-03-11 09:58 - 000000220 _____ C:\Users\jotak\Desktop\Google Keep.URL 2019-06-22 12:45 - 2019-03-11 09:51 - 000000262 _____ C:\Users\jotak\Desktop\Google Calendar.URL 2019-06-22 12:44 - 2019-04-23 08:58 - 000000136 _____ C:\Users\jotak\Desktop\Correo F. Javier Cala Piñero - Outlook.URL 2019-06-22 12:44 - 2019-03-11 09:51 - 000000135 _____ C:\Users\jotak\Desktop\Gmail -.URL 2019-06-22 12:18 - 2019-01-27 11:38 - 000000000 ____D C:\Users\jotak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader 2019-06-22 11:28 - 2019-03-19 06:52 - 000000000 ___RD C:\WINDOWS\PrintDialog 2019-06-22 11:12 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\Registration 2019-06-22 11:12 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\USOPrivate 2019-06-22 11:12 - 2017-10-18 08:23 - 000000000 ___RD C:\Users\jotak\3D Objects 2019-06-22 11:12 - 2016-11-11 10:22 - 000000000 __RHD C:\Users\Public\AccountPictures 2019-06-22 11:11 - 2019-03-19 06:52 - 000000000 __RSD C:\WINDOWS\Media 2019-06-22 11:11 - 2017-04-19 09:02 - 000023172 _____ C:\WINDOWS\system32\emptyregdb.dat 2019-06-22 11:09 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase 2019-06-22 11:09 - 2019-03-05 12:38 - 000000000 _____ C:\WINDOWS\system32\fpfftResultsFile.txt 2019-06-22 11:09 - 2017-04-21 10:41 - 000000000 ____D C:\WINDOWS\system32\DAX3 2019-06-22 11:09 - 2017-04-20 08:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2019-06-22 11:09 - 2017-04-19 08:58 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM 2019-06-22 11:09 - 2017-04-19 08:58 - 000000000 ____D C:\WINDOWS\system32\DAX2 2019-06-22 11:09 - 2017-04-19 08:58 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2019-06-22 11:09 - 2017-04-06 16:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ProShow Gold 2019-06-22 11:09 - 2016-11-12 11:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GeoSetter 2019-06-22 11:09 - 2016-11-12 10:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2019-06-22 11:09 - 2016-11-11 13:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Phase One 2019-06-22 11:09 - 2016-11-11 13:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HOLUX ezTour 2019-06-22 11:09 - 2016-11-11 13:09 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe 2019-06-22 11:09 - 2016-11-11 12:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nikon Message Center 2 2019-06-22 11:08 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2019-06-22 11:08 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated 2019-06-22 11:08 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\spool 2019-06-22 11:08 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Macromed 2019-06-22 11:08 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ServiceState 2019-06-22 11:08 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2019-06-22 11:08 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\Help 2019-06-22 11:08 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2019-06-22 11:08 - 2019-03-19 06:49 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template 2019-06-22 11:08 - 2017-04-19 08:58 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2019-06-22 11:08 - 2016-11-11 10:27 - 000000000 ____D C:\Program Files\Intel 2019-06-22 11:08 - 2016-07-16 13:47 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy 2019-06-22 11:07 - 2019-03-19 06:56 - 000000000 ____D C:\WINDOWS\Setup 2019-06-22 11:06 - 2019-03-19 06:37 - 000008192 _____ C:\WINDOWS\system32\config\ELAM 2019-06-22 11:03 - 2019-06-17 19:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2019-06-22 11:03 - 2019-06-07 12:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 6.2 2019-06-22 11:03 - 2019-05-11 12:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Imaging Edge 2019-06-22 11:03 - 2019-04-20 19:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Link to Nikon 2019-06-22 11:03 - 2019-03-31 11:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ONconnect 2019-06-22 11:03 - 2019-03-25 13:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2019-06-22 11:03 - 2019-03-24 11:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FNMT-RCM 2019-06-22 11:03 - 2019-03-20 13:05 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tableta Wacom 2019-06-22 11:03 - 2019-03-19 06:52 - 000000000 __RHD C:\Users\Public\Libraries 2019-06-22 11:03 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2019-06-22 11:03 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\NDF 2019-06-22 11:03 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\Resources 2019-06-22 11:03 - 2019-02-28 13:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VDownloader 2019-06-22 11:03 - 2019-02-24 10:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ProShow Producer 2019-06-22 11:03 - 2019-02-03 10:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Image Viewer 2019-06-22 11:03 - 2018-11-10 13:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management 2019-06-22 11:03 - 2018-09-11 09:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2019-06-22 11:03 - 2018-03-11 10:16 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation 2019-06-22 11:03 - 2017-12-15 21:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ViewNX-i 2019-06-22 11:03 - 2017-12-15 21:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nikon Transfer 2 2019-06-22 11:03 - 2017-08-23 17:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom 2019-06-22 11:03 - 2017-07-21 13:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picture Control Utility 2 2019-06-22 11:03 - 2017-07-21 13:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Capture NX-D 2019-06-22 11:03 - 2017-04-21 10:16 - 000000000 ____D C:\WINDOWS\SysWOW64\sda 2019-06-22 11:03 - 2017-04-19 08:58 - 000000000 ____D C:\Program Files\Realtek 2019-06-22 11:03 - 2016-12-06 10:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2019-06-22 11:03 - 2016-11-12 11:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pantone 2019-06-22 11:03 - 2016-11-11 13:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 2019-06-22 11:02 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\MsDtc 2019-06-22 11:02 - 2017-12-19 10:10 - 000000000 ____D C:\Users\jotak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Geotag Photos Pro 2019-06-22 11:02 - 2017-10-18 08:19 - 000000000 ____D C:\Users\defaultuser0\AppData\Local\Packages 2019-06-22 11:02 - 2016-12-06 10:36 - 000000000 ____D C:\Users\jotak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2019-06-22 11:01 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI 2019-06-22 11:01 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SystemResources 2019-06-22 11:01 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\setup 2019-06-22 11:01 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\MUI 2019-06-22 11:01 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2019-06-22 11:00 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV 2019-06-22 11:00 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT 2019-06-22 11:00 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE 2019-06-22 11:00 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX 2019-06-22 11:00 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\lv-LV 2019-06-22 11:00 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2019-06-22 11:00 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\et-EE 2019-06-22 11:00 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\es-MX 2019-06-22 09:54 - 2017-08-20 08:19 - 000000000 ____D C:\ProgramData\Malwarebytes 2019-06-22 09:54 - 2016-11-11 10:22 - 000000000 ____D C:\Users\jotak\AppData\Local\VirtualStore 2019-06-22 09:02 - 2018-05-26 12:48 - 000000000 ___HD C:\adobeTemp 2019-06-22 09:02 - 2018-01-06 12:13 - 000000000 ____D C:\adb 2019-06-22 09:02 - 2017-04-19 08:32 - 000000000 ___HD C:\$GetCurrent 2019-06-22 09:02 - 2017-03-02 09:51 - 000000000 ____D C:\Recovered Files 2019-06-22 09:00 - 2019-03-08 09:42 - 001246160 _____ (Mozilla Foundation) C:\ProgramData\nss3.dll 2019-06-22 09:00 - 2019-03-08 09:42 - 000440120 _____ (Microsoft Corporation) C:\ProgramData\msvcp140.dll 2019-06-22 09:00 - 2019-03-08 09:42 - 000334288 _____ (Mozilla Foundation) C:\ProgramData\freebl3.dll 2019-06-22 09:00 - 2019-03-08 09:42 - 000144848 _____ (Mozilla Foundation) C:\ProgramData\softokn3.dll 2019-06-22 09:00 - 2019-03-08 09:42 - 000137168 _____ (Mozilla Foundation) C:\ProgramData\mozglue.dll 2019-06-22 09:00 - 2019-03-08 09:42 - 000083784 _____ (Microsoft Corporation) C:\ProgramData\vcruntime140.dll 2019-06-21 12:46 - 2018-09-07 18:15 - 000000000 ____D C:\ProgramData\Corel 2019-06-21 12:46 - 2018-09-07 18:15 - 000000000 ____D C:\Program Files\Corel 2019-06-21 12:10 - 2016-11-11 13:07 - 000000000 ____D C:\ProgramData\Adobe 2019-06-21 12:01 - 2017-10-17 08:56 - 000000000 ____D C:\Users\jotak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Screamer Radio 2019-06-21 11:44 - 2019-03-23 10:02 - 000000000 ____D C:\Users\jotak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XiaoMiTool V2 2019-06-21 11:44 - 2016-11-15 12:40 - 000000000 ____D C:\Program Files\HP 2019-06-21 11:24 - 2018-12-23 10:31 - 000002465 _____ C:\WINDOWS\wininit.ini ==================== Files in the root of some directories ================ 2019-03-08 09:42 - 2019-06-22 09:00 - 000334288 _____ (Mozilla Foundation) C:\ProgramData\freebl3.dll 2019-03-08 09:42 - 2019-06-22 09:00 - 000137168 _____ (Mozilla Foundation) C:\ProgramData\mozglue.dll 2019-03-08 09:42 - 2019-06-22 09:00 - 000440120 _____ (Microsoft Corporation) C:\ProgramData\msvcp140.dll 2019-03-08 09:42 - 2019-06-22 09:00 - 001246160 _____ (Mozilla Foundation) C:\ProgramData\nss3.dll 2019-03-08 09:42 - 2019-06-22 09:00 - 000144848 _____ (Mozilla Foundation) C:\ProgramData\softokn3.dll 2019-03-08 09:42 - 2019-06-22 09:00 - 000083784 _____ (Microsoft Corporation) C:\ProgramData\vcruntime140.dll 2017-12-15 21:01 - 2017-12-15 21:01 - 000000268 ___RH () C:\Users\jotak\AppData\Roaming\Sound Effects 2017-12-15 21:01 - 2017-12-15 21:01 - 000000268 ___RH () C:\Users\jotak\AppData\Roaming\Soundtrack 2019-03-10 09:17 - 2019-03-10 09:17 - 000009274 _____ () C:\Users\jotak\AppData\Roaming\Microsoft\JAETOAY-MANUAL.txt 2016-11-26 12:01 - 2019-07-14 19:55 - 000001456 _____ () C:\Users\jotak\AppData\Local\Adobe Guardar para Web 13.0 Prefs 2017-04-15 10:21 - 2017-04-15 10:39 - 000019714 _____ () C:\Users\jotak\AppData\Local\digikamrc 2019-03-24 11:09 - 2019-03-24 11:09 - 000535552 _____ (Dirección General de la Policía) C:\Users\jotak\AppData\Local\DNIeService.exe 2019-03-01 12:13 - 2019-03-01 12:13 - 000140800 _____ () C:\Users\jotak\AppData\Local\installer.dat 2018-03-09 14:19 - 2018-03-09 14:19 - 000000001 _____ () C:\Users\jotak\AppData\Local\llftool.4.40.agreement 2019-06-22 11:19 - 2019-06-22 11:19 - 000000000 _____ () C:\Users\jotak\AppData\Local\oobelibMkey.log 2017-12-21 13:18 - 2017-12-21 13:18 - 000000218 _____ () C:\Users\jotak\AppData\Local\recently-used.xbel 2017-10-07 07:32 - 2017-10-07 07:32 - 000007637 _____ () C:\Users\jotak\AppData\Local\Resmon.ResmonCfg 2019-03-01 12:13 - 2019-03-01 12:17 - 000722944 _____ () C:\Users\jotak\AppData\Local\sha.db ==================== SigCheck =============================== (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ============================