Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-04-2020 Ran by Gianna Catalina (administrator) on DESKTOP-DUJPFU4 (Hewlett-Packard HP 450 Notebook PC) (28-04-2020 12:51:42) Running from C:\Users\Gianna Catalina\Desktop Loaded Profiles: Gianna Catalina (Available Profiles: Gianna Catalina) Platform: Windows 10 Pro 10240.16384 (X64) Language: Inglés (Estados Unidos) Default browser: Chrome Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Andrea Electronics -> Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation -> Microsoft Corporation) C:\Users\Gianna Catalina\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Professional 8\PdfPro8Hook.exe (Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Professional 8\PDFProFiltSrv.exe (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe <2> (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2> (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954352 2020-04-25] (Synaptics Incorporated -> Synaptics Incorporated) HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2068856 2011-10-12] (Flexera Software LLC -> Flexera Software LLC.) HKLM-x32\...\Run: [PDF8 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Professional 8\RegistryController.exe [178576 2012-10-23] (Nuance Communications, Inc. -> Nuance Communications, Inc.) HKLM-x32\...\Run: [PDFProHook] => C:\Program Files (x86)\Nuance\PDF Professional 8\pdfpro8hook.exe [2013072 2012-10-23] (Nuance Communications, Inc. -> Nuance Communications, Inc.) HKLM-x32\...\Run: [Nuance PDF Converter Professional 8-reminder] => C:\Program Files (x86)\Nuance\PDF Professional 8\Ereg\Ereg.exe [333712 2012-10-11] (Nuance Communications, Inc. -> Nuance Communications, Inc.) HKU\S-1-5-21-2553645042-3655948027-308666166-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22245560 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-2553645042-3655948027-308666166-1001\...\MountPoints2: {6c45d94e-8956-11ea-9bd2-20689d53f355} - "D:\HiSuiteDownLoader.exe" HKLM\Software\...\Authentication\Credential Providers: [{8AF662BF-65A0-4D0A-A540-A338A999D36F}] -> C:\WINDOWS\system32\FaceCredentialProvider.dll [2015-07-10] (Microsoft Windows -> ) HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> C:\WINDOWS\system32\FaceCredentialProvider.dll [2015-07-10] (Microsoft Windows -> ) ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0FA3D55E-11BF-4FAF-8D10-7B28ADADD960} - System32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-DUJPFU4-Gianna Catalina DESKTOP-DUJPFU4 => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [469640 2012-10-01] (Microsoft Corporation -> Microsoft Corporation) Task: {154B9A5F-AFE9-4DC0-AA8F-AF0C5147C606} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation) Task: {3F6E048D-6404-433B-8F5F-CFF4D89BF89E} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\rundll32.exe generaltel.dll,RunTelemetryW Task: {5B33A45D-8C46-499C-9D33-6DF1931CC3B5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-25] (Google LLC -> Google LLC) Task: {798DFB7E-E9DB-4334-B3C3-6776B69846FD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-25] (Google LLC -> Google LLC) Task: {7D7F7F6F-EC8A-47FD-9613-51833950B402} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8505088 2020-04-25] (Realtek Semiconductor Corp -> Realtek Semiconductor) Task: {983BB5A3-A0F0-48F1-A533-6B8C14C6A9E8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18227896 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd) Task: {A62BD0C4-6168-480F-87F2-794D3C5F9BE0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation) Task: {BB206799-9ACA-49A6-8FE5-2D5878428BB8} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd) Task: {C468F91E-22E7-4E43-9EAB-5E4F60E987C3} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1642672 2012-10-01] (Microsoft Corporation -> Microsoft Corporation) Task: {FB83A3C4-86E4-4081-BD69-594179F65572} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2020-04-25] (Realtek Semiconductor Corp -> Realtek Semiconductor) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{b393e093-5162-4b04-a6f5-1ce130b01cdb}: [DhcpNameServer] 192.168.0.1 Internet Explorer: ================== BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Professional 8\Bin\PlusIEContextMenu.dll [2012-07-19] (Zeon Corporation -> Zeon Corporation) [File not signed] BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Gaaiho PDF Conversion Toolbar Helper -> {C7DA0384-42AA-428c-B832-88AC343DE1A8} -> C:\Program Files (x86)\Nuance\PDF Professional 8\bin\GZeonIEFavClient.dll [2012-07-27] (Zeon Corporation -> Zeon Corporation) [File not signed] BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation) Toolbar: HKLM-x32 - Nuance PDF - {BCCE15AE-AC7E-4bc9-94AF-2A714A412BCB} - C:\Program Files (x86)\Nuance\PDF Professional 8\bin\GZeonIEFavClient.dll [2012-07-27] (Zeon Corporation -> Zeon Corporation) [File not signed] Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation) Edge: ====== Edge HomeButtonPage: HKU\S-1-5-21-2553645042-3655948027-308666166-1001 -> hxxp://www.google.com.pe/ FireFox: ======== FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Professional 8\bin\nppdf.dll [2012-07-31] (Zeon Corporation -> Zeon Corporation) [File not signed] FF Plugin HKU\S-1-5-21-2553645042-3655948027-308666166-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\Gianna Catalina\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-04-26] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) Chrome: ======= CHR Profile: C:\Users\Gianna Catalina\AppData\Local\Google\Chrome\User Data\Default [2020-04-28] CHR StartupUrls: Default -> "hxxp://www.google.com.pe/" CHR Extension: (Presentaciones) - C:\Users\Gianna Catalina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-04-25] CHR Extension: (Documentos) - C:\Users\Gianna Catalina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-04-25] CHR Extension: (Google Drive) - C:\Users\Gianna Catalina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-04-25] CHR Extension: (YouTube) - C:\Users\Gianna Catalina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-04-25] CHR Extension: (Hojas de cálculo) - C:\Users\Gianna Catalina\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-04-25] CHR Extension: (Documentos de Google sin conexión) - C:\Users\Gianna Catalina\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-25] CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Gianna Catalina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-04-25] CHR Extension: (Gmail) - C:\Users\Gianna Catalina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-04-25] CHR Extension: (Chrome Media Router) - C:\Users\Gianna Catalina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-25] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11600776 2020-04-02] (Microsoft Corporation -> Microsoft Corporation) S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-04-25] (Malwarebytes Inc -> Malwarebytes) R2 PDFProFiltSrv; C:\Program Files (x86)\Nuance\PDF Professional 8\PDFProFiltSrv.exe [135056 2012-10-23] (Nuance Communications, Inc. -> Nuance Communications, Inc.) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [303360 2020-04-25] (Realtek Semiconductor Corp -> Realtek Semiconductor) R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [253960 2020-04-25] (Synaptics Incorporated -> Synaptics Incorporated) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation -> Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation -> Microsoft Corporation) ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 athr; C:\WINDOWS\System32\drivers\athw8x.sys [4207104 2015-07-10] (Microsoft Windows -> Qualcomm Atheros Communications, Inc.) S3 bcmfn2; C:\WINDOWS\System32\drivers\bcmfn2.sys [17624 2015-07-10] (Broadcom Corporation -> Windows (R) Win 7 DDK provider) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-04-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) S3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [310528 2020-04-25] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [587264 2015-07-10] (Microsoft Windows -> Realtek ) R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [52904 2020-04-25] (Synaptics Incorporated -> Synaptics Incorporated) S3 UdeCx; C:\WINDOWS\System32\drivers\udecx.sys [44032 2015-07-10] (Microsoft Windows -> ) S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Windows -> Microsoft Corporation) R2 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) =================== (If an entry is included in the fixlist, the file/folder will be moved.) 2020-04-28 12:51 - 2020-04-28 12:54 - 000015342 _____ C:\Users\Gianna Catalina\Desktop\FRST.txt 2020-04-28 12:08 - 2020-04-28 12:08 - 000016148 _____ C:\WINDOWS\system32\DESKTOP-DUJPFU4_Gianna Catalina_HistoryPrediction.bin 2020-04-28 11:01 - 2020-04-28 11:01 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2020-04-28 09:08 - 2020-04-26 15:54 - 002283008 _____ (Farbar) C:\Users\Gianna Catalina\Desktop\FRST64.exe 2020-04-28 08:41 - 2020-04-28 08:41 - 000012152 _____ C:\Users\Gianna Catalina\Documents\cc_20200428_084118.reg 2020-04-26 23:17 - 2020-04-28 08:01 - 000776126 _____ C:\WINDOWS\system32\perfh00A.dat 2020-04-26 23:17 - 2020-04-28 08:01 - 000149056 _____ C:\WINDOWS\system32\perfc00A.dat 2020-04-26 23:17 - 2020-04-26 23:15 - 000346516 _____ C:\WINDOWS\system32\perfi00A.dat 2020-04-26 23:17 - 2020-04-26 23:15 - 000043804 _____ C:\WINDOWS\system32\perfd00A.dat 2020-04-26 23:16 - 2020-04-26 23:16 - 000000000 ____D C:\WINDOWS\SysWOW64\es 2020-04-26 23:16 - 2020-04-26 23:16 - 000000000 ____D C:\WINDOWS\system32\es 2020-04-26 22:53 - 2020-04-26 22:53 - 000000000 ____D C:\Users\Gianna Catalina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom 2020-04-26 22:50 - 2020-04-26 22:54 - 000000000 ____D C:\Users\Gianna Catalina\AppData\Roaming\Zoom 2020-04-26 21:41 - 2020-04-26 21:41 - 000000000 ____D C:\Users\Gianna Catalina\Documents\Plantillas personalizadas de Office 2020-04-26 21:25 - 2020-04-26 21:25 - 000000000 ____D C:\Program Files\Microsoft Office 15 2020-04-26 21:19 - 2020-04-26 21:20 - 005570848 _____ (Microsoft Corporation) C:\Users\Gianna Catalina\Downloads\Setup.Def.es-es_O365ProPlusRetail_01c691da-c13e-45b3-b6a1-d40127b56387_TX_PR_Platform_def_b_64_.exe 2020-04-26 21:11 - 2020-04-26 21:11 - 000000000 ____D C:\Users\Gianna Catalina\AppData\Roaming\Nuance 2020-04-26 20:58 - 2020-04-26 20:58 - 000000000 ____D C:\WINDOWS\ERUNT 2020-04-26 19:24 - 2020-04-28 12:53 - 000000000 ____D C:\FRST 2020-04-26 18:28 - 2020-04-26 18:28 - 000000000 ____D C:\Users\Gianna Catalina\AppData\Local\NetworkTiles 2020-04-26 15:28 - 2020-04-27 09:57 - 000000000 ____D C:\Users\Gianna Catalina\AppData\Local\CrashDumps 2020-04-26 15:15 - 2020-04-26 15:15 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2020-04-26 15:05 - 2020-04-26 15:05 - 000000000 ____D C:\Users\Gianna Catalina\AppData\Local\PeerDistRepub 2020-04-26 07:54 - 2020-04-26 07:54 - 000002627 _____ C:\Users\Gianna Catalina\Documents\ZHP report2.txt 2020-04-26 07:51 - 2020-04-26 07:51 - 000009822 _____ C:\Users\Gianna Catalina\Documents\ZHP report.txt 2020-04-26 07:38 - 2020-04-27 15:03 - 000005362 _____ C:\WINDOWS\system32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-DUJPFU4-Gianna Catalina DESKTOP-DUJPFU4 2020-04-26 07:33 - 2020-04-26 07:34 - 000000000 ____D C:\AdwCleaner 2020-04-26 07:27 - 2020-04-26 07:28 - 000003332 _____ C:\Users\Gianna Catalina\Documents\cc_20200426_072753.reg 2020-04-26 00:20 - 2020-04-26 00:20 - 000000000 _____ C:\WINDOWS\system32\last.dump 2020-04-25 23:51 - 2020-04-25 23:51 - 000000000 ____D C:\Users\Gianna Catalina\AppData\Local\CEF 2020-04-25 23:48 - 2020-04-25 23:48 - 000000000 ____D C:\Users\Gianna Catalina\AppData\Local\Avg 2020-04-25 23:12 - 2020-04-25 23:12 - 000031534 _____ C:\Users\Gianna Catalina\Documents\cc_20200425_231211.reg 2020-04-25 23:05 - 2020-04-25 23:05 - 000000000 ____D C:\Users\Gianna Catalina\AppData\Local\mbam 2020-04-25 23:04 - 2020-04-25 23:04 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2020-04-25 23:04 - 2020-04-25 23:04 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2020-04-25 23:04 - 2020-04-25 23:04 - 000002021 _____ C:\ProgramData\Desktop\Malwarebytes.lnk 2020-04-25 23:04 - 2020-04-25 23:04 - 000000000 ____D C:\Users\Gianna Catalina\AppData\Local\mbamtray 2020-04-25 23:03 - 2020-04-25 23:03 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2020-04-25 23:03 - 2020-04-25 23:03 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2020-04-25 23:03 - 2020-04-25 23:03 - 000000000 ____D C:\ProgramData\Malwarebytes 2020-04-25 23:01 - 2020-04-26 23:20 - 000000000 ____D C:\ProgramData\AVG 2020-04-25 22:59 - 2020-04-26 07:24 - 000000000 ____D C:\Program Files\CCleaner 2020-04-25 22:59 - 2020-04-25 22:59 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2020-04-25 22:59 - 2020-04-25 22:59 - 000002908 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC 2020-04-25 22:59 - 2020-04-25 22:59 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk 2020-04-25 22:59 - 2020-04-25 22:59 - 000000863 _____ C:\ProgramData\Desktop\CCleaner.lnk 2020-04-25 22:59 - 2020-04-25 22:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2020-04-25 22:58 - 2020-04-28 08:58 - 000000000 ____D C:\Users\Gianna Catalina\AppData\Roaming\ZHP 2020-04-25 22:58 - 2020-04-25 22:58 - 000000000 ____D C:\Users\Gianna Catalina\AppData\Local\ZHP 2020-04-25 22:49 - 2020-04-25 22:49 - 000000000 ____D C:\Program Files\Malwarebytes 2020-04-25 22:25 - 2020-04-25 22:28 - 000662140 _____ C:\TDSSKiller.3.1.0.28_25.04.2020_22.25.34_log.txt 2020-04-25 22:22 - 2020-04-25 22:23 - 000005028 _____ C:\TDSSKiller.3.1.0.28_25.04.2020_22.22.52_log.txt 2020-04-25 17:52 - 2020-04-25 17:52 - 000003224 _____ C:\WINDOWS\system32\Tasks\RtHDVBg 2020-04-25 17:52 - 2020-04-25 17:52 - 000003196 _____ C:\WINDOWS\system32\Tasks\RTKCPL 2020-04-25 17:52 - 2020-04-25 17:52 - 000000000 ____D C:\WINDOWS\system32\SRSLabs 2020-04-25 17:51 - 2020-04-25 17:51 - 004515584 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys 2020-04-25 17:51 - 2020-04-25 17:51 - 003271912 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll 2020-04-25 17:51 - 2020-04-25 17:51 - 002926848 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll 2020-04-25 17:51 - 2020-04-25 17:51 - 002897741 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT 2020-04-25 17:51 - 2020-04-25 17:51 - 002711296 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl 2020-04-25 17:51 - 2020-04-25 17:51 - 001435144 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll 2020-04-25 17:51 - 2020-04-25 17:51 - 001331336 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll 2020-04-25 17:51 - 2020-04-25 17:51 - 001122648 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\slcnt64.dll 2020-04-25 17:51 - 2020-04-25 17:51 - 000961024 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll 2020-04-25 17:51 - 2020-04-25 17:51 - 000749776 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll 2020-04-25 17:51 - 2020-04-25 17:51 - 000645464 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll 2020-04-25 17:51 - 2020-04-25 17:51 - 000532384 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll 2020-04-25 17:51 - 2020-04-25 17:51 - 000467160 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll 2020-04-25 17:51 - 2020-04-25 17:51 - 000387320 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll 2020-04-25 17:51 - 2020-04-25 17:51 - 000381416 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll 2020-04-25 17:51 - 2020-04-25 17:51 - 000343712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll 2020-04-25 17:51 - 2020-04-25 17:51 - 000341160 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll 2020-04-25 17:51 - 2020-04-25 17:51 - 000259288 _____ (TODO: ) C:\WINDOWS\system32\slprp64.dll 2020-04-25 17:51 - 2020-04-25 17:51 - 000214840 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll 2020-04-25 17:51 - 2020-04-25 17:51 - 000195184 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll 2020-04-25 17:51 - 2020-04-25 17:51 - 000166208 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll 2020-04-25 17:51 - 2020-04-25 17:51 - 000110992 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll 2020-04-25 17:51 - 2020-04-25 17:51 - 000088352 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll 2020-04-25 17:51 - 2020-04-25 17:51 - 000023704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll 2020-04-25 17:51 - 2020-04-25 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM 2020-04-25 17:51 - 2020-04-25 17:51 - 000000000 ____D C:\Program Files\Realtek 2020-04-25 17:50 - 2020-04-25 17:50 - 072121872 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat 2020-04-25 17:50 - 2020-04-25 17:50 - 002966144 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll 2020-04-25 17:50 - 2020-04-25 17:50 - 001757440 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll 2020-04-25 17:50 - 2020-04-25 17:50 - 001599792 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APO.dll 2020-04-25 17:50 - 2020-04-25 17:50 - 000574248 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll 2020-04-25 17:50 - 2020-04-25 17:50 - 000321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll 2020-04-25 17:50 - 2020-04-25 17:50 - 000321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll 2020-04-25 17:50 - 2020-04-25 17:50 - 000122328 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll 2020-04-25 17:50 - 2020-04-25 17:50 - 000118600 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll 2020-04-25 17:30 - 2020-04-25 17:30 - 000000000 ____D C:\Users\Gianna Catalina\AppData\Roaming\Synaptics 2020-04-25 17:30 - 2020-04-25 17:30 - 000000000 ____D C:\ProgramData\Synaptics 2020-04-25 17:15 - 2020-04-25 17:15 - 000000000 ____D C:\Program Files (x86)\Intel 2020-04-25 17:13 - 2020-04-25 17:13 - 013182528 _____ (Intel Corporation) C:\WINDOWS\system32\igd10umd64.dll 2020-04-25 17:13 - 2020-04-25 17:13 - 013046920 _____ (Intel Corporation) C:\WINDOWS\system32\ig4icd64.dll 2020-04-25 17:13 - 2020-04-25 17:13 - 012935296 _____ (Intel Corporation) C:\WINDOWS\system32\igdumd64.dll 2020-04-25 17:13 - 2020-04-25 17:13 - 011460448 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10umd32.dll 2020-04-25 17:13 - 2020-04-25 17:13 - 011330576 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumd32.dll 2020-04-25 17:13 - 2020-04-25 17:13 - 010829448 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig4icd32.dll 2020-04-25 17:13 - 2020-04-25 17:13 - 009025672 _____ (Intel Corporation) C:\WINDOWS\system32\igfxress.dll 2020-04-25 17:13 - 2020-04-25 17:13 - 005925984 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUI.exe 2020-04-25 17:13 - 2020-04-25 17:13 - 005382856 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys 2020-04-25 17:13 - 2020-04-25 17:13 - 003529352 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll 2020-04-25 17:13 - 2020-04-25 17:13 - 003139208 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll 2020-04-25 17:13 - 2020-04-25 17:13 - 001981696 _____ C:\WINDOWS\system32\iglhxa64.cpa 2020-04-25 17:13 - 2020-04-25 17:13 - 001086408 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll 2020-04-25 17:13 - 2020-04-25 17:13 - 000975184 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll 2020-04-25 17:13 - 2020-04-25 17:13 - 000963452 _____ C:\WINDOWS\SysWOW64\igcodeckrng600.bin 2020-04-25 17:13 - 2020-04-25 17:13 - 000963452 _____ C:\WINDOWS\system32\igcodeckrng600.bin 2020-04-25 17:13 - 2020-04-25 17:13 - 000593544 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll 2020-04-25 17:13 - 2020-04-25 17:13 - 000560776 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll 2020-04-25 17:13 - 2020-04-25 17:13 - 000558728 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll 2020-04-25 17:13 - 2020-04-25 17:13 - 000553424 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll 2020-04-25 17:13 - 2020-04-25 17:13 - 000536672 _____ (Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe 2020-04-25 17:13 - 2020-04-25 17:13 - 000463960 _____ (Intel Corporation) C:\WINDOWS\system32\igfxpers.exe 2020-04-25 17:13 - 2020-04-25 17:13 - 000460936 _____ (Intel Corporation) C:\WINDOWS\system32\igfxdev.dll 2020-04-25 17:13 - 2020-04-25 17:13 - 000458376 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrell.lrc 2020-04-25 17:13 - 2020-04-25 17:13 - 000457864 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrfra.lrc 2020-04-25 17:13 - 2020-04-25 17:13 - 000457864 _____ (Intel Corporation) C:\WINDOWS\system32\igfxresn.lrc 2020-04-25 17:13 - 2020-04-25 17:13 - 000457352 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrrus.lrc 2020-04-25 17:13 - 2020-04-25 17:13 - 000457344 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrrom.lrc 2020-04-25 17:13 - 2020-04-25 17:13 - 000456840 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrsky.lrc 2020-04-25 17:13 - 2020-04-25 17:13 - 000456840 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrptg.lrc 2020-04-25 17:13 - 2020-04-25 17:13 - 000456840 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrplk.lrc 2020-04-25 17:13 - 2020-04-25 17:13 - 000456840 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrnld.lrc 2020-04-25 17:13 - 2020-04-25 17:13 - 000456840 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrita.lrc 2020-04-25 17:13 - 2020-04-25 17:13 - 000456840 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrhrv.lrc 2020-04-25 17:13 - 2020-04-25 17:13 - 000456840 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrdeu.lrc 2020-04-25 17:13 - 2020-04-25 17:13 - 000456328 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrhun.lrc 2020-04-25 17:13 - 2020-04-25 17:13 - 000456328 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrfin.lrc 2020-04-25 17:13 - 2020-04-25 17:13 - 000456328 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrcsy.lrc 2020-04-25 17:13 - 2020-04-25 17:13 - 000455816 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrsve.lrc 2020-04-25 17:13 - 2020-04-25 17:13 - 000455816 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrslv.lrc 2020-04-25 17:13 - 2020-04-25 17:13 - 000455816 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrptb.lrc 2020-04-25 17:13 - 2020-04-25 17:13 - 000455816 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrnor.lrc 2020-04-25 17:13 - 2020-04-25 17:13 - 000455808 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrtrk.lrc 2020-04-25 17:13 - 2020-04-25 17:13 - 000455304 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrtha.lrc 2020-04-25 17:13 - 2020-04-25 17:13 - 000455304 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrdan.lrc 2020-04-25 17:13 - 2020-04-25 17:13 - 000453768 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrheb.lrc 2020-04-25 17:13 - 2020-04-25 17:13 - 000453768 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrara.lrc 2020-04-25 17:13 - 2020-04-25 17:13 - 000450184 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrjpn.lrc 2020-04-25 17:13 - 2020-04-25 17:13 - 000449160 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrkor.lrc 2020-04-25 17:13 - 2020-04-25 17:13 - 000447112 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrcht.lrc 2020-04-25 17:13 - 2020-04-25 17:13 - 000446600 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrchs.lrc 2020-04-25 17:13 - 2020-04-25 17:13 - 000428680 _____ (Intel Corporation) C:\WINDOWS\system32\igfxTMM.dll 2020-04-25 17:13 - 2020-04-25 17:13 - 000420960 _____ (Intel Corporation) C:\WINDOWS\system32\hkcmd.exe 2020-04-25 17:13 - 2020-04-25 17:13 - 000402568 _____ (Intel Corporation) C:\WINDOWS\system32\igfxpph.dll 2020-04-25 17:13 - 2020-04-25 17:13 - 000348808 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxdv32.dll 2020-04-25 17:13 - 2020-04-25 17:13 - 000304264 _____ (Intel Corporation) C:\WINDOWS\system32\igfxrenu.lrc 2020-04-25 17:13 - 2020-04-25 17:13 - 000300128 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe 2020-04-25 17:13 - 2020-04-25 17:13 - 000276064 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe 2020-04-25 17:13 - 2020-04-25 17:13 - 000272928 _____ C:\WINDOWS\SysWOW64\igvpkrng600.bin 2020-04-25 17:13 - 2020-04-25 17:13 - 000272928 _____ C:\WINDOWS\system32\igvpkrng600.bin 2020-04-25 17:13 - 2020-04-25 17:13 - 000242800 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll 2020-04-25 17:13 - 2020-04-25 17:13 - 000223664 _____ C:\WINDOWS\system32\Gfxres.th-TH.resources 2020-04-25 17:13 - 2020-04-25 17:13 - 000210106 _____ C:\WINDOWS\system32\Gfxres.el-GR.resources 2020-04-25 17:13 - 2020-04-25 17:13 - 000206944 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe 2020-04-25 17:13 - 2020-04-25 17:13 - 000206000 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll 2020-04-25 17:13 - 2020-04-25 17:13 - 000194245 _____ C:\WINDOWS\system32\Gfxres.ru-RU.resources 2020-04-25 17:13 - 2020-04-25 17:13 - 000193160 _____ (Intel Corporation) C:\WINDOWS\system32\gfxSrvc.dll 2020-04-25 17:13 - 2020-04-25 17:13 - 000193112 _____ (Intel Corporation) C:\WINDOWS\system32\igfxtray.exe 2020-04-25 17:13 - 2020-04-25 17:13 - 000166170 _____ C:\WINDOWS\system32\Gfxres.ar-SA.resources 2020-04-25 17:13 - 2020-04-25 17:13 - 000163421 _____ C:\WINDOWS\system32\Gfxres.ja-JP.resources 2020-04-25 17:13 - 2020-04-25 17:13 - 000160392 _____ (Intel Corporation) C:\WINDOWS\system32\igfxdo.dll 2020-04-25 17:13 - 2020-04-25 17:13 - 000159008 _____ C:\WINDOWS\system32\Gfxres.he-IL.resources 2020-04-25 17:13 - 2020-04-25 17:13 - 000149682 _____ C:\WINDOWS\system32\Gfxres.it-IT.resources 2020-04-25 17:13 - 2020-04-25 17:13 - 000148042 _____ C:\WINDOWS\system32\Gfxres.ko-KR.resources 2020-04-25 17:13 - 2020-04-25 17:13 - 000147393 _____ C:\WINDOWS\system32\Gfxres.de-DE.resources 2020-04-25 17:13 - 2020-04-25 17:13 - 000147288 _____ C:\WINDOWS\system32\Gfxres.es-ES.resources 2020-04-25 17:13 - 2020-04-25 17:13 - 000146004 _____ C:\WINDOWS\system32\Gfxres.ro-RO.resources 2020-04-25 17:13 - 2020-04-25 17:13 - 000145491 _____ C:\WINDOWS\system32\Gfxres.fr-FR.resources 2020-04-25 17:13 - 2020-04-25 17:13 - 000145032 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcpl.cpl 2020-04-25 17:13 - 2020-04-25 17:13 - 000144645 _____ C:\WINDOWS\system32\Gfxres.tr-TR.resources 2020-04-25 17:13 - 2020-04-25 17:13 - 000144260 _____ C:\WINDOWS\system32\Gfxres.pt-BR.resources 2020-04-25 17:13 - 2020-04-25 17:13 - 000144020 _____ C:\WINDOWS\system32\Gfxres.nl-NL.resources 2020-04-25 17:13 - 2020-04-25 17:13 - 000143932 _____ C:\WINDOWS\system32\Gfxres.hu-HU.resources 2020-04-25 17:13 - 2020-04-25 17:13 - 000142882 _____ C:\WINDOWS\system32\Gfxres.sv-SE.resources 2020-04-25 17:13 - 2020-04-25 17:13 - 000142877 _____ C:\WINDOWS\system32\Gfxres.pt-PT.resources 2020-04-25 17:13 - 2020-04-25 17:13 - 000142717 _____ C:\WINDOWS\system32\Gfxres.pl-PL.resources 2020-04-25 17:13 - 2020-04-25 17:13 - 000142289 _____ C:\WINDOWS\system32\Gfxres.cs-CZ.resources 2020-04-25 17:13 - 2020-04-25 17:13 - 000142008 _____ C:\WINDOWS\system32\Gfxres.fi-FI.resources 2020-04-25 17:13 - 2020-04-25 17:13 - 000141838 _____ C:\WINDOWS\system32\Gfxres.sk-SK.resources 2020-04-25 17:13 - 2020-04-25 17:13 - 000141049 _____ C:\WINDOWS\system32\Gfxres.hr-HR.resources 2020-04-25 17:13 - 2020-04-25 17:13 - 000137889 _____ C:\WINDOWS\system32\Gfxres.sl-SI.resources 2020-04-25 17:13 - 2020-04-25 17:13 - 000137784 _____ C:\WINDOWS\system32\Gfxres.nb-NO.resources 2020-04-25 17:13 - 2020-04-25 17:13 - 000137141 _____ C:\WINDOWS\system32\Gfxres.da-DK.resources 2020-04-25 17:13 - 2020-04-25 17:13 - 000134280 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4459.dll 2020-04-25 17:13 - 2020-04-25 17:13 - 000132623 _____ C:\WINDOWS\system32\Gfxres.en-US.resources 2020-04-25 17:13 - 2020-04-25 17:13 - 000128648 _____ (Intel Corporation) C:\WINDOWS\system32\hccutils.dll 2020-04-25 17:13 - 2020-04-25 17:13 - 000126300 _____ C:\WINDOWS\system32\Gfxres.zh-TW.resources 2020-04-25 17:13 - 2020-04-25 17:13 - 000124650 _____ C:\WINDOWS\system32\Gfxres.zh-CN.resources 2020-04-25 17:13 - 2020-04-25 17:13 - 000119432 _____ C:\WINDOWS\system32\igdde64.dll 2020-04-25 17:13 - 2020-04-25 17:13 - 000112264 _____ C:\WINDOWS\system32\IccLibDll_x64.dll 2020-04-25 17:13 - 2020-04-25 17:13 - 000099464 _____ C:\WINDOWS\SysWOW64\igdde32.dll 2020-04-25 17:13 - 2020-04-25 17:13 - 000082056 _____ (Intel Corporation) C:\WINDOWS\system32\igfxsrvc.dll 2020-04-25 17:13 - 2020-04-25 17:13 - 000059425 _____ C:\WINDOWS\system32\iglhxo64.vp 2020-04-25 17:13 - 2020-04-25 17:13 - 000059398 _____ C:\WINDOWS\system32\iglhxg64.vp 2020-04-25 17:13 - 2020-04-25 17:13 - 000059230 _____ C:\WINDOWS\system32\iglhxc64.vp 2020-04-25 17:13 - 2020-04-25 17:13 - 000059104 _____ C:\WINDOWS\system32\iglhxc64_dev.vp 2020-04-25 17:13 - 2020-04-25 17:13 - 000058796 _____ C:\WINDOWS\system32\iglhxg64_dev.vp 2020-04-25 17:13 - 2020-04-25 17:13 - 000058109 _____ C:\WINDOWS\system32\iglhxo64_dev.vp 2020-04-25 17:13 - 2020-04-25 17:13 - 000051184 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll 2020-04-25 17:13 - 2020-04-25 17:13 - 000043144 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll 2020-04-25 17:13 - 2020-04-25 17:13 - 000027784 _____ ( ) C:\WINDOWS\system32\IGFXDEVLib.dll 2020-04-25 17:13 - 2020-04-25 17:13 - 000017086 _____ C:\WINDOWS\system32\iglhxs64.vp 2020-04-25 17:13 - 2020-04-25 17:13 - 000001074 _____ C:\WINDOWS\system32\iglhxa64.vp 2020-04-25 17:13 - 2020-04-25 17:13 - 000000268 _____ C:\WINDOWS\system32\GfxUI.exe.config 2020-04-25 17:00 - 2020-04-25 17:00 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf 2020-04-25 17:00 - 2020-04-25 17:00 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf 2020-04-25 17:00 - 2020-04-25 17:00 - 000000000 ____D C:\Program Files\Synaptics 2020-04-25 17:00 - 2020-04-25 16:59 - 000052904 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel.sys 2020-04-25 16:59 - 2020-04-25 16:59 - 001814912 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01011.dll 2020-04-25 16:59 - 2020-04-25 16:59 - 000772104 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynCOM.dll 2020-04-25 16:59 - 2020-04-25 16:59 - 000622784 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\SynTP.sys 2020-04-25 16:59 - 2020-04-25 16:59 - 000430248 _____ (Synaptics Incorporated) C:\WINDOWS\SysWOW64\SynCom.dll 2020-04-25 16:59 - 2020-04-25 16:59 - 000274968 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPAPI.dll 2020-04-25 16:59 - 2020-04-25 16:59 - 000267440 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPCo31-1.dll 2020-04-25 16:59 - 2020-04-25 16:59 - 000052904 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel_Aux.sys 2020-04-25 16:59 - 2020-04-25 16:59 - 000052392 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_AMDASF_Aux.sys 2020-04-25 16:11 - 2020-04-28 07:38 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2020-04-25 16:11 - 2020-04-28 07:38 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2020-04-25 16:11 - 2020-04-28 07:38 - 000002260 _____ C:\ProgramData\Desktop\Google Chrome.lnk 2020-04-25 16:05 - 2015-07-09 20:37 - 009565696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData000a.dll 2020-04-25 16:05 - 2015-07-09 20:36 - 009893888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons000a.dll 2020-04-25 16:05 - 2015-07-09 20:26 - 009687040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData000a.dll 2020-04-25 16:05 - 2015-07-09 20:25 - 009893888 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons000a.dll 2020-04-25 16:03 - 2020-04-25 16:05 - 000000000 ____D C:\Users\Gianna Catalina\AppData\Local\Comms 2020-04-25 15:55 - 2020-04-01 18:49 - 000744808 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2020-04-25 15:53 - 2020-04-25 15:53 - 000003398 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2553645042-3655948027-308666166-1001 2020-04-25 15:51 - 2020-04-25 15:51 - 000003622 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2020-04-25 15:51 - 2020-04-25 15:51 - 000003498 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2020-04-25 15:46 - 2020-04-25 15:46 - 000202032 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\TeeDriverW8x64.sys 2020-04-25 15:45 - 2020-04-25 15:45 - 009898752 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RsCRIcon.dll 2020-04-25 15:45 - 2020-04-25 15:45 - 000310528 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RtsP2Stor.sys 2020-04-25 15:45 - 2020-04-25 15:45 - 000091904 _____ (Realtek Semiconductor.) C:\WINDOWS\system32\RtCRX64.dll 2020-04-25 15:45 - 2020-04-25 15:45 - 000001047 _____ C:\Users\Gianna Catalina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optional Features.lnk 2020-04-25 15:45 - 2020-04-25 15:45 - 000000000 ____D C:\WINDOWS\SysWOW64\sda 2020-04-25 15:25 - 2020-04-25 15:25 - 000000000 ____D C:\WINDOWS\system32\appmgmt 2020-04-25 15:20 - 2020-04-25 15:22 - 000000000 ____D C:\Users\Gianna Catalina\AppData\Local\gladinet 2020-04-25 15:10 - 2020-04-25 15:10 - 000000000 ___HD C:\ProgramData\Gladinet 2020-04-25 15:10 - 2020-04-25 15:10 - 000000000 ____D C:\ProgramData\Downloaded Installations 2020-04-25 15:08 - 2020-04-28 12:55 - 000000000 ____D C:\ProgramData\TEMP 2020-04-25 15:08 - 2020-04-25 15:12 - 000000000 ____D C:\Users\Gianna Catalina\AppData\Roaming\Zeon 2020-04-25 15:08 - 2020-04-25 15:08 - 000000000 ____D C:\Users\Gianna Catalina\AppData\Local\Nuance 2020-04-25 15:07 - 2020-04-25 15:16 - 000001915 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Software Updates.lnk 2020-04-25 15:07 - 2020-04-25 15:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nuance PDF Converter Professional 8 2020-04-25 15:07 - 2020-04-25 15:08 - 000000000 ____D C:\ProgramData\Nuance 2020-04-25 15:07 - 2020-04-25 15:07 - 000000000 ____D C:\WINDOWS\PIXTRAN 2020-04-25 15:06 - 2020-04-25 15:09 - 000000000 ____D C:\Program Files (x86)\Nuance 2020-04-25 15:06 - 2020-04-25 15:06 - 000000000 ____D C:\ProgramData\Zeon 2020-04-25 15:06 - 2020-04-25 15:06 - 000000000 ____D C:\ProgramData\Macrovision 2020-04-25 15:06 - 2020-04-25 15:06 - 000000000 ____D C:\ProgramData\FLEXnet 2020-04-25 14:54 - 2020-04-25 14:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2020-04-25 14:54 - 2020-04-25 14:54 - 000000000 ____D C:\Program Files\Common Files\DESIGNER 2020-04-25 14:53 - 2020-04-25 14:53 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2020-04-25 14:53 - 2020-04-25 14:53 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server 2020-04-25 14:52 - 2020-04-25 14:53 - 000000000 ____D C:\Program Files\Microsoft SQL Server 2020-04-25 14:52 - 2020-04-25 14:52 - 000000000 ____D C:\WINDOWS\PCHEALTH 2020-04-25 14:52 - 2020-04-25 14:52 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2020-04-25 14:48 - 2020-04-25 14:48 - 000000000 ____D C:\Program Files\Microsoft Analysis Services 2020-04-25 14:48 - 2020-04-25 14:48 - 000000000 ____D C:\Program Files (x86)\Microsoft Analysis Services 2020-04-25 14:47 - 2020-04-26 21:25 - 000000000 ____D C:\Program Files\Microsoft Office 2020-04-25 14:47 - 2020-04-25 14:47 - 000000000 ____D C:\Users\Gianna Catalina\AppData\Local\Microsoft Help 2020-04-25 14:47 - 2020-04-25 14:47 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2020-04-25 14:35 - 2020-04-25 17:04 - 000000000 ____D C:\Users\Gianna Catalina\AppData\Local\Google 2020-04-25 14:35 - 2020-04-25 16:11 - 000000000 ____D C:\Program Files (x86)\Google 2020-04-25 14:12 - 2020-04-27 00:30 - 000000420 _____ C:\Users\Gianna Catalina\Desktop\This PC -.lnk 2020-04-25 13:46 - 2010-12-05 21:16 - 000090112 _____ (Vestris Inc.) C:\WINDOWS\system32\Vestris.ResourceLib.dll 2020-04-25 12:12 - 2020-04-27 09:57 - 000000000 ___DC C:\WINDOWS\Panther 2020-04-25 12:11 - 2020-04-25 12:11 - 000008192 _____ C:\WINDOWS\system32\config\userdiff 2020-04-25 12:05 - 2020-04-25 15:43 - 000000000 ____D C:\Users\Gianna Catalina\AppData\Local\MicrosoftEdge 2020-04-25 12:04 - 2020-04-25 15:53 - 000002393 _____ C:\Users\Gianna Catalina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2020-04-25 12:04 - 2020-04-25 15:53 - 000000000 ___RD C:\Users\Gianna Catalina\OneDrive 2020-04-25 12:04 - 2020-04-25 12:04 - 000000000 ____D C:\ProgramData\Microsoft OneDrive 2020-04-25 12:02 - 2020-04-25 12:02 - 000000000 ____D C:\Users\Gianna Catalina\AppData\Local\Publishers 2020-04-25 12:01 - 2020-04-26 15:21 - 000000000 ____D C:\Users\Gianna Catalina 2020-04-25 12:01 - 2020-04-25 16:37 - 000000000 ____D C:\Users\Gianna Catalina\AppData\Local\Packages 2020-04-25 12:01 - 2020-04-25 13:49 - 000000000 __RHD C:\Users\Public\AccountPictures 2020-04-25 12:01 - 2020-04-25 12:01 - 000016148 _____ C:\WINDOWS\system32\DESKTOP-DUJPFU4_defaultuser0_HistoryPrediction.bin 2020-04-25 12:01 - 2020-04-25 12:01 - 000000020 ___SH C:\Users\Gianna Catalina\ntuser.ini 2020-04-25 12:01 - 2020-04-25 12:01 - 000000000 ____D C:\Users\Gianna Catalina\AppData\Roaming\Adobe 2020-04-25 12:01 - 2020-04-25 12:01 - 000000000 ____D C:\Users\Gianna Catalina\AppData\Local\VirtualStore 2020-04-25 12:01 - 2020-04-25 12:01 - 000000000 ____D C:\Users\Gianna Catalina\AppData\Local\TileDataLayer 2020-04-25 11:25 - 2020-04-28 08:01 - 001745950 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2020-04-25 11:19 - 2020-04-25 11:19 - 000000000 ____D C:\WINDOWS\CSC 2020-04-25 11:16 - 2015-07-10 05:59 - 002718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2020-04-14 00:36 - 2020-04-28 08:08 - 000000256 _____ C:\DelFix.txt ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2020-04-28 11:00 - 2015-07-10 06:02 - 000000000 ____D C:\WINDOWS\INF 2020-04-28 08:45 - 2015-07-10 07:21 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2020-04-28 08:44 - 2015-07-10 04:05 - 000131072 ___SH C:\WINDOWS\system32\config\BBI 2020-04-26 23:17 - 2015-07-10 05:55 - 000000000 ____D C:\WINDOWS\CbsTemp 2020-04-26 23:16 - 2015-07-10 08:11 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm 2020-04-26 23:16 - 2015-07-10 08:11 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN 2020-04-26 23:16 - 2015-07-10 08:11 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr 2020-04-26 23:16 - 2015-07-10 08:11 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts 2020-04-26 23:16 - 2015-07-10 08:11 - 000000000 ____D C:\WINDOWS\system32\winrm 2020-04-26 23:16 - 2015-07-10 08:11 - 000000000 ____D C:\WINDOWS\system32\WCN 2020-04-26 23:16 - 2015-07-10 08:11 - 000000000 ____D C:\WINDOWS\system32\slmgr 2020-04-26 23:16 - 2015-07-10 08:11 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts 2020-04-26 23:16 - 2015-07-10 06:04 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12 2020-04-26 23:16 - 2015-07-10 06:04 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs 2020-04-26 23:16 - 2015-07-10 06:04 - 000000000 ___SD C:\WINDOWS\system32\F12 2020-04-26 23:16 - 2015-07-10 06:04 - 000000000 ___SD C:\WINDOWS\system32\dsc 2020-04-26 23:16 - 2015-07-10 06:04 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2020-04-26 23:16 - 2015-07-10 06:04 - 000000000 ___RD C:\WINDOWS\MiracastView 2020-04-26 23:16 - 2015-07-10 06:04 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2020-04-26 23:16 - 2015-07-10 06:04 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX 2020-04-26 23:16 - 2015-07-10 06:04 - 000000000 ____D C:\WINDOWS\SysWOW64\Com 2020-04-26 23:16 - 2015-07-10 06:04 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2020-04-26 23:16 - 2015-07-10 06:04 - 000000000 ____D C:\WINDOWS\system32\oobe 2020-04-26 23:16 - 2015-07-10 06:04 - 000000000 ____D C:\WINDOWS\system32\migwiz 2020-04-26 23:16 - 2015-07-10 06:04 - 000000000 ____D C:\WINDOWS\system32\es-MX 2020-04-26 23:16 - 2015-07-10 06:04 - 000000000 ____D C:\WINDOWS\system32\Com 2020-04-26 23:16 - 2015-07-10 06:04 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2020-04-26 23:16 - 2015-07-10 04:05 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2020-04-26 23:16 - 2015-07-10 04:05 - 000000000 ____D C:\WINDOWS\system32\Sysprep 2020-04-26 23:16 - 2015-07-10 04:05 - 000000000 ____D C:\WINDOWS\system32\Dism 2020-04-26 23:16 - 2015-07-10 04:05 - 000000000 ____D C:\WINDOWS\servicing 2020-04-26 23:15 - 2015-07-10 08:14 - 000000000 ____D C:\Program Files\Windows Journal 2020-04-26 23:15 - 2015-07-10 06:04 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2020-04-26 23:15 - 2015-07-10 06:04 - 000000000 ___RD C:\WINDOWS\DevicesFlow 2020-04-26 23:15 - 2015-07-10 06:04 - 000000000 ____D C:\WINDOWS\IME 2020-04-26 23:15 - 2015-07-10 06:04 - 000000000 ____D C:\WINDOWS\Help 2020-04-26 23:15 - 2015-07-10 06:04 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2020-04-26 23:15 - 2015-07-10 06:04 - 000000000 ____D C:\Program Files\Windows Defender 2020-04-26 23:15 - 2015-07-10 06:04 - 000000000 ____D C:\Program Files\Common Files\System 2020-04-26 23:15 - 2015-07-10 06:04 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2020-04-26 23:15 - 2015-07-10 06:04 - 000000000 ____D C:\Program Files (x86)\Windows Defender 2020-04-26 22:23 - 2015-07-10 08:12 - 000000000 ____D C:\WINDOWS\OCR 2020-04-26 21:25 - 2015-07-10 06:04 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2020-04-26 17:35 - 2014-05-23 16:51 - 000000000 _RSHD C:\Windows Activation Technologies 2020-04-26 07:27 - 2015-07-10 06:04 - 000000000 ____D C:\WINDOWS\appcompat 2020-04-25 23:09 - 2015-07-10 06:04 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2020-04-25 16:41 - 2015-07-10 06:04 - 000000000 ___HD C:\Program Files\WindowsApps 2020-04-25 16:41 - 2015-07-10 06:04 - 000000000 ____D C:\WINDOWS\AppReadiness 2020-04-25 15:18 - 2015-07-10 07:20 - 000340824 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2020-04-25 14:54 - 2015-07-10 08:14 - 000000000 ____D C:\WINDOWS\ShellNew 2020-04-25 14:52 - 2015-07-10 06:04 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2020-04-25 14:49 - 2015-07-10 06:04 - 000000167 _____ C:\WINDOWS\win.ini 2020-04-25 13:49 - 2015-07-10 06:04 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase 2020-04-25 12:12 - 2015-07-10 06:04 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template 2020-04-25 12:02 - 2015-07-10 06:04 - 000000000 ___RD C:\WINDOWS\PurchaseDialog 2020-04-25 12:02 - 2015-07-10 06:04 - 000000000 ___RD C:\WINDOWS\PrintDialog 2020-04-25 11:22 - 2015-07-10 06:04 - 000000000 ____D C:\WINDOWS\rescache 2020-04-25 11:18 - 2015-07-10 06:04 - 000000000 ____D C:\WINDOWS\system32\FxsTmp ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ========================