Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-07-2019 Ran by koneko (administrator) on KONEKO-PC (Intel Corporation Intel powered classmate PC) (08-07-2019 00:12:38) Running from C:\Users\koneko\Downloads\instaladores Loaded Profiles: koneko & DefaultAppPool (Available Profiles: koneko & Classic .NET AppPool & DefaultAppPool) Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Español (España, internacional) Internet Explorer Version 8 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Doctor Web Ltd. -> ) C:\Users\koneko\AppData\Local\Temp\91F4889C-F4974A0-B2A9AFF4-2B109770\BDEsGRCkLB8T.exe (Doctor Web Ltd. -> ) C:\Users\koneko\AppData\Local\Temp\91F4889C-F4974A0-B2A9AFF4-2B109770\f72MFzqSTR0fVN.exe (Doctor Web Ltd. -> ) C:\Users\koneko\AppData\Local\Temp\91F4889C-F4974A0-B2A9AFF4-2B109770\w0uSboyG4THlc.exe (Doctor Web Ltd. -> ) C:\Users\koneko\Downloads\g39kwszy.exe (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files\Dropbox\Update\DropboxUpdate.exe (Google Inc -> Google LLC) C:\Program Files\Google\Update\1.3.34.11\GoogleCrashHandler.exe (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKU\S-1-5-21-214190906-2147722573-1573341451-1000\...\MountPoints2: {898aedf2-f76c-11e8-b12a-dc85dee142e6} - E:\setup.exe HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\system32\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed] HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed] HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [216064 2011-12-07] ( ) [File not signed] HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [284672 2018-01-28] () [File not signed] HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed] HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\system32\ff_vfw.dll [112128 2015-10-24] () [File not signed] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\75.0.3770.100\Installer\chrmstp.exe [2019-06-20] (Google LLC -> Google LLC) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {302EC6CA-26C3-4396-B271-02A3A5405FDE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2018-09-16] (Google Inc -> Google Inc.) Task: {5A7BEC72-A77B-4D08-AC2B-B0903EA3B9E7} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [3519856 2018-04-12] (Easeware Technology Limited -> Easeware) Task: {5C7AB3A4-E9CF-4C22-830E-CEA488327B79} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16667424 2019-06-18] (Piriform Software Ltd -> Piriform Software Ltd) Task: {64C989A9-E1F9-4876-A596-A77A96E7B003} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-06-18] (Piriform Software Ltd -> Piriform Software Ltd) Task: {69F68542-7534-42A5-82AE-2039FDC258A2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2018-09-16] (Google Inc -> Google Inc.) Task: {7519A811-28C8-486D-92A7-B20084989A8A} - System32\Tasks\Git for Windows Updater => C:\Program Files\Git\git-bash.exe [152088 2019-06-08] (Johannes Schindelin -> The Git Development Community) Task: {A83E22FA-58AF-4FB1-B967-E3CA1071AB02} - System32\Tasks\AdobeGCInvoker-1.0-koneko-PC-koneko => C:\Program Files\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {A9DCC143-4C42-40D5-BD98-83075039F854} - System32\Tasks\klcp_update => C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1722880 2019-06-25] () [File not signed] Task: {CC56F2FC-88DE-4747-9055-F5CBD976FF2D} - System32\Tasks\Opera scheduled Autoupdate 1551460187 => C:\Users\koneko\AppData\Local\Programs\Opera\launcher.exe [1301592 2019-06-14] (Opera Software AS -> Opera Software) Task: {FFB9F129-BA7C-4A7A-A324-42DF43D7A5A1} - System32\Tasks\reloj despertador => C:\Program Files\K-Lite Codec Pack\MPC-HC\mpc-hc.exe [7268864 2019-06-20] (MPC-HC Team) [File not signed] (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\AdwCleaner_onReboot.job => C:\Users\koneko\Downloads\AdwCleaner.exe Task: C:\Windows\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{65A14B84-4DE7-49A7-9E7E-6EA7F39787B8}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{6F6E94A4-44A4-475C-9AF4-3B7F6A7A7D71}: [NameServer] 1.1.1.1,1.0.0.1 Tcpip\..\Interfaces\{835FB619-95AC-4576-900C-3574FC6E96F9}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{ADF7F01B-4FC2-4611-898C-462162B244A8}: [NameServer] 1.1.1.1,1.0.0.1 Tcpip\..\Interfaces\{ADF7F01B-4FC2-4611-898C-462162B244A8}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION HKU\S-1-5-21-214190906-2147722573-1573341451-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/es-ve/?ocid=iehp SearchScopes: HKU\S-1-5-21-214190906-2147722573-1573341451-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_192\bin\ssv.dll [2018-10-29] (Oracle America, Inc. -> Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_192\bin\jp2ssv.dll [2018-10-29] (Oracle America, Inc. -> Oracle Corporation) FireFox: ======== FF DefaultProfile: 6nx48n29.default FF ProfilePath: C:\Users\koneko\AppData\Roaming\Mozilla\Firefox\Profiles\6nx48n29.default [2019-07-07] FF Homepage: Mozilla\Firefox\Profiles\6nx48n29.default -> hxxps://www.google.com/ FF Extension: (AdGuard AdBlocker) - C:\Users\koneko\AppData\Roaming\Mozilla\Firefox\Profiles\6nx48n29.default\Extensions\adguardadblocker@adguard.com.xpi [2018-10-26] FF Extension: (Proxy VPN gratis Hotspot Shield: desbloqueo de sitios) - C:\Users\koneko\AppData\Roaming\Mozilla\Firefox\Profiles\6nx48n29.default\Extensions\hotspot-shield@anchorfree.com.xpi [2018-10-11] FF Extension: (Video DownloadHelper) - C:\Users\koneko\AppData\Roaming\Mozilla\Firefox\Profiles\6nx48n29.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2018-10-11] FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-07-17] (Foxit Software Incorporated -> Foxit Corporation) FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-07-17] (Foxit Software Incorporated -> Foxit Corporation) FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-07-17] (Foxit Software Incorporated -> Foxit Corporation) FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-07-17] (Foxit Software Incorporated -> Foxit Corporation) FF Plugin: @java.com/DTPlugin,version=11.192.2 -> C:\Program Files\Java\jre1.8.0_192\bin\dtplugin\npDeployJava1.dll [2018-10-29] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.192.2 -> C:\Program Files\Java\jre1.8.0_192\bin\plugin2\npjp2.dll [2018-10-29] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC) FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN) Chrome: ======= CHR HomePage: Default -> hxxp://google.co.ve/ CHR StartupUrls: Default -> "hxxp://www.google.co.ve/" CHR Profile: C:\Users\koneko\AppData\Local\Google\Chrome\User Data\Default [2019-07-08] CHR Extension: (Presentaciones) - C:\Users\koneko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-09-16] CHR Extension: (Duolingo en la web) - C:\Users\koneko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2018-09-16] CHR Extension: (Documentos) - C:\Users\koneko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-09-16] CHR Extension: (Google Drive) - C:\Users\koneko\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17] CHR Extension: (Pesticide for Chrome) - C:\Users\koneko\AppData\Local\Google\Chrome\User Data\Default\Extensions\bblbgcheenepgnnajgfpiicnbbdmmooh [2019-03-21] CHR Extension: (AdGuard AdBlocker) - C:\Users\koneko\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2019-07-03] CHR Extension: (YouTube) - C:\Users\koneko\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-09-16] CHR Extension: (OneTab) - C:\Users\koneko\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2019-06-24] CHR Extension: (Hojas de cálculo) - C:\Users\koneko\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-09-16] CHR Extension: (React Developer Tools) - C:\Users\koneko\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmkadmapgofadopljbjfkapdkoienihi [2019-03-03] CHR Extension: (Redux DevTools) - C:\Users\koneko\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmhkpmbekcpmknklioeibfkpmmfibljd [2019-03-03] CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\koneko\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-09-16] CHR Extension: (Proxy VPN gratuito para desbloquear todos los sitios) - C:\Users\koneko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ookhnhpkphagefgdiemllfajmkdkcaim [2019-06-25] CHR Extension: (Gmail) - C:\Users\koneko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-25] CHR Extension: (Chrome Media Router) - C:\Users\koneko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-21] CHR Profile: C:\Users\koneko\AppData\Local\Google\Chrome\User Data\System Profile [2019-07-07] ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) HKLM\SYSTEM\CurrentControlSet\Services\458264B485FEB06A <==== ATTENTION (Rootkit!) S4 AdobeUpdateService; C:\Program Files\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-07-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated) S4 AGMService; C:\Program Files\Common Files\Adobe\AdobeGCClient\AGMService.exe [3117648 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated) S4 AGSService; C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe [2888272 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated) S4 dbupdate; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2018-09-16] (Dropbox, Inc -> Dropbox, Inc.) S4 dbupdatem; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2018-09-16] (Dropbox, Inc -> Dropbox, Inc.) S4 DbxSvc; C:\Windows\system32\DbxSvc.exe [43856 2019-06-24] (Dropbox, Inc -> Dropbox, Inc.) S4 Device Control Service; C:\Program Files\Intel\Device Control Service\DeviceControlService.exe [626688 2010-05-25] (Intel Corporation) [File not signed] S4 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1138368 2016-05-30] (Disc Soft Ltd -> Disc Soft Ltd) S4 esifsvc; C:\Windows\system32\esif_uf.exe [1304728 2018-09-16] (Intel(R) Software -> Intel Corporation) S4 FileZilla Server; C:\xampp\FileZillaFTP\FileZilla server.exe [632320 2012-02-26] (FileZilla Project) [File not signed] R2 ftpsvc; C:\Windows\system32\inetsrv\ftpsvc.dll [309760 2010-11-20] (Microsoft Windows -> Microsoft Corporation) S4 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [13824 2009-07-13] (Microsoft Windows -> Microsoft Corporation) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [5247944 2019-02-01] (Malwarebytes Corporation -> Malwarebytes) S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-13] (Microsoft Windows -> Microsoft Corporation) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S0 amdkmafd; C:\Windows\System32\DRIVERS\amdkmafd.sys [15968 2019-01-22] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [26168 2018-12-05] (Disc Soft Ltd -> Disc Soft Ltd) R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [40504 2018-12-05] (Disc Soft Ltd -> Disc Soft Ltd) S3 esif_lf; C:\Windows\System32\DRIVERS\esif_lf.sys [227816 2018-09-16] (Intel(R) Software -> Intel Corporation) R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae.sys [128552 2019-01-08] (Malwarebytes Corporation -> Malwarebytes) R3 IPMLEBL; C:\Windows\System32\Drivers\ipmlebl.sys [9984 2010-04-19] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [172280 2019-07-08] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [107168 2019-07-08] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [63552 2019-07-08] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [240440 2019-07-08] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [85232 2019-07-08] (Malwarebytes Corporation -> Malwarebytes) S3 RtkBtFilter; C:\Windows\System32\DRIVERS\RtkBtfilter.sys [648704 2018-09-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation) S3 RTSUER; C:\Windows\System32\Drivers\RtsUer.sys [321872 2019-01-22] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation) S3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [7253208 2019-01-22] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.) R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [3175128 2019-02-28] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation ) S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [23040 2016-04-21] (The OpenVPN Project) [File not signed] S3 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [185464 2018-08-14] (Oracle Corporation -> Oracle Corporation) R3 VKBD; C:\Windows\System32\DRIVERS\virkbd.sys [18432 2010-04-19] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-07-08 00:10 - 2019-07-08 00:10 - 000063552 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2019-07-08 00:09 - 2019-07-08 00:09 - 000240440 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys 2019-07-08 00:09 - 2019-07-08 00:09 - 000172280 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys 2019-07-08 00:09 - 2019-07-08 00:09 - 000107168 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys 2019-07-08 00:09 - 2019-07-08 00:09 - 000085232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys 2019-07-08 00:08 - 2019-07-08 00:08 - 000002020 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2019-07-08 00:08 - 2019-07-08 00:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2019-07-08 00:08 - 2019-07-08 00:08 - 000000000 ____D C:\ProgramData\Malwarebytes 2019-07-08 00:08 - 2019-07-08 00:08 - 000000000 ____D C:\Program Files\Malwarebytes 2019-07-08 00:08 - 2019-01-08 15:32 - 000128552 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae.sys 2019-07-07 15:17 - 2019-07-07 15:52 - 193238144 _____ C:\Users\koneko\Downloads\g39kwszy.exe 2019-07-07 14:43 - 2019-07-07 14:48 - 042468640 _____ (SUPERAntiSpyware) C:\Users\koneko\Downloads\SUPERAntiSpywarePro.exe 2019-07-07 12:21 - 2019-07-07 12:21 - 000012878 _____ C:\Users\koneko\Desktop\HiJackThis.txt 2019-07-07 12:15 - 2019-07-07 12:15 - 000000000 ____D C:\Windows\ABR 2019-07-07 11:45 - 2019-07-07 15:00 - 000002458 _____ C:\Users\koneko\Desktop\Rkill.txt 2019-07-03 17:48 - 2019-07-03 17:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2019-07-03 16:36 - 2019-07-03 16:36 - 000015374 _____ C:\Users\koneko\package-lock.json 2019-07-03 16:35 - 2019-07-03 16:36 - 000000000 ____D C:\Users\koneko\node_modules 2019-07-01 12:13 - 2019-07-03 12:49 - 000026078 _____ C:\Users\koneko\.babel.json 2019-07-01 12:13 - 2019-07-01 12:13 - 000009350 _____ C:\Users\koneko\.v8flags.6.2.414.66.8104a3774b737c12dcaabaa27e3bca89.json 2019-06-28 03:57 - 2019-06-28 03:57 - 000000000 ____D C:\Users\koneko\AppData\Local\mbam 2019-06-28 03:26 - 2019-06-28 03:26 - 000000000 __SHD C:\found.001 2019-06-27 13:34 - 2019-06-27 13:49 - 000000000 ____D C:\Users\koneko\AppData\Roaming\Code - Insiders 2019-06-27 13:34 - 2019-06-27 13:34 - 000001243 _____ C:\Users\Public\Desktop\Visual Studio Code - Insiders.lnk 2019-06-27 13:34 - 2019-06-27 13:34 - 000000000 ____D C:\Users\koneko\AppData\Roaming\Visual Studio Code - Insiders 2019-06-27 13:34 - 2019-06-27 13:34 - 000000000 ____D C:\Users\koneko\.vscode-insiders 2019-06-27 13:34 - 2019-06-27 13:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Code - Insiders 2019-06-27 13:31 - 2019-06-27 13:34 - 000000000 ____D C:\Program Files\Microsoft VS Code Insiders 2019-06-27 09:36 - 2008-08-18 19:48 - 000077824 _____ (Fox Magic Software) C:\Windows\system32\fmcodec.DLL 2019-06-27 00:45 - 2019-06-27 02:22 - 000031998 _____ C:\Users\koneko\Downloads\Addition.txt 2019-06-27 00:30 - 2019-07-08 00:12 - 000000000 ____D C:\FRST 2019-06-27 00:30 - 2019-06-27 02:22 - 000045957 _____ C:\Users\koneko\Downloads\FRST.txt 2019-06-26 23:45 - 2019-06-26 23:45 - 000000278 _____ C:\Windows\Tasks\AdwCleaner_onReboot.job 2019-06-26 23:37 - 2019-06-26 23:37 - 000000000 ____D C:\ProgramData\Doctor Web 2019-06-26 23:36 - 2019-06-27 07:25 - 000000000 ____D C:\Users\koneko\Doctor Web 2019-06-26 22:22 - 2019-06-26 23:44 - 000000000 ____D C:\AdwCleaner 2019-06-26 22:00 - 2019-06-26 22:00 - 000000000 ____D C:\Users\koneko\AppData\Local\mbamtray 2019-06-26 10:37 - 2019-06-26 10:37 - 000069632 _____ C:\Users\koneko\Documents\ll.evtx 2019-06-26 10:37 - 2019-06-26 10:37 - 000000000 ____D C:\Users\koneko\Documents\LocaleMetaData 2019-06-25 23:27 - 2019-06-25 23:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2019-06-25 01:53 - 2016-09-02 11:21 - 000137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2019-06-25 01:53 - 2016-09-02 11:21 - 000067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2019-06-25 01:53 - 2016-09-02 11:16 - 000655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2019-06-25 01:53 - 2016-09-02 11:16 - 000260608 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2019-06-25 01:53 - 2016-09-02 11:16 - 000254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2019-06-25 01:53 - 2016-09-02 11:16 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2019-06-25 01:53 - 2016-09-02 11:16 - 000141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll 2019-06-25 01:53 - 2016-09-02 11:16 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2019-06-25 01:53 - 2016-09-02 11:16 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2019-06-25 01:53 - 2016-09-02 11:16 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2019-06-25 01:53 - 2016-09-02 11:16 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2019-06-25 01:53 - 2016-09-02 11:16 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2019-06-25 01:53 - 2016-09-02 11:16 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2019-06-25 01:53 - 2016-09-02 11:16 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2019-06-25 01:53 - 2016-09-02 11:16 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2019-06-25 01:53 - 2016-09-02 11:16 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2019-06-25 01:53 - 2016-09-02 10:53 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2019-06-25 01:53 - 2016-09-02 10:53 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2019-06-25 01:53 - 2016-09-02 10:53 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2019-06-25 01:53 - 2016-09-02 10:53 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2019-06-25 01:53 - 2016-09-02 10:53 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2019-06-25 01:53 - 2016-09-02 10:49 - 000226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2019-06-25 01:53 - 2016-09-02 10:49 - 000124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2019-06-25 01:53 - 2016-09-02 10:49 - 000098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2019-06-25 01:53 - 2016-09-02 10:49 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2019-06-25 01:53 - 2016-09-02 10:49 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2019-06-25 01:53 - 2016-09-02 10:49 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2019-06-25 01:53 - 2016-09-02 10:49 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2019-06-25 01:53 - 2016-06-06 11:23 - 000179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2019-06-25 01:53 - 2016-06-06 11:23 - 000145920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2019-06-25 01:53 - 2016-06-06 11:23 - 000106496 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2019-06-25 01:53 - 2016-05-13 17:47 - 000073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2019-06-25 01:53 - 2016-05-04 13:21 - 000105192 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2019-06-25 01:53 - 2016-05-04 13:17 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll 2019-06-25 01:53 - 2016-05-04 13:17 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll 2019-06-25 01:53 - 2016-05-04 10:55 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe 2019-06-25 01:53 - 2016-03-23 18:42 - 000409272 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll 2019-06-25 01:52 - 2016-09-02 11:21 - 004000488 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe 2019-06-25 01:52 - 2016-09-02 11:21 - 003944680 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2019-06-25 01:52 - 2016-09-02 11:18 - 001310528 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2019-06-25 01:52 - 2016-09-02 11:16 - 001062912 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2019-06-25 01:52 - 2016-09-02 11:16 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2019-06-25 01:52 - 2016-09-02 11:16 - 000644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2019-06-25 01:52 - 2016-09-02 11:16 - 000553472 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2019-06-25 01:52 - 2016-09-02 11:16 - 000400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2019-06-25 01:52 - 2016-09-02 11:16 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2019-06-25 01:52 - 2016-09-02 11:16 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2019-06-25 01:52 - 2016-09-02 11:16 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2019-06-25 01:52 - 2016-09-02 10:51 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2019-06-25 01:52 - 2016-06-06 11:23 - 001176064 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2019-06-25 01:52 - 2016-05-13 17:50 - 002945536 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2019-06-25 01:52 - 2016-05-13 17:50 - 000174080 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2019-06-25 01:52 - 2016-05-13 17:39 - 002060288 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2019-06-25 01:52 - 2016-05-13 17:38 - 000573440 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2019-06-25 01:52 - 2016-05-13 17:38 - 000136192 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2019-06-25 01:52 - 2016-05-13 17:38 - 000093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2019-06-25 01:52 - 2016-05-13 17:38 - 000035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2019-06-25 01:52 - 2016-05-13 17:38 - 000035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2019-06-25 01:52 - 2016-05-13 17:38 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2019-06-25 01:52 - 2016-05-13 17:38 - 000011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2019-06-25 01:52 - 2016-05-12 11:18 - 000572416 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2019-06-25 01:52 - 2016-05-12 11:18 - 000090624 _____ (Microsoft Corporation) C:\Windows\system32\olepro32.dll 2019-06-25 01:52 - 2016-05-12 11:18 - 000067584 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll 2019-06-25 01:52 - 2016-05-12 09:04 - 000370784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2019-06-25 01:52 - 2016-05-12 09:04 - 000249352 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll 2019-06-25 01:52 - 2016-05-04 13:17 - 002365440 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2019-06-25 01:52 - 2016-05-04 13:17 - 001806848 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2019-06-25 01:52 - 2016-05-04 13:17 - 000337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll 2019-06-25 01:52 - 2016-03-23 18:39 - 000534816 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2019-06-25 01:52 - 2016-03-23 18:39 - 000470704 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2019-06-25 01:48 - 2015-02-18 03:06 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe 2019-06-24 15:32 - 2010-07-13 18:23 - 003829760 _____ (Intel Corporation) C:\Windows\system32\igdumd32.dll 2019-06-24 15:32 - 2010-07-13 18:19 - 000536576 _____ (Intel Corporation) C:\Windows\system32\igdumdx32.dll 2019-06-24 15:32 - 2010-07-13 18:14 - 002551808 _____ (Intel Corporation) C:\Windows\system32\igd10umd32.dll 2019-06-24 15:32 - 2010-07-13 18:03 - 004104192 _____ (Intel Corporation) C:\Windows\system32\ig4icd32.dll 2019-06-24 15:32 - 2010-07-13 17:52 - 000094208 _____ (Intel Corporation) C:\Windows\system32\hccutils.dll 2019-06-24 15:32 - 2009-12-14 12:35 - 003126808 _____ (Intel Corporation) C:\Windows\system32\GfxUI.exe 2019-06-24 15:32 - 2009-12-14 12:35 - 000268312 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe 2019-06-24 15:32 - 2009-12-14 12:35 - 000178200 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe 2019-06-24 15:32 - 2009-12-14 12:35 - 000175640 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe 2019-06-24 15:32 - 2009-12-14 12:35 - 000166936 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe 2019-06-24 15:32 - 2009-12-14 12:35 - 000141848 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe 2019-06-24 15:32 - 2009-12-14 11:51 - 000284672 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc 2019-06-24 15:32 - 2009-12-14 11:51 - 000284672 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc 2019-06-24 15:32 - 2009-12-14 11:51 - 000284672 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc 2019-06-24 15:32 - 2009-12-14 11:51 - 000284160 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc 2019-06-24 15:32 - 2009-12-14 11:51 - 000284160 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc 2019-06-24 15:32 - 2009-12-14 11:51 - 000284160 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc 2019-06-24 15:32 - 2009-12-14 11:51 - 000284160 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc 2019-06-24 15:32 - 2009-12-14 11:51 - 000284160 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc 2019-06-24 15:32 - 2009-12-14 11:51 - 000284160 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc 2019-06-24 15:32 - 2009-12-14 11:51 - 000283648 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc 2019-06-24 15:32 - 2009-12-14 11:51 - 000283648 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc 2019-06-24 15:32 - 2009-12-14 11:51 - 000283648 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc 2019-06-24 15:32 - 2009-12-14 11:51 - 000283648 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc 2019-06-24 15:32 - 2009-12-14 11:51 - 000283648 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc 2019-06-24 15:32 - 2009-12-14 11:51 - 000283648 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc 2019-06-24 15:32 - 2009-12-14 11:51 - 000283648 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc 2019-06-24 15:32 - 2009-12-14 11:51 - 000283648 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc 2019-06-24 15:32 - 2009-12-14 11:51 - 000283648 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc 2019-06-24 15:32 - 2009-12-14 11:51 - 000283136 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc 2019-06-24 15:32 - 2009-12-14 11:51 - 000283136 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc 2019-06-24 15:32 - 2009-12-14 11:51 - 000282624 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc 2019-06-24 15:32 - 2009-12-14 11:51 - 000282624 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc 2019-06-24 15:32 - 2009-12-14 11:51 - 000280576 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc 2019-06-24 15:32 - 2009-12-14 11:51 - 000280576 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc 2019-06-24 15:32 - 2009-12-14 11:51 - 000279552 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc 2019-06-24 15:32 - 2009-12-14 11:51 - 000279552 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc 2019-06-24 15:32 - 2009-12-14 11:51 - 000187765 _____ C:\Windows\system32\Gfxres.th-TH.resources 2019-06-24 15:32 - 2009-12-14 11:51 - 000176490 _____ C:\Windows\system32\Gfxres.el-GR.resources 2019-06-24 15:32 - 2009-12-14 11:51 - 000163560 _____ C:\Windows\system32\Gfxres.ru-RU.resources 2019-06-24 15:32 - 2009-12-14 11:51 - 000138088 _____ C:\Windows\system32\Gfxres.ar-SA.resources 2019-06-24 15:32 - 2009-12-14 11:51 - 000131904 _____ C:\Windows\system32\Gfxres.he-IL.resources 2019-06-24 15:32 - 2009-12-14 11:51 - 000123747 _____ C:\Windows\system32\Gfxres.it-IT.resources 2019-06-24 15:32 - 2009-12-14 11:51 - 000121451 _____ C:\Windows\system32\Gfxres.ko-KR.resources 2019-06-24 15:32 - 2009-12-14 11:51 - 000121132 _____ C:\Windows\system32\Gfxres.es-ES.resources 2019-06-24 15:32 - 2009-12-14 11:51 - 000120882 _____ C:\Windows\system32\Gfxres.de-DE.resources 2019-06-24 15:32 - 2009-12-14 11:51 - 000119326 _____ C:\Windows\system32\Gfxres.tr-TR.resources 2019-06-24 15:32 - 2009-12-14 11:51 - 000118949 _____ C:\Windows\system32\Gfxres.fr-FR.resources 2019-06-24 15:32 - 2009-12-14 11:51 - 000118569 _____ C:\Windows\system32\Gfxres.pt-BR.resources 2019-06-24 15:32 - 2009-12-14 11:51 - 000117762 _____ C:\Windows\system32\Gfxres.nl-NL.resources 2019-06-24 15:32 - 2009-12-14 11:51 - 000117737 _____ C:\Windows\system32\Gfxres.hu-HU.resources 2019-06-24 15:32 - 2009-12-14 11:51 - 000117527 _____ C:\Windows\system32\Gfxres.sv-SE.resources 2019-06-24 15:32 - 2009-12-14 11:51 - 000117229 _____ C:\Windows\system32\Gfxres.pt-PT.resources 2019-06-24 15:32 - 2009-12-14 11:51 - 000116944 _____ C:\Windows\system32\Gfxres.cs-CZ.resources 2019-06-24 15:32 - 2009-12-14 11:51 - 000116868 _____ C:\Windows\system32\Gfxres.fi-FI.resources 2019-06-24 15:32 - 2009-12-14 11:51 - 000116629 _____ C:\Windows\system32\Gfxres.pl-PL.resources 2019-06-24 15:32 - 2009-12-14 11:51 - 000116230 _____ C:\Windows\system32\Gfxres.sk-SK.resources 2019-06-24 15:32 - 2009-12-14 11:51 - 000113040 _____ C:\Windows\system32\Gfxres.nb-NO.resources 2019-06-24 15:32 - 2009-12-14 11:51 - 000112529 _____ C:\Windows\system32\Gfxres.sl-SI.resources 2019-06-24 15:32 - 2009-12-14 11:51 - 000112445 _____ C:\Windows\system32\Gfxres.da-DK.resources 2019-06-24 15:32 - 2009-12-14 11:51 - 000108405 _____ C:\Windows\system32\Gfxres.en-US.resources 2019-06-24 15:32 - 2009-12-14 11:51 - 000102229 _____ C:\Windows\system32\Gfxres.zh-TW.resources 2019-06-24 15:32 - 2009-12-14 11:51 - 000101113 _____ C:\Windows\system32\Gfxres.zh-CN.resources 2019-06-24 15:32 - 2009-12-14 11:48 - 000260096 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll 2019-06-24 15:32 - 2009-12-14 11:48 - 000200704 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll 2019-06-24 15:32 - 2009-12-14 11:48 - 000119808 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl 2019-06-24 15:32 - 2009-12-14 11:48 - 000056832 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll 2019-06-24 15:32 - 2009-12-14 11:48 - 000023552 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll 2019-06-24 15:32 - 2009-12-14 11:47 - 009030656 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll 2019-06-24 15:32 - 2009-12-14 11:47 - 000283136 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc 2019-06-24 15:32 - 2009-12-14 11:47 - 000226304 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll 2019-06-24 15:32 - 2009-12-14 11:47 - 000130560 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll 2019-06-24 15:32 - 2009-12-14 11:47 - 000119808 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll 2019-06-24 15:32 - 2009-12-14 11:47 - 000004096 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll 2019-06-24 15:32 - 2009-12-14 11:45 - 000000151 _____ C:\Windows\system32\GfxUI.exe.config 2019-06-24 14:09 - 2019-06-24 14:10 - 000000000 ____D C:\Users\Public\Documents\GTA San Andreas User Files 2019-06-24 13:55 - 2019-06-24 14:04 - 000000000 ____D C:\Users\koneko\Documents\GTA San Andreas User Files 2019-06-24 08:12 - 2019-06-24 08:12 - 000043856 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe 2019-06-24 08:12 - 2019-06-24 08:12 - 000036848 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys 2019-06-24 08:12 - 2019-06-24 08:12 - 000036848 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys 2019-06-24 08:12 - 2019-06-24 08:12 - 000036848 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys 2019-06-23 23:18 - 2019-06-23 23:18 - 000000000 _____ C:\Users\koneko\AppData\Local\{F17E6D65-52A1-436F-A0A9-52EDB0F54BD7} 2019-06-23 17:12 - 2019-06-23 19:47 - 000000768 _____ C:\Users\koneko\Desktop\styles.css 2019-06-21 16:32 - 2019-06-21 16:50 - 063405808 _____ (Skype Technologies S.A.) C:\Users\koneko\Downloads\Skype-8.46.0.60.exe 2019-06-17 09:50 - 2019-06-17 09:50 - 000000000 ____D C:\Users\koneko\AppData\Roaming\OpenOffice 2019-06-17 09:49 - 2019-06-17 09:50 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.6 2019-06-17 09:48 - 2019-06-17 09:49 - 000000000 ____D C:\Program Files\OpenOffice 4 2019-06-09 14:22 - 2019-06-09 14:22 - 000000114 _____ C:\Users\koneko\.gitconfig 2019-06-09 13:29 - 2019-06-09 13:29 - 000049025 _____ C:\Users\koneko\Downloads\[kat.cr]tifa.s.package.bootleg040.mods.updated.11.24.2013.torrent 2019-06-09 11:40 - 2019-06-09 11:57 - 000000000 ____D C:\Users\koneko\hello-react 2019-06-08 14:22 - 2019-06-08 14:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git ==================== One month (modified) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-07-08 00:12 - 2019-02-28 19:20 - 000000000 ____D C:\Users\koneko\Downloads\instaladores 2019-07-08 00:09 - 2009-07-13 22:37 - 000000000 ____D C:\Windows\inf 2019-07-08 00:08 - 2018-09-16 10:58 - 000007604 _____ C:\Users\koneko\AppData\Local\Resmon.ResmonCfg 2019-07-07 18:47 - 2018-09-16 10:12 - 000000000 ___RD C:\Users\koneko\Desktop\varios 2019-07-07 12:34 - 2009-07-14 00:34 - 000028320 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2019-07-07 12:34 - 2009-07-14 00:34 - 000028320 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2019-07-07 12:31 - 2011-04-11 21:30 - 000810026 _____ C:\Windows\system32\perfh00A.dat 2019-07-07 12:31 - 2011-04-11 21:30 - 000183476 _____ C:\Windows\system32\perfc00A.dat 2019-07-07 12:31 - 2010-11-20 17:01 - 001836074 _____ C:\Windows\system32\PerfStringBackup.INI 2019-07-07 12:27 - 2009-07-14 00:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2019-07-06 11:40 - 2019-01-29 14:00 - 000006142 _____ C:\Users\koneko\.bash_history 2019-07-06 11:34 - 2018-11-29 22:03 - 000000000 ____D C:\Users\koneko\AppData\Roaming\Code 2019-07-06 10:07 - 2009-07-13 22:37 - 000000000 ____D C:\Windows\system32\NDF 2019-07-05 18:22 - 2019-05-16 13:04 - 000000000 ____D C:\Program Files\WarCraft III 2019-07-05 15:51 - 2018-09-20 14:18 - 000000000 ____D C:\Users\koneko\Desktop\programacion 2019-07-04 18:39 - 2019-06-01 20:36 - 000006382 _____ C:\Users\koneko\Desktop\cover letter.txt 2019-07-04 18:12 - 2019-03-23 10:40 - 000000033 _____ C:\Users\koneko\AppData\Roaming\AdobeWLCMCache.dat 2019-07-03 17:52 - 2018-09-16 01:33 - 000000000 ____D C:\Users\koneko 2019-07-03 17:48 - 2018-09-30 17:39 - 000000000 ____D C:\Program Files\CCleaner 2019-07-03 17:26 - 2018-12-05 10:21 - 000000000 ____D C:\Users\koneko\AppData\Roaming\DAEMON Tools Lite 2019-07-03 17:26 - 2018-09-24 21:24 - 000000000 ____D C:\Users\koneko\AppData\Roaming\MPC-HC 2019-07-03 16:54 - 2018-11-29 15:53 - 000000000 ____D C:\Program Files\Microsoft VS Code 2019-07-03 16:53 - 2018-11-29 15:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio Code 2019-07-03 16:33 - 2019-01-22 19:02 - 000000000 ____D C:\Users\koneko\Downloads\DRIVER Wlan(WIFI) 32 Bits by EndyhPENTA 2019-07-02 10:27 - 2019-04-29 16:08 - 000001456 _____ C:\Users\koneko\AppData\Local\Adobe Save for Web 13.0 Prefs 2019-06-30 09:32 - 2018-10-24 13:47 - 000000000 ____D C:\Users\koneko\AppData\Roaming\npm 2019-06-30 01:01 - 2018-09-22 23:57 - 000000000 ____D C:\Users\koneko\Downloads\memes 2019-06-29 20:48 - 2018-09-24 21:22 - 000000000 ____D C:\Users\koneko\Downloads\torrents 2019-06-29 15:21 - 2018-09-24 15:58 - 000000000 ____D C:\Users\koneko\AppData\Roaming\qBittorrent 2019-06-29 10:22 - 2018-09-23 00:01 - 000000000 ____D C:\Users\koneko\AppData\Local\visualboyadvance-m 2019-06-28 02:59 - 2019-01-22 11:56 - 000000000 ____D C:\Users\koneko\Downloads\usbtreeview 2019-06-27 09:36 - 2018-09-24 21:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher 2019-06-27 07:46 - 2018-09-16 09:38 - 000000000 ____D C:\Program Files\K-Lite Codec Pack 2019-06-27 07:45 - 2018-09-16 09:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack 2019-06-27 07:33 - 2018-12-18 00:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro 2019-06-27 07:28 - 2019-04-13 18:30 - 000000000 ____D C:\Program Files\Cheat Engine 6.8.3 2019-06-26 23:55 - 2018-11-02 10:26 - 000000000 ____D C:\Windows\pss 2019-06-26 23:28 - 2018-10-09 15:10 - 000000000 ____D C:\ProgramData\XBQDpMsjuQ 2019-06-26 23:28 - 2018-09-16 09:19 - 000000000 ____D C:\Users\koneko\AppData\Roaming\Windows_Activator 2019-06-26 03:55 - 2009-07-13 22:37 - 000000000 ____D C:\Windows\rescache 2019-06-25 23:27 - 2018-09-16 09:39 - 000000000 ____D C:\Program Files\Dropbox 2019-06-25 09:40 - 2009-07-13 22:37 - 000000000 ____D C:\Windows\Registration 2019-06-25 09:14 - 2019-03-07 10:00 - 000000000 ____D C:\Users\koneko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2019-06-25 02:05 - 2009-07-14 00:53 - 000032630 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2019-06-25 01:59 - 2009-07-13 22:37 - 000000000 ____D C:\Windows\PolicyDefinitions 2019-06-24 17:53 - 2018-12-25 00:26 - 000000000 ____D C:\Users\koneko\Biblioteca de calibre 2019-06-24 15:40 - 2018-09-16 01:33 - 000000000 ____D C:\Users\koneko\AppData\Local\VirtualStore 2019-06-24 15:13 - 2019-01-06 18:19 - 000000000 ____D C:\Users\koneko\AppData\Roaming\vlc 2019-06-24 12:06 - 2018-09-16 01:45 - 000103320 _____ C:\Users\koneko\AppData\Local\GDIPFONTCACHEV1.DAT 2019-06-20 16:33 - 2018-09-16 01:47 - 000002168 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2019-06-16 08:13 - 2018-09-16 02:56 - 000000408 _____ C:\Windows\Tasks\Driver Easy Scheduled Scan.job 2019-06-11 13:23 - 2018-12-03 22:35 - 000000000 ____D C:\Users\koneko\Downloads\imagenes 2019-06-09 11:32 - 2018-09-20 00:23 - 000000000 ____D C:\Users\koneko\AppData\Roaming\npm-cache 2019-06-08 23:53 - 2018-09-22 23:56 - 000000000 ____D C:\Users\koneko\Desktop\juegos 2019-06-08 14:23 - 2018-10-24 13:53 - 000000000 ____D C:\Program Files\Git 2019-06-08 14:22 - 2018-10-24 13:54 - 000000000 ____D C:\ProgramData\Git ==================== Files in the root of some directories ================ 2018-12-28 12:43 - 2018-12-28 12:45 - 000000132 _____ () C:\Users\koneko\AppData\Roaming\Adobe GIF Format CS6 Prefs 2018-11-13 17:28 - 2019-01-26 23:40 - 000000132 _____ () C:\Users\koneko\AppData\Roaming\Adobe PNG Format CS6 Prefs 2019-03-23 10:40 - 2019-07-04 18:12 - 000000033 _____ () C:\Users\koneko\AppData\Roaming\AdobeWLCMCache.dat 2019-03-28 17:37 - 2019-03-28 17:37 - 000000028 _____ () C:\Users\koneko\AppData\Roaming\kulerdata.json 2019-01-27 18:24 - 2019-02-01 15:33 - 000000132 _____ () C:\Users\koneko\AppData\Roaming\Prefs. de formato PNG de Adobe CS6 2019-04-29 16:08 - 2019-07-02 10:27 - 000001456 _____ () C:\Users\koneko\AppData\Local\Adobe Save for Web 13.0 Prefs 2019-02-05 21:50 - 2019-02-05 21:50 - 000000000 _____ () C:\Users\koneko\AppData\Local\oobelibMkey.log 2018-09-16 10:58 - 2019-07-08 00:08 - 000007604 _____ () C:\Users\koneko\AppData\Local\Resmon.ResmonCfg 2019-01-31 11:29 - 2019-01-31 11:29 - 000000032 RSHOT () C:\Users\koneko\AppData\Local\t80.dat 2019-06-23 23:18 - 2019-06-23 23:18 - 000000000 _____ () C:\Users\koneko\AppData\Local\{F17E6D65-52A1-436F-A0A9-52EDB0F54BD7} ==================== SigCheck =============================== (There is no automatic fix for files that do not pass verification.) LastRegBack: 2019-07-02 00:52 ==================== End of FRST.txt ============================