FireFox: ======== FF DefaultProfile: mpcqwsrh.default FF ProfilePath: C:\Users\saenz\AppData\Roaming\Mozilla\Firefox\Profiles\mpcqwsrh.default [2019-12-24] FF ProfilePath: C:\Users\saenz\AppData\Roaming\Mozilla\Firefox\Profiles\8hm09q7q.default-release-1575143500190 [2019-12-24] FF HKLM\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi [2019-12-18] FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-05-02] FF HKLM\...\Firefox\Extensions: [bdtbe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi FF Extension: (Bitdefender Anti-tracker) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi [2019-11-18] FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext [2019-02-15] [Legacy] [not signed] FF HKLM-x32\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi FF HKLM-x32\...\Firefox\Extensions: [bdtbe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2019-07-15] [Legacy] [not signed] FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext FF HKU\S-1-5-21-3305917012-4270169547-4029195171-1001\...\Firefox\Extensions: [mozilla_cc3@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi FF Extension: (IDM Integration Module) - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi [2018-10-18] [UpdateUrl:hxxps://data.internetdownloadmanager.com/idmmzcc3/update.json] FF HKU\S-1-5-21-3305917012-4270169547-4029195171-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\saenz\AppData\Roaming\IDM\idmmzcc5 FF Extension: (IDM CC) - C:\Users\saenz\AppData\Roaming\IDM\idmmzcc5 [2019-04-19] [Legacy] [not signed] FF HKU\S-1-5-21-3305917012-4270169547-4029195171-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-20] [Legacy] FF HKU\S-1-5-21-3305917012-4270169547-4029195171-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12242019165851383\...\Firefox\Extensions: [mozilla_cc3@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi FF HKU\S-1-5-21-3305917012-4270169547-4029195171-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12242019165851383\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\saenz\AppData\Roaming\IDM\idmmzcc5 FF HKU\S-1-5-21-3305917012-4270169547-4029195171-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12242019165851383\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-12-05] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-07-05] (Adobe Inc. -> Adobe Systems) FF Plugin-x32: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-08-02] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-08-02] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-12-05] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> C:\Program Files (x86)\Arc\Plugins\npArcPluginFF.dll [No File] FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=3 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-05-17] (Brave Software, Inc. -> BraveSoftware Inc.) FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=9 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-05-17] (Brave Software, Inc. -> BraveSoftware Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC) FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-07-05] (Adobe Inc. -> Adobe Systems) FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\bd_js_config.js [2019-11-30] <==== ATTENTION (Points to *.cfg file) FF ExtraCheck: C:\Program Files\mozilla firefox\bd_config.cfg [2019-11-30] <==== ATTENTION Chrome: ======= CHR DefaultProfile: Profile 1 CHR DefaultSearchKeyword: Profile 1 -> lp CHR Profile: C:\Users\saenz\AppData\Local\Google\Chrome\User Data\Default [2019-12-24] CHR Extension: (Presentaciones) - C:\Users\saenz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-02-27] CHR Extension: (Documentos) - C:\Users\saenz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-02-27] CHR Extension: (Google Drive) - C:\Users\saenz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-02-27] CHR Extension: (Autenticador) - C:\Users\saenz\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhghoamapcdpbohphigoooaddinpkbai [2019-07-10] CHR Extension: (Pop up blocker for Chrome™ - Poper Blocker) - C:\Users\saenz\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2019-05-31] CHR Extension: (YouTube) - C:\Users\saenz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-02-27] CHR Extension: (Adobe Acrobat) - C:\Users\saenz\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-08-20] CHR Extension: (Hojas de cálculo) - C:\Users\saenz\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-02-27] CHR Extension: (Authy) - C:\Users\saenz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaedmjdfmmahhbjefcbgaolhhanlaolb [2019-02-27] CHR Extension: (Bitdefender Wallet) - C:\Users\saenz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gannpgaobkkhmpomoijebaigcapoeebl [2019-07-16] CHR Extension: (Escritorio Remoto de Chrome) - C:\Users\saenz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2019-07-17] CHR Extension: (Documentos de Google sin conexión) - C:\Users\saenz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-02-27] CHR Extension: (AdBlock: el mejor bloqueador de anuncios) - C:\Users\saenz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-12-18] CHR Extension: (LastPass: Free Password Manager) - C:\Users\saenz\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2019-12-18] CHR Extension: (Arcane Legends) - C:\Users\saenz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibmlkgieigeddcedpbijnpojheoddido [2019-02-27] CHR Extension: (Voice Recognition) - C:\Users\saenz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikjmfindklfaonkodbnidahohdfbdhkn [2019-02-27] CHR Extension: (Chrome Remote Desktop) - C:\Users\saenz\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2019-06-19] CHR Extension: (Unseen for Facebook) - C:\Users\saenz\AppData\Local\Google\Chrome\User Data\Default\Extensions\jiomcgpfgkeefipihnplhadgdoollmap [2019-09-24] CHR Extension: (DS Amazon Quick View) - C:\Users\saenz\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkompbllimaoekaogchhkmkdogpkhojg [2019-12-05] CHR Extension: (Bitdefender Anti-tracker) - C:\Users\saenz\AppData\Local\Google\Chrome\User Data\Default\Extensions\khndhdhbebhaddchcgnalcjlaekbbeof [2019-12-05] CHR Extension: (Webcam Toy) - C:\Users\saenz\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade [2019-02-27] CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\saenz\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2019-07-24] CHR Extension: (LightShot (la herramienta de captura de pantalla)) - C:\Users\saenz\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbniclmhobmnbdlbpiphghaielnnpgdp [2019-07-29] CHR Extension: (deviantART muro) - C:\Users\saenz\AppData\Local\Google\Chrome\User Data\Default\Extensions\namljbfbglehfnlonjmebceimaalofei [2019-02-27] CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\saenz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-12-05] CHR Extension: (Gmail) - C:\Users\saenz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29] CHR Extension: (Chrome Media Router) - C:\Users\saenz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-18] CHR Profile: C:\Users\saenz\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-12-24] CHR Extension: (Presentaciones) - C:\Users\saenz\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-05-23] CHR Extension: (Documentos) - C:\Users\saenz\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2019-05-23] CHR Extension: (Google Drive) - C:\Users\saenz\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-05-23] CHR Extension: (YouTube) - C:\Users\saenz\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-05-23] CHR Extension: (Hojas de cálculo) - C:\Users\saenz\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-05-23] CHR Extension: (Documentos de Google sin conexión) - C:\Users\saenz\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-05-23] CHR Extension: (AdBlock: el mejor bloqueador de anuncios) - C:\Users\saenz\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-12-18] CHR Extension: (LastPass: Free Password Manager) - C:\Users\saenz\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2019-12-21] CHR Extension: (Chrome Remote Desktop) - C:\Users\saenz\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2019-08-26] CHR Extension: (Bitdefender Anti-tracker) - C:\Users\saenz\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khndhdhbebhaddchcgnalcjlaekbbeof [2019-11-23] CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\saenz\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2019-07-24] CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\saenz\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-14] CHR Extension: (Gmail) - C:\Users\saenz\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-23] CHR Extension: (Chrome Media Router) - C:\Users\saenz\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-21] CHR Profile: C:\Users\saenz\AppData\Local\Google\Chrome\User Data\System Profile [2019-05-23] CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2019-04-19] CHR HKU\S-1-5-21-3305917012-4270169547-4029195171-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] CHR HKU\S-1-5-21-3305917012-4270169547-4029195171-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-12242019165851383\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl] CHR HKLM-x32\...\Chrome\Extension: [khndhdhbebhaddchcgnalcjlaekbbeof] CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2019-04-19] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [816184 2019-07-05] (Adobe Inc. -> Adobe Inc.) R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-03-08] (Apple Inc. -> Apple Inc.) S3 ArcService; C:\Program Files (x86)\Arc\ArcService.exe [123000 2019-04-16] (Perfect World Entertainment Inc. -> Perfect World Entertainment Inc) S3 Astute Graphics Deployment Service; C:\Program Files (x86)\AstuteGraphics\AstuteManager\AGDeployment2.exe [2620320 2019-06-11] (Astute Graphics Limited -> ) R2 BDAuxSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [803576 2019-12-18] (Bitdefender SRL -> Bitdefender) R2 BDProtSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [803576 2019-12-18] (Bitdefender SRL -> Bitdefender) R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2195320 2018-03-22] (Bitdefender SRL -> Bitdefender) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8473200 2019-05-03] (BattlEye Innovations e.K. -> ) S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-05-17] (Brave Software, Inc. -> BraveSoftware Inc.) S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-05-17] (Brave Software, Inc. -> BraveSoftware Inc.) R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\79.0.3945.10\remoting_host.exe [74392 2019-10-24] (Google LLC -> Google Inc.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11345992 2019-11-28] (Microsoft Corporation -> Microsoft Corporation) R2 DevMgmtService; C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe [119368 2019-11-14] (Bitdefender SRL -> Bitdefender) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2019-10-01] (EasyAntiCheat Oy -> EasyAntiCheat Ltd) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [775904 2018-09-14] (Intel(R) Trust Services -> Intel(R) Corporation) S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [705760 2018-09-14] (Intel(R) Trust Services -> Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [218176 2018-11-16] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [206472 2018-10-05] (Logitech Inc -> Logitech Inc.) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6960640 2019-12-23] (Malwarebytes Inc -> Malwarebytes) R2 nlsvc; C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe [310272 2019-01-11] (Locktime Software s.r.o. -> Locktime Software) R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation) R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1291888 2019-07-15] (Bitdefender SRL -> Bitdefender) R2 RtkAudioUniversalService; C:\WINDOWS\System32\RtkAudUService64.exe [850512 2018-12-05] (Realtek Semiconductor Corp. -> Realtek Semiconductor) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5796168 2019-11-21] (Microsoft Windows Publisher -> Microsoft Corporation) R2 SlickVPNSrvc; C:\Program Files (x86)\SlickVPN\resources\bin\win32\slickvpnsrvc\slickvpnsrvc.exe [845252 2018-01-17] (SlickVPN) [File not signed] R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [151656 2019-12-18] (Bitdefender SRL -> Bitdefender) R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [803576 2019-12-18] (Bitdefender SRL -> Bitdefender) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [2236360 2019-05-10] (Wacom Technology Corporation -> Wacom Technology, Corp.) R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [1693368 2019-11-18] (Bitdefender SRL -> Bitdefender S.R.L. Bucharest, ROMANIA) R2 BdDci; C:\WINDOWS\System32\DRIVERS\bddci.sys [739264 2019-11-18] (Bitdefender SRL -> Bitdefender) S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [22960 2019-04-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender) R0 bdprivmon; C:\WINDOWS\System32\DRIVERS\bdprivmon.sys [46056 2019-09-02] (Bitdefender SRL -> © Bitdefender SRL) R1 BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [96448 2018-04-27] (Bitdefender SRL -> BitDefender) R3 e1dexpress; C:\WINDOWS\System32\DriverStore\FileRepository\e1d68x64.inf_amd64_691712a04a41c1cd\e1d68x64.sys [568960 2018-11-21] (Intel(R) INTELND1820 -> Intel Corporation) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2019-12-23] (Malwarebytes Corporation -> Malwarebytes) R0 Gemma; C:\WINDOWS\System32\DRIVERS\gemma.sys [564112 2019-11-18] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA) R0 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [188384 2019-05-31] (Bitdefender SRL -> BitDefender LLC) R2 Ignis; C:\WINDOWS\system32\DRIVERS\ignis.sys [196392 2019-09-02] (Bitdefender SRL -> Bitdefender) S3 ladfGSS; C:\WINDOWS\system32\drivers\ladfGSS.sys [45168 2018-10-05] (Logitech Inc -> Logitech Inc.) R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech -> Logitech) R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2018-10-05] (Logitech Inc -> Logitech Inc.) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [216544 2019-12-23] (Malwarebytes Inc -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-12-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [224408 2019-12-24] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73584 2019-12-24] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [278344 2019-12-24] (Malwarebytes Inc -> Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [116832 2019-12-24] (Malwarebytes Corporation -> Malwarebytes) R0 nldrv; C:\WINDOWS\System32\drivers\nldrv.sys [174336 2019-01-11] (Locktime Software s.r.o. -> Locktime Software) S3 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [78648 2019-08-30] (Insecure.Com LLC -> Insecure.Com LLC.) R2 npf; C:\Windows\system32\drivers\npf.sys [36600 2018-07-27] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.) R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_ff72214788d99390\nvlddmkm.sys [22366088 2019-08-26] (NVIDIA Corporation -> NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-07-23] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-08-24] (NVIDIA Corporation -> NVIDIA Corporation) U5 PROCMON24; C:\Windows\System32\Drivers\PROCMON24.sys [90168 2019-12-24] (Microsoft Windows Hardware Compatibility Publisher -> Sysinternals - www.sysinternals.com) S3 tap-pia-0901; C:\WINDOWS\System32\drivers\tap-pia-0901.sys [38736 2018-08-27] (WDKTestCert kim,131775960494491927 -> The OpenVPN Project) R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2018-01-17] (OpenVPN Technologies, Inc. -> The OpenVPN Project) R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [610640 2019-01-14] (Bitdefender SRL -> Bitdefender) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45664 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [355760 2019-12-07] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-07] (Microsoft Windows -> Microsoft Corporation) R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [310536 2019-04-24] (Beijing Duodian Online Science and Technology Co.,Ltd -> BigNox Corporation) S3 WinRing0_1_2_0; \??\C:\Users\saenz\AppData\Local\Temp\tmp53A7.tmp [X] <==== ATTENTION ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) =================== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-12-24 20:42 - 2019-12-24 20:43 - 000024877 _____ C:\Users\saenz\Desktop\FRST.txt 2019-12-24 19:34 - 2019-12-24 16:32 - 002271744 _____ (Farbar) C:\Users\saenz\Desktop\FRST64.exe 2019-12-24 19:34 - 2019-12-23 21:14 - 008237744 _____ (Malwarebytes) C:\Users\saenz\Desktop\AdwCleaner.exe 2019-12-24 19:30 - 2019-12-24 19:30 - 000224408 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2019-12-24 19:30 - 2019-12-24 19:30 - 000073584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2019-12-24 19:29 - 2019-12-24 19:35 - 000000000 ____D C:\Users\saenz\Desktop\Reportes Escaneos 2019-12-24 19:28 - 2019-12-24 19:28 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\saenz\Desktop\iExplore.exe 2019-12-24 17:41 - 2019-12-24 17:48 - 000001870 __RSH C:\ProgramData\ntuser.pol 2019-12-24 16:58 - 2019-12-24 16:58 - 000278344 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2019-12-24 16:58 - 2019-12-24 16:58 - 000116832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2019-12-24 16:10 - 2019-12-24 16:10 - 000000000 ____D C:\Users\saenz\Documents\Nueva carpeta (2) 2019-12-24 10:41 - 2019-12-24 10:42 - 049979392 _____ C:\atcperf.etl 2019-12-24 10:41 - 2019-12-24 10:42 - 018563072 _____ C:\atcuf.etl 2019-12-24 10:41 - 2019-12-24 10:42 - 002613248 _____ C:\atc.etl 2019-12-24 10:41 - 2019-12-24 10:42 - 000081920 _____ C:\atccore.etl 2019-12-24 10:41 - 2019-12-24 10:42 - 000073728 _____ C:\gemmacore.etl 2019-12-24 10:41 - 2019-12-24 10:42 - 000073728 _____ C:\gemma.etl 2019-12-24 10:41 - 2019-12-24 10:42 - 000073728 _____ C:\atccoreperf.etl 2019-12-24 10:41 - 2019-12-24 10:42 - 000008192 _____ C:\gemmauf.etl 2019-12-24 10:41 - 2019-12-24 10:42 - 000008192 _____ C:\atcufperf.etl 2019-12-23 21:37 - 2019-12-24 16:32 - 000090168 ____H (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCMON24.SYS 2019-12-23 21:34 - 2019-12-24 19:28 - 000000000 ____D C:\Users\saenz\Desktop\rkill 2019-12-23 21:11 - 2019-12-24 20:43 - 000000000 ____D C:\FRST 2019-12-23 20:53 - 2019-12-24 16:17 - 000000000 ____D C:\WINDOWS\Minidump 2019-12-23 20:53 - 2019-12-24 10:37 - 1476637998 _____ C:\WINDOWS\MEMORY.DMP 2019-12-23 20:48 - 2019-12-23 20:48 - 000216544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2019-12-23 20:48 - 2019-12-23 20:48 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2019-12-23 20:48 - 2019-12-23 20:48 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2019-12-23 20:48 - 2019-12-23 20:48 - 000000000 ____D C:\Users\saenz\AppData\Local\mbamtray 2019-12-23 20:48 - 2019-12-23 20:48 - 000000000 ____D C:\Users\saenz\AppData\Local\mbam 2019-12-23 20:48 - 2019-12-23 20:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2019-12-23 20:48 - 2019-12-23 20:48 - 000000000 ____D C:\ProgramData\Malwarebytes 2019-12-23 20:48 - 2019-12-23 20:47 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2019-12-23 20:46 - 2019-12-23 20:46 - 000000000 ____D C:\Program Files\Malwarebytes 2019-12-23 20:46 - 2019-12-23 20:46 - 000000000 ____D C:\AdwCleaner 2019-12-23 20:12 - 2019-12-21 06:14 - 000001873 _____ C:\Users\saenz\AppData\Google.js 2019-12-06 20:41 - 2019-12-23 20:37 - 000007596 _____ C:\Users\saenz\AppData\Local\Resmon.ResmonCfg 2019-12-04 19:49 - 2019-12-04 19:49 - 000072846 _____ C:\ProgramData\dm.update.1575514134.bdinstall.bin 2019-12-04 19:49 - 2019-12-04 19:49 - 000036403 _____ C:\ProgramData\dm.uninstall.1575514147.bdinstall.bin 2019-12-02 19:21 - 2019-12-04 21:00 - 000012764 _____ C:\Users\saenz\Documents\gastos.xlsx 2019-12-02 19:20 - 2019-12-02 19:20 - 000009430 _____ C:\Users\saenz\Documents\Libro1.xlsx 2019-12-02 15:29 - 2019-12-02 15:29 - 000065488 _____ (Adobe Systems Inc) C:\WINDOWS\system32\AdobePDF.dll 2019-12-02 15:29 - 2019-12-02 15:29 - 000036304 _____ (Adobe Systems Inc.) C:\WINDOWS\system32\AdobePDFUI.dll 2019-11-30 12:52 - 2019-12-23 20:53 - 000000000 ____D C:\Program Files\Mozilla Firefox ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-12-24 20:42 - 2019-11-21 02:02 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2019-12-24 20:42 - 2019-03-18 21:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2019-12-24 20:07 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\system32\FxsTmp 2019-12-24 19:51 - 2019-06-04 11:43 - 000000000 ____D C:\Users\Public\Logi 2019-12-24 18:03 - 2019-03-18 21:37 - 000065536 _____ C:\WINDOWS\system32\config\ELAM 2019-12-24 17:43 - 2019-03-20 12:54 - 000000000 ____D C:\WINDOWS\system32\MRT 2019-12-24 17:41 - 2019-03-20 12:54 - 128443096 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2019-12-24 17:41 - 2019-03-18 21:37 - 000000000 ____D C:\WINDOWS\servicing 2019-12-24 17:41 - 2019-03-18 21:37 - 000000000 ____D C:\WINDOWS\CbsTemp 2019-12-24 17:39 - 2018-09-15 00:33 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy 2019-12-24 17:08 - 2019-11-21 02:13 - 001767630 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2019-12-24 17:08 - 2019-03-19 04:49 - 000783276 _____ C:\WINDOWS\system32\perfh00A.dat 2019-12-24 17:08 - 2019-03-19 04:49 - 000152746 _____ C:\WINDOWS\system32\perfc00A.dat 2019-12-24 17:08 - 2019-03-18 21:50 - 000000000 ____D C:\WINDOWS\INF 2019-12-24 17:00 - 2019-03-18 21:52 - 000000000 ____D C:\WINDOWS\AppReadiness 2019-12-24 17:00 - 2019-02-27 11:44 - 000000000 ____D C:\ProgramData\NVIDIA 2019-12-24 16:58 - 2019-11-21 02:10 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2019-12-24 16:58 - 2019-05-31 20:38 - 000000000 ____D C:\Users\saenz\AppData\Roaming\WTablet 2019-12-24 16:58 - 2019-03-18 21:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2019-12-24 16:58 - 2019-02-27 13:04 - 000000000 ____D C:\ProgramData\BDLogging 2019-12-24 16:17 - 2019-03-18 21:52 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files 2019-12-24 16:17 - 2019-03-18 21:52 - 000000000 ___RD C:\WINDOWS\Offline Web Pages 2019-12-24 11:25 - 2019-07-10 18:57 - 000000000 ____D C:\Users\saenz\AppData\Local\Microsoft_Corporation 2019-12-24 10:51 - 2019-03-18 21:52 - 000000000 ___HD C:\Program Files\WindowsApps 2019-12-24 10:46 - 2019-10-03 10:23 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData 2019-12-24 10:42 - 2019-02-27 13:04 - 000000000 ____D C:\ProgramData\Bitdefender 2019-12-24 10:41 - 2019-02-27 12:45 - 000000000 ____D C:\Program Files\Bitdefender Agent 2019-12-24 10:37 - 2019-11-21 02:05 - 000000000 ____D C:\Users\saenz 2019-12-23 20:57 - 2019-06-05 22:59 - 000000000 ____D C:\Program Files\Cheat Engine 6.8.3 2019-12-23 20:53 - 2019-11-21 02:02 - 000455568 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2019-12-23 20:53 - 2019-07-01 22:33 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2019-12-23 20:48 - 2019-07-15 22:11 - 000000000 ____D C:\Users\saenz\AppData\Local\cache 2019-12-23 20:48 - 2019-03-18 21:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2019-12-23 20:18 - 2019-07-01 22:33 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2019-12-23 20:18 - 2019-04-20 23:14 - 000000000 ____D C:\Users\saenz\AppData\LocalLow\Mozilla 2019-12-23 20:01 - 2019-07-19 21:36 - 000000000 ____D C:\Users\saenz\AppData\Local\Warframe 2019-12-23 19:50 - 2019-10-09 13:43 - 000000762 _____ C:\Warframe.ini 2019-12-23 19:33 - 2019-04-19 18:08 - 000000000 ____D C:\Users\saenz\AppData\Local\CrashDumps 2019-12-23 15:47 - 2019-06-17 16:55 - 000000000 ____D C:\Users\saenz\AppData\Roaming\Telegram Desktop 2019-12-22 21:35 - 2019-04-18 17:13 - 000000000 ____D C:\Users\saenz\AppData\Roaming\Discord 2019-12-22 14:31 - 2019-04-17 21:22 - 000000000 ____D C:\Users\saenz\AppData\Roaming\vlc 2019-12-21 19:10 - 2019-08-08 15:21 - 000002499 _____ C:\Users\saenz\Desktop\Authy Desktop.lnk 2019-12-21 19:10 - 2019-08-08 15:21 - 000000000 ____D C:\Users\saenz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Twilio Inc 2019-12-21 19:10 - 2019-08-08 15:21 - 000000000 ____D C:\Users\saenz\AppData\Roaming\Authy Desktop 2019-12-21 19:10 - 2019-08-08 15:21 - 000000000 ____D C:\Users\saenz\AppData\Local\authy-electron 2019-12-21 19:09 - 2019-04-18 17:13 - 000000000 ____D C:\Users\saenz\AppData\Local\SquirrelTemp 2019-12-21 08:38 - 2019-08-14 19:00 - 000002504 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave Nightly.lnk 2019-12-21 08:38 - 2019-08-14 19:00 - 000002463 _____ C:\Users\Public\Desktop\Brave Nightly.lnk 2019-12-21 05:10 - 2019-11-21 02:10 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2019-12-21 05:10 - 2019-04-18 10:57 - 000002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk 2019-12-19 20:49 - 2019-06-27 22:19 - 000000000 ____D C:\Users\saenz\AppData\Roaming\qBittorrent 2019-12-19 15:38 - 2019-05-17 18:33 - 000002416 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk 2019-12-19 15:38 - 2019-05-17 18:33 - 000002375 _____ C:\Users\Public\Desktop\Brave.lnk 2019-12-18 18:52 - 2019-06-07 21:50 - 000000000 ____D C:\Users\saenz\AppData\Roaming\Twitch 2019-12-17 17:53 - 2019-02-27 11:27 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2019-12-17 17:53 - 2019-02-27 11:27 - 000002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2019-12-17 11:20 - 2019-07-25 17:27 - 000000000 ____D C:\Users\saenz\AppData\Roaming\SlickVPN 2019-12-14 20:26 - 2019-02-27 11:57 - 000000000 ____D C:\Program Files\Microsoft Office 2019-12-13 12:29 - 2019-11-21 02:10 - 000003558 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2019-12-13 12:29 - 2019-11-21 02:10 - 000003434 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2019-12-12 11:14 - 2019-02-27 12:19 - 000000877 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk 2019-12-12 11:14 - 2019-02-27 12:19 - 000000000 ____D C:\Users\saenz\AppData\Roaming\Notepad++ 2019-12-12 00:00 - 2019-04-18 10:57 - 000002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk 2019-12-07 18:25 - 2019-02-27 10:09 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2019-12-05 23:39 - 2019-03-18 21:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2019-12-04 19:49 - 2019-02-27 13:04 - 000000000 ____D C:\Program Files\Bitdefender 2019-12-03 09:56 - 2019-11-20 22:47 - 000000000 ___DC C:\WINDOWS\Panther 2019-12-02 19:20 - 2019-02-27 11:24 - 000000000 ____D C:\Users\saenz\AppData\Local\PlaceholderTileLogoFolder 2019-12-02 18:53 - 2019-02-27 12:02 - 000000000 ____D C:\Users\saenz\AppData\Local\D3DSCache 2019-11-30 11:50 - 2019-09-08 21:31 - 000000000 ____D C:\Users\saenz\AppData\Local\JDownloader 2.0 2019-11-25 03:11 - 2019-11-21 02:10 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3305917012-4270169547-4029195171-1001 2019-11-25 03:11 - 2019-11-21 02:05 - 000002367 _____ C:\Users\saenz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2019-11-25 03:11 - 2019-02-27 11:24 - 000000000 ___RD C:\Users\saenz\OneDrive ==================== Files in the root of some directories ======== 2019-06-28 17:49 - 2019-06-28 17:49 - 000000016 ____H () C:\Program Files (x86)\Common Files\cld2-astg 2019-06-28 17:50 - 2019-06-28 17:50 - 000000016 ____H () C:\Program Files (x86)\Common Files\dys2-astg 2019-06-28 17:50 - 2019-06-28 17:50 - 000000020 ____H () C:\Program Files (x86)\Common Files\inq1-astg 2019-06-28 17:50 - 2019-06-28 17:50 - 000000016 ____H () C:\Program Files (x86)\Common Files\ins1-astg 2019-06-28 17:50 - 2019-06-28 17:50 - 000000016 ____H () C:\Program Files (x86)\Common Files\mir1-astg 2019-06-28 17:51 - 2019-06-28 17:51 - 000000016 ____H () C:\Program Files (x86)\Common Files\pcs4-astg 2019-06-28 17:51 - 2019-06-28 17:51 - 000000016 ____H () C:\Program Files (x86)\Common Files\rst1-astg 2019-06-28 17:51 - 2019-06-28 17:51 - 000000016 ____H () C:\Program Files (x86)\Common Files\spl1-astg 2019-06-28 17:51 - 2019-06-28 17:51 - 000000016 ____H () C:\Program Files (x86)\Common Files\ssd2-astg 2019-06-28 17:51 - 2019-06-28 17:51 - 000000016 ____H () C:\Program Files (x86)\Common Files\sty1-astg 2019-06-28 17:57 - 2019-06-28 17:57 - 000000016 ____H () C:\Program Files (x86)\Common Files\txt1-astg 2019-06-28 17:57 - 2019-06-28 17:57 - 000000016 ____H () C:\Program Files (x86)\Common Files\vfa2-astg 2019-06-28 17:57 - 2019-06-28 17:57 - 000000016 ____H () C:\Program Files (x86)\Common Files\vs3-astg 2019-06-28 17:57 - 2019-06-28 17:57 - 000000016 ____H () C:\Program Files (x86)\Common Files\ws2-astg 2019-07-12 13:18 - 2019-07-12 13:57 - 000001456 _____ () C:\Users\saenz\AppData\Local\Adobe Save for Web 13.0 Prefs 2019-02-27 13:07 - 2019-02-27 13:07 - 000000410 _____ () C:\Users\saenz\AppData\Local\oobelibMkey.log 2019-06-27 21:57 - 2019-08-08 18:23 - 000000600 _____ () C:\Users\saenz\AppData\Local\PUTTY.RND 2019-12-06 20:41 - 2019-12-23 20:37 - 000007596 _____ () C:\Users\saenz\AppData\Local\Resmon.ResmonCfg 2019-04-19 17:00 - 2019-04-19 17:00 - 000000003 _____ () C:\Users\saenz\AppData\Local\updater.log 2019-04-30 22:51 - 2019-09-05 12:38 - 000000071 _____ () C:\Users\saenz\AppData\Local\update_progress.txt 2019-04-19 17:00 - 2019-04-19 17:00 - 000000425 _____ () C:\Users\saenz\AppData\Local\UserProducts.xml ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ========================