Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-12-2019 Ran by palote (administrator) on PALOTE-PC (Packard Bell EasyNote TS11HR) (12-12-2019 00:27:59) Running from C:\Users\palote\Desktop Loaded Profiles: palote (Available Profiles: palote) Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Español (España, internacional) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Adobe Systems, Incorporated -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\acrotray.exe (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\86.4.146\QtWebEngineProcess.exe (Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\86.4.146\QtWebEngineProcess.exe (Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\86.4.146\QtWebEngineProcess.exe (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe (Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 7500 E910\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe (Intel(R) Driver & Support Assistant -> Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSATray.exe (Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe (Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel® Corporation) [File not signed] C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe (Macrovision Europe Ltd.) [File not signed] C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe (Nero AG -> Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Red Bend Ltd.) [File not signed] C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe (Renesas Electronics Corporation -> Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (Sony Mobile Communications AB -> Sony) C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe (Sony) [File not signed] C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Wondershare software CO., LIMITED -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.3.1.1\WsAppService.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [IntelWirelessWiMAX] => C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe [1605632 2010-11-14] (Intel® Corporation) [File not signed] HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2280232 2010-07-29] (Synaptics Incorporated -> Synaptics Incorporated) HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation -> Microsoft Corporation) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-05-07] (Apple Inc. -> Apple Inc.) HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1691136 2012-05-31] (Wondershare) [File not signed] HKLM-x32\...\Run: [DSATray] => C:\Program Files (x86)\Intel Driver and Support Assistant\DsaTray.exe [131360 2018-01-17] (Intel(R) Driver & Support Assistant -> Intel) HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2018-01-21] (Renesas Electronics Corporation -> Renesas Electronics Corporation) HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [6260544 2019-12-05] (Dropbox, Inc -> Dropbox, Inc.) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [620152 2006-10-22] (Adobe Systems, Incorporated -> Adobe Systems Inc.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [BrowserPlugInHelper] => C:\Program Files (x86)\Wondershare\Video Converter Ultimate\BrowserPlugInHelper.exe [410472 2012-11-16] (Wondershare Software Co., Ltd. -> Wondershare Software) HKLM-x32\...\Run: [CloneCDTray] => C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [57344 2009-01-29] (SlySoft, Inc.) [File not signed] HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645648 2019-10-05] (Oracle America, Inc. -> Oracle Corporation) HKU\S-1-5-21-3253742837-1388098199-733594754-1000\...\Run: [DriverMax] => [X] HKU\S-1-5-21-3253742837-1388098199-733594754-1000\...\Run: [DriverMax_RESTART] => [X] HKU\S-1-5-21-3253742837-1388098199-733594754-1000\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [36055952 2019-12-09] (Epic Games Inc. -> Epic Games, Inc.) HKU\S-1-5-21-3253742837-1388098199-733594754-1000\...\Run: [HP Officejet 7500 E910 (NET)] => C:\Program Files\HP\HP Officejet 7500 E910\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.) HKU\S-1-5-21-3253742837-1388098199-733594754-1000\...\Run: [XperiaCompanionAgent] => C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe [1687392 2019-09-05] (Sony Mobile Communications AB -> Sony) HKU\S-1-5-21-3253742837-1388098199-733594754-1000\...\Policies\Explorer: [] HKU\S-1-5-21-3253742837-1388098199-733594754-1000\...\MountPoints2: {0ca4efe8-61c8-11e9-a6f6-b05bee847e5f} - F:\startme.exe HKU\S-1-5-21-3253742837-1388098199-733594754-1000\...\MountPoints2: {53025a57-0adb-11ea-af64-f077d438f75c} - F:\HiSuiteDownLoader.exe HKU\S-1-5-21-3253742837-1388098199-733594754-1000\...\MountPoints2: {5833cbe9-70d3-11e8-9a61-bccf7b3ad459} - G:\Setup.exe HKU\S-1-5-21-3253742837-1388098199-733594754-1000\...\MountPoints2: {5833cbea-70d3-11e8-9a61-bccf7b3ad459} - G:\Setup.exe HKU\S-1-5-21-3253742837-1388098199-733594754-1000\...\MountPoints2: {5833ccf9-70d3-11e8-9a61-bccf7b3ad459} - G:\shelexec.exe \index.htm HKU\S-1-5-21-3253742837-1388098199-733594754-1000\...\MountPoints2: {6d41e6f2-cbfd-11e8-9c9b-8595b2bb2c25} - F:\HiSuiteDownLoader.exe HKU\S-1-5-21-3253742837-1388098199-733594754-1000\...\MountPoints2: {7934f69b-70ac-11e8-ba8f-bf4241aaae51} - G:\Setup.exe HKU\S-1-5-21-3253742837-1388098199-733594754-1000\...\MountPoints2: {7a3cbb87-fb1b-11e9-96ed-968570daf421} - F:\HiSuiteDownLoader.exe HKU\S-1-5-21-3253742837-1388098199-733594754-1000\...\MountPoints2: {f27181e7-be31-11e8-a5ce-8c630a438d5f} - G:\startme.exe HKU\S-1-5-18\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [17074688 2018-03-06] (Piriform Ltd -> Piriform Ltd) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.108\Installer\chrmstp.exe [2019-11-24] (Google LLC -> Google LLC) HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2018-01-23] ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) [File not signed] Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk [2018-02-20] ShortcutTarget: Adobe Reader Synchronizer.lnk -> C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe (Adobe Systems, Incorporated -> ) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Inicio rápido de Adobe Acrobat.lnk [2018-02-20] ShortcutTarget: Inicio rápido de Adobe Acrobat.lnk -> C:\Windows\Installer\{AC76BA86-1040-7D00-7760-000000000003}\_SC_Acrobat.exe () [File not signed] ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {1683147B-9EC7-444E-95B3-6538802E8773} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [12762872 2018-03-06] (Piriform Ltd -> Piriform Ltd) Task: {1FD4FA0C-52A8-43A3-9AD4-132A06629B06} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-21] (Google Inc -> Google Inc.) Task: {21AB56F4-A2E1-449B-A1E1-3FB111E310FD} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1873288 2019-09-19] (AVAST Software s.r.o. -> AVAST Software) Task: {24827C41-D141-4AF0-898F-40A95242A17E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-21] (Google Inc -> Google Inc.) Task: {28D91282-58E8-450F-A64D-CEDCFB5A306D} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe Task: {313498E0-D1C5-46CF-9D4D-A91171CC84D4} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} Task: {469ADE91-9A19-4528-B874-23099FF2DBE9} - System32\Tasks\{004E9BDA-58C4-494E-81C4-6414580E37FB} => C:\Windows\system32\pcalua.exe -a E:\DRIVER\setup.exe -d E:\DRIVER Task: {47DE9BF8-1388-489A-B1A2-D9037F9A0E48} - System32\Tasks\NCH Software\ExpressZipDowngrade => C:\Program Files (x86)\NCH Software\ExpressZip\expresszip.exe Task: {4D0524F6-B561-422A-8DB2-9CA649A80546} - System32\Tasks\{F1414C1C-1E8D-498C-8B92-2D986588BF45} => C:\Windows\system32\pcalua.exe -a "F:\DISCO DURO PORTATIL OCT2017\DRIVERS Y PROGRAMAS2\winamp3_0-full.exe" -d "F:\DISCO DURO PORTATIL OCT2017\DRIVERS Y PROGRAMAS2" Task: {935EE8E5-B146-4FDE-922C-52DC3C1506F9} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs" Task: {9FDE5E3A-D542-47BC-90A6-E96CDD9BFDDE} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-01-30] (Dropbox, Inc -> Dropbox, Inc.) Task: {A3082D1E-6311-4D44-9461-F40047D1E873} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation) Task: {B31DF376-3123-449F-A8C0-4A429116E19C} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-04] (Piriform Software Ltd -> Piriform Software Ltd) Task: {B4C44C34-AA1D-4A57-87B0-8B73300BF4CF} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-01-30] (Dropbox, Inc -> Dropbox, Inc.) Task: {C69D7CEE-D549-42DE-8910-C231D1858135} - System32\Tasks\{3AEEEC24-24F1-40A8-90E0-F4EA3F088D42} => C:\Windows\system32\pcalua.exe -a "C:\Users\palote\Downloads\programas\reproductor windows media player win7\MPSetup.exe" -d "C:\Users\palote\Downloads\programas\reproductor windows media player win7" Task: {D44D2DA2-2381-4F91-AEE2-E60933E89683} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.) Task: {FA7995C5-6660-4BDD-A249-419DFCF69C16} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\AdwCleaner_onReboot.job => C:\Users\palote\Downloads\adwcleaner_8.0.0.exe Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.) Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.) Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.) Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.) Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.) Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{462BE81E-6AE6-419A-A914-810D3A642BE8}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{8A180360-E0F8-42FB-B6D0-1F034C58507A}: [DhcpNameServer] 192.168.42.129 Internet Explorer: ================== HKU\S-1-5-21-3253742837-1388098199-733594754-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.es/?gws_rd=ssl SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_231\bin\ssv.dll [2019-10-24] (Oracle America, Inc. -> Oracle Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_231\bin\jp2ssv.dll [2019-10-24] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Aplicación auxiliar de vínculos de Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO-x32: Wondershare Video Converter Ultimate -> {65DEE40A-3E93-4cae-9F98-B8E06DCEE2BF} -> C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRIEPlugin.dll [2012-11-16] (Wondershare Software Co., Ltd. -> Wondershare Software Co., Ltd.) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Aplicación auxiliar de inicio de sesión en la cuenta Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.) BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-22] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-22] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) FireFox: ======== FF HKLM-x32\...\Firefox\Extensions: [{8D150B8F-EFE8-45a3-A4A3-053020F48FAC}] - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRFirefoxExt FF Extension: (Wondershare Video Converter Ultimate) - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRFirefoxExt [2018-04-18] [Legacy] [not signed] FF Plugin: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2019-10-24] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2019-10-24] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC) FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) Chrome: ======= CHR DefaultProfile: Default CHR StartupUrls: Default -> "hxxp://www.elpais.com/" CHR Notifications: Default -> hxxps://claretsegovia.educamos.com CHR Profile: C:\Users\palote\AppData\Local\Google\Chrome\User Data\Default [2019-12-11] CHR Extension: (Presentaciones) - C:\Users\palote\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-21] CHR Extension: (Safe Torrent Scanner) - C:\Users\palote\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2019-08-05] CHR Extension: (Documentos) - C:\Users\palote\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-21] CHR Extension: (Google Drive) - C:\Users\palote\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-01-21] CHR Extension: (YouTube) - C:\Users\palote\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-01-21] CHR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\palote\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-10-22] CHR Extension: (Wondershare Video Converter Ultimate) - C:\Users\palote\AppData\Local\Google\Chrome\User Data\Default\Extensions\chgdeabpmphfhkoemjjglmilajldekbp [2018-04-18] CHR Extension: (MyJDownloader Browser Extension) - C:\Users\palote\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbcohnmimjicjdomonkcbcpbpnhggkip [2018-11-10] CHR Extension: (Hojas de cálculo) - C:\Users\palote\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-21] CHR Extension: (Documentos de Google sin conexión) - C:\Users\palote\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-27] CHR Extension: (AdBlock: el mejor bloqueador de anuncios) - C:\Users\palote\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-12-08] CHR Extension: (Download with JDownloader) - C:\Users\palote\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfpmbokkdeapjommajdfmmheiiakdlgo [2018-10-28] CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\palote\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04] CHR Extension: (Gmail) - C:\Users\palote\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30] CHR Extension: (Chrome Media Router) - C:\Users\palote\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-11-11] CHR Profile: C:\Users\palote\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-12-09] CHR Profile: C:\Users\palote\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-12-09] CHR Extension: (Presentaciones) - C:\Users\palote\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-11-21] CHR Extension: (Documentos) - C:\Users\palote\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2018-11-21] CHR Extension: (Google Drive) - C:\Users\palote\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-11-21] CHR Extension: (YouTube) - C:\Users\palote\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-11-21] CHR Extension: (Hojas de cálculo) - C:\Users\palote\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-11-21] CHR Extension: (Documentos de Google sin conexión) - C:\Users\palote\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-12-29] CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\palote\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-11-21] CHR Extension: (Gmail) - C:\Users\palote\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-11-21] CHR Extension: (Chrome Media Router) - C:\Users\palote\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-29] CHR Profile: C:\Users\palote\AppData\Local\Google\Chrome\User Data\System Profile [2019-12-09] CHR HKLM-x32\...\Chrome\Extension: [chgdeabpmphfhkoemjjglmilajldekbp] - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRChromePlugin.crx [2018-04-18] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-04-29] (Apple Inc. -> Apple Inc.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6875688 2018-07-06] (BattlEye Innovations e.K. -> ) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-01-30] (Dropbox, Inc -> Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-01-30] (Dropbox, Inc -> Dropbox, Inc.) R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51024 2019-12-05] (Dropbox, Inc -> Dropbox, Inc.) R2 DMAgent; C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [499200 2010-11-07] (Red Bend Ltd.) [File not signed] S2 DSAService; C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe [22304 2018-01-17] (Intel(R) Driver & Support Assistant -> Intel) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [780928 2018-07-06] (EasyAntiCheat Oy -> EasyAntiCheat Ltd) R2 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [888080 2018-03-07] (Intel(R) Software Development Products -> ) R3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2018-02-20] (Macrovision Europe Ltd.) [File not signed] S3 Intel(R) SUR QC SAM; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation) S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6960640 2019-12-10] (Malwarebytes Inc -> Malwarebytes) R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation) S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation -> Microsoft Corporation) S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155320 2012-01-18] (Sony Ericsson Mobile Communication -> Avanquest Software) [File not signed] R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe [183568 2018-03-07] (Intel(R) Software Development Products -> ) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11644656 2018-09-10] (TeamViewer GmbH -> TeamViewer GmbH) S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [888080 2018-03-07] (Intel(R) Software Development Products -> ) R2 WiMAXAppSrv; C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [869376 2010-11-07] (Intel(R) Corporation) [File not signed] S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation) R2 WirelessKB850NotificationService; C:\Windows\system32\WirelessKB850NotificationService.exe [174256 2018-05-14] (Microsoft Corporation -> Microsoft Corporation) R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292480 2012-07-17] (Microsoft Corporation -> Microsoft Corp.) R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.3.1.1\WsAppService.exe [437392 2016-10-10] (Wondershare software CO., LIMITED -> Wondershare) R2 XperiaCompanionService; C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe [2548224 2019-09-05] (Sony) [File not signed] ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 BazisPortableCDBus; C:\Windows\System32\drivers\BazisPortableCDBus.sys [268896 2018-06-15] (Avtonomniy Energoservis, ZAO -> SysProgs.org) S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131712 2017-01-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft Inc. -> SlySoft, Inc.) R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft Inc. -> SlySoft, Inc.) S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [32384 2018-03-14] (Sony Mobile Communications AB -> Sony Mobile Communications) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation -> Microsoft Corporation) S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation -> Microsoft Corporation) R3 nusb3hub; C:\Windows\System32\DRIVERS\nusb3hub.sys [80384 2018-01-21] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation) R3 nusb3xhc; C:\Windows\System32\DRIVERS\nusb3xhc.sys [180736 2018-01-21] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation) R3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [43008 2018-03-07] (Intel Corporation -> ) S4 sptd; C:\Windows\System32\Drivers\sptd.sys [871408 2018-04-28] (Duplex Secure Ltd -> Duplex Secure Ltd.) S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [165504 2017-01-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S3 U6000ALL; C:\Windows\System32\DRIVERS\U6000ALL.sys [276480 2008-11-24] (Microsoft Windows Hardware Compatibility Publisher -> ) S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2018-05-04] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.) R3 WirelessKeyboardFilter; C:\Windows\System32\DRIVERS\WirelessKeyboardFilter.sys [49896 2016-07-22] (Microsoft Corporation -> Microsoft Corporation) U3 aswbdisk; no ImagePath S3 k57nd60a; system32\DRIVERS\k57nd60a.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) =================== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-12-12 00:27 - 2019-12-12 00:29 - 000032475 _____ C:\Users\palote\Desktop\FRST.txt 2019-12-12 00:27 - 2019-12-12 00:29 - 000000000 ____D C:\FRST 2019-12-11 23:51 - 2019-12-11 23:51 - 002263552 _____ (Farbar) C:\Users\palote\Desktop\FRST64.exe 2019-12-11 19:47 - 2019-12-11 19:47 - 000001630 _____ C:\Users\palote\Desktop\eset online.txt 2019-12-11 17:28 - 2019-12-11 17:28 - 000002309 _____ C:\Users\palote\Desktop\AdwCleaner[S09].txt 2019-12-10 15:44 - 2019-12-10 15:44 - 000000867 _____ C:\Users\palote\Desktop\ESET Online Scanner.lnk 2019-12-10 00:11 - 2019-12-10 00:11 - 000001908 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2019-12-10 00:11 - 2019-12-10 00:11 - 000001908 _____ C:\ProgramData\Desktop\Malwarebytes.lnk 2019-12-10 00:11 - 2019-12-10 00:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2019-12-10 00:10 - 2019-12-11 23:51 - 000306482 _____ C:\Windows\ntbtlog.txt 2019-12-10 00:10 - 2019-12-10 00:10 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys 2019-12-09 23:57 - 2019-12-09 23:57 - 000000000 ____D C:\Users\palote\AppData\Local\ElevatedDiagnostics 2019-12-09 23:11 - 2019-12-10 19:17 - 000000000 ____D C:\Users\palote\Downloads\adobe_photoshop_cc_2014_v_15 (1) 2019-12-09 23:11 - 2019-12-09 23:11 - 000014081 ____N C:\Users\palote\Downloads\Adobe.Photoshop.CC.2014.v15.2.rar.torrent 2019-12-09 23:11 - 2019-12-09 23:11 - 000000000 ____D C:\Users\palote\AppData\Roaming\2178518db49a54ff2ed70e8e6db8fdb8OLD 2019-12-09 23:11 - 2019-12-09 23:11 - 000000000 ____D C:\bcafb 2019-12-09 23:10 - 2019-12-09 23:10 - 000000829 _____ C:\Users\palote\Downloads\adobe_photoshop_cc_2014_v_15.zip 2019-12-09 23:10 - 2019-12-09 23:10 - 000000829 _____ C:\Users\palote\Downloads\adobe_photoshop_cc_2014_v_15 (1).zip 2019-12-09 19:56 - 2019-12-09 19:59 - 271106338 _____ C:\Users\palote\Downloads\CameraRaw_9_1_1.zip 2019-12-09 19:47 - 2019-12-09 19:47 - 000000040 ____H C:\C7F04CFB1071 2019-12-09 19:47 - 2019-12-09 19:47 - 000000000 ____D C:\Users\palote\AppData\LocalLow\Adobe 2019-12-09 19:46 - 2019-12-09 23:33 - 000000000 ____D C:\Program Files (x86)\Photoshop Cs6 2019-12-09 00:47 - 2019-12-09 00:47 - 000020781 _____ C:\Users\palote\Downloads\Zohan_Licencia_Para_Peinar_HDRip.torrent 2019-12-09 00:46 - 2019-12-09 00:46 - 000020303 _____ C:\Users\palote\Downloads\Este_Cuerpo_No_Es_El_Mio_BluRay720p.torrent 2019-12-09 00:43 - 2019-12-09 00:43 - 000019468 _____ C:\Users\palote\Downloads\Te_Presento_A_Sofia_HDRip.torrent 2019-12-09 00:41 - 2019-12-09 00:41 - 000015650 _____ C:\Users\palote\Downloads\It_Capitulo2_HDRip.torrent 2019-12-09 00:39 - 2019-12-09 00:39 - 000021373 _____ C:\Users\palote\Downloads\Venganza_Bajo_Cero_HDRip.torrent 2019-12-09 00:33 - 2019-12-09 00:33 - 000066716 _____ C:\Users\palote\Downloads\Un-Verano-En-Ibiza-2019.avi.torrent 2019-12-08 21:27 - 2019-12-08 21:28 - 008218800 _____ (Malwarebytes) C:\Users\palote\Downloads\adwcleaner_8.0.0.exe 2019-12-08 15:58 - 2019-12-08 15:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2019-12-05 17:52 - 2019-12-05 17:52 - 000188997 _____ C:\Users\palote\Desktop\Factura cristales Maria_ 1.pdf 2019-12-05 17:42 - 2019-12-05 17:44 - 000000000 ____D C:\Users\palote\Documents\Ortodoncia Maria 2019-12-05 02:23 - 2019-12-05 02:23 - 000051024 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe 2019-12-05 02:23 - 2019-12-05 02:23 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys 2019-12-05 02:23 - 2019-12-05 02:23 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys 2019-12-05 02:23 - 2019-12-05 02:23 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys 2019-12-02 22:15 - 2019-12-08 21:29 - 000000290 _____ C:\Windows\Tasks\AdwCleaner_onReboot.job 2019-11-29 23:49 - 2019-12-03 00:04 - 000000000 ____D C:\Users\palote\Documents\Maria Historial Colegio 2019-11-29 20:51 - 2019-11-29 20:51 - 000186027 _____ C:\Users\palote\Documents\facturas noviembre 2.pdf 2019-11-29 20:49 - 2019-11-29 20:49 - 000247805 _____ C:\Users\palote\Documents\facturas noviembre.pdf 2019-11-27 16:35 - 2019-11-27 16:35 - 000042496 ____H C:\Users\palote\Downloads\~WRL0005.tmp 2019-11-19 22:14 - 2019-11-19 22:14 - 000094526 _____ C:\Users\palote\Downloads\T30007964781-1019.pdf 2019-11-17 00:37 - 2019-11-17 00:37 - 000125573 _____ C:\Users\palote\Downloads\minube.pdf 2019-11-15 20:15 - 2019-11-15 20:15 - 000019766 _____ C:\Users\palote\Downloads\Al-agua-gambas.zip 2019-11-12 22:53 - 2019-11-12 22:53 - 000083557 _____ C:\Users\palote\Downloads\Necesito un móvil- Mi Amena.pdf ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-12-12 00:11 - 2018-04-20 20:57 - 000004128 _____ C:\Windows\system32\Tasks\CCleaner Update 2019-12-12 00:11 - 2009-07-14 05:45 - 000021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2019-12-12 00:11 - 2009-07-14 05:45 - 000021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2019-12-11 23:53 - 2018-02-01 23:51 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2019-12-11 23:53 - 2018-01-30 20:47 - 000000988 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job 2019-12-11 23:53 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2019-12-11 18:31 - 2019-04-24 19:47 - 000000000 ____D C:\Users\palote\Downloads\programas 2019-12-10 23:36 - 2019-09-01 11:33 - 000000000 ____D C:\Users\palote\AppData\Local\CrashDumps 2019-12-10 23:36 - 2018-01-30 20:47 - 000000992 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job 2019-12-10 00:12 - 2018-05-03 20:54 - 000000000 ____D C:\Users\palote\AppData\Local\cache 2019-12-10 00:10 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf 2019-12-09 23:59 - 2018-12-09 22:32 - 000000000 ____D C:\Users\palote\AppData\Roaming\PhotoScape 2019-12-09 23:59 - 2018-01-21 22:51 - 000000000 ____D C:\Users\palote\AppData\Roaming\uTorrent 2019-12-09 23:26 - 2019-03-26 18:56 - 000000000 ____D C:\Users\palote\AppData\Local\BitTorrentHelper 2019-12-09 23:25 - 2018-01-21 22:55 - 000000000 ____D C:\jdownloader 2019-12-09 23:11 - 2018-01-19 22:59 - 000000000 ____D C:\ProgramData\Intel 2019-12-09 23:11 - 2017-12-25 00:00 - 000000000 ____D C:\Users\palote\AppData\Roaming\2178518db49a54ff2ed70e8e6db8fdb8 2019-12-09 22:37 - 2018-01-21 18:03 - 000000000 ____D C:\Users\palote\AppData\Roaming\vlc 2019-12-09 21:40 - 2011-04-12 10:10 - 000747646 _____ C:\Windows\system32\perfh00A.dat 2019-12-09 21:40 - 2011-04-12 10:10 - 000159086 _____ C:\Windows\system32\perfc00A.dat 2019-12-09 21:40 - 2009-07-14 06:13 - 001676890 _____ C:\Windows\system32\PerfStringBackup.INI 2019-12-09 20:01 - 2018-03-11 21:45 - 000000000 ____D C:\Program Files\Common Files\Adobe 2019-12-09 12:18 - 2018-12-07 17:33 - 000000000 ____D C:\Users\palote\Documents\Camtasia Studio 2019-12-08 15:58 - 2018-01-30 20:47 - 000000000 ____D C:\Program Files (x86)\Dropbox 2019-12-02 23:22 - 2018-01-30 20:55 - 000000000 ___RD C:\Users\palote\Dropbox 2019-12-02 19:42 - 2018-01-21 13:43 - 000000000 ____D C:\Program Files (x86)\Intel Driver and Support Assistant 2019-11-30 20:47 - 2019-04-24 19:42 - 000000000 ____D C:\Users\palote\Downloads\ebooks 2019-11-24 15:55 - 2019-08-30 23:33 - 000002222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2019-11-16 21:05 - 2019-09-05 14:11 - 000000194 _____ C:\Users\palote\AppData\Roaming\default.rss 2019-11-12 22:03 - 2010-11-21 04:27 - 000748816 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe ==================== Files in the root of some directories ======== 2019-09-05 14:11 - 2019-11-16 21:05 - 000000194 _____ () C:\Users\palote\AppData\Roaming\default.rss 2018-09-23 11:49 - 2019-09-01 10:49 - 000009216 _____ () C:\Users\palote\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2018-12-16 11:49 - 2018-12-16 11:49 - 000000218 _____ () C:\Users\palote\AppData\Local\recently-used.xbel 2018-11-19 20:27 - 2018-11-19 20:27 - 000000017 _____ () C:\Users\palote\AppData\Local\resmon.resmoncfg ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) LastRegBack: 2019-12-09 15:00 ==================== End of FRST.txt ========================