Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-06-2019 Ran by chefcito (administrator) on CHEFCITO-PC (Dell Inc. Inspiron 5559) (19-06-2019 06:15:52) Running from C:\Users\chefcito\Downloads Loaded Profiles: chefcito & anett (Available Profiles: chefcito & anett) Platform: Windows 10 Home Single Language Version 1803 17134.829 (X64) Language: Español (España, internacional) Default browser: FF Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (AnchorFree Inc -> AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe (AnchorFree Inc -> AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\hsscp.exe (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12095.7.41059.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (CyberLink Corp. -> ) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe (CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLMLSvc_P2G8.exe (Dell Inc -> ) C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe (Dell Inc -> Dell Inc.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe (Dell Inc -> Dell) C:\Program Files\Dell\Dell Product Registration\PRSvc.exe (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\igfxCUIService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\IntelCpHDCPSvc.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\IntelCpHeciSvc.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CastSrv.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe (Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe (Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe (Wondershare software CO., LIMITED -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.3.1.204\WsAppService.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9226752 2017-05-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_MAXX6] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1485312 2017-05-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [5786576 2015-06-24] (Compal electronic ,inc -> Dell Inc.) HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1485312 2017-05-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [723928 2017-01-26] (Waves Inc -> Waves Audio Ltd.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322120 2016-04-28] (Intel(R) Rapid Storage Technology -> Intel Corporation) HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Windows -> Microsoft Corporation) HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-21-3116818766-2193367744-924395030-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-06-26] (Apple Inc. -> Apple Inc.) HKU\S-1-5-21-3116818766-2193367744-924395030-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18594760 2018-09-19] (Piriform Ltd -> Piriform Ltd) HKU\S-1-5-21-3116818766-2193367744-924395030-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2018-06-26] (Apple Inc. -> Apple Inc.) HKU\S-1-5-21-3116818766-2193367744-924395030-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-27] (Disc Soft Ltd -> Disc Soft Ltd) HKU\S-1-5-21-3116818766-2193367744-924395030-1001\...\Run: [Spotify] => C:\Users\chefcito\AppData\Roaming\Spotify\Spotify.exe [25386912 2019-06-16] (Spotify AB -> Spotify Ltd) HKU\S-1-5-21-3116818766-2193367744-924395030-1003\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\anett\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" HKU\S-1-5-21-3116818766-2193367744-924395030-1003\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\anett\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" HKU\S-1-5-21-3116818766-2193367744-924395030-1003\...\RunOnce: [Uninstall 19.070.0410.0005\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\anett\AppData\Local\Microsoft\OneDrive\19.070.0410.0005\amd64" HKU\S-1-5-21-3116818766-2193367744-924395030-1003\...\RunOnce: [Uninstall 19.070.0410.0005] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\anett\AppData\Local\Microsoft\OneDrive\19.070.0410.0005" HKU\S-1-5-21-3116818766-2193367744-924395030-1003\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE [1422168 2010-01-21] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-3116818766-2193367744-924395030-1003\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1723888 2019-05-20] (Google LLC -> Google Inc.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.169\Installer\chrmstp.exe [2019-05-22] (Google LLC -> Google Inc.) Startup: C:\Users\chefcito\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2018-09-30] ShortcutTarget: MEGAsync.lnk -> C:\Users\chefcito\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0DC11472-AAF4-4909-A1FC-C76C5415EB9C} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [816960 2017-10-11] (Intel(R) Trust Services -> Intel(R) Corporation) Task: {29A8BF60-D7E5-4EDD-9D2D-EC48C1BA0EFF} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLMLSvc_P2G8.exe [110008 2015-08-18] (CyberLink Corp. -> CyberLink) Task: {45C5CA0B-4FE3-4151-875F-AE32A9F5DFEC} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-3116818766-2193367744-924395030-1001 => C:\Users\chefcito\AppData\Local\MEGAsync\MEGAupdater.exe [760696 2018-01-15] (Mega Limited -> Mega Limited) Task: {497B3EBA-C201-4776-A8C0-3C51C3B796BD} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [436696 2016-03-24] (Dell Inc. -> PC-Doctor, Inc.) Task: {4BC0A23A-3F37-4E8E-A96D-160DA3267799} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [1215960 2016-03-24] (Dell Inc. -> PC-Doctor, Inc.) Task: {52393273-9B75-4E26-AFCF-6ED7CA4282C7} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_207_Plugin.exe [1457208 2019-06-11] (Adobe Inc. -> Adobe) Task: {594CA461-8B75-47B3-8D8E-B2E6D6378CB9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MpCmdRun.exe [469960 2019-06-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {7A2DC757-A1C4-4BE1-BB59-46AD7BAE94A2} - System32\Tasks\{7E185169-EEBA-4B1F-B0C0-9F5EBDE0DCD3} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\Wondershare\New TunesGo\unins000.exe" -c /WAF Task: {7A5EA2B0-53F0-4AEB-9E1A-29AA9EBE41B9} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-04] (Piriform Software Ltd -> Piriform Software Ltd) Task: {8251FE8B-3FFD-4EDE-8A02-0523A1D6E2C5} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1485312 2017-05-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {838DEC09-FE75-4C45-83A2-F2AF5E92E159} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MpCmdRun.exe [469960 2019-06-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {889DD04A-6D05-4612-81BC-79F3AABA9811} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc -> Dropbox, Inc.) Task: {8A08B037-CF71-4D84-A653-01333AC52879} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [585000 2016-09-21] (Dropbox, Inc -> ) Task: {924061F7-2B08-4949-9233-01FC4C99830C} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\chefcito\Desktop\esetonlinescanner_esl.exe Task: {9A764C3B-C17A-4CDE-9A03-3606F699AE18} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION Task: {A849FBCC-25DF-40A0-AA99-A1C916427641} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-07-30] (Google Inc -> Google Inc.) Task: {AD675FD1-4632-451E-BA49-64C640C69993} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.) Task: {AECCE8FA-7126-4971-955B-9949C82C662B} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\chefcito\Desktop\esetonlinescanner_esl.exe Task: {C01E739D-0F98-4B86-B8DD-9AD06C3903FD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13769584 2018-09-19] (Piriform Ltd -> Piriform Ltd) Task: {CD8AF87B-593C-4946-AF0B-DE01315B96EE} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-06-11] (Adobe Inc. -> Adobe) Task: {D2E2A1A8-0C5D-4360-BFDF-965E1D1F3876} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MpCmdRun.exe [469960 2019-06-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {DFCC863E-962D-4CFD-859E-BB652799EA4E} - System32\Tasks\apagar pc => C:\Windows\System32\shutdown.exe [26624 2018-04-11] (Microsoft Windows -> Microsoft Corporation) Task: {E55707E2-2341-453D-BF4A-C09109840CD4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MpCmdRun.exe [469960 2019-06-04] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {E57AF395-8331-4117-893F-79848753D5E5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Task: {E661FB53-2C88-47FF-94E2-6A925AE13A02} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLVDLauncher.exe [340440 2015-01-28] (CyberLink Corp. -> CyberLink Corp.) Task: {F2E152BB-D652-40D6-9FC7-0E2974D2CFD1} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc -> Dropbox, Inc.) Task: {F4565002-D17E-47A4-8649-8E584F1F1BA8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-07-30] (Google Inc -> Google Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\RunDLC.job => cmd c sc start Dell Help SupportWORKGROUP DESKTOP 24AAV6T ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\..\Interfaces\{0f279eee-915e-4bfe-bb54-895bdd9917cf}: [DhcpNameServer] 10.186.0.5 10.186.6.2 Tcpip\..\Interfaces\{7feeea3b-2d32-418e-8f79-58ab560c6254}: [DhcpNameServer] 172.20.10.1 Tcpip\..\Interfaces\{c1af83ad-c0f2-4560-8e1b-ad900346523c}: [DhcpNameServer] 10.186.6.2 187.253.45.10 Tcpip\..\Interfaces\{c7b9d4bf-0d03-4e88-97fd-a2405ea60ab4}: [DhcpNameServer] 172.20.10.1 Tcpip\..\Interfaces\{cecddcb6-d0e0-495d-9cf7-70d1793de4c7}: [DhcpNameServer] 172.20.10.1 Tcpip\..\Interfaces\{d61ad545-772b-4fab-b36b-fa0001782033}: [DhcpNameServer] 8.8.8.8 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-3116818766-2193367744-924395030-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell15.msn.com/?pc=DCTE HKU\S-1-5-21-3116818766-2193367744-924395030-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell15.msn.com/?pc=DCTE HKU\S-1-5-21-3116818766-2193367744-924395030-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell15.msn.com/?pc=DCTE SearchScopes: HKU\S-1-5-21-3116818766-2193367744-924395030-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04 SearchScopes: HKU\S-1-5-21-3116818766-2193367744-924395030-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04 SearchScopes: HKU\S-1-5-21-3116818766-2193367744-924395030-1001 -> {F723B136-8FBD-415C-97FB-9BF90302C1BA} URL = SearchScopes: HKU\S-1-5-21-3116818766-2193367744-924395030-1003 -> DefaultScope {F723B136-8FBD-415C-97FB-9BF90302C1BA} URL = BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation -> Microsoft Corporation) Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - No File Edge: ====== Edge Extension: (Office Online) -> 2016_MicrosoftOfficeOnline_8wekyb3d8bbwe => C:\Program Files\WindowsApps\Microsoft.OfficeOnline_1.5.8.0_neutral__8wekyb3d8bbwe [2018-04-30] FireFox: ======== FF DefaultProfile: htxprnr7.default-1554855505165 FF ProfilePath: C:\Users\chefcito\AppData\Roaming\Mozilla\Firefox\Profiles\htxprnr7.default-1554855505165 [2019-06-19] FF Extension: (English United States Dictionary) - C:\Users\chefcito\AppData\Roaming\Mozilla\Firefox\Profiles\htxprnr7.default-1554855505165\Extensions\@unitedstatesenglishdictionary.xpi [2019-06-04] FF Extension: (To Google Translate) - C:\Users\chefcito\AppData\Roaming\Mozilla\Firefox\Profiles\htxprnr7.default-1554855505165\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2019-06-09] FF Extension: (FindFlix: Netflix Secret Category Finder) - C:\Users\chefcito\AppData\Roaming\Mozilla\Firefox\Profiles\htxprnr7.default-1554855505165\Extensions\njgopmododdceghkcgbmgfffamnjbjno@chrome-store-foxified-unsigned.xpi [2019-04-09] FF Extension: (Strava, export gpx track) - C:\Users\chefcito\AppData\Roaming\Mozilla\Firefox\Profiles\htxprnr7.default-1554855505165\Extensions\strava-export-gpx@e-ivanov.ru.xpi [2019-04-09] FF Extension: (Tree Style Tab) - C:\Users\chefcito\AppData\Roaming\Mozilla\Firefox\Profiles\htxprnr7.default-1554855505165\Extensions\treestyletab@piro.sakura.ne.jp.xpi [2019-06-13] FF Extension: (Stylus Blue) - C:\Users\chefcito\AppData\Roaming\Mozilla\Firefox\Profiles\htxprnr7.default-1554855505165\Extensions\{11a41736-a1d5-4b1d-9cc3-983ed6a3ad30}.xpi [2019-05-13] FF Extension: (Calm Sunrise by MaDonna) - C:\Users\chefcito\AppData\Roaming\Mozilla\Firefox\Profiles\htxprnr7.default-1554855505165\Extensions\{389b9555-dbf1-4ac0-b302-336ff129fc63}.xpi [2019-06-04] FF Extension: (Sexy girl 2) - C:\Users\chefcito\AppData\Roaming\Mozilla\Firefox\Profiles\htxprnr7.default-1554855505165\Extensions\{52259726-0b34-4e9b-b008-7ecdb6cd6f30}.xpi [2019-05-14] FF Extension: (Netflix - Category Browser) - C:\Users\chefcito\AppData\Roaming\Mozilla\Firefox\Profiles\htxprnr7.default-1554855505165\Extensions\{7d44f55e-666a-4b80-ad12-146410f236b5}.xpi [2019-04-09] FF Extension: (sexy model) - C:\Users\chefcito\AppData\Roaming\Mozilla\Firefox\Profiles\htxprnr7.default-1554855505165\Extensions\{cae4d427-5afc-4a93-83e4-fbafcc11833d}.xpi [2019-05-14] FF Extension: (Adblock Plus - free ad blocker) - C:\Users\chefcito\AppData\Roaming\Mozilla\Firefox\Profiles\htxprnr7.default-1554855505165\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-04-20] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_207.dll [2019-06-11] (Adobe Inc. -> ) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\MICROS~2\Office14\NPAUTHZ.DLL [No File] FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_207.dll [2019-06-11] (Adobe Inc. -> ) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC) FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN -> VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-02] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR Profile: C:\Users\chefcito\AppData\Local\Google\Chrome\User Data\Default [2019-06-18] CHR Extension: (Presentaciones) - C:\Users\chefcito\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-12-07] CHR Extension: (Documentos) - C:\Users\chefcito\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-12-07] CHR Extension: (Google Drive) - C:\Users\chefcito\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-12-07] CHR Extension: (YouTube) - C:\Users\chefcito\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-12-07] CHR Extension: (Hojas de cálculo) - C:\Users\chefcito\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-12-07] CHR Extension: (Documentos de Google sin conexión) - C:\Users\chefcito\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-12-07] CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\chefcito\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-12-07] CHR Extension: (Gmail) - C:\Users\chefcito\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-12-07] CHR Extension: (Chrome Media Router) - C:\Users\chefcito\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-04-06] ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc -> Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc -> Dropbox, Inc.) S2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [130936 2017-09-19] (Dell Inc -> Dell Inc.) R2 Dell Digital Delivery Services; C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe [35488 2019-02-28] (Dell Inc -> ) S2 Dell Help & Support; C:\Program Files\Dell\Dell Help & Support\MDLCSvc.exe [41008 2018-01-15] (Dell Inc -> Dell Inc.) R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [293528 2018-10-20] (Dell Inc -> Dell Inc.) S2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [35976 2018-11-12] (Dell Inc -> ) S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-27] (Disc Soft Ltd -> Disc Soft Ltd) R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [53632 2018-09-05] (AnchorFree Inc -> AnchorFree Inc.) R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [190208 2016-11-11] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [742704 2017-10-11] (Intel(R) Trust Services -> Intel(R) Corporation) R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed] S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe [668472 2017-10-11] (Intel(R) Trust Services -> Intel(R) Corporation) S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed] S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [213648 2017-11-09] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [311584 2019-02-28] (Intel Corporation -> ) R2 Product Registration; C:\Program Files\Dell\Dell Product Registration\PRSvc.exe [47144 2017-04-06] (Dell Inc -> Dell) R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2013-09-13] (Arvato Digital Services Canada Inc -> arvato digital services llc) R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2014-04-14] (CyberLink Corp. -> ) S2 RNDBWM; C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe [64184 2019-03-07] (Rivet Networks LLC -> CloudBees, Inc.) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324608 2017-05-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor) R2 SmartByte Network Service x64; C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe [2351304 2019-03-07] (Rivet Networks LLC -> Rivet Networks) R2 WavesSysSvc; C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [615384 2017-02-07] (Waves Inc -> Waves Audio Ltd.) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\NisSrv.exe [2433136 2019-06-04] (Microsoft Windows Publisher -> Microsoft Corporation) S2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MsMpEng.exe [109896 2019-06-04] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.3.1.204\WsAppService.exe [437392 2016-11-16] (Wondershare software CO., LIMITED -> Wondershare) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [4110624 2019-02-28] (Intel Corporation -> Intel® Corporation) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 AFTrafMgr1.4; C:\Program Files (x86)\Hotspot Shield\bin\TrafMgr_1_4_64.sys [56840 2018-08-24] (AnchorFree Inc -> AnchorFree Inc.) S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.) R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [22864 2016-10-27] (WDKTestCert Andy_Chen6,131219483243550933 -> OSR Open Systems Resources, Inc.) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-01-17] (Disc Soft Ltd -> Disc Soft Ltd) R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-01-17] (Disc Soft Ltd -> Disc Soft Ltd) R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [230144 2016-11-11] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2019-06-18] (Malwarebytes Corporation -> Malwarebytes) S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.) R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3587232 2018-12-07] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) S3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [50320 2015-01-29] (Panda Security S.L. -> Panda Security, S.L.) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-05-29] (Realtek Semiconductor Corp -> Realtek ) R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [402136 2015-05-27] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation) R3 SmbCoSvc; C:\WINDOWS\system32\DRIVERS\SmbCo10X64.sys [132952 2019-03-07] (Rivet Networks LLC -> Rivet Networks, LLC.) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S3 tap-tb-0901; C:\WINDOWS\System32\drivers\tap-tb-0901.sys [38656 2015-08-10] (TunnelBear, Inc. -> The OpenVPN Project) S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project) R3 taphss6; C:\WINDOWS\System32\drivers\taphss6.sys [42064 2016-07-18] (AnchorFree Inc -> Anchorfree Inc.) S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-11-05] (Apple, Inc.) [File not signed] S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [47496 2019-06-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [337632 2019-06-04] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2019-06-04] (Microsoft Windows -> Microsoft Corporation) R2 Win10Pcap; C:\WINDOWS\SysWOW64\drivers\Win10Pcap64.sys [50304 2016-10-12] (SoftEther Corporation -> Daiyuu Nobori, University of Tsukuba, Japan) R1 xlkfs; C:\WINDOWS\System32\DRIVERS\xlkfs.sys [44272 2016-05-26] (Yang Ping -> XOSLAB.COM) R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2017-01-04] (Zemana Ltd. -> Zemana Ltd.) R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2017-01-04] (Zemana Ltd. -> Zemana Ltd.) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) ======== (If an entry is included in the fixlist, the file/folder will be moved.) Error(1) reading file: "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Herramientas de Microsoft Office " 2019-06-18 22:06 - 2019-06-18 22:57 - 000000000 ____D C:\Program Files\Mozilla Firefox 2019-06-18 14:36 - 2019-06-18 14:37 - 000000000 ____D C:\WINDOWS\system32\config\Backup 2019-06-18 14:03 - 2019-06-18 21:51 - 000275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2019-06-18 13:56 - 2019-06-18 13:56 - 000000085 _____ C:\WINDOWS\wininit.ini 2019-06-18 07:58 - 2019-06-18 13:26 - 000027661 _____ C:\Users\chefcito\Downloads\Addition.txt 2019-06-18 07:56 - 2019-06-19 06:18 - 000033520 _____ C:\Users\chefcito\Downloads\FRST.txt 2019-06-18 07:56 - 2019-06-18 13:04 - 000000000 ____D C:\FRST 2019-06-18 07:55 - 2019-06-18 07:55 - 002418688 _____ (Farbar) C:\Users\chefcito\Downloads\FRST64.exe 2019-06-16 13:11 - 2019-06-16 13:11 - 000000000 ___HD C:\$SysReset 2019-06-16 13:11 - 2019-06-16 13:11 - 000000000 ____D C:\$Windows.~BT 2019-06-16 12:32 - 2019-06-16 12:32 - 000028672 _____ C:\bcdbackup 2019-06-13 11:51 - 2019-06-13 11:51 - 001914280 _____ C:\Users\chefcito\Downloads\EstadodeCuenta.pdf junio.pdf 2019-06-13 11:50 - 2019-06-13 11:50 - 002110249 _____ C:\Users\chefcito\Downloads\EstadodeCuenta.pdf mayo.pdf 2019-06-13 11:49 - 2019-06-13 11:50 - 001622059 _____ C:\Users\chefcito\Downloads\EstadodeCuenta.pdf abril.pdf 2019-06-12 13:58 - 2019-06-07 06:04 - 021388752 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2019-06-12 13:58 - 2019-06-07 05:45 - 012756480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2019-06-12 13:58 - 2019-06-07 05:42 - 003613696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2019-06-12 13:58 - 2019-06-07 05:19 - 020383832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2019-06-12 13:58 - 2019-06-07 05:07 - 011942400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2019-06-12 13:58 - 2019-06-07 05:04 - 002881536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2019-06-12 13:58 - 2019-06-07 00:57 - 007519896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2019-06-12 13:58 - 2019-06-07 00:57 - 007436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2019-06-12 13:58 - 2019-06-07 00:57 - 000383504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys 2019-06-12 13:58 - 2019-06-07 00:56 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2019-06-12 13:58 - 2019-06-07 00:46 - 006569344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2019-06-12 13:58 - 2019-06-07 00:46 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2019-06-12 13:58 - 2019-06-07 00:38 - 025857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2019-06-12 13:58 - 2019-06-07 00:37 - 022019584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2019-06-12 13:58 - 2019-06-07 00:31 - 019372544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2019-06-12 13:58 - 2019-06-07 00:27 - 022718976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2019-06-12 13:58 - 2019-06-07 00:24 - 005784064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2019-06-12 13:58 - 2019-06-07 00:24 - 003400704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2019-06-12 13:58 - 2019-06-07 00:21 - 007588864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2019-06-12 13:58 - 2019-06-07 00:21 - 004866048 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2019-06-12 13:58 - 2019-05-17 07:27 - 006586880 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2019-06-12 13:58 - 2019-05-17 07:26 - 004393984 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2019-06-12 13:58 - 2019-05-17 07:25 - 004718080 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll 2019-06-12 13:58 - 2019-05-17 02:07 - 000105272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys 2019-06-12 13:58 - 2019-05-17 01:42 - 005625160 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll 2019-06-12 13:58 - 2019-05-17 01:30 - 013878784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2019-06-12 13:58 - 2019-05-17 01:21 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll 2019-06-12 13:58 - 2019-05-17 01:19 - 004515840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2019-06-12 13:58 - 2019-05-17 01:07 - 002768960 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2019-06-12 13:58 - 2019-05-17 00:44 - 016597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2019-06-12 13:58 - 2019-05-17 00:38 - 004709376 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll 2019-06-12 13:58 - 2019-05-17 00:37 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll 2019-06-12 13:58 - 2019-05-17 00:34 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll 2019-06-12 13:58 - 2019-05-17 00:34 - 000671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll 2019-06-12 13:58 - 2019-05-17 00:34 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll 2019-06-12 13:58 - 2019-05-17 00:33 - 003091456 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2019-06-12 13:58 - 2019-05-17 00:31 - 004937216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2019-06-12 13:58 - 2019-05-17 00:31 - 003376640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2019-06-12 13:58 - 2019-05-17 00:31 - 003293184 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll 2019-06-12 13:57 - 2019-06-07 06:04 - 001633136 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2019-06-12 13:57 - 2019-06-07 05:48 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll 2019-06-12 13:57 - 2019-06-07 05:47 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll 2019-06-12 13:57 - 2019-06-07 05:41 - 004055552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2019-06-12 13:57 - 2019-06-07 05:40 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2019-06-12 13:57 - 2019-06-07 05:40 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll 2019-06-12 13:57 - 2019-06-07 05:23 - 001453920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2019-06-12 13:57 - 2019-06-07 05:10 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll 2019-06-12 13:57 - 2019-06-07 05:04 - 004056064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2019-06-12 13:57 - 2019-06-07 05:04 - 001471488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2019-06-12 13:57 - 2019-06-07 01:07 - 000707384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys 2019-06-12 13:57 - 2019-06-07 01:01 - 001035040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe 2019-06-12 13:57 - 2019-06-07 00:58 - 001220112 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2019-06-12 13:57 - 2019-06-07 00:58 - 001027384 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2019-06-12 13:57 - 2019-06-07 00:58 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe 2019-06-12 13:57 - 2019-06-07 00:58 - 000422416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll 2019-06-12 13:57 - 2019-06-07 00:58 - 000135176 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll 2019-06-12 13:57 - 2019-06-07 00:58 - 000076304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys 2019-06-12 13:57 - 2019-06-07 00:57 - 002811192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2019-06-12 13:57 - 2019-06-07 00:57 - 002719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2019-06-12 13:57 - 2019-06-07 00:57 - 001934808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2019-06-12 13:57 - 2019-06-07 00:57 - 001209696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2019-06-12 13:57 - 2019-06-07 00:57 - 000792888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2019-06-12 13:57 - 2019-06-07 00:57 - 000709728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2019-06-12 13:57 - 2019-06-07 00:57 - 000594024 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2019-06-12 13:57 - 2019-06-07 00:57 - 000494304 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll 2019-06-12 13:57 - 2019-06-07 00:57 - 000435000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2019-06-12 13:57 - 2019-06-07 00:57 - 000413720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll 2019-06-12 13:57 - 2019-06-07 00:57 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2019-06-12 13:57 - 2019-06-07 00:57 - 000170296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2019-06-12 13:57 - 2019-06-07 00:57 - 000148280 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll 2019-06-12 13:57 - 2019-06-07 00:57 - 000137448 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll 2019-06-12 13:57 - 2019-06-07 00:56 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll 2019-06-12 13:57 - 2019-06-07 00:47 - 000380432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2019-06-12 13:57 - 2019-06-07 00:47 - 000097272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll 2019-06-12 13:57 - 2019-06-07 00:46 - 001805656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll 2019-06-12 13:57 - 2019-06-07 00:46 - 001011872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2019-06-12 13:57 - 2019-06-07 00:46 - 000581048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll 2019-06-12 13:57 - 2019-06-07 00:46 - 000357072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll 2019-06-12 13:57 - 2019-06-07 00:46 - 000128792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll 2019-06-12 13:57 - 2019-06-07 00:24 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll 2019-06-12 13:57 - 2019-06-07 00:23 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll 2019-06-12 13:57 - 2019-06-07 00:23 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2019-06-12 13:57 - 2019-06-07 00:23 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll 2019-06-12 13:57 - 2019-06-07 00:22 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2019-06-12 13:57 - 2019-06-07 00:22 - 003710976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2019-06-12 13:57 - 2019-06-07 00:22 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll 2019-06-12 13:57 - 2019-06-07 00:22 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll 2019-06-12 13:57 - 2019-06-07 00:22 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll 2019-06-12 13:57 - 2019-06-07 00:21 - 001778688 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2019-06-12 13:57 - 2019-06-07 00:21 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll 2019-06-12 13:57 - 2019-06-07 00:21 - 000473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll 2019-06-12 13:57 - 2019-06-07 00:21 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2019-06-12 13:57 - 2019-06-07 00:20 - 002610688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll 2019-06-12 13:57 - 2019-06-07 00:20 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll 2019-06-12 13:57 - 2019-06-07 00:20 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll 2019-06-12 13:57 - 2019-06-07 00:20 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2019-06-12 13:57 - 2019-06-07 00:19 - 003212288 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll 2019-06-12 13:57 - 2019-06-07 00:19 - 002175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2019-06-12 13:57 - 2019-06-07 00:19 - 001560576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2019-06-12 13:57 - 2019-06-07 00:19 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2019-06-12 13:57 - 2019-06-07 00:19 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2019-06-12 13:57 - 2019-06-07 00:19 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll 2019-06-12 13:57 - 2019-06-07 00:18 - 002166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2019-06-12 13:57 - 2019-06-07 00:18 - 000686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2019-06-12 13:57 - 2019-06-07 00:18 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2019-06-12 13:57 - 2019-06-07 00:17 - 001920000 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll 2019-06-12 13:57 - 2019-06-07 00:17 - 000961024 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll 2019-06-12 13:57 - 2019-06-07 00:17 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll 2019-06-12 13:57 - 2019-06-07 00:16 - 001102336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys 2019-06-12 13:57 - 2019-06-07 00:16 - 000900096 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2019-06-12 13:57 - 2019-06-07 00:16 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2019-06-12 13:57 - 2019-06-07 00:16 - 000478720 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll 2019-06-12 13:57 - 2019-06-06 23:00 - 000001308 _____ C:\WINDOWS\system32\tcbres.wim 2019-06-12 13:57 - 2019-05-18 17:12 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll 2019-06-12 13:57 - 2019-05-18 17:12 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll 2019-06-12 13:57 - 2019-05-18 17:12 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll 2019-06-12 13:57 - 2019-05-18 17:12 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll 2019-06-12 13:57 - 2019-05-17 07:44 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe 2019-06-12 13:57 - 2019-05-17 07:40 - 002394960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL 2019-06-12 13:57 - 2019-05-17 07:40 - 000280888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys 2019-06-12 13:57 - 2019-05-17 07:25 - 004491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe 2019-06-12 13:57 - 2019-05-17 07:25 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsUpdateElevatedInstaller.exe 2019-06-12 13:57 - 2019-05-17 07:24 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll 2019-06-12 13:57 - 2019-05-17 07:23 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll 2019-06-12 13:57 - 2019-05-17 07:22 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2019-06-12 13:57 - 2019-05-17 07:22 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll 2019-06-12 13:57 - 2019-05-17 07:21 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2019-06-12 13:57 - 2019-05-17 07:21 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll 2019-06-12 13:57 - 2019-05-17 07:21 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll 2019-06-12 13:57 - 2019-05-17 07:21 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3gpui.dll 2019-06-12 13:57 - 2019-05-17 07:21 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2019-06-12 13:57 - 2019-05-17 07:20 - 002084864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2019-06-12 13:57 - 2019-05-17 07:19 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2019-06-12 13:57 - 2019-05-17 07:07 - 002206424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL 2019-06-12 13:57 - 2019-05-17 07:00 - 005658112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2019-06-12 13:57 - 2019-05-17 06:58 - 003397632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe 2019-06-12 13:57 - 2019-05-17 06:56 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2019-06-12 13:57 - 2019-05-17 06:56 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3gpui.dll 2019-06-12 13:57 - 2019-05-17 06:55 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll 2019-06-12 13:57 - 2019-05-17 06:55 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2019-06-12 13:57 - 2019-05-17 06:55 - 000470528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll 2019-06-12 13:57 - 2019-05-17 06:54 - 002016768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2019-06-12 13:57 - 2019-05-17 06:54 - 000908288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll 2019-06-12 13:57 - 2019-05-17 04:33 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll 2019-06-12 13:57 - 2019-05-17 03:52 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll 2019-06-12 13:57 - 2019-05-17 01:44 - 000829960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2019-06-12 13:57 - 2019-05-17 01:44 - 000550520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll 2019-06-12 13:57 - 2019-05-17 01:43 - 000297688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll 2019-06-12 13:57 - 2019-05-17 01:42 - 004789944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2019-06-12 13:57 - 2019-05-17 01:42 - 002256560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2019-06-12 13:57 - 2019-05-17 01:42 - 001989552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2019-06-12 13:57 - 2019-05-17 01:42 - 001980256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2019-06-12 13:57 - 2019-05-17 01:42 - 001620264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2019-06-12 13:57 - 2019-05-17 01:42 - 001380096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll 2019-06-12 13:57 - 2019-05-17 01:42 - 001130568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll 2019-06-12 13:57 - 2019-05-17 01:42 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll 2019-06-12 13:57 - 2019-05-17 01:42 - 000125504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll 2019-06-12 13:57 - 2019-05-17 01:26 - 002969600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll 2019-06-12 13:57 - 2019-05-17 01:23 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe 2019-06-12 13:57 - 2019-05-17 01:23 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll 2019-06-12 13:57 - 2019-05-17 01:23 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll 2019-06-12 13:57 - 2019-05-17 01:22 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll 2019-06-12 13:57 - 2019-05-17 01:22 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll 2019-06-12 13:57 - 2019-05-17 01:21 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll 2019-06-12 13:57 - 2019-05-17 01:21 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esentutl.exe 2019-06-12 13:57 - 2019-05-17 01:20 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll 2019-06-12 13:57 - 2019-05-17 01:20 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll 2019-06-12 13:57 - 2019-05-17 01:19 - 001630720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2019-06-12 13:57 - 2019-05-17 01:19 - 001110528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll 2019-06-12 13:57 - 2019-05-17 01:19 - 001073664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll 2019-06-12 13:57 - 2019-05-17 01:19 - 000873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll 2019-06-12 13:57 - 2019-05-17 01:19 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2019-06-12 13:57 - 2019-05-17 01:18 - 002796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll 2019-06-12 13:57 - 2019-05-17 01:18 - 001006592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll 2019-06-12 13:57 - 2019-05-17 01:18 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll 2019-06-12 13:57 - 2019-05-17 01:08 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2019-06-12 13:57 - 2019-05-17 01:08 - 000723432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll 2019-06-12 13:57 - 2019-05-17 01:08 - 000491200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll 2019-06-12 13:57 - 2019-05-17 01:08 - 000401328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll 2019-06-12 13:57 - 2019-05-17 01:07 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2019-06-12 13:57 - 2019-05-17 01:07 - 002571640 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2019-06-12 13:57 - 2019-05-17 01:07 - 002467320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2019-06-12 13:57 - 2019-05-17 01:07 - 001459120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2019-06-12 13:57 - 2019-05-17 01:07 - 001288712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll 2019-06-12 13:57 - 2019-05-17 01:07 - 001260272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2019-06-12 13:57 - 2019-05-17 01:07 - 000930616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2019-06-12 13:57 - 2019-05-17 01:07 - 000275768 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2019-06-12 13:57 - 2019-05-17 01:07 - 000260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2019-06-12 13:57 - 2019-05-17 01:06 - 001943136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2019-06-12 13:57 - 2019-05-17 01:06 - 001784696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll 2019-06-12 13:57 - 2019-05-17 01:06 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll 2019-06-12 13:57 - 2019-05-17 01:06 - 001140992 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2019-06-12 13:57 - 2019-05-17 01:06 - 001098056 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll 2019-06-12 13:57 - 2019-05-17 01:06 - 000983424 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2019-06-12 13:57 - 2019-05-17 01:06 - 000151888 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll 2019-06-12 13:57 - 2019-05-17 01:04 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll 2019-06-12 13:57 - 2019-05-17 01:00 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll 2019-06-12 13:57 - 2019-05-17 00:37 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll 2019-06-12 13:57 - 2019-05-17 00:37 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DuCsps.dll 2019-06-12 13:57 - 2019-05-17 00:36 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys 2019-06-12 13:57 - 2019-05-17 00:36 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll 2019-06-12 13:57 - 2019-05-17 00:36 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll 2019-06-12 13:57 - 2019-05-17 00:36 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll 2019-06-12 13:57 - 2019-05-17 00:36 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe 2019-06-12 13:57 - 2019-05-17 00:36 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll 2019-06-12 13:57 - 2019-05-17 00:36 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll 2019-06-12 13:57 - 2019-05-17 00:35 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2019-06-12 13:57 - 2019-05-17 00:35 - 000362496 _____ (Microsoft Corporation) C:\WINDOWS\system32\esentutl.exe 2019-06-12 13:57 - 2019-05-17 00:35 - 000322560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe 2019-06-12 13:57 - 2019-05-17 00:34 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2019-06-12 13:57 - 2019-05-17 00:34 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe 2019-06-12 13:57 - 2019-05-17 00:34 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll 2019-06-12 13:57 - 2019-05-17 00:34 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll 2019-06-12 13:57 - 2019-05-17 00:34 - 000047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll 2019-06-12 13:57 - 2019-05-17 00:33 - 002912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2019-06-12 13:57 - 2019-05-17 00:33 - 002370560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll 2019-06-12 13:57 - 2019-05-17 00:33 - 001487360 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll 2019-06-12 13:57 - 2019-05-17 00:33 - 001214464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll 2019-06-12 13:57 - 2019-05-17 00:33 - 000787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys 2019-06-12 13:57 - 2019-05-17 00:33 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll 2019-06-12 13:57 - 2019-05-17 00:32 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll 2019-06-12 13:57 - 2019-05-17 00:32 - 000815104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll 2019-06-12 13:57 - 2019-05-17 00:31 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll 2019-06-12 13:57 - 2019-05-17 00:31 - 001805312 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2019-06-12 13:57 - 2019-05-17 00:31 - 001383424 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2019-06-12 13:57 - 2019-05-17 00:31 - 001215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll 2019-06-12 13:57 - 2019-05-17 00:31 - 001211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll 2019-06-12 13:57 - 2019-05-17 00:31 - 001027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll 2019-06-12 13:57 - 2019-05-17 00:31 - 000620032 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll 2019-06-12 13:57 - 2019-05-17 00:31 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2019-06-12 13:57 - 2019-05-17 00:30 - 000917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2019-06-12 13:57 - 2019-05-17 00:30 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll 2019-06-12 13:57 - 2019-05-17 00:30 - 000276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll 2019-06-11 10:11 - 2019-06-14 20:49 - 000000000 ____D C:\Users\chefcito\AppData\Roaming\ZHP 2019-06-11 10:11 - 2019-06-11 10:11 - 000000000 ____D C:\Users\chefcito\AppData\Local\ZHP 2019-06-11 10:09 - 2019-06-11 10:09 - 003148672 _____ (Nicolas Coolman) C:\Users\chefcito\Downloads\ZHPCleaner.exe 2019-06-10 21:29 - 2019-06-10 21:29 - 000000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking 2019-06-10 21:28 - 2019-06-18 14:02 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2 2019-06-10 21:28 - 2019-06-18 13:56 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy 2019-06-10 21:13 - 2019-06-10 21:21 - 069910960 _____ (Safer-Networking Ltd. ) C:\Users\chefcito\Downloads\spybotsd-2.7.64.0.exe 2019-06-10 04:24 - 2019-06-10 04:24 - 000003812 _____ C:\WINDOWS\System32\Tasks\EOSv3 Scheduler onLogOn 2019-06-10 04:24 - 2019-06-10 04:24 - 000003370 _____ C:\WINDOWS\System32\Tasks\EOSv3 Scheduler onTime 2019-06-09 18:24 - 2019-06-09 18:24 - 000000000 ____D C:\Users\chefcito\AppData\Local\ESET 2019-06-07 13:45 - 2019-06-07 13:46 - 000000000 ____D C:\Users\chefcito\Desktop\mmezcal tlauyda cumbia dancing 2019-06-04 11:59 - 2019-06-04 12:00 - 000000000 ____D C:\Users\chefcito\Desktop\airbnb experience 2019-05-30 10:00 - 2019-02-13 00:47 - 001909560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll 2019-05-30 09:28 - 2019-05-30 09:28 - 000000000 ____D C:\Program Files\Common Files\Intel 2019-05-21 13:26 - 2019-05-21 13:26 - 000000000 ____D C:\Users\chefcito\Downloads\BancaNet Citibanamex.com Archivos ==================== One month (modified) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-06-19 06:17 - 2017-04-23 09:13 - 000135462 _____ C:\WINDOWS\ZAM.krnl.trace 2019-06-19 06:17 - 2017-04-23 09:13 - 000100389 _____ C:\WINDOWS\ZAM_Guard.krnl.trace 2019-06-19 06:13 - 2018-04-11 18:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2019-06-19 06:12 - 2018-06-06 10:10 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2019-06-18 23:00 - 2016-11-16 00:29 - 000000000 ____D C:\Users\chefcito\AppData\LocalLow\Mozilla 2019-06-18 22:59 - 2016-08-22 17:31 - 000000000 ____D C:\Users\chefcito\AppData\LocalLow\Temp 2019-06-18 22:57 - 2018-12-04 22:46 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2019-06-18 22:57 - 2018-10-21 09:34 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2019-06-18 22:57 - 2018-10-21 09:34 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2019-06-18 22:57 - 2018-07-29 12:36 - 000000000 ____D C:\Users\anett 2019-06-18 22:56 - 2018-04-11 18:38 - 000000000 ___HD C:\Program Files\WindowsApps 2019-06-18 22:56 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\AppReadiness 2019-06-18 22:56 - 2017-12-30 22:11 - 000000000 ____D C:\Users\chefcito\AppData\Local\Packages 2019-06-18 22:17 - 2019-04-09 08:30 - 000000000 ____D C:\Program Files (x86)\Dell Digital Delivery Services 2019-06-18 21:51 - 2018-06-06 10:17 - 000000000 ____D C:\Users\chefcito 2019-06-18 21:51 - 2016-07-07 08:24 - 000000000 __SHD C:\Users\chefcito\IntelGraphicsProfiles 2019-06-18 21:49 - 2018-06-06 10:44 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2019-06-18 14:33 - 2016-07-06 10:57 - 000000000 _____ C:\Recovery.txt 2019-06-18 14:02 - 2018-04-11 16:04 - 001310720 _____ C:\WINDOWS\system32\config\BBI 2019-06-18 13:44 - 2018-06-06 10:30 - 001772030 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2019-06-18 13:44 - 2018-04-12 11:18 - 000788720 _____ C:\WINDOWS\system32\perfh00A.dat 2019-06-18 13:44 - 2018-04-12 11:18 - 000155862 _____ C:\WINDOWS\system32\perfc00A.dat 2019-06-18 13:44 - 2018-04-11 18:36 - 000000000 ____D C:\WINDOWS\INF 2019-06-18 13:21 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2019-06-18 08:17 - 2017-04-12 07:48 - 000000000 ____D C:\Program Files\UNP 2019-06-16 15:04 - 2018-09-15 18:32 - 000000000 ____D C:\Users\chefcito\AppData\Local\Spotify 2019-06-16 15:04 - 2018-09-15 18:29 - 000000000 ____D C:\Users\chefcito\AppData\Roaming\Spotify 2019-06-16 11:34 - 2018-12-22 10:35 - 000002408 _____ C:\Users\chefcito\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2019-06-16 11:34 - 2018-06-06 10:44 - 000003376 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3116818766-2193367744-924395030-1001 2019-06-16 11:34 - 2016-07-07 08:28 - 000000000 ___RD C:\Users\chefcito\OneDrive 2019-06-14 22:37 - 2016-07-16 12:00 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2019-06-13 00:38 - 2016-08-22 12:43 - 000000000 ___RD C:\Users\chefcito\3D Objects 2019-06-13 00:38 - 2015-12-28 11:47 - 000000000 __RHD C:\Users\Public\AccountPictures 2019-06-13 00:34 - 2018-06-06 10:10 - 000513632 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2019-06-13 00:30 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\TextInput 2019-06-13 00:30 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\ShellExperiences 2019-06-13 00:30 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\Provisioning 2019-06-13 00:30 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\bcastdvr 2019-06-12 14:10 - 2018-04-11 18:30 - 000000000 ____D C:\WINDOWS\CbsTemp 2019-06-12 13:56 - 2016-07-07 19:22 - 000000000 ____D C:\WINDOWS\system32\MRT 2019-06-12 13:51 - 2016-07-07 19:22 - 135349160 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2019-06-11 12:52 - 2018-09-26 08:07 - 000004616 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier 2019-06-11 12:52 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2019-06-11 12:52 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\system32\Macromed 2019-06-11 10:22 - 2016-07-30 08:39 - 000000000 ____D C:\Users\chefcito\AppData\Local\Google 2019-06-11 06:49 - 2018-10-16 21:13 - 000000000 ___HD C:\OneDriveTemp 2019-06-10 21:22 - 2017-09-30 20:17 - 000000000 ____D C:\Users\chefcito\AppData\Roaming\WhatsApp 2019-06-10 19:56 - 2018-07-29 12:46 - 000003370 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3116818766-2193367744-924395030-1003 2019-06-10 19:56 - 2018-07-29 12:42 - 000000000 ___RD C:\Users\anett\OneDrive 2019-06-10 19:56 - 2018-07-29 12:36 - 000002399 _____ C:\Users\anett\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2019-06-10 19:54 - 2018-07-29 12:37 - 000000000 __SHD C:\Users\anett\IntelGraphicsProfiles 2019-06-10 19:54 - 2018-07-29 12:37 - 000000000 ____D C:\Users\anett\AppData\Local\Packages 2019-06-09 21:13 - 2017-10-03 11:54 - 000000000 ____D C:\Users\chefcito\Downloads\[R.G. Mechanics] Bioshock 2 2019-06-09 18:29 - 2017-01-17 14:53 - 000000000 ____D C:\Users\chefcito\AppData\Roaming\DAEMON Tools Lite 2019-06-09 18:07 - 2017-09-30 20:16 - 000000000 ____D C:\Users\chefcito\AppData\Local\WhatsApp 2019-06-09 16:30 - 2017-03-21 13:20 - 000000000 ____D C:\iVMS-4200 2019-06-09 14:11 - 2017-05-10 16:44 - 000000000 ____D C:\Users\chefcito\AppData\Roaming\vlc 2019-06-04 11:17 - 2018-02-27 21:45 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2019-06-02 06:44 - 2018-10-04 14:07 - 000004210 _____ C:\WINDOWS\System32\Tasks\CCleaner Update 2019-05-30 20:57 - 2018-11-13 23:17 - 000835688 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2019-05-30 20:57 - 2018-11-13 23:17 - 000179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2019-05-30 09:30 - 2015-12-28 10:50 - 000000000 ____D C:\ProgramData\Package Cache 2019-05-30 09:28 - 2017-04-14 09:52 - 000000000 ____D C:\Program Files (x86)\Intel 2019-05-30 09:28 - 2016-07-11 09:59 - 000000000 ____D C:\ProgramData\Intel 2019-05-30 09:25 - 2017-04-14 09:51 - 000000000 ____D C:\Program Files\Intel 2019-05-22 19:54 - 2018-07-29 12:44 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2019-05-22 19:10 - 2018-04-11 18:38 - 000000000 ____D C:\WINDOWS\Registration 2019-05-22 12:34 - 2016-09-02 09:57 - 000000000 ____D C:\Users\chefcito\AppData\Roaming\Apple Computer 2019-05-22 09:35 - 2018-01-19 20:37 - 000000000 ____D C:\Users\chefcito\AppData\Roaming\CyberLink 2019-05-20 21:57 - 2018-08-01 14:38 - 000000000 ____D C:\WINDOWS\SysWOW64\directx 2019-05-20 21:56 - 2016-07-30 12:50 - 000000000 ___HD C:\WINDOWS\msdownld.tmp ==================== FLock ================ 2018-06-06 10:11 C:\Recovery ==================== SigCheck =============================== (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ============================