Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-06-2019
Ran by ALX (administrator) on DESKTOP-UEJKKSB (20-06-2019 21:54:00)
Running from C:\Users\ALX\Desktop\pro
Loaded Profiles: ALX & MsDtsServer110 & ReportServer$ALX & MSSQLFDLauncher$ALX & MSOLAP$ALX & MSSQL$ALX &  (Available Profiles: ALX & user & MsDtsServer110 & ReportServer$ALX & MSSQLFDLauncher$ALX & MSOLAP$ALX & MSSQL$ALX)
Platform: Windows 10 Pro Version 1809 17763.557 (X64) Language: Español (España, internacional)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.46.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19041.16510.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19052.657.0_x64__8wekyb3d8bbwe\YourPhone.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine\Vpn.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
(CA -> CA) C:\Program Files (x86)\CA\SharedComponents\CA_LIC\lic98Service.exe
(CA -> CA) C:\Program Files (x86)\CA\SharedComponents\CA_LIC\LogWatNT.exe
(Intel(R) Extreme Tuning Utility -> Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(Intel(R) Intel Network Drivers -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_24de78387e6208e4\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_24de78387e6208e4\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_24de78387e6208e4\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_24de78387e6208e4\IntelCpHeciSvc.exe
(LogMeIn, Inc. -> LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(LogMeIn, Inc. -> LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\110\DTS\Binn\MsDtsSrvr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSAS11.ALX\OLAP\bin\msmdsrv.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSRS10_50.SQLEXPRESS\Reporting Services\ReportServer\bin\ReportingServicesService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSRS11.ALX\Reporting Services\ReportServer\bin\ReportingServicesService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\fdhost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\fdlauncher.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.ALX\MSSQL\Binn\fdhost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.ALX\MSSQL\Binn\fdlauncher.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.ALX\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.46.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [262024 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9274304 2018-10-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe [1971976 2016-01-29] (Shenzhen Wondershare Information Technology Co., Ltd. -> )
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5890504 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-843820469-2498997708-1912298089-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [4034616 2019-02-11] (Tonec Inc.) [File not signed]
HKU\S-1-5-21-843820469-2498997708-1912298089-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22691064 2019-06-04] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-843820469-2498997708-1912298089-1001\...\Policies\Explorer: [] 
HKU\S-1-5-21-843820469-2498997708-1912298089-1001\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-843820469-2498997708-1912298089-1008-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06202019205633511\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-80-1770670200-1234090253-3451813168-4041049723-2370973757\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-80-1770670200-1234090253-3451813168-4041049723-2370973757-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06202019205633933\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-80-2090696942-1482871876-2435541374-1097721145-1128998050\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-80-2090696942-1482871876-2435541374-1097721145-1128998050-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06202019205634464\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-80-2855314748-2847210885-2226279350-3694749763-2412230467\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-80-2855314748-2847210885-2226279350-3694749763-2412230467-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06202019205635557\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-80-4145762984-3701883780-1007821918-3383322626-3128795338\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-80-4145762984-3701883780-1007821918-3383322626-3128795338-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06202019205635838\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-80-661271749-351230067-762691005-3001255651-3706374875\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-80-661271749-351230067-762691005-3001255651-3706374875-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06202019205636588\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Drivers32: [msacm.dvacm_vspX10] => c:\Program Files\Corel\Corel VideoStudio X10\DVACM.acm [23552 2017-01-11] (Corel TW Corp.) [File not signed]
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]
HKLM\Software\...\AppCompatFlags\Custom\iisexpress.exe: [{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb] -> IIS Express Application Compatibility Database for x64
HKLM\Software\...\AppCompatFlags\Custom\iisexpress.exe: [{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb] -> IIS Express Application Compatibility Database for x86
HKLM\Software\...\AppCompatFlags\InstalledSDB\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb [2012-05-29]
HKLM\Software\...\AppCompatFlags\InstalledSDB\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb [2012-05-29]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.100\Installer\chrmstp.exe [2019-06-18] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\74.0.1376.132\Installer\chrmstp.exe [2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine VPN.lnk [2019-05-25]
ShortcutTarget: Avast SecureLine VPN.lnk -> C:\Program Files\AVAST Software\SecureLine\Vpn.exe (AVAST Software s.r.o. -> AVAST Software)
GroupPolicy: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {060D833A-742E-454C-88D9-0CB04C36834F} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2934152 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
Task: {10DE3DF7-DBEB-498F-88F8-429644D1E0DE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-03-23] (Google Inc -> Google Inc.)
Task: {1376B30B-F1AE-43B2-9197-ADB6E6272DE3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {209C37F0-E459-415D-B5C9-2D4A10F15B8C} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK
Task: {39E851A3-CB92-4AF5-A3DB-CA7D6FA40562} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2019-04-14] (AVAST Software s.r.o. -> AVAST Software)
Task: {4A9EEC38-5CE7-4256-8076-A25B473EBADE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {4F7FE8D9-BA5F-471D-9A8F-3A975D07F214} - System32\Tasks\Driver Booster SkipUAC (ALX) => C:\Program Files (x86)\IObit\Driver Booster\5.5.1\DriverBooster.exe
Task: {4F86A519-DE83-4676-B4F0-4A5F0509B16D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16664352 2019-06-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {55CAFC15-3953-4E16-8781-9009192012D0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-03-23] (Google Inc -> Google Inc.)
Task: {5B779989-1F21-4275-88C3-ED7D5AEB15BB} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\AVAST Software\SecureLine\VpnUpdate.exe [1398208 2019-05-23] (AVAST Software s.r.o. -> AVAST Software)
Task: {5BF2C46E-9CB8-4166-8BED-314FBB5609FC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {655CA34B-C65D-4E90-8FA4-6FBB958232D4} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1951280 2019-05-14] (AVAST Software s.r.o. -> AVAST Software)
Task: {6D06D492-628E-4F2A-B2AD-5E3606CAEF4B} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {6E837653-F0E0-447D-9870-C45B11D59AB2} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1951280 2019-05-14] (AVAST Software s.r.o. -> AVAST Software)
Task: {70A6B4B8-351C-4B7C-A5A8-EAF6136BC4EF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-06-12] (Adobe Inc. -> Adobe)
Task: {720C8DFB-0EF3-42D2-8134-ECF6DAAB28A1} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-06-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9E8844C0-61CC-4026-AA91-9A5CE85E6B4C} - System32\Tasks\{6CF3139D-9027-48E0-966A-9FF2CDDEDF24} => C:\Windows\system32\pcalua.exe -a "H:\rational rose\rational rose 2007\setup.exe" -d "H:\rational rose\rational rose 2007"
Task: {BF03AAA2-E09C-4A5B-9C3D-A5708B7C4A7C} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {CC8A06FA-0C2F-49B5-921E-98F82D065FBE} - System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-UEJKKSB-ALX => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [315880 2018-01-05] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
Task: {D48DF6E4-8ED9-462B-BFED-648FA86D726D} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_207_pepper.exe [1452600 2019-06-12] (Adobe Inc. -> Adobe)
Task: {DE883E56-2448-4101-BC61-BFA0EED70DA9} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {DF5B1C49-7AA4-41BF-840A-A5AB268AE312} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2281944 2019-06-05] (AVAST Software s.r.o. -> AVAST Software)
Task: {E99CC125-E6D7-48FE-877C-D34CC138D2F2} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2019-04-14] (AVAST Software s.r.o. -> AVAST Software)
Task: {F0905160-53ED-4D8D-9D75-19CB5476E8AF} - System32\Tasks\CAM => C:\Program Files (x86)\NZXT\CAM\CAM_V3.exe
Task: {F0917562-ECE0-4997-9854-0D2C656FF4A1} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\WINDOWS\system32\EOSNotify.exe
Task: {FCD7359E-B199-4651-977F-7265F0668C57} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-UEJKKSB-ALX => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {FE1F268A-C6C7-461F-ABD5-4D05F34B1E44} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_207_Plugin.exe [1457208 2019-06-11] (Adobe Inc. -> Adobe)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 200.48.225.130 200.48.225.146
Tcpip\..\Interfaces\{7d05ad33-bedd-4802-82c5-7c55ffbcca7d}: [DhcpNameServer] 200.48.225.130 200.48.225.146

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.gmx.com/start?src=p_jkld_mx&p=jkld&p_brw=ie&p_mkt=pe&p_tsrc=301ssg01&p_w=y1w13
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_mx&p=jkld&p_brw=ie&p_mkt=pe&p_tsrc=301ssg01&p_w=y1w13&q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_mx&p=jkld&p_brw=ie&p_mkt=pe&p_tsrc=301ssg01&p_w=y1w13&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_mx&p=jkld&p_brw=ie&p_mkt=pe&p_tsrc=301ssg01&p_w=y1w13&q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_mx&p=jkld&p_brw=ie&p_mkt=pe&p_tsrc=301ssg01&p_w=y1w13&q={searchTerms}
SearchScopes: HKU\S-1-5-21-843820469-2498997708-1912298089-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_mx&p=jkld&p_brw=ie&p_mkt=pe&p_tsrc=301ssg01&p_w=y1w13&q={searchTerms}
SearchScopes: HKU\S-1-5-21-843820469-2498997708-1912298089-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_mx&p=jkld&p_brw=ie&p_mkt=pe&p_tsrc=301ssg01&p_w=y1w13&q={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2018-11-21] (Tonec Inc. -> Internet Download Manager, Tonec Inc.)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2018-11-21] (Tonec Inc. -> Internet Download Manager, Tonec Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Wondershare Video Converter Ultimate 7.1.0 -> {451C804F-C205-4F03-B48E-537EC94937BF} -> C:\ProgramData\Wondershare\Video Converter Ultimate\WSBrowserAppMgr.dll [2016-01-29] (Shenzhen Wondershare Information Technology Co., Ltd. -> Wondershare)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: saphtmlp - {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\program files (x86)\sap\frontend\sapgui\saphtmlp.dll [2012-06-20] (SAP AG -> SAP, Walldorf)
Handler-x32: sapr3 - {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\program files (x86)\sap\frontend\sapgui\saphtmlp.dll [2012-06-20] (SAP AG -> SAP, Walldorf)

FireFox:
========
FF DefaultProfile: tjsjxqgt.default
FF ProfilePath: C:\Users\ALX\AppData\Roaming\Mozilla\Firefox\Profiles\tjsjxqgt.default [2019-06-20]
FF Homepage: Mozilla\Firefox\Profiles\tjsjxqgt.default -> hxxps://www.google.com/
FF Extension: (Español (España) Language Pack) - C:\Users\ALX\AppData\Roaming\Mozilla\Firefox\Profiles\tjsjxqgt.default\Extensions\langpack-es-ES@firefox.mozilla.org.xpi [2019-05-24]
FF Extension: (Avast Online Security) - C:\Users\ALX\AppData\Roaming\Mozilla\Firefox\Profiles\tjsjxqgt.default\Extensions\wrc@avast.com.xpi [2019-04-29]
FF Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\ALX\AppData\Roaming\Mozilla\Firefox\Profiles\tjsjxqgt.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-04-19]
FF HKLM-x32\...\Firefox\Extensions: [WSVCU@Wondershare.com] - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com
FF Extension: (Wondershare Video Converter Ultimate) - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com [2017-04-08] [Legacy] [not signed]
FF HKU\S-1-5-21-843820469-2498997708-1912298089-1001\...\Firefox\Extensions: [mozilla_cc3@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi
FF Extension: (IDM Integration Module) - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi [2019-02-10] [UpdateUrl:hxxps://data.internetdownloadmanager.com/idmmzcc3/update.json]
FF HKU\S-1-5-21-843820469-2498997708-1912298089-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\ALX\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\ALX\AppData\Roaming\IDM\idmmzcc5 [2019-03-03] [Legacy] [not signed]
FF HKU\S-1-5-21-843820469-2498997708-1912298089-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-20] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_207.dll [2019-06-11] (Adobe Inc. -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_207.dll [2019-06-11] (Adobe Inc. -> )
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll [2012-04-11] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-14] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-14] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-02] (Adobe Inc. -> Adobe Systems Inc.)

Chrome: 
=======
CHR Profile: C:\Users\ALX\AppData\Local\Google\Chrome\User Data\Default [2019-06-20]
CHR Extension: (Presentaciones) - C:\Users\ALX\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-03-23]
CHR Extension: (Documentos) - C:\Users\ALX\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-03-23]
CHR Extension: (Google Drive) - C:\Users\ALX\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-03-23]
CHR Extension: (YouTube) - C:\Users\ALX\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-03-23]
CHR Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\ALX\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-06-07]
CHR Extension: (Hojas de cálculo) - C:\Users\ALX\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-03-23]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\ALX\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-24]
CHR Extension: (Avast Online Security) - C:\Users\ALX\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-04-30]
CHR Extension: (IDM Integration Module) - C:\Users\ALX\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2019-05-16]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\ALX\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\ALX\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\ALX\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-07]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2019-02-11]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2019-02-11]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2319848 2018-01-05] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6844776 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2019-04-14] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [409224 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2019-04-14] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\74.0.1376.132\elevation_service.exe [1079424 2019-05-14] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation) [File not signed]
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3361736 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc. -> LogMeIn, Inc.)
R2 LogWatch; C:\Program Files (x86)\CA\SharedComponents\CA_LIC\LogWatNT.exe [75016 2007-12-15] (CA -> CA)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 MsDtsServer110; C:\Program Files\Microsoft SQL Server\110\DTS\Binn\MsDtsSrvr.exe [218200 2012-02-11] (Microsoft Corporation -> Microsoft Corporation)
R2 MSSQL$ALX; C:\Program Files\Microsoft SQL Server\MSSQL11.ALX\MSSQL\Binn\sqlservr.exe [191064 2012-02-11] (Microsoft Corporation -> Microsoft Corporation)
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [62218696 2012-06-29] (Microsoft Corporation -> Microsoft Corporation)
R3 MSSQLFDLauncher$ALX; C:\Program Files\Microsoft SQL Server\MSSQL11.ALX\MSSQL\Binn\fdlauncher.exe [49752 2012-02-11] (Microsoft Corporation -> Microsoft Corporation)
R3 MSSQLFDLauncher$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\fdlauncher.exe [41416 2012-06-29] (Microsoft Corporation -> Microsoft Corporation)
R2 PSI_SVC_2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R2 ReportServer$ALX; C:\Program Files\Microsoft SQL Server\MSRS11.ALX\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2348632 2012-02-11] (Microsoft Corporation -> Microsoft Corporation)
R2 ReportServer$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSRS10_50.SQLEXPRESS\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2193352 2012-06-29] (Microsoft Corporation -> Microsoft Corporation)
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [7038904 2019-05-23] (AVAST Software s.r.o. -> AVAST Software)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5382448 2019-04-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 SQL Server Distributed Replay Client; C:\Program Files (x86)\Microsoft SQL Server\110\Tools\DReplayClient\DReplayClient.exe [137304 2012-02-11] (Microsoft Corporation -> Microsoft Corporation)
S3 SQL Server Distributed Replay Controller; C:\Program Files (x86)\Microsoft SQL Server\110\Tools\DReplayController\DReplayController.exe [342104 2012-02-11] (Microsoft Corporation -> Microsoft Corporation)
S3 SQLAgent$ALX; C:\Program Files\Microsoft SQL Server\MSSQL11.ALX\MSSQL\Binn\SQLAGENT.EXE [597080 2012-02-11] (Microsoft Corporation -> Microsoft Corporation)
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [441288 2012-06-29] (Microsoft Corporation -> Microsoft Corporation)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation) [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\NisSrv.exe [4098064 2019-03-31] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MsMpEng.exe [113992 2019-03-31] (Microsoft Corporation -> Microsoft Corporation)
S4 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.1.6.0\WsAppService.exe [388608 2016-01-28] (Wondershare) [File not signed]
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [18264 2017-09-27] (Intel(R) Extreme Tuning Utility -> Intel(R) Corporation)
R2 MSOLAP$ALX; "C:\Program Files\Microsoft SQL Server\MSAS11.ALX\OLAP\bin\msmdsrv.exe" -s "C:\Program Files\Microsoft SQL Server\MSAS11.ALX\OLAP\Config"
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37104 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [207448 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [262496 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [205848 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [61472 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-08] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [279120 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42288 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [168104 2019-06-20] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112312 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [87944 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1030784 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [477584 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [225600 2019-06-17] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [385880 2019-05-30] (AVAST Software s.r.o. -> AVAST Software)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
R3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [32840 2017-10-10] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.)
S3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2018-11-23] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-10-10] (Martin Malik - REALiX -> REALiX(tm))
R0 iaStorAC; C:\WINDOWS\System32\drivers\iaStorAC.sys [967696 2018-10-16] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [38424 2017-09-15] (Intel Corporation -> Intel Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [199768 2019-06-18] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [127136 2019-06-19] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73912 2019-06-19] (Malwarebytes Corporation -> Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2019-06-19] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [117344 2019-06-19] (Malwarebytes Corporation -> Malwarebytes)
R0 PxHlpa64; C:\WINDOWS\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation -> Corel Corporation)
S4 RsFx0153; C:\WINDOWS\System32\DRIVERS\RsFx0153.sys [321992 2012-06-29] (Microsoft Corporation -> Microsoft Corporation)
S4 RsFx0200; C:\WINDOWS\System32\DRIVERS\RsFx0200.sys [334936 2012-02-11] (Microsoft Corporation -> Microsoft Corporation)
R3 SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [282112 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2017-08-30] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [222864 2018-08-14] (Oracle Corporation -> Oracle Corporation)
S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-13] (Microsoft Corporation -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46472 2019-03-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [333792 2019-03-31] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2018-03-17] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62432 2019-03-31] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-20 21:53 - 2019-06-20 21:54 - 000000000 ____D C:\FRST
2019-06-19 22:11 - 2019-06-19 22:11 - 000127136 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-06-19 22:11 - 2019-06-19 22:11 - 000117344 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2019-06-19 22:11 - 2019-06-19 22:11 - 000073912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-06-19 21:21 - 2019-06-19 21:21 - 000000000 ____D C:\ProgramData\KMSAuto
2019-06-19 21:20 - 2019-06-19 21:20 - 000007774 _____ C:\Users\ALX\Desktop\ZHPCleaner (R).txt
2019-06-19 21:19 - 2019-06-19 21:19 - 000008993 _____ C:\Users\ALX\Desktop\ZHPCleaner (S).txt
2019-06-19 21:03 - 2019-06-19 21:03 - 000000873 _____ C:\Users\ALX\Desktop\ZHPCleaner.lnk
2019-06-19 20:52 - 2019-06-19 20:52 - 000275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-06-18 23:19 - 2019-06-18 23:19 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-06-18 23:08 - 2019-06-18 23:08 - 000000000 ____D C:\Users\ALX\AppData\Local\mbam
2019-06-18 23:05 - 2019-06-18 23:05 - 000199768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-06-18 23:05 - 2019-06-18 23:05 - 000000000 ____D C:\Users\ALX\AppData\Local\mbamtray
2019-06-18 23:04 - 2019-06-18 23:04 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-06-18 23:04 - 2019-06-18 23:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-06-18 23:04 - 2019-02-01 12:20 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-06-18 22:29 - 2019-06-20 21:54 - 000000000 ____D C:\Users\ALX\Desktop\pro
2019-06-17 22:02 - 2019-06-17 22:02 - 000000000 ____D C:\Program Files\UNP
2019-06-16 23:57 - 2019-06-16 23:58 - 004837298 _____ C:\Users\ALX\Downloads\decoramos2.wmv
2019-06-16 23:57 - 2019-06-16 23:58 - 003005716 _____ C:\Users\ALX\Downloads\decoramos.wmv
2019-06-16 22:08 - 2019-06-16 22:08 - 003077686 _____ C:\Users\ALX\Downloads\00_MAIN.wmv
2019-06-15 23:01 - 2019-06-15 23:01 - 000002592 _____ C:\Users\ALX\Downloads\VIOLINES DEL PERU La Contamanina UCAYALI - YouTube_mp4.HDP
2019-06-15 22:52 - 2019-06-15 22:52 - 010949167 _____ C:\Users\ALX\Downloads\VIOLINES DEL PERU La Contamanina UCAYALI - YouTube.mp4
2019-06-15 22:40 - 2019-06-15 23:01 - 000002452 _____ C:\Users\ALX\Downloads\20190615_221007_mp4.HDP
2019-06-15 22:30 - 2019-06-15 22:40 - 000002444 _____ C:\Users\ALX\Downloads\20190615_215942_mp4.HDP
2019-06-15 22:24 - 2019-06-15 22:04 - 611641780 _____ C:\Users\ALX\Downloads\20190615_215942.mp4
2019-06-15 22:24 - 2019-06-15 21:56 - 238441854 _____ C:\Users\ALX\Downloads\20190615_215502.mp4
2019-06-15 22:23 - 2019-06-15 22:13 - 466785800 _____ C:\Users\ALX\Downloads\20190615_221007.mp4
2019-06-15 21:00 - 2019-06-15 21:00 - 000077959 _____ C:\Users\ALX\Desktop\COMPROBANTE.pdf
2019-06-12 22:19 - 2019-06-12 22:19 - 026808320 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 023438336 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 020816384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 018999296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 012869120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 012162048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 007875072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 007724992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 006547144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 006441472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 006309256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 006068224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 005764608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 005588184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 005210904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 005112792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 004883968 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 004661760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 004627456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 003906560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 003743744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 003426816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 002469440 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 002323696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 002276192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 002096128 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-06-12 22:19 - 2019-06-12 22:19 - 002017280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2019-06-12 22:19 - 2019-06-12 22:19 - 001761280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 001750016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 001618944 ____R (The ICU Project) C:\WINDOWS\SysWOW64\icuin.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 001485312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 001466496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 001387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 001260048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-06-12 22:19 - 2019-06-12 22:19 - 001223168 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 001072640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 000927744 _____ (Microsoft Corporation) C:\WINDOWS\system32\assignedaccessmanagersvc.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 000898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 000804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 000791040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessManager.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 000553664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 000540720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 000451104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 000427688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 000398848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 000375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\esentutl.exe
2019-06-12 22:19 - 2019-06-12 22:19 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 000362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 000351744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 000345600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esentutl.exe
2019-06-12 22:19 - 2019-06-12 22:19 - 000311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 000287912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2019-06-12 22:19 - 2019-06-12 22:19 - 000280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2019-06-12 22:19 - 2019-06-12 22:19 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 000122680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 000087864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AssignedAccessRuntime.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-06-12 22:19 - 2019-06-12 22:19 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 022114960 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 017484800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 015221248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 009682744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-06-12 22:18 - 2019-06-12 22:18 - 007884288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 007687576 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 007645392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 006926336 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 005297152 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 005086208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 004997096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 004588544 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-06-12 22:18 - 2019-06-12 22:18 - 003983872 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 003637248 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-06-12 22:18 - 2019-06-12 22:18 - 003385344 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 003363640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-06-12 22:18 - 2019-06-12 22:18 - 003344896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 003270144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 003091968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 002999808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 002928640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 002926096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-06-12 22:18 - 2019-06-12 22:18 - 002777736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 002707968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-06-12 22:18 - 2019-06-12 22:18 - 002690048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 002653696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 002638336 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2019-06-12 22:18 - 2019-06-12 22:18 - 002627600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-06-12 22:18 - 2019-06-12 22:18 - 002422272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-06-12 22:18 - 2019-06-12 22:18 - 002189312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 002085168 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 001929216 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 001903616 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 001899160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 001860608 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 001860096 ____R (The ICU Project) C:\WINDOWS\system32\icuin.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 001701888 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 001700312 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-06-12 22:18 - 2019-06-12 22:18 - 001670840 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 001644544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 001616384 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 001605120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 001483872 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 001471040 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-06-12 22:18 - 2019-06-12 22:18 - 001462272 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 001342904 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-06-12 22:18 - 2019-06-12 22:18 - 001331536 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 001315328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 001298952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 001256448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 001255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 001254912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 001253688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-06-12 22:18 - 2019-06-12 22:18 - 001229824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-06-12 22:18 - 2019-06-12 22:18 - 001219424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 001180184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-06-12 22:18 - 2019-06-12 22:18 - 001098136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 001054712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-06-12 22:18 - 2019-06-12 22:18 - 001048592 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-06-12 22:18 - 2019-06-12 22:18 - 001032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 001005056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000924160 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000887808 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000863544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-06-12 22:18 - 2019-06-12 22:18 - 000853504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000850760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000773632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000769536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-06-12 22:18 - 2019-06-12 22:18 - 000758688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-06-12 22:18 - 2019-06-12 22:18 - 000756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000752144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-06-12 22:18 - 2019-06-12 22:18 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000730592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-06-12 22:18 - 2019-06-12 22:18 - 000699392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000676048 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000651576 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-06-12 22:18 - 2019-06-12 22:18 - 000651064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-06-12 22:18 - 2019-06-12 22:18 - 000615440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2019-06-12 22:18 - 2019-06-12 22:18 - 000604344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-06-12 22:18 - 2019-06-12 22:18 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000586040 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000555232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-06-12 22:18 - 2019-06-12 22:18 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000522752 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000515152 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000513904 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000506192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000495616 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000478720 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000474936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-06-12 22:18 - 2019-06-12 22:18 - 000462136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000430904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2019-06-12 22:18 - 2019-06-12 22:18 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\SDDS.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000419368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000404792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2019-06-12 22:18 - 2019-06-12 22:18 - 000398208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000389120 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingASDS.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000386576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000375544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-06-12 22:18 - 2019-06-12 22:18 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-06-12 22:18 - 2019-06-12 22:18 - 000351232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000292664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2019-06-12 22:18 - 2019-06-12 22:18 - 000282424 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000262160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-06-12 22:18 - 2019-06-12 22:18 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000247608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000244224 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpnServiceDS.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-06-12 22:18 - 2019-06-12 22:18 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000196920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-06-12 22:18 - 2019-06-12 22:18 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSrv.exe
2019-06-12 22:18 - 2019-06-12 22:18 - 000156984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000152896 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000152400 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000137056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000125528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000114648 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000101176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingFilterDS.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000091424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
2019-06-12 22:18 - 2019-06-12 22:18 - 000090424 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000080400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-06-12 22:18 - 2019-06-12 22:18 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2019-06-12 22:18 - 2019-06-12 22:18 - 000069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessRuntime.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2019-06-12 22:18 - 2019-06-12 22:18 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-06-12 22:18 - 2019-06-12 22:18 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-06-12 22:18 - 2019-06-12 22:18 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-06-12 22:18 - 2019-06-12 22:18 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-06-12 22:18 - 2019-06-12 22:18 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-06-12 22:18 - 2019-06-12 22:18 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-06-12 22:18 - 2019-06-12 22:18 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-06-12 22:18 - 2019-06-12 22:18 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-06-12 22:18 - 2019-06-12 22:18 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-06-12 21:50 - 2019-06-12 21:50 - 004650040 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2019-06-11 23:23 - 2019-06-12 00:11 - 000002768 _____ C:\Users\ALX\Downloads\Como tocar Tengo un amor de Pablo Herrera - Tutorial Guitarra - Acordes completos - Acordizate_mp4.HDP
2019-06-11 23:12 - 2019-06-19 21:22 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-06-11 23:11 - 2019-06-11 23:11 - 128781198 _____ C:\Users\ALX\Downloads\Como tocar Tengo un amor de Pablo Herrera - Tutorial Guitarra - Acordes completos - Acordizate.mp4
2019-06-11 22:33 - 2019-06-11 22:33 - 001993528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2019-06-09 12:33 - 2019-06-09 12:39 - 1777962245 _____ C:\Users\ALX\Downloads\Ver El increíble Hulk Online (2008) - REPELIS Películas HD.mp4
2019-06-07 22:43 - 2019-06-10 00:55 - 000000000 ____D C:\Users\ALX\Desktop\cad
2019-06-06 00:21 - 2019-06-06 00:21 - 000094712 _____ C:\Users\ALX\Desktop\A.pdf
2019-06-04 00:19 - 2019-06-04 00:31 - 000002616 _____ C:\Users\ALX\Downloads\A Whole New World - Aladdin Violin Sheet Music - YouTube_mp4.HDP
2019-06-04 00:14 - 2019-06-04 00:14 - 003381666 _____ C:\Users\ALX\Downloads\A Whole New World - Aladdin Violin Sheet Music - YouTube.mp4
2019-06-03 23:41 - 2019-06-03 23:41 - 000000000 ___RD C:\Users\ALX\Downloads\Microsoft.SkypeApp_kzf8qxf38zg5c!App
2019-06-02 20:55 - 2019-06-02 21:31 - 000002540 _____ C:\Users\ALX\Downloads\Tapion Ocarina Alto C  (Sound Sample)_mp4.HDP
2019-06-02 20:43 - 2019-06-02 20:43 - 006363352 _____ C:\Users\ALX\Downloads\Tapion Ocarina Alto C  (Sound Sample).mp4
2019-05-27 23:35 - 2019-05-28 00:19 - 000090205 _____ C:\Users\ALX\Desktop\Copia_de_seguridad_de_Sin título-1.cdr
2019-05-27 22:24 - 2019-05-27 22:23 - 000363400 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-05-26 00:25 - 2019-05-28 00:24 - 000090828 _____ C:\Users\ALX\Desktop\Sin título-1.cdr
2019-05-25 21:42 - 2019-06-06 23:30 - 000000000 ____D C:\Users\ALX\Desktop\partitura
2019-05-25 20:26 - 2019-05-25 20:26 - 000004020 _____ C:\WINDOWS\System32\Tasks\Avast SecureLine VPN Update

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-20 21:46 - 2018-09-15 02:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-06-20 21:11 - 2018-09-15 02:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-06-20 21:11 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-06-20 21:11 - 2018-06-22 20:02 - 000000000 ____D C:\ProgramData\Packages
2019-06-20 21:06 - 2017-04-02 09:41 - 000000000 ____D C:\Users\ALX\AppData\Local\Adobe
2019-06-20 21:01 - 2019-03-31 00:32 - 000004214 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9A604F23-75EA-4073-9846-135FA71BB2BB}
2019-06-20 21:01 - 2017-04-02 12:08 - 000168104 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-06-20 20:58 - 2017-09-17 21:14 - 000000000 ____D C:\Users\ALX\AppData\Local\AVAST Software
2019-06-20 20:57 - 2018-12-03 22:31 - 000000000 ____D C:\Users\ALX\AppData\Local\LogMeIn Hamachi
2019-06-20 20:57 - 2017-04-09 11:45 - 000000000 ____D C:\Users\ALX\AppData\LocalLow\Mozilla
2019-06-20 20:57 - 2017-04-02 09:40 - 000000000 ____D C:\Users\ALX\AppData\Local\CrashDumps
2019-06-20 20:56 - 2019-03-31 00:32 - 000004210 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-06-19 22:11 - 2017-04-02 11:48 - 000000000 __SHD C:\Users\ALX\IntelGraphicsProfiles
2019-06-19 22:10 - 2019-03-31 00:32 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-06-19 22:10 - 2018-09-15 01:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-06-19 21:20 - 2018-02-21 21:35 - 000000000 ____D C:\Users\ALX\AppData\Roaming\ZHP
2019-06-19 21:14 - 2017-04-08 19:26 - 000000000 ____D C:\Users\ALX\AppData\Roaming\vlc
2019-06-19 21:02 - 2018-02-21 21:35 - 000000000 ____D C:\Users\ALX\AppData\Local\ZHP
2019-06-19 20:52 - 2019-03-30 23:47 - 005764328 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-06-18 23:39 - 2017-10-10 19:55 - 000000000 ____D C:\Program Files (x86)\IObit
2019-06-18 23:39 - 2017-10-10 19:54 - 000000000 ____D C:\Users\ALX\AppData\Roaming\IObit
2019-06-18 23:39 - 2017-10-10 19:54 - 000000000 ____D C:\ProgramData\IObit
2019-06-18 23:38 - 2018-03-23 19:59 - 000000000 ____D C:\AdwCleaner
2019-06-18 23:33 - 2019-03-03 13:04 - 000000000 ____D C:\Users\ALX\AppData\Roaming\DMCache
2019-06-18 23:25 - 2019-03-03 13:04 - 000000000 ____D C:\Users\ALX\AppData\Roaming\IDM
2019-06-18 23:24 - 2019-03-28 22:11 - 000000000 ___DC C:\WINDOWS\Panther
2019-06-18 23:24 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-06-18 23:24 - 2018-09-15 02:31 - 000000000 ____D C:\WINDOWS\INF
2019-06-18 23:19 - 2018-02-19 22:18 - 000000000 ____D C:\Program Files\CCleaner
2019-06-18 23:13 - 2019-03-31 00:32 - 000003030 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (ALX)
2019-06-18 23:05 - 2018-02-18 23:34 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-06-18 23:04 - 2018-09-15 02:33 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-06-18 22:21 - 2018-03-23 22:07 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-06-17 21:53 - 2017-04-02 12:08 - 000225600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-06-16 23:56 - 2017-04-08 23:01 - 000000000 ____D C:\ProgramData\Wondershare Video Converter Ultimate
2019-06-16 21:46 - 2019-03-31 00:32 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-06-15 23:54 - 2017-05-21 23:17 - 000000000 ____D C:\Users\ALX\Desktop\mkt
2019-06-15 22:52 - 2019-04-04 22:06 - 000216801 ____H C:\Users\ALX\Downloads\mxfilerelatedcache.mxc2
2019-06-15 22:18 - 2019-03-30 23:47 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-06-15 22:02 - 2019-03-31 00:32 - 000003374 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-843820469-2498997708-1912298089-1001
2019-06-15 22:02 - 2019-03-30 23:52 - 000002391 _____ C:\Users\ALX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-06-15 22:02 - 2017-04-02 07:17 - 000000000 ___RD C:\Users\ALX\OneDrive
2019-06-13 22:49 - 2017-06-01 23:57 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-06-13 22:36 - 2018-05-14 22:17 - 000000000 ___RD C:\Users\ALX\3D Objects
2019-06-13 22:36 - 2017-04-02 07:15 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-06-12 23:57 - 2017-10-20 23:39 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-06-12 23:56 - 2018-09-15 02:33 - 000000000 ___RD C:\Program Files\Windows Defender
2019-06-12 23:56 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\system32\migwiz
2019-06-12 23:56 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-06-12 22:23 - 2018-09-15 02:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-06-12 21:51 - 2019-03-31 00:32 - 000004622 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-06-12 21:51 - 2017-10-20 23:39 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-06-12 21:50 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-06-12 21:50 - 2018-09-15 02:33 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-06-12 00:26 - 2019-03-30 23:52 - 000000000 ____D C:\Users\ReportServer$ALX
2019-06-12 00:26 - 2019-03-30 23:52 - 000000000 ____D C:\Users\MSSQLFDLauncher$ALX
2019-06-12 00:26 - 2019-03-30 23:52 - 000000000 ____D C:\Users\MSSQL$ALX
2019-06-12 00:26 - 2019-03-30 23:52 - 000000000 ____D C:\Users\MSOLAP$ALX
2019-06-12 00:26 - 2019-03-30 23:52 - 000000000 ____D C:\Users\MsDtsServer110
2019-06-11 23:46 - 2019-03-31 00:32 - 000004614 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-06-11 23:46 - 2019-03-31 00:32 - 000004430 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2019-06-11 23:00 - 2019-03-31 00:32 - 000003548 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-06-11 23:00 - 2019-03-31 00:32 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2019-06-11 23:00 - 2019-03-31 00:32 - 000003324 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-06-11 23:00 - 2019-03-31 00:32 - 000002768 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-UEJKKSB-ALX
2019-06-11 23:00 - 2019-03-31 00:32 - 000002722 _____ C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-UEJKKSB-ALX
2019-06-11 23:00 - 2019-03-31 00:32 - 000002588 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2019-06-11 23:00 - 2019-03-31 00:32 - 000002480 _____ C:\WINDOWS\System32\Tasks\CAM
2019-06-11 23:00 - 2019-03-31 00:32 - 000002318 _____ C:\WINDOWS\System32\Tasks\{6CF3139D-9027-48E0-966A-9FF2CDDEDF24}
2019-06-11 23:00 - 2019-03-31 00:32 - 000002218 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-06-11 23:00 - 2019-03-31 00:32 - 000002038 _____ C:\WINDOWS\System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance
2019-06-11 23:00 - 2019-03-31 00:32 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2019-06-11 22:42 - 2018-09-15 02:36 - 000835688 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-06-11 22:42 - 2018-09-15 02:36 - 000179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-06-11 22:41 - 2018-03-14 23:48 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-06-11 22:34 - 2018-03-14 23:46 - 135349160 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-06-09 22:41 - 2019-02-15 22:35 - 000000000 ____D C:\Users\ALX\Desktop\usb
2019-06-06 21:51 - 2017-04-02 12:08 - 000167872 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys.156108245403101
2019-06-03 22:42 - 2017-04-02 10:00 - 000000000 ____D C:\Users\ALX\AppData\Local\ElevatedDiagnostics
2019-05-30 21:03 - 2017-04-02 12:08 - 000385880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-05-29 23:43 - 2017-04-02 07:15 - 000000000 ____D C:\Users\ALX\AppData\Local\Packages
2019-05-28 21:08 - 2019-04-14 19:59 - 000003856 _____ C:\WINDOWS\System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2019-05-28 21:08 - 2019-04-14 19:59 - 000003272 _____ C:\WINDOWS\System32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2019-05-28 21:08 - 2019-04-14 19:59 - 000002496 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2019-05-27 22:24 - 2019-02-27 23:36 - 000279120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-05-27 22:24 - 2017-04-02 12:13 - 000042288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-05-27 22:24 - 2017-04-02 12:08 - 000477584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-05-27 22:24 - 2017-04-02 12:08 - 000112312 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-05-27 22:24 - 2017-04-02 12:08 - 000087944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-05-27 22:23 - 2019-01-14 21:38 - 000262496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-05-27 22:23 - 2019-01-08 22:12 - 000205848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-05-27 22:23 - 2019-01-08 22:12 - 000061472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-05-27 22:23 - 2019-01-08 22:12 - 000037104 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-05-27 22:23 - 2017-11-19 12:48 - 000207448 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-05-27 22:23 - 2017-04-02 12:08 - 001030784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-05-26 00:27 - 2019-03-30 23:52 - 000000000 ____D C:\Users\ALX
2019-05-25 00:17 - 2019-03-18 21:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software

==================== Files in the root of some directories ================

2017-04-03 23:48 - 2018-12-30 21:39 - 000000034 _____ () C:\Users\ALX\AppData\Roaming\AdobeWLCMCache.dat
2017-04-06 23:39 - 2018-12-15 23:52 - 000000313 _____ () C:\Users\ALX\AppData\Roaming\qmiran.tmp
2018-02-15 22:24 - 2018-02-15 22:29 - 000001456 _____ () C:\Users\ALX\AppData\Local\Adobe Guardar para Web 13.0 Prefs
2017-04-02 09:22 - 2017-04-02 10:02 - 000064115 _____ () C:\Users\ALX\AppData\Local\rational_state.log
2018-03-31 01:02 - 2018-03-31 01:02 - 000007608 _____ () C:\Users\ALX\AppData\Local\Resmon.ResmonCfg

==================== FLock ================

2017-04-02 07:15 C:\WINDOWS\CSC

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================