Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04-12-2019 01 Ran by ck (administrator) on CHAKA (ASUSTeK COMPUTER INC. X550LA) (05-12-2019 11:23:24) Running from C:\Users\ck\Downloads Loaded Profiles: ck & openpgsvc (Available Profiles: ck & openpgsvc & Administrador) Platform: Windows 8.1 (Update) (X64) Language: Español (España, internacional) Default browser: Chrome Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUSTeK Computer Inc. -> ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler.exe (Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler64.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel(R) Software -> Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe (Intel(R) Software -> Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe (Intel(R) Software -> Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe (Intel(R) Software -> Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.19537_none_fa5691419b168859\TiWorker.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\11.2.0\server\bin\oracle.exe (Oracle Corporation) [File not signed] C:\oraclexe\app\oracle\product\11.2.0\server\bin\TNSLSNR.EXE (PostgreSQL Global Development Group) [File not signed] C:\Program Files (x86)\Odoo 11.0\PostgreSQL\bin\pg_ctl.exe (PostgreSQL Global Development Group) [File not signed] C:\Program Files (x86)\Odoo 11.0\PostgreSQL\bin\postgres.exe (PostgreSQL Global Development Group) [File not signed] C:\Program Files (x86)\Odoo 11.0\PostgreSQL\bin\postgres.exe (PostgreSQL Global Development Group) [File not signed] C:\Program Files (x86)\Odoo 11.0\PostgreSQL\bin\postgres.exe (PostgreSQL Global Development Group) [File not signed] C:\Program Files (x86)\Odoo 11.0\PostgreSQL\bin\postgres.exe (PostgreSQL Global Development Group) [File not signed] C:\Program Files (x86)\Odoo 11.0\PostgreSQL\bin\postgres.exe (PostgreSQL Global Development Group) [File not signed] C:\Program Files (x86)\Odoo 11.0\PostgreSQL\bin\postgres.exe (PostgreSQL Global Development Group) [File not signed] C:\Program Files (x86)\Odoo 11.0\PostgreSQL\bin\postgres.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Sony) [File not signed] C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\Windows\system32\DptfPolicyLpmServiceHelper.exe [114048 2013-10-18] (Intel(R) Software -> Intel Corporation) HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163800 2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed] HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-09-29] (AVAST Software s.r.o. -> AVAST Software) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645648 2019-10-05] (Oracle America, Inc. -> Oracle Corporation) HKU\S-1-5-21-191604999-3809266826-1454172177-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-15] (Piriform Software Ltd -> Piriform Ltd) HKU\S-1-5-21-191604999-3809266826-1454172177-1001\...\Run: [XperiaCompanionAgent] => C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe [1687392 2019-09-05] (Sony Mobile Communications AB -> Sony) HKLM\...\Providers\Internet Print Provider: inetpp.dll HKLM\...\Providers\LanMan Print Services: win32spl.dll HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.108\Installer\chrmstp.exe [2019-11-21] (Google LLC -> Google LLC) HKLM\Software\...\Winlogon\GPExtensions: [{0ACDD40C-75AC-47ab-BAA0-BF6DE7E7FE63}] -> C:\Windows\SysWOW64\wlgpclnt.dll [2014-10-29] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{16be69fa-4209-4250-88cb-716cf41954e0}] -> auditcse.dll HKLM\Software\...\Winlogon\GPExtensions: [{25537BA6-77A8-11D2-9B6C-0000F8080861}] -> C:\Windows\SysWOW64\fdeploy.dll [2014-10-29] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{426031c0-0b47-4852-b0ca-ac3d37bfcb39}] -> C:\Windows\SysWOW64\gptext.dll [2014-10-29] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{4d968b55-cac2-4ff5-983f-0a54603781a3}] -> WorkFoldersGPExt.dll HKLM\Software\...\Winlogon\GPExtensions: [{827D319E-6EAC-11D2-A4EA-00C04F79F83A}] -> C:\Windows\SysWOW64\scecli.dll [2014-10-29] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{B587E2B1-4D59-4e7e-AED9-22B9DF11D053}] -> C:\Windows\SysWOW64\dot3gpclnt.dll [2014-10-29] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{BA649533-0AAC-4E04-B9BC-4DBAE0325B12}] -> pwlauncher.dll HKLM\Software\...\Winlogon\GPExtensions: [{C34B2751-1CF4-44F5-9262-C3FC39666591}] -> pwlauncher.dll HKLM\Software\...\Winlogon\GPExtensions: [{cdeafc3d-948d-49dd-ab12-e578ba4af7aa}] -> C:\Windows\SysWOW64\gptext.dll [2014-10-29] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{f3ccc681-b74c-4060-9f26-cd84525dca2a}] -> auditcse.dll HKLM\Software\...\Winlogon\GPExtensions: [{FB2CA36D-0B40-4307-821B-A13B252DE56C}] -> C:\Windows\SysWOW64\gptext.dll [2014-10-29] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{fbf687e6-f063-4d9f-9f4f-fd9a26acdd5f}] -> C:\Windows\SysWOW64\gptext.dll [2014-10-29] (Microsoft Windows -> Microsoft Corporation) FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0D8A891D-890C-4808-84D8-2F436AB14653} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => aitagent.exe <==== ATTENTION Task: {0D9CDBDC-338F-4FE4-8D96-C666C8D97D9A} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489920 2017-06-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {29E7B218-0AC5-4FF5-AD85-995D7F0EA626} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2169960 2019-10-31] (Microsoft Corporation -> Microsoft Corporation) Task: {350EBBDF-8B8C-437D-8ACE-934F0DA78AEE} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27367496 2019-10-25] (Microsoft Corporation -> Microsoft Corporation) Task: {4458105F-B551-4EEC-83F0-FA287261F318} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1873288 2019-09-18] (AVAST Software s.r.o. -> AVAST Software) Task: {590DBAD5-C9EE-49D8-B7B9-7238FADB4EFE} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2019-09-29] (AVAST Software s.r.o. -> AVAST Software) Task: {5CE94B75-F023-45C1-86DB-4F74D0A4F5A2} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-15] (Piriform Software Ltd -> Piriform Software Ltd) Task: {5F036A9D-9806-45CE-8479-D5DCDC2B26D4} - System32\Tasks\P4GIntlCtrl => C:\Program Files\ASUS\P4G\IntlDPST.exe [74112 2014-02-11] (ASUSTeK Computer Inc. -> ) Task: {6441ED31-FF31-4A4C-8973-1506A6EBC465} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-05] (Google Inc -> Google LLC) Task: {6BBA5F93-2299-484D-8571-5D6E29C38FF7} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27367496 2019-10-25] (Microsoft Corporation -> Microsoft Corporation) Task: {7C154F4A-FF37-4C75-85B9-3430A6963862} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2169960 2019-10-31] (Microsoft Corporation -> Microsoft Corporation) Task: {7E5603A7-67AE-483A-A5DA-C054FD284E8C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-05] (Google Inc -> Google LLC) Task: {7F076146-CC0C-4A1F-BEB0-63EDD8ED3818} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6260640 2019-10-31] (Microsoft Corporation -> Microsoft Corporation) Task: {861891D9-30BC-4732-BF30-D10587B456CE} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [156504 2019-10-31] (Microsoft Corporation -> Microsoft Corporation) Task: {8E4A2D1F-69AD-4514-8F7A-8114FBEB564D} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [1038648 2014-02-11] (ASUSTeK Computer Inc. -> ASUS) Task: {8E50BD45-25F0-40F1-83AA-0DA16EB66B21} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19723888 2014-03-27] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) Task: {A1F61685-E993-4CD8-9115-11412B3AD4EF} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [109880 2014-01-14] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) Task: {A216000C-66D3-4E66-8A6E-D98AB5762D3C} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => C:\Windows\SysWOW64\BthUdTask.exe [35840 2014-10-29] (Microsoft Windows -> Microsoft Corporation) Task: {A7A567B3-627F-4CA4-A1F5-C81428E88835} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489920 2017-06-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {A996778B-92FD-4936-BE86-4A250666A758} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489920 2017-06-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {AA00ACAC-A028-47F7-AE33-63884E740738} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-15] (Piriform Software Ltd -> Piriform Ltd) Task: {B5DC8142-B52E-4900-B20A-74C9740A3A1A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems) Task: {D71E919D-51E8-4FAE-8BA6-AFBA8A09C54F} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [156504 2019-10-31] (Microsoft Corporation -> Microsoft Corporation) Task: {F85911C5-B24D-405D-A5F3-423AB050F20B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6260640 2019-10-31] (Microsoft Corporation -> Microsoft Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [152864 2010-10-07] (Apple Inc. -> Apple Inc.) Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [193824 2010-10-07] (Apple Inc. -> Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{B1F6D5E6-9A2A-4EEE-B235-38DCE2BEEEE2}: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{B1F6D5E6-9A2A-4EEE-B235-38DCE2BEEEE2}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{E3CC2BA6-7DC5-439F-891D-46ACD7885862}: [DhcpNameServer] 192.168.64.1 Internet Explorer: ================== HKU\S-1-5-21-191604999-3809266826-1454172177-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com/?pc=ASJB HKU\S-1-5-21-191604999-3809266826-1454172177-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB URLSearchHook: [S-1-5-21-191604999-3809266826-1454172177-1023] ATTENTION => Default URLSearchHook is missing SearchScopes: HKU\S-1-5-21-191604999-3809266826-1454172177-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-191604999-3809266826-1454172177-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2019-06-26] (Microsoft Corporation -> Microsoft Corporation) BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed] BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_231\bin\ssv.dll [2019-10-16] (Oracle America, Inc. -> Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_231\bin\jp2ssv.dll [2019-10-16] (Oracle America, Inc. -> Oracle Corporation) BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed] BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-04-05] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed] BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2019-10-31] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed] Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed] Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed] Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-31] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-10-31] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-31] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-10-31] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-31] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-10-31] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-10-31] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-10-31] (Microsoft Corporation -> Microsoft Corporation) FireFox: ======== FF Plugin: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2019-10-16] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2019-10-16] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-06-26] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-10-23] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-10-23] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-04-05] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-04-05] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-10-11] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR StartupUrls: Default -> "hxxps://www.google.es/","hxxp://www.iestrassierra.com/" CHR Notifications: Default -> hxxps://www1.sherwoodsutton.pro CHR Profile: C:\Users\ck\AppData\Local\Google\Chrome\User Data\Default [2019-12-05] CHR Extension: (Presentaciones) - C:\Users\ck\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-04-05] CHR Extension: (Universal Bypass) - C:\Users\ck\AppData\Local\Google\Chrome\User Data\Default\Extensions\aihomhdbhpnpmcnnbckjjcebjoikpihj [2019-11-30] CHR Extension: (Documentos) - C:\Users\ck\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-04-05] CHR Extension: (Google Drive) - C:\Users\ck\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-04-05] CHR Extension: (MEGA) - C:\Users\ck\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2019-11-29] CHR Extension: (Pop up blocker for Chrome™ - Poper Blocker) - C:\Users\ck\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2019-06-02] CHR Extension: (YouTube) - C:\Users\ck\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-04-05] CHR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\ck\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-10-22] CHR Extension: (Photovisi - Photo Collage Maker) - C:\Users\ck\AppData\Local\Google\Chrome\User Data\Default\Extensions\emkkfkcbnpdnhgeolpbggbdogfngiadf [2019-04-05] CHR Extension: (MyJDownloader Browser Extension) - C:\Users\ck\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbcohnmimjicjdomonkcbcpbpnhggkip [2019-04-05] CHR Extension: (Hojas de cálculo) - C:\Users\ck\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-04-05] CHR Extension: (Documentos de Google sin conexión) - C:\Users\ck\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-04-05] CHR Extension: (Dropbox) - C:\Users\ck\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2019-04-05] CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\ck\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03] CHR Extension: (Gmail) - C:\Users\ck\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-05] CHR Extension: (Chrome Media Router) - C:\Users\ck\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-10-22] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6085360 2019-10-18] (AVAST Software s.r.o. -> AVAST Software) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2019-09-29] (AVAST Software s.r.o. -> AVAST Software) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11642744 2019-10-25] (Microsoft Corporation -> Microsoft Corporation) S2 DptfParticipantProcessorService; C:\WINDOWS\system32\DptfParticipantProcessorService.exe [117704 2013-10-18] (Intel(R) Software -> Intel Corporation) R2 DptfPolicyConfigTDPService; C:\WINDOWS\system32\DptfPolicyConfigTDPService.exe [116680 2013-10-18] (Intel(R) Software -> Intel Corporation) R2 DptfPolicyCriticalService; C:\WINDOWS\system32\DptfPolicyCriticalService.exe [148160 2013-10-18] (Intel(R) Software -> Intel Corporation) R2 DptfPolicyLpmService; C:\WINDOWS\system32\DptfPolicyLpmService.exe [126952 2013-10-18] (Intel(R) Software -> Intel Corporation) R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [344976 2014-12-15] (Intel Corporation - pGFX -> Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [827392 2013-09-02] (Intel(R) Corporation) [File not signed] R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-10-23] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-10-23] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) S4 OracleJobSchedulerXE; c:\oraclexe\app\oracle\product\11.2.0\server\Bin\extjob.exe [45568 2014-05-29] () [File not signed] S3 OracleMTSRecoveryService; C:\oraclexe\app\oracle\product\11.2.0\server\BIN\omtsreco.exe [81408 2014-05-29] (Oracle Corporation) [File not signed] R2 OracleServiceXE; c:\oraclexe\app\oracle\product\11.2.0\server\bin\ORACLE.EXE [147110912 2014-05-30] (Oracle Corporation) [File not signed] S3 OracleXEClrAgent; C:\oraclexe\app\oracle\product\11.2.0\server\bin\OraClrAgnt.exe [83968 2014-05-29] (Oracle Corporation) [File not signed] R2 OracleXETNSListener; C:\oraclexe\app\oracle\product\11.2.0\server\BIN\tnslsnr.exe [522240 2014-05-29] (Oracle Corporation) [File not signed] S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [694016 2019-10-10] (Oracle Corporation -> Oracle Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation) R2 XperiaCompanionService; C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe [2548224 2019-09-05] (Sony) [File not signed] R2 PostgreSQL_For_Odoo; "C:\Program Files (x86)\Odoo 11.0\PostgreSQL\bin\pg_ctl.exe" runservice -N "PostgreSQL_For_Odoo" -D "C:\Program Files (x86)\Odoo 11.0\PostgreSQL\data" -w S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [X] ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 AgereSoftModem; C:\WINDOWS\system32\DRIVERS\agrsm64.sys [1146880 2013-06-18] (Microsoft Windows -> LSI Corp) R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37616 2019-09-29] (AVAST Software s.r.o. -> AVAST Software) R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [204824 2019-09-29] (AVAST Software s.r.o. -> AVAST Software) R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [274456 2019-09-29] (AVAST Software s.r.o. -> AVAST Software) R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [209552 2019-09-29] (AVAST Software s.r.o. -> AVAST Software) R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [65120 2019-09-29] (AVAST Software s.r.o. -> AVAST Software) R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42736 2019-09-29] (AVAST Software s.r.o. -> AVAST Software) R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [171520 2019-09-29] (AVAST Software s.r.o. -> AVAST Software) R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110320 2019-09-29] (AVAST Software s.r.o. -> AVAST Software) R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83792 2019-09-29] (AVAST Software s.r.o. -> AVAST Software) R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [848432 2019-09-30] (AVAST Software s.r.o. -> AVAST Software) R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460448 2019-09-30] (AVAST Software s.r.o. -> AVAST Software) S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [236024 2019-09-29] (AVAST Software s.r.o. -> AVAST Software) R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [316528 2019-09-29] (AVAST Software s.r.o. -> AVAST Software) R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [73512 2014-06-03] (ASUSTeK Computer Inc. -> ASUS Corporation) S3 bcmfn2; C:\WINDOWS\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Broadcom Corporation -> Windows (R) Win 7 DDK provider) R3 DptfDevDram; C:\WINDOWS\system32\DRIVERS\DptfDevDram.sys [145640 2013-10-18] (Intel(R) Software -> Intel Corporation) S3 DptfDevPch; C:\WINDOWS\system32\DRIVERS\DptfDevPch.sys [116752 2013-10-18] (Intel(R) Software -> Intel Corporation) S3 DptfDevProc; C:\WINDOWS\system32\DRIVERS\DptfDevProc.sys [289744 2013-10-18] (Intel(R) Software -> Intel Corporation) R3 DptfManager; C:\WINDOWS\system32\DRIVERS\DptfManager.sys [494296 2013-10-18] (Intel(R) Software -> Intel Corporation) R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [35136 2014-06-10] (Intel(R) Software -> Intel Corporation) R3 dptf_pch; C:\WINDOWS\System32\drivers\dptf_pch.sys [34072 2014-06-10] (Intel(R) Software -> Intel Corporation) S3 ggsomc; C:\WINDOWS\System32\drivers\ggsomc.sys [30424 2014-03-25] (Sony Mobile Communications AB -> Sony Mobile Communications) R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [17280 2012-08-06] (ASUSTeK Computer Inc. -> ) R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2014-02-11] (ASUSTeK Computer Inc. -> Windows (R) Win 7 DDK provider) R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [827096 2015-03-11] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation) S3 tapwindscribe0901; C:\WINDOWS\system32\DRIVERS\tapwindscribe0901.sys [45560 2018-07-06] (Windscribe Limited -> The OpenVPN Project) S3 usbrndis6; C:\WINDOWS\system32\DRIVERS\usb80236.sys [20992 2015-04-25] (Microsoft Windows -> Microsoft Corporation) R3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [237376 2019-10-11] (Oracle Corporation -> Oracle Corporation) R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [248464 2019-10-11] (Oracle Corporation -> Oracle Corporation) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation) U0 msahci; system32\drivers\msahci.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) =================== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-12-05 11:23 - 2019-12-05 11:24 - 000034294 _____ C:\Users\ck\Downloads\FRST.txt 2019-12-05 11:23 - 2019-12-05 11:23 - 000000000 ____D C:\Users\ck\Downloads\FRST-OlderVersion 2019-12-05 11:16 - 2019-12-05 11:16 - 000000165 ____H C:\Users\ck\Desktop\~$pesoç.xlsx 2019-12-05 10:20 - 2019-12-05 10:20 - 000002214 _____ C:\Users\ck\Downloads\array.php 2019-12-04 21:22 - 2019-12-04 21:22 - 000001254 _____ C:\Users\ck\Downloads\sistemaMatriculas.php 2019-12-04 20:49 - 2019-12-04 20:50 - 168292869 _____ C:\Users\ck\Downloads\OP 912.mp4 2019-12-04 20:48 - 2019-12-04 20:52 - 168169168 _____ C:\Users\ck\Downloads\BN 134.mp4 2019-12-04 20:29 - 2019-12-04 20:33 - 000039153 _____ C:\Users\ck\Downloads\Addition.txt 2019-12-04 20:27 - 2019-12-05 11:23 - 002263552 _____ (Farbar) C:\Users\ck\Downloads\FRST64.exe 2019-12-04 20:27 - 2019-12-05 11:23 - 000000000 ____D C:\FRST 2019-12-04 15:21 - 2019-12-04 15:21 - 000187993 _____ C:\Users\ck\Desktop\Diaz_Rodriguez_Carlos_ED03_TareaP.rar 2019-12-04 15:16 - 2019-12-04 15:17 - 000154503 _____ C:\Users\ck\Desktop\Entornos.pdf 2019-12-03 15:41 - 2019-12-03 15:41 - 000099482 _____ C:\Users\ck\Downloads\Gómez_García_Patricio_Tarea_online_1 (1).zip 2019-12-03 15:41 - 2019-12-03 15:41 - 000033981 _____ C:\Users\ck\Downloads\CRUD_Escuela-20191202T183051Z-001.zip 2019-12-02 15:51 - 2019-12-02 16:58 - 000000000 ____D C:\Users\ck\AppData\Roaming\ZHP 2019-12-02 15:51 - 2019-12-02 15:51 - 000000000 ____D C:\Users\ck\AppData\Local\ZHP 2019-12-02 09:45 - 2019-12-02 09:45 - 008218800 _____ (Malwarebytes) C:\Users\ck\Downloads\adwcleaner_8.0.0.exe 2019-12-02 09:45 - 2019-12-02 09:45 - 003334016 _____ (Nicolas Coolman) C:\Users\ck\Downloads\ZHPCleaner.exe 2019-12-02 00:27 - 2019-12-02 06:12 - 000000000 ____D C:\Users\ck\AppData\LocalLow\IGDump 2019-12-01 23:39 - 2019-12-01 23:39 - 000000000 ____D C:\Users\ck\AppData\Local\cache 2019-12-01 23:37 - 2019-12-01 23:37 - 001883976 _____ (Malwarebytes) C:\Users\ck\Downloads\MBSetup.exe 2019-12-01 23:17 - 2019-12-01 23:17 - 000008112 _____ C:\Users\ck\Downloads\src.rar 2019-12-01 23:11 - 2019-12-01 23:21 - 000466944 _____ C:\Users\ck\Documents\Database1.accdb 2019-12-01 21:20 - 2019-12-01 21:15 - 000000000 _____ C:\Users\ck\Documents\prueba.txt 2019-12-01 21:16 - 2019-12-01 21:16 - 000000000 ____D C:\Users\seguridad 2019-12-01 21:15 - 2019-12-01 21:15 - 000000000 _____ C:\Users\docs\prueba.txt 2019-12-01 15:34 - 2019-12-01 15:34 - 000137828 _____ C:\Users\ck\Downloads\Díaz_Rodríguez_Carlos_Tarea_presencial_3.rar 2019-11-27 20:44 - 2019-11-27 20:44 - 000000440 _____ C:\Users\ck\Desktop\Este equipo.lnk 2019-11-26 10:40 - 2019-11-26 10:42 - 000000000 ____D C:\Users\ck\.idea 2019-11-25 21:13 - 2019-12-01 21:15 - 000000000 ____D C:\Users\docs 2019-11-16 18:13 - 2019-09-29 00:25 - 000355720 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2019-11-15 19:32 - 2019-12-04 15:20 - 000000000 ____D C:\Users\ck\Desktop\Entornos 2019-11-13 08:56 - 2019-10-28 04:20 - 000121040 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll 2019-11-13 08:56 - 2019-10-28 03:40 - 000098296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll 2019-11-13 08:56 - 2019-10-25 08:54 - 001208320 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys 2019-11-13 08:56 - 2019-10-24 05:07 - 025753088 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2019-11-13 08:56 - 2019-10-24 04:43 - 002910720 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2019-11-13 08:56 - 2019-10-24 04:41 - 000580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2019-11-13 08:56 - 2019-10-24 04:30 - 000797184 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2019-11-13 08:56 - 2019-10-24 04:29 - 005500928 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2019-11-13 08:56 - 2019-10-24 04:23 - 020290048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2019-11-13 08:56 - 2019-10-24 04:08 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2019-11-13 08:56 - 2019-10-24 04:04 - 002304000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2019-11-13 08:56 - 2019-10-24 04:01 - 001033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2019-11-13 08:56 - 2019-10-24 03:58 - 000662528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2019-11-13 08:56 - 2019-10-24 03:55 - 000262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2019-11-13 08:56 - 2019-10-24 03:53 - 000809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2019-11-13 08:56 - 2019-10-24 03:53 - 000728064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2019-11-13 08:56 - 2019-10-24 03:53 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2019-11-13 08:56 - 2019-10-24 03:51 - 002132992 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2019-11-13 08:56 - 2019-10-24 03:47 - 015445504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2019-11-13 08:56 - 2019-10-24 03:39 - 004859392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2019-11-13 08:56 - 2019-10-24 03:37 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2019-11-13 08:56 - 2019-10-24 03:35 - 004112384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2019-11-13 08:56 - 2019-10-24 03:33 - 000230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2019-11-13 08:56 - 2019-10-24 03:32 - 002058752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2019-11-13 08:56 - 2019-10-24 03:32 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2019-11-13 08:56 - 2019-10-24 03:32 - 000333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2019-11-13 08:56 - 2019-10-24 03:28 - 001566720 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2019-11-13 08:56 - 2019-10-24 03:27 - 013838336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2019-11-13 08:56 - 2019-10-24 03:17 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2019-11-13 08:56 - 2019-10-24 03:13 - 004387840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2019-11-13 08:56 - 2019-10-24 03:10 - 001331712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2019-11-13 08:56 - 2019-10-24 03:09 - 000710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2019-11-13 08:56 - 2019-10-22 05:29 - 001541352 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2019-11-13 08:56 - 2019-10-22 01:42 - 001376768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2019-11-13 08:56 - 2019-10-17 03:43 - 001368800 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2019-11-13 08:56 - 2019-10-17 01:53 - 001085440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2019-11-13 08:56 - 2019-10-15 10:03 - 001311768 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll 2019-11-13 08:56 - 2019-10-15 07:15 - 007363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2019-11-13 08:56 - 2019-10-15 06:55 - 001308256 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll 2019-11-13 08:56 - 2019-10-15 06:54 - 000355576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys 2019-11-13 08:56 - 2019-10-15 04:48 - 004169216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2019-11-13 08:56 - 2019-10-15 04:24 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe 2019-11-13 08:56 - 2019-10-15 04:08 - 001040384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll 2019-11-13 08:56 - 2019-10-15 03:56 - 001994240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll 2019-11-13 08:56 - 2019-10-15 03:47 - 001384960 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll 2019-11-13 08:56 - 2019-10-15 03:28 - 001560064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll 2019-11-13 08:56 - 2019-10-15 03:27 - 000747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll 2019-11-13 08:56 - 2019-10-15 03:17 - 000827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe 2019-11-13 08:56 - 2019-10-11 17:29 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe 2019-11-13 08:56 - 2019-10-11 17:17 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll 2019-11-13 08:56 - 2019-10-11 16:45 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe 2019-11-13 08:56 - 2019-10-11 16:37 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll 2019-11-13 08:56 - 2019-10-11 16:17 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll 2019-11-13 08:56 - 2019-10-11 15:59 - 000332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll 2019-11-13 08:56 - 2019-10-11 05:53 - 000430840 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2019-11-13 08:56 - 2019-10-11 04:56 - 000320248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2019-11-13 08:56 - 2019-10-11 03:36 - 000445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll 2019-11-13 08:56 - 2019-10-11 03:08 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll 2019-11-13 08:56 - 2019-10-11 03:02 - 000840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll 2019-11-13 08:56 - 2019-10-11 02:44 - 000697344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll 2019-11-13 08:56 - 2019-10-11 02:28 - 000605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll 2019-11-13 08:56 - 2019-10-11 02:23 - 000565760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll 2019-11-13 08:56 - 2019-10-10 23:35 - 000374000 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2019-11-13 08:56 - 2019-10-10 23:32 - 000316144 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2019-11-13 08:56 - 2019-10-10 17:20 - 000044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2019-11-13 08:56 - 2019-10-10 16:50 - 000035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2019-11-13 08:56 - 2019-10-09 20:38 - 000470256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys 2019-11-13 08:56 - 2019-10-09 14:35 - 000111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll 2019-11-13 08:56 - 2019-10-04 14:35 - 000929280 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll 2019-11-13 08:56 - 2019-10-04 14:18 - 001312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll 2019-11-13 08:56 - 2019-09-27 18:53 - 003325440 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2019-11-13 08:56 - 2019-09-27 17:52 - 002779648 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2019-11-13 08:56 - 2019-09-27 17:50 - 003619328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2019-11-13 08:56 - 2019-09-27 17:07 - 002464256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2019-11-09 12:46 - 2019-11-09 12:46 - 000000000 ____D C:\Users\ck\Documents\Nueva Carpeta ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-12-05 11:18 - 2019-04-05 14:09 - 000000000 ____D C:\Users\ck\AppData\Roaming\BiglyBT 2019-12-05 08:18 - 2013-08-22 15:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2019-12-05 01:01 - 2019-04-05 14:39 - 000000000 ____D C:\Users\ck\AppData\Local\ClassicShell 2019-12-04 22:09 - 2014-05-15 03:29 - 000818522 _____ C:\WINDOWS\system32\perfh00A.dat 2019-12-04 22:09 - 2014-05-15 03:29 - 000170658 _____ C:\WINDOWS\system32\perfc00A.dat 2019-12-04 22:09 - 2014-03-18 16:26 - 001855928 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2019-12-04 22:09 - 2013-08-22 14:36 - 000000000 ____D C:\WINDOWS\Inf 2019-12-04 22:06 - 2019-04-05 17:04 - 000000000 ____D C:\Users\ck\AppData\Roaming\vlc 2019-12-04 20:05 - 2019-04-05 14:10 - 000000000 ____D C:\Program Files\BiglyBT 2019-12-04 16:31 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\NDF 2019-12-04 15:23 - 2013-08-22 14:25 - 000262144 ___SH C:\WINDOWS\system32\config\BBI 2019-12-04 15:17 - 2019-05-02 09:14 - 000000000 ____D C:\Users\ck\Documents\no guardado 2019-12-04 11:24 - 2017-09-07 14:47 - 000000000 ____D C:\Users\ck\AppData\Local\Packages 2019-12-03 09:46 - 2019-04-05 12:12 - 000003598 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-191604999-3809266826-1454172177-1001 2019-11-30 19:39 - 2019-10-02 12:51 - 000000000 ____D C:\Users\ck\Desktop\ciclo 2019-11-30 15:14 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\AppReadiness 2019-11-30 01:15 - 2019-08-31 11:46 - 000000000 ____D C:\Users\ck\Desktop\Nueva carpeta (2) 2019-11-29 19:09 - 2019-09-29 17:47 - 000000000 ____D C:\Users\ck\.android 2019-11-29 14:02 - 2019-08-14 14:43 - 000008912 _____ C:\Users\ck\Desktop\pesoç.xlsx 2019-11-29 08:19 - 2019-04-05 11:54 - 000000000 ____D C:\Users\ck 2019-11-29 00:45 - 2019-04-16 00:17 - 000000000 ____D C:\Users\ck\AppData\Local\CrashDumps 2019-11-23 09:57 - 2013-08-22 16:36 - 000000000 ___HD C:\Program Files\WindowsApps 2019-11-21 22:35 - 2019-04-05 13:51 - 000002244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2019-11-21 15:57 - 2018-09-30 09:41 - 000000000 ____D C:\Users\ck\Documents\NetBeansProjects 2019-11-16 18:13 - 2019-04-05 15:02 - 000003910 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update 2019-11-16 18:11 - 2019-05-07 08:34 - 000000000 _____ C:\WINDOWS\system32\last.dump 2019-11-15 19:48 - 2019-09-30 16:51 - 000000000 ____D C:\Users\ck\Downloads\Nueva carpeta 2019-11-15 17:53 - 2014-07-09 13:08 - 000000000 ____D C:\Program Files\Intel 2019-11-15 15:33 - 2019-04-05 17:01 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2019-11-15 00:56 - 2019-09-29 17:34 - 000000000 ____D C:\Users\ck\android-studio 2019-11-14 16:44 - 2013-08-22 16:20 - 000000000 ____D C:\WINDOWS\CbsTemp 2019-11-14 11:02 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\rescache 2019-11-13 21:12 - 2013-08-22 15:44 - 000487640 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2019-11-13 19:26 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2019-11-13 09:27 - 2019-04-07 15:24 - 000000000 ____D C:\WINDOWS\system32\MRT 2019-11-13 09:22 - 2019-04-07 15:24 - 128443096 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2019-11-11 10:23 - 2019-05-11 10:16 - 000000850 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk 2019-11-11 10:23 - 2019-05-11 10:16 - 000000000 ____D C:\Users\ck\AppData\Roaming\Notepad++ 2019-11-06 01:03 - 2019-10-14 17:52 - 000000000 ____D C:\Users\openpgsvc 2019-11-05 14:12 - 2019-04-05 13:51 - 000003536 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2019-11-05 14:12 - 2019-04-05 13:51 - 000003408 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2019-11-05 14:12 - 2019-04-05 13:51 - 000000000 ____D C:\Program Files (x86)\Google ==================== Files in the root of some directories ======== 2019-04-05 12:10 - 2019-10-07 15:53 - 000000093 _____ () C:\Users\ck\AppData\Roaming\sp_data.sys 2019-07-02 11:00 - 2019-07-02 11:00 - 000007605 _____ () C:\Users\ck\AppData\Local\Resmon.ResmonCfg ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) LastRegBack: 2019-12-05 08:29 ==================== End of FRST.txt ========================