Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-06-2019 01 Ran by carlo (administrator) on DESKTOP-1ROUNLV (HP HP Pavilion x360 Convertible 14-ba0xx) (08-06-2019 19:59:39) Running from C:\Users\carlo\Desktop Loaded Profiles: carlo & (Available Profiles: carlo) Platform: Windows 10 Home Single Language Version 1803 17134.765 (X64) Language: Español (México) Default browser: Chrome Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) () [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.46.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe () [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19041.16510.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe () [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe (Alfredo Anibal Santos Silva -> Carifred) C:\streamer\streamer.exe (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\74.4.115\QtWebEngineProcess.exe (Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\74.4.115\QtWebEngineProcess.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe (ELAN Microelectronics Corporation -> ELAN) C:\Program Files (x86)\ELAN\HP Pen Control\HP Pen Control.exe (Foxit Software Incorporated -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe (Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe (Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe (HP Inc. -> ) C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe (HP Inc. -> HP Development Company, L.P.) C:\Program Files (x86)\HP\HP CoolSense\CoolSense.exe (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Orbit Service\HPOrbitService.exe (HP Inc. -> HP) C:\Program Files (x86)\HP\HP 3D DriveGuard\hpservice.exe (HP Inc. -> HP) C:\Windows\System32\HP3DDGService.exe (HP Inc.) [File not signed] C:\Program Files\HPCommRecovery\HPCommRecovery.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe (Intel Corporation -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki121190.inf_amd64_47cec0e8450d81b4\igfxCUIService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki121190.inf_amd64_47cec0e8450d81b4\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki121190.inf_amd64_47cec0e8450d81b4\IntelCpHDCPSvc.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki121190.inf_amd64_47cec0e8450d81b4\IntelCpHeciSvc.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation -> Microsoft Corporation) C:\Users\carlo\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.46.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe (Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTServer.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-11] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9192960 2017-04-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [231640 2016-09-20] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3349720 2017-03-14] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [262024 2019-05-27] (AVAST Software s.r.o. -> AVAST Software) HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [1062392 2017-03-15] (HP Inc. -> HP Inc.) HKLM-x32\...\Run: [EzClick] => C:\Program Files (x86)\ELAN\HP Pen Control\HP Pen Control.exe [2206864 2017-02-24] (ELAN Microelectronics Corporation -> ELAN) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [5576512 2019-06-04] (Dropbox, Inc -> Dropbox, Inc.) HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06082019194625601\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06082019194628090\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-11] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-21-2013334426-3726624131-627284932-1001\...\Run: [flaterem] => C:\streamer\streamer.exe [862216 2018-10-14] (Alfredo Anibal Santos Silva -> Carifred) HKU\S-1-5-21-2013334426-3726624131-627284932-1001\...\Run: [strdat] => C:\WINDOWS\system32\cmd.exe /c start C:\streamer\streamer.exe /AutoIt3ExecuteScript "C:\streamer\stream.txt" & exit HKU\S-1-5-21-2013334426-3726624131-627284932-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22515488 2019-04-04] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-2013334426-3726624131-627284932-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06082019194628924\...\Run: [flaterem] => C:\streamer\streamer.exe [862216 2018-10-14] (Alfredo Anibal Santos Silva -> Carifred) HKU\S-1-5-21-2013334426-3726624131-627284932-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06082019194628924\...\Run: [strdat] => C:\WINDOWS\system32\cmd.exe /c start C:\streamer\streamer.exe /AutoIt3ExecuteScript "C:\streamer\stream.txt" & exit HKU\S-1-5-21-2013334426-3726624131-627284932-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06082019194628924\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22515488 2019-04-04] (Piriform Software Ltd -> Piriform Software Ltd) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.80\Installer\chrmstp.exe [2019-06-05] (Google LLC -> Google LLC) FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0C9BAF96-A7D8-4600-8B0C-0436673D6084} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1459056 2018-05-04] (HP Inc. -> HP Inc.) Task: {0E38993B-E8FA-41E1-A710-DDB9964673DF} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1479056 2018-12-21] (Microsoft Corporation -> Microsoft Corporation) Task: {1579A0C6-C248-4237-86B4-7F977C24F2D9} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2281944 2019-06-04] (AVAST Software s.r.o. -> AVAST Software) Task: {21269B1A-8391-4392-A2EC-7D2D97369846} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-12-22] (Google Inc -> Google Inc.) Task: {21BF420E-2B20-4143-976E-CAA2CFB57015} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24223088 2018-12-07] (Microsoft Corporation -> Microsoft Corporation) Task: {23005622-EA01-4155-B363-1F9E4237B1ED} - System32\Tasks\HPJumpStartLaunch => C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe [459264 2017-02-01] (HP Inc. -> ) Task: {2722F9DC-A543-4591-9ADE-5D860C4E78D5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [208760 2018-06-27] (HP Inc. -> HP Inc.) Task: {2ABB9DD2-07BA-4D2C-85B2-F3502F0F4C89} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16509040 2019-04-04] (Piriform Software Ltd -> Piriform Software Ltd) Task: {2E911B83-3479-4B7C-AAB8-E9E1EFF2599D} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [543536 2016-10-13] (Intel(R) Trust Services -> Intel(R) Corporation) Task: {3141C016-39CC-4A66-ACE6-ED857D6236D0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [124280 2018-08-17] (HP Inc. -> HP Inc.) Task: {3170B5E9-ABEC-40BC-90D1-74514D4E8EAF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [651400 2017-09-20] (Hewlett Packard -> HP Inc.) Task: {3965EE1B-A788-4158-9120-1FCA2D868B7E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-12-22] (Google Inc -> Google Inc.) Task: {58A5C71E-A78D-426A-8A7F-66E180444B95} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [745856 2018-12-21] (Microsoft Corporation -> Microsoft Corporation) Task: {6DA9E37F-5C1B-450B-ACEB-07377FF1BDAB} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [91968 2018-12-21] (Microsoft Corporation -> Microsoft Corporation) Task: {80F94A5E-180C-48C2-9570-1CF65D8BBDC1} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1479056 2018-12-21] (Microsoft Corporation -> Microsoft Corporation) Task: {852FB122-F3BA-458E-9D25-FAEF571BC4BA} - System32\Tasks\Avast TUNEUP Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe Task: {88F206DC-7159-4723-9448-FE7635CF985D} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-12-21] (Dropbox, Inc -> Dropbox, Inc.) Task: {993CDB4C-9C4D-4368-BDE9-B199D3B09ED4} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24223088 2018-12-07] (Microsoft Corporation -> Microsoft Corporation) Task: {A712716C-D419-407D-956B-8B6A9BA876C1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1459056 2018-05-04] (HP Inc. -> HP Inc.) Task: {A9CD3745-70A4-48C9-A281-E5AEEC29778C} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644960 2017-02-02] (HP Inc. -> HP Inc.) Task: {AE328CF1-EA05-48B1-8E2F-153031BCD240} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [198696 2016-12-06] (HP Inc. -> HP Inc.) Task: {AF030B58-94C3-417F-8610-F5A0939556BE} - System32\Tasks\Microsoft\Windows\rempl\shell-usoscan => C:\Program Files\rempl\remsh.exe Task: {B7B105AE-8536-4C57-B9E7-9DEA6C713EE0} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs] Task: {C61A3BC5-EDB1-4940-94E7-CCCEB66F4822} - System32\Tasks\HP\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\HP\HP CoolSense\CoolSense.exe [1356648 2017-01-12] (HP Inc. -> HP Development Company, L.P.) Task: {CF01EF70-0EC1-41C4-B122-A03156A963E1} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2934152 2019-05-27] (AVAST Software s.r.o. -> AVAST Software) Task: {DCE8649E-8194-4A70-9CBE-5AFA2EA797A0} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [91968 2018-12-21] (Microsoft Corporation -> Microsoft Corporation) Task: {E26B4267-05BA-4E44-B62A-D6AF910D0980} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-12-21] (Dropbox, Inc -> Dropbox, Inc.) Task: {EA0B06CE-F4F0-4EBB-9961-5DBEE0E0FC41} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-04-04] (Piriform Software Ltd -> Piriform Software Ltd) Task: {FE9067B7-677E-4C81-88C1-8DA8AF6C25E4} - System32\Tasks\HPCeeScheduleForcarlo => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [99392 2016-05-12] (Hewlett-Packard Company -> HP Development Company, L.P.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\HPCeeScheduleForcarlo.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{09d3804a-85ce-46f1-9d36-3893adee8394}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{671ccc02-cd99-4264-8b9f-e352787ef419}: [DhcpNameServer] 172.168.0.5 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE HKU\S-1-5-21-2013334426-3726624131-627284932-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE HKU\S-1-5-21-2013334426-3726624131-627284932-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE HKU\S-1-5-21-2013334426-3726624131-627284932-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06082019194628924\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE HKU\S-1-5-21-2013334426-3726624131-627284932-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-06082019194628924\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-12-21] (Microsoft Corporation -> Microsoft Corporation) BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-12-06] (HP Inc. -> HP Inc.) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-12-06] (HP Inc. -> HP Inc.) Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - No File Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-12-02] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-12-02] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-12-02] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-12-02] (Microsoft Corporation -> Microsoft Corporation) Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - No File Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - No File Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} - No File FireFox: ======== FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-09-11] (Foxit Software Incorporated -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-09-11] (Foxit Software Incorporated -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-09-11] (Foxit Software Incorporated -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-09-11] (Foxit Software Incorporated -> Foxit Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-09-15] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-16] (Google Inc -> Google LLC) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-16] (Google Inc -> Google LLC) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2016-11-22] (WildTangent Inc -> ) Chrome: ======= CHR DefaultProfile: Default CHR HomePage: Default -> hxxp://www.mystartsearch.com/?type=hp&ts=1434984565&z=802ca58d9deb8511a34ea83g8z9c7z4tab5zdwdqcc&from=wpc&uid=ST500LT012-1DG142_W3PDLW8Z CHR StartupUrls: Default -> "hxxps://www.google.com.ar/" CHR NewTab: Default -> Not-active:"chrome-extension://jpfpebmajhhopeonhlcgidhclcccjcik/newtab.html" CHR Profile: C:\Users\carlo\AppData\Local\Google\Chrome\User Data\Default [2019-06-08] CHR Extension: (Presentaciones) - C:\Users\carlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-22] CHR Extension: (Documentos) - C:\Users\carlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-22] CHR Extension: (Google Drive) - C:\Users\carlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-25] CHR Extension: (YouTube) - C:\Users\carlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-22] CHR Extension: (Hojas de cálculo) - C:\Users\carlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-22] CHR Extension: (Speed ​​Dial 2 Nueva pestaña) - C:\Users\carlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2018-08-12] CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\carlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-06] CHR Extension: (Gmail) - C:\Users\carlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-09] CHR Extension: (Chrome Media Router) - C:\Users\carlo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-07] CHR Profile: C:\Users\carlo\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-06-06] CHR Profile: C:\Users\carlo\AppData\Local\Google\Chrome\User Data\System Profile [2019-06-06] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6844776 2019-05-28] (AVAST Software s.r.o. -> AVAST Software) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [409224 2019-05-27] (AVAST Software s.r.o. -> AVAST Software) S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-05-27] (AVAST Software s.r.o. -> AVAST Software) R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [126944 2017-03-07] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9646240 2018-12-07] (Microsoft Corporation -> Microsoft Corporation) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-12-21] (Dropbox, Inc -> Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-12-21] (Dropbox, Inc -> Dropbox, Inc.) R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2019-06-04] (Dropbox, Inc -> Dropbox, Inc.) R2 esifsvc; C:\WINDOWS\system32\Intel\DPTF\esif_uf.exe [2218552 2017-03-17] (Intel Corporation -> Intel Corporation) R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144600 2017-03-14] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [244448 2014-10-28] (Foxit Software Incorporated -> Foxit Software Inc.) S2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [350064 2016-11-22] (WildTangent Inc -> WildTangent) R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1309184 2016-10-07] (HP Inc.) [File not signed] R2 HP Orbit Service; C:\Program Files\HP\HP Orbit Service\HPOrbitService.exe [3421616 2017-06-20] (HP Inc. -> HP Inc.) R2 hp3ddgsrv; C:\WINDOWS\system32\HP3DDGService.exe [130072 2017-09-22] (HP Inc. -> HP) R2 HPJumpStartBridge; c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [471040 2017-04-03] (HP Inc. -> HP Inc.) S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-04] (Hewlett-Packard Company -> HP) R2 hpsrv; C:\Program Files (x86)\HP\HP 3D DriveGuard\hpservice.exe [28192 2017-11-20] (HP Inc. -> HP) R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [333688 2018-06-13] (HP Inc. -> HP Inc.) R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [630776 2017-02-06] (HP Inc. -> HP Inc.) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17976 2016-09-20] (Intel(R) Rapid Storage Technology -> Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [630048 2016-10-13] (Intel(R) Trust Services -> Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [196200 2016-12-19] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes) R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2013-09-13] (Arvato Digital Services Canada Inc -> arvato digital services llc) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324600 2017-04-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4413440 2019-03-14] (Microsoft Corporation -> Microsoft Corporation) U2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107160 2019-02-16] (Microsoft Corporation -> Microsoft Corporation) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 Accelerometer; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [52648 2017-09-22] (HP Inc. -> HP) R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37104 2019-05-27] (AVAST Software s.r.o. -> AVAST Software) R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [207448 2019-05-27] (AVAST Software s.r.o. -> AVAST Software) R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [262496 2019-05-27] (AVAST Software s.r.o. -> AVAST Software) R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [205848 2019-05-27] (AVAST Software s.r.o. -> AVAST Software) R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [61472 2019-05-27] (AVAST Software s.r.o. -> AVAST Software) R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-17] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software) R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [279120 2019-05-27] (AVAST Software s.r.o. -> AVAST Software) R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42288 2019-05-27] (AVAST Software s.r.o. -> AVAST Software) R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [167872 2019-06-06] (AVAST Software s.r.o. -> AVAST Software) R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112312 2019-05-27] (AVAST Software s.r.o. -> AVAST Software) R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [87944 2019-05-27] (AVAST Software s.r.o. -> AVAST Software) R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1030784 2019-05-27] (AVAST Software s.r.o. -> AVAST Software) R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [477584 2019-05-27] (AVAST Software s.r.o. -> AVAST Software) R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [225608 2019-06-03] (AVAST Software s.r.o. -> AVAST Software) R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [385880 2019-05-30] (AVAST Software s.r.o. -> AVAST Software) S3 bcmfn2; C:\WINDOWS\System32\drivers\bcmfn2.sys [9728 2018-04-11] (Microsoft Windows -> Windows (R) Win 7 DDK provider) R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [72584 2017-03-17] (Intel Corporation -> Intel Corporation) R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [67976 2017-03-17] (Intel Corporation -> Intel Corporation) R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [355208 2017-03-17] (Intel Corporation -> Intel Corporation) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes) R3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [32840 2017-03-14] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.) R3 HID_PCI; C:\WINDOWS\System32\drivers\HID_PCI.sys [31328 2016-08-10] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel) R0 hpdskflt; C:\WINDOWS\System32\DRIVERS\hpdskflt.sys [38816 2017-09-22] (HP Inc. -> HP) R3 ISH; C:\WINDOWS\System32\drivers\ISH.sys [143984 2016-09-19] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel) R3 ISH_BusDriver; C:\WINDOWS\System32\drivers\ISH_BusDriver.sys [80496 2016-08-18] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [199768 2019-06-06] (Malwarebytes Corporation -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [127136 2019-06-07] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73912 2019-06-07] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2019-06-07] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [117344 2019-06-07] (Malwarebytes Corporation -> Malwarebytes) R3 RtkBtFilter; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [784264 2018-05-31] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation) R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [781792 2017-03-14] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation) R3 RTWlanE; C:\WINDOWS\system32\DRIVERS\rtwlane.sys [7904088 2018-04-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation ) R3 VirtualButtons; C:\WINDOWS\System32\drivers\VirtualButtons.sys [42000 2017-03-31] (Intel(R) Software -> Intel Corporation) S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44616 2018-04-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [331680 2018-04-11] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-11] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-06-08 19:59 - 2019-06-08 20:02 - 000035322 _____ C:\Users\carlo\Desktop\FRST.txt 2019-06-08 19:59 - 2019-06-08 19:59 - 000000000 ____D C:\FRST 2019-06-08 19:49 - 2019-06-08 19:49 - 002417664 _____ (Farbar) C:\Users\carlo\Desktop\FRST64.exe 2019-06-08 19:48 - 2019-06-08 19:48 - 001128507 _____ C:\Users\carlo\Downloads\Sin confirmar 651601.crdownload 2019-06-07 09:11 - 2019-06-07 08:59 - 000592616 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2019-06-07 08:58 - 2019-06-07 08:58 - 000127136 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2019-06-07 08:58 - 2019-06-07 08:58 - 000117344 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2019-06-07 08:58 - 2019-06-07 08:58 - 000073912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2019-06-07 08:58 - 2019-06-07 08:58 - 000000000 ___HD C:\ProgramData\temp 2019-06-06 11:04 - 2019-06-07 08:58 - 000275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2019-06-06 10:21 - 2019-06-06 10:22 - 000000000 ____D C:\Users\carlo\Documents\copia de seguridad del registro 2019-06-06 10:10 - 2019-06-06 11:08 - 000000000 ____D C:\Users\carlo\AppData\Roaming\ZHP 2019-06-06 10:10 - 2019-06-06 10:43 - 000000882 _____ C:\Users\carlo\Desktop\ZHPCleaner.lnk 2019-06-06 10:10 - 2019-06-06 10:10 - 000000000 ____D C:\Users\carlo\AppData\Local\ZHP 2019-06-06 10:08 - 2019-06-06 10:29 - 000000000 ____D C:\AdwCleaner 2019-06-06 10:07 - 2019-06-06 10:07 - 000003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update 2019-06-06 10:07 - 2019-06-06 10:07 - 000002888 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC 2019-06-06 10:07 - 2019-06-06 10:07 - 000000870 _____ C:\Users\Public\Desktop\CCleaner.lnk 2019-06-06 10:07 - 2019-06-06 10:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2019-06-06 10:07 - 2019-06-06 10:07 - 000000000 ____D C:\Program Files\CCleaner 2019-06-06 10:06 - 2019-06-06 10:06 - 000000000 ____D C:\Users\carlo\AppData\Local\mbam 2019-06-06 10:05 - 2019-06-06 10:05 - 000199768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2019-06-06 10:05 - 2019-06-06 10:05 - 000001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2019-06-06 10:05 - 2019-06-06 10:05 - 000000000 ____D C:\Users\carlo\AppData\Local\mbamtray 2019-06-06 10:05 - 2019-06-06 10:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2019-06-06 10:05 - 2019-02-01 12:20 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2019-06-06 10:04 - 2019-06-06 10:04 - 000000000 ____D C:\ProgramData\Malwarebytes 2019-06-06 10:04 - 2019-06-06 10:04 - 000000000 ____D C:\Program Files\Malwarebytes 2019-06-06 10:04 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2019-06-06 09:52 - 2019-06-06 09:54 - 007025360 _____ (Malwarebytes) C:\Users\carlo\Desktop\adwcleaner_7.3.exe 2019-06-05 15:46 - 2019-06-05 15:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2019-06-04 12:43 - 2019-06-04 12:43 - 002645026 _____ C:\Users\carlo\Downloads\7 Ayunos.pdf 2019-06-04 09:11 - 2019-06-04 09:11 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe 2019-06-04 09:11 - 2019-06-04 09:11 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys 2019-06-04 09:11 - 2019-06-04 09:11 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys 2019-06-04 09:11 - 2019-06-04 09:11 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys 2019-05-27 11:17 - 2019-05-27 11:16 - 000363400 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2019-05-20 18:47 - 2019-06-03 19:12 - 000091136 _____ C:\Users\carlo\Desktop\PLANILLAS ADMINISTRACION.xls 2019-05-17 15:01 - 2019-05-03 20:53 - 000835688 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2019-05-17 15:01 - 2019-05-03 20:53 - 000179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2019-05-16 14:14 - 2019-05-03 03:31 - 007519888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2019-05-16 14:14 - 2019-05-03 03:18 - 006569344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2019-05-16 14:14 - 2019-05-03 03:12 - 025855488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2019-05-16 14:14 - 2019-05-03 03:10 - 022017024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2019-05-16 14:14 - 2019-05-03 03:05 - 022716416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2019-05-16 14:14 - 2019-05-03 02:56 - 005350912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2019-05-16 14:14 - 2019-05-03 02:54 - 004929024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2019-05-16 14:13 - 2019-05-03 09:14 - 000790208 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2019-05-16 14:13 - 2019-05-03 09:13 - 001376472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2019-05-16 14:13 - 2019-05-03 09:13 - 000396088 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2019-05-16 14:13 - 2019-05-03 08:55 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll 2019-05-16 14:13 - 2019-05-03 08:54 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll 2019-05-16 14:13 - 2019-05-03 08:52 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll 2019-05-16 14:13 - 2019-05-03 08:51 - 003613696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2019-05-16 14:13 - 2019-05-03 08:51 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll 2019-05-16 14:13 - 2019-05-03 08:50 - 004054528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2019-05-16 14:13 - 2019-05-03 08:50 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2019-05-16 14:13 - 2019-05-03 08:49 - 001288704 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll 2019-05-16 14:13 - 2019-05-03 08:49 - 000488448 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll 2019-05-16 14:13 - 2019-05-03 08:49 - 000210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE 2019-05-16 14:13 - 2019-05-03 08:43 - 001027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2019-05-16 14:13 - 2019-05-03 08:43 - 000662328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2019-05-16 14:13 - 2019-05-03 08:30 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll 2019-05-16 14:13 - 2019-05-03 08:30 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll 2019-05-16 14:13 - 2019-05-03 08:28 - 002882048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2019-05-16 14:13 - 2019-05-03 08:27 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE 2019-05-16 14:13 - 2019-05-03 08:26 - 000425472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll 2019-05-16 14:13 - 2019-05-03 08:25 - 004055040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2019-05-16 14:13 - 2019-05-03 08:25 - 001471488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2019-05-16 14:13 - 2019-05-03 03:43 - 000177128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys 2019-05-16 14:13 - 2019-05-03 03:36 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe 2019-05-16 14:13 - 2019-05-03 03:34 - 000159864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe 2019-05-16 14:13 - 2019-05-03 03:33 - 005625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll 2019-05-16 14:13 - 2019-05-03 03:33 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2019-05-16 14:13 - 2019-05-03 03:33 - 001027384 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2019-05-16 14:13 - 2019-05-03 03:33 - 000709720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2019-05-16 14:13 - 2019-05-03 03:33 - 000568104 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe 2019-05-16 14:13 - 2019-05-03 03:33 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll 2019-05-16 14:13 - 2019-05-03 03:33 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys 2019-05-16 14:13 - 2019-05-03 03:33 - 000063072 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptdll.dll 2019-05-16 14:13 - 2019-05-03 03:32 - 000793640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2019-05-16 14:13 - 2019-05-03 03:32 - 000776784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2019-05-16 14:13 - 2019-05-03 03:32 - 000493880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe 2019-05-16 14:13 - 2019-05-03 03:32 - 000438984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll 2019-05-16 14:13 - 2019-05-03 03:32 - 000209208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe 2019-05-16 14:13 - 2019-05-03 03:32 - 000170296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2019-05-16 14:13 - 2019-05-03 03:32 - 000164664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys 2019-05-16 14:13 - 2019-05-03 03:31 - 009084432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2019-05-16 14:13 - 2019-05-03 03:31 - 007436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2019-05-16 14:13 - 2019-05-03 03:31 - 002811192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2019-05-16 14:13 - 2019-05-03 03:31 - 002771256 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2019-05-16 14:13 - 2019-05-03 03:31 - 001459328 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2019-05-16 14:13 - 2019-05-03 03:31 - 001260480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2019-05-16 14:13 - 2019-05-03 03:31 - 001141224 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2019-05-16 14:13 - 2019-05-03 03:31 - 001098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll 2019-05-16 14:13 - 2019-05-03 03:31 - 000983632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2019-05-16 14:13 - 2019-05-03 03:31 - 000545808 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll 2019-05-16 14:13 - 2019-05-03 03:31 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2019-05-16 14:13 - 2019-05-03 03:31 - 000115728 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll 2019-05-16 14:13 - 2019-05-03 03:20 - 000434704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe 2019-05-16 14:13 - 2019-05-03 03:20 - 000384976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll 2019-05-16 14:13 - 2019-05-03 03:20 - 000192016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe 2019-05-16 14:13 - 2019-05-03 03:20 - 000146920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe 2019-05-16 14:13 - 2019-05-03 03:19 - 006043712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2019-05-16 14:13 - 2019-05-03 03:19 - 000665224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll 2019-05-16 14:13 - 2019-05-03 03:19 - 000056288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptdll.dll 2019-05-16 14:13 - 2019-05-03 03:18 - 002258640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2019-05-16 14:13 - 2019-05-03 03:18 - 001130568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll 2019-05-16 14:13 - 2019-05-03 03:02 - 019401216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2019-05-16 14:13 - 2019-05-03 03:02 - 004866048 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2019-05-16 14:13 - 2019-05-03 03:01 - 008189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2019-05-16 14:13 - 2019-05-03 03:00 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2019-05-16 14:13 - 2019-05-03 03:00 - 003400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2019-05-16 14:13 - 2019-05-03 03:00 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-kernel-processor-power-events.dll 2019-05-16 14:13 - 2019-05-03 02:59 - 007593472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2019-05-16 14:13 - 2019-05-03 02:59 - 005788672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2019-05-16 14:13 - 2019-05-03 02:59 - 003710976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2019-05-16 14:13 - 2019-05-03 02:59 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll 2019-05-16 14:13 - 2019-05-03 02:59 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe 2019-05-16 14:13 - 2019-05-03 02:59 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll 2019-05-16 14:13 - 2019-05-03 02:59 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll 2019-05-16 14:13 - 2019-05-03 02:58 - 002175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2019-05-16 14:13 - 2019-05-03 02:58 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll 2019-05-16 14:13 - 2019-05-03 02:58 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll 2019-05-16 14:13 - 2019-05-03 02:58 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll 2019-05-16 14:13 - 2019-05-03 02:58 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2019-05-16 14:13 - 2019-05-03 02:58 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe 2019-05-16 14:13 - 2019-05-03 02:57 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll 2019-05-16 14:13 - 2019-05-03 02:57 - 001560576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2019-05-16 14:13 - 2019-05-03 02:57 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2019-05-16 14:13 - 2019-05-03 02:57 - 001295872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll 2019-05-16 14:13 - 2019-05-03 02:57 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll 2019-05-16 14:13 - 2019-05-03 02:57 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll 2019-05-16 14:13 - 2019-05-03 02:57 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2019-05-16 14:13 - 2019-05-03 02:56 - 001803776 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2019-05-16 14:13 - 2019-05-03 02:56 - 000773632 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll 2019-05-16 14:13 - 2019-05-03 02:56 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll 2019-05-16 14:13 - 2019-05-03 02:56 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll 2019-05-16 14:13 - 2019-05-03 02:55 - 003090432 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2019-05-16 14:13 - 2019-05-03 02:55 - 002166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2019-05-16 14:13 - 2019-05-03 02:55 - 000659968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll 2019-05-16 14:13 - 2019-05-03 02:54 - 001628672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2019-05-16 14:13 - 2019-05-03 02:54 - 001097728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys 2019-05-16 14:13 - 2019-05-03 02:54 - 000961024 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll 2019-05-16 14:13 - 2019-05-03 02:54 - 000845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll 2019-05-16 14:13 - 2019-05-03 02:54 - 000778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL 2019-05-16 14:13 - 2019-05-03 02:54 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2019-05-16 14:13 - 2019-05-03 02:54 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2019-05-16 14:13 - 2019-05-03 02:54 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll 2019-05-16 14:13 - 2019-05-03 02:54 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2019-05-16 14:13 - 2019-05-03 02:54 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2019-05-16 14:13 - 2019-05-03 02:54 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll 2019-05-16 14:13 - 2019-05-03 02:54 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll 2019-05-16 14:13 - 2019-05-03 02:53 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys 2019-05-16 14:13 - 2019-05-03 02:53 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys 2019-05-16 14:13 - 2019-05-03 02:53 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys 2019-05-16 14:13 - 2019-05-03 02:53 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys 2019-05-16 14:13 - 2019-05-03 01:38 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim 2019-05-16 14:13 - 2019-04-23 04:13 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll 2019-05-16 14:13 - 2019-04-23 03:14 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll 2019-05-16 14:13 - 2019-04-19 07:55 - 001634920 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2019-05-16 14:13 - 2019-04-19 07:54 - 000720200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll 2019-05-16 14:13 - 2019-04-19 07:39 - 012754944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2019-05-16 14:13 - 2019-04-19 07:38 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDSPnf.exe 2019-05-16 14:13 - 2019-04-19 07:38 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfproc.dll 2019-05-16 14:13 - 2019-04-19 07:36 - 000346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll 2019-05-16 14:13 - 2019-04-19 07:34 - 000522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2019-05-16 14:13 - 2019-04-19 06:44 - 001454648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2019-05-16 14:13 - 2019-04-19 06:37 - 000607960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll 2019-05-16 14:13 - 2019-04-19 06:30 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfproc.dll 2019-05-16 14:13 - 2019-04-19 06:28 - 011940864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2019-05-16 14:13 - 2019-04-19 06:26 - 002405888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll 2019-05-16 14:13 - 2019-04-19 06:25 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2019-05-16 14:13 - 2019-04-19 02:07 - 000985400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2019-05-16 14:13 - 2019-04-19 02:06 - 002571632 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2019-05-16 14:13 - 2019-04-19 02:06 - 000798520 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll 2019-05-16 14:13 - 2019-04-19 02:06 - 000713264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll 2019-05-16 14:13 - 2019-04-19 02:06 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2019-05-16 14:13 - 2019-04-19 02:06 - 000274232 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2019-05-16 14:13 - 2019-04-19 02:02 - 000831800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2019-05-16 14:13 - 2019-04-19 02:01 - 001982008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2019-05-16 14:13 - 2019-04-19 02:01 - 000581592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll 2019-05-16 14:13 - 2019-04-19 02:01 - 000576016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll 2019-05-16 14:13 - 2019-04-19 02:01 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2019-05-16 14:13 - 2019-04-19 01:43 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll 2019-05-16 14:13 - 2019-04-19 01:42 - 004384256 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll 2019-05-16 14:13 - 2019-04-19 01:41 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\EduPrintProv.exe 2019-05-16 14:13 - 2019-04-19 01:40 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe 2019-05-16 14:13 - 2019-04-19 01:40 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpnServiceDS.dll 2019-05-16 14:13 - 2019-04-19 01:40 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll 2019-05-16 14:13 - 2019-04-19 01:40 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll 2019-05-16 14:13 - 2019-04-19 01:39 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2019-05-16 14:13 - 2019-04-19 01:39 - 000567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll 2019-05-16 14:13 - 2019-04-19 01:39 - 000425472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SDDS.dll 2019-05-16 14:13 - 2019-04-19 01:39 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingASDS.dll 2019-05-16 14:13 - 2019-04-19 01:39 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe 2019-05-16 14:13 - 2019-04-19 01:39 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll 2019-05-16 14:13 - 2019-04-19 01:38 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll 2019-05-16 14:13 - 2019-04-19 01:38 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll 2019-05-16 14:13 - 2019-04-19 01:38 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll 2019-05-16 14:13 - 2019-04-19 01:38 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll 2019-05-16 14:13 - 2019-04-19 01:38 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll 2019-05-16 14:13 - 2019-04-19 01:37 - 000953856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2019-05-16 14:13 - 2019-04-19 01:37 - 000445952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll 2019-05-16 14:13 - 2019-04-19 01:37 - 000397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll 2019-05-16 14:13 - 2019-04-19 01:37 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll 2019-05-16 14:13 - 2019-04-19 01:37 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll 2019-05-16 14:13 - 2019-04-19 01:37 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll 2019-05-16 14:13 - 2019-04-19 01:37 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll 2019-05-16 14:13 - 2019-04-19 01:36 - 002909696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2019-05-16 14:13 - 2019-04-19 01:36 - 001300992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll 2019-05-16 14:13 - 2019-04-19 01:36 - 000827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll 2019-05-16 14:13 - 2019-04-19 01:36 - 000814592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll 2019-05-16 14:13 - 2019-04-19 01:36 - 000546816 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll 2019-05-16 14:13 - 2019-04-19 01:36 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll 2019-05-16 14:13 - 2019-04-19 01:35 - 001938944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll 2019-05-16 14:13 - 2019-04-19 01:35 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll 2019-05-16 14:13 - 2019-04-19 01:35 - 001175552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll 2019-05-16 14:13 - 2019-04-19 01:35 - 001156608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll 2019-05-16 14:13 - 2019-04-19 01:35 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll 2019-05-16 14:13 - 2019-04-19 01:35 - 000607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll 2019-05-16 14:13 - 2019-04-19 01:35 - 000535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll 2019-05-16 14:13 - 2019-04-19 01:35 - 000523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll 2019-05-16 14:13 - 2019-04-19 01:34 - 000935936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll 2019-05-16 14:13 - 2019-04-19 01:34 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2019-05-16 14:13 - 2019-04-19 01:34 - 000885760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll 2019-05-16 14:13 - 2019-04-19 01:34 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2019-05-16 14:13 - 2019-04-19 01:34 - 000653312 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll 2019-05-16 14:13 - 2019-04-19 00:18 - 000806360 _____ C:\WINDOWS\SysWOW64\locale.nls 2019-05-16 14:13 - 2019-04-19 00:18 - 000806360 _____ C:\WINDOWS\system32\locale.nls 2019-05-16 14:13 - 2019-04-08 22:48 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll 2019-05-16 14:13 - 2019-04-08 22:48 - 000376320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll 2019-05-16 14:13 - 2019-04-08 22:48 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll 2019-05-16 14:13 - 2019-04-08 22:48 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll 2019-05-16 14:13 - 2019-04-08 22:48 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll 2019-05-16 14:12 - 2019-05-03 08:28 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll 2019-05-16 14:12 - 2019-05-03 03:00 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll 2019-05-16 14:12 - 2019-05-03 02:59 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2019-05-16 14:12 - 2019-05-03 02:58 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe 2019-05-16 14:12 - 2019-04-19 07:40 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll 2019-05-16 14:12 - 2019-04-19 01:41 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll 2019-05-16 14:12 - 2019-04-19 01:40 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetDriverInstall.dll 2019-05-16 14:12 - 2019-04-19 01:38 - 000300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll 2019-05-16 14:12 - 2019-04-19 01:36 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll 2019-05-16 14:12 - 2019-04-19 01:35 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll ==================== One month (modified) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-06-08 20:03 - 2018-04-11 20:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2019-06-08 19:55 - 2018-04-11 20:38 - 000000000 ___RD C:\Program Files\Windows Defender 2019-06-08 19:52 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\AppReadiness 2019-06-08 19:42 - 2018-05-28 17:59 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2019-06-07 17:34 - 2018-04-11 20:38 - 000000000 ___HD C:\Program Files\WindowsApps 2019-06-07 09:04 - 2018-07-11 10:00 - 000000000 ____D C:\Users\carlo\AppData\Local\AVAST Software 2019-06-07 09:02 - 2017-12-21 16:18 - 000000000 __SHD C:\Users\carlo\IntelGraphicsProfiles 2019-06-07 08:58 - 2018-05-28 18:27 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2019-06-07 08:57 - 2018-04-11 18:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2019-06-07 08:32 - 2018-05-28 18:27 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update 2019-06-06 11:33 - 2018-07-29 16:20 - 000000364 _____ C:\WINDOWS\Tasks\HPCeeScheduleForcarlo.job 2019-06-06 11:12 - 2018-07-29 16:20 - 000003256 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForcarlo 2019-06-06 11:11 - 2018-05-28 18:04 - 001970628 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2019-06-06 11:11 - 2018-04-12 13:18 - 000859224 _____ C:\WINDOWS\system32\perfh00A.dat 2019-06-06 11:11 - 2018-04-12 13:18 - 000188928 _____ C:\WINDOWS\system32\perfc00A.dat 2019-06-06 11:11 - 2018-04-11 20:36 - 000000000 ____D C:\WINDOWS\INF 2019-06-06 10:18 - 2018-07-13 19:59 - 000000000 ____D C:\Users\carlo\AppData\Local\CrashDumps 2019-06-06 10:18 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2019-06-06 10:05 - 2018-04-11 20:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2019-06-06 09:52 - 2018-01-28 13:11 - 000167872 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys 2019-06-05 22:38 - 2017-12-22 12:39 - 000002306 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2019-06-05 22:38 - 2017-12-22 12:39 - 000002265 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2019-06-05 15:46 - 2017-04-22 14:20 - 000000000 ____D C:\Program Files (x86)\Dropbox 2019-06-04 13:16 - 2018-01-26 22:18 - 000000000 ____D C:\Users\carlo\AppData\Local\Packages 2019-06-03 18:23 - 2018-01-28 13:11 - 000225608 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys 2019-06-01 11:00 - 2018-05-28 18:27 - 000003378 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2013334426-3726624131-627284932-1001 2019-06-01 11:00 - 2017-12-21 16:25 - 000000000 ___RD C:\Users\carlo\OneDrive 2019-06-01 10:59 - 2018-05-28 18:05 - 000002370 _____ C:\Users\carlo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2019-05-30 18:20 - 2018-01-28 13:11 - 000385880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys 2019-05-27 11:16 - 2019-02-13 10:27 - 000279120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys 2019-05-27 11:16 - 2019-01-17 20:53 - 000262496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys 2019-05-27 11:16 - 2019-01-17 20:53 - 000205848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys 2019-05-27 11:16 - 2019-01-17 20:53 - 000061472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys 2019-05-27 11:16 - 2019-01-17 20:53 - 000037104 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys 2019-05-27 11:16 - 2018-11-08 10:45 - 000042288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys 2019-05-27 11:16 - 2018-01-28 13:11 - 001030784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys 2019-05-27 11:16 - 2018-01-28 13:11 - 000477584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys 2019-05-27 11:16 - 2018-01-28 13:11 - 000207448 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys 2019-05-27 11:16 - 2018-01-28 13:11 - 000112312 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys 2019-05-27 11:16 - 2018-01-28 13:11 - 000087944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys 2019-05-21 16:47 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\system32\NDF 2019-05-17 20:26 - 2019-02-17 17:54 - 000000000 _RSHD C:\streamer 2019-05-17 15:27 - 2019-01-07 13:43 - 000506440 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2019-05-17 15:24 - 2018-04-11 20:38 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2019-05-17 15:24 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\TextInput 2019-05-17 15:24 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\ShellExperiences 2019-05-17 15:24 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\bcastdvr 2019-05-17 14:59 - 2017-04-22 14:20 - 000000990 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job 2019-05-17 14:59 - 2017-04-22 14:20 - 000000986 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job 2019-05-17 14:56 - 2018-04-11 20:38 - 000000000 ___SD C:\WINDOWS\system32\UNP 2019-05-17 14:56 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX 2019-05-17 14:56 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\system32\oobe 2019-05-17 14:56 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\system32\es-MX 2019-05-17 14:56 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\system32\appraiser 2019-05-17 14:56 - 2018-04-11 20:38 - 000000000 ____D C:\Program Files (x86)\Windows Defender 2019-05-17 14:34 - 2018-04-11 20:30 - 000000000 ____D C:\WINDOWS\CbsTemp 2019-05-17 11:14 - 2018-01-14 15:28 - 000000000 ____D C:\Program Files\rempl 2019-05-16 14:09 - 2017-12-22 10:04 - 000000000 ____D C:\WINDOWS\system32\MRT 2019-05-16 14:00 - 2017-12-22 10:04 - 132445408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2019-05-16 10:49 - 2018-05-28 18:27 - 000003556 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2019-05-16 10:49 - 2018-05-28 18:27 - 000003432 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore ==================== Files in the root of some directories ======= 2017-12-21 16:18 - 2019-06-08 19:42 - 000989195 _____ () C:\Users\carlo\AppData\Local\BTServer.log ==================== SigCheck =============================== (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ============================