El FRST, Primera parte
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08.11.2018
Ran by Leire (administrator) on LEIREPC (09-11-2018 15:53:31)
Running from C:\Users\Leire\Desktop
Loaded Profiles: Leire (Available Profiles: Leire)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(CHENGDU YIWO Tech Development Co., Ltd) E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\Agent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
(Piriform Ltd) C:\Users\Leire\Desktop\CCleaner\CCleaner64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
() C:\Program Files\Chaos Group\V-Ray Swarm\register-service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Malwarebytes) C:\Users\Leire\Desktop\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Chaos Software Ltd.) C:\Program Files\Chaos Group\V-Ray Swarm\swrm.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Malwarebytes) C:\Users\Leire\Desktop\Malwarebytes\Anti-Malware\mbamtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
() E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\TodoBackupService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1212560 2012-06-13] (Realtek Semiconductor)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [290064 2018-10-20] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2670056 2018-09-10] (Adobe Systems, Incorporated)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [507744 2012-04-23] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-1895503046-2164595843-4212185805-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1895503046-2164595843-4212185805-1000\...\Run: [HP OfficeJet 3830 series (NET)] => C:\Program Files\HP\HP OfficeJet 3830 series\Bin\ScanToPCActivationApp.exe [3651080 2015-03-09] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-1895503046-2164595843-4212185805-1000\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [1384840 2018-10-04] (Nota Inc.)
HKU\S-1-5-21-1895503046-2164595843-4212185805-1000\...\Run: [66fe50292] => C:\ProgramData\OkOAOn\66fe5029.exe [937776 2018-11-09] (AutoIt Team)
HKU\S-1-5-21-1895503046-2164595843-4212185805-1000\...\Run: [CCleaner Smart Cleaning] => C:\Users\Leire\Desktop\CCleaner\CCleaner64.exe [19467544 2018-10-23] (Piriform Ltd)
HKU\S-1-5-21-1895503046-2164595843-4212185805-1000\...\Run: [66fe5029] => C:\ProgramData\66fe5029\66fe5029.exe [0 ] (AutoIt Team)
HKU\S-1-5-21-1895503046-2164595843-4212185805-1000\...\Policies\Explorer: []
HKU\S-1-5-21-1895503046-2164595843-4212185805-1000\...\MountPoints2: {df6ea4af-2257-11e6-a8a1-50e549e848ee} - explorer.exe www.presto.es\index.html
HKU\S-1-5-21-1895503046-2164595843-4212185805-1000\...\MountPoints2: {fd742246-b3ae-11e5-98b0-50e549e848ee} - F:\STARTUP.EXE
HKU\S-1-5-21-1895503046-2164595843-4212185805-1000\...\MountPoints2: {fd74228d-b3ae-11e5-98b0-50e549e848ee} - K:\autorun.exe
HKU\S-1-5-18\...\Run: [GarminExpress] => E:\PROGRAMAS carpeta instalacion\Garmin express\Garmin\Express\express.exe [30796352 2018-10-24] (Garmin Ltd. or its subsidiaries)
Startup: C:\Users\Leire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\b66fe5029d0f3009021030e6f2469239.lnk [2018-11-09]
ShortcutTarget: b66fe5029d0f3009021030e6f2469239.lnk -> C:\ProgramData\HXwANso\66fe5029.exe (AutoIt Team)
Startup: C:\Users\Leire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE AORUS GRAPHICS ENGINE.lnk [2017-11-25]
ShortcutTarget: GIGABYTE AORUS GRAPHICS ENGINE.lnk -> C:\Program Files (x86)\GIGABYTE\AORUS GRAPHICS ENGINE\autorun.exe ()
Startup: C:\Users\Leire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Last.fm Desktop Scrobbler.lnk [2017-11-16]
ShortcutTarget: Last.fm Desktop Scrobbler.lnk -> C:\Users\Leire\AppData\Roaming\Microsoft\Installer\{EEF2F789-893F-47B8-A817-81066D427FD1}\_3C389C1899E83A28513401.exe ()
Startup: C:\Users\Leire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2018-04-17]
ShortcutTarget: MEGAsync.lnk -> C:\Users\Leire\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 212.142.144.66
Tcpip\..\Interfaces\{008BCA4E-6039-477D-AE3D-E0F819FBC9EF}: [DhcpNameServer] 212.142.144.66
Internet Explorer:
==================
HKU\S-1-5-21-1895503046-2164595843-4212185805-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.mega.nz/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1895503046-2164595843-4212185805-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2018-10-18] (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2018-10-18] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2018-10-18] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2018-07-20] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll [2018-10-18] (Oracle Corporation)
BHO-x32: Aplicación auxiliar de inicio de sesión en la cuenta Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> E:\PROGRAMAS carpeta instalacion\Evernote\EvernoteIE.dll [2017-12-12] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2018-10-18] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2018-10-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-10-18] (Oracle Corporation)
BHO-x32: DIALux Browser Helper Object -> {F586CB96-7091-42ec-9829-F5D5CE65AFC1} -> E:\PROGRAMAS carpeta instalacion\DIALux\Dialux.BHO_x86.dll [2013-12-10] (DIAL GmbH)
Handler-x32: dialux - {8352FA4C-39C6-11D3-ADBA-00A0244FB1A2} - E:\PROGRAMAS carpeta instalacion\DIALux\DLXToolBox.dll [2016-08-03] (DIAL GmbH, Germany)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-18] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-07-20] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-18] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-07-20] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-18] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-07-20] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-18] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-07-20] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-07-20] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-09-20] (Adobe Systems)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-10-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-10-18] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-07-20] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2018-07-20] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-03-24] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-03-24] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-09-20] (Adobe Systems)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [No File]
Chrome:
=======
CHR DefaultProfile: Profile 3
CHR HomePage: Profile 3 -> hxxp://www.google.es/
CHR StartupUrls: Profile 3 -> "hxxps://www.google.com/","hxxps://www.google.com/","hxxps://www.google.com/","hxxps://www.google.es/","hxxp://www.google.es/","hxxp://www.google.com/"
CHR Profile: C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-11-09]
CHR Profile: C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1 [2018-11-09]
CHR Extension: (Dewey Bookmarks) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aahpfefkmihhdabllidnlipghcjgpkdm [2018-02-20]
CHR Extension: (Presentaciones) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (BetterTTV) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2017-11-20]
CHR Extension: (Documentos) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Google Drive) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (YouTube) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-18]
CHR Extension: (Búsqueda de Google) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-18]
CHR Extension: (Blue-White) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cpdppflofbnccceeefenhhokdcaipacc [2017-05-29]
CHR Extension: (Adobe Acrobat) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-04]
CHR Extension: (Fontface Ninja) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eljapbgkmlngdpckoiiibecpemleclhh [2018-07-03]
CHR Extension: (Hojas de cálculo) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Gyazo) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ffdaeeijbbijklfcpahbghahojgfgebo [2018-05-25]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-21]
CHR Extension: (AdBlock) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-10-22]
CHR Extension: (Note Board - Tablón de Notas) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\goficmpcgcnombioohjcgdhbaloknabb [2018-11-08]
CHR Extension: (Botón Guardar de Pinterest) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2018-10-19]
CHR Extension: (Spotify Chrome Extension) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hbjmlahipheaaghllkabfkpolljilkjb [2015-11-18]
CHR Extension: (Player para ver Movistar+) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kenfcfndncbbggmafjjeihkdclggbojn [2018-07-05]
CHR Extension: (Hangouts de Google) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2018-05-22]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Palette Creator) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\oolpphfmdmjbojolagcbgdemojhcnlod [2018-10-02]
CHR Extension: (Evernote Web Clipper) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2018-11-01]
CHR Extension: (Gmail) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-18]
CHR Extension: (Chrome Media Router) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-19]
CHR Profile: C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 2 [2018-11-09]
CHR Extension: (Presentaciones) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-03-27]
CHR Extension: (Documentos) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2018-03-27]
CHR Extension: (Google Drive) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-03-27]
CHR Extension: (YouTube) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-03-27]
CHR Extension: (Hojas de cálculo) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-03-27]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-03-28]
CHR Extension: (Flying Paint) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\iaddkdiibkddhdbcmmplkhcpgeinggfo [2018-03-27]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-10]
CHR Extension: (Gmail) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-03-27]
CHR Extension: (Chrome Media Router) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-27]
CHR Profile: C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3 [2018-11-09]
CHR Extension: (Presentaciones) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-11-07]
CHR Extension: (Duolingo en la web) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2018-11-07]
CHR Extension: (BetterTTV) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2018-11-07]
CHR Extension: (Documentos) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2018-11-07]
CHR Extension: (Google Drive) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-11-07]
CHR Extension: (YouTube) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-11-07]
CHR Extension: (Tampermonkey) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2018-11-07]
CHR Extension: (Adobe Acrobat) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-11-07]
CHR Extension: (Ratchet & Clank Future 2) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ejhfomhehcinmhgnlhdpghklkjgppdmn [2018-11-07]
CHR Extension: (Fontface Ninja) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\eljapbgkmlngdpckoiiibecpemleclhh [2018-11-07]
CHR Extension: (¿Qué cocino hoy?) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\enadeelnincmhhilgbiphjbjnnagnhmh [2018-11-07]
CHR Extension: (Hojas de cálculo) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-11-07]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-11-07]
CHR Extension: (AdBlock) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-11-07]
CHR Extension: (Botón Guardar de Pinterest) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2018-11-07]
CHR Extension: (TweetDeck by Twitter) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\hbdpomandigafcibbmofojjchbcdagbl [2018-11-07]
CHR Extension: (Web Scrobbler) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\hhinaapppaileiechjoiifaancjggfjm [2018-11-07]
CHR Extension: (Player para ver Movistar+) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\kenfcfndncbbggmafjjeihkdclggbojn [2018-11-07]
CHR Extension: (Hangouts de Google) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\knipolnnllmklapflnccelgolnpehhpl [2018-11-07]
CHR Extension: (Google Maps) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2018-11-07]
CHR Extension: (Google Mail Checker) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2018-11-07]
CHR Extension: (Google Play Books) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\mmimngoggfoobjdlefbcabngfnmieonb [2018-11-07]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-11-07]
CHR Extension: (Visualizador de archivos PDF/PowerPoint de Google Docs) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nnbmlagghjjcbdhgmkedmbmedengocbn [2018-11-07]
CHR Extension: (Gmail) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-11-07]
CHR Extension: (Chrome Media Router) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-11-07]
CHR Profile: C:\Users\Leire\AppData\Local\Google\Chrome\User Data\System Profile [2018-11-09]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [817760 2017-09-20] (Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2910696 2018-09-10] (Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2704872 2018-09-10] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-09-07] (Apple Inc.)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [File not signed]
R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [325072 2018-10-20] (AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [8237160 2018-10-20] (AVG Technologies CZ, s.r.o.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8522520 2018-09-29] (Microsoft Corporation)
S3 DialComService; C:\Program Files (x86)\DIAL GmbH\DIAL Communication Framework\DialComService.exe [2183440 2014-12-10] (DIAL GmbH)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1443520 2016-04-12] (Disc Soft Ltd)
R2 EaseUS Agent; E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\Agent.exe [40080 2017-08-30] (CHENGDU YIWO Tech Development Co., Ltd)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 MBAMService; C:\Users\Leire\Desktop\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764456 2018-07-19] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764456 2018-07-19] (NVIDIA Corporation)
R2 vrswrm-service; C:\Program Files\Chaos Group\V-Ray Swarm\register-service.exe [90176 2018-04-09] () [File not signed]
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [2169800 2018-06-19] (Wacom Technology, Corp.)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
S3 WinDefend; %ProgramFiles%\Windows Defender\mpsvc.dll [X]
S3 WMPNetworkSvc; "%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe" [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [201264 2018-10-20] (AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdrivera.sys [230880 2018-10-20] (AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\Windows\System32\drivers\avgbidsha.sys [202296 2018-10-20] (AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\Windows\System32\drivers\avgbloga.sys [346616 2018-10-20] (AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\Windows\System32\drivers\avgbuniva.sys [59520 2018-10-20] (AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\Windows\System32\drivers\avgHwid.sys [46920 2018-10-20] (AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\Windows\System32\drivers\avgKbd.sys [42312 2018-10-20] (AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [163224 2018-10-20] (AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [111816 2018-10-20] (AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [87968 2018-10-20] (AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [1028696 2018-10-20] (AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [467760 2018-10-20] (AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\Windows\System32\drivers\avgStm.sys [208488 2018-10-20] (AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [380992 2018-10-20] (AVG Technologies CZ, s.r.o.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-05-25] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-05-25] (Disc Soft Ltd)
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [53240 2016-12-06] ()
S2 Hardlock; C:\Windows\system32\drivers\hardlock.sys [296448 2005-06-14] (Aladdin Knowledge Systems Ltd.) [File not signed]
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [198000 2018-11-09] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [260480 2018-11-09] (Malwarebytes)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30656 2018-07-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [69544 2018-06-08] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [65792 2018-04-24] (NVIDIA Corporation)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [394296 2016-05-31] (Duplex Secure Ltd.)
U5 TMUSB; C:\Windows\System32\DRIVERS\TMUSB64.SYS [63096 2015-05-25] (Seiko Epson Corporation)
S3 WacHidRouterPro; C:\Windows\System32\DRIVERS\wachidrouter.sys [115672 2018-05-30] (Wacom Technology, Corp.)
S3 XHASP; c:\windows\SysWOW64\drivers\XHASP.sys [2661376 2017-02-02] () [File not signed]
S2 XXLHASP; c:\windows\system32\drivers\XXLHASP.sys [290816 2017-02-02] () [File not signed]
S3 EtronHub3; System32\Drivers\EtronHub3.sys [X]
S3 EtronXHCI; System32\Drivers\EtronXHCI.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-11-09 15:53 - 2018-11-09 15:53 - 000034198 _____ C:\Users\Leire\Desktop\FRST.txt
2018-11-09 15:53 - 2018-11-09 15:53 - 000034198 _____ C:\Users\Leire\Desktop\FRST.txt
2018-11-09 15:52 - 2018-11-09 15:52 - 000001915 _____ C:\Users\Leire\Desktop\JRT.txt
2018-11-09 15:52 - 2018-11-09 15:52 - 000001915 _____ C:\Users\Leire\Desktop\JRT.txt
2018-11-09 15:51 - 2018-11-09 15:51 - 000001525 _____ C:\Users\Leire\Desktop\AdwCleaner[S02].txt
2018-11-09 15:51 - 2018-11-09 15:51 - 000001525 _____ C:\Users\Leire\Desktop\AdwCleaner[S02].txt
2018-11-09 15:51 - 2018-11-09 15:51 - 000000000 ____D C:\ProgramData\OkOAOn
2018-11-09 15:50 - 2018-11-09 15:50 - 000260480 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-11-09 15:45 - 2018-11-09 15:45 - 000001881 _____ C:\Users\Leire\Desktop\malwarebytes info.txt
2018-11-09 15:45 - 2018-11-09 15:45 - 000001881 _____ C:\Users\Leire\Desktop\malwarebytes info.txt
2018-11-09 14:52 - 2018-11-09 15:46 - 000198000 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2018-11-09 14:51 - 2018-11-09 14:51 - 007592144 _____ (Malwarebytes) C:\Users\Leire\Downloads\adwcleaner_7.2.4.0.exe
2018-11-09 14:48 - 2018-11-09 14:52 - 000152688 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-11-09 14:48 - 2018-11-09 14:48 - 080022264 _____ (Malwarebytes ) C:\Users\Leire\Downloads\mb3-setup-35891.35891-3.6.1.2711-1.0.463-1.0.6913.exe
2018-11-09 14:48 - 2018-11-09 14:48 - 000001710 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-11-09 14:48 - 2018-11-09 14:48 - 000000000 ____D C:\Users\Leire\Desktop\Malwarebytes
2018-11-09 14:48 - 2018-11-09 14:48 - 000000000 ____D C:\Users\Leire\Desktop\Malwarebytes
2018-11-09 14:48 - 2018-11-09 14:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-11-09 14:47 - 2018-11-09 15:35 - 000003882 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-11-09 14:47 - 2018-11-09 15:35 - 000002800 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2018-11-09 14:47 - 2018-11-09 14:47 - 000000653 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-11-09 14:47 - 2018-11-09 14:47 - 000000000 ____D C:\Users\Leire\Desktop\CCleaner
2018-11-09 14:47 - 2018-11-09 14:47 - 000000000 ____D C:\Users\Leire\Desktop\CCleaner
2018-11-09 14:47 - 2018-11-09 14:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-11-09 14:46 - 2018-11-09 14:46 - 018072104 _____ (Piriform Ltd) C:\Users\Leire\Downloads\ccsetup548 (2).exe
2018-11-09 13:29 - 2018-11-09 13:29 - 000000000 ____D C:\ProgramData\XlRDgk
2018-11-09 13:23 - 2018-11-09 13:23 - 002415616 _____ (Farbar) C:\Users\Leire\Desktop\FRST64.exe
2018-11-09 13:23 - 2018-11-09 13:23 - 002415616 _____ (Farbar) C:\Users\Leire\Desktop\FRST64.exe
2018-11-09 12:53 - 2018-11-09 12:53 - 000000256 _____ C:\DelFix.txt
2018-11-09 12:53 - 2018-11-09 12:53 - 000000000 ____D C:\Windows\ERUNT
2018-11-09 12:52 - 2018-11-09 12:52 - 000797760 _____ C:\Users\Leire\Desktop\delfix.exe
2018-11-09 12:52 - 2018-11-09 12:52 - 000797760 _____ C:\Users\Leire\Desktop\delfix.exe
2018-11-09 12:43 - 2018-11-09 12:43 - 000000000 ____D C:\ProgramData\zfwOYJ
2018-11-09 12:18 - 2018-11-09 12:18 - 018072104 _____ (Piriform Ltd) C:\Users\Leire\Downloads\ccsetup548 (1).exe
2018-11-09 11:55 - 2018-11-09 12:46 - 000084497 _____ C:\Users\Leire\Downloads\Addition.txt
2018-11-09 11:54 - 2018-11-09 15:53 - 000000000 ____D C:\FRST
2018-11-09 11:54 - 2018-11-09 12:46 - 000110201 _____ C:\Users\Leire\Downloads\FRST.txt
2018-11-09 11:49 - 2018-11-09 11:49 - 001790024 _____ (Malwarebytes) C:\Users\Leire\Desktop\JRT.exe
2018-11-09 11:49 - 2018-11-09 11:49 - 001790024 _____ (Malwarebytes) C:\Users\Leire\Desktop\JRT.exe
2018-11-09 11:49 - 2018-11-09 11:49 - 000000000 ____D C:\ProgramData\HXwANso
2018-11-09 11:06 - 2018-11-09 11:10 - 000000000 ____D C:\AdwCleaner
2018-11-09 11:06 - 2018-11-09 11:06 - 007592144 _____ (Malwarebytes) C:\Users\Leire\Desktop\adwcleaner_7.2.4.0.exe
2018-11-09 11:06 - 2018-11-09 11:06 - 007592144 _____ (Malwarebytes) C:\Users\Leire\Desktop\adwcleaner_7.2.4.0.exe
2018-11-09 09:57 - 2018-09-19 09:08 - 000343552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2018-11-09 09:57 - 2018-09-18 20:08 - 000396888 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-11-09 09:57 - 2018-09-18 19:10 - 000348976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-11-09 09:57 - 2018-09-18 06:52 - 025735168 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-11-09 09:57 - 2018-09-18 06:38 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-11-09 09:57 - 2018-09-18 06:38 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-11-09 09:57 - 2018-09-18 06:27 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-11-09 09:57 - 2018-09-18 06:26 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-11-09 09:57 - 2018-09-18 06:25 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-11-09 09:57 - 2018-09-18 06:25 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-11-09 09:57 - 2018-09-18 06:25 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-11-09 09:57 - 2018-09-18 06:25 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-11-09 09:57 - 2018-09-18 06:19 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-11-09 09:57 - 2018-09-18 06:18 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-11-09 09:57 - 2018-09-18 06:16 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-11-09 09:57 - 2018-09-18 06:15 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-11-09 09:57 - 2018-09-18 06:15 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-11-09 09:57 - 2018-09-18 06:14 - 005779456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-11-09 09:57 - 2018-09-18 06:14 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-11-09 09:57 - 2018-09-18 06:14 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-11-09 09:57 - 2018-09-18 06:09 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-11-09 09:57 - 2018-09-18 06:06 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-11-09 09:57 - 2018-09-18 06:01 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-11-09 09:57 - 2018-09-18 06:00 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-11-09 09:57 - 2018-09-18 06:00 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-11-09 09:57 - 2018-09-18 05:57 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-11-09 09:57 - 2018-09-18 05:57 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-11-09 09:57 - 2018-09-18 05:55 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-11-09 09:57 - 2018-09-18 05:53 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-11-09 09:57 - 2018-09-18 05:45 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-11-09 09:57 - 2018-09-18 05:43 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-11-09 09:57 - 2018-09-18 05:42 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-11-09 09:57 - 2018-09-18 05:41 - 002136064 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-11-09 09:57 - 2018-09-18 05:41 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-11-09 09:57 - 2018-09-18 05:39 - 015283712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-11-09 09:57 - 2018-09-18 05:35 - 004510720 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-11-09 09:57 - 2018-09-18 05:33 - 020278784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-11-09 09:57 - 2018-09-18 05:31 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-11-09 09:57 - 2018-09-18 05:23 - 001555968 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-11-09 09:57 - 2018-09-18 05:21 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-11-09 09:57 - 2018-09-18 05:21 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-11-09 09:57 - 2018-09-18 05:20 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-11-09 09:57 - 2018-09-18 05:20 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-11-09 09:57 - 2018-09-18 05:19 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-11-09 09:57 - 2018-09-18 05:18 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-11-09 09:57 - 2018-09-18 05:15 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-11-09 09:57 - 2018-09-18 05:15 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-11-09 09:57 - 2018-09-18 05:14 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-11-09 09:57 - 2018-09-18 05:13 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-11-09 09:57 - 2018-09-18 05:13 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-11-09 09:57 - 2018-09-18 05:12 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-11-09 09:57 - 2018-09-18 05:10 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-11-09 09:57 - 2018-09-18 05:06 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-11-09 09:57 - 2018-09-18 05:03 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-11-09 09:57 - 2018-09-18 05:02 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-11-09 09:57 - 2018-09-18 05:02 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-11-09 09:57 - 2018-09-18 05:00 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-11-09 09:57 - 2018-09-18 04:59 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-11-09 09:57 - 2018-09-18 04:58 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-11-09 09:57 - 2018-09-18 04:57 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-11-09 09:57 - 2018-09-18 04:57 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-11-09 09:57 - 2018-09-18 04:53 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-11-09 09:57 - 2018-09-18 04:52 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-11-09 09:57 - 2018-09-18 04:51 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-11-09 09:57 - 2018-09-18 04:50 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-11-09 09:57 - 2018-09-18 04:50 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-11-09 09:57 - 2018-09-18 04:37 - 004037632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-11-09 09:57 - 2018-09-18 04:34 - 001330176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-11-09 09:57 - 2018-09-18 04:31 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-11-09 09:57 - 2018-09-11 19:28 - 003227136 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-11-09 09:57 - 2018-09-11 19:23 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-11-09 09:57 - 2018-09-11 19:22 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-11-09 09:57 - 2018-09-09 02:02 - 005552328 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-11-09 09:57 - 2018-09-09 02:02 - 001680072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2018-11-09 09:57 - 2018-09-09 02:02 - 000986824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2018-11-09 09:57 - 2018-09-09 02:02 - 000708296 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-11-09 09:57 - 2018-09-09 02:02 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-11-09 09:57 - 2018-09-09 02:02 - 000265416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2018-11-09 09:57 - 2018-09-09 02:02 - 000262344 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-11-09 09:57 - 2018-09-09 02:02 - 000154824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-11-09 09:57 - 2018-09-09 02:02 - 000095432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-11-09 09:57 - 2018-09-09 02:01 - 001664320 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 002851840 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 002009600 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2018-11-09 09:57 - 2018-09-09 01:58 - 001461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-11-09 09:57 - 2018-09-09 01:58 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-11-09 09:57 - 2018-09-09 01:58 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-11-09 09:57 - 2018-09-09 01:58 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-11-09 09:57 - 2018-09-09 01:58 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2018-11-09 09:57 - 2018-09-09 01:58 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-11-09 09:57 - 2018-09-09 01:58 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-11-09 09:57 - 2018-09-09 01:58 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll