Problema con Trojan.Agent.AutoIt


#1

Hola, muy buenas. Tengo un problema similar al thread PROBLEMA CON Trojan.Agent.AutoIt . Paso el malwarebytes y demás herramientas pero no me termina de acabar con dicho troyano. He estado realizando los pasos que le decían al mismo forero, pero al final he visto este mensaje:

ATENCION!!! El siguiente Script de reparación fue hecho específicamente por un miembro del staff para este usuario, si tiene un problema similar por favor abra su propio tema para recibir ayuda personalizada. Usar Scripts de otros usuarios puede causar daños graves en su equipo

Y quería saber si esta solución sería aplicable para mi caso o debería realizar algún otro paso. Muchas gracias de antemano por la ayuda.


#2

Hola zeit85

Cada PC es diferente por eso no son válidos los mismos script para todos.

Pon los reportes de todos los programas que has utilizado para revisarlos.

Un saludo


#3

Vale, en los siguientes post voy a poner los informes de malwarebytes, adwcleaner, JRT y FRST


#4
Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 9/11/18
Hora del análisis: 15:39
Archivo de registro: 36dbcf04-e42d-11e8-b4cf-50e549e848ee.json

-Información del software-
Versión: 3.6.1.2711
Versión de los componentes: 1.0.463
Versión del paquete de actualización: 1.0.7769
Licencia: Prueba

-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x64
Sistema de archivos: NTFS
Usuario: LeirePC\Leire

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Cancelado
Objetos analizados: 248214
Amenazas detectadas: 3
Amenazas en cuarentena: 0
Tiempo transcurrido: 1 min, 3 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 1
Trojan.Agent.AutoIt, HKU\S-1-5-21-1895503046-2164595843-4212185805-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|66FE5029, Sin acciones por parte del usuario, [4802], [593741],1.0.7769

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 2
Trojan.Agent.AutoIt, C:\PROGRAMDATA\66FE5029\66FE5029.EXE, Sin acciones por parte del usuario, [4802], [593741],1.0.7769
Trojan.Agent.AutoIt, C:\PROGRAMDATA\66FE5029\TEST.AU3, Sin acciones por parte del usuario, [4802], [593741],1.0.7769

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

#5
# -------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build:    09-25-2018
# Database: 2018-09-21.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    11-09-2018
# Duration: 00:00:13
# OS:       Windows 7 Ultimate
# Scanned:  42056
# Detected: 1


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Adware.Heuristic            C:\ProgramData\66FE5029

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.


AdwCleaner[S00].txt - [3531 octets] - [09/11/2018 11:07:15]
AdwCleaner[C00].txt - [3313 octets] - [09/11/2018 11:10:22]
AdwCleaner[S01].txt - [1403 octets] - [09/11/2018 12:40:43]
AdwCleaner[C01].txt - [1569 octets] - [09/11/2018 12:41:09]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S02].txt ##########

#8

El de JRT

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 7 Ultimate x64 
Ran by Leire (Administrator) on 09/11/2018 at 15:51:56.09
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 9 

Failed to delete: C:\ProgramData\66fe5029 (Folder) 
Successfully deleted: C:\Users\Leire\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OJS3WOQ9 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Leire\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OQM5OXM0 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Leire\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R174CS5U (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Leire\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZJ5QWNNC (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OJS3WOQ9 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OQM5OXM0 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R174CS5U (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZJ5QWNNC (Temporary Internet Files Folder) 



Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 09/11/2018 at 15:52:46.95
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#9

El FRST, Primera parte

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08.11.2018
Ran by Leire (administrator) on LEIREPC (09-11-2018 15:53:31)
Running from C:\Users\Leire\Desktop
Loaded Profiles: Leire (Available Profiles: Leire)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(CHENGDU YIWO Tech Development Co., Ltd) E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\Agent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
(Piriform Ltd) C:\Users\Leire\Desktop\CCleaner\CCleaner64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
() C:\Program Files\Chaos Group\V-Ray Swarm\register-service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Malwarebytes) C:\Users\Leire\Desktop\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Chaos Software Ltd.) C:\Program Files\Chaos Group\V-Ray Swarm\swrm.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Malwarebytes) C:\Users\Leire\Desktop\Malwarebytes\Anti-Malware\mbamtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
() E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\TodoBackupService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1212560 2012-06-13] (Realtek Semiconductor)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [290064 2018-10-20] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2670056 2018-09-10] (Adobe Systems, Incorporated)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [507744 2012-04-23] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-1895503046-2164595843-4212185805-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1895503046-2164595843-4212185805-1000\...\Run: [HP OfficeJet 3830 series (NET)] => C:\Program Files\HP\HP OfficeJet 3830 series\Bin\ScanToPCActivationApp.exe [3651080 2015-03-09] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-1895503046-2164595843-4212185805-1000\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [1384840 2018-10-04] (Nota Inc.)
HKU\S-1-5-21-1895503046-2164595843-4212185805-1000\...\Run: [66fe50292] => C:\ProgramData\OkOAOn\66fe5029.exe [937776 2018-11-09] (AutoIt Team)
HKU\S-1-5-21-1895503046-2164595843-4212185805-1000\...\Run: [CCleaner Smart Cleaning] => C:\Users\Leire\Desktop\CCleaner\CCleaner64.exe [19467544 2018-10-23] (Piriform Ltd)
HKU\S-1-5-21-1895503046-2164595843-4212185805-1000\...\Run: [66fe5029] => C:\ProgramData\66fe5029\66fe5029.exe [0 ] (AutoIt Team)
HKU\S-1-5-21-1895503046-2164595843-4212185805-1000\...\Policies\Explorer: [] 
HKU\S-1-5-21-1895503046-2164595843-4212185805-1000\...\MountPoints2: {df6ea4af-2257-11e6-a8a1-50e549e848ee} - explorer.exe www.presto.es\index.html
HKU\S-1-5-21-1895503046-2164595843-4212185805-1000\...\MountPoints2: {fd742246-b3ae-11e5-98b0-50e549e848ee} - F:\STARTUP.EXE
HKU\S-1-5-21-1895503046-2164595843-4212185805-1000\...\MountPoints2: {fd74228d-b3ae-11e5-98b0-50e549e848ee} - K:\autorun.exe
HKU\S-1-5-18\...\Run: [GarminExpress] => E:\PROGRAMAS carpeta instalacion\Garmin express\Garmin\Express\express.exe [30796352 2018-10-24] (Garmin Ltd. or its subsidiaries)
Startup: C:\Users\Leire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\b66fe5029d0f3009021030e6f2469239.lnk [2018-11-09]
ShortcutTarget: b66fe5029d0f3009021030e6f2469239.lnk -> C:\ProgramData\HXwANso\66fe5029.exe (AutoIt Team)
Startup: C:\Users\Leire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE AORUS GRAPHICS ENGINE.lnk [2017-11-25]
ShortcutTarget: GIGABYTE AORUS GRAPHICS ENGINE.lnk -> C:\Program Files (x86)\GIGABYTE\AORUS GRAPHICS ENGINE\autorun.exe ()
Startup: C:\Users\Leire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Last.fm Desktop Scrobbler.lnk [2017-11-16]
ShortcutTarget: Last.fm Desktop Scrobbler.lnk -> C:\Users\Leire\AppData\Roaming\Microsoft\Installer\{EEF2F789-893F-47B8-A817-81066D427FD1}\_3C389C1899E83A28513401.exe ()
Startup: C:\Users\Leire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2018-04-17]
ShortcutTarget: MEGAsync.lnk -> C:\Users\Leire\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 212.142.144.66
Tcpip\..\Interfaces\{008BCA4E-6039-477D-AE3D-E0F819FBC9EF}: [DhcpNameServer] 212.142.144.66

Internet Explorer:
==================
HKU\S-1-5-21-1895503046-2164595843-4212185805-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.mega.nz/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1895503046-2164595843-4212185805-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2018-10-18] (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2018-10-18] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2018-10-18] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2018-07-20] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll [2018-10-18] (Oracle Corporation)
BHO-x32: Aplicación auxiliar de inicio de sesión en la cuenta Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> E:\PROGRAMAS carpeta instalacion\Evernote\EvernoteIE.dll [2017-12-12] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2018-10-18] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2018-10-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-10-18] (Oracle Corporation)
BHO-x32: DIALux Browser Helper Object -> {F586CB96-7091-42ec-9829-F5D5CE65AFC1} -> E:\PROGRAMAS carpeta instalacion\DIALux\Dialux.BHO_x86.dll [2013-12-10] (DIAL GmbH)
Handler-x32: dialux - {8352FA4C-39C6-11D3-ADBA-00A0244FB1A2} - E:\PROGRAMAS carpeta instalacion\DIALux\DLXToolBox.dll [2016-08-03] (DIAL GmbH, Germany)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-18] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-07-20] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-18] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-07-20] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-18] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-07-20] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-18] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-07-20] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-07-20] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-09-20] (Adobe Systems)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-10-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-10-18] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-07-20] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2018-07-20] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-03-24] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-03-24] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-09-20] (Adobe Systems)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [No File]

Chrome: 
=======
CHR DefaultProfile: Profile 3
CHR HomePage: Profile 3 -> hxxp://www.google.es/
CHR StartupUrls: Profile 3 -> "hxxps://www.google.com/","hxxps://www.google.com/","hxxps://www.google.com/","hxxps://www.google.es/","hxxp://www.google.es/","hxxp://www.google.com/"
CHR Profile: C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-11-09]
CHR Profile: C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1 [2018-11-09]
CHR Extension: (Dewey Bookmarks) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aahpfefkmihhdabllidnlipghcjgpkdm [2018-02-20]
CHR Extension: (Presentaciones) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (BetterTTV) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2017-11-20]
CHR Extension: (Documentos) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Google Drive) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (YouTube) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-18]
CHR Extension: (Búsqueda de Google) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-18]
CHR Extension: (Blue-White) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cpdppflofbnccceeefenhhokdcaipacc [2017-05-29]
CHR Extension: (Adobe Acrobat) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-04]
CHR Extension: (Fontface Ninja) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eljapbgkmlngdpckoiiibecpemleclhh [2018-07-03]
CHR Extension: (Hojas de cálculo) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Gyazo) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ffdaeeijbbijklfcpahbghahojgfgebo [2018-05-25]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-21]
CHR Extension: (AdBlock) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-10-22]
CHR Extension: (Note Board - Tablón de Notas) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\goficmpcgcnombioohjcgdhbaloknabb [2018-11-08]
CHR Extension: (Botón Guardar de Pinterest) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2018-10-19]
CHR Extension: (Spotify Chrome Extension) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hbjmlahipheaaghllkabfkpolljilkjb [2015-11-18]
CHR Extension: (Player para ver Movistar+) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kenfcfndncbbggmafjjeihkdclggbojn [2018-07-05]
CHR Extension: (Hangouts de Google) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2018-05-22]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Palette Creator) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\oolpphfmdmjbojolagcbgdemojhcnlod [2018-10-02]
CHR Extension: (Evernote Web Clipper) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2018-11-01]
CHR Extension: (Gmail) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-18]
CHR Extension: (Chrome Media Router) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-19]
CHR Profile: C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 2 [2018-11-09]
CHR Extension: (Presentaciones) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-03-27]
CHR Extension: (Documentos) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2018-03-27]
CHR Extension: (Google Drive) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-03-27]
CHR Extension: (YouTube) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-03-27]
CHR Extension: (Hojas de cálculo) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-03-27]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-03-28]
CHR Extension: (Flying Paint) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\iaddkdiibkddhdbcmmplkhcpgeinggfo [2018-03-27]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-10]
CHR Extension: (Gmail) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-03-27]
CHR Extension: (Chrome Media Router) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-27]
CHR Profile: C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3 [2018-11-09]
CHR Extension: (Presentaciones) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-11-07]
CHR Extension: (Duolingo en la web) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2018-11-07]
CHR Extension: (BetterTTV) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2018-11-07]
CHR Extension: (Documentos) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2018-11-07]
CHR Extension: (Google Drive) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-11-07]
CHR Extension: (YouTube) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-11-07]
CHR Extension: (Tampermonkey) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2018-11-07]
CHR Extension: (Adobe Acrobat) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-11-07]
CHR Extension: (Ratchet & Clank Future 2) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ejhfomhehcinmhgnlhdpghklkjgppdmn [2018-11-07]
CHR Extension: (Fontface Ninja) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\eljapbgkmlngdpckoiiibecpemleclhh [2018-11-07]
CHR Extension: (¿Qué cocino hoy?) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\enadeelnincmhhilgbiphjbjnnagnhmh [2018-11-07]
CHR Extension: (Hojas de cálculo) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-11-07]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-11-07]
CHR Extension: (AdBlock) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-11-07]
CHR Extension: (Botón Guardar de Pinterest) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2018-11-07]
CHR Extension: (TweetDeck by Twitter) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\hbdpomandigafcibbmofojjchbcdagbl [2018-11-07]
CHR Extension: (Web Scrobbler) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\hhinaapppaileiechjoiifaancjggfjm [2018-11-07]
CHR Extension: (Player para ver Movistar+) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\kenfcfndncbbggmafjjeihkdclggbojn [2018-11-07]
CHR Extension: (Hangouts de Google) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\knipolnnllmklapflnccelgolnpehhpl [2018-11-07]
CHR Extension: (Google Maps) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2018-11-07]
CHR Extension: (Google Mail Checker) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2018-11-07]
CHR Extension: (Google Play Books) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\mmimngoggfoobjdlefbcabngfnmieonb [2018-11-07]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-11-07]
CHR Extension: (Visualizador de archivos PDF/PowerPoint de Google Docs) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nnbmlagghjjcbdhgmkedmbmedengocbn [2018-11-07]
CHR Extension: (Gmail) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-11-07]
CHR Extension: (Chrome Media Router) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-11-07]
CHR Profile: C:\Users\Leire\AppData\Local\Google\Chrome\User Data\System Profile [2018-11-09]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [817760 2017-09-20] (Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2910696 2018-09-10] (Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2704872 2018-09-10] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-09-07] (Apple Inc.)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [File not signed]
R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [325072 2018-10-20] (AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [8237160 2018-10-20] (AVG Technologies CZ, s.r.o.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8522520 2018-09-29] (Microsoft Corporation)
S3 DialComService; C:\Program Files (x86)\DIAL GmbH\DIAL Communication Framework\DialComService.exe [2183440 2014-12-10] (DIAL GmbH)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1443520 2016-04-12] (Disc Soft Ltd)
R2 EaseUS Agent; E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\Agent.exe [40080 2017-08-30] (CHENGDU YIWO Tech Development Co., Ltd)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 MBAMService; C:\Users\Leire\Desktop\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764456 2018-07-19] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764456 2018-07-19] (NVIDIA Corporation)
R2 vrswrm-service; C:\Program Files\Chaos Group\V-Ray Swarm\register-service.exe [90176 2018-04-09] () [File not signed]
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [2169800 2018-06-19] (Wacom Technology, Corp.)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
S3 WinDefend; %ProgramFiles%\Windows Defender\mpsvc.dll [X]
S3 WMPNetworkSvc; "%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [201264 2018-10-20] (AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdrivera.sys [230880 2018-10-20] (AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\Windows\System32\drivers\avgbidsha.sys [202296 2018-10-20] (AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\Windows\System32\drivers\avgbloga.sys [346616 2018-10-20] (AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\Windows\System32\drivers\avgbuniva.sys [59520 2018-10-20] (AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\Windows\System32\drivers\avgHwid.sys [46920 2018-10-20] (AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\Windows\System32\drivers\avgKbd.sys [42312 2018-10-20] (AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [163224 2018-10-20] (AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [111816 2018-10-20] (AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [87968 2018-10-20] (AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [1028696 2018-10-20] (AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [467760 2018-10-20] (AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\Windows\System32\drivers\avgStm.sys [208488 2018-10-20] (AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [380992 2018-10-20] (AVG Technologies CZ, s.r.o.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-05-25] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-05-25] (Disc Soft Ltd)
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [53240 2016-12-06] ()
S2 Hardlock; C:\Windows\system32\drivers\hardlock.sys [296448 2005-06-14] (Aladdin Knowledge Systems Ltd.) [File not signed]
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [198000 2018-11-09] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [260480 2018-11-09] (Malwarebytes)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30656 2018-07-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [69544 2018-06-08] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [65792 2018-04-24] (NVIDIA Corporation)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [394296 2016-05-31] (Duplex Secure Ltd.)
U5 TMUSB; C:\Windows\System32\DRIVERS\TMUSB64.SYS [63096 2015-05-25] (Seiko Epson Corporation)
S3 WacHidRouterPro; C:\Windows\System32\DRIVERS\wachidrouter.sys [115672 2018-05-30] (Wacom Technology, Corp.)
S3 XHASP; c:\windows\SysWOW64\drivers\XHASP.sys [2661376 2017-02-02] () [File not signed]
S2 XXLHASP; c:\windows\system32\drivers\XXLHASP.sys [290816 2017-02-02] () [File not signed]
S3 EtronHub3; System32\Drivers\EtronHub3.sys [X]
S3 EtronXHCI; System32\Drivers\EtronXHCI.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-09 15:53 - 2018-11-09 15:53 - 000034198 _____ C:\Users\Leire\Desktop\FRST.txt
2018-11-09 15:53 - 2018-11-09 15:53 - 000034198 _____ C:\Users\Leire\Desktop\FRST.txt
2018-11-09 15:52 - 2018-11-09 15:52 - 000001915 _____ C:\Users\Leire\Desktop\JRT.txt
2018-11-09 15:52 - 2018-11-09 15:52 - 000001915 _____ C:\Users\Leire\Desktop\JRT.txt
2018-11-09 15:51 - 2018-11-09 15:51 - 000001525 _____ C:\Users\Leire\Desktop\AdwCleaner[S02].txt
2018-11-09 15:51 - 2018-11-09 15:51 - 000001525 _____ C:\Users\Leire\Desktop\AdwCleaner[S02].txt
2018-11-09 15:51 - 2018-11-09 15:51 - 000000000 ____D C:\ProgramData\OkOAOn
2018-11-09 15:50 - 2018-11-09 15:50 - 000260480 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-11-09 15:45 - 2018-11-09 15:45 - 000001881 _____ C:\Users\Leire\Desktop\malwarebytes info.txt
2018-11-09 15:45 - 2018-11-09 15:45 - 000001881 _____ C:\Users\Leire\Desktop\malwarebytes info.txt
2018-11-09 14:52 - 2018-11-09 15:46 - 000198000 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2018-11-09 14:51 - 2018-11-09 14:51 - 007592144 _____ (Malwarebytes) C:\Users\Leire\Downloads\adwcleaner_7.2.4.0.exe
2018-11-09 14:48 - 2018-11-09 14:52 - 000152688 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-11-09 14:48 - 2018-11-09 14:48 - 080022264 _____ (Malwarebytes ) C:\Users\Leire\Downloads\mb3-setup-35891.35891-3.6.1.2711-1.0.463-1.0.6913.exe
2018-11-09 14:48 - 2018-11-09 14:48 - 000001710 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-11-09 14:48 - 2018-11-09 14:48 - 000000000 ____D C:\Users\Leire\Desktop\Malwarebytes
2018-11-09 14:48 - 2018-11-09 14:48 - 000000000 ____D C:\Users\Leire\Desktop\Malwarebytes
2018-11-09 14:48 - 2018-11-09 14:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-11-09 14:47 - 2018-11-09 15:35 - 000003882 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-11-09 14:47 - 2018-11-09 15:35 - 000002800 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2018-11-09 14:47 - 2018-11-09 14:47 - 000000653 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-11-09 14:47 - 2018-11-09 14:47 - 000000000 ____D C:\Users\Leire\Desktop\CCleaner
2018-11-09 14:47 - 2018-11-09 14:47 - 000000000 ____D C:\Users\Leire\Desktop\CCleaner
2018-11-09 14:47 - 2018-11-09 14:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-11-09 14:46 - 2018-11-09 14:46 - 018072104 _____ (Piriform Ltd) C:\Users\Leire\Downloads\ccsetup548 (2).exe
2018-11-09 13:29 - 2018-11-09 13:29 - 000000000 ____D C:\ProgramData\XlRDgk
2018-11-09 13:23 - 2018-11-09 13:23 - 002415616 _____ (Farbar) C:\Users\Leire\Desktop\FRST64.exe
2018-11-09 13:23 - 2018-11-09 13:23 - 002415616 _____ (Farbar) C:\Users\Leire\Desktop\FRST64.exe
2018-11-09 12:53 - 2018-11-09 12:53 - 000000256 _____ C:\DelFix.txt
2018-11-09 12:53 - 2018-11-09 12:53 - 000000000 ____D C:\Windows\ERUNT
2018-11-09 12:52 - 2018-11-09 12:52 - 000797760 _____ C:\Users\Leire\Desktop\delfix.exe
2018-11-09 12:52 - 2018-11-09 12:52 - 000797760 _____ C:\Users\Leire\Desktop\delfix.exe
2018-11-09 12:43 - 2018-11-09 12:43 - 000000000 ____D C:\ProgramData\zfwOYJ
2018-11-09 12:18 - 2018-11-09 12:18 - 018072104 _____ (Piriform Ltd) C:\Users\Leire\Downloads\ccsetup548 (1).exe
2018-11-09 11:55 - 2018-11-09 12:46 - 000084497 _____ C:\Users\Leire\Downloads\Addition.txt
2018-11-09 11:54 - 2018-11-09 15:53 - 000000000 ____D C:\FRST
2018-11-09 11:54 - 2018-11-09 12:46 - 000110201 _____ C:\Users\Leire\Downloads\FRST.txt
2018-11-09 11:49 - 2018-11-09 11:49 - 001790024 _____ (Malwarebytes) C:\Users\Leire\Desktop\JRT.exe
2018-11-09 11:49 - 2018-11-09 11:49 - 001790024 _____ (Malwarebytes) C:\Users\Leire\Desktop\JRT.exe
2018-11-09 11:49 - 2018-11-09 11:49 - 000000000 ____D C:\ProgramData\HXwANso
2018-11-09 11:06 - 2018-11-09 11:10 - 000000000 ____D C:\AdwCleaner
2018-11-09 11:06 - 2018-11-09 11:06 - 007592144 _____ (Malwarebytes) C:\Users\Leire\Desktop\adwcleaner_7.2.4.0.exe
2018-11-09 11:06 - 2018-11-09 11:06 - 007592144 _____ (Malwarebytes) C:\Users\Leire\Desktop\adwcleaner_7.2.4.0.exe
2018-11-09 09:57 - 2018-09-19 09:08 - 000343552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2018-11-09 09:57 - 2018-09-18 20:08 - 000396888 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-11-09 09:57 - 2018-09-18 19:10 - 000348976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-11-09 09:57 - 2018-09-18 06:52 - 025735168 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-11-09 09:57 - 2018-09-18 06:38 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-11-09 09:57 - 2018-09-18 06:38 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-11-09 09:57 - 2018-09-18 06:27 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-11-09 09:57 - 2018-09-18 06:26 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-11-09 09:57 - 2018-09-18 06:25 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-11-09 09:57 - 2018-09-18 06:25 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-11-09 09:57 - 2018-09-18 06:25 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-11-09 09:57 - 2018-09-18 06:25 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-11-09 09:57 - 2018-09-18 06:19 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-11-09 09:57 - 2018-09-18 06:18 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-11-09 09:57 - 2018-09-18 06:16 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-11-09 09:57 - 2018-09-18 06:15 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-11-09 09:57 - 2018-09-18 06:15 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-11-09 09:57 - 2018-09-18 06:14 - 005779456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-11-09 09:57 - 2018-09-18 06:14 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-11-09 09:57 - 2018-09-18 06:14 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-11-09 09:57 - 2018-09-18 06:09 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-11-09 09:57 - 2018-09-18 06:06 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-11-09 09:57 - 2018-09-18 06:01 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-11-09 09:57 - 2018-09-18 06:00 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-11-09 09:57 - 2018-09-18 06:00 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-11-09 09:57 - 2018-09-18 05:57 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-11-09 09:57 - 2018-09-18 05:57 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-11-09 09:57 - 2018-09-18 05:55 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-11-09 09:57 - 2018-09-18 05:53 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-11-09 09:57 - 2018-09-18 05:45 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-11-09 09:57 - 2018-09-18 05:43 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-11-09 09:57 - 2018-09-18 05:42 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-11-09 09:57 - 2018-09-18 05:41 - 002136064 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-11-09 09:57 - 2018-09-18 05:41 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-11-09 09:57 - 2018-09-18 05:39 - 015283712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-11-09 09:57 - 2018-09-18 05:35 - 004510720 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-11-09 09:57 - 2018-09-18 05:33 - 020278784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-11-09 09:57 - 2018-09-18 05:31 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-11-09 09:57 - 2018-09-18 05:23 - 001555968 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-11-09 09:57 - 2018-09-18 05:21 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-11-09 09:57 - 2018-09-18 05:21 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-11-09 09:57 - 2018-09-18 05:20 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-11-09 09:57 - 2018-09-18 05:20 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-11-09 09:57 - 2018-09-18 05:19 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-11-09 09:57 - 2018-09-18 05:18 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-11-09 09:57 - 2018-09-18 05:15 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-11-09 09:57 - 2018-09-18 05:15 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-11-09 09:57 - 2018-09-18 05:14 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-11-09 09:57 - 2018-09-18 05:13 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-11-09 09:57 - 2018-09-18 05:13 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-11-09 09:57 - 2018-09-18 05:12 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-11-09 09:57 - 2018-09-18 05:10 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-11-09 09:57 - 2018-09-18 05:06 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-11-09 09:57 - 2018-09-18 05:03 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-11-09 09:57 - 2018-09-18 05:02 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-11-09 09:57 - 2018-09-18 05:02 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-11-09 09:57 - 2018-09-18 05:00 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-11-09 09:57 - 2018-09-18 04:59 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-11-09 09:57 - 2018-09-18 04:58 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-11-09 09:57 - 2018-09-18 04:57 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-11-09 09:57 - 2018-09-18 04:57 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-11-09 09:57 - 2018-09-18 04:53 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-11-09 09:57 - 2018-09-18 04:52 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-11-09 09:57 - 2018-09-18 04:51 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-11-09 09:57 - 2018-09-18 04:50 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-11-09 09:57 - 2018-09-18 04:50 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-11-09 09:57 - 2018-09-18 04:37 - 004037632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-11-09 09:57 - 2018-09-18 04:34 - 001330176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-11-09 09:57 - 2018-09-18 04:31 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-11-09 09:57 - 2018-09-11 19:28 - 003227136 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-11-09 09:57 - 2018-09-11 19:23 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-11-09 09:57 - 2018-09-11 19:22 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-11-09 09:57 - 2018-09-09 02:02 - 005552328 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-11-09 09:57 - 2018-09-09 02:02 - 001680072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2018-11-09 09:57 - 2018-09-09 02:02 - 000986824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2018-11-09 09:57 - 2018-09-09 02:02 - 000708296 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-11-09 09:57 - 2018-09-09 02:02 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-11-09 09:57 - 2018-09-09 02:02 - 000265416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2018-11-09 09:57 - 2018-09-09 02:02 - 000262344 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-11-09 09:57 - 2018-09-09 02:02 - 000154824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-11-09 09:57 - 2018-09-09 02:02 - 000095432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-11-09 09:57 - 2018-09-09 02:01 - 001664320 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 002851840 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 002009600 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2018-11-09 09:57 - 2018-09-09 01:58 - 001461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-11-09 09:57 - 2018-09-09 01:58 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-11-09 09:57 - 2018-09-09 01:58 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-11-09 09:57 - 2018-09-09 01:58 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-11-09 09:57 - 2018-09-09 01:58 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2018-11-09 09:57 - 2018-09-09 01:58 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-11-09 09:57 - 2018-09-09 01:58 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-11-09 09:57 - 2018-09-09 01:58 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll

#10

FRST Segunda parte


2018-11-09 09:57 - 2018-09-09 01:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:46 - 004054216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-11-09 09:57 - 2018-09-09 01:46 - 003959496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-11-09 09:57 - 2018-09-09 01:46 - 001314072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-11-09 09:57 - 2018-09-09 01:44 - 002755584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll
2018-11-09 09:57 - 2018-09-09 01:44 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-11-09 09:57 - 2018-09-09 01:44 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-11-09 09:57 - 2018-09-09 01:44 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2018-11-09 09:57 - 2018-09-09 01:44 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-11-09 09:57 - 2018-09-09 01:44 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-11-09 09:57 - 2018-09-09 01:44 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-11-09 09:57 - 2018-09-09 01:44 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-11-09 09:57 - 2018-09-09 01:44 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-11-09 09:57 - 2018-09-09 01:44 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-11-09 09:57 - 2018-09-09 01:44 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-11-09 09:57 - 2018-09-09 01:43 - 001391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2018-11-09 09:57 - 2018-09-09 01:43 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-11-09 09:57 - 2018-09-09 01:43 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-11-09 09:57 - 2018-09-09 01:43 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-11-09 09:57 - 2018-09-09 01:43 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-11-09 09:57 - 2018-09-09 01:43 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-11-09 09:57 - 2018-09-09 01:43 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-11-09 09:57 - 2018-09-09 01:43 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-11-09 09:57 - 2018-09-09 01:43 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-11-09 09:57 - 2018-09-09 01:43 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-11-09 09:57 - 2018-09-09 01:43 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2018-11-09 09:57 - 2018-09-09 01:42 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-11-09 09:57 - 2018-09-09 01:42 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-11-09 09:57 - 2018-09-09 01:42 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-11-09 09:57 - 2018-09-09 01:42 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-11-09 09:57 - 2018-09-09 01:42 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-11-09 09:57 - 2018-09-09 01:42 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:42 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:42 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:42 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:42 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:42 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:42 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:42 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:42 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:42 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:42 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:42 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:42 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:25 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-11-09 09:57 - 2018-09-09 01:25 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-11-09 09:57 - 2018-09-09 01:25 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-11-09 09:57 - 2018-09-09 01:25 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-11-09 09:57 - 2018-09-09 01:21 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-11-09 09:57 - 2018-09-09 01:21 - 000129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-11-09 09:57 - 2018-09-09 01:20 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-11-09 09:57 - 2018-09-09 01:18 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-11-09 09:57 - 2018-09-09 01:16 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-11-09 09:57 - 2018-09-09 01:15 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-11-09 09:57 - 2018-09-09 01:15 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2018-11-09 09:57 - 2018-09-09 01:15 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2018-11-09 09:57 - 2018-09-09 01:15 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2018-11-09 09:57 - 2018-09-09 01:15 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2018-11-09 09:57 - 2018-09-09 01:15 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-11-09 09:57 - 2018-09-09 01:13 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-11-09 09:57 - 2018-09-09 01:13 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-11-09 09:57 - 2018-09-09 01:13 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-11-09 09:57 - 2018-09-09 01:13 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-11-09 09:57 - 2018-09-09 01:12 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-11-09 09:57 - 2018-09-09 01:12 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:12 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:12 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:12 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-11-09 09:57 - 2018-08-31 16:08 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2018-11-09 09:57 - 2018-08-31 16:08 - 000340480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2018-11-09 09:57 - 2018-08-30 02:47 - 001230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2018-11-09 09:57 - 2018-08-30 02:10 - 001424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2018-11-09 09:57 - 2018-08-28 07:24 - 014637568 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2018-11-09 09:57 - 2018-08-28 07:24 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2018-11-09 09:57 - 2018-08-28 07:24 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2018-11-09 09:57 - 2018-08-28 07:24 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2018-11-09 09:57 - 2018-08-28 07:24 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2018-11-09 09:57 - 2018-08-28 07:09 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2018-11-09 09:57 - 2018-08-28 07:09 - 011411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2018-11-09 09:57 - 2018-08-28 06:52 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2018-11-09 09:57 - 2018-08-28 06:52 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2018-11-09 09:57 - 2018-08-28 06:52 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2018-11-09 09:57 - 2018-08-28 06:50 - 000243200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2018-11-09 09:57 - 2018-08-16 03:18 - 000041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2018-11-09 09:57 - 2018-08-13 22:49 - 001391856 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2018-11-09 09:57 - 2018-08-13 16:54 - 014183936 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2018-11-09 09:57 - 2018-08-13 16:54 - 001888768 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2018-11-09 09:57 - 2018-08-13 16:54 - 000687616 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2018-11-09 09:57 - 2018-08-13 16:54 - 000056832 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2018-11-09 09:57 - 2018-08-13 16:54 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2018-11-09 09:57 - 2018-08-13 16:54 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2018-11-09 09:57 - 2018-08-13 16:53 - 001867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2018-11-09 09:57 - 2018-08-13 16:40 - 012880896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2018-11-09 09:57 - 2018-08-13 16:40 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2018-11-09 09:57 - 2018-08-13 16:40 - 001241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2018-11-09 09:57 - 2018-08-13 16:40 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2018-11-09 09:57 - 2018-08-13 16:40 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2018-11-09 09:57 - 2018-08-13 16:40 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2018-11-09 09:57 - 2018-08-12 21:32 - 000378464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2018-11-09 09:57 - 2018-08-12 21:32 - 000140976 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-11-09 09:57 - 2018-08-12 21:31 - 001894496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2018-11-09 09:57 - 2018-08-12 21:31 - 000289376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2018-11-09 09:57 - 2018-08-12 21:28 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2018-11-09 09:57 - 2018-08-12 21:27 - 000680960 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-11-09 09:57 - 2018-08-12 21:14 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2018-11-09 09:57 - 2018-08-10 16:58 - 000385120 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-11-09 09:57 - 2018-08-10 16:55 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-11-09 09:57 - 2018-08-10 16:55 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2018-11-09 09:57 - 2018-08-10 16:54 - 000828928 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2018-11-09 09:57 - 2018-08-10 16:54 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2018-11-09 09:57 - 2018-08-10 16:54 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
2018-11-09 09:57 - 2018-08-10 16:54 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-11-09 09:57 - 2018-08-10 16:54 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2018-11-09 09:57 - 2018-08-10 16:53 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-11-09 09:57 - 2018-08-10 16:53 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2018-11-09 09:57 - 2018-08-10 16:45 - 000309424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2018-11-09 09:57 - 2018-08-10 16:41 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2018-11-09 09:57 - 2018-08-10 16:41 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2018-11-09 09:57 - 2018-08-10 16:40 - 000463360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2018-11-09 09:57 - 2018-08-10 16:40 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-11-09 09:57 - 2018-08-10 16:40 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2018-11-09 09:57 - 2018-08-10 16:27 - 000077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2018-11-09 09:57 - 2018-08-10 16:20 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2018-11-09 09:57 - 2018-08-10 16:13 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2018-11-09 09:57 - 2018-08-08 16:54 - 000194048 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
2018-11-09 09:57 - 2018-08-08 16:54 - 000170496 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2018-11-09 09:57 - 2018-08-08 16:40 - 000158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll
2018-11-09 09:57 - 2018-08-08 16:40 - 000142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
2018-11-09 09:57 - 2018-08-03 16:55 - 000109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2018-11-09 09:57 - 2018-08-03 16:39 - 000084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2018-11-09 09:57 - 2018-07-29 16:55 - 001110528 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2018-11-09 09:57 - 2018-07-18 16:18 - 000090112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2018-11-09 09:57 - 2018-07-06 17:09 - 000947904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2018-11-09 09:57 - 2018-06-29 16:55 - 000695808 _____ (Microsoft Corporation) C:\Windows\system32\cscsvc.dll
2018-11-09 09:57 - 2018-06-29 16:55 - 000137728 _____ (Microsoft Corporation) C:\Windows\system32\CscMig.dll
2018-11-09 09:57 - 2018-06-29 16:55 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\cscapi.dll
2018-11-09 09:57 - 2018-06-29 16:55 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\cscdll.dll
2018-11-09 09:57 - 2018-06-29 16:40 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscdll.dll
2018-11-09 09:57 - 2018-06-29 16:14 - 000516096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\csc.sys
2018-11-09 09:57 - 2018-06-29 16:09 - 000034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscapi.dll
2018-11-09 09:57 - 2018-06-27 17:01 - 000114368 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2018-11-09 09:57 - 2018-06-27 16:55 - 003246592 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2018-11-09 09:57 - 2018-06-27 16:55 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2018-11-09 09:57 - 2018-06-27 16:55 - 000484864 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2018-11-09 09:57 - 2018-06-27 16:55 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2018-11-09 09:57 - 2018-06-27 16:54 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2018-11-09 09:57 - 2018-06-27 16:54 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2018-11-09 09:57 - 2018-06-27 16:43 - 000363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2018-11-09 09:57 - 2018-06-27 16:42 - 002366464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2018-11-09 09:57 - 2018-06-27 16:42 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2018-11-09 09:57 - 2018-06-27 16:42 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2018-11-09 09:57 - 2018-06-27 16:41 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2018-11-09 09:57 - 2018-06-27 16:21 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2018-11-09 09:57 - 2018-06-27 16:16 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2018-11-09 09:57 - 2018-06-21 04:33 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2018-11-09 09:57 - 2018-06-21 04:09 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2018-11-09 09:57 - 2018-06-08 17:21 - 000369664 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2018-11-09 09:57 - 2018-06-08 17:20 - 002066432 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2018-11-09 09:57 - 2018-06-08 17:20 - 000512000 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2018-11-09 09:57 - 2018-06-08 17:20 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2018-11-09 09:57 - 2018-06-08 17:19 - 000357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2018-11-09 09:57 - 2018-06-08 17:19 - 000182272 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2018-11-09 09:57 - 2018-06-08 17:19 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2018-11-09 09:57 - 2018-06-08 16:55 - 001417728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2018-11-09 09:57 - 2018-06-08 16:55 - 000330240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll
2018-11-09 09:57 - 2018-06-08 16:55 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2018-11-09 09:57 - 2018-06-08 16:54 - 000269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2018-11-09 09:57 - 2018-06-08 16:44 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2018-11-09 09:57 - 2018-06-08 16:29 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2018-11-09 09:57 - 2018-06-08 16:28 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2018-11-09 09:57 - 2018-06-08 14:05 - 002860032 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-11-09 09:57 - 2018-06-08 14:05 - 001602048 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-11-09 09:57 - 2018-06-08 14:05 - 000783872 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-11-09 09:57 - 2018-06-08 14:05 - 000612352 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-11-09 09:57 - 2018-06-08 14:05 - 000470016 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2018-11-09 09:57 - 2018-06-08 14:05 - 000443392 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-11-09 09:57 - 2018-06-08 14:05 - 000301056 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-11-09 09:57 - 2018-06-08 14:05 - 000246272 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2018-11-09 09:57 - 2018-05-30 14:05 - 000634272 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-11-09 09:57 - 2018-05-30 14:05 - 000467856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2018-11-09 09:57 - 2018-05-30 14:05 - 000459632 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2018-11-09 09:57 - 2018-05-15 04:44 - 004120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2018-11-09 09:57 - 2018-05-15 04:44 - 001159680 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
2018-11-09 09:57 - 2018-05-15 04:44 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2018-11-09 09:57 - 2018-05-15 04:44 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2018-11-09 09:57 - 2018-05-15 04:24 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2018-11-09 09:57 - 2018-05-15 04:23 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2018-11-09 09:57 - 2018-05-15 04:13 - 003207168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2018-11-09 09:57 - 2018-05-15 04:13 - 000782848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
2018-11-09 09:57 - 2018-05-15 04:13 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2018-11-09 09:57 - 2018-05-15 04:13 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2018-11-09 09:57 - 2018-05-15 04:01 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2018-11-09 09:57 - 2018-05-15 04:01 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2018-11-09 09:57 - 2018-05-12 03:07 - 000076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2018-11-09 09:57 - 2018-05-12 03:07 - 000033152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2018-11-09 09:57 - 2018-05-12 03:07 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2018-11-09 09:57 - 2018-05-11 22:19 - 000977408 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-11-09 09:57 - 2018-05-11 22:19 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2018-11-09 09:57 - 2018-05-11 01:40 - 000741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2018-11-09 09:57 - 2018-05-11 01:40 - 000084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2018-11-09 09:57 - 2018-05-02 16:32 - 000344064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2018-11-09 09:57 - 2018-05-02 16:32 - 000325632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2018-11-09 09:57 - 2018-05-02 16:32 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2018-11-09 09:57 - 2018-05-02 16:32 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2018-11-09 09:57 - 2018-05-02 16:32 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2018-11-09 09:57 - 2018-05-02 16:32 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2018-11-09 09:57 - 2018-05-02 16:32 - 000007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2018-11-09 09:57 - 2018-04-26 14:05 - 000998912 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000918296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000065880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000063832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000021848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000020824 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000019288 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000018776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000017752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000017752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000017240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000017240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000016216 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000015704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000015704 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000015192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000014168 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000014168 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000013656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000013656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000013656 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000013152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000012632 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000011096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000011096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000011096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000011096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2018-11-09 09:57 - 2018-04-25 17:02 - 000124416 _____ (Microsoft Corporation) C:\Windows\system32\wkssvc.dll
2018-11-09 09:57 - 2018-04-25 16:18 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2018-11-09 09:57 - 2018-04-23 01:00 - 000876032 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2018-11-09 09:57 - 2018-04-23 00:40 - 000582144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2018-11-09 09:57 - 2018-04-18 17:03 - 000701952 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx
2018-11-09 09:57 - 2018-04-18 17:03 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\hhsetup.dll
2018-11-09 09:57 - 2018-04-18 16:51 - 000523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx
2018-11-09 09:57 - 2018-04-18 16:51 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhsetup.dll
2018-11-09 09:57 - 2018-04-18 16:41 - 000016896 _____ (Microsoft Corporation) C:\Windows\hh.exe
2018-11-09 09:57 - 2018-04-18 16:35 - 000015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hh.exe
2018-11-09 09:57 - 2018-04-10 17:36 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2018-11-09 09:57 - 2018-04-10 17:36 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2018-11-09 09:57 - 2018-04-10 17:35 - 001735168 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2018-11-09 09:57 - 2018-04-10 17:34 - 000525824 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2018-11-09 09:57 - 2018-04-10 17:33 - 001241600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2018-11-09 09:57 - 2018-04-10 17:32 - 000487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2018-11-09 09:57 - 2018-04-10 17:00 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2018-11-09 09:57 - 2018-04-10 16:48 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2018-11-09 09:57 - 2018-04-10 16:47 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2018-11-09 09:57 - 2018-04-10 16:47 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2018-11-09 09:57 - 2018-04-07 17:41 - 000371392 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2018-11-09 09:57 - 2018-03-14 18:16 - 000174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2018-11-09 09:57 - 2018-03-14 18:12 - 003165184 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2018-11-09 09:57 - 2018-03-14 18:12 - 000192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2018-11-09 09:57 - 2018-03-14 18:12 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2018-11-09 09:57 - 2018-03-14 18:07 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2018-11-09 09:57 - 2018-03-14 17:57 - 000573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2018-11-09 09:57 - 2018-03-14 17:57 - 000093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2018-11-09 09:57 - 2018-03-14 17:57 - 000035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2018-11-09 09:57 - 2018-03-14 17:57 - 000030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2018-11-09 09:57 - 2018-03-14 17:53 - 002651648 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2018-11-09 09:57 - 2018-03-14 17:53 - 000709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2018-11-09 09:57 - 2018-03-14 17:52 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2018-11-09 09:57 - 2018-03-14 17:52 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2018-11-09 09:57 - 2018-03-14 17:52 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2018-11-09 09:57 - 2018-03-14 17:52 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2018-11-09 09:57 - 2018-03-14 17:52 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2018-11-09 09:56 - 2018-08-28 04:48 - 000419608 _____ C:\Windows\SysWOW64\locale.nls
2018-11-09 09:56 - 2018-08-28 04:48 - 000419608 _____ C:\Windows\system32\locale.nls
2018-11-09 09:24 - 2018-11-09 09:24 - 000000000 ____D C:\Users\Leire\AppData\Local\mbamtray
2018-11-09 09:20 - 2018-11-09 09:20 - 000000000 ____D C:\Users\Leire\AppData\Local\mbam
2018-11-09 09:18 - 2018-11-09 14:48 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-11-09 09:18 - 2018-11-09 09:19 - 000000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2018-11-09 09:17 - 2018-11-09 09:18 - 020447072 _____ (Malwarebytes Corporation ) C:\Users\Leire\Downloads\malwarebytes.exe
2018-11-09 09:16 - 2018-11-09 09:16 - 018072104 _____ (Piriform Ltd) C:\Users\Leire\Downloads\ccsetup548.exe
2018-11-08 17:36 - 2018-11-09 15:50 - 000000000 ___HD C:\LEIREPC
2018-11-08 17:36 - 2018-11-09 11:49 - 000000000 ____D C:\Users\Leire\AppData\Roaming\9fba53078c5047dd39fafc3238e04439
2018-11-07 20:13 - 2018-11-07 20:13 - 000000000 ____D C:\Users\Leire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome
2018-11-07 20:12 - 2018-11-07 20:13 - 000002401 _____ C:\Users\Leire\Desktop\zeit - Chrome.lnk
2018-11-07 20:12 - 2018-11-07 20:13 - 000002401 _____ C:\Users\Leire\Desktop\zeit - Chrome.lnk
2018-11-01 19:36 - 2018-11-01 19:37 - 063471746 _____ C:\Users\Leire\Downloads\Video.mp4
2018-10-31 12:07 - 2018-10-31 12:07 - 000262521 _____ C:\Users\Leire\Desktop\dni.pdf
2018-10-31 12:07 - 2018-10-31 12:07 - 000262521 _____ C:\Users\Leire\Desktop\dni.pdf
2018-10-31 12:05 - 2018-10-31 12:05 - 000106309 _____ C:\Users\Leire\Desktop\libreta1.pdf
2018-10-31 12:05 - 2018-10-31 12:05 - 000106309 _____ C:\Users\Leire\Desktop\libreta1.pdf
2018-10-31 12:04 - 2018-10-31 12:04 - 000041783 _____ C:\Users\Leire\Desktop\Libreta.pdf
2018-10-31 12:04 - 2018-10-31 12:04 - 000041783 _____ C:\Users\Leire\Desktop\Libreta.pdf
2018-10-26 12:23 - 2018-10-26 12:23 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsignf05736531676b525
2018-10-26 12:23 - 2018-10-26 12:23 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsignc3344787b0f77951
2018-10-26 11:19 - 2018-10-26 11:19 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsignfa85f0c550789c5a
2018-10-26 11:18 - 2018-10-26 11:18 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsignbff853d241268d54
2018-10-26 11:18 - 2018-10-26 11:18 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsign80de7ef1844213d8
2018-10-26 10:47 - 2018-10-26 10:47 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsign04ba8544d8a61a3e
2018-10-26 10:30 - 2018-10-26 10:30 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsign11b4f976559144f8
2018-10-26 10:21 - 2018-10-26 10:21 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsign88e2b6f103288ccc
2018-10-26 10:21 - 2018-10-26 10:21 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsign412c39f93bc1bb94
2018-10-23 14:41 - 2018-10-23 14:41 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsignff167df890e97076
2018-10-23 14:41 - 2018-10-23 14:41 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsign291776bacbbf3324
2018-10-23 14:41 - 2018-10-23 14:41 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsign1dc2fcacef03a9b9
2018-10-23 11:17 - 2018-10-23 11:17 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsignbbf5bf2f7cc6a785
2018-10-23 11:17 - 2018-10-23 11:17 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsign47c23b35bd267647
2018-10-23 11:17 - 2018-10-23 11:17 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsign2302732c0abeba14
2018-10-23 10:28 - 2018-10-23 10:28 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsign8fbeb49dc3fc9c74
2018-10-23 10:28 - 2018-10-23 10:28 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsign507ec5370d1dc413
2018-10-23 10:28 - 2018-10-23 10:28 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsign41d919dedee29dc1
2018-10-23 08:21 - 2018-10-23 08:21 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsign3e38f30101716786
2018-10-23 08:21 - 2018-10-23 08:21 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsign2f63bb862c82506c
2018-10-23 08:21 - 2018-10-23 08:21 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsign1a0a49435969163f
2018-10-22 19:30 - 2018-10-22 19:30 - 001960571 _____ C:\Users\Leire\Desktop\Papeles notaría.pdf
2018-10-22 19:30 - 2018-10-22 19:30 - 001960571 _____ C:\Users\Leire\Desktop\Papeles notaría.pdf
2018-10-20 14:13 - 2018-10-20 14:12 - 000378640 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe
2018-10-20 14:13 - 2018-10-20 14:12 - 000042312 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgKbd.sys
2018-10-16 15:20 - 2018-10-16 15:20 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsign52016de26ffdc421
2018-10-16 15:20 - 2018-10-16 15:20 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsign4b69de17f2c1827d
2018-10-16 15:20 - 2018-10-16 15:20 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsign189e8ac1e1e978e8
2018-10-16 15:18 - 2018-10-16 15:18 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsign496607702fa57a0e
2018-10-16 11:39 - 2018-10-16 11:39 - 000913341 _____ C:\Users\Leire\Downloads\26bf251c754cb274674d0cb8c1dfe1ca3e0d833b.pdf
2018-10-16 11:20 - 2018-10-16 11:20 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsign1b11e4f108882f0a
2018-10-16 11:15 - 2018-10-16 11:15 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsigne6626ad0adef73e0
2018-10-16 10:01 - 2018-10-16 10:01 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsign144973847d5c9ff2
2018-10-16 09:55 - 2018-10-16 09:55 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsignb6c0edf0890260a4
2018-10-16 09:51 - 2018-10-16 09:51 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsignef46af85d8407a0f
2018-10-16 09:51 - 2018-10-16 09:51 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsign279d0d186db501d5
2018-10-16 09:51 - 2018-10-16 09:51 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsign06332dd15cdcde55
2018-10-12 16:36 - 2018-10-12 16:36 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsignbaaff5f4146471db
2018-10-12 16:35 - 2018-10-12 16:35 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsign6d173fef8d0f5b30
2018-10-12 16:35 - 2018-10-12 16:35 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsign6044aa75f4e4dd2e
2018-10-12 15:50 - 2018-10-12 15:50 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsignf265819ce80f549b
2018-10-12 15:50 - 2018-10-12 15:50 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsign6bce213e7d91a69a
2018-10-12 15:35 - 2018-10-12 15:35 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsignd814a945482c0e8a
2018-10-12 14:40 - 2018-10-12 14:40 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsignd5c95fb794c84b3d
2018-10-12 14:40 - 2018-10-12 14:40 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsignb7211644fbd86bfe
2018-10-12 14:36 - 2018-10-12 14:36 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsignc1ea15709d9e56bf
2018-10-12 11:54 - 2018-10-12 11:54 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsignc9a23a7c0dd58138
2018-10-12 11:54 - 2018-10-12 11:54 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsignbea5b646710de86a
2018-10-12 11:54 - 2018-10-12 11:54 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsign33424a8217d9ff52
2018-10-11 09:46 - 2018-10-11 09:46 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsign0039306cb1ec7eb5
2018-10-11 09:45 - 2018-10-11 09:45 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsignf7365f31cc8757f1
2018-10-11 09:45 - 2018-10-11 09:45 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsign3a5a0e6c265df80d

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-09 15:52 - 2015-11-17 18:46 - 000000000 ____D C:\ProgramData\NVIDIA
2018-11-09 15:50 - 2017-09-14 14:43 - 000000000 ____D C:\Users\Leire\AppData\Local\CrashDumps
2018-11-09 15:50 - 2016-05-24 05:55 - 000000000 ____D C:\Users\Leire\AppData\Roaming\WTablet
2018-11-09 15:50 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-11-09 15:49 - 2009-07-14 05:45 - 000025600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-11-09 15:49 - 2009-07-14 05:45 - 000025600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-11-09 15:35 - 2018-06-14 15:55 - 000003798 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-11-09 15:35 - 2018-06-14 15:55 - 000003790 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-11-09 15:35 - 2018-06-14 15:54 - 000003792 _____ C:\Windows\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-11-09 15:35 - 2018-06-14 15:54 - 000003792 _____ C:\Windows\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-11-09 15:35 - 2018-06-14 15:54 - 000003792 _____ C:\Windows\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-11-09 15:35 - 2018-05-09 09:41 - 000003940 _____ C:\Windows\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-11-09 15:35 - 2018-03-19 16:02 - 000003346 _____ C:\Windows\System32\Tasks\SamsungMagician
2018-11-09 15:35 - 2018-02-27 21:17 - 000002982 _____ C:\Windows\System32\Tasks\{68656588-3BCC-4BA6-A460-6E0D9010729A}
2018-11-09 15:35 - 2018-02-27 20:08 - 000002982 _____ C:\Windows\System32\Tasks\{95304FB1-B750-4C95-959F-60AB60262AA8}
2018-11-09 15:35 - 2018-01-31 15:50 - 000003456 _____ C:\Windows\System32\Tasks\AdobeGCInvoker-1.0-LeirePC-Leire
2018-11-09 15:35 - 2017-12-13 11:25 - 000003172 _____ C:\Windows\System32\Tasks\{D716DE4F-F474-48E6-AE81-EBFEA1520A72}
2018-11-09 15:35 - 2017-12-01 14:07 - 000002910 _____ C:\Windows\System32\Tasks\{F1BD5EC7-15AC-475A-9F31-7A5F74AC1419}
2018-11-09 15:35 - 2017-11-25 13:06 - 000004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-11-09 15:35 - 2017-11-25 12:54 - 000003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-11-09 15:35 - 2017-11-25 12:54 - 000003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-11-09 15:35 - 2017-11-25 12:54 - 000003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-11-09 15:35 - 2017-11-25 12:54 - 000003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-11-09 15:35 - 2017-10-30 14:41 - 000002950 _____ C:\Windows\System32\Tasks\{0DAC133D-B375-453F-B2D8-7686ADB20A25}
2018-11-09 15:35 - 2017-10-30 14:15 - 000002950 _____ C:\Windows\System32\Tasks\{F3F67E1B-4064-45B3-A3A7-3C77FA577DEE}
2018-11-09 15:35 - 2017-10-30 14:14 - 000002950 _____ C:\Windows\System32\Tasks\{742AAC86-20A7-4B7E-BA09-5CDD4787F631}
2018-11-09 15:35 - 2017-07-28 09:21 - 000003170 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1895503046-2164595843-4212185805-1000
2018-11-09 15:35 - 2017-04-15 16:22 - 000003604 _____ C:\Windows\System32\Tasks\GarminUpdaterTask
2018-11-09 15:35 - 2017-03-27 16:08 - 000004174 _____ C:\Windows\System32\Tasks\Antivirus Emergency Update
2018-11-09 15:35 - 2017-01-29 10:49 - 000003152 _____ C:\Windows\System32\Tasks\{D9258C07-F885-49F0-87D8-22EDA70742E5}
2018-11-09 15:35 - 2017-01-29 10:48 - 000003220 _____ C:\Windows\System32\Tasks\{A409177E-88DA-440B-B4C2-4324B118DE7A}
2018-11-09 15:35 - 2016-12-15 08:03 - 000003406 _____ C:\Windows\System32\Tasks\GyazoUpdateTaskMachineDaily
2018-11-09 15:35 - 2016-12-15 08:03 - 000003280 _____ C:\Windows\System32\Tasks\GyazoUpdateTaskMachine
2018-11-09 15:35 - 2016-10-24 10:30 - 000004474 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-11-09 15:35 - 2016-10-24 10:30 - 000004320 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-11-09 15:35 - 2016-01-05 15:59 - 000003068 _____ C:\Windows\System32\Tasks\{18E33739-9B6C-4834-B587-A4B0DC39D839}
2018-11-09 15:35 - 2016-01-05 15:59 - 000003068 _____ C:\Windows\System32\Tasks\{1374C2A1-C4EC-4E4D-BE95-4D1D88136866}
2018-11-09 15:35 - 2015-11-17 22:03 - 000003158 _____ C:\Windows\System32\Tasks\{B044483D-22F7-4BC2-97F8-E44F6A3D6455}
2018-11-09 15:35 - 2015-11-17 21:40 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-11-09 15:35 - 2015-11-17 17:20 - 000003534 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-11-09 15:35 - 2015-11-17 17:20 - 000003406 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-11-09 14:55 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2018-11-09 14:43 - 2011-04-12 10:10 - 000747494 _____ C:\Windows\system32\perfh00A.dat
2018-11-09 14:43 - 2011-04-12 10:10 - 000158966 _____ C:\Windows\system32\perfc00A.dat
2018-11-09 14:43 - 2009-07-14 06:13 - 001677306 _____ C:\Windows\system32\PerfStringBackup.INI
2018-11-09 12:38 - 2015-11-17 17:19 - 000204872 _____ C:\Users\Leire\AppData\Local\GDIPFONTCACHEV1.DAT
2018-11-09 12:38 - 2009-07-14 05:45 - 006045704 _____ C:\Windows\system32\FNTCACHE.DAT
2018-11-09 12:04 - 2015-11-17 19:00 - 001650956 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-11-09 10:16 - 2015-11-17 21:31 - 000000000 ____D C:\Windows\system32\appraiser
2018-11-09 10:04 - 2015-11-17 22:57 - 000000000 ____D C:\Windows\system32\MRT
2018-11-09 10:01 - 2015-11-17 22:57 - 136745976 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-11-09 09:22 - 2016-01-05 15:34 - 000000000 ____D C:\Users\Leire\AppData\Roaming\DAEMON Tools Lite
2018-11-09 09:22 - 2015-11-21 12:21 - 000000000 ____D C:\Users\Leire\AppData\Roaming\PhotoScape
2018-11-09 09:22 - 2015-11-17 22:05 - 000000000 ____D C:\Users\Leire\AppData\Roaming\uTorrent
2018-11-09 09:21 - 2017-10-24 17:58 - 000000000 ____D C:\Windows\Minidump
2018-11-09 09:21 - 2015-11-17 13:42 - 000000000 ____D C:\Windows\Panther
2018-11-09 09:14 - 2009-07-14 06:08 - 000032592 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-11-08 21:20 - 2018-03-13 19:10 - 000007651 _____ C:\Users\Leire\AppData\Local\resmon.resmoncfg
2018-10-29 19:02 - 2018-06-27 19:47 - 000001310 _____ C:\Users\Public\Desktop\Skype.lnk
2018-10-29 19:02 - 2018-06-27 19:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2018-10-26 12:22 - 2017-09-15 11:58 - 000000034 _____ C:\Users\Leire\AppData\Roaming\AdobeWLCMCache.dat
2018-10-26 09:04 - 2017-04-15 16:22 - 000001800 _____ C:\Users\Public\Desktop\Garmin Express.lnk
2018-10-26 09:04 - 2017-04-15 16:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2018-10-26 09:04 - 2016-01-04 19:16 - 000000000 ____D C:\ProgramData\Package Cache
2018-10-25 10:18 - 2015-11-17 21:40 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-10-25 09:55 - 2016-11-03 19:44 - 000000000 ____D C:\Users\Leire\Documents\Archivos de Outlook
2018-10-25 08:15 - 2015-11-17 17:21 - 000002222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-10-20 14:19 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF
2018-10-20 14:12 - 2017-11-27 12:40 - 000201264 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArPot.sys
2018-10-20 14:12 - 2017-03-27 16:08 - 001028696 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys
2018-10-20 14:12 - 2017-03-27 16:08 - 000467760 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys
2018-10-20 14:12 - 2017-03-27 16:08 - 000380992 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgVmm.sys
2018-10-20 14:12 - 2017-03-27 16:08 - 000346616 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbloga.sys
2018-10-20 14:12 - 2017-03-27 16:08 - 000230880 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdrivera.sys
2018-10-20 14:12 - 2017-03-27 16:08 - 000208488 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgStm.sys
2018-10-20 14:12 - 2017-03-27 16:08 - 000202296 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsha.sys
2018-10-20 14:12 - 2017-03-27 16:08 - 000163224 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys
2018-10-20 14:12 - 2017-03-27 16:08 - 000111816 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys
2018-10-20 14:12 - 2017-03-27 16:08 - 000087968 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys
2018-10-20 14:12 - 2017-03-27 16:08 - 000059520 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbuniva.sys
2018-10-20 14:12 - 2017-03-27 16:08 - 000046920 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgHwid.sys
2018-10-19 07:57 - 2016-03-10 14:49 - 000000000 ___RD C:\Users\Leire\Documents\OneDrive
2018-10-19 07:57 - 2016-03-10 14:19 - 000002156 _____ C:\Users\Leire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2018-10-19 07:42 - 2016-03-10 14:03 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-10-19 07:42 - 2015-11-17 21:56 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2018-10-19 07:42 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2018-10-18 12:01 - 2015-11-17 18:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-10-18 12:01 - 2015-11-17 18:22 - 000000000 ____D C:\Program Files (x86)\Java
2018-10-18 12:00 - 2015-11-17 18:22 - 000098680 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

==================== Files in the root of some directories =======

2018-11-09 15:51 - 2018-11-09 15:51 - 000001525 _____ () C:\Users\Leire\Desktop\AdwCleaner[S02].txt
2018-11-09 11:06 - 2018-11-09 11:06 - 007592144 _____ (Malwarebytes) C:\Users\Leire\Desktop\adwcleaner_7.2.4.0.exe
2015-11-17 23:25 - 2015-09-25 16:45 - 007119872 _____ (Sand Studio) C:\Users\Leire\Desktop\AirDroid.exe
2016-01-26 13:20 - 2018-09-18 12:22 - 000000743 _____ () C:\Users\Leire\Desktop\Aitor.lnk
2015-11-17 22:06 - 2008-11-05 11:51 - 000203965 _____ () C:\Users\Leire\Desktop\always-on-top.exe
2018-11-09 12:52 - 2018-11-09 12:52 - 000797760 _____ () C:\Users\Leire\Desktop\delfix.exe
2018-09-12 08:24 - 2018-09-12 08:24 - 000002126 _____ () C:\Users\Leire\Desktop\Discord.lnk
2018-10-31 12:07 - 2018-10-31 12:07 - 000262521 _____ () C:\Users\Leire\Desktop\dni.pdf
2018-02-09 11:45 - 2018-02-09 11:45 - 000000605 _____ () C:\Users\Leire\Desktop\Evernote.lnk
2018-11-09 15:53 - 2018-11-09 15:53 - 000108879 _____ () C:\Users\Leire\Desktop\FRST.txt
2018-11-09 13:23 - 2018-11-09 13:23 - 002415616 _____ (Farbar) C:\Users\Leire\Desktop\FRST64.exe
2017-12-14 18:17 - 2018-01-09 13:15 - 000000953 _____ () C:\Users\Leire\Desktop\Graphic DESIGN.lnk
2017-09-18 16:25 - 2017-09-18 16:25 - 000001234 _____ () C:\Users\Leire\Desktop\HP Scan.lnk
2017-12-13 11:40 - 2017-12-13 11:36 - 000001629 _____ () C:\Users\Leire\Desktop\Illustrator.lnk
2017-12-12 11:35 - 2017-12-12 11:35 - 000001445 _____ () C:\Users\Leire\Desktop\InDesign.lnk
2018-05-04 10:08 - 2018-05-04 10:09 - 000000882 _____ () C:\Users\Leire\Desktop\Interiorismo & Deco.lnk
2018-07-13 09:37 - 2018-03-19 16:02 - 000001401 _____ () C:\Users\Leire\Desktop\Internet Explorer.lnk
2018-11-09 11:49 - 2018-11-09 11:49 - 001790024 _____ (Malwarebytes) C:\Users\Leire\Desktop\JRT.exe
2018-11-09 15:52 - 2018-11-09 15:52 - 000001915 _____ () C:\Users\Leire\Desktop\JRT.txt
2016-07-02 11:12 - 2018-09-18 12:24 - 000000762 _____ () C:\Users\Leire\Desktop\Leiric.lnk
2018-10-31 12:04 - 2018-10-31 12:04 - 000041783 _____ () C:\Users\Leire\Desktop\Libreta.pdf
2018-10-31 12:05 - 2018-10-31 12:05 - 000106309 _____ () C:\Users\Leire\Desktop\libreta1.pdf
2018-11-09 15:45 - 2018-11-09 15:45 - 000001881 _____ () C:\Users\Leire\Desktop\malwarebytes info.txt
2018-10-22 19:30 - 2018-10-22 19:30 - 001960571 _____ () C:\Users\Leire\Desktop\Papeles notaría.pdf
2017-01-03 12:18 - 2017-01-03 12:18 - 000000778 _____ () C:\Users\Leire\Desktop\PhotoScape.lnk
2018-10-01 12:03 - 2018-10-01 12:03 - 000001688 _____ () C:\Users\Leire\Desktop\Photoshop.lnk
2015-11-27 22:09 - 2018-04-07 15:00 - 000007168 ____H () C:\Users\Leire\Desktop\photothumb.db
2018-08-28 10:52 - 2018-08-28 10:54 - 000000868 _____ () C:\Users\Leire\Desktop\Plan de Empresa.lnk
2017-01-03 11:53 - 2017-01-03 11:53 - 000001767 _____ () C:\Users\Leire\Desktop\Spotify.lnk
2018-11-07 20:12 - 2018-11-07 20:13 - 000002401 _____ () C:\Users\Leire\Desktop\zeit - Chrome.lnk
2018-05-22 18:49 - 2018-05-22 18:49 - 000000813 _____ () C:\Users\Leire\Desktop\µTorrent.lnk
2017-12-20 17:14 - 2018-01-08 12:04 - 000000132 _____ () C:\Users\Leire\AppData\Roaming\Adobe IllExport Filter CS6 Prefs
2016-07-14 08:35 - 2018-03-27 18:38 - 000000132 _____ () C:\Users\Leire\AppData\Roaming\Adobe PNG Format CS6 Prefs
2017-09-15 11:58 - 2018-10-26 12:22 - 000000034 _____ () C:\Users\Leire\AppData\Roaming\AdobeWLCMCache.dat
2018-04-30 18:57 - 2018-09-20 14:48 - 000000132 _____ () C:\Users\Leire\AppData\Roaming\Prefs. de formato PNG de Adobe CS6
2018-09-28 08:20 - 2018-09-28 08:20 - 000000000 _____ () C:\Users\Leire\AppData\Local\oobelibMkey.log
2018-03-13 19:10 - 2018-11-08 21:20 - 000007651 _____ () C:\Users\Leire\AppData\Local\resmon.resmoncfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-11-05 14:05

==================== End of FRST.txt ============================

#11

Addition, Primera parte

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08.11.2018
Ran by Leire (09-11-2018 15:53:56)
Running from C:\Users\Leire\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2015-11-17 12:47:41)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-1895503046-2164595843-4212185805-500 - Administrator - Disabled)
Invitado (S-1-5-21-1895503046-2164595843-4212185805-501 - Limited - Disabled)
Leire (S-1-5-21-1895503046-2164595843-4212185805-1000 - Administrator - Enabled) => C:\Users\Leire

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG Antivirus (Enabled - Up to date) {4FC75CA5-1654-5411-7CFB-1893D506BCF4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Antivirus (Enabled - Up to date) {F4A6BD41-306E-5B9F-464B-23E1AE81F649}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1895503046-2164595843-4212185805-1000\...\uTorrent) (Version: 3.5.4.44846 - BitTorrent Inc.)
Actualización de NVIDIA 31.2.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.2.0.0 - NVIDIA Corporation) Hidden
adobe (HKLM\...\{DC92137A-66A3-4FEF-A5B1-FB233399C823}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.008.20080 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.3.0.256 - Adobe Systems Incorporated)
Adobe Flash Player 31 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 31.0.0.122 - Adobe Systems Incorporated)
Adobe Illustrator CC 2017 (HKLM-x32\...\ILST_21_0_0) (Version: 21.0.0 - Adobe Systems Incorporated)
Adobe InDesign CC 2017 (HKLM-x32\...\IDSN_12_0_0) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_1_1) (Version: 18.1.1 - Adobe Systems Incorporated)
ANT Drivers Installer x64 (HKLM\...\{D559687A-60C5-4786-9429-C21EC195789D}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
AORUS GRAPHICS ENGINE (HKLM-x32\...\AORUS GRAPHICS ENGINE_is1) (Version: 1.2.3 - GIGABYTE Technology Co.,Inc.)
Apple Application Support (32 bits) (HKLM-x32\...\{3D1290E6-1F77-46D5-A715-A56679C8D4E3}) (Version: 6.0.2 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{D0E45DEC-F4B9-4370-A9DF-66837789C2EF}) (Version: 6.0.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E3C4B99B-BE71-4C27-8E3C-4FAE3C46E1D5}) (Version: 11.0.0.30 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
ARCHICAD 20 SPA (HKLM\...\001FFF2FFF20FF00FF2101F01F02F000-R1) (Version: 20.0 - GRAPHISOFT)
AutoCAD 2014 - Español (Spanish) (HKLM\...\{5783F2D7-D001-0000-0102-0060B0CE6BBA}) (Version: 19.1.18.0 - Autodesk) Hidden
AutoCAD 2014 - Español (Spanish) (HKLM\...\{5783F2D7-D001-040A-2102-0060B0CE6BBA}) (Version: 19.1.18.0 - Autodesk) Hidden
AutoCAD 2014  Language Pack - Español (Spanish) (HKLM\...\{5783F2D7-D001-040A-1102-0060B0CE6BBA}) (Version: 19.1.18.0 - Autodesk) Hidden
Autodesk A360 Collaboration for Revit 2017 (HKLM\...\Autodesk A360 Collaboration for Revit 2017) (Version: 17.0.416.0 - Autodesk)
Autodesk App Manager (HKLM-x32\...\{C070121A-C8C5-4D52-9A7D-D240631BD433}) (Version: 1.1.0 - Autodesk)
Autodesk AutoCAD 2014 - Español (Spanish) (HKLM\...\AutoCAD 2014 - Español (Spanish)) (Version: 19.1.18.0 - Autodesk)
Autodesk BIM 360 Revit 2017 Add-in 64 bit (HKLM\...\{A26EBAD5-9591-407F-9D6C-C7A4F3DFE506}) (Version: 4.37.6853 - Autodesk)
Autodesk Content Service (HKLM-x32\...\{62F029AB-85F2-0000-866A-9FC0DD99DDBC}) (Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.1.3.0 - Autodesk)
Autodesk Content Service Language Pack (HKLM-x32\...\{62F029AB-85F2-0001-866A-9FC0DD99DDBC}) (Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Featured Apps (HKLM-x32\...\{F732FEDA-7713-4428-934B-EF83B8DD65D0}) (Version: 1.1.0 - Autodesk)
Autodesk License Service (x64) - 3.1 (HKLM\...\{EB6FE58F-8576-4272-BB9C-6B47D9EDFA4D}) (Version: 3.1.26.0 - Autodesk)
Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library 2016 (HKLM-x32\...\{29A7D6EC-63C2-42FD-8143-5812ABD2923F}) (Version: 6.3.0.18 - Autodesk)
Autodesk Material Library 2017 (HKLM-x32\...\{8FB9F735-D64C-4991-8D91-4CDDAB1ABDEE}) (Version: 15.11.3.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2016 (HKLM-x32\...\{6B4CFC6E-ECB0-47FE-95D3-65C680ED0687}) (Version: 6.3.0.18 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2017 (HKLM-x32\...\{3FBFBC43-9882-43FA-B979-2D53896747B3}) (Version: 15.11.3.0 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2016 (HKLM-x32\...\{FA5DF4D1-CD59-4183-B3D4-779A56498786}) (Version: 6.3.0.18 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2017 (HKLM-x32\...\{360AC116-6CD4-4E7D-8174-28D47B05E898}) (Version: 15.11.3.0 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2016 (HKLM-x32\...\{415A5A54-325E-4815-9940-62A889CA3877}) (Version: 6.3.0.18 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2017 (HKLM-x32\...\{CB6E007E-701D-42CD-AF0E-4BE9C36C7F7C}) (Version: 15.11.3.0 - Autodesk)
Autodesk Revit 2017 (HKLM\...\Autodesk Revit 2017) (Version: 17.0.416.0 - Autodesk)
Autodesk Revit 2017 (HKLM\...\Revit 2017) (Version:  - )
Autodesk Revit Content Libraries 2017 - Español (Spanish) (HKLM\...\Autodesk Revit Content Libraries 2017 - Español (Spanish)) (Version: 17.0.416.0 - Autodesk)
Autodesk Revit Content Libraries 2017 - Español (Spanish) (HKLM\...\Revit Content Libraries 2017 - Español (Spanish)) (Version:  - )
Autodesk Revit MEP Imperial Content v2.0 (HKLM\...\{F2538944-3E07-4E97-B41A-FC48AB53EE9D}) (Version: 2.0 - Autodesk)
Autodesk Revit MEP Metric Content v2.0 (HKLM\...\{DEF775C7-84BF-4730-976A-FE3747F1757C}) (Version: 2.0 - Autodesk)
Autodesk Workflows 2016 (HKLM\...\{535CDED0-D690-4738-83EE-09056A365BAC}) (Version: 6.3.0.18 - Autodesk, Inc.)
Autodesk Workflows 2017 (HKLM\...\{23A13F78-5B67-441A-ABF9-48BE8B5455DB}) (Version: 15.11.13.0 - Autodesk, Inc.)
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 18.7.3069 - AVG Technologies)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Brackets (HKLM-x32\...\{9CB3A036-0B7E-49B7-A60B-291E245CA6B2}) (Version: 1.13.17696 - brackets.io)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.71.1081 - AB Team, d.o.o.)
calibre (HKLM-x32\...\{71640766-157F-4DE8-B45F-69B76B0F5FCE}) (Version: 3.31.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.48 - Piriform)
CE3X v2.3 (HKLM-x32\...\{7139BD7B-FC0B-435F-8E79-63D7CCDA2BA8}_is1) (Version:  - Certificacion Energetica SL)
CERMA_v4_2 versión 4.2 (HKLM-x32\...\{2699707D-1815-4CED-928A-95F231A6C6F6}_is1) (Version: 4.2 - )
ComicRack v0.9.178 (HKLM\...\ComicRack) (Version: v0.9.178 - cYo Soft)
Commandos 2: Men of Courage (HKLM-x32\...\{F7963BA0-EE1C-11D4-9FA5-00A0C9E6A342}) (Version:  - )
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.3.0.0156 - Disc Soft Ltd)
DIAL Communication Framework (HKLM-x32\...\{562D0D31-FBAF-4505-8B27-4EC92EEA91D6}) (Version: 1.3.1.215 - DIAL GmbH)
DIAL Data Dispatcher (HKLM-x32\...\DIAL Data Dispatcher1.0) (Version: 1.0 - DIAL GmbH)
DIALux 4.13 (HKLM-x32\...\DIALux) (Version: 4.13.0.0 - DIAL GmbH)
DIALux evo (x64) (HKLM-x32\...\{5FF70775-5D3A-4A26-B9ED-1BF642E9987C}) (Version: 5.6.2.31925 - DIAL GmbH)
Discord (HKU\S-1-5-21-1895503046-2164595843-4212185805-1000\...\Discord) (Version: 0.0.301 - Discord Inc.)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.13 - Dolby Laboratories Inc)
Dynamo 0.9.1 (HKLM\...\{85626FB3-CAF9-49C1-AA28-E3C75164BD6F}) (Version: 0.9.1.4062 - Autodesk)
EaseUS Todo Backup Free 10.6 (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 10.6 - CHENGDU YIWO Tech Development Co., Ltd)
Elevated Installer (HKLM-x32\...\{0BF90608-2F95-4C7C-9A85-E90E0CAF4FE9}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries) Hidden
Europa Universalis IV (HKLM-x32\...\Europa Universalis IV_is1) (Version:  - Paradox Interactive)
Evernote v. 6.8.7 (HKLM-x32\...\{A304C34E-DFC3-11E7-88DB-005056951CAD}) (Version: 6.8.7.6387 - Evernote Corp.)
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
FormIt 360 Converter For Revit 2017 (HKLM\...\{637211B6-D2E9-474A-BF06-4F61F1254104}) (Version: 1.9.0.0 - Autodesk)
Galería de fotos (HKLM-x32\...\{198CEF22-A27F-4DC7-9B66-2C22A4B1CA09}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Garmin BaseCamp (HKLM-x32\...\{23A4DBD1-D847-4957-995D-8B1CC527E2E2}) (Version: 4.6.2.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{95D0EADA-5123-41C0-931A-F37946BC0E8E}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{eab4691c-4022-41cd-8d39-c3097ba62d4b}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries)
Gestión de Control de Calidad (HKLM-x32\...\{E03C5878-2AF9-4217-8D7B-F633EE42BB45}) (Version: 1.00.0000 - hxxp://www.iccl.es) Hidden
Gestión de Control de Calidad (HKLM-x32\...\InstallShield_{E03C5878-2AF9-4217-8D7B-F633EE42BB45}) (Version: 1.00.0000 - hxxp://www.iccl.es)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.77 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
GRAPHISOFT BIMcloud - Administrador de Servidor BIM 20 SPA (HKLM\...\109FFF2FFF20FF00FF2101F02F02F000-R1) (Version: 20.0 - GRAPHISOFT)
GRAPHISOFT BIMcloud - Módulo de Servidor BIM 20 SPA (HKLM\...\110FFF2FFF20FF00FF2101F02F02F000-R1) (Version: 20.0 - GRAPHISOFT)
Gyazo 3.4.1.0 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Herramienta oficial de calculo del DB HR del CTE (HKLM-x32\...\Herramienta oficial de calculo del DB HR del CTE 3.0) (Version: 3.0 - Ministerio de Fomento)
Hextech Repair Tool (HKLM-x32\...\{7F9A97E6-E666-11E5-B582-B88687E82322}) (Version: 1.1.77 - Riot Games, Inc.)
HP Dropbox Plugin (HKLM-x32\...\{D1C1B048-C9E8-4DF9-BAE8-45F2BA467426}) (Version: 36.0.31.53050 - Hewlett-Packard Co.)
HP Google Drive Plugin (HKLM-x32\...\{6651A86A-07EA-43E0-B4EC-4E1D809AC99E}) (Version: 36.0.31.53050 - Hewlett-Packard Co.)
HP OfficeJet 3830 series Ayuda (HKLM-x32\...\{C4BF4EE8-27DB-44E4-B311-19E5DD46F8FB}) (Version: 35.0.0 - Hewlett Packard)
HP OfficeJet 3830 series Software básico del dispositivo (HKLM\...\{AD89DD90-A493-43F3-B461-0AB06FB20809}) (Version: 36.0.72.54013 - Hewlett-Packard Co.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
IBM SPSS Statistics 25 (HKLM\...\{C2D1E17D-CB8A-4742-84FA-1DB5C6A1ABDD}) (Version: 25.0.0.0 - IBM Corp)
IBM SPSS Statistics 25 25.0.0.0 (HKLM-x32\...\IBM SPSS Statistics 25 25.0.0.0) (Version: 25.0.0.0 - IBM SPSS Statistics 25)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{AA67D612-0BE5-44D6-9A91-592958F754A1}) (Version: 13.0.198 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
IronPython 2.7.3 (HKLM-x32\...\{1EBADAEA-1A0F-40E3-848C-0DD8C5E5A10D}) (Version: 2.7.31000.0 - IronPython Team)
Java 8 Update 191 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
Last.fm Desktop Scrobbler (HKLM-x32\...\{EEF2F789-893F-47B8-A817-81066D427FD1}) (Version: 3.1.28 - Last.fm)
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
Malwarebytes versión 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
MAMP & MAMP PRO 4.0 version 4.0.0 (HKLM-x32\...\{A62E77D4-9B74-4CA0-A254-EFE711F7A298}_is1) (Version: 4.0.0 - appsolute Gmbh)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft .NET Framework 4.7.2 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - es-es (HKLM\...\O365ProPlusRetail - es-es) (Version: 16.0.9126.2295 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1895503046-2164595843-4212185805-1000\...\OneDriveSetup.exe) (Version: 18.172.0826.0010 - Microsoft Corporation)
Microsoft Project Profesional 2016 - es-es (HKLM\...\ProjectProRetail - es-es) (Version: 16.0.9126.2295 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{14297226-E0A0-3781-8911-E9D529552663}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{9C82436F-F19C-42A4-B476-F87A28A95BF9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
NVIDIA Controlador de 3D Vision 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 391.35 - NVIDIA Corporation)
NVIDIA Controlador de audio HD 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.35 - NVIDIA Corporation)
NVIDIA Controlador de la controladora 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.14.1.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.14.1.48 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.9126.2295 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.9126.2295 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.9126.2295 - Microsoft Corporation) Hidden
Panasonic DIALux Plugin 2.0 (HKLM-x32\...\{DB593EA8-9734-4FA3-BED3-D5CBBE514C16}) (Version: 2.02.0000 - Panasonic Corporation)
Panel de control de NVIDIA 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 391.35 - NVIDIA Corporation) Hidden
Paquete de controladores de Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Paquete de controladores de Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.2.1 - pdfforge)
PDFsam Basic (HKLM-x32\...\{910EA44E-8446-405D-BFE1-82F562F847D0}) (Version: 3.30.0.0 - Andrea Vacondio)
Personal Accelerator for Revit (HKLM\...\{7C317DB0-F31F-4024-A289-92CF4B6FB256}) (Version: 16.0.1109.0 - Autodesk) Hidden
Personal Accelerator for Revit (HKLM\...\Personal Accelerator for Revit) (Version: 16.0.1109.0 - Autodesk)
Philips Product Selector 5.2.9.17 (HKLM-x32\...\{81AD9228-21AC-4DBD-AE33-98146A88BAA8}) (Version: 5.2.9.17 - Philips Lighting) Hidden
Philips Product Selector 5.2.9.17 (HKLM-x32\...\InstallShield_{81AD9228-21AC-4DBD-AE33-98146A88BAA8}) (Version: 5.2.9.17 - Philips Lighting)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
PPS max plugin 1.7.0 (HKLM-x32\...\PPS max plugin_is1) (Version: 1.7.0.0 - Tree C Technology B.V.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.88.617.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Revit 2017 (HKLM\...\{7346B4A0-1700-0510-0000-705C0D862004}) (Version: 17.0.416.0 - Autodesk) Hidden
Revit Content Libraries 2017 - Español (Spanish) (HKLM\...\{941030D0-1700-0410-0000-818BB38A95FC}) (Version: 17.0.416.0 - Autodesk) Hidden
Samsung Data Migration (HKLM-x32\...\{3B304604-0BF5-488E-AB95-F2F2E31206F3}) (Version: 3.1 - Samsung)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.0.0.790 - Samsung Electronics)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Servidor BIM de GRAPHISOFT 20 SPA (HKLM\...\116FFF2FFF20FF00FF2101F02F02F000-R1) (Version: 20.0 - GRAPHISOFT)
sign pro PDF (novaPDF OEM 7.7 printer) (HKLM\...\sign pro PDF_is1) (Version: 7.7.396 - Softland)
SketchUp 2017 (HKLM\...\{F1E181BD-01D6-4754-92CC-DB8C259B9B28}) (Version: 17.0.18899 - Trimble, Inc.)
SketchUp Import for AutoCAD 2014 (HKLM-x32\...\{644E9589-F73A-49A4-AC61-A953B9DE5669}) (Version: 1.1.0 - Autodesk)
Skype versión 8.33 (HKLM-x32\...\Skype_is1) (Version: 8.33 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-1895503046-2164595843-4212185805-1000\...\Spotify) (Version: 1.0.70.388.g8e1ed5af - Spotify AB)
Tableta Wacom (HKLM\...\Wacom Tablet Driver) (Version: 6.3.30-6 - Wacom Technology Corp.)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.41110 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
V-Ray 3.4 for SketchUp (HKLM\...\V-Ray 3.4 for SketchUp) (Version: 3.40.04 - Chaos Software Ltd)
V-Ray Swarm (HKLM\...\V-Ray Swarm) (Version: 1.3.6 - Chaos Software Ltd)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Wacom sign pro PDF (HKLM-x32\...\{FF489CB2-9356-424B-8AB6-B6299807727E}) (Version: 2.0.13 - Wacom Co., Ltd.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1895503046-2164595843-4212185805-1000_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1895503046-2164595843-4212185805-1000_Classes\CLSID\{7DE1BE5C-CEBA-4F1D-ACBC-9CE11EE9A2A1}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1895503046-2164595843-4212185805-1000_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1895503046-2164595843-4212185805-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2014\es-ES\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1895503046-2164595843-4212185805-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Leire\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Leire\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Leire\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Leire\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Leire\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Leire\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2013-02-08] (Autodesk)
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShA64.dll [2018-10-20] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [DIALuxShellExtension] -> {F23E3460-D1B1-4F51-8C3D-E5D91E3C71C8} => E:\PROGRAMAS carpeta instalacion\DIALux evo 6\Dialux.ShellExtension.x64.dll [2016-11-16] (DIAL GmbH)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Leire\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers1: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\x64\ImageSh.dll [2017-09-04] (CHENGDU YIWO Tech Development Co.,Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-14] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2012-06-14] (Alexander Roshal)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Leire\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers2: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\x64\ImageSh.dll [2017-09-04] (CHENGDU YIWO Tech Development Co.,Ltd)
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Users\Leire\Desktop\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Leire\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Leire\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers4: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\x64\ImageSh.dll [2017-09-04] (CHENGDU YIWO Tech Development Co.,Ltd)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => C:\Users\Leire\Desktop\Windows Sidebar\sbdrop.dll -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-03-24] (NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShA64.dll [2018-10-20] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Users\Leire\Desktop\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-14] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2012-06-14] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00DD4B7C-AF45-4C5B-BBB4-59C56D6D4D23} - System32\Tasks\{18E33739-9B6C-4834-B587-A4B0DC39D839} => C:\Program Files (x86)\Firaxis Games\Sid Meier's Civilization III Complete\Conquests\Civ3Conquests.exe
Task: {0AD7D1C4-9861-4B2F-87C0-00F8C84A461A} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-07-19] (NVIDIA Corporation)
Task: {0E155CE7-58EC-494B-A874-9DCDC175AF6B} - System32\Tasks\CCleaner Update => C:\Users\Leire\Desktop\CCleaner\CCUpdate.exe [2018-10-23] (Piriform Ltd)
Task: {0EF653A4-941D-4575-8498-76A5D677E4CA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-10-18] (Microsoft Corporation)
Task: {161F8080-4DEB-4BA6-93F5-92CB2A43730F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-10-18] (Microsoft Corporation)
Task: {173DE8A0-9D8F-475E-AF7C-827915DAEB7E} - System32\Tasks\{68656588-3BCC-4BA6-A460-6E0D9010729A} => E:\PROGRAMAS carpeta instalacion\SketchUP Make\SketchUp.exe
Task: {18814521-5D12-4B06-97B8-3E57C08ECFBB} - System32\Tasks\{95304FB1-B750-4C95-959F-60AB60262AA8} => E:\PROGRAMAS carpeta instalacion\SketchUP Make\SketchUp.exe
Task: {2192E718-D06F-4384-BBCE-79D09D5D3F4D} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-07-19] (NVIDIA Corporation)
Task: {248F7713-BA71-40D4-A6E2-AFA94CADE858} - System32\Tasks\{F3F67E1B-4064-45B3-A3A7-3C77FA577DEE} => E:\League of Legends Juego\LeagueClient.exe
Task: {254ADAEC-74A2-464E-B0C4-9E46380BFDB5} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-07-19] (NVIDIA Corporation)
Task: {2740AB40-A7A7-4283-AD00-329DA484F139} - System32\Tasks\{0DAC133D-B375-453F-B2D8-7686ADB20A25} => E:\League of Legends Juego\LeagueClient.exe
Task: {4F84C605-CDEF-4B98-84AF-66A2CFAECBC6} - System32\Tasks\SamsungMagician => E:\PROGRAMAS carpeta instalacion\Magician Samsung\Samsung Magician\SamsungMagician.exe [2017-02-22] (Samsung Electronics Co. Ltd.)
Task: {56E145EB-8D46-4DF7-8D42-C20C3F125A0B} - System32\Tasks\{F1BD5EC7-15AC-475A-9F31-7A5F74AC1419} => E:\LoL\LeagueClient.exe [2018-11-07] ()
Task: {5E3FAC92-6DE2-4952-8ECD-0EB498B6EE86} - System32\Tasks\CCleanerSkipUAC => C:\Users\Leire\Desktop\CCleaner\CCleaner.exe [2018-10-23] (Piriform Ltd)
Task: {651C35C9-8BD3-40CA-8495-5B0837A7BAE8} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2018-10-04] (Nota Inc.)
Task: {658A2F0D-6BFF-4D24-89C4-CAE4E2E3D4E5} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-10-18] (Microsoft Corporation)
Task: {66F6AFD9-5D6B-4BD7-95E9-B522B03E7217} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-07-19] (NVIDIA Corporation)
Task: {695384E8-BBA4-4D17-8EB5-7D8B6B75580B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {728D733F-0BAA-40DC-98A3-8FBA97DBF3EF} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-10-18] (Microsoft Corporation)
Task: {7293D77F-3EF2-4603-819A-546B7D8B8372} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-09-29] (Microsoft Corporation)
Task: {753C47AE-EC5E-44B3-95A9-2C8E553F0E39} - System32\Tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary => C:\Users\Leire\Desktop\Windows Media Player\wmpnscfg.exe
Task: {76E76F5E-2A98-4377-B8F1-D7538CB8E1CD} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [2018-10-20] (AVG Technologies CZ, s.r.o.)
Task: {784E6130-07FE-403A-B921-561E17C5D100} - System32\Tasks\{D716DE4F-F474-48E6-AE81-EBFEA1520A72} => C:\Windows\system32\pcalua.exe -a E:\Descargas\AICC2017-64BYURBINA\Build\setup.exe -d E:\Descargas\AICC2017-64BYURBINA\Build
Task: {791B23A9-FD63-49E1-9147-60C7248B3036} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-10-18] (Microsoft Corporation)
Task: {7E616E3D-5C54-4586-967F-1298FD3829C1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-07-24] (Apple Inc.)
Task: {8946F979-381C-4B82-9769-AE4314A8EA07} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-07-19] (NVIDIA Corporation)
Task: {8980F11D-6384-439C-BB27-61D2C83DEB25} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-07-19] (NVIDIA Corporation)
Task: {8BBC0CC5-5076-4EE8-93CF-7659FCF920BB} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1895503046-2164595843-4212185805-1000
Task: {8CC44744-BFBD-46D8-BF9C-47557978D1F4} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-09-29] (Microsoft Corporation)
Task: {8D3D7C1B-49FF-40D1-B1D9-316ABB2B01C7} - System32\Tasks\{D9258C07-F885-49F0-87D8-22EDA70742E5} => C:\Windows\system32\pcalua.exe -a C:\Users\Leire\Downloads\instalador.menfis.8.1.6.exe -d C:\Users\Leire\Downloads
Task: {9EE408F5-003E-4F4E-A6EF-3EE40BC6FAB0} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation)
Task: {A39324E0-DBAD-4DD2-96C9-49F724E66B46} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation)
Task: {A7318E61-EC60-4B0B-B321-8A2367036D5C} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2018-10-28] (AVG Technologies CZ, s.r.o.)
Task: {AE60654A-7DD1-4689-B13A-11027309DED4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-10-09] (Adobe Systems Incorporated)
Task: {AEC13EF1-2353-4BDE-AB0D-C6E73B3733DB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-17] (Google Inc.)
Task: {B453BC1D-66B5-4886-9090-E133F98562DA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-17] (Google Inc.)
Task: {B5FAC553-1914-44F2-A7DF-693737125F0C} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_122_pepper.exe [2018-10-09] (Adobe Systems Incorporated)
Task: {B810B219-ACB0-442E-A863-A3A155E59B1C} - System32\Tasks\{742AAC86-20A7-4B7E-BA09-5CDD4787F631} => E:\League of Legends Juego\LeagueClient.exe
Task: {B91792C0-487E-41B2-BA9B-6E887563E679} - System32\Tasks\{1374C2A1-C4EC-4E4D-BE95-4D1D88136866} => C:\Program Files (x86)\Firaxis Games\Sid Meier's Civilization III Complete\Conquests\Civ3Conquests.exe
Task: {C4CD2678-CBCF-49BF-BFEB-AA6ED34801C2} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation)
Task: {C6BC2396-891D-4E91-91F0-B3188F024BD9} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-07-19] (NVIDIA Corporation)
Task: {D1FEAA49-4AFF-450B-93DF-B9DB41A23AE9} - System32\Tasks\{A409177E-88DA-440B-B4C2-4324B118DE7A} => C:\Windows\system32\pcalua.exe -a "E:\PROGRAMAS carpeta instalacion\Menfis\instalador.menfis.8.1.6.exe" -d "E:\PROGRAMAS carpeta instalacion\Menfis"
Task: {D46D8107-8DC6-4C51-8021-01256E3A6634} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation)
Task: {E1A2E1B0-0B2A-4A3C-9D60-82E8DC934D2F} - System32\Tasks\AdobeGCInvoker-1.0-LeirePC-Leire => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-09-10] (Adobe Systems, Incorporated)
Task: {E32F29C9-5465-4B86-A4F0-DD7151150B0F} - System32\Tasks\GarminUpdaterTask => E:\PROGRAMAS carpeta instalacion\Garmin express\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2018-10-24] ()
Task: {E5A6E242-E950-45C8-9084-3330BC9EF031} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2018-10-04] (Nota Inc.)
Task: {F10EF1F4-912B-428A-97F9-EB09ECEDC5B7} - System32\Tasks\{B044483D-22F7-4BC2-97F8-E44F6A3D6455} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=7.0.0.102&LastError=404
Task: {FC356724-9D4B-4B7B-98BD-68B815605C01} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-1895503046-2164595843-4212185805-1000 => C:\Users\Leire\AppData\Local\MEGAsync\MEGAupdater.exe [2018-01-15] (Mega Limited)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\":
WMI:subscription\__EventFilter->BVTFilter:
WMI:subscription\CommandLineEventConsumer->BVTConsumer:

ShortcutWithArgument: C:\Users\Leire\Desktop\zeit - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 3"
ShortcutWithArgument: C:\Users\Leire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Hangouts de Google.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory="Profile 3" --app-id=knipolnnllmklapflnccelgolnpehhpl
ShortcutWithArgument: C:\Users\Leire\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\zeit - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 3"
ShortcutWithArgument: C:\Users\Leire\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Persona 1 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\Leire\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\37ea5785e6fa6bd2\Hangouts de Google.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" --app-id=nckgahadagoaajjgafhacjanaoiihapd

==================== Loaded Modules (Whitelisted) ==============

2017-10-18 22:51 - 2017-10-18 22:51 - 000598528 _____ () C:\Users\Leire\AppData\Local\MEGAsync\ShellExtX64.dll
2017-09-26 02:52 - 2017-09-26 02:52 - 000491600 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
2017-09-01 01:49 - 2017-09-01 01:49 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-09-01 17:12 - 2016-09-01 17:12 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2018-06-14 15:54 - 2018-07-19 21:20 - 001314856 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-04-09 20:02 - 2018-04-09 20:02 - 000090176 _____ () C:\Program Files\Chaos Group\V-Ray Swarm\register-service.exe
2018-11-09 14:48 - 2018-11-09 14:52 - 002695360 _____ () C:\USERS\LEIRE\DESKTOP\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-04-09 20:02 - 2018-04-09 20:02 - 000204800 _____ () \\?\C:\Program Files\Chaos Group\V-Ray Swarm\node_modules\v8-profiler\build\profiler\v5.6.5\node-v48-win32-x64\profiler.node
2018-04-09 20:02 - 2018-04-09 20:02 - 000163328 _____ () \\?\C:\Program Files\Chaos Group\V-Ray Swarm\node_modules\ref\build\Release\binding.node
2018-04-09 20:02 - 2018-04-09 20:02 - 000174592 _____ () \\?\C:\Program Files\Chaos Group\V-Ray Swarm\node_modules\ffi\build\Release\ffi_bindings.node
2018-10-20 14:12 - 2018-10-20 14:12 - 000726288 _____ () c:\Program Files (x86)\AVG\Antivirus\x64\StreamBack.dll
2018-03-17 14:29 - 2017-08-30 12:29 - 000260752 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\TodoBackupService.exe
2018-10-20 14:12 - 2018-10-20 14:12 - 000919312 _____ () C:\Program Files (x86)\AVG\Antivirus\anen.dll
2018-10-20 14:12 - 2018-10-20 14:12 - 000595728 _____ () C:\Program Files (x86)\AVG\Antivirus\streamback.dll
2018-11-09 14:37 - 2018-11-09 14:37 - 005719240 _____ () C:\Program Files (x86)\AVG\Antivirus\defs\18110904\algo.dll
2018-10-20 14:12 - 2018-10-20 14:12 - 000496912 _____ () C:\Program Files (x86)\AVG\Antivirus\gui_cache.dll
2018-10-20 14:12 - 2018-10-20 14:12 - 001112336 _____ () C:\Program Files (x86)\AVG\Antivirus\shepherdsync.dll
2018-03-17 14:29 - 2017-02-21 17:19 - 000083136 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\CodeLog.dll
2018-03-17 14:29 - 2016-03-07 18:08 - 001291264 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\libxml2.dll
2018-03-17 14:29 - 2004-10-05 03:08 - 000055808 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\zlib1.dll
2018-03-17 14:29 - 2016-12-06 02:43 - 000019648 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\CompressFile.dll
2018-03-17 14:29 - 2016-12-06 02:44 - 000090816 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\TBGetRemoteNetInfo.dll
2018-03-17 14:29 - 2016-12-06 02:43 - 000024768 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\CmcTbProxy.dll
2018-03-17 14:29 - 2016-12-06 02:43 - 000188608 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\CMCPipeCenter.dll
2018-03-17 14:29 - 2017-08-30 12:25 - 000183440 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\CMCAdapt.dll
2018-03-17 14:29 - 2016-12-06 02:43 - 000163520 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\CMCAdapt_RTTO.dll
2018-03-17 14:29 - 2017-08-30 12:27 - 000055952 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\TBInfo.dll
2018-03-17 14:29 - 2016-12-06 02:43 - 000018112 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\CMCNetTokenProxy.dll
2018-03-17 14:29 - 2017-08-30 12:25 - 000061072 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\ActivationOnline.dll
2018-03-17 14:29 - 2017-09-04 17:39 - 000699024 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\EuActiveOnline.dll
2018-03-17 14:29 - 2017-08-30 12:26 - 000487568 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\EULicenseDLL.DLL
2018-03-17 14:29 - 2017-08-30 12:26 - 000021648 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\fsclog.dll
2018-03-17 14:29 - 2017-08-30 12:26 - 000085648 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\logsys.dll
2018-03-17 14:29 - 2017-08-30 12:26 - 000032912 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\DiskSearchImg.dll
2018-03-17 14:29 - 2017-08-30 12:26 - 000070800 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\MountImg.dll
2018-03-17 14:29 - 2017-08-30 12:26 - 000160400 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\ImgFile.dll
2018-03-17 14:29 - 2017-08-30 12:26 - 000296592 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\DsImgFile.dll
2018-03-17 14:29 - 2016-12-06 02:43 - 000078528 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\FatLib.dll
2018-03-17 14:29 - 2017-08-30 12:26 - 000305808 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\NTFSUtil.dll
2018-03-17 14:29 - 2016-12-06 02:44 - 000210112 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\NTFSLib.dll
2018-03-17 14:29 - 2016-12-06 02:43 - 000026304 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\CallbackOperator.dll
2018-03-17 14:29 - 2016-12-06 02:43 - 000074432 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\CheckImg.dll
2018-03-17 14:29 - 2016-12-06 02:44 - 000142016 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\vhdvmdk.dll
2018-03-17 14:29 - 2017-09-11 14:28 - 000085136 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\BootDriver.dll
2018-03-17 14:29 - 2017-08-30 12:26 - 000844944 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\ExImage.dll
2018-03-17 14:29 - 2016-12-06 02:43 - 000195776 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\EmailBackupSize.dll
2018-03-17 14:29 - 2016-12-06 02:43 - 000414400 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\AndroidImage.dll
2018-03-17 14:29 - 2017-08-30 12:26 - 000162448 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\EnumDisk.dll
2018-03-17 14:29 - 2016-12-06 02:43 - 000029376 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\DeviceAdapter.dll
2018-03-17 14:29 - 2016-12-06 02:44 - 000114368 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\FileStorage.dll
2018-03-17 14:29 - 2016-12-06 02:44 - 000026816 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\GetDriverInfo.dll
2018-03-17 14:29 - 2016-12-06 02:43 - 000022720 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\CorrectMbr.dll
2018-03-17 14:29 - 2017-08-30 12:26 - 000034448 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\EnumTapeDevice.dll
2018-03-17 14:29 - 2016-12-06 02:44 - 000054464 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\TbTapeBrowse.dll
2018-03-17 14:29 - 2016-12-06 02:44 - 000066240 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\RegLib.dll
2018-03-17 14:29 - 2017-08-30 12:25 - 000026768 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\AccountManager.dll
2018-03-17 14:29 - 2017-08-30 12:26 - 000072848 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\NasOperator.dll
2018-03-17 14:29 - 2016-12-06 02:43 - 000221376 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\EmailBrowser.dll
2018-03-17 14:29 - 2016-12-06 02:43 - 000079040 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\CloudOperator.dll
2018-03-17 14:29 - 2017-08-30 12:25 - 000021648 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\ActiveOnline.dll
2018-03-17 14:29 - 2016-12-06 02:44 - 000138432 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\VMConfig.dll
2018-03-17 14:29 - 2016-12-06 02:43 - 000021696 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\AndroidDeviceManager.dll
2018-03-17 14:29 - 2017-08-30 12:27 - 000074896 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\SqlExBrowser.dll
2018-03-17 14:29 - 2017-08-30 12:27 - 000585872 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\SqlSMOCPlusPlus.dll
2018-03-17 14:29 - 2016-12-06 02:44 - 000045248 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\TbDataSwap.dll
2018-03-17 14:29 - 2017-08-30 12:25 - 000367760 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\DeviceManager.dll
2018-03-17 14:29 - 2017-08-30 12:25 - 000141456 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\Device.dll
2018-03-17 14:29 - 2016-12-06 02:44 - 000149184 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\Partition.dll
2018-03-17 14:29 - 2016-12-06 02:44 - 000052416 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\FileSystemAnalyser.dll
2018-03-17 14:29 - 2016-12-06 02:43 - 000064192 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\FATFileSystemAnalyser.dll
2018-03-17 14:29 - 2016-12-06 02:43 - 000091840 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\Common.dll
2018-03-17 14:29 - 2016-12-06 02:44 - 000058560 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\NTFSFileSystemAnalyser.dll
2018-03-14 11:04 - 2018-03-14 11:04 - 067127976 _____ () C:\Program Files (x86)\AVG\Antivirus\libcef.dll
2018-03-17 14:29 - 2016-12-06 02:44 - 000210112 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\SmartBackup.dll
2015-11-17 18:01 - 2013-09-16 12:17 - 001242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`29hfm [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-1895503046-2164595843-4212185805-1000\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1895503046-2164595843-4212185805-1000\...\localhost -> localhost

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2018-08-01 15:39 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1895503046-2164595843-4212185805-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Leire\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupfolder: C:^Users^Leire^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Enviar a OneNote.lnk => C:\Windows\pss\Enviar a OneNote.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Leire^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EvernoteClipper.lnk => C:\Windows\pss\EvernoteClipper.lnk.Startup
MSCONFIG\startupreg: Autodesk Desktop App => "C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe" -tray
MSCONFIG\startupreg: Autodesk Sync => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
MSCONFIG\startupreg: DAEMON Tools Lite Automount => "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
MSCONFIG\startupreg: EPLTarget => 
MSCONFIG\startupreg: GarminExpressTrayApp => "E:\PROGRAMAS carpeta instalacion\Garmin express\Garmin\Express Tray\ExpressTray.exe"
MSCONFIG\startupreg: Gyazo => C:\Program Files (x86)\Gyazo\GyStation.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: OneDrive => "C:\Users\Leire\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
MSCONFIG\startupreg: pac => C:\Program Files\Autodesk\Personal Accelerator for Revit\RevitAccelerator.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify Web Helper => C:\Users\Leire\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{645C8220-6F42-485C-9A3C-54F46AD64C2E}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{B63D20AA-8963-4650-BFB6-AE9755485BC0}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{2F6B718B-EA6E-459C-98AD-CF18D4C31441}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{E2C1472B-432C-47BC-8484-89A3D8ED4927}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{7760A539-8DA9-44C6-B3FB-CFBAA8BE6D6A}] => (Allow) C:\Users\Leire\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7EEDEFC7-8BFF-44BA-9657-D60F6C59C98E}] => (Allow) C:\Users\Leire\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{DEFA3311-8FB9-420A-89AC-441F04533C12}] => (Allow) LPort=50248
FirewallRules: [TCP Query User{8023F291-A8A1-42F2-A256-7C61999BD401}E:\software\airdroid\airdroid.exe] => (Allow) E:\software\airdroid\airdroid.exe
FirewallRules: [UDP Query User{E0156FBE-AE14-4099-B1E6-BEDF1B10F1EA}E:\software\airdroid\airdroid.exe] => (Allow) E:\software\airdroid\airdroid.exe
FirewallRules: [{A86C208E-DD40-4B86-8C4E-771F5DB37B6B}] => (Block) E:\software\airdroid\airdroid.exe
FirewallRules: [{BFE77373-811A-4503-BF44-A7712D69FA59}] => (Block) E:\software\airdroid\airdroid.exe
FirewallRules: [TCP Query User{98077618-D0BC-47AC-93FE-9F81BC81F87E}C:\users\leire\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\leire\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{7A3EC589-E316-41EA-B677-27E26C5E719A}C:\users\leire\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\leire\appdata\roaming\spotify\spotify.exe
FirewallRules: [{C1736E2D-86E0-4627-92D1-80EC730D8150}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{702A4843-E010-4D86-9417-52D95CDF4337}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{F2473077-5FBB-457D-98E0-4BFDBB149B94}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{D893926F-B3CB-45A2-BEDD-351D29E95283}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{98ED2FF3-1C92-429D-9A7E-56DE0493838B}] => (Block) E:\ArchiCAD\ARCHICAD.exe
FirewallRules: [{6E5841FA-AD38-422F-8BE0-81F5E20F940E}] => (Block) E:\ArchiCAD\CineRender\CineRender 64bit.exe
FirewallRules: [{4C056430-B0F8-45F1-B3E7-6576616F6EA9}] => (Allow) E:\ArchiCAD\BIMxUploader.exe
FirewallRules: [{B43375C7-0DCE-4630-9D25-1A35C49E2805}] => (Block) E:\ArchiCAD\OverwatchServer.exe
FirewallRules: [{313B957C-09D7-4DCF-A81F-89C01D43C328}] => (Allow) E:\Servidor BIM\BIMcloud Manager\BIMcloud Manager Configurator.exe
FirewallRules: [{D8277EA5-633C-4A8B-8C59-1EA4F6346494}] => (Allow) E:\Servidor BIM\BIMcloud Manager\BIMcloudMonitor.exe
FirewallRules: [{D23E6746-7A57-45E7-9C2E-E8C0B35E111D}] => (Allow) E:\Servidor BIM\BIMcloud Manager\UpgradeTool.exe
FirewallRules: [{389B91DB-F8A8-47F9-9B0D-C84F45F952E4}] => (Allow) E:\Servidor BIM\BIMcloud Server 20\BIMcloud Server Configurator.exe
FirewallRules: [{90492B8A-788C-45D4-9DD0-C6DF8BD1A904}] => (Allow) E:\Servidor BIM\BIMcloud Server 20\BIMcloudMonitor.exe
FirewallRules: [{7D6333CF-1AA4-4BF9-9EC9-7735C44FB4B8}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{6E3E9C38-6BC5-4270-8B97-FDA579AF496A}] => (Allow) LPort=2869
FirewallRules: [{C36B382A-24CC-490D-A9D5-3F1DC5B9FE99}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{5F381674-6B9C-45F4-859E-C075A8757BA3}E:\programas carpeta instalacion\hearthstone\hearthstone\hearthstone.exe] => (Allow) E:\programas carpeta instalacion\hearthstone\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{CE5542C4-EB69-4963-93BE-839944BEAC6B}E:\programas carpeta instalacion\hearthstone\hearthstone\hearthstone.exe] => (Allow) E:\programas carpeta instalacion\hearthstone\hearthstone\hearthstone.exe
FirewallRules: [{B3E20A2F-F5EE-4AF6-BEAD-93F82ED7BC4F}] => (Block) E:\programas carpeta instalacion\hearthstone\hearthstone\hearthstone.exe
FirewallRules: [{FD56F439-5B92-489C-886A-89FE56BBF314}] => (Block) E:\programas carpeta instalacion\hearthstone\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{3C0BF727-6E97-490D-9E21-E4904B236B77}E:\programas carpeta instalacion\comicrack\comicrack.exe] => (Allow) E:\programas carpeta instalacion\comicrack\comicrack.exe
FirewallRules: [UDP Query User{D3C6B0C0-9043-4E8D-B389-F8C0ADB05E2C}E:\programas carpeta instalacion\comicrack\comicrack.exe] => (Allow) E:\programas carpeta instalacion\comicrack\comicrack.exe
FirewallRules: [{6FB6C633-B396-4D7E-B408-DF38BFACC52B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe

#12

Addition, segunda parte


FirewallRules: [{446B8982-3046-4BB7-BA96-1BBF44E27FD0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{2302CCC4-1ACA-4FC3-BD60-20741187F040}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{FD6ADBD4-FBA5-4F57-9BFA-12ACCB603623}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4ED38237-FF2C-4F77-A5E2-E8B20757DBA4}] => (Allow) C:\Program Files\HP\HP OfficeJet 3830 series\bin\FaxApplications.exe
FirewallRules: [{268233FD-C0A9-46BC-8A79-80612D3969E9}] => (Allow) C:\Program Files\HP\HP OfficeJet 3830 series\bin\DigitalWizards.exe
FirewallRules: [{84F14D67-C7DF-4E8D-A3B8-5639C50B9211}] => (Allow) C:\Program Files\HP\HP OfficeJet 3830 series\bin\SendAFax.exe
FirewallRules: [{A3C97B8E-6E53-4288-971A-E743D8039DDA}] => (Allow) C:\Program Files\HP\HP OfficeJet 3830 series\bin\FaxPrinterUtility.exe
FirewallRules: [{A56F8E88-DDCB-461B-8B13-FF467C603BEE}] => (Allow) C:\Program Files\HP\HP OfficeJet 3830 series\Bin\DeviceSetup.exe
FirewallRules: [{55A1F0A2-B0B2-4C2C-B6A3-BE5A54F3ED17}] => (Allow) LPort=5357
FirewallRules: [{2E20AF2A-9F1B-46B5-ACC9-8B11A2C53815}] => (Allow) C:\Program Files\HP\HP OfficeJet 3830 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [TCP Query User{67A6DDF4-5F7E-4CBA-A1C0-55019ECC93A7}C:\program files (x86)\gigabyte\aorus graphics engine\aorus.exe] => (Allow) C:\program files (x86)\gigabyte\aorus graphics engine\aorus.exe
FirewallRules: [UDP Query User{F11A13C6-7907-4DF7-9F4F-E7E2791F03CC}C:\program files (x86)\gigabyte\aorus graphics engine\aorus.exe] => (Allow) C:\program files (x86)\gigabyte\aorus graphics engine\aorus.exe
FirewallRules: [{E7D26230-F1D0-473C-A808-E65542924BDF}] => (Block) C:\program files (x86)\gigabyte\aorus graphics engine\aorus.exe
FirewallRules: [{CE1B7897-DCB6-4E16-8B5B-A2C2EC84BBFB}] => (Block) C:\program files (x86)\gigabyte\aorus graphics engine\aorus.exe
FirewallRules: [TCP Query User{C16CD4F6-7939-4711-AD86-FB322A370058}C:\users\leire\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\leire\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{11CA55F4-C485-4354-A448-41405F8B69A9}C:\users\leire\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\leire\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{D520CAFC-9F6F-4254-93A3-C949E9119720}E:\programas carpeta instalacion\comicrack\comicrack.exe] => (Allow) E:\programas carpeta instalacion\comicrack\comicrack.exe
FirewallRules: [UDP Query User{862DBA5E-F413-4A8E-9EBE-6659C30A65F7}E:\programas carpeta instalacion\comicrack\comicrack.exe] => (Allow) E:\programas carpeta instalacion\comicrack\comicrack.exe
FirewallRules: [{CC588D44-0D9A-49AF-A694-5B6A7EF387B3}] => (Allow) E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\TbService.exe
FirewallRules: [{3E81D5D7-4E26-4201-A805-88677CC85272}] => (Allow) E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\TbService.exe
FirewallRules: [{9502488D-2061-48E4-A5A0-05D338DD3A48}] => (Allow) E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{8F691998-80C2-419C-BEAA-235047D930F1}] => (Allow) E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{981CBDD2-066C-4736-8A54-FE677388167D}] => (Allow) E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{BF7A3363-3B88-4D08-B1F7-306FA729D570}] => (Allow) E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{AF68EEB6-6D6E-423F-89CC-E4A8B95E6DE0}] => (Allow) E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{A71CE8E5-AC7F-4993-AD11-0B0EE20F4F20}] => (Allow) E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{45DB3E45-4570-4A8C-B880-CECAEAD6FFDF}] => (Allow) C:\Program Files\Chaos Group\V-Ray\V-Ray 3.4 for SketchUp\extension\vrayneui-win32-x64\vrayneui.exe
FirewallRules: [{1D250E17-BCC5-4575-BDEA-DFCF657B9E9D}] => (Allow) C:\Program Files\Chaos Group\V-Ray\V-Ray 3.4 for SketchUp\extension\vrayneui-win32-x64\vrayneui.exe
FirewallRules: [{9C0E9A47-C2D0-4A4F-A757-26FA840B0204}] => (Allow) LPort=20208
FirewallRules: [{039A51CE-6EC0-4B9F-9156-F3CC4C3D65C6}] => (Allow) LPort=20208
FirewallRules: [{157EFE87-0691-463A-9D83-6D6CAC5489D5}] => (Allow) C:\Program Files\Chaos Group\V-Ray Swarm\swrm.exe
FirewallRules: [{9F760353-F822-4847-81F3-4A5A680DCF2A}] => (Allow) C:\Program Files\Chaos Group\V-Ray Swarm\swrm.exe
FirewallRules: [TCP Query User{C7F290FD-19FF-4592-AC92-106EB7964804}C:\Program Files\SketchUp\sketchup 2017\SketchUp.exe] => (Allow) C:\Program Files\SketchUp\sketchup 2017\SketchUp.exe
FirewallRules: [UDP Query User{3E58E2E3-D5AF-4A31-BA83-5CEDD6F2A45B}C:\Program Files\SketchUp\sketchup 2017\SketchUp.exe] => (Allow) C:\Program Files\SketchUp\sketchup 2017\SketchUp.exe
FirewallRules: [TCP Query User{466F0BE3-9B51-473B-8EFE-708329036F14}C:\mamp\bin\apache\bin\httpd.exe] => (Allow) C:\mamp\bin\apache\bin\httpd.exe
FirewallRules: [UDP Query User{5CCC7E5C-849A-4DA0-92A6-4ADE6E5F8C89}C:\mamp\bin\apache\bin\httpd.exe] => (Allow) C:\mamp\bin\apache\bin\httpd.exe
FirewallRules: [TCP Query User{346AD592-BE87-47C0-82A4-72CE8C662E4E}C:\mamp\bin\mysql\bin\mysqld.exe] => (Allow) C:\mamp\bin\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{881E65C1-BAB0-4DF0-9DCE-CC96D5A4A440}C:\mamp\bin\mysql\bin\mysqld.exe] => (Allow) C:\mamp\bin\mysql\bin\mysqld.exe
FirewallRules: [{E6146F08-DB28-44E4-95C4-B27BF3796E1E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{AFA3B31A-520E-4B4C-BA37-2FB909BF3DE9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{9954C0F2-636A-465F-9AFC-AAC038AA16B5}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\25\WinWrapIDE.exe
FirewallRules: [{FE03B9BB-0573-4021-BE64-1241300C396A}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\25\stats.exe
FirewallRules: [{9B453271-B1B8-4CF0-9A6B-2F0CA223B04E}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\25\stats.com
FirewallRules: [{DDB258BA-59B5-46EA-8CF3-39FB9071D507}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\25\WinWrapIDE.exe
FirewallRules: [{A2DEA651-C7C6-4C55-8D02-C587A503E179}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\25\stats.exe
FirewallRules: [{12B96891-338F-4059-88A2-5B69D6357EFF}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\25\stats.com
FirewallRules: [{E3B8F6AE-DF3C-4AFE-A14C-EBD101ED96E8}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{AA4B0EAF-91F8-43D2-A8CA-023F947704C5}] => (Allow) E:\LoL\LeagueClient.exe
FirewallRules: [{CCEA0E27-F43E-4483-8081-0C9D7AAF1586}] => (Allow) E:\LoL\LeagueClient.exe
FirewallRules: [{B18E37FA-B2F0-450A-9C6F-0AEC9AA64D97}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{0EECF00F-8096-4AD7-9D7B-EEE23DE9826D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{F4621D94-44A3-438D-A08B-24DDE7A4577D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9728DCC4-F3A1-47C4-8458-AEF2044F370A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C2BE54E4-8F85-409B-A8B3-2E907B044ABB}] => (Allow) C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe
FirewallRules: [{F7698245-5CC8-4E12-872E-6A58BD6B99B6}] => (Allow) C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe
FirewallRules: [{82FEB870-5226-4435-A0E4-AC64F99F7366}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{49E2815E-F313-4D83-A87A-D3F09FD56342}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{44683377-5BCD-4182-92B1-B1D597D1BEC8}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{E5327809-2475-4F63-B9CB-87C7034F38ED}] => (Allow) C:\Users\Leire\Desktop\CCleaner\CCUpdate.exe
FirewallRules: [{3D44A5DE-F780-4AE5-A5C7-277741A6F8AE}] => (Allow) C:\Users\Leire\Desktop\CCleaner\CCUpdate.exe

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============

Name: Controladora de bus serie universal(USB)
Description: Controladora de bus serie universal(USB)
Class Guid: 
Manufacturer: 
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Controladora de bus SM
Description: Controladora de bus SM
Class Guid: 
Manufacturer: 
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: NVIDIA High Definition Audio
Description: NVIDIA High Definition Audio
Class Guid: 
Manufacturer: 
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Controladora de bus serie universal(USB)
Description: Controladora de bus serie universal(USB)
Class Guid: 
Manufacturer: 
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Controladora de bus serie universal(USB)
Description: Controladora de bus serie universal(USB)
Class Guid: 
Manufacturer: 
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/09/2018 03:51:56 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: No se pudo crear el punto de restauración (proceso = C:\Users\Leire\AppData\Local\Temp\jrt\CreateRestorePoint.exe  "JRT Pre-Junkware Removal"; descripción = JRT Pre-Junkware Removal; error = 0x80070422).

Error: (11/09/2018 03:50:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: Last.fm Desktop Scrobbler.exe, versión: 3.1.28.1, marca de tiempo: 0x5a098095
Nombre del módulo con errores: wmp.dll, versión: 12.0.7601.24252, marca de tiempo: 0x5b84e784
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0012a66e
Id. del proceso con errores: 0x5f0
Hora de inicio de la aplicación con errores: 0x01d4783b90cf67ec
Ruta de acceso de la aplicación con errores: E:\PROGRAMAS carpeta instalacion\Lastfm\Last.fm Desktop Scrobbler.exe
Ruta de acceso del módulo con errores: C:\Windows\system32\wmp.dll
Id. del informe: d8aa5003-e42e-11e8-8c3a-50e549e848ee

Error: (11/09/2018 03:50:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (11/09/2018 03:50:29 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Error de activación de la licencia de Windows. Error 0x80070005.

Error: (11/09/2018 03:47:57 PM) (Source: Windows Search Service) (EventID: 3083) (User: )
Description: No se puede cargar el controlador de protocolo Mapi16. Descripción del error: No se encontró el proceso especificado.  (HRESULT : 0x8007007f).

Error: (11/09/2018 03:44:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: Last.fm Desktop Scrobbler.exe, versión: 3.1.28.1, marca de tiempo: 0x5a098095
Nombre del módulo con errores: wmp.dll, versión: 12.0.7601.24252, marca de tiempo: 0x5b84e784
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0012a66e
Id. del proceso con errores: 0x9cc
Hora de inicio de la aplicación con errores: 0x01d4783aa7dc74fe
Ruta de acceso de la aplicación con errores: E:\PROGRAMAS carpeta instalacion\Lastfm\Last.fm Desktop Scrobbler.exe
Ruta de acceso del módulo con errores: C:\Windows\system32\wmp.dll
Id. del informe: ed161cbc-e42d-11e8-9d5e-50e549e848ee

Error: (11/09/2018 03:44:10 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: No se puede inicializar el índice.

Detalles:
	El catálogo del índice de contenido está dañado.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (11/09/2018 03:44:10 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: No se puede inicializar la aplicación.

Contexto: aplicación Windows

Detalles:
	El catálogo del índice de contenido está dañado.  (HRESULT : 0xc0041801) (0xc0041801)


System errors:
=============
Error: (11/09/2018 03:51:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio NVIDIA Display Container LS terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 1000 milisegundos: Reiniciar el servicio.

Error: (11/09/2018 03:50:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Hardlock no pudo iniciarse debido al siguiente error: 
Windows no puede comprobar la firma digital en este archivo. Un cambio reciente en el hardware o en el software podría haber instalado un archivo con una firma incorrecta o dañada, o podría también tratarse de un software malintencionado proveniente de un origen desconocido.

Error: (11/09/2018 03:49:23 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Protección de software terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 120000 milisegundos: Reiniciar el servicio.

Error: (11/09/2018 03:49:23 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Instalador de módulos de Windows terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 120000 milisegundos: Reiniciar el servicio.

Error: (11/09/2018 03:49:23 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio NVIDIA LocalSystem Container terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 6000 milisegundos: Reiniciar el servicio.

Error: (11/09/2018 03:49:23 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Intel(R) Dynamic Application Loader Host Interface Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (11/09/2018 03:49:23 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Microsoft .NET Framework NGEN v4.0.30319_X64 terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 120000 milisegundos: Reiniciar el servicio.

Error: (11/09/2018 03:49:23 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Microsoft .NET Framework NGEN v4.0.30319_X86 terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 120000 milisegundos: Reiniciar el servicio.


CodeIntegrity:
===================================

Date: 2018-11-09 15:50:38.791
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\hardlock.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2018-11-09 15:50:38.635
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\hardlock.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2018-11-09 15:44:06.938
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\hardlock.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2018-11-09 15:44:06.814
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\hardlock.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2018-11-09 14:37:25.382
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\hardlock.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2018-11-09 14:37:25.273
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\hardlock.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2018-11-09 12:45:29.236
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\hardlock.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2018-11-09 12:45:29.111
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\hardlock.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-2600K CPU @ 3.40GHz
Percentage of memory in use: 16%
Total physical RAM: 16367.12 MB
Available physical RAM: 13697.09 MB
Total Virtual: 32732.38 MB
Available Virtual: 30090.06 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:307.36 GB) NTFS
Drive e: () (Fixed) (Total:931.51 GB) (Free:157.76 GB) NTFS

\\?\Volume{def70d44-2ba9-11e8-9c38-806e6f6e6963}\ () (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 7C9E72C9)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 704E0039)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

#13

Hola

Los reportes de Malwarebytes y AdwCleaner dice que no se tomaron acciones por parte del usuario, si no eliminaste o mandaste a cuarentena todo lo que detectaron, vuelve a ejecutar los programas.

Pon los reportes y comenta como sigue el problema.

Un saludo


#14

Lo siento, no le debí pulsar (qué desastre). Vuelvo a ponerlos por orden. (Hay veces que malwarebytes me dice 8 archivos, otros sólo 1, en definitiva el peor siempre sale)

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 10/11/18
Hora del análisis: 18:24
Archivo de registro: 89b5550d-e50d-11e8-8b34-50e549e848ee.json

-Información del software-
Versión: 3.6.1.2711
Versión de los componentes: 1.0.482
Versión del paquete de actualización: 1.0.7783
Licencia: Prueba

-Información del sistema-
SO: Windows 7 Service Pack 1
CPU: x64
Sistema de archivos: NTFS
Usuario: LeirePC\Leire

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 325297
Amenazas detectadas: 1
Amenazas en cuarentena: 1
Tiempo transcurrido: 1 min, 58 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 1
Trojan.Agent.AutoIt, HKU\S-1-5-21-1895503046-2164595843-4212185805-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|66FE5029, En cuarentena, [4803], [593741],1.0.7783

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 0
(No hay elementos maliciosos detectados)

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

#15
# -------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build:    09-25-2018
# Database: 2018-09-21.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    11-10-2018
# Duration: 00:00:00
# OS:       Windows 7 Ultimate
# Cleaned:  1
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted       C:\ProgramData\66FE5029

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [3531 octets] - [09/11/2018 11:07:15]
AdwCleaner[C00].txt - [3313 octets] - [09/11/2018 11:10:22]
AdwCleaner[S01].txt - [1403 octets] - [09/11/2018 12:40:43]
AdwCleaner[C01].txt - [1569 octets] - [09/11/2018 12:41:09]
AdwCleaner[S02].txt - [1525 octets] - [09/11/2018 15:49:04]
AdwCleaner[C02].txt - [1691 octets] - [09/11/2018 15:49:23]
AdwCleaner[S03].txt - [1647 octets] - [10/11/2018 10:29:22]
AdwCleaner[C03].txt - [1813 octets] - [10/11/2018 10:29:40]
AdwCleaner[S04].txt - [1769 octets] - [10/11/2018 18:28:10]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C04].txt ##########

#16
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 7 Ultimate x64 
Ran by Leire (Administrator) on 10/11/2018 at 18:30:15.48
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 5 

Failed to delete: C:\ProgramData\66fe5029 (Folder) 
Successfully deleted: C:\Users\Leire\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OQM5OXM0 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Leire\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZJ5QWNNC (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OQM5OXM0 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZJ5QWNNC (Temporary Internet Files Folder) 



Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 10/11/2018 at 18:31:14.62
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#17

FRST 1

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08.11.2018
Ran by Leire (administrator) on LEIREPC (10-11-2018 18:31:42)
Running from C:\Users\Leire\Desktop
Loaded Profiles: Leire (Available Profiles: Leire)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Español (España, internacional)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(CHENGDU YIWO Tech Development Co., Ltd) E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\Agent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
(Piriform Ltd) C:\Users\Leire\Desktop\CCleaner\CCleaner64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
() C:\Program Files\Chaos Group\V-Ray Swarm\register-service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Malwarebytes) C:\Users\Leire\Desktop\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Chaos Software Ltd.) C:\Program Files\Chaos Group\V-Ray Swarm\swrm.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Malwarebytes) C:\Users\Leire\Desktop\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Users\Leire\Desktop\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Users\Leire\Desktop\NVIDIA Corporation\NvContainer\nvcontainer.exe
() E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\TodoBackupService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1212560 2012-06-13] (Realtek Semiconductor)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [290064 2018-10-20] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2670056 2018-09-10] (Adobe Systems, Incorporated)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [507744 2012-04-23] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-1895503046-2164595843-4212185805-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1895503046-2164595843-4212185805-1000\...\Run: [HP OfficeJet 3830 series (NET)] => C:\Program Files\HP\HP OfficeJet 3830 series\Bin\ScanToPCActivationApp.exe [3651080 2015-03-09] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-1895503046-2164595843-4212185805-1000\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [1384840 2018-10-04] (Nota Inc.)
HKU\S-1-5-21-1895503046-2164595843-4212185805-1000\...\Run: [CCleaner Smart Cleaning] => C:\Users\Leire\Desktop\CCleaner\CCleaner64.exe [19467544 2018-10-23] (Piriform Ltd)
HKU\S-1-5-21-1895503046-2164595843-4212185805-1000\...\Run: [66fe5029] => C:\ProgramData\66fe5029\66fe5029.exe [0 ] (AutoIt Team)
HKU\S-1-5-21-1895503046-2164595843-4212185805-1000\...\Run: [66fe50292] => C:\ProgramData\qdxvXBQt\66fe5029.exe [937776 2018-11-10] (AutoIt Team)
HKU\S-1-5-21-1895503046-2164595843-4212185805-1000\...\Policies\Explorer: [] 
HKU\S-1-5-21-1895503046-2164595843-4212185805-1000\...\MountPoints2: {df6ea4af-2257-11e6-a8a1-50e549e848ee} - explorer.exe www.presto.es\index.html
HKU\S-1-5-21-1895503046-2164595843-4212185805-1000\...\MountPoints2: {fd742246-b3ae-11e5-98b0-50e549e848ee} - F:\STARTUP.EXE
HKU\S-1-5-21-1895503046-2164595843-4212185805-1000\...\MountPoints2: {fd74228d-b3ae-11e5-98b0-50e549e848ee} - K:\autorun.exe
HKU\S-1-5-18\...\Run: [GarminExpress] => E:\PROGRAMAS carpeta instalacion\Garmin express\Garmin\Express\express.exe [30796352 2018-10-24] (Garmin Ltd. or its subsidiaries)
Startup: C:\Users\Leire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\b66fe5029d0f3009021030e6f2469239.lnk [2018-11-10]
ShortcutTarget: b66fe5029d0f3009021030e6f2469239.lnk -> C:\ProgramData\OkOAOn\66fe5029.exe (AutoIt Team)
Startup: C:\Users\Leire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE AORUS GRAPHICS ENGINE.lnk [2017-11-25]
ShortcutTarget: GIGABYTE AORUS GRAPHICS ENGINE.lnk -> C:\Program Files (x86)\GIGABYTE\AORUS GRAPHICS ENGINE\autorun.exe ()
Startup: C:\Users\Leire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Last.fm Desktop Scrobbler.lnk [2017-11-16]
ShortcutTarget: Last.fm Desktop Scrobbler.lnk -> C:\Users\Leire\AppData\Roaming\Microsoft\Installer\{EEF2F789-893F-47B8-A817-81066D427FD1}\_3C389C1899E83A28513401.exe ()
Startup: C:\Users\Leire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2018-04-17]
ShortcutTarget: MEGAsync.lnk -> C:\Users\Leire\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 212.142.144.66
Tcpip\..\Interfaces\{008BCA4E-6039-477D-AE3D-E0F819FBC9EF}: [DhcpNameServer] 212.142.144.66

Internet Explorer:
==================
HKU\S-1-5-21-1895503046-2164595843-4212185805-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.mega.nz/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1895503046-2164595843-4212185805-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2018-10-18] (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2018-10-18] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2018-10-18] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2018-07-20] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll [2018-10-18] (Oracle Corporation)
BHO-x32: Aplicación auxiliar de inicio de sesión en la cuenta Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> E:\PROGRAMAS carpeta instalacion\Evernote\EvernoteIE.dll [2017-12-12] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2018-10-18] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2018-10-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-10-18] (Oracle Corporation)
BHO-x32: DIALux Browser Helper Object -> {F586CB96-7091-42ec-9829-F5D5CE65AFC1} -> E:\PROGRAMAS carpeta instalacion\DIALux\Dialux.BHO_x86.dll [2013-12-10] (DIAL GmbH)
Handler-x32: dialux - {8352FA4C-39C6-11D3-ADBA-00A0244FB1A2} - E:\PROGRAMAS carpeta instalacion\DIALux\DLXToolBox.dll [2016-08-03] (DIAL GmbH, Germany)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-18] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-07-20] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-18] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-07-20] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-18] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-07-20] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-18] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-07-20] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-07-20] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-09-20] (Adobe Systems)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-10-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-10-18] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-07-20] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2018-07-20] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-03-24] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-03-24] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-09-20] (Adobe Systems)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [No File]

Chrome: 
=======
CHR DefaultProfile: Profile 1
CHR HomePage: Profile 1 -> hxxp://www.google.es/
CHR StartupUrls: Profile 1 -> "hxxp://www.google.es/"
CHR Profile: C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-11-10]
CHR Profile: C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1 [2018-11-10]
CHR Extension: (Dewey Bookmarks) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aahpfefkmihhdabllidnlipghcjgpkdm [2018-02-20]
CHR Extension: (Presentaciones) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (BetterTTV) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2017-11-20]
CHR Extension: (Documentos) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Google Drive) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (YouTube) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-18]
CHR Extension: (Búsqueda de Google) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-18]
CHR Extension: (Blue-White) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cpdppflofbnccceeefenhhokdcaipacc [2017-05-29]
CHR Extension: (Adobe Acrobat) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-04]
CHR Extension: (Fontface Ninja) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eljapbgkmlngdpckoiiibecpemleclhh [2018-07-03]
CHR Extension: (Hojas de cálculo) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Gyazo) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ffdaeeijbbijklfcpahbghahojgfgebo [2018-05-25]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-21]
CHR Extension: (AdBlock) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-10-22]
CHR Extension: (Note Board - Tablón de Notas) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\goficmpcgcnombioohjcgdhbaloknabb [2018-11-08]
CHR Extension: (Botón Guardar de Pinterest) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2018-10-19]
CHR Extension: (Spotify Chrome Extension) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hbjmlahipheaaghllkabfkpolljilkjb [2015-11-18]
CHR Extension: (Player para ver Movistar+) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kenfcfndncbbggmafjjeihkdclggbojn [2018-07-05]
CHR Extension: (Hangouts de Google) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2018-05-22]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Palette Creator) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\oolpphfmdmjbojolagcbgdemojhcnlod [2018-10-02]
CHR Extension: (Evernote Web Clipper) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2018-11-01]
CHR Extension: (Gmail) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-18]
CHR Extension: (Chrome Media Router) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-19]
CHR Profile: C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 2 [2018-11-10]
CHR Extension: (Presentaciones) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-03-27]
CHR Extension: (Documentos) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2018-03-27]
CHR Extension: (Google Drive) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-03-27]
CHR Extension: (YouTube) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-03-27]
CHR Extension: (Hojas de cálculo) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-03-27]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-03-28]
CHR Extension: (Flying Paint) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\iaddkdiibkddhdbcmmplkhcpgeinggfo [2018-03-27]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-10]
CHR Extension: (Gmail) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-03-27]
CHR Extension: (Chrome Media Router) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-27]
CHR Profile: C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3 [2018-11-10]
CHR Extension: (Presentaciones) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-11-07]
CHR Extension: (Duolingo en la web) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2018-11-07]
CHR Extension: (BetterTTV) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2018-11-07]
CHR Extension: (Documentos) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2018-11-07]
CHR Extension: (Google Drive) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-11-07]
CHR Extension: (YouTube) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-11-07]
CHR Extension: (Tampermonkey) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2018-11-07]
CHR Extension: (Adobe Acrobat) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-11-07]
CHR Extension: (Ratchet & Clank Future 2) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ejhfomhehcinmhgnlhdpghklkjgppdmn [2018-11-07]
CHR Extension: (Fontface Ninja) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\eljapbgkmlngdpckoiiibecpemleclhh [2018-11-07]
CHR Extension: (¿Qué cocino hoy?) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\enadeelnincmhhilgbiphjbjnnagnhmh [2018-11-07]
CHR Extension: (Hojas de cálculo) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-11-07]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-11-07]
CHR Extension: (AdBlock) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-11-07]
CHR Extension: (Botón Guardar de Pinterest) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2018-11-07]
CHR Extension: (TweetDeck by Twitter) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\hbdpomandigafcibbmofojjchbcdagbl [2018-11-07]
CHR Extension: (Web Scrobbler) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\hhinaapppaileiechjoiifaancjggfjm [2018-11-07]
CHR Extension: (Player para ver Movistar+) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\kenfcfndncbbggmafjjeihkdclggbojn [2018-11-07]
CHR Extension: (Hangouts de Google) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\knipolnnllmklapflnccelgolnpehhpl [2018-11-07]
CHR Extension: (Google Maps) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2018-11-07]
CHR Extension: (Google Mail Checker) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2018-11-07]
CHR Extension: (Google Play Books) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\mmimngoggfoobjdlefbcabngfnmieonb [2018-11-07]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-11-07]
CHR Extension: (Visualizador de archivos PDF/PowerPoint de Google Docs) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nnbmlagghjjcbdhgmkedmbmedengocbn [2018-11-07]
CHR Extension: (Gmail) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-11-07]
CHR Extension: (Chrome Media Router) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-11-07]
CHR Profile: C:\Users\Leire\AppData\Local\Google\Chrome\User Data\System Profile [2018-11-10]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [817760 2017-09-20] (Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2910696 2018-09-10] (Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2704872 2018-09-10] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-09-07] (Apple Inc.)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [File not signed]
R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [325072 2018-10-20] (AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [8237160 2018-10-20] (AVG Technologies CZ, s.r.o.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8522520 2018-09-29] (Microsoft Corporation)
S3 DialComService; C:\Program Files (x86)\DIAL GmbH\DIAL Communication Framework\DialComService.exe [2183440 2014-12-10] (DIAL GmbH)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1443520 2016-04-12] (Disc Soft Ltd)
R2 EaseUS Agent; E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\Agent.exe [40080 2017-08-30] (CHENGDU YIWO Tech Development Co., Ltd)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 MBAMService; C:\Users\Leire\Desktop\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Users\Leire\Desktop\NVIDIA Corporation\NvContainer\nvcontainer.exe [773160 2018-10-10] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Users\Leire\Desktop\NVIDIA Corporation\NvContainer\nvcontainer.exe [773160 2018-10-10] (NVIDIA Corporation)
R2 vrswrm-service; C:\Program Files\Chaos Group\V-Ray Swarm\register-service.exe [90176 2018-04-09] () [File not signed]
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [2169800 2018-06-19] (Wacom Technology, Corp.)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
S3 WinDefend; %ProgramFiles%\Windows Defender\mpsvc.dll [X]
S3 WMPNetworkSvc; "%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [201264 2018-10-20] (AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdrivera.sys [230880 2018-10-20] (AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\Windows\System32\drivers\avgbidsha.sys [202296 2018-10-20] (AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\Windows\System32\drivers\avgbloga.sys [346616 2018-10-20] (AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\Windows\System32\drivers\avgbuniva.sys [59520 2018-10-20] (AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\Windows\System32\drivers\avgHwid.sys [46920 2018-10-20] (AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\Windows\System32\drivers\avgKbd.sys [42312 2018-10-20] (AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [163224 2018-10-20] (AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [111816 2018-10-20] (AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [87968 2018-10-20] (AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [1028696 2018-10-20] (AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [467760 2018-10-20] (AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\Windows\System32\drivers\avgStm.sys [208488 2018-10-20] (AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [380992 2018-10-20] (AVG Technologies CZ, s.r.o.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-05-25] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-05-25] (Disc Soft Ltd)
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [53240 2016-12-06] ()
S2 Hardlock; C:\Windows\system32\drivers\hardlock.sys [296448 2005-06-14] (Aladdin Knowledge Systems Ltd.) [File not signed]
R3 MagicianSataModeReader; E:\PROGRAMAS carpeta instalacion\Magician Samsung\Samsung Magician\magdrvamd64.sys [16312 2016-08-11] (Samsung India Software Operations (SISO))
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [198000 2018-11-10] (Malwarebytes)
R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [63768 2018-11-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [260480 2018-11-10] (Malwarebytes)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30656 2018-07-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [69544 2018-06-08] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [74576 2018-10-01] (NVIDIA Corporation)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [394296 2016-05-31] (Duplex Secure Ltd.)
U5 TMUSB; C:\Windows\System32\DRIVERS\TMUSB64.SYS [63096 2015-05-25] (Seiko Epson Corporation)
S3 WacHidRouterPro; C:\Windows\System32\DRIVERS\wachidrouter.sys [115672 2018-05-30] (Wacom Technology, Corp.)
S3 XHASP; c:\windows\SysWOW64\drivers\XHASP.sys [2661376 2017-02-02] () [File not signed]
S2 XXLHASP; c:\windows\system32\drivers\XXLHASP.sys [290816 2017-02-02] () [File not signed]
S3 EtronHub3; System32\Drivers\EtronHub3.sys [X]
S3 EtronXHCI; System32\Drivers\EtronXHCI.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

#18

FRST 2parte


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-10 18:31 - 2018-11-10 18:31 - 000001259 _____ C:\Users\Leire\Desktop\JRT.txt
2018-11-10 18:31 - 2018-11-10 18:31 - 000001259 _____ C:\Users\Leire\Desktop\JRT.txt
2018-11-10 18:30 - 2018-11-10 18:30 - 000000000 ____D C:\ProgramData\qdxvXBQt
2018-11-10 18:29 - 2018-11-10 18:29 - 000260480 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-11-10 18:29 - 2018-11-10 18:29 - 000063768 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2018-11-10 18:29 - 2018-11-10 18:29 - 000001935 _____ C:\Users\Leire\Desktop\AdwCleaner[C04].txt
2018-11-10 18:29 - 2018-11-10 18:29 - 000001935 _____ C:\Users\Leire\Desktop\AdwCleaner[C04].txt
2018-11-10 18:27 - 2018-11-10 18:27 - 000001665 _____ C:\Users\Leire\Desktop\malwarebytes4.txt
2018-11-10 18:27 - 2018-11-10 18:27 - 000001665 _____ C:\Users\Leire\Desktop\malwarebytes4.txt
2018-11-10 14:11 - 2018-11-10 14:11 - 000002472 _____ C:\Users\Leire\Desktop\Malwarebytes 3.txt
2018-11-10 14:11 - 2018-11-10 14:11 - 000002472 _____ C:\Users\Leire\Desktop\Malwarebytes 3.txt
2018-11-10 10:34 - 2018-11-10 10:34 - 000082269 _____ C:\Users\Leire\Desktop\Addition.txt
2018-11-10 10:34 - 2018-11-10 10:34 - 000082269 _____ C:\Users\Leire\Desktop\Addition.txt
2018-11-10 10:33 - 2018-11-10 18:31 - 000034402 _____ C:\Users\Leire\Desktop\FRST.txt
2018-11-10 10:33 - 2018-11-10 18:31 - 000034402 _____ C:\Users\Leire\Desktop\FRST.txt
2018-11-10 10:33 - 2018-11-10 10:33 - 000001259 _____ C:\Users\Leire\Desktop\JRT2.txt
2018-11-10 10:33 - 2018-11-10 10:33 - 000001259 _____ C:\Users\Leire\Desktop\JRT2.txt
2018-11-10 10:31 - 2018-11-10 14:11 - 000000000 ____D C:\ProgramData\uudKFsUz
2018-11-10 10:31 - 2018-11-10 10:31 - 000001813 _____ C:\Users\Leire\Desktop\AdwCleaner[C03]2.txt
2018-11-10 10:31 - 2018-11-10 10:31 - 000001813 _____ C:\Users\Leire\Desktop\AdwCleaner[C03]2.txt
2018-11-10 10:30 - 2018-11-10 10:30 - 000198000 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2018-11-10 10:28 - 2018-11-10 10:28 - 000001961 _____ C:\Users\Leire\Desktop\malwarebytes 2.txt
2018-11-10 10:28 - 2018-11-10 10:28 - 000001961 _____ C:\Users\Leire\Desktop\malwarebytes 2.txt
2018-11-09 18:36 - 2018-11-09 18:37 - 000000000 ____D C:\Users\Leire\Desktop\NVIDIA Corporation
2018-11-09 18:36 - 2018-11-09 18:37 - 000000000 ____D C:\Users\Leire\Desktop\NVIDIA Corporation
2018-11-09 18:36 - 2018-10-01 16:47 - 000074576 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2018-11-09 15:51 - 2018-11-09 15:51 - 000000000 ____D C:\ProgramData\OkOAOn
2018-11-09 14:51 - 2018-11-09 14:51 - 007592144 _____ (Malwarebytes) C:\Users\Leire\Downloads\adwcleaner_7.2.4.0.exe
2018-11-09 14:48 - 2018-11-09 16:03 - 000152688 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-11-09 14:48 - 2018-11-09 14:48 - 080022264 _____ (Malwarebytes ) C:\Users\Leire\Downloads\mb3-setup-35891.35891-3.6.1.2711-1.0.463-1.0.6913.exe
2018-11-09 14:48 - 2018-11-09 14:48 - 000001710 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-11-09 14:48 - 2018-11-09 14:48 - 000000000 ____D C:\Users\Leire\Desktop\Malwarebytes
2018-11-09 14:48 - 2018-11-09 14:48 - 000000000 ____D C:\Users\Leire\Desktop\Malwarebytes
2018-11-09 14:48 - 2018-11-09 14:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-11-09 14:47 - 2018-11-10 14:36 - 000004140 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-11-09 14:47 - 2018-11-10 14:36 - 000002800 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2018-11-09 14:47 - 2018-11-09 14:47 - 000000653 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-11-09 14:47 - 2018-11-09 14:47 - 000000000 ____D C:\Users\Leire\Desktop\CCleaner
2018-11-09 14:47 - 2018-11-09 14:47 - 000000000 ____D C:\Users\Leire\Desktop\CCleaner
2018-11-09 14:47 - 2018-11-09 14:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-11-09 14:46 - 2018-11-09 14:46 - 018072104 _____ (Piriform Ltd) C:\Users\Leire\Downloads\ccsetup548 (2).exe
2018-11-09 13:29 - 2018-11-09 13:29 - 000000000 ____D C:\ProgramData\XlRDgk
2018-11-09 13:23 - 2018-11-09 13:23 - 002415616 _____ (Farbar) C:\Users\Leire\Desktop\FRST64.exe
2018-11-09 13:23 - 2018-11-09 13:23 - 002415616 _____ (Farbar) C:\Users\Leire\Desktop\FRST64.exe
2018-11-09 12:53 - 2018-11-09 12:53 - 000000256 _____ C:\DelFix.txt
2018-11-09 12:53 - 2018-11-09 12:53 - 000000000 ____D C:\Windows\ERUNT
2018-11-09 12:52 - 2018-11-09 12:52 - 000797760 _____ C:\Users\Leire\Desktop\delfix.exe
2018-11-09 12:52 - 2018-11-09 12:52 - 000797760 _____ C:\Users\Leire\Desktop\delfix.exe
2018-11-09 12:43 - 2018-11-09 12:43 - 000000000 ____D C:\ProgramData\zfwOYJ
2018-11-09 12:18 - 2018-11-09 12:18 - 018072104 _____ (Piriform Ltd) C:\Users\Leire\Downloads\ccsetup548 (1).exe
2018-11-09 11:55 - 2018-11-09 12:46 - 000084497 _____ C:\Users\Leire\Downloads\Addition.txt
2018-11-09 11:54 - 2018-11-10 18:31 - 000000000 ____D C:\FRST
2018-11-09 11:54 - 2018-11-09 12:46 - 000110201 _____ C:\Users\Leire\Downloads\FRST.txt
2018-11-09 11:49 - 2018-11-09 11:49 - 001790024 _____ (Malwarebytes) C:\Users\Leire\Desktop\JRT.exe
2018-11-09 11:49 - 2018-11-09 11:49 - 001790024 _____ (Malwarebytes) C:\Users\Leire\Desktop\JRT.exe
2018-11-09 11:49 - 2018-11-09 11:49 - 000000000 ____D C:\ProgramData\HXwANso
2018-11-09 11:06 - 2018-11-09 11:10 - 000000000 ____D C:\AdwCleaner
2018-11-09 11:06 - 2018-11-09 11:06 - 007592144 _____ (Malwarebytes) C:\Users\Leire\Desktop\adwcleaner_7.2.4.0.exe
2018-11-09 11:06 - 2018-11-09 11:06 - 007592144 _____ (Malwarebytes) C:\Users\Leire\Desktop\adwcleaner_7.2.4.0.exe
2018-11-09 09:57 - 2018-09-19 09:08 - 000343552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2018-11-09 09:57 - 2018-09-18 20:08 - 000396888 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-11-09 09:57 - 2018-09-18 19:10 - 000348976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-11-09 09:57 - 2018-09-18 06:52 - 025735168 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-11-09 09:57 - 2018-09-18 06:38 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-11-09 09:57 - 2018-09-18 06:38 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-11-09 09:57 - 2018-09-18 06:27 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-11-09 09:57 - 2018-09-18 06:26 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-11-09 09:57 - 2018-09-18 06:25 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-11-09 09:57 - 2018-09-18 06:25 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-11-09 09:57 - 2018-09-18 06:25 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-11-09 09:57 - 2018-09-18 06:25 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-11-09 09:57 - 2018-09-18 06:19 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-11-09 09:57 - 2018-09-18 06:18 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-11-09 09:57 - 2018-09-18 06:16 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-11-09 09:57 - 2018-09-18 06:15 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-11-09 09:57 - 2018-09-18 06:15 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-11-09 09:57 - 2018-09-18 06:14 - 005779456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-11-09 09:57 - 2018-09-18 06:14 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-11-09 09:57 - 2018-09-18 06:14 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-11-09 09:57 - 2018-09-18 06:09 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-11-09 09:57 - 2018-09-18 06:06 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-11-09 09:57 - 2018-09-18 06:01 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-11-09 09:57 - 2018-09-18 06:00 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-11-09 09:57 - 2018-09-18 06:00 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-11-09 09:57 - 2018-09-18 05:57 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-11-09 09:57 - 2018-09-18 05:57 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-11-09 09:57 - 2018-09-18 05:55 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-11-09 09:57 - 2018-09-18 05:53 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-11-09 09:57 - 2018-09-18 05:45 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-11-09 09:57 - 2018-09-18 05:43 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-11-09 09:57 - 2018-09-18 05:42 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-11-09 09:57 - 2018-09-18 05:41 - 002136064 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-11-09 09:57 - 2018-09-18 05:41 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-11-09 09:57 - 2018-09-18 05:39 - 015283712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-11-09 09:57 - 2018-09-18 05:35 - 004510720 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-11-09 09:57 - 2018-09-18 05:33 - 020278784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-11-09 09:57 - 2018-09-18 05:31 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-11-09 09:57 - 2018-09-18 05:23 - 001555968 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-11-09 09:57 - 2018-09-18 05:21 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-11-09 09:57 - 2018-09-18 05:21 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-11-09 09:57 - 2018-09-18 05:20 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-11-09 09:57 - 2018-09-18 05:20 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-11-09 09:57 - 2018-09-18 05:19 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-11-09 09:57 - 2018-09-18 05:18 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-11-09 09:57 - 2018-09-18 05:15 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-11-09 09:57 - 2018-09-18 05:15 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-11-09 09:57 - 2018-09-18 05:14 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-11-09 09:57 - 2018-09-18 05:13 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-11-09 09:57 - 2018-09-18 05:13 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-11-09 09:57 - 2018-09-18 05:12 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-11-09 09:57 - 2018-09-18 05:10 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-11-09 09:57 - 2018-09-18 05:06 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-11-09 09:57 - 2018-09-18 05:03 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-11-09 09:57 - 2018-09-18 05:02 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-11-09 09:57 - 2018-09-18 05:02 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-11-09 09:57 - 2018-09-18 05:00 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-11-09 09:57 - 2018-09-18 04:59 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-11-09 09:57 - 2018-09-18 04:58 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-11-09 09:57 - 2018-09-18 04:57 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-11-09 09:57 - 2018-09-18 04:57 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-11-09 09:57 - 2018-09-18 04:53 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-11-09 09:57 - 2018-09-18 04:52 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-11-09 09:57 - 2018-09-18 04:51 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-11-09 09:57 - 2018-09-18 04:50 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-11-09 09:57 - 2018-09-18 04:50 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-11-09 09:57 - 2018-09-18 04:37 - 004037632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-11-09 09:57 - 2018-09-18 04:34 - 001330176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-11-09 09:57 - 2018-09-18 04:31 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-11-09 09:57 - 2018-09-11 19:28 - 003227136 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-11-09 09:57 - 2018-09-11 19:23 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-11-09 09:57 - 2018-09-11 19:22 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-11-09 09:57 - 2018-09-09 02:02 - 005552328 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-11-09 09:57 - 2018-09-09 02:02 - 001680072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2018-11-09 09:57 - 2018-09-09 02:02 - 000986824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2018-11-09 09:57 - 2018-09-09 02:02 - 000708296 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-11-09 09:57 - 2018-09-09 02:02 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-11-09 09:57 - 2018-09-09 02:02 - 000265416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2018-11-09 09:57 - 2018-09-09 02:02 - 000262344 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-11-09 09:57 - 2018-09-09 02:02 - 000154824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-11-09 09:57 - 2018-09-09 02:02 - 000095432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-11-09 09:57 - 2018-09-09 02:01 - 001664320 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 002851840 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 002009600 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-11-09 09:57 - 2018-09-09 01:59 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2018-11-09 09:57 - 2018-09-09 01:58 - 001461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-11-09 09:57 - 2018-09-09 01:58 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-11-09 09:57 - 2018-09-09 01:58 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-11-09 09:57 - 2018-09-09 01:58 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-11-09 09:57 - 2018-09-09 01:58 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2018-11-09 09:57 - 2018-09-09 01:58 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-11-09 09:57 - 2018-09-09 01:58 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-11-09 09:57 - 2018-09-09 01:58 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:46 - 004054216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-11-09 09:57 - 2018-09-09 01:46 - 003959496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-11-09 09:57 - 2018-09-09 01:46 - 001314072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-11-09 09:57 - 2018-09-09 01:44 - 002755584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll
2018-11-09 09:57 - 2018-09-09 01:44 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-11-09 09:57 - 2018-09-09 01:44 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-11-09 09:57 - 2018-09-09 01:44 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2018-11-09 09:57 - 2018-09-09 01:44 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-11-09 09:57 - 2018-09-09 01:44 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-11-09 09:57 - 2018-09-09 01:44 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-11-09 09:57 - 2018-09-09 01:44 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-11-09 09:57 - 2018-09-09 01:44 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-11-09 09:57 - 2018-09-09 01:44 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-11-09 09:57 - 2018-09-09 01:44 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-11-09 09:57 - 2018-09-09 01:43 - 001391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2018-11-09 09:57 - 2018-09-09 01:43 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-11-09 09:57 - 2018-09-09 01:43 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-11-09 09:57 - 2018-09-09 01:43 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-11-09 09:57 - 2018-09-09 01:43 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-11-09 09:57 - 2018-09-09 01:43 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-11-09 09:57 - 2018-09-09 01:43 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-11-09 09:57 - 2018-09-09 01:43 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-11-09 09:57 - 2018-09-09 01:43 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-11-09 09:57 - 2018-09-09 01:43 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-11-09 09:57 - 2018-09-09 01:43 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2018-11-09 09:57 - 2018-09-09 01:42 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-11-09 09:57 - 2018-09-09 01:42 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-11-09 09:57 - 2018-09-09 01:42 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-11-09 09:57 - 2018-09-09 01:42 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-11-09 09:57 - 2018-09-09 01:42 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-11-09 09:57 - 2018-09-09 01:42 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:42 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:42 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:42 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:42 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:42 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:42 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:42 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:42 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:42 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:42 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:42 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:42 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:25 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-11-09 09:57 - 2018-09-09 01:25 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-11-09 09:57 - 2018-09-09 01:25 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-11-09 09:57 - 2018-09-09 01:25 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-11-09 09:57 - 2018-09-09 01:21 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-11-09 09:57 - 2018-09-09 01:21 - 000129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-11-09 09:57 - 2018-09-09 01:20 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-11-09 09:57 - 2018-09-09 01:18 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-11-09 09:57 - 2018-09-09 01:16 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-11-09 09:57 - 2018-09-09 01:15 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-11-09 09:57 - 2018-09-09 01:15 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2018-11-09 09:57 - 2018-09-09 01:15 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2018-11-09 09:57 - 2018-09-09 01:15 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2018-11-09 09:57 - 2018-09-09 01:15 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2018-11-09 09:57 - 2018-09-09 01:15 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-11-09 09:57 - 2018-09-09 01:13 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-11-09 09:57 - 2018-09-09 01:13 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-11-09 09:57 - 2018-09-09 01:13 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-11-09 09:57 - 2018-09-09 01:13 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-11-09 09:57 - 2018-09-09 01:12 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-11-09 09:57 - 2018-09-09 01:12 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:12 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:12 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-11-09 09:57 - 2018-09-09 01:12 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-11-09 09:57 - 2018-08-31 16:08 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2018-11-09 09:57 - 2018-08-31 16:08 - 000340480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2018-11-09 09:57 - 2018-08-30 02:47 - 001230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2018-11-09 09:57 - 2018-08-30 02:10 - 001424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2018-11-09 09:57 - 2018-08-28 07:24 - 014637568 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2018-11-09 09:57 - 2018-08-28 07:24 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2018-11-09 09:57 - 2018-08-28 07:24 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2018-11-09 09:57 - 2018-08-28 07:24 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2018-11-09 09:57 - 2018-08-28 07:24 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2018-11-09 09:57 - 2018-08-28 07:09 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2018-11-09 09:57 - 2018-08-28 07:09 - 011411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2018-11-09 09:57 - 2018-08-28 06:52 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2018-11-09 09:57 - 2018-08-28 06:52 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2018-11-09 09:57 - 2018-08-28 06:52 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2018-11-09 09:57 - 2018-08-28 06:50 - 000243200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2018-11-09 09:57 - 2018-08-16 03:18 - 000041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2018-11-09 09:57 - 2018-08-13 22:49 - 001391856 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2018-11-09 09:57 - 2018-08-13 16:54 - 014183936 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2018-11-09 09:57 - 2018-08-13 16:54 - 001888768 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2018-11-09 09:57 - 2018-08-13 16:54 - 000687616 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2018-11-09 09:57 - 2018-08-13 16:54 - 000056832 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2018-11-09 09:57 - 2018-08-13 16:54 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2018-11-09 09:57 - 2018-08-13 16:54 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2018-11-09 09:57 - 2018-08-13 16:53 - 001867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2018-11-09 09:57 - 2018-08-13 16:40 - 012880896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2018-11-09 09:57 - 2018-08-13 16:40 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2018-11-09 09:57 - 2018-08-13 16:40 - 001241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2018-11-09 09:57 - 2018-08-13 16:40 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2018-11-09 09:57 - 2018-08-13 16:40 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2018-11-09 09:57 - 2018-08-13 16:40 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2018-11-09 09:57 - 2018-08-12 21:32 - 000378464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2018-11-09 09:57 - 2018-08-12 21:32 - 000140976 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-11-09 09:57 - 2018-08-12 21:31 - 001894496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2018-11-09 09:57 - 2018-08-12 21:31 - 000289376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2018-11-09 09:57 - 2018-08-12 21:28 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2018-11-09 09:57 - 2018-08-12 21:27 - 000680960 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-11-09 09:57 - 2018-08-12 21:14 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2018-11-09 09:57 - 2018-08-10 16:58 - 000385120 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-11-09 09:57 - 2018-08-10 16:55 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-11-09 09:57 - 2018-08-10 16:55 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2018-11-09 09:57 - 2018-08-10 16:54 - 000828928 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2018-11-09 09:57 - 2018-08-10 16:54 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2018-11-09 09:57 - 2018-08-10 16:54 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
2018-11-09 09:57 - 2018-08-10 16:54 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-11-09 09:57 - 2018-08-10 16:54 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2018-11-09 09:57 - 2018-08-10 16:53 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-11-09 09:57 - 2018-08-10 16:53 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2018-11-09 09:57 - 2018-08-10 16:45 - 000309424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2018-11-09 09:57 - 2018-08-10 16:41 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2018-11-09 09:57 - 2018-08-10 16:41 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2018-11-09 09:57 - 2018-08-10 16:40 - 000463360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2018-11-09 09:57 - 2018-08-10 16:40 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-11-09 09:57 - 2018-08-10 16:40 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2018-11-09 09:57 - 2018-08-10 16:27 - 000077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2018-11-09 09:57 - 2018-08-10 16:20 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2018-11-09 09:57 - 2018-08-10 16:13 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2018-11-09 09:57 - 2018-08-08 16:54 - 000194048 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
2018-11-09 09:57 - 2018-08-08 16:54 - 000170496 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2018-11-09 09:57 - 2018-08-08 16:40 - 000158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll
2018-11-09 09:57 - 2018-08-08 16:40 - 000142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
2018-11-09 09:57 - 2018-08-03 16:55 - 000109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2018-11-09 09:57 - 2018-08-03 16:39 - 000084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2018-11-09 09:57 - 2018-07-29 16:55 - 001110528 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2018-11-09 09:57 - 2018-07-18 16:18 - 000090112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2018-11-09 09:57 - 2018-07-06 17:09 - 000947904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2018-11-09 09:57 - 2018-06-29 16:55 - 000695808 _____ (Microsoft Corporation) C:\Windows\system32\cscsvc.dll
2018-11-09 09:57 - 2018-06-29 16:55 - 000137728 _____ (Microsoft Corporation) C:\Windows\system32\CscMig.dll
2018-11-09 09:57 - 2018-06-29 16:55 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\cscapi.dll
2018-11-09 09:57 - 2018-06-29 16:55 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\cscdll.dll
2018-11-09 09:57 - 2018-06-29 16:40 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscdll.dll
2018-11-09 09:57 - 2018-06-29 16:14 - 000516096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\csc.sys
2018-11-09 09:57 - 2018-06-29 16:09 - 000034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscapi.dll
2018-11-09 09:57 - 2018-06-27 17:01 - 000114368 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2018-11-09 09:57 - 2018-06-27 16:55 - 003246592 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2018-11-09 09:57 - 2018-06-27 16:55 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2018-11-09 09:57 - 2018-06-27 16:55 - 000484864 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2018-11-09 09:57 - 2018-06-27 16:55 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2018-11-09 09:57 - 2018-06-27 16:54 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2018-11-09 09:57 - 2018-06-27 16:54 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2018-11-09 09:57 - 2018-06-27 16:43 - 000363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2018-11-09 09:57 - 2018-06-27 16:42 - 002366464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2018-11-09 09:57 - 2018-06-27 16:42 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2018-11-09 09:57 - 2018-06-27 16:42 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2018-11-09 09:57 - 2018-06-27 16:41 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2018-11-09 09:57 - 2018-06-27 16:21 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe

#19

FRST 3parte


2018-11-09 09:57 - 2018-06-27 16:16 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2018-11-09 09:57 - 2018-06-21 04:33 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2018-11-09 09:57 - 2018-06-21 04:09 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2018-11-09 09:57 - 2018-06-08 17:21 - 000369664 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2018-11-09 09:57 - 2018-06-08 17:20 - 002066432 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2018-11-09 09:57 - 2018-06-08 17:20 - 000512000 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2018-11-09 09:57 - 2018-06-08 17:20 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2018-11-09 09:57 - 2018-06-08 17:19 - 000357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2018-11-09 09:57 - 2018-06-08 17:19 - 000182272 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2018-11-09 09:57 - 2018-06-08 17:19 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2018-11-09 09:57 - 2018-06-08 16:55 - 001417728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2018-11-09 09:57 - 2018-06-08 16:55 - 000330240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll
2018-11-09 09:57 - 2018-06-08 16:55 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2018-11-09 09:57 - 2018-06-08 16:54 - 000269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2018-11-09 09:57 - 2018-06-08 16:44 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2018-11-09 09:57 - 2018-06-08 16:29 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2018-11-09 09:57 - 2018-06-08 16:28 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2018-11-09 09:57 - 2018-06-08 14:05 - 002860032 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-11-09 09:57 - 2018-06-08 14:05 - 001602048 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-11-09 09:57 - 2018-06-08 14:05 - 000783872 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-11-09 09:57 - 2018-06-08 14:05 - 000612352 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-11-09 09:57 - 2018-06-08 14:05 - 000470016 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2018-11-09 09:57 - 2018-06-08 14:05 - 000443392 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-11-09 09:57 - 2018-06-08 14:05 - 000301056 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-11-09 09:57 - 2018-06-08 14:05 - 000246272 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2018-11-09 09:57 - 2018-05-30 14:05 - 000634272 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-11-09 09:57 - 2018-05-30 14:05 - 000467856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2018-11-09 09:57 - 2018-05-30 14:05 - 000459632 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2018-11-09 09:57 - 2018-05-15 04:44 - 004120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2018-11-09 09:57 - 2018-05-15 04:44 - 001159680 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
2018-11-09 09:57 - 2018-05-15 04:44 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2018-11-09 09:57 - 2018-05-15 04:44 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2018-11-09 09:57 - 2018-05-15 04:24 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2018-11-09 09:57 - 2018-05-15 04:23 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2018-11-09 09:57 - 2018-05-15 04:13 - 003207168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2018-11-09 09:57 - 2018-05-15 04:13 - 000782848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
2018-11-09 09:57 - 2018-05-15 04:13 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2018-11-09 09:57 - 2018-05-15 04:13 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2018-11-09 09:57 - 2018-05-15 04:01 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2018-11-09 09:57 - 2018-05-15 04:01 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2018-11-09 09:57 - 2018-05-12 03:07 - 000076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2018-11-09 09:57 - 2018-05-12 03:07 - 000033152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2018-11-09 09:57 - 2018-05-12 03:07 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2018-11-09 09:57 - 2018-05-11 22:19 - 000977408 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-11-09 09:57 - 2018-05-11 22:19 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2018-11-09 09:57 - 2018-05-11 01:40 - 000741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2018-11-09 09:57 - 2018-05-11 01:40 - 000084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2018-11-09 09:57 - 2018-05-02 16:32 - 000344064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2018-11-09 09:57 - 2018-05-02 16:32 - 000325632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2018-11-09 09:57 - 2018-05-02 16:32 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2018-11-09 09:57 - 2018-05-02 16:32 - 000056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2018-11-09 09:57 - 2018-05-02 16:32 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2018-11-09 09:57 - 2018-05-02 16:32 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2018-11-09 09:57 - 2018-05-02 16:32 - 000007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2018-11-09 09:57 - 2018-04-26 14:05 - 000998912 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000918296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000065880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000063832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000021848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000020824 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000019288 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000018776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000017752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000017752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000017240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000017240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000016216 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000015704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000015704 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000015192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000014168 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000014168 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000013656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000013656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000013656 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000013152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000012632 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000011096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000011096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000011096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2018-11-09 09:57 - 2018-04-26 14:05 - 000011096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2018-11-09 09:57 - 2018-04-25 17:02 - 000124416 _____ (Microsoft Corporation) C:\Windows\system32\wkssvc.dll
2018-11-09 09:57 - 2018-04-25 16:18 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2018-11-09 09:57 - 2018-04-23 01:00 - 000876032 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2018-11-09 09:57 - 2018-04-23 00:40 - 000582144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2018-11-09 09:57 - 2018-04-18 17:03 - 000701952 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx
2018-11-09 09:57 - 2018-04-18 17:03 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\hhsetup.dll
2018-11-09 09:57 - 2018-04-18 16:51 - 000523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx
2018-11-09 09:57 - 2018-04-18 16:51 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhsetup.dll
2018-11-09 09:57 - 2018-04-18 16:41 - 000016896 _____ (Microsoft Corporation) C:\Windows\hh.exe
2018-11-09 09:57 - 2018-04-18 16:35 - 000015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hh.exe
2018-11-09 09:57 - 2018-04-10 17:36 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2018-11-09 09:57 - 2018-04-10 17:36 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2018-11-09 09:57 - 2018-04-10 17:35 - 001735168 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2018-11-09 09:57 - 2018-04-10 17:34 - 000525824 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2018-11-09 09:57 - 2018-04-10 17:33 - 001241600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2018-11-09 09:57 - 2018-04-10 17:32 - 000487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2018-11-09 09:57 - 2018-04-10 17:00 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2018-11-09 09:57 - 2018-04-10 16:48 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2018-11-09 09:57 - 2018-04-10 16:47 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2018-11-09 09:57 - 2018-04-10 16:47 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2018-11-09 09:57 - 2018-04-07 17:41 - 000371392 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2018-11-09 09:57 - 2018-03-14 18:16 - 000174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2018-11-09 09:57 - 2018-03-14 18:12 - 003165184 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2018-11-09 09:57 - 2018-03-14 18:12 - 000192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2018-11-09 09:57 - 2018-03-14 18:12 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2018-11-09 09:57 - 2018-03-14 18:07 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2018-11-09 09:57 - 2018-03-14 17:57 - 000573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2018-11-09 09:57 - 2018-03-14 17:57 - 000093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2018-11-09 09:57 - 2018-03-14 17:57 - 000035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2018-11-09 09:57 - 2018-03-14 17:57 - 000030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2018-11-09 09:57 - 2018-03-14 17:53 - 002651648 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2018-11-09 09:57 - 2018-03-14 17:53 - 000709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2018-11-09 09:57 - 2018-03-14 17:52 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2018-11-09 09:57 - 2018-03-14 17:52 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2018-11-09 09:57 - 2018-03-14 17:52 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2018-11-09 09:57 - 2018-03-14 17:52 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2018-11-09 09:57 - 2018-03-14 17:52 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2018-11-09 09:56 - 2018-08-28 04:48 - 000419608 _____ C:\Windows\SysWOW64\locale.nls
2018-11-09 09:56 - 2018-08-28 04:48 - 000419608 _____ C:\Windows\system32\locale.nls
2018-11-09 09:24 - 2018-11-09 09:24 - 000000000 ____D C:\Users\Leire\AppData\Local\mbamtray
2018-11-09 09:20 - 2018-11-09 09:20 - 000000000 ____D C:\Users\Leire\AppData\Local\mbam
2018-11-09 09:18 - 2018-11-09 14:48 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-11-09 09:18 - 2018-11-09 09:19 - 000000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2018-11-09 09:17 - 2018-11-09 09:18 - 020447072 _____ (Malwarebytes Corporation ) C:\Users\Leire\Downloads\malwarebytes.exe
2018-11-09 09:16 - 2018-11-09 09:16 - 018072104 _____ (Piriform Ltd) C:\Users\Leire\Downloads\ccsetup548.exe
2018-11-08 17:36 - 2018-11-10 18:29 - 000000000 ___HD C:\LEIREPC
2018-11-08 17:36 - 2018-11-09 11:49 - 000000000 ____D C:\Users\Leire\AppData\Roaming\9fba53078c5047dd39fafc3238e04439
2018-11-07 20:13 - 2018-11-07 20:13 - 000000000 ____D C:\Users\Leire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome
2018-11-07 20:12 - 2018-11-07 20:13 - 000002401 _____ C:\Users\Leire\Desktop\zeit - Chrome.lnk
2018-11-07 20:12 - 2018-11-07 20:13 - 000002401 _____ C:\Users\Leire\Desktop\zeit - Chrome.lnk
2018-11-01 19:36 - 2018-11-01 19:37 - 063471746 _____ C:\Users\Leire\Downloads\Video.mp4
2018-10-31 12:07 - 2018-10-31 12:07 - 000262521 _____ C:\Users\Leire\Desktop\dni.pdf
2018-10-31 12:07 - 2018-10-31 12:07 - 000262521 _____ C:\Users\Leire\Desktop\dni.pdf
2018-10-31 12:05 - 2018-10-31 12:05 - 000106309 _____ C:\Users\Leire\Desktop\libreta1.pdf
2018-10-31 12:05 - 2018-10-31 12:05 - 000106309 _____ C:\Users\Leire\Desktop\libreta1.pdf
2018-10-31 12:04 - 2018-10-31 12:04 - 000041783 _____ C:\Users\Leire\Desktop\Libreta.pdf
2018-10-31 12:04 - 2018-10-31 12:04 - 000041783 _____ C:\Users\Leire\Desktop\Libreta.pdf
2018-10-26 12:23 - 2018-10-26 12:23 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsignf05736531676b525
2018-10-26 12:23 - 2018-10-26 12:23 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsignc3344787b0f77951
2018-10-26 11:19 - 2018-10-26 11:19 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsignfa85f0c550789c5a
2018-10-26 11:18 - 2018-10-26 11:18 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsignbff853d241268d54
2018-10-26 11:18 - 2018-10-26 11:18 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsign80de7ef1844213d8
2018-10-26 10:47 - 2018-10-26 10:47 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsign04ba8544d8a61a3e
2018-10-26 10:30 - 2018-10-26 10:30 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsign11b4f976559144f8
2018-10-26 10:21 - 2018-10-26 10:21 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsign88e2b6f103288ccc
2018-10-26 10:21 - 2018-10-26 10:21 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsign412c39f93bc1bb94
2018-10-23 14:41 - 2018-10-23 14:41 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsignff167df890e97076
2018-10-23 14:41 - 2018-10-23 14:41 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsign291776bacbbf3324
2018-10-23 14:41 - 2018-10-23 14:41 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsign1dc2fcacef03a9b9
2018-10-23 11:17 - 2018-10-23 11:17 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsignbbf5bf2f7cc6a785
2018-10-23 11:17 - 2018-10-23 11:17 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsign47c23b35bd267647
2018-10-23 11:17 - 2018-10-23 11:17 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsign2302732c0abeba14
2018-10-23 10:28 - 2018-10-23 10:28 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsign8fbeb49dc3fc9c74
2018-10-23 10:28 - 2018-10-23 10:28 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsign507ec5370d1dc413
2018-10-23 10:28 - 2018-10-23 10:28 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsign41d919dedee29dc1
2018-10-23 08:21 - 2018-10-23 08:21 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsign3e38f30101716786
2018-10-23 08:21 - 2018-10-23 08:21 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsign2f63bb862c82506c
2018-10-23 08:21 - 2018-10-23 08:21 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsign1a0a49435969163f
2018-10-22 19:30 - 2018-10-22 19:30 - 001960571 _____ C:\Users\Leire\Desktop\Papeles notaría.pdf
2018-10-22 19:30 - 2018-10-22 19:30 - 001960571 _____ C:\Users\Leire\Desktop\Papeles notaría.pdf
2018-10-20 14:13 - 2018-10-20 14:12 - 000378640 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe
2018-10-20 14:13 - 2018-10-20 14:12 - 000042312 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgKbd.sys
2018-10-16 15:20 - 2018-10-16 15:20 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsign52016de26ffdc421
2018-10-16 15:20 - 2018-10-16 15:20 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsign4b69de17f2c1827d
2018-10-16 15:20 - 2018-10-16 15:20 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsign189e8ac1e1e978e8
2018-10-16 15:18 - 2018-10-16 15:18 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsign496607702fa57a0e
2018-10-16 11:39 - 2018-10-16 11:39 - 000913341 _____ C:\Users\Leire\Downloads\26bf251c754cb274674d0cb8c1dfe1ca3e0d833b.pdf
2018-10-16 11:20 - 2018-10-16 11:20 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsign1b11e4f108882f0a
2018-10-16 11:15 - 2018-10-16 11:15 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsigne6626ad0adef73e0
2018-10-16 10:01 - 2018-10-16 10:01 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsign144973847d5c9ff2
2018-10-16 09:55 - 2018-10-16 09:55 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsignb6c0edf0890260a4
2018-10-16 09:51 - 2018-10-16 09:51 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsignef46af85d8407a0f
2018-10-16 09:51 - 2018-10-16 09:51 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsign279d0d186db501d5
2018-10-16 09:51 - 2018-10-16 09:51 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsign06332dd15cdcde55
2018-10-12 16:36 - 2018-10-12 16:36 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsignbaaff5f4146471db
2018-10-12 16:35 - 2018-10-12 16:35 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsign6d173fef8d0f5b30
2018-10-12 16:35 - 2018-10-12 16:35 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsign6044aa75f4e4dd2e
2018-10-12 15:50 - 2018-10-12 15:50 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsignf265819ce80f549b
2018-10-12 15:50 - 2018-10-12 15:50 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsign6bce213e7d91a69a
2018-10-12 15:35 - 2018-10-12 15:35 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsignd814a945482c0e8a
2018-10-12 14:40 - 2018-10-12 14:40 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsignd5c95fb794c84b3d
2018-10-12 14:40 - 2018-10-12 14:40 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsignb7211644fbd86bfe
2018-10-12 14:36 - 2018-10-12 14:36 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsignc1ea15709d9e56bf
2018-10-12 11:54 - 2018-10-12 11:54 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsignc9a23a7c0dd58138
2018-10-12 11:54 - 2018-10-12 11:54 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsignbea5b646710de86a
2018-10-12 11:54 - 2018-10-12 11:54 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsign33424a8217d9ff52
2018-10-11 09:46 - 2018-10-11 09:46 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsign0039306cb1ec7eb5
2018-10-11 09:45 - 2018-10-11 09:45 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsignf7365f31cc8757f1
2018-10-11 09:45 - 2018-10-11 09:45 - 000000000 ____D C:\Users\Leire\AppData\Local\Tempzxpsign3a5a0e6c265df80d

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-10 18:31 - 2015-11-17 18:46 - 000000000 ____D C:\ProgramData\NVIDIA
2018-11-10 18:29 - 2017-09-14 14:43 - 000000000 ____D C:\Users\Leire\AppData\Local\CrashDumps
2018-11-10 18:29 - 2016-05-24 05:55 - 000000000 ____D C:\Users\Leire\AppData\Roaming\WTablet
2018-11-10 18:29 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-11-10 18:28 - 2009-07-14 05:45 - 000025600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-11-10 18:28 - 2009-07-14 05:45 - 000025600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-11-10 18:28 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2018-11-10 14:36 - 2018-06-14 15:55 - 000003814 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-11-10 14:36 - 2018-06-14 15:55 - 000003798 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-11-10 14:36 - 2018-06-14 15:54 - 000003792 _____ C:\Windows\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-11-10 14:36 - 2018-06-14 15:54 - 000003792 _____ C:\Windows\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-11-10 14:36 - 2018-06-14 15:54 - 000003792 _____ C:\Windows\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-11-10 14:36 - 2018-05-09 09:41 - 000003976 _____ C:\Windows\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-11-10 14:36 - 2018-03-19 16:02 - 000003346 _____ C:\Windows\System32\Tasks\SamsungMagician
2018-11-10 14:36 - 2018-02-27 21:17 - 000002982 _____ C:\Windows\System32\Tasks\{68656588-3BCC-4BA6-A460-6E0D9010729A}
2018-11-10 14:36 - 2018-02-27 20:08 - 000002982 _____ C:\Windows\System32\Tasks\{95304FB1-B750-4C95-959F-60AB60262AA8}
2018-11-10 14:36 - 2018-01-31 15:50 - 000003456 _____ C:\Windows\System32\Tasks\AdobeGCInvoker-1.0-LeirePC-Leire
2018-11-10 14:36 - 2017-12-13 11:25 - 000003172 _____ C:\Windows\System32\Tasks\{D716DE4F-F474-48E6-AE81-EBFEA1520A72}
2018-11-10 14:36 - 2017-12-01 14:07 - 000002910 _____ C:\Windows\System32\Tasks\{F1BD5EC7-15AC-475A-9F31-7A5F74AC1419}
2018-11-10 14:36 - 2017-11-25 13:06 - 000004182 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-11-10 14:36 - 2017-11-25 12:54 - 000003762 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-11-10 14:36 - 2017-11-25 12:54 - 000003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-11-10 14:36 - 2017-11-25 12:54 - 000003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-11-10 14:36 - 2017-11-25 12:54 - 000003518 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-11-10 14:36 - 2017-10-30 14:41 - 000002950 _____ C:\Windows\System32\Tasks\{0DAC133D-B375-453F-B2D8-7686ADB20A25}
2018-11-10 14:36 - 2017-10-30 14:15 - 000002950 _____ C:\Windows\System32\Tasks\{F3F67E1B-4064-45B3-A3A7-3C77FA577DEE}
2018-11-10 14:36 - 2017-10-30 14:14 - 000002950 _____ C:\Windows\System32\Tasks\{742AAC86-20A7-4B7E-BA09-5CDD4787F631}
2018-11-10 14:36 - 2017-07-28 09:21 - 000003170 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1895503046-2164595843-4212185805-1000
2018-11-10 14:36 - 2017-04-15 16:22 - 000003604 _____ C:\Windows\System32\Tasks\GarminUpdaterTask
2018-11-10 14:36 - 2017-03-27 16:08 - 000004174 _____ C:\Windows\System32\Tasks\Antivirus Emergency Update
2018-11-10 14:36 - 2017-01-29 10:49 - 000003152 _____ C:\Windows\System32\Tasks\{D9258C07-F885-49F0-87D8-22EDA70742E5}
2018-11-10 14:36 - 2017-01-29 10:48 - 000003220 _____ C:\Windows\System32\Tasks\{A409177E-88DA-440B-B4C2-4324B118DE7A}
2018-11-10 14:36 - 2016-12-15 08:03 - 000003406 _____ C:\Windows\System32\Tasks\GyazoUpdateTaskMachineDaily
2018-11-10 14:36 - 2016-12-15 08:03 - 000003280 _____ C:\Windows\System32\Tasks\GyazoUpdateTaskMachine
2018-11-10 14:36 - 2016-10-24 10:30 - 000004474 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-11-10 14:36 - 2016-10-24 10:30 - 000004320 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-11-10 14:36 - 2016-01-05 15:59 - 000003068 _____ C:\Windows\System32\Tasks\{18E33739-9B6C-4834-B587-A4B0DC39D839}
2018-11-10 14:36 - 2016-01-05 15:59 - 000003068 _____ C:\Windows\System32\Tasks\{1374C2A1-C4EC-4E4D-BE95-4D1D88136866}
2018-11-10 14:36 - 2015-11-17 22:03 - 000003158 _____ C:\Windows\System32\Tasks\{B044483D-22F7-4BC2-97F8-E44F6A3D6455}
2018-11-10 14:36 - 2015-11-17 21:40 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-11-10 14:36 - 2015-11-17 17:20 - 000003534 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-11-10 14:36 - 2015-11-17 17:20 - 000003406 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-11-10 13:47 - 2011-04-12 10:10 - 000747494 _____ C:\Windows\system32\perfh00A.dat
2018-11-10 13:47 - 2011-04-12 10:10 - 000158966 _____ C:\Windows\system32\perfc00A.dat
2018-11-10 13:47 - 2009-07-14 06:13 - 001677306 _____ C:\Windows\system32\PerfStringBackup.INI
2018-11-10 10:23 - 2015-11-17 22:05 - 000000000 ____D C:\Users\Leire\AppData\Roaming\uTorrent
2018-11-09 21:45 - 2018-03-05 12:46 - 000000000 ____D C:\Windows\rescache
2018-11-09 18:37 - 2017-11-25 13:06 - 000001048 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2018-11-09 18:37 - 2015-11-17 19:03 - 000000000 ____D C:\Users\Leire\AppData\Local\NVIDIA Corporation
2018-11-09 18:37 - 2015-11-17 19:01 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-11-09 18:36 - 2015-11-17 19:01 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-11-09 12:38 - 2015-11-17 17:19 - 000204872 _____ C:\Users\Leire\AppData\Local\GDIPFONTCACHEV1.DAT
2018-11-09 12:38 - 2009-07-14 05:45 - 006045704 _____ C:\Windows\system32\FNTCACHE.DAT
2018-11-09 12:04 - 2015-11-17 19:00 - 001650956 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-11-09 10:16 - 2015-11-17 21:31 - 000000000 ____D C:\Windows\system32\appraiser
2018-11-09 10:04 - 2015-11-17 22:57 - 000000000 ____D C:\Windows\system32\MRT
2018-11-09 10:01 - 2015-11-17 22:57 - 136745976 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-11-09 09:22 - 2016-01-05 15:34 - 000000000 ____D C:\Users\Leire\AppData\Roaming\DAEMON Tools Lite
2018-11-09 09:22 - 2015-11-21 12:21 - 000000000 ____D C:\Users\Leire\AppData\Roaming\PhotoScape
2018-11-09 09:21 - 2017-10-24 17:58 - 000000000 ____D C:\Windows\Minidump
2018-11-09 09:21 - 2015-11-17 13:42 - 000000000 ____D C:\Windows\Panther
2018-11-09 09:14 - 2009-07-14 06:08 - 000032592 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-11-08 21:20 - 2018-03-13 19:10 - 000007651 _____ C:\Users\Leire\AppData\Local\resmon.resmoncfg
2018-10-29 19:02 - 2018-06-27 19:47 - 000001310 _____ C:\Users\Public\Desktop\Skype.lnk
2018-10-29 19:02 - 2018-06-27 19:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2018-10-26 12:22 - 2017-09-15 11:58 - 000000034 _____ C:\Users\Leire\AppData\Roaming\AdobeWLCMCache.dat
2018-10-26 09:04 - 2017-04-15 16:22 - 000001800 _____ C:\Users\Public\Desktop\Garmin Express.lnk
2018-10-26 09:04 - 2017-04-15 16:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2018-10-26 09:04 - 2016-01-04 19:16 - 000000000 ____D C:\ProgramData\Package Cache
2018-10-25 10:18 - 2015-11-17 21:40 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-10-25 09:55 - 2016-11-03 19:44 - 000000000 ____D C:\Users\Leire\Documents\Archivos de Outlook
2018-10-25 08:15 - 2015-11-17 17:21 - 000002222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-10-20 14:19 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF
2018-10-20 14:12 - 2017-11-27 12:40 - 000201264 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArPot.sys
2018-10-20 14:12 - 2017-03-27 16:08 - 001028696 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys
2018-10-20 14:12 - 2017-03-27 16:08 - 000467760 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys
2018-10-20 14:12 - 2017-03-27 16:08 - 000380992 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgVmm.sys
2018-10-20 14:12 - 2017-03-27 16:08 - 000346616 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbloga.sys
2018-10-20 14:12 - 2017-03-27 16:08 - 000230880 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdrivera.sys
2018-10-20 14:12 - 2017-03-27 16:08 - 000208488 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgStm.sys
2018-10-20 14:12 - 2017-03-27 16:08 - 000202296 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsha.sys
2018-10-20 14:12 - 2017-03-27 16:08 - 000163224 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys
2018-10-20 14:12 - 2017-03-27 16:08 - 000111816 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys
2018-10-20 14:12 - 2017-03-27 16:08 - 000087968 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys
2018-10-20 14:12 - 2017-03-27 16:08 - 000059520 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbuniva.sys
2018-10-20 14:12 - 2017-03-27 16:08 - 000046920 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgHwid.sys
2018-10-19 07:57 - 2016-03-10 14:49 - 000000000 ___RD C:\Users\Leire\Documents\OneDrive
2018-10-19 07:57 - 2016-03-10 14:19 - 000002156 _____ C:\Users\Leire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2018-10-19 07:42 - 2016-03-10 14:03 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-10-19 07:42 - 2015-11-17 21:56 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2018-10-19 07:42 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2018-10-18 12:01 - 2015-11-17 18:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-10-18 12:01 - 2015-11-17 18:22 - 000000000 ____D C:\Program Files (x86)\Java
2018-10-18 12:00 - 2015-11-17 18:22 - 000098680 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

==================== Files in the root of some directories =======

2018-11-10 10:34 - 2018-11-10 10:34 - 000082269 _____ () C:\Users\Leire\Desktop\Addition.txt
2018-11-10 10:31 - 2018-11-10 10:31 - 000001813 _____ () C:\Users\Leire\Desktop\AdwCleaner[C03]2.txt
2018-11-10 18:29 - 2018-11-10 18:29 - 000001935 _____ () C:\Users\Leire\Desktop\AdwCleaner[C04].txt
2018-11-09 11:06 - 2018-11-09 11:06 - 007592144 _____ (Malwarebytes) C:\Users\Leire\Desktop\adwcleaner_7.2.4.0.exe
2015-11-17 23:25 - 2015-09-25 16:45 - 007119872 _____ (Sand Studio) C:\Users\Leire\Desktop\AirDroid.exe
2016-01-26 13:20 - 2018-09-18 12:22 - 000000743 _____ () C:\Users\Leire\Desktop\Aitor.lnk
2015-11-17 22:06 - 2008-11-05 11:51 - 000203965 _____ () C:\Users\Leire\Desktop\always-on-top.exe
2018-11-09 12:52 - 2018-11-09 12:52 - 000797760 _____ () C:\Users\Leire\Desktop\delfix.exe
2018-09-12 08:24 - 2018-09-12 08:24 - 000002126 _____ () C:\Users\Leire\Desktop\Discord.lnk
2018-10-31 12:07 - 2018-10-31 12:07 - 000262521 _____ () C:\Users\Leire\Desktop\dni.pdf
2018-02-09 11:45 - 2018-02-09 11:45 - 000000605 _____ () C:\Users\Leire\Desktop\Evernote.lnk
2018-11-10 10:33 - 2018-11-10 18:31 - 000111057 _____ () C:\Users\Leire\Desktop\FRST.txt
2018-11-09 13:23 - 2018-11-09 13:23 - 002415616 _____ (Farbar) C:\Users\Leire\Desktop\FRST64.exe
2017-12-14 18:17 - 2018-01-09 13:15 - 000000953 _____ () C:\Users\Leire\Desktop\Graphic DESIGN.lnk
2017-09-18 16:25 - 2017-09-18 16:25 - 000001234 _____ () C:\Users\Leire\Desktop\HP Scan.lnk
2017-12-13 11:40 - 2017-12-13 11:36 - 000001629 _____ () C:\Users\Leire\Desktop\Illustrator.lnk
2017-12-12 11:35 - 2017-12-12 11:35 - 000001445 _____ () C:\Users\Leire\Desktop\InDesign.lnk
2018-05-04 10:08 - 2018-05-04 10:09 - 000000882 _____ () C:\Users\Leire\Desktop\Interiorismo & Deco.lnk
2018-07-13 09:37 - 2018-03-19 16:02 - 000001401 _____ () C:\Users\Leire\Desktop\Internet Explorer.lnk
2018-11-09 11:49 - 2018-11-09 11:49 - 001790024 _____ (Malwarebytes) C:\Users\Leire\Desktop\JRT.exe
2018-11-10 18:31 - 2018-11-10 18:31 - 000001259 _____ () C:\Users\Leire\Desktop\JRT.txt
2018-11-10 10:33 - 2018-11-10 10:33 - 000001259 _____ () C:\Users\Leire\Desktop\JRT2.txt
2016-07-02 11:12 - 2018-09-18 12:24 - 000000762 _____ () C:\Users\Leire\Desktop\Leiric.lnk
2018-10-31 12:04 - 2018-10-31 12:04 - 000041783 _____ () C:\Users\Leire\Desktop\Libreta.pdf
2018-10-31 12:05 - 2018-10-31 12:05 - 000106309 _____ () C:\Users\Leire\Desktop\libreta1.pdf
2018-11-10 10:28 - 2018-11-10 10:28 - 000001961 _____ () C:\Users\Leire\Desktop\malwarebytes 2.txt
2018-11-10 14:11 - 2018-11-10 14:11 - 000002472 _____ () C:\Users\Leire\Desktop\Malwarebytes 3.txt
2018-11-10 18:27 - 2018-11-10 18:27 - 000001665 _____ () C:\Users\Leire\Desktop\malwarebytes4.txt
2018-10-22 19:30 - 2018-10-22 19:30 - 001960571 _____ () C:\Users\Leire\Desktop\Papeles notaría.pdf
2017-01-03 12:18 - 2017-01-03 12:18 - 000000778 _____ () C:\Users\Leire\Desktop\PhotoScape.lnk
2018-10-01 12:03 - 2018-10-01 12:03 - 000001688 _____ () C:\Users\Leire\Desktop\Photoshop.lnk
2015-11-27 22:09 - 2018-04-07 15:00 - 000007168 ____H () C:\Users\Leire\Desktop\photothumb.db
2018-08-28 10:52 - 2018-08-28 10:54 - 000000868 _____ () C:\Users\Leire\Desktop\Plan de Empresa.lnk
2017-01-03 11:53 - 2017-01-03 11:53 - 000001767 _____ () C:\Users\Leire\Desktop\Spotify.lnk
2018-11-07 20:12 - 2018-11-07 20:13 - 000002401 _____ () C:\Users\Leire\Desktop\zeit - Chrome.lnk
2018-05-22 18:49 - 2018-05-22 18:49 - 000000813 _____ () C:\Users\Leire\Desktop\µTorrent.lnk
2017-12-20 17:14 - 2018-01-08 12:04 - 000000132 _____ () C:\Users\Leire\AppData\Roaming\Adobe IllExport Filter CS6 Prefs
2016-07-14 08:35 - 2018-03-27 18:38 - 000000132 _____ () C:\Users\Leire\AppData\Roaming\Adobe PNG Format CS6 Prefs
2017-09-15 11:58 - 2018-10-26 12:22 - 000000034 _____ () C:\Users\Leire\AppData\Roaming\AdobeWLCMCache.dat
2018-04-30 18:57 - 2018-09-20 14:48 - 000000132 _____ () C:\Users\Leire\AppData\Roaming\Prefs. de formato PNG de Adobe CS6
2018-09-28 08:20 - 2018-09-28 08:20 - 000000000 _____ () C:\Users\Leire\AppData\Local\oobelibMkey.log
2018-03-13 19:10 - 2018-11-08 21:20 - 000007651 _____ () C:\Users\Leire\AppData\Local\resmon.resmoncfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-11-05 14:05

==================== End of FRST.txt ============================

#20

Adittion 1

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08.11.2018
Ran by Leire (10-11-2018 18:32:07)
Running from C:\Users\Leire\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2015-11-17 12:47:41)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-1895503046-2164595843-4212185805-500 - Administrator - Disabled)
Invitado (S-1-5-21-1895503046-2164595843-4212185805-501 - Limited - Disabled)
Leire (S-1-5-21-1895503046-2164595843-4212185805-1000 - Administrator - Enabled) => C:\Users\Leire

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG Antivirus (Enabled - Up to date) {4FC75CA5-1654-5411-7CFB-1893D506BCF4}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Antivirus (Enabled - Up to date) {F4A6BD41-306E-5B9F-464B-23E1AE81F649}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1895503046-2164595843-4212185805-1000\...\uTorrent) (Version: 3.5.4.44846 - BitTorrent Inc.)
Actualización de NVIDIA 33.2.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 33.2.0.0 - NVIDIA Corporation) Hidden
adobe (HKLM\...\{DC92137A-66A3-4FEF-A5B1-FB233399C823}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.008.20080 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.3.0.256 - Adobe Systems Incorporated)
Adobe Flash Player 31 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 31.0.0.122 - Adobe Systems Incorporated)
Adobe Illustrator CC 2017 (HKLM-x32\...\ILST_21_0_0) (Version: 21.0.0 - Adobe Systems Incorporated)
Adobe InDesign CC 2017 (HKLM-x32\...\IDSN_12_0_0) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_1_1) (Version: 18.1.1 - Adobe Systems Incorporated)
ANT Drivers Installer x64 (HKLM\...\{D559687A-60C5-4786-9429-C21EC195789D}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
AORUS GRAPHICS ENGINE (HKLM-x32\...\AORUS GRAPHICS ENGINE_is1) (Version: 1.2.3 - GIGABYTE Technology Co.,Inc.)
Apple Application Support (32 bits) (HKLM-x32\...\{3D1290E6-1F77-46D5-A715-A56679C8D4E3}) (Version: 6.0.2 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{D0E45DEC-F4B9-4370-A9DF-66837789C2EF}) (Version: 6.0.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E3C4B99B-BE71-4C27-8E3C-4FAE3C46E1D5}) (Version: 11.0.0.30 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
ARCHICAD 20 SPA (HKLM\...\001FFF2FFF20FF00FF2101F01F02F000-R1) (Version: 20.0 - GRAPHISOFT)
AutoCAD 2014 - Español (Spanish) (HKLM\...\{5783F2D7-D001-0000-0102-0060B0CE6BBA}) (Version: 19.1.18.0 - Autodesk) Hidden
AutoCAD 2014 - Español (Spanish) (HKLM\...\{5783F2D7-D001-040A-2102-0060B0CE6BBA}) (Version: 19.1.18.0 - Autodesk) Hidden
AutoCAD 2014  Language Pack - Español (Spanish) (HKLM\...\{5783F2D7-D001-040A-1102-0060B0CE6BBA}) (Version: 19.1.18.0 - Autodesk) Hidden
Autodesk A360 Collaboration for Revit 2017 (HKLM\...\Autodesk A360 Collaboration for Revit 2017) (Version: 17.0.416.0 - Autodesk)
Autodesk App Manager (HKLM-x32\...\{C070121A-C8C5-4D52-9A7D-D240631BD433}) (Version: 1.1.0 - Autodesk)
Autodesk AutoCAD 2014 - Español (Spanish) (HKLM\...\AutoCAD 2014 - Español (Spanish)) (Version: 19.1.18.0 - Autodesk)
Autodesk BIM 360 Revit 2017 Add-in 64 bit (HKLM\...\{A26EBAD5-9591-407F-9D6C-C7A4F3DFE506}) (Version: 4.37.6853 - Autodesk)
Autodesk Content Service (HKLM-x32\...\{62F029AB-85F2-0000-866A-9FC0DD99DDBC}) (Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.1.3.0 - Autodesk)
Autodesk Content Service Language Pack (HKLM-x32\...\{62F029AB-85F2-0001-866A-9FC0DD99DDBC}) (Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Featured Apps (HKLM-x32\...\{F732FEDA-7713-4428-934B-EF83B8DD65D0}) (Version: 1.1.0 - Autodesk)
Autodesk License Service (x64) - 3.1 (HKLM\...\{EB6FE58F-8576-4272-BB9C-6B47D9EDFA4D}) (Version: 3.1.26.0 - Autodesk)
Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library 2016 (HKLM-x32\...\{29A7D6EC-63C2-42FD-8143-5812ABD2923F}) (Version: 6.3.0.18 - Autodesk)
Autodesk Material Library 2017 (HKLM-x32\...\{8FB9F735-D64C-4991-8D91-4CDDAB1ABDEE}) (Version: 15.11.3.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2016 (HKLM-x32\...\{6B4CFC6E-ECB0-47FE-95D3-65C680ED0687}) (Version: 6.3.0.18 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2017 (HKLM-x32\...\{3FBFBC43-9882-43FA-B979-2D53896747B3}) (Version: 15.11.3.0 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2016 (HKLM-x32\...\{FA5DF4D1-CD59-4183-B3D4-779A56498786}) (Version: 6.3.0.18 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2017 (HKLM-x32\...\{360AC116-6CD4-4E7D-8174-28D47B05E898}) (Version: 15.11.3.0 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2016 (HKLM-x32\...\{415A5A54-325E-4815-9940-62A889CA3877}) (Version: 6.3.0.18 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2017 (HKLM-x32\...\{CB6E007E-701D-42CD-AF0E-4BE9C36C7F7C}) (Version: 15.11.3.0 - Autodesk)
Autodesk Revit 2017 (HKLM\...\Autodesk Revit 2017) (Version: 17.0.416.0 - Autodesk)
Autodesk Revit 2017 (HKLM\...\Revit 2017) (Version:  - )
Autodesk Revit Content Libraries 2017 - Español (Spanish) (HKLM\...\Autodesk Revit Content Libraries 2017 - Español (Spanish)) (Version: 17.0.416.0 - Autodesk)
Autodesk Revit Content Libraries 2017 - Español (Spanish) (HKLM\...\Revit Content Libraries 2017 - Español (Spanish)) (Version:  - )
Autodesk Revit MEP Imperial Content v2.0 (HKLM\...\{F2538944-3E07-4E97-B41A-FC48AB53EE9D}) (Version: 2.0 - Autodesk)
Autodesk Revit MEP Metric Content v2.0 (HKLM\...\{DEF775C7-84BF-4730-976A-FE3747F1757C}) (Version: 2.0 - Autodesk)
Autodesk Workflows 2016 (HKLM\...\{535CDED0-D690-4738-83EE-09056A365BAC}) (Version: 6.3.0.18 - Autodesk, Inc.)
Autodesk Workflows 2017 (HKLM\...\{23A13F78-5B67-441A-ABF9-48BE8B5455DB}) (Version: 15.11.13.0 - Autodesk, Inc.)
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 18.7.3069 - AVG Technologies)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Brackets (HKLM-x32\...\{9CB3A036-0B7E-49B7-A60B-291E245CA6B2}) (Version: 1.13.17696 - brackets.io)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.71.1081 - AB Team, d.o.o.)
calibre (HKLM-x32\...\{71640766-157F-4DE8-B45F-69B76B0F5FCE}) (Version: 3.31.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.48 - Piriform)
CE3X v2.3 (HKLM-x32\...\{7139BD7B-FC0B-435F-8E79-63D7CCDA2BA8}_is1) (Version:  - Certificacion Energetica SL)
CERMA_v4_2 versión 4.2 (HKLM-x32\...\{2699707D-1815-4CED-928A-95F231A6C6F6}_is1) (Version: 4.2 - )
ComicRack v0.9.178 (HKLM\...\ComicRack) (Version: v0.9.178 - cYo Soft)
Commandos 2: Men of Courage (HKLM-x32\...\{F7963BA0-EE1C-11D4-9FA5-00A0C9E6A342}) (Version:  - )
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.3.0.0156 - Disc Soft Ltd)
DIAL Communication Framework (HKLM-x32\...\{562D0D31-FBAF-4505-8B27-4EC92EEA91D6}) (Version: 1.3.1.215 - DIAL GmbH)
DIAL Data Dispatcher (HKLM-x32\...\DIAL Data Dispatcher1.0) (Version: 1.0 - DIAL GmbH)
DIALux 4.13 (HKLM-x32\...\DIALux) (Version: 4.13.0.0 - DIAL GmbH)
DIALux evo (x64) (HKLM-x32\...\{5FF70775-5D3A-4A26-B9ED-1BF642E9987C}) (Version: 5.6.2.31925 - DIAL GmbH)
Discord (HKU\S-1-5-21-1895503046-2164595843-4212185805-1000\...\Discord) (Version: 0.0.301 - Discord Inc.)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.13 - Dolby Laboratories Inc)
Dynamo 0.9.1 (HKLM\...\{85626FB3-CAF9-49C1-AA28-E3C75164BD6F}) (Version: 0.9.1.4062 - Autodesk)
EaseUS Todo Backup Free 10.6 (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 10.6 - CHENGDU YIWO Tech Development Co., Ltd)
Elevated Installer (HKLM-x32\...\{0BF90608-2F95-4C7C-9A85-E90E0CAF4FE9}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries) Hidden
Europa Universalis IV (HKLM-x32\...\Europa Universalis IV_is1) (Version:  - Paradox Interactive)
Evernote v. 6.8.7 (HKLM-x32\...\{A304C34E-DFC3-11E7-88DB-005056951CAD}) (Version: 6.8.7.6387 - Evernote Corp.)
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
FormIt 360 Converter For Revit 2017 (HKLM\...\{637211B6-D2E9-474A-BF06-4F61F1254104}) (Version: 1.9.0.0 - Autodesk)
Galería de fotos (HKLM-x32\...\{198CEF22-A27F-4DC7-9B66-2C22A4B1CA09}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Garmin BaseCamp (HKLM-x32\...\{23A4DBD1-D847-4957-995D-8B1CC527E2E2}) (Version: 4.6.2.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{95D0EADA-5123-41C0-931A-F37946BC0E8E}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{eab4691c-4022-41cd-8d39-c3097ba62d4b}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries)
Gestión de Control de Calidad (HKLM-x32\...\{E03C5878-2AF9-4217-8D7B-F633EE42BB45}) (Version: 1.00.0000 - hxxp://www.iccl.es) Hidden
Gestión de Control de Calidad (HKLM-x32\...\InstallShield_{E03C5878-2AF9-4217-8D7B-F633EE42BB45}) (Version: 1.00.0000 - hxxp://www.iccl.es)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.77 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
GRAPHISOFT BIMcloud - Administrador de Servidor BIM 20 SPA (HKLM\...\109FFF2FFF20FF00FF2101F02F02F000-R1) (Version: 20.0 - GRAPHISOFT)
GRAPHISOFT BIMcloud - Módulo de Servidor BIM 20 SPA (HKLM\...\110FFF2FFF20FF00FF2101F02F02F000-R1) (Version: 20.0 - GRAPHISOFT)
Gyazo 3.4.1.0 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Herramienta oficial de calculo del DB HR del CTE (HKLM-x32\...\Herramienta oficial de calculo del DB HR del CTE 3.0) (Version: 3.0 - Ministerio de Fomento)
Hextech Repair Tool (HKLM-x32\...\{7F9A97E6-E666-11E5-B582-B88687E82322}) (Version: 1.1.77 - Riot Games, Inc.)
HP Dropbox Plugin (HKLM-x32\...\{D1C1B048-C9E8-4DF9-BAE8-45F2BA467426}) (Version: 36.0.31.53050 - Hewlett-Packard Co.)
HP Google Drive Plugin (HKLM-x32\...\{6651A86A-07EA-43E0-B4EC-4E1D809AC99E}) (Version: 36.0.31.53050 - Hewlett-Packard Co.)
HP OfficeJet 3830 series Ayuda (HKLM-x32\...\{C4BF4EE8-27DB-44E4-B311-19E5DD46F8FB}) (Version: 35.0.0 - Hewlett Packard)
HP OfficeJet 3830 series Software básico del dispositivo (HKLM\...\{AD89DD90-A493-43F3-B461-0AB06FB20809}) (Version: 36.0.72.54013 - Hewlett-Packard Co.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
IBM SPSS Statistics 25 (HKLM\...\{C2D1E17D-CB8A-4742-84FA-1DB5C6A1ABDD}) (Version: 25.0.0.0 - IBM Corp)
IBM SPSS Statistics 25 25.0.0.0 (HKLM-x32\...\IBM SPSS Statistics 25 25.0.0.0) (Version: 25.0.0.0 - IBM SPSS Statistics 25)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{AA67D612-0BE5-44D6-9A91-592958F754A1}) (Version: 13.0.198 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
IronPython 2.7.3 (HKLM-x32\...\{1EBADAEA-1A0F-40E3-848C-0DD8C5E5A10D}) (Version: 2.7.31000.0 - IronPython Team)
Java 8 Update 191 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
Last.fm Desktop Scrobbler (HKLM-x32\...\{EEF2F789-893F-47B8-A817-81066D427FD1}) (Version: 3.1.28 - Last.fm)
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
Malwarebytes versión 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
MAMP & MAMP PRO 4.0 version 4.0.0 (HKLM-x32\...\{A62E77D4-9B74-4CA0-A254-EFE711F7A298}_is1) (Version: 4.0.0 - appsolute Gmbh)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft .NET Framework 4.7.2 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - es-es (HKLM\...\O365ProPlusRetail - es-es) (Version: 16.0.9126.2295 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1895503046-2164595843-4212185805-1000\...\OneDriveSetup.exe) (Version: 18.172.0826.0010 - Microsoft Corporation)
Microsoft Project Profesional 2016 - es-es (HKLM\...\ProjectProRetail - es-es) (Version: 16.0.9126.2295 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{14297226-E0A0-3781-8911-E9D529552663}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{9C82436F-F19C-42A4-B476-F87A28A95BF9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.11 - NVIDIA Corporation) Hidden
NVIDIA Controlador de 3D Vision 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 391.35 - NVIDIA Corporation)
NVIDIA Controlador de audio HD 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.35 - NVIDIA Corporation)
NVIDIA Controlador de la controladora 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.15.0.186 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.15.0.186 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.9126.2295 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.9126.2295 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.9126.2295 - Microsoft Corporation) Hidden
Panasonic DIALux Plugin 2.0 (HKLM-x32\...\{DB593EA8-9734-4FA3-BED3-D5CBBE514C16}) (Version: 2.02.0000 - Panasonic Corporation)
Panel de control de NVIDIA 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 391.35 - NVIDIA Corporation) Hidden
Paquete de controladores de Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Paquete de controladores de Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.2.1 - pdfforge)
PDFsam Basic (HKLM-x32\...\{910EA44E-8446-405D-BFE1-82F562F847D0}) (Version: 3.30.0.0 - Andrea Vacondio)
Personal Accelerator for Revit (HKLM\...\{7C317DB0-F31F-4024-A289-92CF4B6FB256}) (Version: 16.0.1109.0 - Autodesk) Hidden
Personal Accelerator for Revit (HKLM\...\Personal Accelerator for Revit) (Version: 16.0.1109.0 - Autodesk)
Philips Product Selector 5.2.9.17 (HKLM-x32\...\{81AD9228-21AC-4DBD-AE33-98146A88BAA8}) (Version: 5.2.9.17 - Philips Lighting) Hidden
Philips Product Selector 5.2.9.17 (HKLM-x32\...\InstallShield_{81AD9228-21AC-4DBD-AE33-98146A88BAA8}) (Version: 5.2.9.17 - Philips Lighting)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
PPS max plugin 1.7.0 (HKLM-x32\...\PPS max plugin_is1) (Version: 1.7.0.0 - Tree C Technology B.V.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.88.617.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Revit 2017 (HKLM\...\{7346B4A0-1700-0510-0000-705C0D862004}) (Version: 17.0.416.0 - Autodesk) Hidden
Revit Content Libraries 2017 - Español (Spanish) (HKLM\...\{941030D0-1700-0410-0000-818BB38A95FC}) (Version: 17.0.416.0 - Autodesk) Hidden
Samsung Data Migration (HKLM-x32\...\{3B304604-0BF5-488E-AB95-F2F2E31206F3}) (Version: 3.1 - Samsung)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.0.0.790 - Samsung Electronics)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Servidor BIM de GRAPHISOFT 20 SPA (HKLM\...\116FFF2FFF20FF00FF2101F02F02F000-R1) (Version: 20.0 - GRAPHISOFT)
sign pro PDF (novaPDF OEM 7.7 printer) (HKLM\...\sign pro PDF_is1) (Version: 7.7.396 - Softland)
SketchUp 2017 (HKLM\...\{F1E181BD-01D6-4754-92CC-DB8C259B9B28}) (Version: 17.0.18899 - Trimble, Inc.)
SketchUp Import for AutoCAD 2014 (HKLM-x32\...\{644E9589-F73A-49A4-AC61-A953B9DE5669}) (Version: 1.1.0 - Autodesk)
Skype versión 8.33 (HKLM-x32\...\Skype_is1) (Version: 8.33 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-1895503046-2164595843-4212185805-1000\...\Spotify) (Version: 1.0.70.388.g8e1ed5af - Spotify AB)
Tableta Wacom (HKLM\...\Wacom Tablet Driver) (Version: 6.3.30-6 - Wacom Technology Corp.)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.41110 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
V-Ray 3.4 for SketchUp (HKLM\...\V-Ray 3.4 for SketchUp) (Version: 3.40.04 - Chaos Software Ltd)
V-Ray Swarm (HKLM\...\V-Ray Swarm) (Version: 1.3.6 - Chaos Software Ltd)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Wacom sign pro PDF (HKLM-x32\...\{FF489CB2-9356-424B-8AB6-B6299807727E}) (Version: 2.0.13 - Wacom Co., Ltd.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1895503046-2164595843-4212185805-1000_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1895503046-2164595843-4212185805-1000_Classes\CLSID\{7DE1BE5C-CEBA-4F1D-ACBC-9CE11EE9A2A1}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1895503046-2164595843-4212185805-1000_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1895503046-2164595843-4212185805-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2014\es-ES\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1895503046-2164595843-4212185805-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Leire\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Leire\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Leire\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Leire\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Leire\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Leire\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2013-02-08] (Autodesk)
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShA64.dll [2018-10-20] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [DIALuxShellExtension] -> {F23E3460-D1B1-4F51-8C3D-E5D91E3C71C8} => E:\PROGRAMAS carpeta instalacion\DIALux evo 6\Dialux.ShellExtension.x64.dll [2016-11-16] (DIAL GmbH)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Leire\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers1: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\x64\ImageSh.dll [2017-09-04] (CHENGDU YIWO Tech Development Co.,Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-14] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2012-06-14] (Alexander Roshal)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Leire\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers2: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\x64\ImageSh.dll [2017-09-04] (CHENGDU YIWO Tech Development Co.,Ltd)
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Users\Leire\Desktop\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Leire\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Leire\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] ()
ContextMenuHandlers4: [SimpleShlExt] -> {45203D3B-3D73-4497-8AFE-D29950AC6C55} => E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\x64\ImageSh.dll [2017-09-04] (CHENGDU YIWO Tech Development Co.,Ltd)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => C:\Users\Leire\Desktop\Windows Sidebar\sbdrop.dll -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-03-24] (NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShA64.dll [2018-10-20] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Users\Leire\Desktop\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-14] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2012-06-14] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00BED322-7A68-4A47-95C9-9129F6B74D77} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-10-10] (NVIDIA Corporation)
Task: {00DD4B7C-AF45-4C5B-BBB4-59C56D6D4D23} - System32\Tasks\{18E33739-9B6C-4834-B587-A4B0DC39D839} => C:\Program Files (x86)\Firaxis Games\Sid Meier's Civilization III Complete\Conquests\Civ3Conquests.exe
Task: {0B1AF347-1514-42A0-A460-752D39F2E0FB} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Users\Leire\Desktop\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-10-10] (NVIDIA Corporation)
Task: {0E155CE7-58EC-494B-A874-9DCDC175AF6B} - System32\Tasks\CCleaner Update => C:\Users\Leire\Desktop\CCleaner\CCUpdate.exe [2018-10-23] (Piriform Ltd)
Task: {0EF653A4-941D-4575-8498-76A5D677E4CA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-10-18] (Microsoft Corporation)
Task: {161F8080-4DEB-4BA6-93F5-92CB2A43730F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-10-18] (Microsoft Corporation)
Task: {173DE8A0-9D8F-475E-AF7C-827915DAEB7E} - System32\Tasks\{68656588-3BCC-4BA6-A460-6E0D9010729A} => E:\PROGRAMAS carpeta instalacion\SketchUP Make\SketchUp.exe
Task: {18814521-5D12-4B06-97B8-3E57C08ECFBB} - System32\Tasks\{95304FB1-B750-4C95-959F-60AB60262AA8} => E:\PROGRAMAS carpeta instalacion\SketchUP Make\SketchUp.exe
Task: {248F7713-BA71-40D4-A6E2-AFA94CADE858} - System32\Tasks\{F3F67E1B-4064-45B3-A3A7-3C77FA577DEE} => E:\League of Legends Juego\LeagueClient.exe
Task: {2740AB40-A7A7-4283-AD00-329DA484F139} - System32\Tasks\{0DAC133D-B375-453F-B2D8-7686ADB20A25} => E:\League of Legends Juego\LeagueClient.exe
Task: {4F84C605-CDEF-4B98-84AF-66A2CFAECBC6} - System32\Tasks\SamsungMagician => E:\PROGRAMAS carpeta instalacion\Magician Samsung\Samsung Magician\SamsungMagician.exe [2017-02-22] (Samsung Electronics Co. Ltd.)
Task: {525F15A8-B119-4F98-9230-EE0C0F8481D6} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-10-10] (NVIDIA Corporation)
Task: {56E145EB-8D46-4DF7-8D42-C20C3F125A0B} - System32\Tasks\{F1BD5EC7-15AC-475A-9F31-7A5F74AC1419} => E:\LoL\LeagueClient.exe [2018-11-07] ()
Task: {5E3FAC92-6DE2-4952-8ECD-0EB498B6EE86} - System32\Tasks\CCleanerSkipUAC => C:\Users\Leire\Desktop\CCleaner\CCleaner.exe [2018-10-23] (Piriform Ltd)
Task: {60BF7F76-237F-492B-B636-25BCE0F2C2BC} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-10-10] (NVIDIA Corporation)
Task: {651C35C9-8BD3-40CA-8495-5B0837A7BAE8} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2018-10-04] (Nota Inc.)
Task: {658A2F0D-6BFF-4D24-89C4-CAE4E2E3D4E5} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-10-18] (Microsoft Corporation)
Task: {695384E8-BBA4-4D17-8EB5-7D8B6B75580B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {6989A5CA-0831-42D2-A110-E053DAF92841} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Users\Leire\Desktop\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-10-10] (NVIDIA Corporation)
Task: {728D733F-0BAA-40DC-98A3-8FBA97DBF3EF} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-10-18] (Microsoft Corporation)
Task: {7293D77F-3EF2-4603-819A-546B7D8B8372} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-09-29] (Microsoft Corporation)
Task: {741FB784-F8A6-46B7-A5F4-60E98BC04FF0} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Users\Leire\Desktop\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-10-10] (NVIDIA Corporation)
Task: {753C47AE-EC5E-44B3-95A9-2C8E553F0E39} - System32\Tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary => C:\Users\Leire\Desktop\Windows Media Player\wmpnscfg.exe
Task: {76E76F5E-2A98-4377-B8F1-D7538CB8E1CD} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [2018-10-20] (AVG Technologies CZ, s.r.o.)
Task: {784E6130-07FE-403A-B921-561E17C5D100} - System32\Tasks\{D716DE4F-F474-48E6-AE81-EBFEA1520A72} => C:\Windows\system32\pcalua.exe -a E:\Descargas\AICC2017-64BYURBINA\Build\setup.exe -d E:\Descargas\AICC2017-64BYURBINA\Build
Task: {791B23A9-FD63-49E1-9147-60C7248B3036} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-10-18] (Microsoft Corporation)
Task: {7C238C0C-7AB1-46A9-A82D-0CC1B75F49FF} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Users\Leire\Desktop\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-10-10] (NVIDIA Corporation)
Task: {7E616E3D-5C54-4586-967F-1298FD3829C1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-07-24] (Apple Inc.)
Task: {8045EB15-F4D7-43C0-9402-80B1B448FC5F} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-10-10] (NVIDIA Corporation)
Task: {8BBC0CC5-5076-4EE8-93CF-7659FCF920BB} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1895503046-2164595843-4212185805-1000
Task: {8CC44744-BFBD-46D8-BF9C-47557978D1F4} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-09-29] (Microsoft Corporation)
Task: {8D3D7C1B-49FF-40D1-B1D9-316ABB2B01C7} - System32\Tasks\{D9258C07-F885-49F0-87D8-22EDA70742E5} => C:\Windows\system32\pcalua.exe -a C:\Users\Leire\Downloads\instalador.menfis.8.1.6.exe -d C:\Users\Leire\Downloads
Task: {9B73A201-5303-4C1A-B873-6A64FA932745} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-10-10] (NVIDIA Corporation)
Task: {A7318E61-EC60-4B0B-B321-8A2367036D5C} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2018-10-28] (AVG Technologies CZ, s.r.o.)
Task: {AE60654A-7DD1-4689-B13A-11027309DED4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-10-09] (Adobe Systems Incorporated)
Task: {AEC13EF1-2353-4BDE-AB0D-C6E73B3733DB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-17] (Google Inc.)
Task: {B453BC1D-66B5-4886-9090-E133F98562DA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-17] (Google Inc.)
Task: {B5FAC553-1914-44F2-A7DF-693737125F0C} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_122_pepper.exe [2018-10-09] (Adobe Systems Incorporated)
Task: {B810B219-ACB0-442E-A863-A3A155E59B1C} - System32\Tasks\{742AAC86-20A7-4B7E-BA09-5CDD4787F631} => E:\League of Legends Juego\LeagueClient.exe
Task: {B91792C0-487E-41B2-BA9B-6E887563E679} - System32\Tasks\{1374C2A1-C4EC-4E4D-BE95-4D1D88136866} => C:\Program Files (x86)\Firaxis Games\Sid Meier's Civilization III Complete\Conquests\Civ3Conquests.exe
Task: {BFD145AB-9A52-4FB8-99E4-606C069D0A90} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-10-10] (NVIDIA Corporation)
Task: {D1FEAA49-4AFF-450B-93DF-B9DB41A23AE9} - System32\Tasks\{A409177E-88DA-440B-B4C2-4324B118DE7A} => C:\Windows\system32\pcalua.exe -a "E:\PROGRAMAS carpeta instalacion\Menfis\instalador.menfis.8.1.6.exe" -d "E:\PROGRAMAS carpeta instalacion\Menfis"
Task: {DE8D6D1B-41D1-49B3-93A3-73F7C7227E53} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Users\Leire\Desktop\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-10-10] (NVIDIA Corporation)
Task: {E1A2E1B0-0B2A-4A3C-9D60-82E8DC934D2F} - System32\Tasks\AdobeGCInvoker-1.0-LeirePC-Leire => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-09-10] (Adobe Systems, Incorporated)
Task: {E32F29C9-5465-4B86-A4F0-DD7151150B0F} - System32\Tasks\GarminUpdaterTask => E:\PROGRAMAS carpeta instalacion\Garmin express\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2018-10-24] ()
Task: {E5A6E242-E950-45C8-9084-3330BC9EF031} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2018-10-04] (Nota Inc.)
Task: {F10EF1F4-912B-428A-97F9-EB09ECEDC5B7} - System32\Tasks\{B044483D-22F7-4BC2-97F8-E44F6A3D6455} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=7.0.0.102&LastError=404
Task: {FC356724-9D4B-4B7B-98BD-68B815605C01} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-1895503046-2164595843-4212185805-1000 => C:\Users\Leire\AppData\Local\MEGAsync\MEGAupdater.exe [2018-01-15] (Mega Limited)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

#21

Adittion 2parte


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\":
WMI:subscription\__EventFilter->BVTFilter:
WMI:subscription\CommandLineEventConsumer->BVTConsumer:

ShortcutWithArgument: C:\Users\Leire\Desktop\zeit - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 3"
ShortcutWithArgument: C:\Users\Leire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Hangouts de Google.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory="Profile 3" --app-id=knipolnnllmklapflnccelgolnpehhpl
ShortcutWithArgument: C:\Users\Leire\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\zeit - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 3"
ShortcutWithArgument: C:\Users\Leire\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Persona 1 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\Leire\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\37ea5785e6fa6bd2\Hangouts de Google.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" --app-id=nckgahadagoaajjgafhacjanaoiihapd

==================== Loaded Modules (Whitelisted) ==============

2017-10-18 22:51 - 2017-10-18 22:51 - 000598528 _____ () C:\Users\Leire\AppData\Local\MEGAsync\ShellExtX64.dll
2017-09-26 02:52 - 2017-09-26 02:52 - 000491600 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
2017-09-01 01:49 - 2017-09-01 01:49 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-09-01 17:12 - 2016-09-01 17:12 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2018-04-09 20:02 - 2018-04-09 20:02 - 000090176 _____ () C:\Program Files\Chaos Group\V-Ray Swarm\register-service.exe
2018-11-09 14:48 - 2018-11-09 16:03 - 002695360 _____ () C:\USERS\LEIRE\DESKTOP\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-04-09 20:02 - 2018-04-09 20:02 - 000204800 _____ () \\?\C:\Program Files\Chaos Group\V-Ray Swarm\node_modules\v8-profiler\build\profiler\v5.6.5\node-v48-win32-x64\profiler.node
2018-04-09 20:02 - 2018-04-09 20:02 - 000163328 _____ () \\?\C:\Program Files\Chaos Group\V-Ray Swarm\node_modules\ref\build\Release\binding.node
2018-04-09 20:02 - 2018-04-09 20:02 - 000174592 _____ () \\?\C:\Program Files\Chaos Group\V-Ray Swarm\node_modules\ffi\build\Release\ffi_bindings.node
2018-10-20 14:12 - 2018-10-20 14:12 - 000726288 _____ () c:\Program Files (x86)\AVG\Antivirus\x64\StreamBack.dll
2018-11-09 18:36 - 2018-10-10 21:04 - 001314856 _____ () C:\Users\Leire\Desktop\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-03-17 14:29 - 2017-08-30 12:29 - 000260752 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\TodoBackupService.exe
2018-10-20 14:12 - 2018-10-20 14:12 - 000919312 _____ () C:\Program Files (x86)\AVG\Antivirus\anen.dll
2018-10-20 14:12 - 2018-10-20 14:12 - 000595728 _____ () C:\Program Files (x86)\AVG\Antivirus\streamback.dll
2018-11-10 13:42 - 2018-11-10 13:42 - 005719240 _____ () C:\Program Files (x86)\AVG\Antivirus\defs\18111002\algo.dll
2018-10-20 14:12 - 2018-10-20 14:12 - 000496912 _____ () C:\Program Files (x86)\AVG\Antivirus\gui_cache.dll
2018-10-20 14:12 - 2018-10-20 14:12 - 001112336 _____ () C:\Program Files (x86)\AVG\Antivirus\shepherdsync.dll
2018-03-17 14:29 - 2017-02-21 17:19 - 000083136 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\CodeLog.dll
2018-03-17 14:29 - 2016-03-07 18:08 - 001291264 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\libxml2.dll
2018-03-17 14:29 - 2004-10-05 03:08 - 000055808 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\zlib1.dll
2018-03-17 14:29 - 2016-12-06 02:43 - 000019648 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\CompressFile.dll
2018-03-17 14:29 - 2016-12-06 02:44 - 000090816 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\TBGetRemoteNetInfo.dll
2018-03-17 14:29 - 2016-12-06 02:43 - 000024768 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\CmcTbProxy.dll
2018-03-17 14:29 - 2016-12-06 02:43 - 000188608 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\CMCPipeCenter.dll
2018-03-17 14:29 - 2017-08-30 12:25 - 000183440 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\CMCAdapt.dll
2018-03-17 14:29 - 2016-12-06 02:43 - 000163520 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\CMCAdapt_RTTO.dll
2018-03-17 14:29 - 2017-08-30 12:27 - 000055952 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\TBInfo.dll
2018-03-17 14:29 - 2016-12-06 02:43 - 000018112 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\CMCNetTokenProxy.dll
2018-03-17 14:29 - 2017-08-30 12:25 - 000061072 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\ActivationOnline.dll
2018-03-17 14:29 - 2017-09-04 17:39 - 000699024 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\EuActiveOnline.dll
2018-03-17 14:29 - 2017-08-30 12:26 - 000487568 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\EULicenseDLL.DLL
2018-03-17 14:29 - 2017-08-30 12:26 - 000021648 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\fsclog.dll
2018-03-17 14:29 - 2017-08-30 12:26 - 000085648 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\logsys.dll
2018-03-17 14:29 - 2017-08-30 12:26 - 000032912 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\DiskSearchImg.dll
2018-03-17 14:29 - 2017-08-30 12:26 - 000070800 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\MountImg.dll
2018-03-17 14:29 - 2017-08-30 12:26 - 000160400 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\ImgFile.dll
2018-03-17 14:29 - 2017-08-30 12:26 - 000296592 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\DsImgFile.dll
2018-03-17 14:29 - 2016-12-06 02:43 - 000078528 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\FatLib.dll
2018-03-17 14:29 - 2017-08-30 12:26 - 000305808 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\NTFSUtil.dll
2018-03-17 14:29 - 2016-12-06 02:44 - 000210112 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\NTFSLib.dll
2018-03-17 14:29 - 2016-12-06 02:43 - 000026304 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\CallbackOperator.dll
2018-03-17 14:29 - 2016-12-06 02:43 - 000074432 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\CheckImg.dll
2018-03-17 14:29 - 2016-12-06 02:44 - 000142016 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\vhdvmdk.dll
2018-03-17 14:29 - 2017-09-11 14:28 - 000085136 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\BootDriver.dll
2018-03-17 14:29 - 2017-08-30 12:26 - 000844944 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\ExImage.dll
2018-03-17 14:29 - 2016-12-06 02:43 - 000195776 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\EmailBackupSize.dll
2018-03-17 14:29 - 2016-12-06 02:43 - 000414400 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\AndroidImage.dll
2018-03-17 14:29 - 2017-08-30 12:26 - 000162448 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\EnumDisk.dll
2018-03-17 14:29 - 2016-12-06 02:43 - 000029376 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\DeviceAdapter.dll
2018-03-17 14:29 - 2016-12-06 02:44 - 000114368 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\FileStorage.dll
2018-03-17 14:29 - 2016-12-06 02:44 - 000026816 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\GetDriverInfo.dll
2018-03-17 14:29 - 2016-12-06 02:43 - 000022720 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\CorrectMbr.dll
2018-03-17 14:29 - 2017-08-30 12:26 - 000034448 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\EnumTapeDevice.dll
2018-03-17 14:29 - 2016-12-06 02:44 - 000054464 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\TbTapeBrowse.dll
2018-03-17 14:29 - 2016-12-06 02:44 - 000066240 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\RegLib.dll
2018-03-17 14:29 - 2017-08-30 12:25 - 000026768 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\AccountManager.dll
2018-03-17 14:29 - 2017-08-30 12:26 - 000072848 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\NasOperator.dll
2018-03-17 14:29 - 2016-12-06 02:43 - 000221376 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\EmailBrowser.dll
2018-03-17 14:29 - 2016-12-06 02:43 - 000079040 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\CloudOperator.dll
2018-03-17 14:29 - 2017-08-30 12:25 - 000021648 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\ActiveOnline.dll
2018-03-17 14:29 - 2016-12-06 02:44 - 000138432 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\VMConfig.dll
2018-03-17 14:29 - 2016-12-06 02:43 - 000021696 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\AndroidDeviceManager.dll
2018-03-17 14:29 - 2017-08-30 12:27 - 000074896 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\SqlExBrowser.dll
2018-03-17 14:29 - 2017-08-30 12:27 - 000585872 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\SqlSMOCPlusPlus.dll
2018-03-17 14:29 - 2016-12-06 02:44 - 000045248 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\TbDataSwap.dll
2018-03-17 14:29 - 2017-08-30 12:25 - 000367760 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\DeviceManager.dll
2018-03-17 14:29 - 2017-08-30 12:25 - 000141456 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\Device.dll
2018-03-17 14:29 - 2016-12-06 02:44 - 000149184 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\Partition.dll
2018-03-17 14:29 - 2016-12-06 02:44 - 000052416 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\FileSystemAnalyser.dll
2018-03-17 14:29 - 2016-12-06 02:43 - 000064192 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\FATFileSystemAnalyser.dll
2018-03-17 14:29 - 2016-12-06 02:43 - 000091840 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\Common.dll
2018-03-17 14:29 - 2016-12-06 02:44 - 000058560 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\NTFSFileSystemAnalyser.dll
2018-03-14 11:04 - 2018-03-14 11:04 - 067127976 _____ () C:\Program Files (x86)\AVG\Antivirus\libcef.dll
2018-03-17 14:29 - 2016-12-06 02:44 - 000210112 _____ () E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\SmartBackup.dll
2015-11-17 18:01 - 2013-09-16 12:17 - 001242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`29hfm [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-1895503046-2164595843-4212185805-1000\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1895503046-2164595843-4212185805-1000\...\localhost -> localhost

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2018-08-01 15:39 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1895503046-2164595843-4212185805-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Leire\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupfolder: C:^Users^Leire^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Enviar a OneNote.lnk => C:\Windows\pss\Enviar a OneNote.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Leire^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EvernoteClipper.lnk => C:\Windows\pss\EvernoteClipper.lnk.Startup
MSCONFIG\startupreg: Autodesk Desktop App => "C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe" -tray
MSCONFIG\startupreg: Autodesk Sync => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
MSCONFIG\startupreg: DAEMON Tools Lite Automount => "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
MSCONFIG\startupreg: EPLTarget => 
MSCONFIG\startupreg: GarminExpressTrayApp => "E:\PROGRAMAS carpeta instalacion\Garmin express\Garmin\Express Tray\ExpressTray.exe"
MSCONFIG\startupreg: Gyazo => C:\Program Files (x86)\Gyazo\GyStation.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: OneDrive => "C:\Users\Leire\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
MSCONFIG\startupreg: pac => C:\Program Files\Autodesk\Personal Accelerator for Revit\RevitAccelerator.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify Web Helper => C:\Users\Leire\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{645C8220-6F42-485C-9A3C-54F46AD64C2E}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{B63D20AA-8963-4650-BFB6-AE9755485BC0}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{2F6B718B-EA6E-459C-98AD-CF18D4C31441}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{E2C1472B-432C-47BC-8484-89A3D8ED4927}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{7760A539-8DA9-44C6-B3FB-CFBAA8BE6D6A}] => (Allow) C:\Users\Leire\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7EEDEFC7-8BFF-44BA-9657-D60F6C59C98E}] => (Allow) C:\Users\Leire\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{DEFA3311-8FB9-420A-89AC-441F04533C12}] => (Allow) LPort=50248
FirewallRules: [TCP Query User{8023F291-A8A1-42F2-A256-7C61999BD401}E:\software\airdroid\airdroid.exe] => (Allow) E:\software\airdroid\airdroid.exe
FirewallRules: [UDP Query User{E0156FBE-AE14-4099-B1E6-BEDF1B10F1EA}E:\software\airdroid\airdroid.exe] => (Allow) E:\software\airdroid\airdroid.exe
FirewallRules: [{A86C208E-DD40-4B86-8C4E-771F5DB37B6B}] => (Block) E:\software\airdroid\airdroid.exe
FirewallRules: [{BFE77373-811A-4503-BF44-A7712D69FA59}] => (Block) E:\software\airdroid\airdroid.exe
FirewallRules: [TCP Query User{98077618-D0BC-47AC-93FE-9F81BC81F87E}C:\users\leire\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\leire\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{7A3EC589-E316-41EA-B677-27E26C5E719A}C:\users\leire\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\leire\appdata\roaming\spotify\spotify.exe
FirewallRules: [{C1736E2D-86E0-4627-92D1-80EC730D8150}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{702A4843-E010-4D86-9417-52D95CDF4337}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{F2473077-5FBB-457D-98E0-4BFDBB149B94}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{D893926F-B3CB-45A2-BEDD-351D29E95283}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{98ED2FF3-1C92-429D-9A7E-56DE0493838B}] => (Block) E:\ArchiCAD\ARCHICAD.exe
FirewallRules: [{6E5841FA-AD38-422F-8BE0-81F5E20F940E}] => (Block) E:\ArchiCAD\CineRender\CineRender 64bit.exe
FirewallRules: [{4C056430-B0F8-45F1-B3E7-6576616F6EA9}] => (Allow) E:\ArchiCAD\BIMxUploader.exe
FirewallRules: [{B43375C7-0DCE-4630-9D25-1A35C49E2805}] => (Block) E:\ArchiCAD\OverwatchServer.exe
FirewallRules: [{313B957C-09D7-4DCF-A81F-89C01D43C328}] => (Allow) E:\Servidor BIM\BIMcloud Manager\BIMcloud Manager Configurator.exe
FirewallRules: [{D8277EA5-633C-4A8B-8C59-1EA4F6346494}] => (Allow) E:\Servidor BIM\BIMcloud Manager\BIMcloudMonitor.exe
FirewallRules: [{D23E6746-7A57-45E7-9C2E-E8C0B35E111D}] => (Allow) E:\Servidor BIM\BIMcloud Manager\UpgradeTool.exe
FirewallRules: [{389B91DB-F8A8-47F9-9B0D-C84F45F952E4}] => (Allow) E:\Servidor BIM\BIMcloud Server 20\BIMcloud Server Configurator.exe
FirewallRules: [{90492B8A-788C-45D4-9DD0-C6DF8BD1A904}] => (Allow) E:\Servidor BIM\BIMcloud Server 20\BIMcloudMonitor.exe
FirewallRules: [{7D6333CF-1AA4-4BF9-9EC9-7735C44FB4B8}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{6E3E9C38-6BC5-4270-8B97-FDA579AF496A}] => (Allow) LPort=2869
FirewallRules: [{C36B382A-24CC-490D-A9D5-3F1DC5B9FE99}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{5F381674-6B9C-45F4-859E-C075A8757BA3}E:\programas carpeta instalacion\hearthstone\hearthstone\hearthstone.exe] => (Allow) E:\programas carpeta instalacion\hearthstone\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{CE5542C4-EB69-4963-93BE-839944BEAC6B}E:\programas carpeta instalacion\hearthstone\hearthstone\hearthstone.exe] => (Allow) E:\programas carpeta instalacion\hearthstone\hearthstone\hearthstone.exe
FirewallRules: [{B3E20A2F-F5EE-4AF6-BEAD-93F82ED7BC4F}] => (Block) E:\programas carpeta instalacion\hearthstone\hearthstone\hearthstone.exe
FirewallRules: [{FD56F439-5B92-489C-886A-89FE56BBF314}] => (Block) E:\programas carpeta instalacion\hearthstone\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{3C0BF727-6E97-490D-9E21-E4904B236B77}E:\programas carpeta instalacion\comicrack\comicrack.exe] => (Allow) E:\programas carpeta instalacion\comicrack\comicrack.exe
FirewallRules: [UDP Query User{D3C6B0C0-9043-4E8D-B389-F8C0ADB05E2C}E:\programas carpeta instalacion\comicrack\comicrack.exe] => (Allow) E:\programas carpeta instalacion\comicrack\comicrack.exe
FirewallRules: [{6FB6C633-B396-4D7E-B408-DF38BFACC52B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{446B8982-3046-4BB7-BA96-1BBF44E27FD0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{2302CCC4-1ACA-4FC3-BD60-20741187F040}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{FD6ADBD4-FBA5-4F57-9BFA-12ACCB603623}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4ED38237-FF2C-4F77-A5E2-E8B20757DBA4}] => (Allow) C:\Program Files\HP\HP OfficeJet 3830 series\bin\FaxApplications.exe
FirewallRules: [{268233FD-C0A9-46BC-8A79-80612D3969E9}] => (Allow) C:\Program Files\HP\HP OfficeJet 3830 series\bin\DigitalWizards.exe
FirewallRules: [{84F14D67-C7DF-4E8D-A3B8-5639C50B9211}] => (Allow) C:\Program Files\HP\HP OfficeJet 3830 series\bin\SendAFax.exe
FirewallRules: [{A3C97B8E-6E53-4288-971A-E743D8039DDA}] => (Allow) C:\Program Files\HP\HP OfficeJet 3830 series\bin\FaxPrinterUtility.exe
FirewallRules: [{A56F8E88-DDCB-461B-8B13-FF467C603BEE}] => (Allow) C:\Program Files\HP\HP OfficeJet 3830 series\Bin\DeviceSetup.exe
FirewallRules: [{55A1F0A2-B0B2-4C2C-B6A3-BE5A54F3ED17}] => (Allow) LPort=5357
FirewallRules: [{2E20AF2A-9F1B-46B5-ACC9-8B11A2C53815}] => (Allow) C:\Program Files\HP\HP OfficeJet 3830 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [TCP Query User{67A6DDF4-5F7E-4CBA-A1C0-55019ECC93A7}C:\program files (x86)\gigabyte\aorus graphics engine\aorus.exe] => (Allow) C:\program files (x86)\gigabyte\aorus graphics engine\aorus.exe
FirewallRules: [UDP Query User{F11A13C6-7907-4DF7-9F4F-E7E2791F03CC}C:\program files (x86)\gigabyte\aorus graphics engine\aorus.exe] => (Allow) C:\program files (x86)\gigabyte\aorus graphics engine\aorus.exe
FirewallRules: [{E7D26230-F1D0-473C-A808-E65542924BDF}] => (Block) C:\program files (x86)\gigabyte\aorus graphics engine\aorus.exe
FirewallRules: [{CE1B7897-DCB6-4E16-8B5B-A2C2EC84BBFB}] => (Block) C:\program files (x86)\gigabyte\aorus graphics engine\aorus.exe
FirewallRules: [TCP Query User{C16CD4F6-7939-4711-AD86-FB322A370058}C:\users\leire\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\leire\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{11CA55F4-C485-4354-A448-41405F8B69A9}C:\users\leire\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\leire\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{D520CAFC-9F6F-4254-93A3-C949E9119720}E:\programas carpeta instalacion\comicrack\comicrack.exe] => (Allow) E:\programas carpeta instalacion\comicrack\comicrack.exe
FirewallRules: [UDP Query User{862DBA5E-F413-4A8E-9EBE-6659C30A65F7}E:\programas carpeta instalacion\comicrack\comicrack.exe] => (Allow) E:\programas carpeta instalacion\comicrack\comicrack.exe
FirewallRules: [{CC588D44-0D9A-49AF-A694-5B6A7EF387B3}] => (Allow) E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\TbService.exe
FirewallRules: [{3E81D5D7-4E26-4201-A805-88677CC85272}] => (Allow) E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\TbService.exe
FirewallRules: [{9502488D-2061-48E4-A5A0-05D338DD3A48}] => (Allow) E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{8F691998-80C2-419C-BEAA-235047D930F1}] => (Allow) E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{981CBDD2-066C-4736-8A54-FE677388167D}] => (Allow) E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{BF7A3363-3B88-4D08-B1F7-306FA729D570}] => (Allow) E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{AF68EEB6-6D6E-423F-89CC-E4A8B95E6DE0}] => (Allow) E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{A71CE8E5-AC7F-4993-AD11-0B0EE20F4F20}] => (Allow) E:\PROGRAMAS carpeta instalacion\EaseUs\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{45DB3E45-4570-4A8C-B880-CECAEAD6FFDF}] => (Allow) C:\Program Files\Chaos Group\V-Ray\V-Ray 3.4 for SketchUp\extension\vrayneui-win32-x64\vrayneui.exe
FirewallRules: [{1D250E17-BCC5-4575-BDEA-DFCF657B9E9D}] => (Allow) C:\Program Files\Chaos Group\V-Ray\V-Ray 3.4 for SketchUp\extension\vrayneui-win32-x64\vrayneui.exe
FirewallRules: [{9C0E9A47-C2D0-4A4F-A757-26FA840B0204}] => (Allow) LPort=20208
FirewallRules: [{039A51CE-6EC0-4B9F-9156-F3CC4C3D65C6}] => (Allow) LPort=20208
FirewallRules: [{157EFE87-0691-463A-9D83-6D6CAC5489D5}] => (Allow) C:\Program Files\Chaos Group\V-Ray Swarm\swrm.exe
FirewallRules: [{9F760353-F822-4847-81F3-4A5A680DCF2A}] => (Allow) C:\Program Files\Chaos Group\V-Ray Swarm\swrm.exe
FirewallRules: [TCP Query User{C7F290FD-19FF-4592-AC92-106EB7964804}C:\Program Files\SketchUp\sketchup 2017\SketchUp.exe] => (Allow) C:\Program Files\SketchUp\sketchup 2017\SketchUp.exe
FirewallRules: [UDP Query User{3E58E2E3-D5AF-4A31-BA83-5CEDD6F2A45B}C:\Program Files\SketchUp\sketchup 2017\SketchUp.exe] => (Allow) C:\Program Files\SketchUp\sketchup 2017\SketchUp.exe
FirewallRules: [TCP Query User{466F0BE3-9B51-473B-8EFE-708329036F14}C:\mamp\bin\apache\bin\httpd.exe] => (Allow) C:\mamp\bin\apache\bin\httpd.exe
FirewallRules: [UDP Query User{5CCC7E5C-849A-4DA0-92A6-4ADE6E5F8C89}C:\mamp\bin\apache\bin\httpd.exe] => (Allow) C:\mamp\bin\apache\bin\httpd.exe
FirewallRules: [TCP Query User{346AD592-BE87-47C0-82A4-72CE8C662E4E}C:\mamp\bin\mysql\bin\mysqld.exe] => (Allow) C:\mamp\bin\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{881E65C1-BAB0-4DF0-9DCE-CC96D5A4A440}C:\mamp\bin\mysql\bin\mysqld.exe] => (Allow) C:\mamp\bin\mysql\bin\mysqld.exe
FirewallRules: [{E6146F08-DB28-44E4-95C4-B27BF3796E1E}] => (Allow) C:\Users\Leire\Desktop\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{AFA3B31A-520E-4B4C-BA37-2FB909BF3DE9}] => (Allow) C:\Users\Leire\Desktop\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{9954C0F2-636A-465F-9AFC-AAC038AA16B5}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\25\WinWrapIDE.exe
FirewallRules: [{FE03B9BB-0573-4021-BE64-1241300C396A}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\25\stats.exe
FirewallRules: [{9B453271-B1B8-4CF0-9A6B-2F0CA223B04E}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\25\stats.com
FirewallRules: [{DDB258BA-59B5-46EA-8CF3-39FB9071D507}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\25\WinWrapIDE.exe
FirewallRules: [{A2DEA651-C7C6-4C55-8D02-C587A503E179}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\25\stats.exe
FirewallRules: [{12B96891-338F-4059-88A2-5B69D6357EFF}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\25\stats.com
FirewallRules: [{E3B8F6AE-DF3C-4AFE-A14C-EBD101ED96E8}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{AA4B0EAF-91F8-43D2-A8CA-023F947704C5}] => (Allow) E:\LoL\LeagueClient.exe
FirewallRules: [{CCEA0E27-F43E-4483-8081-0C9D7AAF1586}] => (Allow) E:\LoL\LeagueClient.exe
FirewallRules: [{C2BE54E4-8F85-409B-A8B3-2E907B044ABB}] => (Allow) C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe
FirewallRules: [{F7698245-5CC8-4E12-872E-6A58BD6B99B6}] => (Allow) C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe
FirewallRules: [{82FEB870-5226-4435-A0E4-AC64F99F7366}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{49E2815E-F313-4D83-A87A-D3F09FD56342}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{44683377-5BCD-4182-92B1-B1D597D1BEC8}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{E5327809-2475-4F63-B9CB-87C7034F38ED}] => (Allow) C:\Users\Leire\Desktop\CCleaner\CCUpdate.exe
FirewallRules: [{3D44A5DE-F780-4AE5-A5C7-277741A6F8AE}] => (Allow) C:\Users\Leire\Desktop\CCleaner\CCUpdate.exe
FirewallRules: [{7593C69F-C60A-46F8-BF2B-FDD0BACA819D}] => (Allow) C:\Users\Leire\Desktop\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{35803351-03FE-4C2F-8EAA-13EF01991CE0}] => (Allow) C:\Users\Leire\Desktop\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{37A49079-1900-4CF9-83DA-31258E235F59}] => (Allow) C:\Users\Leire\Desktop\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{DD821CDF-3C4F-4DC8-B59F-AA2675D28553}] => (Allow) C:\Users\Leire\Desktop\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============

Name: Controladora de bus serie universal(USB)
Description: Controladora de bus serie universal(USB)
Class Guid: 
Manufacturer: 
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Controladora de bus SM
Description: Controladora de bus SM
Class Guid: 
Manufacturer: 
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: NVIDIA High Definition Audio
Description: NVIDIA High Definition Audio
Class Guid: 
Manufacturer: 
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Controladora de bus serie universal(USB)
Description: Controladora de bus serie universal(USB)
Class Guid: 
Manufacturer: 
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Controladora de bus serie universal(USB)
Description: Controladora de bus serie universal(USB)
Class Guid: 
Manufacturer: 
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/10/2018 06:30:15 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: No se pudo crear el punto de restauración (proceso = C:\Users\Leire\AppData\Local\Temp\jrt\CreateRestorePoint.exe  "JRT Pre-Junkware Removal"; descripción = JRT Pre-Junkware Removal; error = 0x80070422).

Error: (11/10/2018 06:29:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: Last.fm Desktop Scrobbler.exe, versión: 3.1.28.1, marca de tiempo: 0x5a098095
Nombre del módulo con errores: wmp.dll, versión: 12.0.7601.24252, marca de tiempo: 0x5b84e784
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0012a66e
Id. del proceso con errores: 0xae0
Hora de inicio de la aplicación con errores: 0x01d4791aeee7c4fa
Ruta de acceso de la aplicación con errores: E:\PROGRAMAS carpeta instalacion\Lastfm\Last.fm Desktop Scrobbler.exe
Ruta de acceso del módulo con errores: C:\Windows\system32\wmp.dll
Id. del informe: 36f0d8b5-e50e-11e8-bf81-50e549e848ee

Error: (11/10/2018 06:29:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (11/10/2018 06:29:25 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Error de activación de la licencia de Windows. Error 0x80070005.

Error: (11/10/2018 06:22:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: Last.fm Desktop Scrobbler.exe, versión: 3.1.28.1, marca de tiempo: 0x5a098095
Nombre del módulo con errores: wmp.dll, versión: 12.0.7601.24252, marca de tiempo: 0x5b84e784
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0012a66e
Id. del proceso con errores: 0xcf0
Hora de inicio de la aplicación con errores: 0x01d47919e543216b
Ruta de acceso de la aplicación con errores: E:\PROGRAMAS carpeta instalacion\Lastfm\Last.fm Desktop Scrobbler.exe
Ruta de acceso del módulo con errores: C:\Windows\system32\wmp.dll
Id. del informe: 38fa65dd-e50d-11e8-9b2a-50e549e848ee

Error: (11/10/2018 06:22:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: No se pudo reactivar el filtro de eventos con la consulta "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" en el espacio de nombres "//./root/CIMV2" por el error 0x80041003. Los eventos no se podrán entregar a través de este filtro hasta que se corrija este problema.

Error: (11/10/2018 06:22:00 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Error de activación de la licencia de Windows. Error 0x80070005.

Error: (11/10/2018 02:37:46 PM) (Source: WTabletServicePro) (EventID: 1) (User: )
Description: Event-ID 1


System errors:
=============
Error: (11/10/2018 06:30:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio NVIDIA LocalSystem Container terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 6000 milisegundos: Reiniciar el servicio.

Error: (11/10/2018 06:30:17 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio NVIDIA Display Container LS terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 1000 milisegundos: Reiniciar el servicio.

Error: (11/10/2018 06:29:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Hardlock no pudo iniciarse debido al siguiente error: 
Windows no puede comprobar la firma digital en este archivo. Un cambio reciente en el hardware o en el software podría haber instalado un archivo con una firma incorrecta o dañada, o podría también tratarse de un software malintencionado proveniente de un origen desconocido.

Error: (11/10/2018 06:28:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Protección de software terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 120000 milisegundos: Reiniciar el servicio.

Error: (11/10/2018 06:28:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio NVIDIA LocalSystem Container terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 6000 milisegundos: Reiniciar el servicio.

Error: (11/10/2018 06:28:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio NVIDIA Telemetry Container terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 1000 milisegundos: Reiniciar el servicio.

Error: (11/10/2018 06:28:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Servicio de uso compartido de red del Reproductor de Windows Media terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 30000 milisegundos: Reiniciar el servicio.

Error: (11/10/2018 06:28:19 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Intel(R) Dynamic Application Loader Host Interface Service se terminó de manera inesperada. Esto ha sucedido 1 veces.


CodeIntegrity:
===================================

Date: 2018-11-10 18:29:34.416
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\hardlock.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2018-11-10 18:29:34.291
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\hardlock.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2018-11-10 18:22:09.089
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\hardlock.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2018-11-10 18:22:08.917
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\hardlock.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2018-11-10 13:41:54.225
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\hardlock.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2018-11-10 13:41:54.053
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\hardlock.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2018-11-10 10:30:51.654
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\hardlock.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

Date: 2018-11-10 10:30:51.529
Description: 
Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\hardlock.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-2600K CPU @ 3.40GHz
Percentage of memory in use: 17%
Total physical RAM: 16367.12 MB
Available physical RAM: 13523.36 MB
Total Virtual: 32732.38 MB
Available Virtual: 29909.72 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:306.09 GB) NTFS
Drive e: () (Fixed) (Total:931.51 GB) (Free:156.07 GB) NTFS

\\?\Volume{def70d44-2ba9-11e8-9c38-806e6f6e6963}\ () (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 7C9E72C9)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 704E0039)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

#22

Hola

:arrow_forward: MUY Importante :arrow_backward: Realiza una copia de seguridad del registro :

  • Para hacerlo descarga :arrow_forward: DelFix.exe( en tu escritorio).

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

  • Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO.

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

:warning: Con los demás programas cerrados ve a :arrow_forward: Inicio :arrow_forward: Ejecutar :arrow_forward: y escribe Notepad.exe.

  • Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1895503046-2164595843-4212185805-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1895503046-2164595843-4212185805-1000\...\Run: [66fe5029] => C:\ProgramData\66fe5029\66fe5029.exe [0 ] (AutoIt Team)
HKU\S-1-5-21-1895503046-2164595843-4212185805-1000\...\Run: [66fe50292] => C:\ProgramData\qdxvXBQt\66fe5029.exe [937776 2018-11-10] (AutoIt Team)
HKU\S-1-5-21-1895503046-2164595843-4212185805-1000\...\MountPoints2: {df6ea4af-2257-11e6-a8a1-50e549e848ee} - explorer.exe www.presto.es\index.html
HKU\S-1-5-21-1895503046-2164595843-4212185805-1000\...\MountPoints2: {fd742246-b3ae-11e5-98b0-50e549e848ee} - F:\STARTUP.EXE
HKU\S-1-5-21-1895503046-2164595843-4212185805-1000\...\MountPoints2: {fd74228d-b3ae-11e5-98b0-50e549e848ee} - K:\autorun.exe
Startup: C:\Users\Leire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\b66fe5029d0f3009021030e6f2469239.lnk [2018-11-10]
ShortcutTarget: b66fe5029d0f3009021030e6f2469239.lnk -> C:\ProgramData\OkOAOn\66fe5029.exe (AutoIt Team)
ShortcutTarget: Last.fm Desktop Scrobbler.lnk -> C:\Users\Leire\AppData\Roaming\Microsoft\Installer\{EEF2F789-893F-47B8-A817-81066D427FD1}\_3C389C1899E83A28513401.exe ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [No File]
CHR Extension: (Chrome Media Router) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-19]
CHR Extension: (Chrome Media Router) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-27]
CHR Extension: (Chrome Media Router) - C:\Users\Leire\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-11-07]
S3 WinDefend; %ProgramFiles%\Windows Defender\mpsvc.dll [X]
S3 WMPNetworkSvc; "%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe" [X]
S3 EtronHub3; System32\Drivers\EtronHub3.sys [X]
S3 EtronXHCI; System32\Drivers\EtronXHCI.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
2018-11-10 18:30 - 2018-11-10 18:30 - 000000000 ____D C:\ProgramData\qdxvXBQt
2018-11-10 10:31 - 2018-11-10 14:11 - 000000000 ____D C:\ProgramData\uudKFsUz
2018-11-09 15:51 - 2018-11-09 15:51 - 000000000 ____D C:\ProgramData\OkOAOn
2018-11-09 13:29 - 2018-11-09 13:29 - 000000000 ____D C:\ProgramData\XlRDgk
2018-11-09 12:43 - 2018-11-09 12:43 - 000000000 ____D C:\ProgramData\zfwOYJ
2018-11-09 11:49 - 2018-11-09 11:49 - 000000000 ____D C:\ProgramData\HXwANso
2018-11-10 14:36 - 2018-02-27 21:17 - 000002982 _____ C:\Windows\System32\Tasks\{68656588-3BCC-4BA6-A460-6E0D9010729A}
2018-11-10 14:36 - 2018-02-27 20:08 - 000002982 _____ C:\Windows\System32\Tasks\{95304FB1-B750-4C95-959F-60AB60262AA8}
2018-11-10 14:36 - 2017-12-13 11:25 - 000003172 _____ C:\Windows\System32\Tasks\{D716DE4F-F474-48E6-AE81-EBFEA1520A72}
2018-11-10 14:36 - 2017-12-01 14:07 - 000002910 _____ C:\Windows\System32\Tasks\{F1BD5EC7-15AC-475A-9F31-7A5F74AC1419}
2018-11-10 14:36 - 2017-10-30 14:41 - 000002950 _____ C:\Windows\System32\Tasks\{0DAC133D-B375-453F-B2D8-7686ADB20A25}
2018-11-10 14:36 - 2017-10-30 14:15 - 000002950 _____ C:\Windows\System32\Tasks\{F3F67E1B-4064-45B3-A3A7-3C77FA577DEE}
2018-11-10 14:36 - 2017-10-30 14:14 - 000002950 _____ C:\Windows\System32\Tasks\{742AAC86-20A7-4B7E-BA09-5CDD4787F631}
2018-11-10 14:36 - 2017-01-29 10:49 - 000003152 _____ C:\Windows\System32\Tasks\{D9258C07-F885-49F0-87D8-22EDA70742E5}
2018-11-10 14:36 - 2017-01-29 10:48 - 000003220 _____ C:\Windows\System32\Tasks\{A409177E-88DA-440B-B4C2-4324B118DE7A}
2018-11-10 14:36 - 2016-01-05 15:59 - 000003068 _____ C:\Windows\System32\Tasks\{18E33739-9B6C-4834-B587-A4B0DC39D839}
2018-11-10 14:36 - 2016-01-05 15:59 - 000003068 _____ C:\Windows\System32\Tasks\{1374C2A1-C4EC-4E4D-BE95-4D1D88136866}
2018-11-10 14:36 - 2015-11-17 22:03 - 000003158 _____ C:\Windows\System32\Tasks\{B044483D-22F7-4BC2-97F8-E44F6A3D6455}
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => C:\Users\Leire\Desktop\Windows Sidebar\sbdrop.dll -> No File
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`29hfm [0]

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio :arrow_backward: Esto es muy importante.

:o: Nota :o: Es importante que la herramienta FRST.exe (Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.

  • Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).
  • Presionar el botón FIX y aguardar a que termine.
  • La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pega el contenido de este fichero en tu próxima respuesta.

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Un saludo