Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-09-2019 Ran by Mavi (administrator) on MAVI-PC (ASUSTeK Computer Inc. K53SD) (30-09-2019 12:45:25) Running from C:\Users\Mavi\Desktop Loaded Profiles: Mavi (Available Profiles: Mavi & Administrador & DefaultAppPool) Platform: Windows 7 Professional Service Pack 1 (X64) Language: Español (España, internacional) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\eguiProxy.exe (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe (Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe (Opera Software AS -> Opera Software) C:\Program Files\Opera\assistant\browser_assistant.exe (Opera Software AS -> Opera Software) C:\Program Files\Opera\assistant\browser_assistant.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (SEIKO EPSON Corporation -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATINEE.EXE (Telegram Messenger LLP -> Telegram FZ-LLC) C:\Users\Mavi\AppData\Roaming\Telegram Desktop\Telegram.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18368512 2017-04-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\ecmdS.exe [180736 2019-09-23] (ESET, spol. s r.o. -> ESET) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [1841496 2016-10-14] (Logitech -> Logitech, Inc.) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated) HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Program Files\Opera\assistant\browser_assistant.exe [2761752 2019-09-25] (Opera Software AS -> Opera Software) HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe HKU\S-1-5-21-2590789392-3709184063-2437184007-1000\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [44016 2019-03-25] (Glarysoft LTD -> Glarysoft Ltd) HKU\S-1-5-21-2590789392-3709184063-2437184007-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATINEE.EXE [298560 2013-12-16] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) HKU\S-1-5-21-2590789392-3709184063-2437184007-1000\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [47677040 2019-09-13] (Google LLC -> ) HKU\S-1-5-21-2590789392-3709184063-2437184007-1000\...\Policies\Explorer: [] (0) HKU\S-1-5-21-2590789392-3709184063-2437184007-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2010-11-20] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2017-10-28] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\77.0.3865.90\Installer\chrmstp.exe [2019-09-24] (Google LLC -> Google LLC) BootExecute: autocheck autochk * GroupPolicy: Restriction ? <==== ATTENTION ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0AD7BFBC-F8D2-4410-ACCB-052EB36B8855} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2590789392-3709184063-2437184007-1000UA => C:\Users\Mavi\AppData\Local\Google\Update\GoogleUpdate.exe Task: {0DE7F791-D6A5-4A1D-BEB2-4B64CDD43605} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_255_pepper.exe [1453112 2019-09-17] (Adobe Inc. -> Adobe) Task: {125DD637-08E5-4D5A-94E9-D1F21CE524D3} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [1677600 2019-09-06] (Corel Corporation -> Corel Corporation) Task: {158A3DA1-30CE-412B-9618-C43ABDA81799} - System32\Tasks\{1746E0E2-EC63-42A0-B2B8-7EAD586EC824} => C:\Windows\system32\pcalua.exe -a C:\Users\Mavi\Desktop\Descargas\00Descargas0\picture-it-9.exe -d C:\Users\Mavi\Desktop\Descargas\00Descargas0 Task: {173DA8DB-053E-4238-A072-5FAE71168333} - System32\Tasks\Artendon Inc- FTP Management => C:\Windows\system32\rundll32.exe "C:\Program Files\Artendon Inc. FTP Management\Artendon Inc. FTP Management.dll",PxDLjtmqzWNE Task: {22A713D0-5F56-4753-9522-719BEC1D4448} - System32\Tasks\Microsoft\Windows\Time Synchronization\ViewUtcTime => C:\Users\Mavi\AppData\Roaming\\utctimer\\utc.exe Task: {320389D2-4DCE-4190-ACDF-7453CC660AEF} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-02-28] (Dropbox, Inc -> Dropbox, Inc.) Task: {3E5AB175-5660-496E-9239-B819DFF1EDE5} - System32\Tasks\Opera scheduled assistant Autoupdate 1553678500 => C:\Program Files\Opera\launcher.exe [1520152 2019-09-18] (Opera Software AS -> Opera Software) Task: {59F73174-CB64-4D5E-B074-82280A71BCDC} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-02-28] (Dropbox, Inc -> Dropbox, Inc.) Task: {6D8FE5B9-4527-452A-9CCB-9DE566E7FF3C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16509040 2019-04-04] (Piriform Software Ltd -> Piriform Software Ltd) Task: {6F585272-A953-4618-85D7-A74622FEB63D} - System32\Tasks\AdobeGCInvoker-1.0-Mavi-PC-Mavi => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {7A0B1601-8FA8-47E6-80DD-32B52C2AD1A3} - System32\Tasks\Opera scheduled Autoupdate 1491656257 => C:\Program Files\Opera\launcher.exe [1520152 2019-09-18] (Opera Software AS -> Opera Software) Task: {7BCCC218-5AC9-4354-AB4D-3F4E41D08B47} - System32\Tasks\{2999CB74-5CF9-424A-85C0-E68826E53E4B} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\WinRAR\uninstall.exe" -d "C:\Program Files (x86)\WinRAR" -c /setup Task: {87F389D9-C0FE-4E62-8262-4789FD12148E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe Task: {952C805E-8C25-4728-BAED-934F9862A25A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-02-28] (Google Inc -> Google Inc.) Task: {9E24A229-D036-4E47-BF72-9D36A4017242} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1485312 2017-04-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {AB345F47-283C-44DF-90A9-BAF17C15F499} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-02-28] (Google Inc -> Google Inc.) Task: {AC716547-B3C1-4F61-A99C-18507F7869BF} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1485312 2017-04-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {AF2CE04C-6118-4A4A-B617-08F76E1ED942} - System32\Tasks\CorelUpdateHelperTask-CAAA1EF5E2B54BB10C8A531B38787585 => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [1677600 2019-09-06] (Corel Corporation -> Corel Corporation) Task: {B1EA6256-869C-4396-818E-7355E85C0026} - System32\Tasks\{42785226-03BB-4E3A-824C-C3DD3E30ADEC} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\WeatherInspect\uninstaller.exe" Task: {D27D725D-A5DB-4A37-B7FC-4B7C4B973AAC} - System32\Tasks\{45BA51CF-5D27-4CFE-BAEF-D9B3B80682EB} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Common Files\Microsoft Shared\Picture It!\RmvSuite.exe" -c ADDREMOVE=1 SKU=PREM Task: {D8089505-CBE0-4768-B058-2EA061669571} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2590789392-3709184063-2437184007-1000Core => C:\Users\Mavi\AppData\Local\Google\Update\GoogleUpdate.exe Task: {EFF856A6-5B51-498B-993A-973FB09046AE} - System32\Tasks\{BAD79768-8071-4C8B-A780-FD08FF226D2B} => C:\Users\Mavi\Desktop\TomTomHOME2winlatest.exe Task: {F5B40692-4994-4F5E-8F09-C8A434A35B90} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-04-04] (Piriform Software Ltd -> Piriform Software Ltd) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\Parameters: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{0A623B7B-40EC-4CED-A5EF-D572E22320C8}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{0A623B7B-40EC-4CED-A5EF-D572E22320C8}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{0F7DEDFE-3D72-4082-94FA-E40E628BBCE4}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{140542A6-736D-470E-9844-81C7DFD47FDF}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{140542A6-736D-470E-9844-81C7DFD47FDF}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{F94776C7-D1F3-49BD-9988-CF03FD2A7A8E}: [NameServer] 8.8.8.8 Internet Explorer: ================== DownloadDir: C:\Users\Mavi\Desktop SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_221\bin\ssv.dll [2019-09-08] (Oracle America, Inc. -> Oracle Corporation) BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-09-08] (Oracle America, Inc. -> Oracle Corporation) BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Toolbar: HKLM - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File FireFox: ======== FF DefaultProfile: nup6skaj.default FF ProfilePath: C:\Users\Mavi\AppData\Roaming\TomTom\HOME\Profiles\qkyt918m.default [2018-04-22] FF Extension: (No Name) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [not found] FF ProfilePath: C:\Users\Mavi\AppData\Roaming\Mozilla\Firefox\Profiles\nup6skaj.default [2019-09-27] FF DownloadDir: C:\Users\Mavi\Desktop FF Homepage: Mozilla\Firefox\Profiles\nup6skaj.default -> www.google.es/ FF Extension: (uBlock Origin) - C:\Users\Mavi\AppData\Roaming\Mozilla\Firefox\Profiles\nup6skaj.default\Extensions\uBlock0@raymondhill.net.xpi [2019-08-27] FF Extension: (DownThemAll!) - C:\Users\Mavi\AppData\Roaming\Mozilla\Firefox\Profiles\nup6skaj.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2017-05-10] [Legacy] FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2017-11-01] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_187.dll [2017-11-19] (Adobe Systems Incorporated -> ) FF Plugin: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-09-08] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-09-08] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File] FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File] FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File] FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_187.dll [2017-11-19] (Adobe Systems Incorporated -> ) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google Inc -> Google, Inc.) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC) FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [No File] FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [No File] FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [No File] FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File] FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File] FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File] FF Plugin HKU\S-1-5-21-2590789392-3709184063-2437184007-1000: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File] FF Plugin HKU\S-1-5-21-2590789392-3709184063-2437184007-1000: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File] FF Plugin HKU\S-1-5-21-2590789392-3709184063-2437184007-1000: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [No File] FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2019-09-30] Chrome: ======= CHR Profile: C:\Users\Mavi\AppData\Local\Google\Chrome\User Data\Default [2019-09-30] CHR DownloadDir: C:\Users\Mavi\Desktop\Descargas\00Descargas0 CHR Extension: (Google Drive) - C:\Users\Mavi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-07-19] CHR Extension: (YouTube) - C:\Users\Mavi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-11] CHR Extension: (uBlock Origin) - C:\Users\Mavi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2019-09-30] CHR Extension: (Angels Heaven) - C:\Users\Mavi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ebggokncjhegpmpkjcjanmcmbegobpao [2018-05-04] CHR Extension: (Documentos de Google sin conexión) - C:\Users\Mavi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-16] CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Mavi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2019-09-26] CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Mavi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-03-20] CHR Extension: (Gmail) - C:\Users\Mavi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-23] CHR Extension: (Chrome Media Router) - C:\Users\Mavi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-09-26] CHR Profile: C:\Users\Mavi\AppData\Local\Google\Chrome\User Data\System Profile [2019-06-15] CHR HKU\S-1-5-21-2590789392-3709184063-2437184007-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx Opera: ======= OPR DownloadDir: C:\Users\Mavi\Desktop OPR Extension: (No Name) - C:\Users\Mavi\AppData\Roaming\Opera Software\Opera Stable\Extensions\pbdpajcdgknpendpmecafmopknefafha [2017-05-10] ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3117648 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2888272 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-02-28] (Dropbox, Inc -> Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-02-28] (Dropbox, Inc -> Dropbox, Inc.) R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51024 2019-09-18] (Dropbox, Inc -> Dropbox, Inc.) R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2431696 2019-09-23] (ESET, spol. s r.o. -> ESET) R3 ekrnEpfw; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2431696 2019-09-23] (ESET, spol. s r.o. -> ESET) R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (SEIKO EPSON Corporation -> Seiko Epson Corporation) S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes) R2 PSI_SVC_2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc) R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 asmthub3; C:\Windows\System32\DRIVERS\asmthub3.sys [128488 2011-06-02] (MCCI Internal Testing Software -> ASMedia Technology Inc) R3 asmtxhci; C:\Windows\System32\DRIVERS\asmtxhci.sys [401896 2011-06-02] (MCCI Internal Testing Software -> ASMedia Technology Inc) S3 athur; C:\Windows\System32\DRIVERS\athurx.sys [1847296 2010-01-05] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.) R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [149144 2019-08-26] (ESET, spol. s r.o. -> ESET) R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [107344 2017-05-04] (ESET, spol. s r.o. -> ESET) R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [189232 2019-08-26] (ESET, spol. s r.o. -> ESET) R1 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [113336 2019-08-26] (ESET, spol. s r.o. -> ESET) R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [28936 2019-04-07] (Glarysoft LTD -> Glarysoft Ltd) R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-07-10] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [128200 2013-06-20] (Qualcomm Atheros -> Qualcomm Atheros Co., Ltd.) S3 ptun0901; C:\Windows\System32\DRIVERS\ptun0901.sys [27136 2014-08-08] (OpenVPN Technologies, Inc. -> The OpenVPN Project) R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [8244312 2013-06-19] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.) S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64.sys [23200 2015-04-30] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-09-30 12:45 - 2019-09-30 12:47 - 000027745 _____ C:\Users\Mavi\Desktop\FRST.txt 2019-09-30 12:45 - 2019-09-30 12:46 - 000000000 ____D C:\FRST 2019-09-30 12:43 - 2019-09-30 12:43 - 001615360 _____ (Farbar) C:\Users\Mavi\Desktop\FRST64.exe 2019-09-27 11:19 - 2019-09-27 11:20 - 000000000 ____D C:\ProgramData\Wondershare 2019-09-27 11:15 - 2019-09-27 12:47 - 000000000 ____D C:\Users\Mavi\AppData\Local\Wondershare 2019-09-27 11:12 - 2019-09-27 11:12 - 000000000 ____D C:\Program Files (x86)\Wondershare 2019-09-27 10:38 - 2019-09-27 11:38 - 000000000 ____D C:\Users\Mavi\AppData\Roaming\UtcTimer 2019-09-26 20:31 - 2019-09-26 20:31 - 000002000 _____ C:\Users\Public\Desktop\Google Slides.lnk 2019-09-26 20:31 - 2019-09-26 20:31 - 000002000 _____ C:\ProgramData\Desktop\Google Slides.lnk 2019-09-26 20:31 - 2019-09-26 20:31 - 000001998 _____ C:\Users\Public\Desktop\Google Sheets.lnk 2019-09-26 20:31 - 2019-09-26 20:31 - 000001998 _____ C:\ProgramData\Desktop\Google Sheets.lnk 2019-09-26 20:31 - 2019-09-26 20:31 - 000001988 _____ C:\Users\Public\Desktop\Google Docs.lnk 2019-09-26 20:31 - 2019-09-26 20:31 - 000001988 _____ C:\ProgramData\Desktop\Google Docs.lnk 2019-09-26 20:31 - 2019-09-26 20:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google 2019-09-26 20:31 - 2019-09-26 20:31 - 000000000 ____D C:\Program Files\Google 2019-09-26 19:53 - 2019-09-26 19:53 - 000000000 ____D C:\Users\Mavi\Desktop\Judith Enmarcar 2019-09-26 19:09 - 2019-09-26 19:09 - 000386606 _____ C:\Users\Mavi\Documents\Firma Calasparra.pdf 2019-09-26 17:30 - 2019-09-26 17:30 - 000003132 _____ C:\Windows\system32\Tasks\CorelUpdateHelperTask-CAAA1EF5E2B54BB10C8A531B38787585 2019-09-24 11:58 - 2019-09-24 11:58 - 000373277 _____ C:\Users\Mavi\Documents\Firma Poliza Mavi.pdf 2019-09-19 09:04 - 2019-09-19 09:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2019-09-18 18:53 - 2019-09-26 19:01 - 000004024 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1553678500 2019-09-18 09:42 - 2019-09-18 09:42 - 000051024 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe 2019-09-18 09:42 - 2019-09-18 09:42 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys 2019-09-18 09:42 - 2019-09-18 09:42 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys 2019-09-18 09:42 - 2019-09-18 09:42 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys 2019-09-17 12:24 - 2019-09-17 12:24 - 000001056 _____ C:\Users\Mavi\Desktop\Documentos - Acceso directo.lnk 2019-09-16 17:15 - 2019-09-16 17:15 - 000000207 _____ C:\Windows\tweaking.com-regbackup-MAVI-PC-Windows-7-Professional-(64-bit).dat 2019-09-16 17:14 - 2019-09-16 17:14 - 000000000 ____D C:\RegBackup 2019-09-15 13:31 - 2019-09-15 13:31 - 000000383 _____ C:\Users\Mavi\Desktop\RecentPlaces.lnk 2019-09-15 13:10 - 2019-09-15 13:10 - 000000000 ____D C:\Users\Mavi\Documents\JUDITH 2019-09-13 11:48 - 2019-09-13 11:48 - 000000251 _____ C:\Users\Mavi\Documents\claves.reg 2019-09-12 18:22 - 2019-09-12 18:22 - 000060199 _____ C:\Users\Mavi\Documents\Descriptiva grafico calasparra.pdf 2019-09-11 13:58 - 2008-09-01 11:12 - 000096008 _____ C:\Users\Mavi\Documents\Gaviota.pdf 2019-09-11 11:09 - 2019-08-29 04:55 - 004061112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2019-09-11 11:09 - 2019-08-29 04:53 - 005553104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2019-09-11 11:09 - 2019-08-27 07:07 - 025752064 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2019-09-11 11:09 - 2019-08-27 05:29 - 002909184 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2019-09-11 11:09 - 2019-08-27 05:21 - 020290560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2019-09-11 11:09 - 2019-08-27 05:17 - 005500928 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2019-09-11 11:09 - 2019-08-27 04:59 - 002301952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2019-09-11 11:09 - 2019-08-27 04:36 - 015389184 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2019-09-11 11:09 - 2019-08-27 04:34 - 000350208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys 2019-09-11 11:09 - 2019-08-27 04:30 - 004112384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2019-09-11 11:09 - 2019-08-27 04:23 - 013791744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2019-09-11 11:09 - 2019-08-27 04:15 - 001568256 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2019-09-11 11:09 - 2019-08-27 04:06 - 001331712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2019-09-11 11:09 - 2019-08-20 05:59 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ws2ifsl.sys 2019-09-11 11:09 - 2019-08-20 05:51 - 003232256 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2019-09-11 11:09 - 2019-08-15 09:59 - 000878080 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2019-09-11 11:09 - 2019-08-15 09:59 - 000583680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2019-09-11 11:09 - 2019-08-14 19:54 - 000271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsmf.dll 2019-09-11 11:09 - 2019-08-14 19:53 - 000253440 _____ (Microsoft) C:\Windows\SysWOW64\DShowRdpFilter.dll 2019-09-11 11:09 - 2019-08-14 07:20 - 000300032 _____ (Microsoft Corporation) C:\Windows\system32\tsmf.dll 2019-09-11 11:09 - 2019-08-14 07:20 - 000282112 _____ (Microsoft) C:\Windows\system32\DShowRdpFilter.dll 2019-09-11 11:09 - 2019-08-13 04:50 - 006135808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2019-09-11 11:09 - 2019-08-13 02:56 - 007082496 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2019-09-11 11:08 - 2019-08-29 04:56 - 003966904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2019-09-11 11:08 - 2019-08-29 04:55 - 000627424 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2019-09-11 11:08 - 2019-08-29 04:54 - 001319496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2019-09-11 11:08 - 2019-08-29 04:53 - 000709856 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2019-09-11 11:08 - 2019-08-29 04:53 - 000264120 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll 2019-09-11 11:08 - 2019-08-29 04:53 - 000155360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2019-09-11 11:08 - 2019-08-29 04:53 - 000096992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2019-09-11 11:08 - 2019-08-29 04:52 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2019-09-11 11:08 - 2019-08-29 04:52 - 000836608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll 2019-09-11 11:08 - 2019-08-29 04:52 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2019-09-11 11:08 - 2019-08-29 04:52 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2019-09-11 11:08 - 2019-08-29 04:52 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2019-09-11 11:08 - 2019-08-29 04:52 - 000555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2019-09-11 11:08 - 2019-08-29 04:52 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2019-09-11 11:08 - 2019-08-29 04:52 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2019-09-11 11:08 - 2019-08-29 04:52 - 000261632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2019-09-11 11:08 - 2019-08-29 04:52 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2019-09-11 11:08 - 2019-08-29 04:52 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2019-09-11 11:08 - 2019-08-29 04:52 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2019-09-11 11:08 - 2019-08-29 04:52 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2019-09-11 11:08 - 2019-08-29 04:52 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll 2019-09-11 11:08 - 2019-08-29 04:52 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2019-09-11 11:08 - 2019-08-29 04:52 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll 2019-09-11 11:08 - 2019-08-29 04:52 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2019-09-11 11:08 - 2019-08-29 04:52 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2019-09-11 11:08 - 2019-08-29 04:52 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll 2019-09-11 11:08 - 2019-08-29 04:52 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2019-09-11 11:08 - 2019-08-29 04:52 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2019-09-11 11:08 - 2019-08-29 04:52 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2019-09-11 11:08 - 2019-08-29 04:52 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2019-09-11 11:08 - 2019-08-29 04:52 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2019-09-11 11:08 - 2019-08-29 04:52 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2019-09-11 11:08 - 2019-08-29 04:52 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2019-09-11 11:08 - 2019-08-29 04:52 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2019-09-11 11:08 - 2019-08-29 04:52 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2019-09-11 11:08 - 2019-08-29 04:52 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2019-09-11 11:08 - 2019-08-29 04:52 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2019-09-11 11:08 - 2019-08-29 04:52 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2019-09-11 11:08 - 2019-08-29 04:52 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2019-09-11 11:08 - 2019-08-29 04:52 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2019-09-11 11:08 - 2019-08-29 04:52 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2019-09-11 11:08 - 2019-08-29 04:52 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2019-09-11 11:08 - 2019-08-29 04:52 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2019-09-11 11:08 - 2019-08-29 04:52 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2019-09-11 11:08 - 2019-08-29 04:52 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2019-09-11 11:08 - 2019-08-29 04:52 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2019-09-11 11:08 - 2019-08-29 04:52 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2019-09-11 11:08 - 2019-08-29 04:52 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2019-09-11 11:08 - 2019-08-29 04:52 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2019-09-11 11:08 - 2019-08-29 04:52 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2019-09-11 11:08 - 2019-08-29 04:52 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2019-09-11 11:08 - 2019-08-29 04:52 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2019-09-11 11:08 - 2019-08-29 04:52 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2019-09-11 11:08 - 2019-08-29 04:52 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2019-09-11 11:08 - 2019-08-29 04:52 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2019-09-11 11:08 - 2019-08-29 04:51 - 001670784 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2019-09-11 11:08 - 2019-08-29 04:50 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2019-09-11 11:08 - 2019-08-29 04:50 - 001211392 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2019-09-11 11:08 - 2019-08-29 04:50 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2019-09-11 11:08 - 2019-08-29 04:50 - 001078784 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll 2019-09-11 11:08 - 2019-08-29 04:50 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2019-09-11 11:08 - 2019-08-29 04:50 - 000733184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2019-09-11 11:08 - 2019-08-29 04:50 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2019-09-11 11:08 - 2019-08-29 04:50 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2019-09-11 11:08 - 2019-08-29 04:50 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2019-09-11 11:08 - 2019-08-29 04:50 - 000408576 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2019-09-11 11:08 - 2019-08-29 04:50 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2019-09-11 11:08 - 2019-08-29 04:50 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2019-09-11 11:08 - 2019-08-29 04:50 - 000317440 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2019-09-11 11:08 - 2019-08-29 04:50 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2019-09-11 11:08 - 2019-08-29 04:50 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2019-09-11 11:08 - 2019-08-29 04:50 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll 2019-09-11 11:08 - 2019-08-29 04:50 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2019-09-11 11:08 - 2019-08-29 04:50 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2019-09-11 11:08 - 2019-08-29 04:50 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll 2019-09-11 11:08 - 2019-08-29 04:50 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2019-09-11 11:08 - 2019-08-29 04:50 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2019-09-11 11:08 - 2019-08-29 04:50 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll 2019-09-11 11:08 - 2019-08-29 04:50 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2019-09-11 11:08 - 2019-08-29 04:50 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2019-09-11 11:08 - 2019-08-29 04:50 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2019-09-11 11:08 - 2019-08-29 04:50 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2019-09-11 11:08 - 2019-08-29 04:50 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2019-09-11 11:08 - 2019-08-29 04:50 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2019-09-11 11:08 - 2019-08-29 04:50 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2019-09-11 11:08 - 2019-08-29 04:50 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2019-09-11 11:08 - 2019-08-29 04:50 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2019-09-11 11:08 - 2019-08-29 04:50 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2019-09-11 11:08 - 2019-08-29 04:50 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2019-09-11 11:08 - 2019-08-29 04:50 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2019-09-11 11:08 - 2019-08-29 04:50 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2019-09-11 11:08 - 2019-08-29 04:50 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll 2019-09-11 11:08 - 2019-08-29 04:50 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2019-09-11 11:08 - 2019-08-29 04:50 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2019-09-11 11:08 - 2019-08-29 04:50 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2019-09-11 11:08 - 2019-08-29 04:50 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2019-09-11 11:08 - 2019-08-29 04:50 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2019-09-11 11:08 - 2019-08-29 04:50 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2019-09-11 11:08 - 2019-08-29 04:50 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2019-09-11 11:08 - 2019-08-29 04:50 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2019-09-11 11:08 - 2019-08-29 04:50 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2019-09-11 11:08 - 2019-08-29 04:50 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2019-09-11 11:08 - 2019-08-29 04:50 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2019-09-11 11:08 - 2019-08-29 04:50 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2019-09-11 11:08 - 2019-08-29 04:50 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2019-09-11 11:08 - 2019-08-29 04:50 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2019-09-11 11:08 - 2019-08-29 04:50 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2019-09-11 11:08 - 2019-08-29 04:50 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2019-09-11 11:08 - 2019-08-29 04:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2019-09-11 11:08 - 2019-08-29 04:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2019-09-11 11:08 - 2019-08-29 04:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2019-09-11 11:08 - 2019-08-29 04:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2019-09-11 11:08 - 2019-08-29 04:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2019-09-11 11:08 - 2019-08-29 04:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2019-09-11 11:08 - 2019-08-29 04:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2019-09-11 11:08 - 2019-08-29 04:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2019-09-11 11:08 - 2019-08-29 04:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2019-09-11 11:08 - 2019-08-29 04:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2019-09-11 11:08 - 2019-08-29 04:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2019-09-11 11:08 - 2019-08-29 04:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2019-09-11 11:08 - 2019-08-29 04:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2019-09-11 11:08 - 2019-08-29 04:27 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2019-09-11 11:08 - 2019-08-29 04:27 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll 2019-09-11 11:08 - 2019-08-29 04:22 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2019-09-11 11:08 - 2019-08-29 04:22 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2019-09-11 11:08 - 2019-08-29 04:22 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2019-09-11 11:08 - 2019-08-29 04:22 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2019-09-11 11:08 - 2019-08-29 04:22 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2019-09-11 11:08 - 2019-08-29 04:22 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2019-09-11 11:08 - 2019-08-29 04:22 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2019-09-11 11:08 - 2019-08-29 04:22 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2019-09-11 11:08 - 2019-08-29 04:21 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2019-09-11 11:08 - 2019-08-29 04:21 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2019-09-11 11:08 - 2019-08-29 04:21 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2019-09-11 11:08 - 2019-08-29 04:21 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2019-09-11 11:08 - 2019-08-29 04:21 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2019-09-11 11:08 - 2019-08-29 04:19 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2019-09-11 11:08 - 2019-08-29 04:19 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys 2019-09-11 11:08 - 2019-08-29 04:18 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2019-09-11 11:08 - 2019-08-29 04:15 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys 2019-09-11 11:08 - 2019-08-29 04:15 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys 2019-09-11 11:08 - 2019-08-29 04:15 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2019-09-11 11:08 - 2019-08-29 04:15 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys 2019-09-11 11:08 - 2019-08-29 04:15 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2019-09-11 11:08 - 2019-08-29 04:15 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2019-09-11 11:08 - 2019-08-29 04:14 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2019-09-11 11:08 - 2019-08-29 04:14 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys 2019-09-11 11:08 - 2019-08-29 04:14 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys 2019-09-11 11:08 - 2019-08-29 04:14 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys 2019-09-11 11:08 - 2019-08-29 04:14 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys 2019-09-11 11:08 - 2019-08-29 04:14 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys 2019-09-11 11:08 - 2019-08-29 04:14 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2019-09-11 11:08 - 2019-08-27 22:50 - 000390536 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2019-09-11 11:08 - 2019-08-27 21:59 - 000341896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2019-09-11 11:08 - 2019-08-27 05:41 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2019-09-11 11:08 - 2019-08-27 05:41 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2019-09-11 11:08 - 2019-08-27 05:27 - 000579072 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2019-09-11 11:08 - 2019-08-27 05:27 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2019-09-11 11:08 - 2019-08-27 05:27 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2019-09-11 11:08 - 2019-08-27 05:27 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2019-09-11 11:08 - 2019-08-27 05:26 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2019-09-11 11:08 - 2019-08-27 05:20 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2019-09-11 11:08 - 2019-08-27 05:19 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2019-09-11 11:08 - 2019-08-27 05:17 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2019-09-11 11:08 - 2019-08-27 05:16 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2019-09-11 11:08 - 2019-08-27 05:16 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2019-09-11 11:08 - 2019-08-27 05:15 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2019-09-11 11:08 - 2019-08-27 05:15 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2019-09-11 11:08 - 2019-08-27 05:15 - 000790528 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2019-09-11 11:08 - 2019-08-27 05:08 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2019-09-11 11:08 - 2019-08-27 05:05 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2019-09-11 11:08 - 2019-08-27 05:03 - 000496128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2019-09-11 11:08 - 2019-08-27 05:03 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2019-09-11 11:08 - 2019-08-27 05:02 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2019-09-11 11:08 - 2019-08-27 05:02 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2019-09-11 11:08 - 2019-08-27 05:01 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2019-09-11 11:08 - 2019-08-27 04:59 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2019-09-11 11:08 - 2019-08-27 04:58 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2019-09-11 11:08 - 2019-08-27 04:58 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2019-09-11 11:08 - 2019-08-27 04:56 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2019-09-11 11:08 - 2019-08-27 04:56 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2019-09-11 11:08 - 2019-08-27 04:55 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2019-09-11 11:08 - 2019-08-27 04:54 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2019-09-11 11:08 - 2019-08-27 04:54 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2019-09-11 11:08 - 2019-08-27 04:53 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2019-09-11 11:08 - 2019-08-27 04:53 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2019-09-11 11:08 - 2019-08-27 04:53 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2019-09-11 11:08 - 2019-08-27 04:52 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2019-09-11 11:08 - 2019-08-27 04:50 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2019-09-11 11:08 - 2019-08-27 04:45 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2019-09-11 11:08 - 2019-08-27 04:42 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2019-09-11 11:08 - 2019-08-27 04:40 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2019-09-11 11:08 - 2019-08-27 04:40 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2019-09-11 11:08 - 2019-08-27 04:40 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2019-09-11 11:08 - 2019-08-27 04:39 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2019-09-11 11:08 - 2019-08-27 04:39 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2019-09-11 11:08 - 2019-08-27 04:37 - 002132480 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2019-09-11 11:08 - 2019-08-27 04:37 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2019-09-11 11:08 - 2019-08-27 04:37 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2019-09-11 11:08 - 2019-08-27 04:36 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2019-09-11 11:08 - 2019-08-27 04:35 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2019-09-11 11:08 - 2019-08-27 04:34 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2019-09-11 11:08 - 2019-08-27 04:28 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2019-09-11 11:08 - 2019-08-27 04:27 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2019-09-11 11:08 - 2019-08-27 04:27 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2019-09-11 11:08 - 2019-08-27 04:26 - 004859392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2019-09-11 11:08 - 2019-08-27 04:26 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2019-09-11 11:08 - 2019-08-27 04:09 - 004387840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2019-09-11 11:08 - 2019-08-27 04:04 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2019-09-11 11:08 - 2019-08-27 04:04 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2019-09-11 11:08 - 2019-08-23 00:07 - 000628480 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2019-09-11 11:08 - 2019-08-21 03:59 - 000311008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2019-09-11 11:08 - 2019-08-21 03:56 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2019-09-11 11:08 - 2019-08-21 03:56 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll 2019-09-11 11:08 - 2019-08-21 03:56 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll 2019-09-11 11:08 - 2019-08-21 01:19 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2019-09-11 11:08 - 2019-08-20 06:24 - 000385248 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2019-09-11 11:08 - 2019-08-20 06:21 - 000101376 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2019-09-11 11:08 - 2019-08-20 06:21 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2019-09-11 11:08 - 2019-08-20 06:21 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2019-09-11 11:08 - 2019-08-20 06:21 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2019-09-11 11:08 - 2019-08-20 04:47 - 001251840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2019-09-11 11:08 - 2019-08-14 07:22 - 000374496 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys 2019-09-11 11:08 - 2019-08-14 06:52 - 000455680 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2019-09-11 11:08 - 2019-08-14 00:20 - 000162016 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2019-09-11 11:08 - 2019-08-14 00:19 - 000988384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2019-09-11 11:08 - 2019-08-14 00:19 - 000267488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys 2019-09-11 11:08 - 2019-08-14 00:16 - 001009664 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll 2019-09-11 11:08 - 2019-08-14 00:16 - 000484864 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll 2019-09-11 11:08 - 2019-08-14 00:15 - 000732160 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2019-09-11 11:08 - 2019-08-14 00:15 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2019-09-11 11:08 - 2019-08-14 00:15 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll 2019-09-11 11:08 - 2019-08-14 00:13 - 000833536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll 2019-09-11 11:08 - 2019-08-14 00:13 - 000363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll 2019-09-11 11:08 - 2019-08-14 00:13 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2019-09-11 11:08 - 2019-08-13 04:58 - 001312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll 2019-09-11 11:08 - 2019-08-13 04:58 - 000475648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxbde40.dll 2019-09-11 11:08 - 2019-08-13 04:58 - 000353280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll 2019-09-11 11:08 - 2019-08-13 04:58 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll 2019-09-11 11:08 - 2019-08-13 02:56 - 002863104 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe 2019-09-11 11:08 - 2019-08-13 02:56 - 001712640 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2019-09-11 11:08 - 2019-08-13 02:56 - 001650176 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2019-09-11 11:08 - 2019-08-13 02:56 - 000802304 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2019-09-11 11:08 - 2019-08-13 02:56 - 000634368 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2019-09-11 11:08 - 2019-08-13 02:56 - 000501760 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll 2019-09-11 11:08 - 2019-08-13 02:56 - 000456192 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2019-09-11 11:08 - 2019-08-13 02:56 - 000315904 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2019-09-11 11:08 - 2019-08-13 02:56 - 000257024 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2019-09-10 20:55 - 2019-08-16 03:02 - 000123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe 2019-09-10 20:55 - 2019-08-16 02:56 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe 2019-09-10 19:51 - 2019-09-10 19:51 - 000010698 _____ C:\Users\Mavi\Documents\Citas Medicas.xlsx 2019-09-10 19:31 - 2019-09-10 19:31 - 000001345 _____ C:\Users\Mavi\Desktop\Photoshop.exe - Acceso directo.lnk 2019-09-10 19:29 - 2019-09-10 19:29 - 000000000 ____D C:\Users\Mavi\Desktop\Adobe Photoshop CS6 2019-09-10 18:53 - 2019-09-26 18:06 - 000000000 ____D C:\Users\Mavi\Documents\NATURGY 2019-09-10 18:46 - 2019-09-10 18:46 - 000000040 ____H C:\331FF0D3E3DD 2019-09-10 18:29 - 2019-09-10 18:29 - 000000000 ____D C:\Program Files\Common Files\Adobe 2019-09-09 13:19 - 2019-09-10 11:32 - 000000000 ____D C:\Users\Mavi\Documents\Vitaldent 2019-09-09 11:39 - 2019-09-09 11:39 - 000036142 _____ C:\Users\Mavi\.pdfbox.cache 2019-09-06 11:57 - 2019-09-06 11:57 - 000002522 _____ C:\Users\Mavi\Documents\startup.txt 2019-09-04 23:32 - 2019-09-04 23:32 - 000000000 ____D C:\Windows\CheckSur ==================== One month (modified) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-09-30 12:32 - 2017-02-28 00:59 - 000000988 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job 2019-09-30 05:07 - 2009-07-14 06:45 - 000035360 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2019-09-30 05:07 - 2009-07-14 06:45 - 000035360 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2019-09-29 22:32 - 2017-02-28 00:59 - 000000984 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job 2019-09-29 21:04 - 2017-01-11 15:39 - 000000000 ____D C:\Users\Mavi\AppData\Roaming\uTorrent 2019-09-29 21:01 - 2017-02-01 17:32 - 000000000 ____D C:\Users\Mavi\Desktop\Descargas 2019-09-29 21:01 - 2009-07-14 11:31 - 000820294 _____ C:\Windows\system32\perfh00A.dat 2019-09-29 21:01 - 2009-07-14 11:31 - 000187734 _____ C:\Windows\system32\perfc00A.dat 2019-09-29 21:01 - 2009-07-14 07:13 - 001863152 _____ C:\Windows\system32\PerfStringBackup.INI 2019-09-29 21:01 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf 2019-09-29 17:32 - 2017-10-24 13:35 - 000000000 ____D C:\Users\Mavi\AppData\Roaming\vlc 2019-09-29 17:07 - 2018-10-10 09:53 - 000000000 ____D C:\Users\Mavi\Downloads\Telegram Desktop 2019-09-29 02:45 - 2017-01-10 20:06 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2019-09-28 14:54 - 2018-10-10 09:42 - 000000000 ____D C:\Users\Mavi\AppData\Roaming\Telegram Desktop 2019-09-27 12:48 - 2017-10-31 23:17 - 000000000 ____D C:\Users\Mavi\AppData\Local\CrashDumps 2019-09-27 12:47 - 2017-01-20 14:29 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2019-09-27 11:14 - 2017-10-24 18:57 - 000000000 ____D C:\ProgramData\Package Cache 2019-09-26 21:10 - 2017-02-28 00:53 - 000000000 ___RD C:\Users\Mavi\Google Drive 2019-09-26 20:31 - 2016-12-01 12:16 - 000000000 ____D C:\Users\Mavi\AppData\Local\Google 2019-09-26 19:57 - 2018-10-03 12:39 - 000003546 _____ C:\Windows\system32\Tasks\AdobeGCInvoker-1.0-Mavi-PC-Mavi 2019-09-26 18:52 - 2018-10-09 09:56 - 000000000 ____D C:\ProgramData\Adobe 2019-09-26 14:02 - 2017-01-14 15:23 - 000000000 ____D C:\Users\Mavi\AppData\LocalLow\Adobe 2019-09-26 12:50 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2019-09-26 12:33 - 2017-10-24 22:38 - 001837738 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2019-09-26 11:33 - 2017-01-11 15:41 - 000000476 __RSH C:\ProgramData\ntuser.pol 2019-09-25 16:28 - 2017-10-31 16:59 - 000000000 ____D C:\Program Files (x86)\Corel 2019-09-24 11:08 - 2017-04-08 14:56 - 000000000 ____D C:\Program Files\Opera 2019-09-24 11:07 - 2017-04-08 14:57 - 000003840 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1491656257 2019-09-24 00:18 - 2017-11-11 14:54 - 000002182 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2019-09-21 20:51 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache 2019-09-21 20:14 - 2009-07-14 06:45 - 000377784 _____ C:\Windows\system32\FNTCACHE.DAT 2019-09-21 20:11 - 2017-11-13 10:44 - 000000000 ___SD C:\Windows\system32\CompatTel 2019-09-19 09:04 - 2017-02-28 00:59 - 000000000 ____D C:\Program Files (x86)\Dropbox 2019-09-17 12:21 - 2018-10-09 09:56 - 000000000 ____D C:\Users\Mavi\AppData\Local\Adobe 2019-09-17 12:21 - 2017-04-12 23:53 - 000004496 _____ C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier 2019-09-17 12:21 - 2017-01-14 15:46 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe 2019-09-17 12:21 - 2017-01-14 15:46 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2019-09-17 12:21 - 2017-01-10 20:06 - 000000000 ____D C:\Windows\system32\Macromed 2019-09-15 11:39 - 2017-01-11 15:41 - 000000000 ___SD C:\Users\Mavi\AppData\LocalLow\Temp 2019-09-13 03:48 - 2019-07-19 08:59 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys 2019-09-11 13:57 - 2017-02-28 10:00 - 000000000 ____D C:\Users\Mavi\Desktop\pc2music 2019-09-10 19:28 - 2017-02-28 10:00 - 000000000 ___RD C:\Users\Mavi\Dropbox 2019-09-10 18:41 - 2016-12-01 11:58 - 000000000 ____D C:\ProgramData\Adobe.BackupByPhotoshopPortable 2019-09-09 11:39 - 2018-09-26 09:13 - 000000000 ____D C:\Users\Mavi\.afirma 2019-09-09 11:39 - 2016-12-01 11:48 - 000000000 ____D C:\Users\Mavi 2019-09-08 12:18 - 2018-10-06 19:50 - 000000000 ____D C:\Users\Mavi\Documents\Mediña Mama 2019-09-08 11:30 - 2018-09-26 09:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2019-09-08 11:30 - 2018-09-26 09:04 - 000000000 ____D C:\Program Files\Java 2019-09-08 11:29 - 2018-09-26 09:05 - 000110064 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2019-09-08 11:28 - 2017-01-10 20:10 - 000000000 ____D C:\ProgramData\Oracle 2019-09-08 11:05 - 2009-07-14 07:09 - 000000000 ____D C:\Windows\system32\Tasks\WPD 2019-09-07 22:02 - 2009-07-14 06:57 - 000001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2019-09-04 23:28 - 2017-11-02 13:00 - 000004128 _____ C:\Windows\system32\Tasks\CCleaner Update 2019-09-04 16:58 - 2009-07-14 07:08 - 000032644 _____ C:\Windows\Tasks\SCHEDLGU.TXT ==================== Files in the root of some directories ================ 2017-09-27 22:45 - 2017-09-27 22:45 - 000145382 _____ () C:\Users\Mavi\AppData\Roaming\throne_1200x437-1-534x437.ico 2018-10-07 11:25 - 2018-10-09 09:57 - 000001025 _____ () C:\Users\Mavi\AppData\Local\oobelibMkey.log 2017-11-04 21:52 - 2017-11-04 21:52 - 001900178 _____ () C:\Users\Mavi\AppData\Local\Reis.tst 2018-08-13 21:19 - 2018-08-13 22:05 - 000007607 _____ () C:\Users\Mavi\AppData\Local\Resmon.ResmonCfg ==================== SigCheck =============================== (There is no automatic fix for files that do not pass verification.) LastRegBack: 2019-09-30 10:04 ==================== End of FRST.txt ============================