¿Como eliminar el malware de RayBan en Facebook?

Buenos días, Desde hace unos días en la Biografía de mi cuenta de Facebook aparecen publicados unos extraños anuncios de Ray Ban, con su imagen, su link a la tienda e incluso se han tomado la molestia de etiquetar cuidadosamente a mis contactos… FAVORITOS! El caso es que me he puesto manos a la obra, y he cambiado la contraseña a mi cuenta de Facebook, y luego he eliminado y cerrado las demás sesiones alla donde las tuviera abiertas, acto seguido he pasado mi antivirus “Avast Premium Security” y tambien el MalwareBytes… cuando me creía protegido y desinfectado, esta tarde veo lo que vais a ver en la imagen… Otra vez el mismo anuncio… entonces entiendo que tal vez sea que el virus lo tengo en el móvil y he pasado el malwarebytes y otro antivirus… No han detectado nada…

Cierto es que he buscado por internet, foros, a ver si alguien le había pasado algo similar y si… pero en todos los casos son problemas de hace tiempo, ejemplo 2016, 2018, 2019… Pero a pesar de haber seguido sus pasos no he logrado deshacerme de este molesto… ¿“Malware”? No se siquiera que es…

  • Bien… parece que no puedo poner imagenes… aqui os dejo el link a la imagen.

Hola @Kastey y Bienvendio al Foro.!!!

Una consulta… tienes los navegadores(cualquiera de los que uses) con la sincronización de usuario activada entre tus distintos dispositivos…??

Dinos también que sistema operativo usas en ese equipo…??

Saludos.

No estoy seguro si he comprendido bien la pregunta… ¿Que si estoy logueado con mi cuenta de Gmail en el Chrome para sincronizar los marcadores por ejemplo? En mi PC uso chrome y en el móvil uso la app, y estoy logueado en gmail y en Facebook.

Edito: En mi pc tengo windows 10 Home y en el Smartphone tengo Android (Xiaomi redmi note)

Pues lo primero que debes hacer es eliminar/desactivar la sincronizacion o logueo del usuario que tengas en los distintos navegadores que uses.

E inmediatamente verificar tu equipo siguiendo estos pasos, en el orden indicado y leyendo todo lo explicado. :+1:

:one: Desactiva temporalmente el Antivirus :arrow_forward: [Cómo deshabilitar temporalmente su Antivirus , mientras estemos realizando TODOS los pasos.

Vamos a descargar en TU ESCRITORIO(y NO en otro lugar :face_with_monocle:) todas las herramientas que vamos a utilizar en este procedimiento (pero no las ejecutes todavía) :


:two: Ejecutas las herramientas de una en una y en el orden indicado :



CCleaner.-

  • Instalas y Ejecutas CCleaner siguiendo los pasos indicados en el manual.

  • Úsalo primero en su opción de Limpiador para borrar cookies, temporales de Internet y todos los archivos que te muestre como obsoletos.

  • Después usa su opción de Registro para limpiar todo el registro de Windows(haciendo copia de seguridad).

Malwarebytes.-

  • Instalas y Ejecutas MBAM siguiendo los pasos indicados en el manual.

  • Realiza un Análisis Personalizado. :white_check_mark:

  • Seleccionando TODOS a Cuarentena para enviarlo a la cuarentena y Reinicias el sistema.

  • En el apartado del programa :arrow_forward: Historial de detecciones :arrow_backward: encontrarás el informe de MBAM, que debes copiar y pegar en tu próxima respuesta, para poder analizarlo.

AdwCleaner.-

  • Ejecuta Adwcleaner.exe.

  • Pulsamos en el botón Analizar ahora, y espera a que se realice el proceso, inmediatamente pulsa siempre sobre el botón Iniciar Reparación.

  • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.

  • El log/informe lo encontramos en la pestaña “Informes”, volviendo a abrir el programa si fuese necesario, para poder copiarlo y pegarlo en tu próxima respuesta.

  • El informe también se puede encontrar en C:\AdwCleaner\Logs\AdwCleaner[C00].txt

Junkware Removal Tool.-

  • Ejecuta JRT.exe.

  • Y pulsar cualquier tecla para continuar, esperar pacientemente a que termine el proceso.

  • Si en algún momento te pide Reiniciar hazlo.

  • Al finalizar, un registro/informe (JRT.txt) se guardara en el escritorio y se abrirá automáticamente.

  • Copia y pega el contenido de JRT.txt en tu próxima respuesta.

Farbar Recovery Scan Tool.-

  • Ejecuta FRST.exe.

  • En el mensaje de la ventana del Disclaimer/Responsabilidad, pulsamos Sí/Yes

  • En la ventana principal pulsamos en el botón Analizar/Scan y esperamos a que concluya el proceso.

  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

:three: Poner los informes en tu próxima respuesta de :

  • Malwarebytes, AdwCleaner, JRT, FRST + Addition.txt, y en ese orden. :+1:

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(más de 64.000 caracteres aprox.).

Y nos cuentas como funciona tu equipo en relación al problema planteado. :face_with_monocle:

Saludos.

Mi reporte de MalwareBytes
Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 28/6/20
Hora del análisis: 17:28
Archivo de registro: 118955ca-b954-11ea-98e7-d80f99786f9e.json

-Información del software-
Versión: 4.1.0.56
Versión de los componentes: 1.0.955
Versión del paquete de actualización: 1.0.26109
Licencia: Gratis

-Información del sistema-
SO: Windows 10 (Build 18362.900)
CPU: x64
Sistema de archivos: NTFS
Usuario: DESKTOP-E38C84M\David

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 337555
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 0 min, 29 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 0
(No hay elementos maliciosos detectados)

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)
# -------------------------------
# Malwarebytes AdwCleaner 8.0.5.0
# -------------------------------
# Build:    05-25-2020
# Database: 2020-06-15.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    06-28-2020
# Duration: 00:00:19
# OS:       Windows 10 Home
# Scanned:  31836
# Detected: 45


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.AdvancedSystemCare C:\Users\David\AppData\Roaming\IObit\Advanced SystemCare
PUP.Optional.Legacy             C:\Users\Public\Documents\Downloaded Installers
PUP.Optional.SlimCleanerPlus    C:\Users\David\AppData\Local\slimware utilities inc
PUP.Optional.WebCompanion       C:\ProgramData\Application Data\Lavasoft\Web Companion

***** [ Files ] *****

PUP.Optional.Legacy             C:\Windows\System32\drivers\swdumon.sys

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.DriverUpdate       HKLM\SYSTEM\Setup\FirstBoot\Services\SWDUMon
PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
PUP.Optional.WebCompanion       HKCU\Software\Lavasoft\Web Companion
PUP.Optional.WebCompanion       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
PUP.Optional.WebCompanion       HKLM\Software\Wow6432Node\Lavasoft\Web Companion

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.HPAudioSwitch   Folder   C:\Program Files (x86)\HP\HPAUDIOSWITCH 
Preinstalled.HPAudioSwitch   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D0B60A55-48CC-445A-A4E4-BD23149A087F}  
Preinstalled.HPAudioSwitch   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HPAudioSwitch 
Preinstalled.HPAudioSwitch   Task   C:\Windows\System32\Tasks\HPAUDIOSWITCH 
Preinstalled.HPCeement   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{31DA2BE4-B9DB-4EB5-AD11-A1BBE7B28980}  
Preinstalled.HPCeement   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{31DA2BE4-B9DB-4EB5-AD11-A1BBE7B28980}  
Preinstalled.HPCeement   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HPCeeScheduleForDavid 
Preinstalled.HPCeement   Task   C:\Windows\System32\Tasks\HPCEESCHEDULEFORDAVID 
Preinstalled.HPCeement   Task   C:\Windows\Tasks\HPCEESCHEDULEFORDAVID.JOB 
Preinstalled.HPJumpStartApps   Folder   C:\Program Files (x86)\HP\HP JUMPSTART APPS 
Preinstalled.HPJumpStartApps   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\HP JumpStart Apps 
Preinstalled.HPJumpStartBridge   Folder   C:\Program Files (x86)\HP\HP JUMPSTART BRIDGE 
Preinstalled.HPJumpStartLaunch   Folder   C:\Program Files (x86)\HP\HP JUMPSTART LAUNCH 
Preinstalled.HPJumpStartLaunch   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3D3D9836-7897-4812-8288-6825E9F4E196}  
Preinstalled.HPJumpStartLaunch   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HPJumpStartLaunch 
Preinstalled.HPJumpStartLaunch   Task   C:\Windows\System32\Tasks\HPJUMPSTARTLAUNCH 
Preinstalled.HPRegistrationService   Folder   C:\Program Files (x86)\HP\HP REGISTRATION SERVICE 
Preinstalled.HPRegistrationService   Folder   C:\ProgramData\HP\HP REGISTRATION SERVICE 
Preinstalled.HPSupportAssistant   Folder   C:\HP\SUPPORT 
Preinstalled.HPSupportAssistant   Folder   C:\Program Files (x86)\HEWLETT-PACKARD\HP CUSTOMER FEEDBACK 
Preinstalled.HPSupportAssistant   Folder   C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK 
Preinstalled.HPSupportAssistant   Folder   C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT SOLUTIONS 
Preinstalled.HPSupportAssistant   Folder   C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK 
Preinstalled.HPSupportAssistant   Folder   C:\Users\David\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK 
Preinstalled.HPSupportAssistant   Folder   C:\Users\David\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK 
Preinstalled.HPSupportAssistant   Folder   C:\Windows\System32\config\systemprofile\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK 
Preinstalled.HPSupportAssistant   Registry   HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} 
Preinstalled.HPSupportAssistant   Registry   HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} 
Preinstalled.HPSupportAssistant   Registry   HKLM\Software\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} 
Preinstalled.HPSupportAssistant   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} 
Preinstalled.HPSupportAssistant   Registry   HKLM\Software\Wow6432Node\\Classes\CLSID\{C0ABBA07-B636-47B8-B9E1-BB96D7CD4831} 
Preinstalled.HPSupportAssistant   Registry   HKLM\Software\Wow6432Node\\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} 
Preinstalled.HPSupportAssistant   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} 
Preinstalled.HPSupportAssistant   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4780AF24-213D-4187-86F2-0014A6D6077B} 
Preinstalled.HPSureConnect   Folder   C:\Program Files\HPCOMMRECOVERY 



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Home x64 
Ran by David (Administrator) on 28/06/2020 at 17:44:31,78
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 3 

Successfully deleted: C:\ProgramData\mntemp (File) 
Successfully deleted: C:\ProgramData\productdata (Folder) 
Successfully deleted: C:\WINDOWS\system32\Tasks\Driver Booster SkipUAC (David) (Task)



Registry: 1 

Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\SWDUMon (Registry Key) 




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 28/06/2020 at 17:46:11,93
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 28-06-2020
Ejecutado por David (administrador) sobre DESKTOP-E38C84M (HP OMEN by HP Desktop PC 880-p0xx) (28-06-2020 17:56:24)
Ejecutado desde C:\Users\David\Desktop
Perfiles cargados: David
Platform: Windows 10 Home Versión 1909 18363.900 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: Chrome
Modo de Inicio: Normal
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems, Incorporated -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine VPN\VpnSvc.exe
(Avast Software s.r.o. -> AVAST Software) D:\Archivos de Programa\Avast Antivirus\afwServ.exe
(Avast Software s.r.o. -> AVAST Software) D:\Archivos de Programa\Avast Antivirus\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) D:\Archivos de Programa\Avast Antivirus\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) D:\Archivos de Programa\Avast Antivirus\AvastUI.exe <2>
(Avast Software s.r.o. -> AVAST Software) D:\Archivos de Programa\Avast Antivirus\wsc_proxy.exe
(Brother Industries, Ltd.) [Archivo no firmado] [El archivo está en uso] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <8>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(Intel(R) Corporation -> Intel Corporation) C:\Program Files\Intel\IntelSGXPSW\bin\x64\Release\aesm_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Extreme Tuning Utility -> Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(LogMeIn, Inc. -> LogMeIn Inc.) D:\Archivos de Programa\hamachi\x64\hamachi-2.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) D:\Archivos de Programa\hamachi\x64\LMIGuardianSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.242\WsAppService.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9268168 2018-06-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [231640 2016-09-20] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
HKLM\...\Run: [AvastUI.exe] => D:\Archivos de Programa\Avast Antivirus\AvLaunch.exe [108136 2020-06-16] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [18727048 2018-10-05] (Logitech Inc -> Logitech Inc.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2015-02-03] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [1062392 2017-02-03] (HP Inc. -> HP Inc.)
HKLM-x32\...\Run: [RtlS5Wake] => C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe [1660760 2017-06-26] (Realtek Semiconductor Corp. -> Realtek)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2015-01-29] (Brother Industries, Ltd.) [Archivo no firmado] [El archivo está en uso]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4517376 2014-11-11] (Brother Industries, Ltd.) [Archivo no firmado] [El archivo está en uso]
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [1939968 2014-10-22] (Brother Industries, Ltd.) [Archivo no firmado] [El archivo está en uso]
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => D:\Archivos de Programa\hamachi\hamachi-2-ui.exe [5890504 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [644552 2019-07-04] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1851040 2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\windows\system32\AdobePDF.dll [54944 2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.116\Installer\chrmstp.exe [2020-06-25] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine VPN.lnk [2020-02-01]
ShortcutTarget: Avast SecureLine VPN.lnk -> C:\Program Files\AVAST Software\SecureLine VPN\Vpn.exe (AVAST Software s.r.o. -> AVAST Software)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
CHR HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {00BD9EA2-2F47-48D3-93DB-DB5DDA81CCF9} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {032DE6AD-A93A-49F0-AD69-EF23412F87CF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe
Task: {0B17A2FE-3517-432A-B1E8-2A52790C903B} - no ruta de acceso de archivo
Task: {0F8445FC-5358-4EC2-B093-702BF712393E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23756168 2020-06-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {2001E0BC-7DFC-40EB-8671-98230524D5F3} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-05-22] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {34ABFDF3-4860-4B46-A97B-49DB7FF3EAB9} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {34E8BDA5-1C9F-4A0F-932B-7E0AAB7509DF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [134008 2020-03-25] (HP Inc. -> HP Inc.)
Task: {41A7CDD9-A9CA-4A3E-A8DE-6A82A99FB07E} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5F17E4F0-16EF-4556-8B86-D0002985E493} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6060987E-2AC2-4A37-B86B-8E1C471F0524} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [662872 2020-04-30] (HP Inc. -> HP Inc.)
Task: {61E2BF62-B817-4E12-B02B-C8CBE837CD01} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6058928 2020-06-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {65D19CD2-3629-4E03-9DB2-A59E892FA47D} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\AVAST Software\SecureLine VPN\VpnUpdate.exe [1390472 2020-02-01] (AVAST Software s.r.o. -> AVAST Software)
Task: {66B6D464-B880-471A-8621-7F33B38A543B} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {6A9B7AA9-3C92-4AD2-B34E-B9E672A94925} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [24690360 2020-05-22] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {7BA36A1B-EDDA-4750-8F5A-B9579E954AC2} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [543536 2016-12-05] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {7F1FCA10-1DF2-4722-98E7-392D729A6FC3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {7F689751-F702-4A71-8178-889785A33359} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-19] (Google Inc -> Google Inc.)
Task: {850FD3D8-9BA4-4BEA-B016-03B7FC98E4A4} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [171368 2020-06-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {86C5859D-BD5E-4B53-81BC-D6D8E0CDD686} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {889CC9E3-53CC-4748-A556-588F021F77D0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {8B9FE12F-A414-4771-A07D-20C83D26C521} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [171368 2020-06-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {A5D04049-90D8-480E-BFF9-5A1F1DD05715} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B14DDC45-8D64-4C64-B9DB-E1A043907541} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B1B42494-7B15-44EE-A711-9B7C7AF7790E} - System32\Tasks\Avast Emergency Update => D:\Archivos de Programa\Avast Antivirus\AvEmUpdate.exe [3314272 2020-06-16] (Avast Software s.r.o. -> AVAST Software)
Task: {B67DC35D-7BEB-460A-A374-7BD865BC384F} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {BA4A9844-76E1-4CFA-AD33-ABEE95E32D60} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1660520 2020-02-27] (Avast Software s.r.o. -> Avast Software)
Task: {BF3267F7-2462-4E69-8E9E-F0CEF1B8CF46} - no ruta de acceso de archivo
Task: {C575350A-5476-440B-A5DC-17B2166AB51B} - System32\Tasks\NCH Software\VideoPadSevenDays => C:\Program Files (x86)\NCH Software\VideoPad\VideoPad.exe [7458888 2020-06-09] (NCH Software, Inc. -> NCH Software)
Task: {CAEE89CE-8E35-4B04-906B-B6A273259540} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6058928 2020-06-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {D05A529A-014B-46C8-8A1A-C72B96557684} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe
Task: {D1CD7EA4-0349-417F-A5A5-7FB2698FE18E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-19] (Google Inc -> Google Inc.)
Task: {DAF6B250-2023-47BE-9373-E648541A83BC} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DDE1A8D3-1887-4225-B5E5-D64FD444F86B} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EC7D0B73-726E-4D3B-952E-B163B15D957B} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F16E7D56-0EF3-45E6-9F70-8DDA14743CF3} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9268168 2018-06-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {F2FF2A14-0B9E-47AF-9815-73A0847A7F22} - System32\Tasks\NCH Software\VideoPadCacheDeleteAll => C:\Program Files (x86)\NCH Software\VideoPad\videopad.exe [7458888 2020-06-09] (NCH Software, Inc. -> NCH Software)
Task: {F588E3B9-F328-4B51-8BD5-A1CF92B9F278} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3293168 2020-04-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F82F3D60-CED6-44CC-A92A-DD0AB23F9782} - System32\Tasks\OMEN Command Center BackGround Process => C:\Program [Argument = Files\HP\OMEN Ally\HPOMENBG.exe]
Task: {FD39FFF1-374C-4C89-B3E5-3B73E4A781F7} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23756168 2020-06-05] (Microsoft Corporation -> Microsoft Corporation)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)


==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Hosts: Hay más de una entrada en Hosts. Consulte la sección Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 80.58.61.250 80.58.61.254
Tcpip\..\Interfaces\{71ec7f79-fcf9-4976-8b76-0558eb1a3866}: [NameServer] 100.120.84.1
Tcpip\..\Interfaces\{8023d4d5-0cd3-489b-8a60-7e85e348faa1}: [DhcpNameServer] 80.58.61.250 80.58.61.254
Tcpip\..\Interfaces\{be3059cd-1224-47e4-be7b-2da6b41542c8}: [DhcpNameServer] 80.58.61.250 80.58.61.254

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-2644717441-683041095-4193322048-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-2644717441-683041095-4193322048-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE03&ocid=UE03DHP
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2644717441-683041095-4193322048-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_221\bin\ssv.dll [2019-07-22] (Oracle America, Inc. -> Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-07-22] (Oracle America, Inc. -> Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-05-21] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-06-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-06-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-06-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-06-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-06-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-06-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-06-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-06-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} -  Ningún archivo

Edge: 
======
Edge DefaultProfile: Default
Edge Profile: C:\Users\David\AppData\Local\Microsoft\Edge\User Data\Default [2020-06-28]
Edge DownloadDir: C:\Users\David\Downloads
Edge HomePage: Default -> hxxps://www.google.es/
Edge Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\David\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2020-05-23]
Edge Extension: (Social Video Downloader) - C:\Users\David\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kfnnoammpigcglgbhcbbdpnekbcddahe [2020-05-23]
Edge Extension: (vidIQ Vision for YouTube) - C:\Users\David\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pachckjkecffpdphbpmfolblodfkgbhl [2020-06-13]

FireFox:
========
FF DefaultProfile: i2felzn8.default-1575663548002
FF ProfilePath: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\dmnzhjie.default-esr [2020-06-28]
FF ProfilePath: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\i2felzn8.default-1575663548002 [2020-06-28]
FF Homepage: Mozilla\Firefox\Profiles\i2felzn8.default-1575663548002 -> hxxps://duckduckgo.com/
FF Extension: (Forecastfox (fix version)) - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\i2felzn8.default-1575663548002\Extensions\[email protected]_fix_version.xpi [2019-12-07]
FF Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\i2felzn8.default-1575663548002\Extensions\[email protected] [2019-02-07]
FF Extension: (JavaAPI-Redirector) - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\i2felzn8.default-1575663548002\Extensions\{592a7624-ad88-4d43-aec3-e940dcad653a}.xpi [2020-02-18]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat DC - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2020-05-05] [Heredado] [no firmado]
FF Plugin: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-07-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-07-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-05-21] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-05-21] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-04] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)
StartMenuInternet: Firefox-8D1AA4ACB232B2DC - D:\Archivos de Programa\Mozilla\firefox.exe

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Default [2020-06-28]
CHR DownloadDir: C:\Users\David\Desktop
CHR Notifications: Default -> hxxps://www.yelmocines.es
CHR HomePage: Default -> hxxps://www.google.es/
CHR StartupUrls: Default -> "hxxp://www.google.es/"
CHR Extension: (Documentos) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-05-19]
CHR Extension: (Google Drive) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (YouTube) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-05-19]
CHR Extension: (Adblock Plus - bloqueador de anuncios gratis) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-04-06]
CHR Extension: (vidIQ for Chrome) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\cppnjmdljhemhdachecffocboniemifa [2018-05-19]
CHR Extension: (Hojas de cálculo) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-05-19]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-05-22]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-09-30]
CHR Extension: (vidIQ Vision for YouTube) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pachckjkecffpdphbpmfolblodfkgbhl [2020-06-26]
CHR Extension: (Gmail) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-16]
CHR Extension: (Chrome Media Router) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-05-28]
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-06-28]
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\System Profile [2020-06-28]
CHR HKU\S-1-5-21-2644717441-683041095-4193322048-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 AESMService; C:\Program Files\Intel\IntelSGXPSW\bin\x64\Release\aesm_service.exe [3759752 2016-05-18] (Intel(R) Corporation -> Intel Corporation)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3673680 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3406416 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 aswbIDSAgent; D:\Archivos de Programa\Avast Antivirus\aswidsagent.exe [6392728 2020-06-16] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; D:\Archivos de Programa\Avast Antivirus\AvastSvc.exe [348968 2020-06-16] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; D:\Archivos de Programa\Avast Antivirus\afwServ.exe [1052984 2020-06-16] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; D:\Archivos de Programa\Avast Antivirus\wsc_proxy.exe [58048 2020-06-16] (Avast Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8402648 2019-12-28] (BattlEye Innovations e.K. -> )
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [289792 2014-10-23] (Brother Industries, Ltd.) [Archivo no firmado] [El archivo está en uso]
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [134624 2017-04-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [10634632 2020-06-05] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [781440 2019-03-13] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 Hamachi2Svc; D:\Archivos de Programa\hamachi\x64\hamachi-2.exe [3361736 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (Hewlett-Packard Company -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379224 2020-05-20] (HP Inc. -> HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [630776 2017-02-06] (HP Inc. -> HP Inc.)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21304 2017-09-28] (Microsoft Corporation -> Microsoft Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [206472 2018-10-05] (Logitech Inc -> Logitech Inc.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-06-28] (Malwarebytes Inc -> Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [782320 2019-06-05] (NVIDIA Corporation -> NVIDIA Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324544 2018-06-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine VPN\VpnSvc.exe [6828424 2019-10-08] (AVAST Software s.r.o. -> AVAST Software)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [187904 2017-09-28] (Microsoft Corporation) [Archivo no firmado] [El archivo está en uso]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13088784 2020-05-25] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [694016 2020-01-14] (Oracle Corporation -> Oracle Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\NisSrv.exe [3284840 2020-02-03] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MsMpEng.exe [103168 2020-02-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.242\WsAppService.exe [495720 2018-08-29] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [18264 2017-09-27] (Intel(R) Extreme Tuning Utility -> Intel(R) Corporation)
S2 HPJumpStartBridge; "c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe" [X]

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

S3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2017-11-16] (AnchorFree Inc -> The OpenVPN Project)
S3 AIDA64Driver; D:\Archivos de Programa\AIDA64 Extreme\kerneld.x64 [45728 2016-03-21] (FinalWire Kft. -> )
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [205896 2020-06-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [235088 2020-06-16] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [178768 2020-06-16] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [60496 2020-06-16] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16304 2020-02-25] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42784 2020-06-16] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [175208 2020-06-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [506152 2020-06-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [109280 2020-06-16] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84856 2020-06-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851608 2020-06-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [462592 2020-06-16] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [216824 2020-06-16] (Avast Software s.r.o. -> AVAST Software)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2018-09-05] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [322256 2020-06-16] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-09-11] (Microsoft Corporation) [Archivo no firmado] [El archivo está en uso]
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-07-28] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-07-28] (Disc Soft Ltd -> Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2020-06-28] (Malwarebytes Corporation -> Malwarebytes)
S3 fiddrv64; no ImagePath
S3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2018-05-30] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-06-23] (Martin Malik - REALiX -> REALiX(tm))
R2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [38424 2017-09-15] (Intel Corporation -> Intel Corporation)
R3 ladfGSS; C:\WINDOWS\system32\drivers\ladfGSS.sys [45168 2018-10-05] (Logitech Inc -> Logitech Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech -> Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2018-10-05] (Logitech Inc -> Logitech Inc.)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-06-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-06-28] (Malwarebytes Inc -> Malwarebytes)
S3 netr28ux; C:\WINDOWS\system32\DRIVERS\netr28ux.sys [2258264 2017-12-12] (MEDIATEK INC. -> MediaTek Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvhdc.inf_amd64_1683e6c24d03a407\nvlddmkm.sys [21776528 2019-07-09] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2020-04-01] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [67456 2020-03-11] (NVIDIA Corporation -> NVIDIA Corporation)
R1 rtf64; C:\WINDOWS\system32\DRIVERS\rtf64x64.sys [46592 2017-02-24] (Realtek Semiconductor Corp. -> Realtek)
R0 secnvme; C:\WINDOWS\System32\drivers\secnvme.sys [82136 2018-06-23] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd)
R0 secnvmeF; C:\WINDOWS\System32\drivers\secnvmeF.sys [30672 2018-06-23] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd)
S3 SGXEPC; C:\WINDOWS\System32\drivers\sgx_driver.sys [52824 2016-05-18] (Intel Corporation -> Windows (R) Win 7 DDK provider)
R3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [237368 2020-01-14] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [248448 2020-01-14] (Oracle Corporation -> Oracle Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2020-02-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [376032 2020-02-03] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2020-02-03] (Microsoft Windows -> Microsoft Corporation)
S1 xlkfs; C:\WINDOWS\System32\DRIVERS\xlkfs.sys [44272 2016-05-26] (Yang Ping -> XOSLAB.COM)
S3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [54352 2016-08-18] (Intel Corporation -> Intel Corporation)
S3 MBAMFarflt; system32\DRIVERS\farflt.sys [X]
S3 MBAMWebProtection; \SystemRoot\system32\DRIVERS\mwac.sys [X]

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) ===================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-06-28 17:56 - 2020-06-28 17:56 - 000040405 _____ C:\Users\David\Desktop\FRST.txt
2020-06-28 17:56 - 2020-06-28 17:56 - 000000000 ____D C:\FRST
2020-06-28 17:46 - 2020-06-28 17:46 - 000000833 _____ C:\Users\David\Desktop\JRT.txt
2020-06-28 17:32 - 2020-06-28 17:34 - 000000000 ____D C:\AdwCleaner
2020-06-28 17:30 - 2020-06-28 17:30 - 000001547 _____ C:\Users\David\Desktop\sadasdasd.txt
2020-06-28 17:21 - 2020-06-28 17:21 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-06-28 17:21 - 2020-06-28 17:21 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-06-28 17:21 - 2020-06-28 17:21 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-06-28 17:21 - 2020-06-28 17:21 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-06-28 17:21 - 2020-06-28 17:21 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-06-28 17:21 - 2020-06-28 17:21 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-06-28 17:11 - 2020-06-28 17:11 - 002291712 _____ (Farbar) C:\Users\David\Desktop\FRST64.exe
2020-06-28 17:10 - 2020-06-28 17:10 - 008402608 _____ (Malwarebytes) C:\Users\David\Desktop\adwcleaner_8.0.5.exe
2020-06-28 17:10 - 2020-06-28 17:10 - 001988280 _____ (Malwarebytes) C:\Users\David\Desktop\MBSetup.exe
2020-06-28 17:10 - 2020-06-28 17:10 - 001790024 _____ (Malwarebytes) C:\Users\David\Desktop\JRT.exe
2020-06-27 22:55 - 2020-06-27 22:55 - 000007912 _____ C:\Users\David\AppData\Local\recently-used.xbel
2020-06-27 22:07 - 2020-06-27 22:07 - 000001224 _____ C:\Users\Public\Desktop\VideoPad, editor de vídeo.lnk
2020-06-27 22:07 - 2020-06-27 22:07 - 000000000 ____D C:\Users\David\Suite de NCH
2020-06-27 22:07 - 2020-06-27 22:07 - 000000000 ____D C:\ProgramData\NCH Software
2020-06-27 22:07 - 2020-06-27 22:07 - 000000000 ____D C:\Program Files (x86)\NCH Software
2020-06-27 22:05 - 2020-06-27 22:05 - 003007048 _____ (NCH Software) C:\Users\David\Desktop\vpsetup.exe
2020-06-26 23:25 - 2020-06-26 23:25 - 000000000 ____D C:\Malwarebytes
2020-06-25 23:28 - 2020-06-26 22:47 - 000000000 ____D C:\Users\David\AppData\Roaming\Panda Security
2020-06-25 23:27 - 2020-06-28 12:20 - 000000000 ____D C:\Program Files (x86)\Panda Security
2020-06-25 23:13 - 2020-06-25 23:13 - 000000000 ____D C:\Program Files\Malwarebytes
2020-06-25 20:39 - 2020-06-25 20:39 - 000000000 ____D C:\Users\David\Desktop\HOJALDRE DE QUESO DE CABRA Y CHAMPIÓNES
2020-06-25 20:26 - 2020-06-25 20:31 - 000000000 ____D C:\Users\David\Desktop\PASTAS SALADAS
2020-06-17 17:26 - 2020-06-17 17:26 - 004180735 _____ C:\Users\David\Documents\Sin nombre.xcf
2020-06-16 12:32 - 2020-06-16 12:32 - 000335976 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2020-06-16 12:32 - 2020-06-16 12:32 - 000216824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2020-06-16 12:32 - 2020-06-16 12:32 - 000175208 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2020-06-16 11:49 - 2020-06-16 11:49 - 000000000 ____D C:\Users\David\Documents\VideoPad Projects
2020-06-16 10:56 - 2020-06-27 22:07 - 000002118 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Suite de NCH.lnk
2020-06-16 10:56 - 2020-06-27 22:07 - 000001236 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoPad, editor de vídeo.lnk
2020-06-16 10:24 - 2020-06-16 10:24 - 000000000 ____D C:\Users\David\AppData\Local\Meltytech
2020-06-16 09:59 - 2020-06-16 10:02 - 000000000 ____D C:\Users\David\.openshot_qt
2020-06-14 12:20 - 2020-06-28 16:59 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-06-14 12:20 - 2020-06-28 16:59 - 000002236 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2020-06-14 12:20 - 2020-06-14 12:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-06-14 12:20 - 2020-06-14 12:20 - 000000000 ____D C:\Program Files\CCleaner
2020-06-13 22:16 - 2020-06-13 22:16 - 000000000 ____D C:\Users\David\AppData\LocalLow\3098htrhpen8ifg0
2020-06-13 22:16 - 2020-06-13 22:16 - 000000000 _____ C:\Users\David\AppData\Roaming\C10C.tmp
2020-06-13 22:16 - 2020-06-13 22:16 - 000000000 _____ C:\Users\David\AppData\Roaming\C0EC.tmp
2020-06-13 22:16 - 2020-06-13 22:16 - 000000000 _____ C:\Users\David\AppData\Roaming\BF16.tmp
2020-06-13 22:15 - 2020-06-13 22:15 - 000000000 _____ C:\Users\David\AppData\Roaming\7EFF.tmp
2020-06-13 22:15 - 2020-06-13 22:15 - 000000000 _____ C:\Users\David\AppData\Roaming\6924.tmp
2020-06-13 20:15 - 2020-06-13 20:15 - 000000000 ____D C:\Users\Public\Documents\Blackmagic Design
2020-06-13 20:15 - 2020-06-13 20:15 - 000000000 ____D C:\Users\David\Documents\Blackmagic Design
2020-06-13 20:14 - 2020-06-13 20:14 - 000000000 ____D C:\Users\David\AppData\Roaming\Blackmagic Design
2020-06-13 20:14 - 2020-06-13 20:14 - 000000000 ____D C:\ProgramData\Reprise
2020-06-13 20:11 - 2020-06-13 20:11 - 000000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blackmagic Design
2020-06-13 20:11 - 2020-06-13 20:11 - 000000000 ____D C:\ProgramData\Blackmagic Design
2020-06-13 20:08 - 2020-06-13 20:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blackmagic Design
2020-06-13 20:08 - 2020-06-13 20:12 - 000000000 ____D C:\Program Files (x86)\Blackmagic Design
2020-06-13 20:08 - 2020-06-13 20:08 - 000000000 ____D C:\Program Files\Blackmagic Design
2020-06-13 11:35 - 2020-06-13 11:35 - 000000000 ____D C:\Users\David\Documents\Apowersoft
2020-06-13 11:33 - 2020-06-13 11:33 - 000000000 ____D C:\Users\David\AppData\Roaming\Apowersoft
2020-06-12 17:34 - 2020-06-12 17:34 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 019851776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 019812864 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 018029056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 011608064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 009712640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 008015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 007760384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 007268864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 007012864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 006292480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 005909504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 004858880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 004610560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 004470272 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2020-06-12 17:34 - 2020-06-12 17:34 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 003822592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 003525608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 003515392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 003398656 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2020-06-12 17:34 - 2020-06-12 17:34 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-06-12 17:34 - 2020-06-12 17:34 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-06-12 17:34 - 2020-06-12 17:34 - 002494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 002281472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcndmgr.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 002230240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 002204160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 002184504 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 001803776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe
2020-06-12 17:34 - 2020-06-12 17:34 - 001704448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcndmgr.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 001637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 001539072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2020-06-12 17:34 - 2020-06-12 17:34 - 001467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 001410048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe
2020-06-12 17:34 - 2020-06-12 17:34 - 001344512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMNetMgr.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 001312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 001272160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 001151824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 001138688 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 001112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMNetMgr.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 001099608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdosys.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 001012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000994304 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapi3.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe
2020-06-12 17:34 - 2020-06-12 17:34 - 000940544 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000868352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2fs.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapi3.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000832512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdosys.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000747832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000740352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000686080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\psisdecd.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe
2020-06-12 17:34 - 2020-06-12 17:34 - 000575488 _____ (Microsoft® Windows® Operating System) C:\WINDOWS\system32\wvc.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msTextPrediction.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000571904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2020-06-12 17:34 - 2020-06-12 17:34 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000549376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2020-06-12 17:34 - 2020-06-12 17:34 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSCOMEX.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2020-06-12 17:34 - 2020-06-12 17:34 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\azroles.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000484864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\psisdecd.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000478208 _____ (Microsoft® Windows® Operating System) C:\WINDOWS\SysWOW64\wvc.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000466944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WalletService.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\termmgr.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000423424 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswmdm.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000398336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMM.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000398336 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\termmgr.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassdo.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswmdm.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Feedback.Analog.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000338944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WlanMM.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\CXHProvisioningServer.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000267776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000260096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wavemsp.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax
2020-06-12 17:34 - 2020-06-12 17:34 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\FileHistory.exe
2020-06-12 17:34 - 2020-06-12 17:34 - 000248320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wavemsp.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\cic.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax
2020-06-12 17:34 - 2020-06-12 17:34 - 000204008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityCenterBroker.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmidx.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpdxm.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cic.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000146944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmidx.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasrecst.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkspbrokerAx.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasnap.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2020-06-12 17:34 - 2020-06-12 17:34 - 000099712 _____ (Microsoft Corporation) C:\WINDOWS\system32\FsIso.exe
2020-06-12 17:34 - 2020-06-12 17:34 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkspbrokerAx.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000093448 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000083600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2020-06-12 17:34 - 2020-06-12 17:34 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasads.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeUISrv.exe
2020-06-12 17:34 - 2020-06-12 17:34 - 000041864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityCenterBrokerPS.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000028368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SecurityCenterBrokerPS.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-06-12 17:34 - 2020-06-12 17:34 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-06-12 17:33 - 2020-06-12 17:34 - 025902080 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 009931576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-06-12 17:33 - 2020-06-12 17:33 - 007911176 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 007604592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 007266080 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 006526448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 006435840 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 006091048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 006066808 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 005765144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 005283264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 005195432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 005111808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 005004344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 004565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-06-12 17:33 - 2020-06-12 17:33 - 004012032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 003726848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-06-12 17:33 - 2020-06-12 17:33 - 003712000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 003581240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-06-12 17:33 - 2020-06-12 17:33 - 003368104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 003187200 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 002831872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 002798592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-06-12 17:33 - 2020-06-12 17:33 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-06-12 17:33 - 2020-06-12 17:33 - 002656256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 002583496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 002289664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 002235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 001919488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 001743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 001683968 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 001654960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 001649152 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 001637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 001583104 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 001486336 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-06-12 17:33 - 2020-06-12 17:33 - 001466368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 001447424 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2020-06-12 17:33 - 2020-06-12 17:33 - 001416224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 001397560 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-06-12 17:33 - 2020-06-12 17:33 - 001393952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 001314304 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagperf.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 001284608 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 001283072 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 001274128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 001261568 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 001260744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 001250816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpsharercom.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 001215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2020-06-12 17:33 - 2020-06-12 17:33 - 001193984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 001158144 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 001155944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-06-12 17:33 - 2020-06-12 17:33 - 001153024 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 001100288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-06-12 17:33 - 2020-06-12 17:33 - 001073664 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 001055184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 001007104 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 001003832 _____ (Microsoft Corporation) C:\WINDOWS\system32\DismApi.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000992256 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2fs.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000932256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-06-12 17:33 - 2020-06-12 17:33 - 000931840 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkObjCore.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000929280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000897536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000894024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000892416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000892048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-06-12 17:33 - 2020-06-12 17:33 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowsperformancerecordercontrol.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000797464 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000783496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-06-12 17:33 - 2020-06-12 17:33 - 000782336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2020-06-12 17:33 - 2020-06-12 17:33 - 000760296 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000740664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DismApi.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntime.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000722072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000716320 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntimewindows.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000696832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000692224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000690176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkObjCore.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000684856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000651776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000628408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000619008 _____ (Microsoft Corporation) C:\WINDOWS\system32\azroles.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000614400 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000593424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000572200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000564496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-06-12 17:33 - 2020-06-12 17:33 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000553984 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-06-12 17:33 - 2020-06-12 17:33 - 000548984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000531768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2020-06-12 17:33 - 2020-06-12 17:33 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000522240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000518456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2020-06-12 17:33 - 2020-06-12 17:33 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000508720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000508216 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000467952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassdo.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000461112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000453944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2020-06-12 17:33 - 2020-06-12 17:33 - 000451864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-06-12 17:33 - 2020-06-12 17:33 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe
2020-06-12 17:33 - 2020-06-12 17:33 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000425056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000407864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwizeng.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000405936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000384512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000357176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpr.exe
2020-06-12 17:33 - 2020-06-12 17:33 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpviewerax.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-06-12 17:33 - 2020-06-12 17:33 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2020-06-12 17:33 - 2020-06-12 17:33 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\RASMM.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Preview.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000280376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Dism.exe
2020-06-12 17:33 - 2020-06-12 17:33 - 000271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpviewerax.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000264192 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000259776 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000242688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkEd.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\psr.exe
2020-06-12 17:33 - 2020-06-12 17:33 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpdMtp.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000223544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Dism.exe
2020-06-12 17:33 - 2020-06-12 17:33 - 000221496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-06-12 17:33 - 2020-06-12 17:33 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000209216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000201528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000199992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-06-12 17:33 - 2020-06-12 17:33 - 000196096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\psr.exe
2020-06-12 17:33 - 2020-06-12 17:33 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AarSvc.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000190048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdigest.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasrecst.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netprofm.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3mm.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2020-06-12 17:33 - 2020-06-12 17:33 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaatext.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000165832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2020-06-12 17:33 - 2020-06-12 17:33 - 000165296 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000165192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpdMtpUS.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000150328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2020-06-12 17:33 - 2020-06-12 17:33 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasnap.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2020-06-12 17:33 - 2020-06-12 17:33 - 000132424 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000130112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000129600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkStatus.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000128312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2020-06-12 17:33 - 2020-06-12 17:33 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMM.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaatext.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleprn.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000108856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000104248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\atl.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000090952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000089344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwanRadioManager.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2020-06-12 17:33 - 2020-06-12 17:33 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\RpcEpMap.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasads.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanRadioManager.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxGipRadioManager.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtutils.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollCtrl.exe
2020-06-12 17:33 - 2020-06-12 17:33 - 000063288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-06-12 17:33 - 2020-06-12 17:33 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtutils.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\NfcRadioMedia.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnosticsTool.exe
2020-06-12 17:33 - 2020-06-12 17:33 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnrollCtrl.exe
2020-06-12 17:33 - 2020-06-12 17:33 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-06-12 17:33 - 2020-06-12 17:33 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\atlthunk.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atlthunk.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-06-12 17:33 - 2020-06-12 17:33 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2020-06-12 17:33 - 2020-06-12 17:33 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-06-12 17:33 - 2020-06-12 17:33 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-06-12 17:33 - 2020-06-12 17:33 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-06-12 17:33 - 2020-06-12 17:33 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-06-12 17:33 - 2020-06-12 17:33 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-06-12 17:33 - 2020-06-12 17:33 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-06-12 17:33 - 2020-06-12 17:33 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-06-12 17:33 - 2020-06-12 17:33 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-06-12 17:33 - 2020-06-12 17:33 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-06-12 17:33 - 2020-06-12 17:33 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-06-12 17:33 - 2020-06-12 17:33 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-06-12 17:33 - 2020-06-12 17:33 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-06-12 17:33 - 2020-06-12 17:33 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-06-12 17:29 - 2020-06-12 17:29 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-06-12 17:29 - 2020-06-12 17:29 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-06-07 14:02 - 2020-06-07 14:40 - 000000000 ____D C:\WINDOWS\system32\Icons Mega Pack 2
2020-05-31 16:57 - 2020-05-31 16:57 - 000000000 ____D C:\Users\David\AppData\Local\Wondershare
2020-05-31 16:56 - 2020-06-13 13:15 - 000000000 ____D C:\Users\David\Documents\Wondershare Filmora 9

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-06-28 17:45 - 2017-06-12 07:28 - 000000000 ____D C:\ProgramData\NVIDIA
2020-06-28 17:44 - 2018-10-18 19:39 - 000000000 ____D C:\Users\David\AppData\Local\AVAST Software
2020-06-28 17:43 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-06-28 17:42 - 2019-06-22 18:22 - 001928048 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-06-28 17:42 - 2019-03-19 13:59 - 000828828 _____ C:\WINDOWS\system32\perfh00A.dat
2020-06-28 17:42 - 2019-03-19 13:59 - 000175072 _____ C:\WINDOWS\system32\perfc00A.dat
2020-06-28 17:42 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2020-06-28 17:35 - 2019-06-22 18:22 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-06-28 17:35 - 2019-06-22 18:15 - 005313128 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-06-28 17:35 - 2019-03-19 06:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-06-28 17:35 - 2018-07-21 11:20 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-06-28 17:34 - 2018-10-18 19:35 - 000000000 ____D C:\ProgramData\AVAST Software
2020-06-28 17:34 - 2018-06-23 00:43 - 000000000 ____D C:\Users\David\AppData\Roaming\IObit
2020-06-28 17:34 - 2018-05-19 18:30 - 000000000 ____D C:\Users\David\AppData\Roaming\Hewlett-Packard
2020-06-28 17:34 - 2018-05-19 18:28 - 000000000 ____D C:\Users\David\AppData\Local\Hewlett-Packard
2020-06-28 17:34 - 2017-04-13 11:29 - 000000000 ____D C:\ProgramData\HP
2020-06-28 17:34 - 2017-04-13 11:29 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2020-06-28 17:34 - 2017-04-13 11:28 - 000000000 ____D C:\Program Files (x86)\HP
2020-06-28 17:34 - 2017-04-13 11:28 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2020-06-28 17:21 - 2019-03-19 06:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-06-28 17:18 - 2019-01-13 15:45 - 000000000 ____D C:\Users\David\AppData\Local\LogMeIn Hamachi
2020-06-28 16:59 - 2020-05-23 08:48 - 000003580 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-06-28 16:59 - 2020-05-23 08:48 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-06-28 16:59 - 2020-05-05 20:48 - 000002612 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2020-06-28 16:59 - 2020-03-07 17:42 - 000003360 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{1FB9F847-7D32-430B-8327-F6E9FB31C766}
2020-06-28 16:59 - 2019-11-24 21:53 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2020-06-28 16:59 - 2019-11-24 21:53 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-06-28 16:59 - 2019-11-24 21:53 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-06-28 16:59 - 2019-11-24 21:53 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-06-28 16:59 - 2019-08-25 12:38 - 000002954 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-06-28 16:59 - 2019-06-22 18:22 - 000003550 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-06-28 16:59 - 2019-06-22 18:22 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-06-28 16:59 - 2019-06-22 18:22 - 000003326 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-06-28 16:59 - 2019-06-22 18:22 - 000003196 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-06-28 16:59 - 2019-06-22 18:22 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-06-28 16:59 - 2019-06-22 18:22 - 000003118 _____ C:\WINDOWS\system32\Tasks\Intel PTT EK Recertification
2020-06-28 16:59 - 2019-06-22 18:22 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-06-28 16:59 - 2019-06-22 18:22 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-06-28 16:59 - 2019-06-22 18:22 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-06-28 16:59 - 2019-06-22 18:22 - 000002500 _____ C:\WINDOWS\system32\Tasks\HPEA3JOBS
2020-06-28 16:59 - 2019-06-22 18:22 - 000002280 _____ C:\WINDOWS\system32\Tasks\RTKCPL
2020-06-28 16:59 - 2019-06-22 18:22 - 000002094 _____ C:\WINDOWS\system32\Tasks\OMEN Command Center BackGround Process
2020-06-28 16:59 - 2019-06-22 18:22 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2020-06-28 16:51 - 2020-05-05 20:47 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-06-28 16:46 - 2019-06-22 18:15 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-06-28 12:35 - 2018-06-06 14:44 - 000008051 _____ C:\WINDOWS\BRRBCOM.INI
2020-06-27 23:34 - 2018-05-27 19:07 - 000000000 ____D C:\Users\David\AppData\Local\babl-0.1
2020-06-27 23:26 - 2019-06-22 18:22 - 000000000 ____D C:\WINDOWS\system32\Tasks\NCH Software
2020-06-27 22:44 - 2018-12-07 13:47 - 000000000 ____D C:\Users\David\AppData\Local\gtk-2.0
2020-06-27 22:07 - 2019-06-22 17:39 - 000000000 ____D C:\Users\David
2020-06-27 22:07 - 2018-06-10 02:34 - 000000000 ____D C:\Users\David\AppData\Roaming\NCH Software
2020-06-27 16:56 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-06-27 16:56 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-06-27 14:29 - 2019-06-22 18:22 - 000004268 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-06-26 22:48 - 2018-10-18 19:53 - 000000000 ____D C:\ProgramData\Panda Security
2020-06-26 15:36 - 2020-05-23 08:48 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-06-25 23:30 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2020-06-25 23:30 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\GroupPolicy
2020-06-25 18:27 - 2018-05-19 18:45 - 000002306 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-06-16 16:17 - 2020-03-07 13:51 - 000000000 ____D C:\Program Files\Microsoft Office
2020-06-16 12:33 - 2019-05-25 03:08 - 000462592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2020-06-16 12:32 - 2020-04-09 14:16 - 000506152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2020-06-16 12:32 - 2019-05-30 19:23 - 000322256 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2020-06-16 12:32 - 2019-05-25 03:08 - 000851608 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2020-06-16 12:32 - 2019-05-25 03:08 - 000235088 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2020-06-16 12:32 - 2019-05-25 03:08 - 000205896 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2020-06-16 12:32 - 2019-05-25 03:08 - 000178768 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2020-06-16 12:32 - 2019-05-25 03:08 - 000109280 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2020-06-16 12:32 - 2019-05-25 03:08 - 000084856 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2020-06-16 12:32 - 2019-05-25 03:08 - 000060496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2020-06-16 12:32 - 2019-05-25 03:08 - 000042784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2020-06-14 17:47 - 2019-03-31 10:27 - 000000000 _____ C:\WINDOWS\system32\last.dump
2020-06-14 12:30 - 2018-07-21 11:20 - 000000000 ____D C:\Users\David\AppData\Roaming\TeamViewer
2020-06-14 12:30 - 2018-05-19 18:30 - 000000000 ____D C:\Users\David\AppData\Local\CrashDumps
2020-06-14 12:14 - 2020-05-20 15:40 - 000000863 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-06-14 11:18 - 2019-09-13 20:01 - 000000000 ____D C:\Users\David\.VirtualBox
2020-06-14 11:18 - 2019-09-13 20:01 - 000000000 ____D C:\ProgramData\VirtualBox
2020-06-13 23:53 - 2018-06-07 19:42 - 000000000 ____D C:\Users\David\AppData\Local\D3DSCache
2020-06-13 22:35 - 2018-05-19 19:46 - 000000000 ____D C:\Users\David\AppData\Roaming\NVIDIA
2020-06-13 22:19 - 2017-06-12 07:28 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2020-06-13 22:19 - 2017-06-12 07:28 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2020-06-13 22:19 - 2017-06-12 07:28 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2020-06-13 22:10 - 2018-05-26 11:49 - 000000000 ____D C:\Users\David\AppData\LocalLow\Mozilla
2020-06-13 14:20 - 2018-05-19 18:26 - 000000000 ____D C:\Users\David\AppData\Local\Packages
2020-06-13 13:00 - 2018-10-18 00:08 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2020-06-13 12:57 - 2018-10-18 00:09 - 000000000 ____D C:\Program Files (x86)\Wondershare
2020-06-13 10:48 - 2019-09-20 18:37 - 000000000 ___RD C:\Users\David\Google Drive
2020-06-12 18:20 - 2019-04-27 10:13 - 000000000 ___RD C:\Users\David\3D Objects
2020-06-12 18:20 - 2016-07-29 14:33 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-06-12 18:19 - 2019-03-19 14:02 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2020-06-12 18:19 - 2019-03-19 14:02 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2020-06-12 18:19 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2020-06-12 18:19 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\system32\F12
2020-06-12 18:19 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-06-12 18:19 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-06-12 18:19 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2020-06-12 18:19 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2020-06-12 18:19 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-06-12 18:19 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-06-12 18:19 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-06-12 18:19 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Com
2020-06-12 18:19 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2020-06-12 18:19 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-06-12 18:19 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-06-12 18:19 - 2017-06-12 07:30 - 000000000 ____D C:\ProgramData\Realtek
2020-06-12 17:35 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-06-12 17:33 - 2019-06-22 18:19 - 002876416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2020-06-07 13:43 - 2019-08-25 12:38 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-06-07 13:40 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-06-07 13:34 - 2020-05-21 13:07 - 000002404 _____ C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-06-07 13:34 - 2020-03-23 23:11 - 000000000 ___RD C:\Users\David\OneDrive
2020-06-05 23:03 - 2019-03-19 06:56 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-06-05 23:03 - 2019-03-19 06:56 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-05-31 17:00 - 2018-10-18 00:09 - 000000000 ____D C:\ProgramData\Wondershare
2020-05-29 16:50 - 2019-06-19 15:03 - 000000000 ____D C:\Program Files\UNP

==================== Archivos en la raíz de algunos directorios ========

2019-03-15 23:23 - 2019-01-14 23:23 - 000000032 ____R () C:\ProgramData\hash.dat
2020-06-13 22:15 - 2020-06-13 22:15 - 000000000 _____ () C:\Users\David\AppData\Roaming\6924.tmp
2020-06-13 22:15 - 2020-06-13 22:15 - 000000000 _____ () C:\Users\David\AppData\Roaming\7EFF.tmp
2020-06-13 22:16 - 2020-06-13 22:16 - 000000000 _____ () C:\Users\David\AppData\Roaming\BF16.tmp
2020-06-13 22:16 - 2020-06-13 22:16 - 000000000 _____ () C:\Users\David\AppData\Roaming\C0EC.tmp
2020-06-13 22:16 - 2020-06-13 22:16 - 000000000 _____ () C:\Users\David\AppData\Roaming\C10C.tmp
2018-12-07 18:36 - 2018-12-08 14:31 - 000531694 _____ () C:\Users\David\AppData\Roaming\VideoPad.dmp
2019-03-03 00:38 - 2019-03-03 00:39 - 000000013 _____ () C:\Users\David\AppData\Local\AstroImageFrameFileCache.xml
2019-03-03 00:38 - 2019-03-03 00:39 - 000001430 _____ () C:\Users\David\AppData\Local\AstroImageFrameSettings.xml
2018-05-19 18:26 - 2019-08-18 11:13 - 001124037 _____ () C:\Users\David\AppData\Local\BTServer.log
2020-05-06 08:57 - 2020-05-06 08:57 - 000000000 _____ () C:\Users\David\AppData\Local\oobelibMkey.log
2020-06-27 22:55 - 2020-06-27 22:55 - 000007912 _____ () C:\Users\David\AppData\Local\recently-used.xbel
2019-05-25 12:14 - 2019-05-25 12:14 - 000000056 _____ () C:\Users\David\AppData\Local\X-Plane 11 Preferences.prf
2019-05-25 12:20 - 2019-05-25 12:20 - 000000037 _____ () C:\Users\David\AppData\Local\X-Plane Installer.prf
2019-05-25 12:15 - 2019-05-25 12:15 - 000000022 _____ () C:\Users\David\AppData\Local\x-plane_install_11.txt

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================


Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 28-06-2020
Ejecutado por David (28-06-2020 17:57:16)
Ejecutado desde C:\Users\David\Desktop
Windows 10 Home Versión 1909 18363.900 (X64) (2019-06-22 16:22:26)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

Administrador (S-1-5-21-2644717441-683041095-4193322048-500 - Administrator - Disabled)
David (S-1-5-21-2644717441-683041095-4193322048-1001 - Administrator - Enabled) => C:\Users\David
DefaultAccount (S-1-5-21-2644717441-683041095-4193322048-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-2644717441-683041095-4193322048-1000 - Limited - Disabled) => C:\Users\defaultuser0
Invitado (S-1-5-21-2644717441-683041095-4193322048-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2644717441-683041095-4193322048-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}
FW: Avast Antivirus (Disabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

Actualización de NVIDIA 38.0.5.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.5.0 - NVIDIA Corporation) Hidden
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 20.009.20067 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 32.0.0.89 - Adobe Systems Incorporated)
AIDA64 Extreme v5.70 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.70 - FinalWire Ltd.)
Application Verifier x64 External Package (HKLM\...\{D9908CED-5ABB-FEE9-FC84-743F4D38637C}) (Version: 10.1.16299.15 - Microsoft) Hidden
Avast Premium Security (HKLM-x32\...\Avast Antivirus) (Version: 20.4.2410 - Avast Software)
Avast SecureLine VPN (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 5.5.522 - AVAST Software)
Backup and Sync from Google (HKLM\...\{FE296942-D2D3-4149-8895-60655FE4CFDE}) (Version: 3.49.9800.0000 - Google, Inc.)
Bitwar 6.42 (HKLM-x32\...\Bitwar) (Version: 6.42 - 廈門市百勝通軟件技術有限公司)
Brackets (HKLM-x32\...\{B35274F4-8BDD-4128-8329-A40D76D51DCC}) (Version: 1.14.17740 - brackets.io)
BrLauncher (HKLM-x32\...\{C661197A-6B93-4E37-9E3F-2A1DFCD64234}) (Version: 1.1.15.0 - Brother Industries Ltd.) Hidden
BrLogRx (HKLM-x32\...\{B556F816-FF4D-4BB6-9339-ED28639E2EF3}) (Version: 1.0.2.1 - Brother Industries Ltd.) Hidden
Brother Printer Driver (HKLM-x32\...\{0648F446-BAE9-402F-9BEC-8B333959D8FB}) (Version: 1.2.0.0 - Brother Industries Ltd.) Hidden
Brother Scanner Driver (HKLM-x32\...\{48F75879-6C29-4149-AFC4-B9F1CBA8528D}) (Version: 1.0.6.2 - Brother Industries Ltd.) Hidden
BrotherHelpInstaller (HKLM-x32\...\{4E461C2A-EC1C-46D1-AF5B-7FEFD0054AF8}) (Version: 1.0.0.0 - Brother) Hidden
BrSupportTools (HKLM-x32\...\{F8F9EB58-33BA-4FF8-80E7-66D87D2E0C3C}) (Version: 1.0.9.0 - Brother Industries Ltd.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.67 - Piriform)
Configurador_FNMT (HKLM-x32\...\{438D4C4C-B703-4971-9C3D-33FF8A010ADB}) (Version: 3.7 - FNMT-RCM)
ControlCenter4 (HKLM-x32\...\{9ADB625A-7F6D-4C48-9058-4767A55D5424}) (Version: 4.2.438.1 - Brother Insutries Ltd.) Hidden
CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.6.7503 - CyberLink Corp.)
DataNumen RAR Repair v2.1 (HKLM-x32\...\DataNumen RAR Repair v2.1) (Version:  - )
DaVinci Resolve (HKLM\...\{B57FC0A3-2BE3-4DDC-87DD-8FFE483A1262}) (Version: 16.0.0060 - Blackmagic Design)
DaVinci Resolve Panels (HKLM\...\{B1782967-E600-4BBD-B2F1-AEF3F2FE0A12}) (Version: 1.2.1.0 - Blackmagic Design)
DeviceDetect (HKLM-x32\...\{CEF07BDC-47F1-4477-8F3C-0E7132AF88C5}) (Version: 1.0.4.5 - Brother Industries Ltd.) Hidden
DreamTime (HKU\S-1-5-21-2644717441-683041095-4193322048-1001\...\cf31372a-3ee5-50d8-9438-4b00ca3fa77d) (Version: 1.4.4 - DreamNet)
eMule (HKLM-x32\...\eMule) (Version:  - )
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
Epic Games Launcher (HKLM-x32\...\{79F5479A-BF71-4F4C-9C49-9D616AF923DE}) (Version: 1.1.151.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Fairlight Audio Accelerator Utility (HKLM\...\FairlightAudioAccelerator_is1) (Version: 1.0.11 - Blackmagic Design)
Fairlight Studio Utility (HKLM\...\{8F81CF78-0ABF-45A7-9C22-C16D3BB6894A}) (Version: 1.1.1.0 - Blackmagic Design)
FakeApp (HKU\S-1-5-21-2644717441-683041095-4193322048-1001\...\FakeApp) (Version: 2.2.0 - deepfakeapp)
FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version:  - FileHippo.com)
GIMP 2.10.0 (HKLM\...\GIMP-2_is1) (Version: 2.10.0 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.116 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
HowToGuide (HKLM-x32\...\{36580EEB-4EDF-4880-BBD4-097E2C645ECD}) (Version: 1.0.1.0 - Brother Industries Ltd.) Hidden
HP Audio Switch (HKLM-x32\...\{BC852AA8-58F6-4F07-ACB1-7377E52CA4F3}) (Version: 1.0.150.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP ePrint SW (HKLM-x32\...\{5f8ec28f-ae40-408e-b950-1da32237e007}) (Version: 5.3.21679 - HP Inc.)
HP JumpStart Bridge (HKLM-x32\...\{D95E43DC-3E04-4AF0-853E-46D832A473FE}) (Version: 1.1.0.285 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{81CA40FD-E11B-4DC1-AE33-A71EB044B8B7}) (Version: 1.1.275.0 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{7759F11B-DF54-4726-9A01-61701580D786}) (Version: 12.16.22.11 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{EA91387C-F790-4BCF-BEFE-AB250314B56E}) (Version: 1.4.17 - HP Inc.)
Intel XTU SDK (HKLM-x32\...\{43A58350-CB99-4F4E-9BB6-F058D7B27985}) (Version: 1.0.7 - HP Inc.) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1004 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.0.1020 - Intel Corporation)
Intel® Processor Identification Utility (HKU\S-1-5-21-2644717441-683041095-4193322048-1001\...\Utilidad Intel® para identificación de procesadores 6.1.0731) (Version: 6.1.0731 - Intel Corporation)
Intel® Software Guard Extensions Platform Software (HKLM\...\{2DF17C75-9627-4213-8612-17955E92F782}) (Version: 1.6.101.32869 - Intel Corporation)
Java 8 Update 221 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180221F0}) (Version: 8.0.2210.11 - Oracle Corporation)
Java SE Development Kit 8 Update 181 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180181}) (Version: 8.0.1810.13 - Oracle Corporation)
Java(TM) SE Development Kit 13.0.2 (64-bit) (HKLM\...\{606493F9-D1F1-5355-BB8A-F0E30F1AFFED}) (Version: 13.0.2.0 - Oracle Corporation)
Kits Configuration Installer (HKLM-x32\...\{86E59C8F-61D5-1782-A3CE-60AE7E4D7791}) (Version: 10.1.16299.15 - Microsoft) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LibreOffice 6.1.0.3 (HKLM-x32\...\{4D5D4345-00D4-4AC5-A548-0ED7491A3EA9}) (Version: 6.1.0.3 - The Document Foundation)
Logitech Gaming Software 9.02 (HKLM\...\Logitech Gaming Software) (Version: 9.02.65 - Logitech Inc.)
LogMeIn Hamachi (HKLM-x32\...\{ECC0FA07-863E-44BC-8B1D-DA22F96E5FB7}) (Version: 2.2.0.633 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.633 - LogMeIn, Inc.)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 83.0.478.56 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.129.31 - )
Microsoft Office Profesional Plus 2019 - es-es (HKLM\...\ProPlus2019Retail - es-es) (Version: 16.0.12827.20336 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2644717441-683041095-4193322048-1001\...\OneDriveSetup.exe) (Version: 20.064.0329.0008 - Microsoft Corporation)
Microsoft Project Professional 2019 - es-es (HKLM\...\ProjectPro2019Retail - es-es) (Version: 16.0.12827.20336 - Microsoft Corporation)
Microsoft Visio - es-es (HKLM\...\VisioPro2019Retail - es-es) (Version: 16.0.12827.20336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26405 (HKLM-x32\...\{5b295ba9-ef89-4aeb-8acc-b61adb0b9b5f}) (Version: 14.14.26405.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.14.26405 (HKLM-x32\...\{ec9c2282-a836-48a6-9e41-c2f0bf8d678b}) (Version: 14.14.26405.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.16.1252.717 - Microsoft Corporation)
Mozilla Firefox 68.9.0 ESR (x64 es-ES) (HKLM\...\Mozilla Firefox 68.9.0 ESR (x64 es-ES)) (Version: 68.9.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 68.7.0 - Mozilla)
MSI Development Tools (HKLM-x32\...\{973CACA2-E018-065B-0580-F2784802E299}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
NetworkRepairTool (HKLM-x32\...\{4694AD3E-D4A2-4D98-9848-662A0475E872}) (Version: 1.2.11.0 - Brother Insutries Ltd.) Hidden
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA Controlador de audio HD 1.3.38.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.16 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 431.07 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 431.07 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.3.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.3.63 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 24.0.3 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12827.20160 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12827.20336 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.12827.20160 - Microsoft Corporation) Hidden
OMEN Command Center (HKLM\...\{B13CB0A1-4411-404C-A7DB-BB1441B089EC}) (Version: 1.3.124 - HP Inc.)
Oracle VM VirtualBox 6.0.16 (HKLM\...\{927E6ACC-DE57-4925-879A-B0E82C479311}) (Version: 6.0.16 - Oracle Corporation)
osrss (HKLM-x32\...\{1BA1133B-1C7A-41A0-8CBF-9B993E63D296}) (Version: 1.0.0 - Microsoft Corporation) Hidden
Panel de control de NVIDIA 431.07 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 431.07 - NVIDIA Corporation) Hidden
Paquete de compatibilidad redirigido de documentación de Microsoft .NET Framework 4.7.1 (español) (HKLM-x32\...\{927FF4FD-8E47-4022-8545-22FD78FBC2AB}) (Version: 4.7.02558 - Microsoft Corporation) Hidden
Paquete de idioma de Microsoft Visual Studio 2010 Tools para Office Runtime (x64) - ESN (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - ESN) (Version: 10.0.50903 - Microsoft Corporation)
PDF Reader for Windows 10 (HKLM\...\PDF Reader for Windows 10_is1) (Version:  - PDFLogic Corporation)
Photoshop CS5 Extended 12.0 (HKLM-x32\...\Photoshop CS5 Extended 12.0) (Version:  - )
PlanetSide 2 (HKU\S-1-5-21-2644717441-683041095-4193322048-1001\...\DGC-PlanetSide 2) (Version: 1.0.3.195 - Daybreak Game Company)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.69 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.31235 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.16.323.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8372 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.104 - REALTEK Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
ScannerUtilityInstaller (HKLM-x32\...\{5B645FE2-19E9-4B15-B5B2-3D8766F6FA27}) (Version: 1.0.0.0 - Brother) Hidden
SDK ARM Additions (HKLM-x32\...\{7922BB77-0B59-840A-AC80-D560A34D75C5}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
SDK ARM Redistributables (HKLM-x32\...\{C87DF65C-A672-7E08-A083-E7D48FE8DB70}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Software para dispositivos de chipset Intel® (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
StatusMonitor (HKLM-x32\...\{86D16055-3C14-44C6-BCD7-5514B83BAD34}) (Version: 1.12.4.0 - Brother Insutries Ltd.) Hidden
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.6.7 - TeamViewer)
TP-Link Archer T2UH Driver (HKLM-x32\...\{95EF5DBB-C2DA-48AF-93B4-533333227486}) (Version: 1.0.0 - TP-Link)
TP-Link Wireless Adapter WPS Tool (HKLM-x32\...\{685EFF87-B126-49E4-8213-70C56625C5B5}) (Version: 1.0.0.1 - TP-Link)
Unity (HKLM-x32\...\Unity) (Version: 2018.2.2f1 - Unity Technologies ApS)
Universal CRT Extension SDK (HKLM-x32\...\{A5FA2886-1925-133F-0D41-B9A8ECEA0A2D}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{B739B4C5-EEEC-8E70-0276-38C4779AF398}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{A9D6F52C-694E-3E41-7AB8-5BEB644742A5}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (HKLM\...\{E053089E-7953-3219-814F-F485FC151C54}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (HKLM-x32\...\{B9424F08-0617-C4F6-A798-5A9250C1A738}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{D261CEA1-AB8D-9CFA-4407-BCEFC78661AC}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{CC1FE5D3-78A8-4EC4-AB83-B5EF8DC4118D}) (Version: 1.16.0.0 - Microsoft Corporation) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 102.0 - Ubisoft)
UsbRepairTool (HKLM-x32\...\{523276A4-5779-4105-9163-CA1CF94EC533}) (Version: 1.4.0.0 - Brother Insutries Ltd.) Hidden
Utilidad Intel® para identificación de procesadores (HKLM-x32\...\{990439B4-E0AD-4088-8A34-34CA0E27B4AE}) (Version: 6.1.0731 - Intel Corporation) Hidden
vcpp_crt.redist.clickonce (HKLM-x32\...\{789BD653-BEFD-478B-ACD1-D2BADC2AB82C}) (Version: 14.14.26405 - Microsoft Corporation) Hidden
VideoPad, editor de vídeo (HKLM-x32\...\VideoPad) (Version: 8.51 - NCH Software)
Visual Studio Community 2017 (HKLM-x32\...\09ac310a) (Version: 15.7.27703.2047 - Microsoft Corporation)
VS Script Debugging Common (HKLM\...\{48C2D1FA-9F23-40E1-9F16-6A3CA6A78915}) (Version: 16.0.94.0 - Microsoft Corporation) Hidden
vs_communitymsi (HKLM-x32\...\{5DFEB1ED-29B8-44F0-8615-DE758242B0E2}) (Version: 15.7.27617 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{340226AB-D0EF-4715-A331-AB3A416B5018}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{BFFA2FFB-1095-4ADD-A352-368806D2412B}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{B6600254-A9D1-4265-826B-28B0E28C1F37}) (Version: 15.7.27617 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{EF15DAFE-8E43-48E6-AE94-CBA196675318}) (Version: 15.7.27617 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{8EB2C670-04C2-482D-BACD-B4095E27FD39}) (Version: 15.6.27309 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{9B1DD088-CF09-46A1-8B42-18D231B19E39}) (Version: 15.7.27604 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{F5BCAD30-D22C-4B08-A581-1EBE3A35C6B1}) (Version: 15.7.27617 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{E70CC1B8-7ED5-4495-9C52-603FE87F38F4}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{1AC6CC3D-7724-4D84-9270-798A2191AB1C}) (Version: 15.0.27005 - Microsoft Corporation) Hidden
Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version:  - Ubisoft)
WinAppDeploy (HKLM-x32\...\{9690D51C-4435-1C20-7819-66CCAB0F03F9}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Windows Desktop Gadgets (HKLM\...\Windows Desktop Gadgets_is1) (Version: 2.0 - hxxp://gadgetsrevived.com)
Windows SDK AddOn (HKLM-x32\...\{350F0ECD-0783-4529-8797-98F0AD33EAC0}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version:  - )
Windows Software Development Kit - Windows 10.0.16299.15 (HKLM-x32\...\{6195c203-b53c-4bb7-983a-6070a902e704}) (Version: 10.1.16299.15 - Microsoft Corporation)
WinHTTrack Website Copier 3.49-2 (HKLM-x32\...\WinHTTrack Website Copier_is1) (Version: 3.49.2 - HTTrack)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{385A1387-A488-9E90-3635-086129610034}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{D7DD3171-DA58-52A1-95B2-4769640855AF}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{7336279F-8F8F-5530-A543-3BE963846C0A}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{E414A474-0A87-4F66-C409-A4D9857CFD34}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense Mobile - en-us (HKLM-x32\...\{CE760B86-975B-F514-5673-0ED4332B801B}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{5E67F8BE-D8D2-257F-CE19-419A2D5125C7}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{A2AA063E-AF50-A1F5-8925-A06EB1556644}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{7D4C7F4A-02A9-E434-6451-C8787DF28C1F}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{BC467065-9374-5345-DA3F-FCF073304A25}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
XAMPP (HKLM\...\xampp) (Version: 7.4.5-0 - Bitnami)

Packages:
=========
8 Zip - unpack RAR, ZIP, 7z for free -> C:\Program Files\WindowsApps\BooStudioLLC.8ZipLite_1.4.14.0_x64__b6e429xa66pga [2020-06-14] (Finebits OÜ) [MS Ad]
Cover - lector de comics -> C:\Program Files\WindowsApps\FrenchFry.Cover_3.6.5.0_x64__a3mvwcjazefp4 [2020-05-26] (French Fry)
HP JumpStart -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStart_1.2.283.0_x64__v10z8vjag6ke6 [2017-06-12] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.16.2.0_x64__8wekyb3d8bbwe [2020-06-26] (Microsoft Studios)
MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]
RAR Opener -> C:\Program Files\WindowsApps\DeviceDoctor.RAROpener_1.3.48.0_x64__mkdtfchztkfbm [2018-05-20] (Tiny Opener)
VLC -> C:\Program Files\WindowsApps\VideoLAN.VLC_3.2.1.0_x64__paz6r1rewnh0a [2019-06-05] (VideoLAN)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-04-06] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-04-06] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-04-06] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ 0FileIconSyncOn] -> {62E15A97-5651-41E4-95C4-706D30C86A4B} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [ 1FileIconSyncAlert] -> {BF741CA6-27BF-4B49-A3A3-1C39415582D8} =>  -> Ningún archivo
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => D:\Archivos de Programa\Avast Antivirus\ashShell.dll [2020-06-16] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> Ningún archivo
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> Ningún archivo
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> Ningún archivo
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => D:\Archivos de Programa\Avast Antivirus\ashShell.dll [2020-06-16] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Ningún archivo
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-04-06] (Google LLC -> Google)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> Ningún archivo
ContextMenuHandlers1: [POContextMenuHandler64] -> {FFB89EEA-EFCF-4156-BC81-CA72A260FB62} =>  -> Ningún archivo
ContextMenuHandlers1: [ShellConverter] -> {30A4E07E-068A-4d91-8F05-691283A1336B} =>  -> Ningún archivo
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Archivos de Programa\winrar\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Archivos de Programa\winrar\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> Ningún archivo
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => D:\Archivos de Programa\Avast Antivirus\ashShell.dll [2020-06-16] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> Ningún archivo
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> Ningún archivo
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> Ningún archivo
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-04-06] (Google LLC -> Google)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> Ningún archivo
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> Ningún archivo
ContextMenuHandlers4: [POContextMenuHandler64] -> {FFB89EEA-EFCF-4156-BC81-CA72A260FB62} =>  -> Ningún archivo
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-06-05] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [POContextMenuHandler64] -> {FFB89EEA-EFCF-4156-BC81-CA72A260FB62} =>  -> Ningún archivo
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => D:\Archivos de Programa\Avast Antivirus\ashShell.dll [2020-06-16] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Ningún archivo
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> Ningún archivo
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Archivos de Programa\winrar\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Archivos de Programa\winrar\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [Archivo no firmado] [El archivo está en uso]

==================== Accesos directos & WMI ========================

(Las entradas pueden ser listadas para ser restauradas o eliminadas.)

Shortcut: C:\Users\David\Desktop\IOC\SMX_M08B2 Aplicacions web\SMX_M08B2_EAF1_Castellvi_E\OpenKM\Start OpenKM.lnk -> C:\openkm-6.3.2-community\tomcat\bin\startup.bat (Ningún archivo)
Shortcut: C:\Users\David\Desktop\IOC\SMX_M08B2 Aplicacions web\SMX_M08B2_EAF1_Castellvi_E\OpenKM\Stop OpenKM.lnk -> C:\openkm-6.3.2-community\tomcat\bin\shutdown.bat (Ningún archivo)

==================== Módulos cargados (Lista blanca) =============

2015-03-17 01:34 - 2015-03-17 01:34 - 000010240 _____ () [Archivo no firmado] [El archivo está en uso] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\es_es\AcroTray.esp
2009-02-27 16:38 - 2009-02-27 16:38 - 000139264 _____ () [Archivo no firmado] [El archivo está en uso] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2018-06-06 14:44 - 2005-04-22 13:36 - 000143360 _____ () [Archivo no firmado] [El archivo está en uso] C:\WINDOWS\system32\BrSNMP64.dll
2015-03-17 01:34 - 2015-03-17 01:34 - 000013824 _____ (Adobe Systems Inc.) [Archivo no firmado] [El archivo está en uso] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\es_es\Acrobat Elements\ContextMenuShim64.esp
2014-11-13 18:55 - 2014-11-13 18:55 - 000461824 _____ (Brother Industries, Ltd.) [Archivo no firmado] [El archivo está en uso] C:\Program Files (x86)\Browny02\BrMonitor.dll
2010-09-29 17:07 - 2010-09-29 17:07 - 000180224 _____ (Brother Industries, Ltd.) [Archivo no firmado] [El archivo está en uso] C:\Program Files (x86)\Browny02\BroSNMP.dll
2018-06-06 14:44 - 2013-03-08 15:44 - 000087040 _____ (Brother Industries, Ltd.) [Archivo no firmado] [El archivo está en uso] C:\WINDOWS\system32\BrNetSti.dll
2017-09-28 18:41 - 2017-09-28 18:41 - 000266240 _____ (Microsoft Corporation) [Archivo no firmado] [El archivo está en uso] C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbPc.DLL
2020-02-01 00:00 - 2018-09-07 10:07 - 002095104 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Archivo no firmado] [El archivo está en uso] C:\Program Files\AVAST Software\SecureLine VPN\libcrypto-1_1.dll

==================== Alternate Data Streams (Lista blanca) ========

(Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.)

AlternateDataStreams: C:\Users\Public\AppData:CSM [232]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [462]

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer sitios de confianza/restringidos ==========

(Si una entrada es incluida en el fixlist, será eliminada del registro.)

IE trusted site: HKU\S-1-5-21-2644717441-683041095-4193322048-1001\...\fnmt.es -> hxxp://fnmt.es
IE trusted site: HKU\S-1-5-21-2644717441-683041095-4193322048-1001\...\fnmt.es -> hxxps://fnmt.es
IE trusted site: HKU\S-1-5-21-2644717441-683041095-4193322048-1001\...\fnmt.gob.es -> hxxps://fnmt.gob.es
IE trusted site: HKU\S-1-5-21-2644717441-683041095-4193322048-1001\...\fnmt.gob.es -> hxxp://fnmt.gob.es
IE trusted site: HKU\S-1-5-21-2644717441-683041095-4193322048-1001\...\localhost -> localhost

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2016-07-16 13:47 - 2020-05-05 15:14 - 000008129 _____ C:\WINDOWS\system32\drivers\etc\hosts
0.0.0.0  192.150.18.108
0.0.0.0  192.150.22.40
0.0.0.0  192.150.14.69
0.0.0.0  192.150.8.118
0.0.0.0  192.150.8.100
0.0.0.0  192.150.18.101
0.0.0.0  192.168.112.207
0.0.0.0  194.224.66.48
0.0.0.0  199.7.52.190
0.0.0.0  199.7.52.190:80
0.0.0.0  209.34.83.73:43
0.0.0.0  209.34.83.73:443
0.0.0.0  www.adobeereg.com #75.125.24.83
0.0.0.0  adobeereg.com #207.66.2.10
0.0.0.0  activate.adobe.com  #192.150.22.40
0.0.0.0  practivate.adobe
0.0.0.0  practivate.adobe.com
0.0.0.0  practivate.adobe.*
0.0.0.0  practivate.adobe.com #192.150.18.54
0.0.0.0  practivate.adobe.newoa
0.0.0.0  practivate.adobe.ntp
0.0.0.0  practivate.adobe.ipp
0.0.0.0  activate-sea.adobe.com #192.150.22.40
0.0.0.0  wip.adobe.com
0.0.0.0  wip1.adobe.com
0.0.0.0  wip2.adobe.com
0.0.0.0  wip3.adobe.com #192.150.8.60
0.0.0.0  wip4.adobe.com #192.150.18.200
0.0.0.0  lmlicenses.wip1.adobe.com
0.0.0.0  lmlicenses.wip2.adobe.com

Hay 131 más lineas.


2018-10-13 12:14 - 2018-10-13 13:00 - 000000446 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\Java\jdk1.8.0_181\bin;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\Brackets\command;C:\Users\David\AppData\Local\Microsoft\WindowsAppsC:\tomcat-8.5.34\lib\sig
HKCU\Environment\\Path -> C:\Users\David\AppData\Local\Microsoft\WindowsApps
HKU\S-1-5-21-2644717441-683041095-4193322048-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 80.58.61.250 - 80.58.61.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Firewall de Windows está habilitado.

Network Binding:
=============
Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) 
Ethernet: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled) 
Wi-Fi: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) 
Wi-Fi: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled) 
SecureLine: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) 
SecureLine: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled) 
Ethernet 4: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) 
Ethernet 4: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled) 
Ethernet 2: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) 
Ethernet 2: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled) 

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

MSCONFIG\Services: Steam Client Service => 3
HKLM\...\StartupApproved\Run: => "BtServer"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "Launch LCore"
HKLM\...\StartupApproved\Run32: => "HPMessageService"
HKLM\...\StartupApproved\Run32: => "RtlS5Wake"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "BrHelp"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "AdobeCS5ServiceManager"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKU\S-1-5-21-2644717441-683041095-4193322048-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-2644717441-683041095-4193322048-1001\...\StartupApproved\Run: => "OneDriveSetup"
HKU\S-1-5-21-2644717441-683041095-4193322048-1001\...\StartupApproved\Run: => "Gaijin.Net Agent"
HKU\S-1-5-21-2644717441-683041095-4193322048-1001\...\StartupApproved\Run: => "3DFE07AAA0B32A309ED9547B543D5CA16227B004._service_run"
HKU\S-1-5-21-2644717441-683041095-4193322048-1001\...\StartupApproved\Run: => "Shell"

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [TCP Query User{EFB7B326-6BC8-4FD8-8ED2-BE28ADB8CEC3}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{0833D040-DA6F-4C90-932D-F4A49952F7D1}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{A58D4E7D-2EE1-424B-BF1F-7253FE4CC820}D:\archivos de programa\emule\emule.exe] => (Allow) D:\archivos de programa\emule\emule.exe (hxxp://www.emule-project.net) [Archivo no firmado] [El archivo está en uso]
FirewallRules: [UDP Query User{DF687B50-0D8A-4672-83E9-B59F4A3FF2D7}D:\archivos de programa\emule\emule.exe] => (Allow) D:\archivos de programa\emule\emule.exe (hxxp://www.emule-project.net) [Archivo no firmado] [El archivo está en uso]
FirewallRules: [TCP Query User{D659C3D2-D0D4-4E74-AE59-8D8BCF79820D}C:\program files (x86)\common files\oracle\java\javapath_target_207486312\java.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_207486312\java.exe
FirewallRules: [UDP Query User{D9035A66-90FB-4E44-BFBA-C4544EBC7A19}C:\program files (x86)\common files\oracle\java\javapath_target_207486312\java.exe] => (Allow) C:\program files (x86)\common files\oracle\java\javapath_target_207486312\java.exe
FirewallRules: [{E56EDC08-32AD-4A0A-B590-CC7026588D45}] => (Allow) LPort=3306
FirewallRules: [TCP Query User{4C1502FD-ECC6-49BD-8575-708497CFD8D9}C:\program files (x86)\brackets\node.exe] => (Allow) C:\program files (x86)\brackets\node.exe (Adobe Inc. -> Node.js)
FirewallRules: [UDP Query User{B51598D8-519A-4601-A6FD-258453A4D536}C:\program files (x86)\brackets\node.exe] => (Allow) C:\program files (x86)\brackets\node.exe (Adobe Inc. -> Node.js)
FirewallRules: [TCP Query User{FC178FCC-2172-4388-BBD9-659DA420F6B3}D:\xampp\apache\bin\httpd.exe] => (Allow) D:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [Archivo no firmado] [El archivo está en uso]
FirewallRules: [UDP Query User{24C0CA60-3503-441A-80F1-BB7892FDA6F3}D:\xampp\apache\bin\httpd.exe] => (Allow) D:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [Archivo no firmado] [El archivo está en uso]
FirewallRules: [{CB322BF3-D975-450D-952E-9FCAE7BB800C}] => (Allow) D:\Archivos de Programa\Mozilla\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B79604C8-22CB-4526-A3D6-3F180E108B47}] => (Allow) D:\Archivos de Programa\Mozilla\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{01B47141-CB23-4844-B347-CB0AEDEE7FF7}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E285FD7E-3A6B-4097-BA98-BA9CCA9B86F3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{BD87005B-A39F-4C8D-9627-3EE843D87926}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{EEC6BCC5-753D-453C-826E-9588CEECDBBF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1BDF7F5B-CDFC-455F-9C96-A7651A8D9880}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{29A48F6F-764D-4267-8508-674986726547}] => (Allow) D:\Archivos de Programa\Blackmagic Design\DaVinci Resolve\Resolve.exe (Blackmagic Design Pty. Ltd.) [Archivo no firmado] [El archivo está en uso]
FirewallRules: [{C56BA53B-7E4A-482E-913A-0E1887BA4FC9}] => (Allow) D:\Archivos de Programa\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe () [Archivo no firmado] [El archivo está en uso]
FirewallRules: [{0544D01F-4BCC-4CFA-9BD3-05C7428449BA}] => (Allow) D:\Archivos de Programa\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe () [Archivo no firmado] [El archivo está en uso]
FirewallRules: [{3D485231-3385-40B2-8432-9AE87C5B5637}] => (Allow) D:\Archivos de Programa\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe () [Archivo no firmado] [El archivo está en uso]
FirewallRules: [{743A18CE-46DD-45AC-A966-B7E147390782}] => (Allow) D:\Archivos de Programa\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe () [Archivo no firmado] [El archivo está en uso]
FirewallRules: [{6D7338CE-C524-4736-BEBA-24F7E7B4CF26}] => (Allow) D:\Archivos de Programa\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe () [Archivo no firmado] [El archivo está en uso]
FirewallRules: [{944E8D35-139D-4BF6-A1E0-477745AA0B38}] => (Allow) D:\Archivos de Programa\Blackmagic Design\DaVinci Resolve\DPDecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{3285FB9E-9C94-4A0F-BF7E-75D1D508DCA9}D:\archivos de programa\blackmagic design\davinci resolve\resolve.exe] => (Allow) D:\archivos de programa\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty. Ltd.) [Archivo no firmado] [El archivo está en uso]
FirewallRules: [UDP Query User{E4260AD0-330C-428D-B1D1-8302DF872FBE}D:\archivos de programa\blackmagic design\davinci resolve\resolve.exe] => (Allow) D:\archivos de programa\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty. Ltd.) [Archivo no firmado] [El archivo está en uso]
FirewallRules: [TCP Query User{3DD37A50-41B7-4D65-9D55-D67CFAAF1CB3}D:\archivos de programa\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) D:\archivos de programa\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [UDP Query User{2D892297-8875-4DD2-8703-9AAAC966627E}D:\archivos de programa\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) D:\archivos de programa\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{8B85EDAD-9A12-40A7-8D30-8C237D465158}D:\archivos de programa\blackmagic design\davinci resolve\fuscript.exe] => (Allow) D:\archivos de programa\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [Archivo no firmado] [El archivo está en uso]
FirewallRules: [UDP Query User{3970CB04-9F08-4264-BC54-3A4BCC61F687}D:\archivos de programa\blackmagic design\davinci resolve\fuscript.exe] => (Allow) D:\archivos de programa\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [Archivo no firmado] [El archivo está en uso]
FirewallRules: [{BF0DDFC3-A9CE-4F8E-B040-65D0A9F30C11}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F99EFEC2-2334-411B-B2F6-53C91AB566E2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C1E64C59-C5BA-482B-A6D5-70AE52AD57E0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8551895F-B96E-4BF7-BC0C-9F7F8FA85BE8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E706F0C5-FBE7-473C-82E9-63E4540F47A2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{EC7A33B2-9BB9-4A9E-9AA5-B08EF01C1400}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F05A4867-2A33-4E59-B1B2-0A2051B76879}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Puntos de Restauración =========================

ATENCIÓN: Restaurar Sistema está deshabilitado (Total:118.01 GB) (Free:38.92 GB) (33%)

==================== Dispositivos defectuosos en el Administrador de dispositivos ============

Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (06/28/2020 05:49:39 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8872,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (06/28/2020 05:43:28 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: El subárbol del usuario se carga mediante otro proceso (bloqueo del registro) nombre del proceso: D:\Archivos de Programa\Avast Antivirus\AvastSvc.exe, PID: 3328, ProfSvc PID: 1624.

Error: (06/28/2020 05:41:49 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3660,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (06/28/2020 05:28:11 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10380,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (06/28/2020 05:15:35 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6196,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (06/28/2020 05:06:12 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (13052,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (06/28/2020 04:53:26 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4308,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (06/28/2020 02:33:26 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (14236,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.


Errores del sistema:
=============
Error: (06/28/2020 05:44:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio NVIDIA LocalSystem Container terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 6000 milisegundos: Reiniciar el servicio.

Error: (06/28/2020 05:44:35 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio NVIDIA Display Container LS terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 6000 milisegundos: Reiniciar el servicio.

Error: (06/28/2020 05:34:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Servicio Hacer clic y ejecutar de Microsoft Office terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 0 milisegundos: Reiniciar el servicio.

Error: (06/28/2020 05:34:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Adobe Genuine Software Integrity Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (06/28/2020 05:34:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Adobe Genuine Monitor Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (06/28/2020 05:34:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Intel® SGX AESM terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 300000 milisegundos: Reiniciar el servicio.

Error: (06/28/2020 05:34:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio NVIDIA LocalSystem Container terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 6000 milisegundos: Reiniciar el servicio.

Error: (06/28/2020 05:34:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Intel(R) Dynamic Application Loader Host Interface Service se terminó de manera inesperada. Esto ha sucedido 1 veces.


Windows Defender:
===================================
Date: 2020-02-18 20:14:38.299
Description: 
El acceso controlado a carpetas impidió que C:\Windows\SysWOW64\taskkill.exe realizara cambios en la memoria.
Tiempo de detección: 2020-02-18T19:14:38.299Z
Usuario: DESKTOP-E38C84M\David
Ruta de acceso: \Device\Harddisk2\DR2
Nombre del proceso: C:\Windows\SysWOW64\taskkill.exe
Versión de inteligencia de seguridad: 1.309.1235.0
Versión del motor: 1.1.16700.3
Versión del producto: 4.18.2001.7

Date: 2020-02-18 19:47:12.601
Description: 
El acceso controlado a carpetas bloqueó C:\Windows\System32\RuntimeBroker.exe para que no pueda modificar %userprofile%\Pictures.
Hora de detección: 2020-02-18T18:47:12.600Z
Usuario: DESKTOP-E38C84M\David
Ruta de acceso: %userprofile%\Pictures
Nombre del proceso: C:\Windows\System32\RuntimeBroker.exe
Versión de inteligencia de seguridad: 1.309.1235.0
Versión del motor: 1.1.16700.3
Versión del producto: 4.18.2001.7

Date: 2020-02-18 19:01:56.836
Description: 
El acceso controlado a carpetas bloqueó C:\Windows\System32\RuntimeBroker.exe para que no pueda modificar %userprofile%\Pictures.
Hora de detección: 2020-02-18T18:01:56.836Z
Usuario: DESKTOP-E38C84M\David
Ruta de acceso: %userprofile%\Pictures
Nombre del proceso: C:\Windows\System32\RuntimeBroker.exe
Versión de inteligencia de seguridad: 1.309.1235.0
Versión del motor: 1.1.16700.3
Versión del producto: 4.18.2001.7

Date: 2020-02-18 18:46:56.862
Description: 
El acceso controlado a carpetas bloqueó C:\Windows\System32\RuntimeBroker.exe para que no pueda modificar %userprofile%\Pictures.
Hora de detección: 2020-02-18T17:46:56.861Z
Usuario: DESKTOP-E38C84M\David
Ruta de acceso: %userprofile%\Pictures
Nombre del proceso: C:\Windows\System32\RuntimeBroker.exe
Versión de inteligencia de seguridad: 1.309.1235.0
Versión del motor: 1.1.16700.3
Versión del producto: 4.18.2001.7

Date: 2020-02-18 18:25:58.662
Description: 
El acceso controlado a carpetas bloqueó C:\Windows\System32\RuntimeBroker.exe para que no pueda modificar %userprofile%\Pictures.
Hora de detección: 2020-02-18T17:25:58.661Z
Usuario: DESKTOP-E38C84M\David
Ruta de acceso: %userprofile%\Pictures
Nombre del proceso: C:\Windows\System32\RuntimeBroker.exe
Versión de inteligencia de seguridad: 1.309.1235.0
Versión del motor: 1.1.16700.3
Versión del producto: 4.18.2001.7

CodeIntegrity:
===================================

Date: 2020-06-28 17:55:06.767
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Archivos de Programa\Avast Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-06-28 17:46:41.047
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Archivos de Programa\Avast Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-06-28 17:46:39.144
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Archivos de Programa\Avast Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-06-28 17:46:38.831
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Archivos de Programa\Avast Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-06-28 17:46:38.809
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Archivos de Programa\Avast Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-06-28 17:46:38.677
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Archivos de Programa\Avast Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-06-28 17:46:38.658
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Archivos de Programa\Avast Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-06-28 17:45:14.339
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Archivos de Programa\Avast Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements.

==================== Información de la memoria =========================== 

BIOS: AMI F.03 04/12/2017
Placa base: HP 8308
Procesador: Intel(R) Core(TM) i5-7400 CPU @ 3.00GHz
Porcentaje de memoria en uso: 30%
RAM física total: 12229.57 MB
RAM física disponible: 8496.5 MB
Virtual total: 24517.57 MB
Virtual disponible: 20107.76 MB

==================== Unidades ================================

Drive c: (Windows) (Fixed) (Total:118.01 GB) (Free:38.92 GB) NTFS
Drive d: (Datos 1) (Fixed) (Total:918.41 GB) (Free:561.9 GB) NTFS
Drive e: (RECOVERY) (Fixed) (Total:13.11 GB) (Free:13.05 GB) NTFS
Drive g: (Datos 2) (Fixed) (Total:1397.26 GB) (Free:1395.31 GB) NTFS

\\?\Volume{369c0bbb-3d5a-46b7-82f5-7bee28dce365}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.53 GB) NTFS
\\?\Volume{da05b961-291a-4f7f-be68-3b8d58717beb}\ () (Fixed) (Total:0.25 GB) (Free:0.16 GB) FAT32

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 32F39CF1)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1397.3 GB) (Disk ID: 2BD2C32A)
Partition 1: (Not Active) - (Size=1397.3 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (Size: 119.2 GB) (Disk ID: 18D537C3)

Partition: GPT.

==================== Final de Addition.txt =======================

Quiero explicar algunas cosas… esta tarde tenia el ordenador apagado y se ha vuelto a publicar eso otra vez, el movil lo tenia encendido y habia cambiado la contraseña de Facebook por una contraseña mas robusta e incluso le programado para que si alguien quiere entrar a mi cuenta tiene que tener mi movil donde se me envia un mensaje ya sabes el sistema de doble seguridad… Empiezo a sospechar que el malware lo debo de tener en el ordenador…

Hola. :+1:

Si tienes el ordenador APAGADO y se vuelve a publicar o aparece de nuevo lo mismo en Facebook teniendo únicamente el móvil encendido, entonces el problema lo tienes basicamente en el móvil y lo primero que debes hacer es ELIMINAR TODO el historial que tengas almacenado en el o los navegadores que uses en el móvil o cualquier otro dispositivo tipo tablet o similar. :face_with_monocle:

Otra cuestión que debes hacer es RESETEAR el módem /router de Internet.:+1:



Y ademas ahora para seguir depurando tu ordenador haces estos otros pasos que te dejo aquí explicados.



Bien… y ahora sigue estos pasos, :arrow_forward: MUY Importante :arrow_backward: Realiza una copia de seguridad del registro :

  • Para hacerlo descarga :arrow_forward: DelFix.exe(en tu escritorio).

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

  • Atención, ahora marca/selecciona únicamente la casilla :white_check_mark: Create registry backup, las demás casillas NO. :face_with_monocle:

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

:warning: Con los demás programas cerrados ve a :arrow_forward: Inicio :arrow_forward: Ejecutar :arrow_forward: y escribe Notepad.exe.

  • Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> Ningún archivo
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> Ningún archivo
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> Ningún archivo
ShellIconOverlayIdentifiers: [ 0FileIconSyncOn] -> {62E15A97-5651-41E4-95C4-706D30C86A4B} => -> Ningún archivo
ShellIconOverlayIdentifiers: [ 1FileIconSyncAlert] -> {BF741CA6-27BF-4B49-A3A3-1C39415582D8} => -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> Ningún archivo
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Ningún archivo
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> Ningún archivo
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Ningún archivo
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Ningún archivo
ContextMenuHandlers1: [POContextMenuHandler64] -> {FFB89EEA-EFCF-4156-BC81-CA72A260FB62} => -> Ningún archivo
ContextMenuHandlers1: [ShellConverter] -> {30A4E07E-068A-4d91-8F05-691283A1336B} => -> Ningún archivo
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Ningún archivo
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Ningún archivo
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> Ningún archivo
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Ningún archivo
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => -> Ningún archivo
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Ningún archivo
ContextMenuHandlers4: [POContextMenuHandler64] -> {FFB89EEA-EFCF-4156-BC81-CA72A260FB62} => -> Ningún archivo
ContextMenuHandlers5: [POContextMenuHandler64] -> {FFB89EEA-EFCF-4156-BC81-CA72A260FB62} => -> Ningún archivo
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Ningún archivo
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> Ningún archivo
Shortcut: C:\Users\David\Desktop\IOC\SMX_M08B2 Aplicacions web\SMX_M08B2_EAF1_Castellvi_E\OpenKM\Start OpenKM.lnk -> C:\openkm-6.3.2-community\tomcat\bin\startup.bat (Ningún archivo)
Shortcut: C:\Users\David\Desktop\IOC\SMX_M08B2 Aplicacions web\SMX_M08B2_EAF1_Castellvi_E\OpenKM\Stop OpenKM.lnk -> C:\openkm-6.3.2-community\tomcat\bin\shutdown.bat (Ningún archivo)
HKLM-x32\...\Run: [] => [X]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.116\Installer\chrmstp.exe [2020-06-25] (Google LLC -> Google LLC)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restricción <==== ATENCIÓN
CHR HKLM\SOFTWARE\Policies\Google: Restricción <==== ATENCIÓN
Task: {0B17A2FE-3517-432A-B1E8-2A52790C903B} - no ruta de acceso de archivo
Task: {BF3267F7-2462-4E69-8E9E-F0CEF1B8CF46} - no ruta de acceso de archivo
Task: {C575350A-5476-440B-A5DC-17B2166AB51B} - System32\Tasks\NCH Software\VideoPadSevenDays => C:\Program Files (x86)\NCH Software\VideoPad\VideoPad.exe [7458888 2020-06-09] (NCH Software, Inc. -> NCH Software)
Task: {F2FF2A14-0B9E-47AF-9815-73A0847A7F22} - System32\Tasks\NCH Software\VideoPadCacheDeleteAll => C:\Program Files (x86)\NCH Software\VideoPad\videopad.exe [7458888 2020-06-09] (NCH Software, Inc. -> NCH Software)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - Ningún archivo
CHR HKU\S-1-5-21-2644717441-683041095-4193322048-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
S2 HPJumpStartBridge; "c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe" [X]
S3 fiddrv64; no ImagePath
S3 MBAMFarflt; system32\DRIVERS\farflt.sys [X]
S3 MBAMWebProtection; \SystemRoot\system32\DRIVERS\mwac.sys [X]
2020-06-25 23:28 - 2020-06-26 22:47 - 000000000 ____D C:\Users\David\AppData\Roaming\Panda Security
2020-06-25 23:27 - 2020-06-28 12:20 - 000000000 ____D C:\Program Files (x86)\Panda Security
2020-06-26 22:48 - 2018-10-18 19:53 - 000000000 ____D C:\ProgramData\Panda Security
2020-06-28 17:34 - 2018-06-23 00:43 - 000000000 ____D C:\Users\David\AppData\Roaming\IObit
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio :arrow_backward: Esto es muy importante.

:o: Nota :o: Es importante que la herramienta FRST.exe(Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.

Y ahora usa el 2º MÉTODO: de esta Faq de Windows 8(aplicable a Windows 10) :arrow_forward: ¿Cómo iniciar Windows 8/8.1 en Modo Seguro?, para trabajar desde ese modo de windows.

  • Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).

  • Presionar el botón FIX/Corregir y aguardar a que termine.

  • La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pegar el contenido de este fichero en tu próxima respuesta. :+1:

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Saludos.

Hola buenos dias, Mira que me surge un nuevo problema, he entrado en msconfig para configurar el arranque a modo de prueba de errores MINIMO y ahora no me arranca el pc se me ha quedado en negro la pantalla, de hecho. ¿Que puedo hacer?

Hola.

Y quien dijo que hicieras esos pasos…?? :face_with_monocle:

Nadie te pidio que tocases nada usando el msconfig… :face_with_raised_eyebrow:

Y SI pulsas alguna tecla NO ocurre nada…??