Alto consumo de recursos

anzorrilla · 27 Noviembre, 2019 18:48

Estimados, cuando uso un software de procesamiento de imagen se produce un consumo inusualmente alto de recursos. En otra máquina anda perfectamente.

Paso a poner los logs:

Malwarebytes:

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 27/11/19
Hora del análisis: 14:46
Archivo de registro: da31b324-113d-11ea-8390-48ba4e56fa42.json

-Información del software-
Versión: 4.0.4.49
Versión de los componentes: 1.0.764
Versión del paquete de actualización: 1.0.15474
Licencia: Gratis

-Información del sistema-
SO: Windows 10 (Build 18362.418)
CPU: x64
Sistema de archivos: NTFS
Usuario: LAPTOP-PBMAK5KO\anibal

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 323235
Amenazas detectadas: 0
Amenazas en cuarentena: 0
Tiempo transcurrido: 11 min, 33 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 0
(No hay elementos maliciosos detectados)

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

AdwCleaner

# -------------------------------
# Malwarebytes AdwCleaner 8.0.0.0
# -------------------------------
# Build:    11-21-2019
# Database: 2019-11-20.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    11-27-2019
# Duration: 00:00:52
# OS:       Windows 10 Home Single Language
# Cleaned:  43
# Failed:   2


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com
Deleted       HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar.com

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

Deleted       Preinstalled.HPAudioSwitch   Folder   C:\Program Files (x86)\HP\HPAUDIOSWITCH
Deleted       Preinstalled.HPAudioSwitch   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D34FF7F5-8084-4C7A-921C-2A08A275D0DE} 
Deleted       Preinstalled.HPAudioSwitch   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HPAudioSwitch
Deleted       Preinstalled.HPAudioSwitch   Task   C:\Windows\System32\Tasks\HPAUDIOSWITCH
Deleted       Preinstalled.HPCoolSense   Folder   C:\Program Files (x86)\HP\HP COOLSENSE
Deleted       Preinstalled.HPCoolSense   Folder   C:\Users\anibal\AppData\Local\HP\HP COOLSENSE
Deleted       Preinstalled.HPCoolSense   Folder   C:\Windows\System32\Tasks\HP\HP COOLSENSE
Deleted       Preinstalled.HPCoolSense   Registry   HKLM\Software\Classes\CLSID\{224695A4-BD5E-4C38-B354-A4C828E61BF7}
Deleted       Preinstalled.HPJumpStartApps   Folder   C:\Program Files (x86)\HP\HP JUMPSTART APPS
Deleted       Preinstalled.HPJumpStartApps   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\HP JumpStart Apps
Deleted       Preinstalled.HPJumpStartBridge   Folder   C:\Program Files (x86)\HP\HP JUMPSTART BRIDGE
Deleted       Preinstalled.HPJumpStartLaunch   Folder   C:\Program Files (x86)\HP\HP JUMPSTART LAUNCH
Deleted       Preinstalled.HPJumpStartLaunch   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C790C01F-B0A7-46C8-BAB8-D3FACFFFFBB7} 
Deleted       Preinstalled.HPJumpStartLaunch   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HPJumpStartLaunch
Deleted       Preinstalled.HPJumpStartLaunch   Task   C:\Windows\System32\Tasks\HPJUMPSTARTLAUNCH
Deleted       Preinstalled.HPOrbit   Folder   C:\Program Files\HP\HP ORBIT
Deleted       Preinstalled.HPOrbit   Folder   C:\Program Files\HP\HP ORBIT SERVICE
Deleted       Preinstalled.HPOrbit   Folder   C:\ProgramData\HP\HP ORBIT
Deleted       Preinstalled.HPOrbit   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{38B26B58-693D-4B55-9653-1E8D173A9F3B}
Deleted       Preinstalled.HPOrbit   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{DED1B811-5F83-451D-AFE6-F9AC351CB63B}
Deleted       Preinstalled.HPRegistrationService   Folder   C:\Program Files (x86)\HP\HP REGISTRATION SERVICE
Deleted       Preinstalled.HPRegistrationService   Folder   C:\ProgramData\HP\HP REGISTRATION SERVICE
Deleted       Preinstalled.HPSupportAssistant   Folder   C:\HP\SUPPORT
Deleted       Preinstalled.HPSupportAssistant   Folder   C:\Program Files (x86)\HEWLETT-PACKARD\HP CUSTOMER FEEDBACK
Deleted       Preinstalled.HPSupportAssistant   Folder   C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted       Preinstalled.HPSupportAssistant   Folder   C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted       Preinstalled.HPSupportAssistant   Folder   C:\Users\anibal\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted       Preinstalled.HPSupportAssistant   Folder   C:\Users\anibal\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted       Preinstalled.HPSupportAssistant   Registry   HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted       Preinstalled.HPSupportAssistant   Registry   HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted       Preinstalled.HPSupportAssistant   Registry   HKLM\Software\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted       Preinstalled.HPSupportAssistant   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted       Preinstalled.HPSupportAssistant   Registry   HKLM\Software\Wow6432Node\\Classes\CLSID\{C0ABBA07-B636-47B8-B9E1-BB96D7CD4831}
Deleted       Preinstalled.HPSupportAssistant   Registry   HKLM\Software\Wow6432Node\\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted       Preinstalled.HPSupportAssistant   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted       Preinstalled.HPSupportAssistant   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{05F81C27-62A5-4A0C-8519-60CB66CF87C6}
Deleted       Preinstalled.HPSupportAssistant   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{B2630333-677F-4F40-9625-7F76CFB02EA1}
Deleted       Preinstalled.HPSureConnect   Folder   C:\Program Files (x86)\HP INC\HP SURE CONNECT
Deleted       Preinstalled.HPSureConnect   Folder   C:\Program Files\HPCOMMRECOVERY
Deleted       Preinstalled.HPSureConnect   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{6468C4A5-E47E-405F-B675-A70A70983EA6}
Deleted       Preinstalled.HPTouchpointAnalyticsClient   Registry   HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}
Not Deleted   Preinstalled.HPSupportAssistant   Folder   C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT SOLUTIONS
Not Deleted   Preinstalled.HPTouchpointAnalyticsClient   Folder   C:\ProgramData\HP\HP TOUCHPOINT ANALYTICS CLIENT


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [6322 octets] - [27/11/2019 15:01:24]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

anzorrilla · 27 Noviembre, 2019 18:58

JRT

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Home x64 
Ran by anibal (Administrator) on mi‚. 27/11/2019 at 15:13:27,54
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 1 

Successfully deleted: C:\WINDOWS\wininit.ini (File) 



Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on mi‚. 27/11/2019 at 15:21:57,24
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-11-2019 01
Ran by anibal (27-11-2019 15:28:04)
Running from C:\Users\anibal\Desktop
Windows 10 Home Single Language Version 1909 18363.418 (X64) (2019-11-24 03:06:46)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-1649023616-1861644052-698380833-500 - Administrator - Disabled)
anibal (S-1-5-21-1649023616-1861644052-698380833-1001 - Administrator - Enabled) => C:\Users\anibal
DefaultAccount (S-1-5-21-1649023616-1861644052-698380833-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1649023616-1861644052-698380833-1004 - Limited - Enabled)
Invitado (S-1-5-21-1649023616-1861644052-698380833-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1649023616-1861644052-698380833-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Panda Dome (Disabled - Up to date) {CF440CD9-5435-10B1-04E0-7768B6F10320}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Panda Dome (Enabled - Up to date) {7425ED3D-720F-1F3F-3E50-4C1ACD76499D}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Actualización de NVIDIA 38.0.1.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.1.0 - NVIDIA Corporation) Hidden
Adobe Connect (HKU\S-1-5-21-1649023616-1861644052-698380833-1001\...\Adobe Connect App) (Version: 2019.5.1.32 - Adobe Systems Inc.)
Adobe Connect (HKU\S-1-5-21-1649023616-1861644052-698380833-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11272019150728034\...\Adobe Connect App) (Version: 2019.5.1.32 - Adobe Systems Inc.)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.270 - Adobe)
Apowersoft Online Launcher version 1.7.5 (HKLM-x32\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.7.5 - APOWERSOFT LIMITED)
Apple Software Update (HKLM-x32\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
Asistente para actualización a Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22925 - Microsoft Corporation)
Backup and Sync from Google (HKLM\...\{93EBD8BA-7A14-4636-8F1F-E929ADF2C3A9}) (Version: 3.47.7654.0300 - Google, Inc.)
balenaEtcher 1.5.57 (HKU\S-1-5-21-1649023616-1861644052-698380833-1001\...\d2f3b6c7-6f49-59e2-b8a5-f72e33900c2b) (Version: 1.5.57 - Balena Inc.)
balenaEtcher 1.5.57 (HKU\S-1-5-21-1649023616-1861644052-698380833-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11272019150728034\...\d2f3b6c7-6f49-59e2-b8a5-f72e33900c2b) (Version: 1.5.57 - Balena Inc.)
BitTorrent (HKU\S-1-5-21-1649023616-1861644052-698380833-1001\...\BitTorrent) (Version: 7.10.5.44995 - BitTorrent Inc.)
BitTorrent (HKU\S-1-5-21-1649023616-1861644052-698380833-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11272019150728034\...\BitTorrent) (Version: 7.10.5.44995 - BitTorrent Inc.)
BitTorrent Sync (HKU\S-1-5-21-1649023616-1861644052-698380833-1001\...\BitTorrent Sync) (Version: 2.3.8 - BitTorrent, Inc.)
BitTorrent Sync (HKU\S-1-5-21-1649023616-1861644052-698380833-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11272019150728034\...\BitTorrent Sync) (Version: 2.3.8 - BitTorrent, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.62 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
dBpoweramp (HKLM-x32\...\dBpoweramp) (Version: Release 16.2 - Illustrate)
Dragon NaturallySpeaking 12 (HKLM-x32\...\{D5D422B9-6976-4E98-8DDF-9632CB515D7E}) (Version: 12.00.100 - Nuance Communications Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 85.4.155 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.241.1 - Dropbox, Inc.) Hidden
Focusrite USB 2.0 Audio Driver 2.5.1 (HKLM\...\Focusrite USB 2.0 Audio Driver_is1) (Version: 2.5.1 - Focusrite Audio Engineering Limited.)
FormatFactory 4.3.0.0 (HKLM-x32\...\FormatFactory) (Version: 4.3.0.0 - Free Time)
GDCL MPEG4 Filters (HKLM-x32\...\GDCL MPEG4 Filters) (Version: 1.0.0 - GDCL)
Glary Utilities 5.130 (HKLM-x32\...\Glary Utilities 5) (Version: 5.130.0.156 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 78.0.3904.108 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.341 - Google LLC) Hidden
Hap DirectShow Codec (Isadora Mod) (HKLM-x32\...\Hap DirectShow Codec (Isadora Mod)) (Version: 1.0.14 - RenderHeads Ltd; mods by TroikaTronix)
Hap QuickTime Component (HKLM-x32\...\{3806B8EC-9261-4DB3-A5D3-75A8F2FACD5C}) (Version: 12.0.0 - Vidvox)
HP Audio Switch (HKLM-x32\...\{3A5141D4-47DB-4302-9B1C-272BE585BC8A}) (Version: 1.0.179.0 - HP Inc.)
HP CoolSense (HKLM-x32\...\{AC154691-D9B6-4CD9-BB9B-ACDAF61367E5}) (Version: 2.22.1 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP ePrint SW (HKLM-x32\...\{54da9769-2364-4bd3-8139-6400500778b3}) (Version: 5.3.22034 - HP Inc.)
HP JumpStart Bridge (HKLM-x32\...\{23D5C1E8-0442-4D70-9280-927EF36657CB}) (Version: 1.1.0.378 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{81CA40FD-E11B-4DC1-AE33-A71EB044B8B7}) (Version: 1.1.275.0 - HP Inc.)
HP LaserJet 1020 Series (HKLM\...\HP LaserJet 1020 Series) (Version:  - )
HP Orbit (HKLM-x32\...\{04ec2b32-255d-418f-b6ca-dec62b872f5d}) (Version: 1.3.60.240 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{57058272-92B0-4EFA-8FDD-ED3E5D689D37}) (Version: 1.4.32 - HP Inc.)
Intel XTU SDK (HKLM-x32\...\{43A58350-CB99-4F4E-9BB6-F058D7B27985}) (Version: 1.0.14 - HP Inc.) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{314d4c01-f54b-4125-a71f-1e2722c29050}) (Version: 10.1.1.40 - Intel(R) Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.11003.3588 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1004 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4627 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.0.1020 - Intel Corporation)
IrfanView 4.51 (64-bit) (HKLM\...\IrfanView64) (Version: 4.51 - Irfan Skiljan)
Isadora 3 version 3.0.6.0 (HKLM\...\D5DA0D06-1DF3-D8F4-7AE2-DE83813313DB_is1) (Version: 3.0.6.0 - TroikaTronix)
Isadora version 2.6.1.0 (HKLM-x32\...\D5DA0D06-1DF3-D8F4-7AE2-DE83813313DB_is1) (Version: 2.6.1.0 - TroikaTronix)
K-Lite Mega Codec Pack 14.5.2 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.5.2 - KLCP)
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
Microsoft Expression Encoder 4 (HKLM-x32\...\Encoder_4.0.3205.0) (Version: 4.0.3205.0 - Microsoft Corporation)
Microsoft Expression Encoder 4 Screen Capture Codec (HKLM-x32\...\{F9EC30D1-F688-4708-9850-CB5120074AAA}) (Version: 4.0.3205.0 - Microsoft Corporation)
Microsoft Office 365 - es-es (HKLM\...\O365HomePremRetail - es-es) (Version: 16.0.12130.20390 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1649023616-1861644052-698380833-1001\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1649023616-1861644052-698380833-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11272019150728034\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
MiniTool Partition Wizard Free 10.3 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Software Limited)
Mozilla Firefox 70.0.1 (x64 es-AR) (HKLM\...\Mozilla Firefox 70.0.1 (x64 es-AR)) (Version: 70.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.0.1 - Mozilla)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA Controlador de audio HD 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 441.08 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 441.08 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.0.118 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.0.118 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12130.20390 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12130.20390 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12130.20390 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.7571.2122 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0C0A-0000-0000000FF1CE}) (Version: 16.0.12130.20390 - Microsoft Corporation) Hidden
OMEN Command Center (HKLM\...\{B13CB0A1-4411-404C-A7DB-BB1441B089EC}) (Version: 1.1.46 - HP Inc.)
Opera Stable 65.0.3467.48 (HKU\S-1-5-21-1649023616-1861644052-698380833-1001\...\Opera 65.0.3467.48) (Version: 65.0.3467.48 - Opera Software)
Opera Stable 65.0.3467.48 (HKU\S-1-5-21-1649023616-1861644052-698380833-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11272019150728034\...\Opera 65.0.3467.48) (Version: 65.0.3467.48 - Opera Software)
osrss (HKLM-x32\...\{1BA1133B-1C7A-41A0-8CBF-9B993E63D296}) (Version: 1.0.0 - Microsoft Corporation) Hidden
Panda Devices Agent (HKLM-x32\...\{DB0164A2-ADE9-4FEE-B080-D506BDD6427F}) (Version: 1.08.09 - Panda Security) Hidden
Panda Devices Agent (HKLM-x32\...\Panda Devices Agent) (Version: 1.03.09 - Panda Security) Hidden
Panda Dome (HKLM\...\{2D17A736-B95E-411E-9397-6C5F16EA26BE}) (Version: 9.12.00 - Panda Security) Hidden
Panda Dome (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 18.05.00.0000 - Panda Security)
Panel de control de NVIDIA 441.08 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 441.08 - NVIDIA Corporation) Hidden
Paquete de controladores de Windows - Focusrite USB 2.0 Audio Driver (03/17/2014 2.5.128.1) (HKLM\...\D86E353566ECB4A7ADA159C02FE46D0BACC4FA6B) (Version: 03/17/2014 2.5.128.1 - Focusrite)
Pd-0.43.4-extended (HKLM-x32\...\pd_is1) (Version:  - puredata.info)
PL-2303 Vista Driver Installer (HKLM-x32\...\{EEC010D0-1252-4E1D-BAD9-F1B8F414535C}) (Version: 3.2.0.0 - Prolific)
Purr Data 2.9.0-20190416-rev.2b3f27c1 (HKLM-x32\...\Purr Data_is1) (Version:  - purrdata.net)
PuTTY release 0.70 (64-bit) (HKLM\...\{45B3032F-22CC-40CD-9E97-4DA7095FA5A2}) (Version: 0.70.0.0 - Simon Tatham)
QuickTime (HKLM-x32\...\{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}) (Version: 7.60.92.0 - Apple Inc.)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.69 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.370.149 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.13.1223.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8703.1 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.88 - REALTEK Semiconductor Corp.)
Reason 4.0 (HKLM-x32\...\Reason4_is1) (Version: 4.0 - Propellerhead Software AB)
Revo Uninstaller 2.0.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.5 - VS Revo Group, Ltd.)
Samplitude 11 (HKLM-x32\...\{AE0009FD-8F50-4565-835D-4432BD18D792}) (Version: 11.0.1.0 - MAGIX AG)
SD Card Formatter (HKLM-x32\...\{A61131DC-B92D-4AD8-A925-E2D6D5FE217C}) (Version: 5.0.1 - SD Association)
Skype™ 7.41 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.41.101 - Skype Technologies S.A.)
SMPlayer 18.10.0 (x64) (HKLM\...\SMPlayer) (Version: 18.10.0 - Ricardo Villalba)
SONAR 7 Producer Edition (HKLM-x32\...\SONARProducer_is1) (Version: 15.0 - Cakewalk Music Software)
Speccy (HKLM\...\Speccy) (Version: 1.31 - Piriform)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.7.64.0 - Safer-Networking Ltd.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.10 - Synaptics Incorporated)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{B0D957AA-9ADA-4396-9757-B7EF0FCA648C}) (Version: 1.17.0.0 - Microsoft Corporation) Hidden
VdhCoApp 1.2.4 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version:  - DownloadHelper)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-2) (Version: 1.0.33.0 - LunarG, Inc.)
Win32DiskImager version 1.0.0 (HKLM-x32\...\{3DFFA293-DF2C-4B23-92E5-3433BDC310E1}}_is1) (Version: 1.0.0 - ImageWriter Developers)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Wondershare Helper Compact 2.5.3 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.3 - Wondershare)
Wondershare Video Converter Ultimate(Build 10.1.0.133) (HKLM-x32\...\Video Converter Ultimate_is1) (Version: 10.1.0.133 - Wondershare Software)
XSplit Broadcaster (HKLM-x32\...\{B5FEF967-C79D-4F28-BB6B-A2152F297D5A}) (Version: 2.7.1602.2231 - SplitmediaLabs)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-07] (Autodesk Inc.)
Correo y Calendario -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12228.20276.0_x64__8wekyb3d8bbwe [2019-11-25] (Microsoft Corporation) [MS Ad]
HP JumpStart -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStart_1.2.378.0_x64__v10z8vjag6ke6 [2017-09-22] (HP Inc.)
HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.0.38.0_x64__v10z8vjag6ke6 [2019-11-07] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-18] (Microsoft Corporation) [MS Ad]
Microsoft Noticias -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.33.13094.0_x64__8wekyb3d8bbwe [2019-11-20] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.11052.0_x64__8wekyb3d8bbwe [2019-11-11] (Microsoft Studios) [MS Ad]
MSN El tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.33.13253.0_x64__8wekyb3d8bbwe [2019-11-25] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.95.602.0_x64__mcm4njqhnhss8 [2019-11-03] (Netflix, Inc.)
PDF Reader - Visualizar, Anotar, Compartir -> C:\Program Files\WindowsApps\0D9A1B2D.PDFReaderUWP_1.9.1015.0_x64__jhretta7p24aw [2019-10-17] (Kdan Mobile Software Ltd.) [MS Ad]
WinZip Universal -> C:\Program Files\WindowsApps\WinZipComputing.WinZipUniversal_1.5.13516.0_x64__3ykzqggjzj4z0 [2019-06-05] (WinZip Computing)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1649023616-1861644052-698380833-1001_Classes\CLSID\{581FFA00-FC33-0008-0302-95003A5CDE89}\InprocServer32 -> C:\Users\anibal\AppData\Roaming\BitTorrent Sync\ShellExtensionPath64_230.dll () [File not signed]
CustomCLSID: HKU\S-1-5-21-1649023616-1861644052-698380833-1001_Classes\CLSID\{581FFA01-FC33-0008-0302-95003A5CDE89}\InprocServer32 -> C:\Users\anibal\AppData\Roaming\BitTorrent Sync\ShellExtensionPath64_230.dll () [File not signed]
CustomCLSID: HKU\S-1-5-21-1649023616-1861644052-698380833-1001_Classes\CLSID\{C591CFEA-E432-495d-A0BE-58E4CCD87B17}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
CustomCLSID: HKU\S-1-5-21-1649023616-1861644052-698380833-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\anibal\Dropbox [2018-05-19 12:35]
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-10-24] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-10-24] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-10-24] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [!BTSync2.3.8Done] -> {581FFA04-FC33-0008-0302-95003A5CDE89} => C:\ProgramData\BitTorrent Sync\ShellExtensionOverlay64_230.dll [2018-05-21] () [File not signed]
ShellIconOverlayIdentifiers: [!BTSync2.3.8RO] -> {581FFA03-FC33-0008-0302-95003A5CDE89} => C:\ProgramData\BitTorrent Sync\ShellExtensionOverlay64_230.dll [2018-05-21] () [File not signed]
ShellIconOverlayIdentifiers: [!BTSync2.3.8RW] -> {581FFA02-FC33-0008-0302-95003A5CDE89} => C:\ProgramData\BitTorrent Sync\ShellExtensionOverlay64_230.dll [2018-05-21] () [File not signed]
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [!BTSync2.3.8Done] -> {581FFA04-FC33-0008-0302-95003A5CDE89} => C:\ProgramData\BitTorrent Sync\ShellExtensionOverlay64_230.dll [2018-05-21] () [File not signed]
ShellIconOverlayIdentifiers-x32: [!BTSync2.3.8RO] -> {581FFA03-FC33-0008-0302-95003A5CDE89} => C:\ProgramData\BitTorrent Sync\ShellExtensionOverlay64_230.dll [2018-05-21] () [File not signed]
ShellIconOverlayIdentifiers-x32: [!BTSync2.3.8RW] -> {581FFA02-FC33-0008-0302-95003A5CDE89} => C:\ProgramData\BitTorrent Sync\ShellExtensionOverlay64_230.dll [2018-05-21] () [File not signed]
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_103.dll [2013-06-17] (Free Time) [File not signed]
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-10-24] (Google LLC -> Google)
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2019-03-10] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2018-01-29] (Panda Security S.L. -> Panda Security, S.L.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2019-03-10] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-11-27] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_103.dll [2013-06-17] (Free Time) [File not signed]
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-10-24] (Google LLC -> Google)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki130350.inf_amd64_696b7c6764071b63\igfxDTCM.dll [2018-12-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-10-22] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2018-01-29] (Panda Security S.L. -> Panda Security, S.L.)
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2019-03-10] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-11-27] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2018-01-29] (Panda Security S.L. -> Panda Security, S.L.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-1649023616-1861644052-698380833-1001: [BTSync2.3.8] -> {581FFA00-FC33-0008-0302-95003A5CDE89} => C:\Users\anibal\AppData\Roaming\BitTorrent Sync\ShellExtensionPath64_230.dll [2018-05-21] () [File not signed]
ContextMenuHandlers4_S-1-5-21-1649023616-1861644052-698380833-1001: [BTSync2.3.8] -> {581FFA00-FC33-0008-0302-95003A5CDE89} => C:\Users\anibal\AppData\Roaming\BitTorrent Sync\ShellExtensionPath64_230.dll [2018-05-21] () [File not signed]

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.X264] => C:\windows\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.HFYU] => C:\windows\system32\huffyuv.dll [55296 2005-01-21] () [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\windows\system32\lagarith.dll [148992 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\windows\system32\xvidvfw.dll [311296 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\windows\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.Hap1] => C:\windows\system32\hapcodec.dll [600576 2019-05-26] (Renderheads Ltd. (mods by TroikaTronix)) [File not signed]
HKLM\...\Drivers32: [VIDC.Hap5] => C:\windows\system32\hapcodec.dll [600576 2019-05-26] (Renderheads Ltd. (mods by TroikaTronix)) [File not signed]
HKLM\...\Drivers32: [VIDC.HapY] => C:\windows\system32\hapcodec.dll [600576 2019-05-26] (Renderheads Ltd. (mods by TroikaTronix)) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.HFYU] => C:\Windows\SysWOW64\huffyuv.dll [39936 2004-05-18] (Disappearing Inc.) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [284672 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.lameacm] => C:\Windows\SysWOW64\lameACM.acm [473088 2015-02-25] (hxxp://www.mp3dev.org/) [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112128 2015-10-24] () [File not signed]
HKLM\...\Drivers32: [VIDC.Hap1] => C:\Windows\SysWOW64\hapcodec.dll [273920 2019-05-26] (Renderheads Ltd. (mods by TroikaTronix)) [File not signed]
HKLM\...\Drivers32: [VIDC.Hap5] => C:\Windows\SysWOW64\hapcodec.dll [273920 2019-05-26] (Renderheads Ltd. (mods by TroikaTronix)) [File not signed]
HKLM\...\Drivers32: [VIDC.HapY] => C:\Windows\SysWOW64\hapcodec.dll [273920 2019-05-26] (Renderheads Ltd. (mods by TroikaTronix)) [File not signed]
HKLM\...\Drivers32: [msacm.pspgru] => C:\Windows\SysWOW64\pspgru.acm [401920 2010-03-22] (Philips Austria GmbH - Speech Processing) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\anibal\Desktop\pd.bat.lnk -> C:\Users\anibal\Desktop\pd-AC\pd.bat ()

==================== Loaded Modules (Whitelisted) =============

2018-05-21 17:38 - 2018-05-21 17:38 - 000505856 _____ () [File not signed] C:\ProgramData\BitTorrent Sync\ShellExtensionOverlay64_230.dll
2018-05-21 17:38 - 2018-05-21 17:38 - 001053184 _____ () [File not signed] C:\Users\anibal\AppData\Roaming\BitTorrent Sync\ShellExtensionPath64_230.dll
2013-06-17 14:33 - 2013-06-17 14:33 - 000090112 _____ (Free Time) [File not signed] C:\Program Files (x86)\FormatFactory\ShellEx64_103.dll
2012-10-18 13:44 - 2012-10-18 13:44 - 000065560 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\MFC100ESN.DLL
2012-10-18 13:45 - 2012-10-18 13:45 - 004424728 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\mfc100u.dll
2012-10-18 13:45 - 2012-10-18 13:45 - 000422936 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\MSVCP100.dll
2012-10-18 13:45 - 2012-10-18 13:45 - 000775704 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\MSVCR100.dll
2017-05-17 05:56 - 2017-05-17 05:56 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Root\Office16\AppVIsvSubsystems32.dll
2017-05-17 05:56 - 2017-05-17 05:56 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Root\Office16\c2r32.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-1649023616-1861644052-698380833-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1649023616-1861644052-698380833-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1649023616-1861644052-698380833-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1649023616-1861644052-698380833-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1649023616-1861644052-698380833-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1649023616-1861644052-698380833-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1649023616-1861644052-698380833-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1649023616-1861644052-698380833-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1649023616-1861644052-698380833-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1649023616-1861644052-698380833-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1649023616-1861644052-698380833-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1649023616-1861644052-698380833-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1649023616-1861644052-698380833-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1649023616-1861644052-698380833-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1649023616-1861644052-698380833-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1649023616-1861644052-698380833-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1649023616-1861644052-698380833-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1649023616-1861644052-698380833-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1649023616-1861644052-698380833-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1649023616-1861644052-698380833-1001\...\123simsen.com -> www.123simsen.com

There are 7941 more sites.

IE restricted site: HKU\S-1-5-21-1649023616-1861644052-698380833-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11272019150728034\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1649023616-1861644052-698380833-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11272019150728034\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1649023616-1861644052-698380833-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11272019150728034\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1649023616-1861644052-698380833-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11272019150728034\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1649023616-1861644052-698380833-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11272019150728034\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1649023616-1861644052-698380833-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11272019150728034\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1649023616-1861644052-698380833-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11272019150728034\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1649023616-1861644052-698380833-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11272019150728034\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1649023616-1861644052-698380833-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11272019150728034\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1649023616-1861644052-698380833-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11272019150728034\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1649023616-1861644052-698380833-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11272019150728034\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1649023616-1861644052-698380833-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11272019150728034\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1649023616-1861644052-698380833-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11272019150728034\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1649023616-1861644052-698380833-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11272019150728034\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1649023616-1861644052-698380833-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11272019150728034\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1649023616-1861644052-698380833-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11272019150728034\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1649023616-1861644052-698380833-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11272019150728034\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1649023616-1861644052-698380833-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11272019150728034\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1649023616-1861644052-698380833-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11272019150728034\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1649023616-1861644052-698380833-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11272019150728034\...\123simsen.com -> www.123simsen.com

There are 7941 more sites.


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 18:03 - 2019-10-29 11:30 - 000454790 ____R C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123haustiereundmehr.com
127.0.0.1	123moviedownload.com
127.0.0.1	www.123moviedownload.com

There are 15610 more lines.


2018-06-22 17:34 - 2018-06-22 17:42 - 000000375 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\PuTTY\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11272019150714015\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11272019150739532\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11272019150722848\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-1649023616-1861644052-698380833-1001\Control Panel\Desktop\\Wallpaper -> C:\windows\web\wallpaper\HP Backgrounds\backgroundDefault.jpg
HKU\S-1-5-21-1649023616-1861644052-698380833-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11272019150728034\Control Panel\Desktop\\Wallpaper -> C:\windows\web\wallpaper\HP Backgrounds\backgroundDefault.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "AdobeGCInvoker-1.0"
HKU\S-1-5-21-1649023616-1861644052-698380833-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1649023616-1861644052-698380833-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11272019150728034\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{7EA6D08D-A7F6-4021-A874-43F847E71088}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{450223F7-8591-4B6E-A643-01C6ADE876A4}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{B521E87A-B221-4609-BA13-EB33558ACB06}] => (Allow) LPort=51001
FirewallRules: [{411C73A0-6267-499B-8859-3E7012ED237A}] => (Allow) LPort=51001
FirewallRules: [{49F895E6-09BE-4F37-B0EE-305C7D938CF6}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{F0B04B0D-3E5A-4FB1-A86E-D1E17229F6A8}C:\program files\isadora 3\isadora.exe] => (Allow) C:\program files\isadora 3\isadora.exe (TroikaTronix -> TroikaTronix)
FirewallRules: [UDP Query User{0186B308-C010-462D-AD48-DFA5F19238E4}C:\program files\isadora 3\isadora.exe] => (Allow) C:\program files\isadora 3\isadora.exe (TroikaTronix -> TroikaTronix)
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Restore Points =========================

25-11-2019 18:36:18 Instalador de Módulos de Windows
27-11-2019 15:13:30 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices ============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (11/27/2019 03:10:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: SearchUI.exe, versión: 10.0.18362.418, marca de tiempo: 0x5d995690
Nombre del módulo con errores: Windows.UI.Xaml.dll, versión: 10.0.18362.418, marca de tiempo: 0x253810c2
Código de excepción: 0xc000027b
Desplazamiento de errores: 0x0000000000712dc0
Identificador del proceso con errores: 0x2984
Hora de inicio de la aplicación con errores: 0x01d5a54deb9ce65a
Ruta de acceso de la aplicación con errores: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Ruta de acceso del módulo con errores: C:\Windows\System32\Windows.UI.Xaml.dll
Identificador del informe: 759fa474-89d0-43cf-a05b-fdca49b5acb4
Nombre completo del paquete con errores: Microsoft.Windows.Cortana_1.13.0.18362_neutral_neutral_cw5n1h2txyewy
Identificador de aplicación relativa del paquete con errores: CortanaUI

Error: (11/27/2019 03:09:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: SearchUI.exe, versión: 10.0.18362.418, marca de tiempo: 0x5d995690
Nombre del módulo con errores: Windows.UI.Xaml.dll, versión: 10.0.18362.418, marca de tiempo: 0x253810c2
Código de excepción: 0xc000027b
Desplazamiento de errores: 0x0000000000712dc0
Identificador del proceso con errores: 0x2904
Hora de inicio de la aplicación con errores: 0x01d5a54dc8539f44
Ruta de acceso de la aplicación con errores: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Ruta de acceso del módulo con errores: C:\Windows\System32\Windows.UI.Xaml.dll
Identificador del informe: eb8d1b01-5d91-488a-86c3-b8ab483e1854
Nombre completo del paquete con errores: Microsoft.Windows.Cortana_1.13.0.18362_neutral_neutral_cw5n1h2txyewy
Identificador de aplicación relativa del paquete con errores: CortanaUI

Error: (11/27/2019 03:09:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: SearchUI.exe, versión: 10.0.18362.418, marca de tiempo: 0x5d995690
Nombre del módulo con errores: Windows.UI.Xaml.dll, versión: 10.0.18362.418, marca de tiempo: 0x253810c2
Código de excepción: 0xc000027b
Desplazamiento de errores: 0x0000000000712dc0
Identificador del proceso con errores: 0xec
Hora de inicio de la aplicación con errores: 0x01d5a54dc68e943d
Ruta de acceso de la aplicación con errores: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Ruta de acceso del módulo con errores: C:\Windows\System32\Windows.UI.Xaml.dll
Identificador del informe: 3c228f64-3df5-41e4-bfa4-28a0be9c9ec9
Nombre completo del paquete con errores: Microsoft.Windows.Cortana_1.13.0.18362_neutral_neutral_cw5n1h2txyewy
Identificador de aplicación relativa del paquete con errores: CortanaUI

Error: (11/27/2019 03:09:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: SearchUI.exe, versión: 10.0.18362.418, marca de tiempo: 0x5d995690
Nombre del módulo con errores: Windows.UI.Xaml.dll, versión: 10.0.18362.418, marca de tiempo: 0x253810c2
Código de excepción: 0xc000027b
Desplazamiento de errores: 0x0000000000712dc0
Identificador del proceso con errores: 0x2a98
Hora de inicio de la aplicación con errores: 0x01d5a54dc4bdb383
Ruta de acceso de la aplicación con errores: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Ruta de acceso del módulo con errores: C:\Windows\System32\Windows.UI.Xaml.dll
Identificador del informe: 0f7b1a91-2c01-4f66-b0c9-503aa1b7933e
Nombre completo del paquete con errores: Microsoft.Windows.Cortana_1.13.0.18362_neutral_neutral_cw5n1h2txyewy
Identificador de aplicación relativa del paquete con errores: CortanaUI

Error: (11/27/2019 03:09:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: SearchUI.exe, versión: 10.0.18362.418, marca de tiempo: 0x5d995690
Nombre del módulo con errores: Windows.UI.Xaml.dll, versión: 10.0.18362.418, marca de tiempo: 0x253810c2
Código de excepción: 0xc000027b
Desplazamiento de errores: 0x0000000000712dc0
Identificador del proceso con errores: 0x2834
Hora de inicio de la aplicación con errores: 0x01d5a54dc2a49872
Ruta de acceso de la aplicación con errores: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Ruta de acceso del módulo con errores: C:\Windows\System32\Windows.UI.Xaml.dll
Identificador del informe: 47df9919-c92a-4087-a568-d0e90b66cdc4
Nombre completo del paquete con errores: Microsoft.Windows.Cortana_1.13.0.18362_neutral_neutral_cw5n1h2txyewy
Identificador de aplicación relativa del paquete con errores: CortanaUI

Error: (11/27/2019 03:09:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: SearchUI.exe, versión: 10.0.18362.418, marca de tiempo: 0x5d995690
Nombre del módulo con errores: Windows.UI.Xaml.dll, versión: 10.0.18362.418, marca de tiempo: 0x253810c2
Código de excepción: 0xc000027b
Desplazamiento de errores: 0x0000000000712dc0
Identificador del proceso con errores: 0x2abc
Hora de inicio de la aplicación con errores: 0x01d5a54dbe5148b7
Ruta de acceso de la aplicación con errores: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Ruta de acceso del módulo con errores: C:\Windows\System32\Windows.UI.Xaml.dll
Identificador del informe: 7362c9ce-3745-447d-abc4-495be06241fa
Nombre completo del paquete con errores: Microsoft.Windows.Cortana_1.13.0.18362_neutral_neutral_cw5n1h2txyewy
Identificador de aplicación relativa del paquete con errores: CortanaUI

Error: (11/27/2019 03:08:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: SearchUI.exe, versión: 10.0.18362.418, marca de tiempo: 0x5d995690
Nombre del módulo con errores: Windows.UI.Xaml.dll, versión: 10.0.18362.418, marca de tiempo: 0x253810c2
Código de excepción: 0xc000027b
Desplazamiento de errores: 0x0000000000712dc0
Identificador del proceso con errores: 0x1fc8
Hora de inicio de la aplicación con errores: 0x01d5a54daeddc408
Ruta de acceso de la aplicación con errores: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Ruta de acceso del módulo con errores: C:\Windows\System32\Windows.UI.Xaml.dll
Identificador del informe: c772cbf7-44b5-4a1a-99e1-2d4413506c9d
Nombre completo del paquete con errores: Microsoft.Windows.Cortana_1.13.0.18362_neutral_neutral_cw5n1h2txyewy
Identificador de aplicación relativa del paquete con errores: CortanaUI

Error: (11/27/2019 03:07:58 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.


System errors:
=============
Error: (11/27/2019 03:14:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio NVIDIA LocalSystem Container terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 6000 milisegundos: Reiniciar el servicio.

Error: (11/27/2019 03:14:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio NVIDIA Display Container LS terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 6000 milisegundos: Reiniciar el servicio.

Error: (11/27/2019 03:08:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio HP Comm Recovery no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (11/27/2019 03:06:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio HP Orbit Service no pudo iniciarse debido al siguiente error: 
El sistema no puede encontrar el archivo especificado.

Error: (11/27/2019 03:04:10 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: El módulo de extensibilidad de WLAN se detuvo inesperadamente.

Ruta de acceso del módulo: C:\WINDOWS\system32\Rtlihvs.dll

Error: (11/27/2019 03:04:10 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: El módulo de extensibilidad de WLAN se detuvo inesperadamente.

Ruta de acceso del módulo: C:\WINDOWS\system32\Rtlihvs.dll

Error: (11/27/2019 03:04:00 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: El módulo de extensibilidad de WLAN se detuvo inesperadamente.

Ruta de acceso del módulo: C:\WINDOWS\system32\Rtlihvs.dll

Error: (11/27/2019 03:03:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio HP JumpStart Bridge terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 60000 milisegundos: Reiniciar el servicio.


Windows Defender:
===================================
Date: 2019-11-27 15:17:58.710
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.305.2893.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.16500.1
Código de error: 0x80240438
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulta Ayuda y soporte técnico. 

Date: 2019-11-27 14:35:15.409
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.305.2893.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.16500.1
Código de error: 0x80240438
Descripción del error: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulta Ayuda y soporte técnico. 

CodeIntegrity:
===================================

Date: 2019-11-27 15:06:13.154
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Panda Security\Panda Security Protection\PAV3WSC.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-11-27 15:06:12.638
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Panda Security\Panda Security Protection\PAV3WSC.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-11-27 15:05:40.462
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\GUBootStartup.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-11-27 14:49:41.613
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-11-27 14:49:41.610
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-11-26 18:23:00.427
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\GUBootStartup.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-11-25 18:49:16.297
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Panda Security\Panda Security Protection\PAV3WSC.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-11-25 18:49:16.245
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Panda Security\Panda Security Protection\PAV3WSC.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info =========================== 

BIOS: American Megatrends Inc. F.19 04/18/2019
Motherboard: HP 838F
Processor: Intel(R) Core(TM) i7-7700HQ CPU @ 2.80GHz
Percentage of memory in use: 34%
Total physical RAM: 12170.76 MB
Available physical RAM: 8028.01 MB
Total Virtual: 14602.76 MB
Available Virtual: 9304.63 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:381.36 GB) (Free:188.47 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:13.44 GB) (Free:1.59 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (Datos) (Fixed) (Total:398.25 GB) (Free:230.75 GB) NTFS

\\?\Volume{43aded80-6aaf-4879-81d7-b50b3976cf4f}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.33 GB) NTFS
\\?\Volume{34a129d6-f622-414c-b010-62c8d0dbb087}\ () (Fixed) (Total:0.25 GB) (Free:0.17 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 9DFAE684)

Partition: GPT.

==================== End of Addition.txt =======================

anzorrilla · 27 Noviembre, 2019 19:00

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-11-2019 01
Ran by anibal (administrator) on LAPTOP-PBMAK5KO (HP OMEN by HP Laptop 15-ce0xx) (27-11-2019 15:25:22)
Running from C:\Users\anibal\Desktop
Loaded Profiles: anibal (Available Profiles: anibal)
Platform: Windows 10 Home Single Language Version 1909 18363.418 (X64) Language: Español (México)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler64.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\OMEN Ally\HPOMNSVC.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_714bb34a8e64bfef\x64\TouchpointAnalyticsClientService.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_7898ab4dfb5a2c7b\x64\AppHelperCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_7898ab4dfb5a2c7b\x64\NetworkCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_7898ab4dfb5a2c7b\x64\SysInfoCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_a2ee347f50507237\x64\OmenCap.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki130350.inf_amd64_696b7c6764071b63\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki130350.inf_amd64_696b7c6764071b63\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki130350.inf_amd64_696b7c6764071b63\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9270560 2019-05-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtlS5Wake] => C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe [2097600 2019-09-23] (Realtek Semiconductor Corp. -> Realtek)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [151224 2017-11-23] (Panda Security S.L. -> Panda Security, S.L.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [413696 2009-01-05] (Apple Inc.) [File not signed]
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133216 2017-03-23] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [6260544 2019-11-14] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2068856 2011-10-12] (Flexera Software LLC -> Flexera Software LLC.)
HKLM-x32\...\Run: [DNS7reminder] => C:\Program Files (x86)\Nuance\NaturallySpeaking12\Ereg\Ereg.exe [328992 2010-10-27] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKU\S-1-5-21-1649023616-1861644052-698380833-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [44016 2019-10-28] (Glarysoft LTD -> Glarysoft Ltd)
HKU\S-1-5-21-1649023616-1861644052-698380833-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [2068856 2011-10-12] (Flexera Software LLC -> Flexera Software LLC.)
HKU\S-1-5-21-1649023616-1861644052-698380833-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24916512 2019-10-01] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-1649023616-1861644052-698380833-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11272019150728034\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [44016 2019-10-28] (Glarysoft LTD -> Glarysoft Ltd)
HKU\S-1-5-21-1649023616-1861644052-698380833-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11272019150728034\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [2068856 2011-10-12] (Flexera Software LLC -> Flexera Software LLC.)
HKU\S-1-5-21-1649023616-1861644052-698380833-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11272019150728034\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24916512 2019-10-01] (Piriform Software Ltd -> Piriform Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.108\Installer\chrmstp.exe [2019-11-20] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00569DE8-115F-4798-BBD0-006A71590BE3} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1423464 2019-11-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {07614271-0D21-479F-839F-D14527697F5D} - System32\Tasks\Opera scheduled Autoupdate 1572968706 => C:\Users\anibal\AppData\Local\Programs\Opera\launcher.exe [1528344 2019-11-20] (Opera Software AS -> Opera Software)
Task: {0BCB1ADC-B564-4DDB-B7C1-BD44C4F073A8} - no filepath
Task: {0D843CEF-3B21-493E-A387-A648D6D6A8FC} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {1A6D4B49-6BEA-4A2E-9BA7-1B35AAB7135C} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913448 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1BCC53CF-FE23-46A5-B81C-5FCE6B3BDF23} - no filepath
Task: {1D92FAAB-21DD-4478-ADDD-0D8F00D4DD2A} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1423464 2019-11-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {1E63232A-5BC0-48D4-9DE2-A5880F5CBFC9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-19] (Google Inc -> Google Inc.)
Task: {220F2013-132E-40A7-B8BF-79F9BD03D9B8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {2B88C8E4-681F-4E9F-AD72-A7FBD11776DD} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913448 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {303E53B0-9278-403D-94B8-33A749AFFD72} - \HP\HP CoolSense\HP CoolSense Start at Logon -> No File <==== ATTENTION
Task: {322F3F9D-EE83-4C42-AB5E-9B6584C5BDF7} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1586288 2019-11-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {3387F5F0-682D-4C44-B29A-832EB156018D} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {35178B91-E669-4AAF-807E-0782FA4FCB3A} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3DD9D172-921F-4DA7-8370-8F728140E407} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {3F203278-885B-4F45-812F-1F21EFFC8708} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27367288 2019-11-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {50546278-B444-49EE-8C4D-A6E0AE20A0D7} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [543536 2016-12-05] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {5CEAB7E4-A6E2-40B9-81B6-C73704C845EE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [655736 2019-07-31] (HP Inc. -> HP Inc.)
Task: {6E149853-3C77-4B49-9385-C0870A7C32FD} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3310688 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6E8B307F-386B-4F93-B183-8C3B3469DB56} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {759FDA1A-4546-4B8C-9667-1D75D99C724B} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe
Task: {7B5A99EE-D4E8-4289-BEA4-6B4B887622F3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-19] (Google Inc -> Google Inc.)
Task: {7C4B6DBA-387E-4511-848E-902B704C971A} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7DFE1587-BBB2-46E3-9F85-2AC50499B7E2} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {89B83E5A-3DAC-471C-A11A-EEB45204179A} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_270_Plugin.exe [1457720 2019-11-11] (Adobe Inc. -> Adobe)
Task: {8D2C0409-2EC7-4D4B-9B66-F7A649626312} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653864 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8FC05493-E6E4-466E-AC6E-3820CB893DB9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [144248 2019-10-10] (HP Inc. -> HP Inc.)
Task: {9BC9F908-85D4-4EAD-8C4D-E4214BD0B322} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114000 2019-11-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {9BFCBCFF-430C-466B-BF53-F9FAA50BD65F} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {A44758CD-AEAD-4A5D-B9D0-7D96083F727D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe
Task: {AA3E1F77-F926-4B28-9B84-6C04DAB82C73} - System32\Tasks\HPCeeScheduleForanibal => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [97656 2018-09-11] (HP Inc. -> HP Inc.)
Task: {B0980723-DED0-45ED-BDE4-55140E070E86} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114000 2019-11-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {B4A7BBF2-CCD9-4DCE-BD85-4FF8AAD17544} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B594960A-61FB-4831-8F00-BA237FFFDF20} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-05-19] (Dropbox, Inc -> Dropbox, Inc.)
Task: {B61167F8-9972-4E68-9B6E-B6CA03F7A971} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18732320 2019-10-01] (Piriform Software Ltd -> Piriform Ltd)
Task: {B64D9D98-5F4D-4991-AF6B-B78CA1DC900E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [566592 2008-07-30] (Apple Inc. -> Apple Inc.)
Task: {C0E43686-1099-45E3-BA4A-4EBFF8446612} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-10-01] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {E6B1E44F-B20A-41F0-9D5C-FC87446F42A6} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-05-19] (Dropbox, Inc -> Dropbox, Inc.)
Task: {EAA30170-7001-436E-B343-479E4FED9CD2} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27367288 2019-11-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {EF14870E-BD7A-492F-96DF-CEA8F8A6F804} - no filepath
Task: {F21D684F-54C4-4D1F-821F-F5A3B9B5AC60} - System32\Tasks\OMEN Command Center BackGround Process => C:\Program Files\HP\OMEN Ally\HPOMENBG.exe [254968 2017-04-27] (HP Inc. -> )

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForanibal.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{2d9f5f56-e693-404a-887c-488a9cf373a9}: [DhcpNameServer] 200.115.192.89 181.47.254.164 200.115.192.29
Tcpip\..\Interfaces\{f0129c61-d3b4-43d6-a1d3-15ff51fd60ec}: [DhcpNameServer] 181.47.254.164 190.55.60.129 181.47.248.145

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-1649023616-1861644052-698380833-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1649023616-1861644052-698380833-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-1649023616-1861644052-698380833-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11272019150728034\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1649023616-1861644052-698380833-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11272019150728034\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-07-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-11-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-11-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-11-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-11-03] (Microsoft Corporation -> Microsoft Corporation)

Edge: 
======
Edge Session Restore: HKU\S-1-5-21-1649023616-1861644052-698380833-1001 -> is enabled.

FireFox:
========
FF DefaultProfile: 6gpnhz4x.default
FF ProfilePath: C:\Users\anibal\AppData\Roaming\Mozilla\Firefox\Profiles\6gpnhz4x.default [2019-11-27]
FF Session Restore: Mozilla\Firefox\Profiles\6gpnhz4x.default -> is enabled.
FF Extension: (Spanish (Spain) Dictionary) - C:\Users\anibal\AppData\Roaming\Mozilla\Firefox\Profiles\6gpnhz4x.default\Extensions\[email protected] [2019-11-11]
FF Extension: (Ghostery – Bloqueador de anuncios para privacidad) - C:\Users\anibal\AppData\Roaming\Mozilla\Firefox\Profiles\6gpnhz4x.default\Extensions\[email protected] [2019-11-21]
FF Extension: (English (GB) Language Pack) - C:\Users\anibal\AppData\Roaming\Mozilla\Firefox\Profiles\6gpnhz4x.default\Extensions\[email protected] [2019-10-28]
FF Extension: (Español (España) Language Pack) - C:\Users\anibal\AppData\Roaming\Mozilla\Firefox\Profiles\6gpnhz4x.default\Extensions\[email protected] [2019-11-11]
FF Extension: (British English Dictionary (Marco Pinto)) - C:\Users\anibal\AppData\Roaming\Mozilla\Firefox\Profiles\6gpnhz4x.default\Extensions\[email protected] [2019-11-27]
FF Extension: (ImTranslator: Traductor, Diccionario, Voz) - C:\Users\anibal\AppData\Roaming\Mozilla\Firefox\Profiles\6gpnhz4x.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2019-11-03]
FF Extension: (Video DownloadHelper) - C:\Users\anibal\AppData\Roaming\Mozilla\Firefox\Profiles\6gpnhz4x.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2019-08-04]
FF HKLM-x32\...\Firefox\Extensions: [jid0-lmZNVK7a82O8cufhdfB9dUDfA2w@jetpack] - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ffShim.xpi
FF Extension: (Dragon NaturallySpeaking Rich Internet Application Support) - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ffShim.xpi [2012-10-18] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_270.dll [2019-11-11] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_270.dll [2019-11-11] (Adobe Inc. -> )
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=3.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: nuance.com/DragonRIAPlugin -> C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\npDgnRia.dll [2012-10-18] (Nuance Communications, Inc. -> Nuance Communications Inc.)

Chrome: 
=======
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\anibal\AppData\Local\Google\Chrome\User Data\Default [2019-11-27]
CHR Extension: (Presentaciones) - C:\Users\anibal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-06-12]
CHR Extension: (Documentos) - C:\Users\anibal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-06-12]
CHR Extension: (Google Drive) - C:\Users\anibal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-06-12]
CHR Extension: (YouTube) - C:\Users\anibal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-06-12]
CHR Extension: (Hojas de cálculo) - C:\Users\anibal\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-06-12]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\anibal\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-30]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\anibal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-12]
CHR Extension: (Gmail) - C:\Users\anibal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-06-12]
CHR Extension: (Chrome Media Router) - C:\Users\anibal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-02-08]
CHR HKU\S-1-5-21-1649023616-1861644052-698380833-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKU\S-1-5-21-1649023616-1861644052-698380833-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11272019150728034\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [mikhcaiakabeeokmenglcdebplfdjicn] - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\chromeShim.crx [2012-10-18]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [134624 2017-04-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11650416 2019-11-17] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-05-19] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-05-19] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2019-11-14] (Dropbox, Inc -> Dropbox, Inc.)
R2 esifsvc; C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe [1651792 2017-10-27] (Intel Corporation -> Intel Corporation)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_7898ab4dfb5a2c7b\x64\AppHelperCap.exe [447248 2019-08-15] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_7898ab4dfb5a2c7b\x64\NetworkCap.exe [445712 2019-08-15] (HP Inc. -> HP Inc.)
R2 HPOmenCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_a2ee347f50507237\x64\OmenCap.exe [445200 2019-08-14] (HP Inc. -> HP Inc.)
R2 HPOMNSVC; c:\Program Files\HP\OMEN Ally\HPOMNSVC.exe [619000 2017-04-27] (HP Inc. -> HP Inc.)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1077752 2016-09-28] (HP Inc. -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [360312 2019-10-14] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_7898ab4dfb5a2c7b\x64\SysInfoCap.exe [449808 2019-08-15] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_714bb34a8e64bfef\x64\TouchpointAnalyticsClientService.exe [429008 2019-10-08] (HP Inc. -> HP Inc.)
R2 HPWMISVC; C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [628768 2017-07-13] (HP Inc. -> HP Inc.)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [630048 2016-12-05] (Intel(R) Trust Services -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [196200 2017-02-19] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6960640 2019-11-27] (Malwarebytes Inc -> Malwarebytes)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [109024 2017-11-08] (Panda Security S.L. -> Panda Security, S.L.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Panda VPN Service; C:\Program Files (x86)\Panda Security\Panda Security Protection\Hydra.Sdk.Windows.Service.exe [320848 2017-11-19] (AnchorFree Inc -> )
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [84176 2019-02-19] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [48784 2017-10-17] (Panda Security S.L. -> Panda Security, S.L.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [267552 2019-05-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 RtkBtManServ; C:\WINDOWS\RtkBtManServ.exe [703392 2019-08-22] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3892256 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [3943664 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233712 2018-02-06] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [269912 2017-03-17] (Synaptics Incorporated -> Synaptics Incorporated)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\Video Converter Ultimate\Transfer\DriverInstall.exe [89088 2017-09-25] (Wondershare) [File not signed]
R2 XTU3SERVICE; C:\WINDOWS\SysWOW64\XtuService.exe [26416 2019-05-06] (Intel Corporation -> Intel(R) Corporation)
S2 HP Comm Recover; "C:\Program Files\HPCommRecovery\HPCommRecovery.exe" [X]
S2 HP Orbit Service; "C:\Program Files\HP\HP Orbit Service\HPOrbitService.exe" [X]
S2 HPJumpStartBridge; "c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe" [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

anzorrilla · 27 Noviembre, 2019 19:01

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2017-11-16] (AnchorFree Inc -> The OpenVPN Project)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [76696 2017-10-27] (Intel Corporation -> Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [70040 2017-10-27] (Intel Corporation -> Intel Corporation)
R3 DroidCam; C:\WINDOWS\System32\drivers\droidcam.sys [33592 2015-05-24] (DEV47 APPS -> Dev47Apps)
R3 DroidCamVideo; C:\WINDOWS\System32\drivers\droidcamvideo.sys [230712 2015-05-24] (DEV47 APPS -> Windows (R) Win 7 DDK provider)
R3 esif_lf; C:\WINDOWS\System32\drivers\esif_lf.sys [399264 2017-10-27] (Intel Corporation -> Intel Corporation)
S1 GUBootStartup; C:\windows\System32\drivers\GUBootStartup.sys [28936 2018-12-22] (Glarysoft LTD -> Glarysoft Ltd)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_1f5602eb8a12ac4c\x64\hpcustomcapdriver.sys [33352 2018-12-19] (HP Inc. -> HP Inc.)
R3 HPOmenCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpomencustomcapdriver.inf_amd64_326f2e1d16385daf\x64\hpomencustomcapdriver.sys [33464 2018-12-19] (HP Inc. -> HP Inc.)
R0 iaStorAC; C:\WINDOWS\System32\drivers\iaStorAC.sys [1096192 2019-08-12] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [216544 2019-11-27] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-11-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [278344 2019-11-27] (Malwarebytes Inc -> Malwarebytes)
R1 NNSALPC; C:\WINDOWS\system32\DRIVERS\NNSALPC.sys [108000 2017-11-06] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSHTTP; C:\WINDOWS\system32\DRIVERS\NNSHTTP.sys [211936 2017-11-06] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSHTTPS; C:\WINDOWS\system32\DRIVERS\NNSHTTPS.sys [121312 2017-11-06] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSIDS; C:\WINDOWS\system32\DRIVERS\NNSIDS.sys [126432 2017-11-06] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSNAHSL; C:\WINDOWS\system32\DRIVERS\NNSNAHSL.sys [99512 2017-09-26] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPICC; C:\WINDOWS\system32\DRIVERS\NNSPICC.sys [118240 2017-11-06] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPIHSW; C:\WINDOWS\system32\DRIVERS\NNSPIHSW.sys [91616 2017-11-06] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPOP3; C:\WINDOWS\system32\DRIVERS\NNSPOP3.sys [135648 2017-11-06] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPROT; C:\WINDOWS\system32\DRIVERS\NNSPROT.sys [336352 2017-11-06] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPRV; C:\WINDOWS\system32\DRIVERS\NNSPRV.sys [249312 2017-11-06] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSSMTP; C:\WINDOWS\system32\DRIVERS\NNSSMTP.sys [123360 2017-11-06] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSSTRM; C:\WINDOWS\system32\DRIVERS\NNSSTRM.sys [281056 2017-11-06] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSTLSC; C:\WINDOWS\system32\DRIVERS\NNSTLSC.sys [125920 2017-11-06] (Panda Security S.L. -> Panda Security, S.L.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvhmi.inf_amd64_a789ce567b843668\nvlddmkm.sys [22738296 2019-10-23] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-07-23] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-10-22] (NVIDIA Corporation -> NVIDIA Corporation)
R2 PSINAflt; C:\WINDOWS\system32\DRIVERS\PSINAflt.sys [191448 2017-11-08] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINFile; C:\WINDOWS\System32\DRIVERS\PSINFile.sys [153992 2018-01-22] (Panda Security S.L. -> Panda Security, S.L.)
R1 PSINKNC; C:\WINDOWS\system32\DRIVERS\PSINKNC.sys [207248 2018-01-30] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINProc; C:\WINDOWS\System32\DRIVERS\PSINProc.sys [146912 2017-10-16] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINProt; C:\WINDOWS\system32\DRIVERS\PSINProt.sys [159200 2017-10-16] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINReg; C:\WINDOWS\system32\DRIVERS\PSINReg.sys [129504 2017-10-16] (Panda Security S.L. -> Panda Security, S.L.)
U3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [72648 2017-05-22] (Panda Security S.L. -> Panda Security, S.L.)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2013-09-30] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] (MiniTool Solution Ltd -> )
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [947712 2017-03-03] (Realtek Semiconductor Corp. -> Realtek )
R1 rtf64; C:\WINDOWS\system32\DRIVERS\rtf64x64.sys [70560 2018-09-03] (Realtek Semiconductor Corp. -> Realtek)
R3 RtkBtFilter; C:\WINDOWS\System32\drivers\RtkBtfilter.sys [784472 2019-08-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [782304 2017-03-27] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R3 RTWlanE; C:\WINDOWS\System32\drivers\rtwlane.sys [11698256 2019-08-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation )
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [60504 2017-03-17] (Synaptics Incorporated -> Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [64088 2017-03-17] (Synaptics Incorporated -> Synaptics Incorporated)
R3 ViGEmBus; C:\WINDOWS\System32\DriverStore\FileRepository\vigembus.inf_amd64_e84845c70c38fbe7\x64\ViGEmBus.sys [74648 2018-08-01] (HP Inc. -> Benjamin Höglinger-Stelzer)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
R3 XSplit_Dummy; C:\WINDOWS\system32\drivers\xspltspk.sys [26200 2015-05-25] (Splitmedialabs Limited -> SplitmediaLabs Limited)
R3 XTUComponent; C:\WINDOWS\System32\drivers\iocbios2.sys [38280 2019-05-06] (Intel Corporation -> Intel Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-11-27 15:25 - 2019-11-27 15:26 - 000040875 _____ C:\Users\anibal\Desktop\FRST.txt
2019-11-27 15:24 - 2019-11-27 15:26 - 000000000 ____D C:\FRST
2019-11-27 15:21 - 2019-11-27 15:21 - 000000612 _____ C:\Users\anibal\Desktop\JRT.txt
2019-11-27 15:09 - 2019-11-27 15:09 - 000007029 _____ C:\Users\anibal\Desktop\AdwCleaner[C00].txt
2019-11-27 15:07 - 2019-11-27 15:07 - 000278344 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-11-27 15:07 - 2019-11-27 15:07 - 000216544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-11-27 14:44 - 2019-11-27 14:44 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-11-27 14:44 - 2019-11-27 14:44 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-11-27 14:44 - 2019-11-27 14:44 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-11-27 14:44 - 2019-11-27 14:44 - 000000000 ____D C:\Users\anibal\AppData\Local\mbamtray
2019-11-27 14:44 - 2019-11-27 14:44 - 000000000 ____D C:\Users\anibal\AppData\Local\mbam
2019-11-27 14:44 - 2019-11-27 14:44 - 000000000 ____D C:\Users\anibal\AppData\Local\cache
2019-11-27 14:44 - 2019-11-27 14:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-11-27 14:44 - 2019-11-27 14:44 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-11-27 14:42 - 2019-11-27 14:42 - 001883976 _____ (Malwarebytes) C:\Users\anibal\Desktop\MBSetup.exe
2019-11-27 14:40 - 2019-11-27 15:02 - 000000000 ____D C:\AdwCleaner
2019-11-27 14:40 - 2019-11-27 14:40 - 000000000 ____D C:\Program Files\Malwarebytes
2019-11-27 14:39 - 2019-11-27 14:39 - 000059214 _____ C:\Users\anibal\Documents\cc_20191127_143858.reg
2019-11-27 14:39 - 2019-11-27 14:39 - 000004114 _____ C:\Users\anibal\Documents\cc_20191127_143921.reg
2019-11-27 14:27 - 2019-11-27 14:27 - 002262016 _____ (Farbar) C:\Users\anibal\Desktop\FRST64.exe
2019-11-27 14:26 - 2019-11-27 14:26 - 008218800 _____ (Malwarebytes) C:\Users\anibal\Desktop\adwcleaner_8.0.0.exe
2019-11-27 14:26 - 2019-11-27 14:25 - 000748816 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2019-11-27 14:25 - 2019-11-27 14:26 - 001790024 _____ (Malwarebytes) C:\Users\anibal\Desktop\JRT.exe
2019-11-27 14:25 - 2019-11-27 14:25 - 025441808 _____ (Piriform Software Ltd) C:\Users\anibal\Desktop\ccsetup562.exe
2019-11-26 18:25 - 2019-11-26 18:25 - 000000000 ___HD C:\ProgramData\temp
2019-11-26 12:08 - 2019-11-26 12:08 - 000001062 _____ C:\Users\anibal\Desktop\Adobe Connect.lnk
2019-11-26 12:08 - 2019-11-26 12:08 - 000001048 _____ C:\Users\anibal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Adobe Connect.lnk
2019-11-26 12:07 - 2019-11-26 12:07 - 000294360 _____ (Adobe Systems Incorporated) C:\Users\anibal\Downloads\ConnectSetup (1).exe
2019-11-24 00:56 - 2019-11-24 00:06 - 000000000 ____D C:\Windows.old
2019-11-24 00:35 - 2019-11-24 00:56 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2019-11-24 00:33 - 2019-11-24 00:35 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2019-11-24 00:33 - 2019-11-24 00:33 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2019-11-24 00:27 - 2019-11-24 00:27 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2019-11-24 00:10 - 2019-11-24 00:10 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2019-11-24 00:07 - 2019-11-24 00:07 - 000000020 ___SH C:\Users\anibal\ntuser.ini
2019-11-24 00:06 - 2019-11-24 00:06 - 000002218 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2019-11-24 00:05 - 2019-11-27 15:15 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2019-11-24 00:05 - 2019-11-27 15:06 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-11-24 00:05 - 2019-11-27 15:03 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2019-11-24 00:05 - 2019-11-25 16:03 - 000004222 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1572968706
2019-11-24 00:05 - 2019-11-25 16:02 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1649023616-1861644052-698380833-1001
2019-11-24 00:05 - 2019-11-24 19:30 - 000003264 _____ C:\WINDOWS\system32\Tasks\HPCeeScheduleForanibal
2019-11-24 00:05 - 2019-11-24 00:06 - 000003504 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2019-11-24 00:05 - 2019-11-24 00:06 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-11-24 00:05 - 2019-11-24 00:05 - 000003840 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2019-11-24 00:05 - 2019-11-24 00:05 - 000003486 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-11-24 00:05 - 2019-11-24 00:05 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-11-24 00:05 - 2019-11-24 00:05 - 000003280 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2019-11-24 00:05 - 2019-11-24 00:05 - 000003262 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-11-24 00:05 - 2019-11-24 00:05 - 000003196 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-11-24 00:05 - 2019-11-24 00:05 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-11-24 00:05 - 2019-11-24 00:05 - 000003118 _____ C:\WINDOWS\system32\Tasks\Intel PTT EK Recertification
2019-11-24 00:05 - 2019-11-24 00:05 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-11-24 00:05 - 2019-11-24 00:05 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-11-24 00:05 - 2019-11-24 00:05 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-11-24 00:05 - 2019-11-24 00:05 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-11-24 00:05 - 2019-11-24 00:05 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-11-24 00:05 - 2019-11-24 00:05 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-11-24 00:05 - 2019-11-24 00:05 - 000002668 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2019-11-24 00:05 - 2019-11-24 00:05 - 000002616 _____ C:\WINDOWS\system32\Tasks\OMEN Command Center BackGround Process
2019-11-24 00:05 - 2019-11-24 00:05 - 000002560 _____ C:\WINDOWS\system32\Tasks\HPEA3JOBS
2019-11-24 00:05 - 2019-11-24 00:05 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee
2019-11-24 00:05 - 2019-11-24 00:05 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2019-11-24 00:05 - 2019-11-24 00:05 - 000000000 ____D C:\WINDOWS\system32\Tasks\Apple
2019-11-24 00:05 - 2019-10-17 20:49 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update.bak
2019-11-24 00:05 - 2019-09-19 21:10 - 000002218 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC.bak
2019-11-24 00:04 - 2019-11-24 00:05 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2019-11-24 00:04 - 2019-11-24 00:05 - 000007623 _____ C:\WINDOWS\diagerr.xml
2019-11-23 23:59 - 2019-11-25 18:56 - 001929904 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-11-23 23:59 - 2019-11-23 23:59 - 000000000 ____D C:\inetpub
2019-11-23 23:58 - 2019-11-23 23:58 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2019-11-23 23:58 - 2019-11-23 23:58 - 000000000 ____D C:\Program Files\Reference Assemblies
2019-11-23 23:58 - 2019-11-23 23:58 - 000000000 ____D C:\Program Files\MSBuild
2019-11-23 23:58 - 2019-11-23 23:58 - 000000000 ____D C:\Program Files (x86)\MSBuild
2019-11-23 23:58 - 2019-03-01 20:31 - 001166488 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2019-11-23 23:58 - 2019-03-01 20:31 - 000124568 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2019-11-23 23:58 - 2019-03-01 20:31 - 000035592 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2019-11-23 23:58 - 2019-02-05 21:41 - 000778912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2019-11-23 23:58 - 2019-02-05 21:41 - 000103072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2019-11-23 23:58 - 2019-02-05 21:41 - 000035592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2019-11-23 23:57 - 2019-03-18 22:21 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\XPSSHHDR.dll
2019-11-23 23:57 - 2019-03-18 22:20 - 004470272 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2019-11-23 23:57 - 2019-03-18 22:16 - 000903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsFilt.dll
2019-11-23 23:57 - 2019-03-18 21:15 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XPSSHHDR.dll
2019-11-23 23:57 - 2019-03-18 21:09 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsFilt.dll
2019-11-23 23:57 - 2019-03-01 20:33 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2019-11-23 23:57 - 2018-08-09 17:53 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml
2019-11-23 23:56 - 2019-03-18 18:20 - 005739008 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2019-11-23 23:56 - 2019-03-18 18:19 - 002629120 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2019-11-23 23:56 - 2019-03-18 18:07 - 006359552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2019-11-23 23:56 - 2019-03-18 18:01 - 005496832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll
2019-11-23 23:51 - 2019-11-23 23:51 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2019-11-23 23:51 - 2019-11-23 23:51 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2019-11-23 23:18 - 2019-11-25 16:02 - 000002419 _____ C:\Users\anibal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-11-23 23:18 - 2019-11-24 00:07 - 000000000 ____D C:\Users\anibal
2019-11-23 23:18 - 2019-11-23 23:18 - 000000000 _SHDL C:\Users\anibal\Reciente
2019-11-23 23:18 - 2019-11-23 23:18 - 000000000 _SHDL C:\Users\anibal\Plantillas
2019-11-23 23:18 - 2019-11-23 23:18 - 000000000 _SHDL C:\Users\anibal\Mis documentos
2019-11-23 23:18 - 2019-11-23 23:18 - 000000000 _SHDL C:\Users\anibal\Menú Inicio
2019-11-23 23:18 - 2019-11-23 23:18 - 000000000 _SHDL C:\Users\anibal\Impresoras
2019-11-23 23:18 - 2019-11-23 23:18 - 000000000 _SHDL C:\Users\anibal\Entorno de red
2019-11-23 23:18 - 2019-11-23 23:18 - 000000000 _SHDL C:\Users\anibal\Documents\Mis vídeos
2019-11-23 23:18 - 2019-11-23 23:18 - 000000000 _SHDL C:\Users\anibal\Documents\Mis imágenes
2019-11-23 23:18 - 2019-11-23 23:18 - 000000000 _SHDL C:\Users\anibal\Documents\Mi música
2019-11-23 23:18 - 2019-11-23 23:18 - 000000000 _SHDL C:\Users\anibal\Datos de programa
2019-11-23 23:18 - 2019-11-23 23:18 - 000000000 _SHDL C:\Users\anibal\Configuración local
2019-11-23 23:18 - 2019-11-23 23:18 - 000000000 _SHDL C:\Users\anibal\AppData\Roaming\Microsoft\Windows\Start Menu\Programas
2019-11-23 23:18 - 2019-11-23 23:18 - 000000000 _SHDL C:\Users\anibal\AppData\Local\Historial
2019-11-23 23:18 - 2019-11-23 23:18 - 000000000 _SHDL C:\Users\anibal\AppData\Local\Datos de programa
2019-11-23 23:18 - 2019-11-23 23:18 - 000000000 _SHDL C:\Users\anibal\AppData\Local\Archivos temporales de Internet
2019-11-23 23:12 - 2019-11-23 23:12 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OMEN Audio Control.lnk
2019-11-23 23:09 - 2019-10-06 23:55 - 002874368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2019-11-23 23:03 - 2019-11-27 15:06 - 000562144 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-11-23 23:03 - 2019-11-27 13:59 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-11-23 19:35 - 2019-11-27 14:33 - 000000000 ___DC C:\WINDOWS\Panther
2019-11-23 19:34 - 2019-11-26 14:28 - 000001041 _____ C:\Users\anibal\Desktop\Isadora 3.lnk
2019-11-23 19:34 - 2019-11-24 00:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Isadora 3
2019-11-23 19:34 - 2019-11-23 19:34 - 000000000 ____D C:\Program Files\Isadora 3
2019-11-23 19:32 - 2019-11-23 19:35 - 000000036 _____ C:\WINDOWS\progress.ini
2019-11-23 18:50 - 2019-11-24 00:14 - 000000000 ____D C:\Windows10Upgrade
2019-11-23 18:50 - 2019-11-23 19:32 - 000000000 ___HD C:\$GetCurrent
2019-11-23 18:50 - 2019-11-23 18:50 - 006261368 _____ (Microsoft Corporation) C:\Users\anibal\Downloads\Windows10Upgrade9252.exe
2019-11-23 18:50 - 2019-11-23 18:50 - 000000738 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asistente para actualización a Windows 10.lnk
2019-11-23 18:50 - 2019-11-23 18:50 - 000000726 _____ C:\Users\anibal\Desktop\Asistente para actualización a Windows 10.lnk
2019-11-21 17:12 - 2019-11-21 17:13 - 046664272 _____ (TroikaTronix ) C:\Users\anibal\Downloads\isadorawin-306f00-std.exe
2019-11-18 15:10 - 2019-11-18 15:12 - 023577774 _____ C:\Users\anibal\Downloads\Godot_v3.1.1-stable_win64.exe.zip
2019-11-16 19:23 - 2019-11-24 00:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-11-14 09:19 - 2019-11-14 09:19 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2019-11-14 09:19 - 2019-11-14 09:19 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2019-11-14 09:19 - 2019-11-14 09:19 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2019-11-14 09:19 - 2019-11-14 09:19 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2019-11-11 12:34 - 2019-11-11 12:34 - 001207336 _____ (Adobe Inc) C:\Users\anibal\Downloads\flashplayer32_xa_install.exe
2019-11-08 16:43 - 2019-11-25 16:59 - 000000000 ____D C:\Users\anibal\Desktop\AAA publicaciones Rhuthmos
2019-11-08 12:39 - 2019-11-08 12:39 - 033424624 _____ (MEGA Limited) C:\Users\anibal\Downloads\MEGAsyncSetup.exe
2019-11-07 18:51 - 2019-11-07 18:51 - 030711282 _____ C:\Users\anibal\Downloads\Eco_Umberto_La_Definicion_del_Arte-copia2.pdf
2019-11-07 18:03 - 2019-11-07 18:03 - 000000000 _____ C:\Users\anibal\Desktop\Formateador.txt
2019-11-05 18:59 - 2019-11-20 13:03 - 000001395 _____ C:\Users\anibal\AppData\Roaming\SAS7_000.DAT
2019-11-05 18:42 - 2019-11-05 18:42 - 000000000 ____D C:\Users\anibal\AppData\Roaming\Nuance
2019-11-05 18:13 - 2019-11-05 18:13 - 000000000 ____D C:\Users\anibal\AppData\Roaming\FLEXnet
2019-11-05 15:36 - 2019-11-24 00:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dragon NaturallySpeaking 12.0
2019-11-05 15:36 - 2019-11-05 15:36 - 000002821 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Dragon NaturallySpeaking 12.0.lnk
2019-11-05 15:36 - 2019-11-05 15:36 - 000002815 _____ C:\Users\Public\Desktop\Dragon NaturallySpeaking 12.0.lnk
2019-11-05 15:36 - 2019-11-05 15:36 - 000001922 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Software Updates.lnk
2019-11-05 15:33 - 2019-11-05 15:33 - 000000000 ____D C:\ProgramData\Nuance
2019-11-05 15:33 - 2019-11-05 15:33 - 000000000 ____D C:\ProgramData\Macrovision
2019-11-05 15:33 - 2019-11-05 15:33 - 000000000 ____D C:\ProgramData\FLEXnet
2019-11-05 15:33 - 2019-11-05 15:33 - 000000000 ____D C:\Program Files (x86)\Nuance
2019-11-05 12:45 - 2019-11-25 16:03 - 000001455 _____ C:\Users\anibal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navegador Opera.lnk
2019-11-05 12:45 - 2019-11-05 12:45 - 000001465 _____ C:\Users\anibal\Desktop\Navegador Opera.lnk
2019-11-05 12:45 - 2019-11-05 12:45 - 000000000 ____D C:\Users\anibal\AppData\Local\Opera Software
2019-11-05 12:44 - 2019-11-05 12:44 - 002457032 _____ (Opera Software) C:\Users\anibal\Downloads\OperaSetup.exe
2019-11-05 12:44 - 2019-11-05 12:44 - 000000000 ____D C:\Users\anibal\AppData\Roaming\Opera Software
2019-11-03 11:08 - 2019-11-05 18:10 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-10-29 19:38 - 2019-10-23 11:11 - 001073872 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2019-10-29 19:38 - 2019-10-23 11:11 - 001073872 _____ C:\WINDOWS\system32\vulkan-1.dll
2019-10-29 19:38 - 2019-10-23 11:11 - 000931536 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2019-10-29 19:38 - 2019-10-23 11:11 - 000931536 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2019-10-29 19:38 - 2019-10-23 11:11 - 000848592 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2019-10-29 19:38 - 2019-10-23 11:11 - 000848592 _____ C:\WINDOWS\system32\vulkaninfo.exe
2019-10-29 19:38 - 2019-10-23 11:11 - 000706256 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2019-10-29 19:38 - 2019-10-23 11:11 - 000706256 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2019-10-29 19:38 - 2019-10-23 11:11 - 000450440 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2019-10-29 19:38 - 2019-10-23 11:11 - 000353712 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2019-10-29 19:38 - 2019-10-22 16:56 - 000075600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2019-10-29 19:37 - 2019-10-23 11:10 - 011838808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2019-10-29 19:37 - 2019-10-23 11:10 - 010163632 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2019-10-29 19:37 - 2019-10-23 11:10 - 000825720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2019-10-29 19:37 - 2019-10-23 11:10 - 000677792 _____ C:\WINDOWS\system32\nvofapi64.dll
2019-10-29 19:37 - 2019-10-23 11:10 - 000545160 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2019-10-29 19:37 - 2019-10-23 11:09 - 040512072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2019-10-29 19:37 - 2019-10-23 11:09 - 022738296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2019-10-29 19:37 - 2019-10-23 11:09 - 017460128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2019-10-29 19:37 - 2019-10-23 11:09 - 015028368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2019-10-29 19:37 - 2019-10-23 11:09 - 005381496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2019-10-29 19:37 - 2019-10-23 11:09 - 004715968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2019-10-29 19:37 - 2019-10-23 11:09 - 002074312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2019-10-29 19:37 - 2019-10-23 11:09 - 001733504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6444108.dll
2019-10-29 19:37 - 2019-10-23 11:09 - 001567664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2019-10-29 19:37 - 2019-10-23 11:09 - 001490864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6444108.dll
2019-10-29 19:37 - 2019-10-23 11:09 - 001483184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2019-10-29 19:37 - 2019-10-23 11:09 - 001371040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2019-10-29 19:37 - 2019-10-23 11:09 - 001145856 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2019-10-29 19:37 - 2019-10-23 11:09 - 001064368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2019-10-29 19:37 - 2019-10-23 11:09 - 000814592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2019-10-29 19:37 - 2019-10-23 11:09 - 000684992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2019-10-29 19:37 - 2019-10-23 11:09 - 000659888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2019-10-29 19:37 - 2019-10-23 11:09 - 000556464 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2019-10-29 19:37 - 2019-10-23 11:08 - 035380264 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2019-10-29 19:37 - 2019-10-23 11:07 - 004936384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2019-10-29 19:37 - 2019-10-23 11:07 - 004206064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2019-10-29 19:37 - 2019-10-22 16:56 - 000056015 _____ C:\WINDOWS\system32\nvinfo.pb
2019-10-29 19:13 - 2019-10-29 19:13 - 000000000 ____D C:\Users\anibal\AppData\Local\Xara
2019-10-29 19:12 - 2019-10-29 19:12 - 000001039 _____ C:\Users\Public\Desktop\Samplitude 11.lnk
2019-10-29 19:09 - 2019-11-24 00:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2019-10-29 19:09 - 2019-10-29 19:09 - 000000000 ____D C:\Program Files (x86)\MAGIX
2019-10-29 19:04 - 2019-10-29 19:04 - 000000000 ____D C:\Users\anibal\Documents\Cakewalk
2019-10-29 19:03 - 2019-10-29 19:04 - 000000000 ____D C:\Users\anibal\AppData\Roaming\Cakewalk
2019-10-29 19:01 - 2019-11-24 00:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cakewalk
2019-10-29 19:01 - 2019-10-29 19:01 - 000002258 _____ C:\Users\Public\Desktop\SONAR 7 Producer Edition.lnk
2019-10-29 19:00 - 2019-10-29 19:00 - 000233472 _____ (Propellerhead Software AB) C:\WINDOWS\SysWOW64\REX Shared Library.dll
2019-10-29 18:56 - 2019-10-29 19:01 - 000000000 ____D C:\Users\anibal\AppData\Roaming\Propellerhead Software
2019-10-29 18:56 - 2019-10-29 18:56 - 000000000 ____D C:\ProgramData\Propellerhead Software
2019-10-29 18:53 - 2019-11-24 00:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Propellerhead
2019-10-29 18:53 - 2019-10-29 18:53 - 000001137 _____ C:\Users\Public\Desktop\Reason.lnk
2019-10-29 18:53 - 2019-10-29 18:53 - 000000000 ____D C:\Program Files (x86)\Propellerhead
2019-10-29 18:48 - 2019-10-29 19:04 - 000000000 ____D C:\Cakewalk Projects
2019-10-29 18:48 - 2019-10-29 19:00 - 000000000 ____D C:\ProgramData\Cakewalk
2019-10-29 18:48 - 2019-10-29 19:00 - 000000000 ____D C:\Program Files (x86)\Cakewalk
2019-10-29 18:48 - 2006-11-30 15:49 - 000368640 _____ (Propellerhead Software AB) C:\WINDOWS\SysWOW64\ReWire.dll
2019-10-29 18:48 - 2006-02-24 10:00 - 001060864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71.dll
2019-10-29 18:48 - 2006-02-24 10:00 - 001047552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71u.dll
2019-10-29 18:48 - 2006-02-24 10:00 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp71.dll
2019-10-29 18:48 - 2006-02-24 10:00 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp70.dll
2019-10-29 18:48 - 2006-02-24 10:00 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll
2019-10-29 18:48 - 2006-02-24 10:00 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr70.dll
2019-10-29 18:26 - 2019-10-29 18:26 - 000000000 ____D C:\Users\anibal\Documents\ProcAlyzer Dumps
2019-10-29 11:30 - 2017-03-18 18:01 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20191029-113054.backup
2019-10-29 11:18 - 2019-11-27 15:06 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2019-10-29 11:18 - 2019-11-24 00:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2019-10-29 11:18 - 2019-10-29 12:44 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2019-10-29 11:18 - 2019-10-29 11:18 - 000001467 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2019-10-29 11:18 - 2019-10-29 11:18 - 000001455 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2019-10-29 11:18 - 2018-02-06 19:04 - 000032168 _____ (Safer-Networking Ltd.) C:\WINDOWS\system32\sdnclean64.exe
2019-10-29 11:16 - 2019-10-29 11:16 - 069910960 _____ (Safer-Networking Ltd. ) C:\Users\anibal\Downloads\spybotsd-2.7.64.0.exe
2019-10-29 11:15 - 2019-10-29 11:15 - 017846304 _____ (Glarysoft Ltd) C:\Users\anibal\Downloads\Glary_Utilities_v5.130.0.156.exe
2019-10-28 19:16 - 2019-10-28 19:16 - 001233768 _____ (Apowersoft Ltd. ) C:\Users\anibal\Downloads\apowersoft-online-launcher(2).exe
2019-10-28 19:06 - 2019-11-24 00:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pd-extended
2019-10-28 19:06 - 2019-10-28 19:06 - 000001947 _____ C:\Users\anibal\Desktop\Pd-extended.lnk
2019-10-28 19:06 - 2012-11-27 18:05 - 005405480 _____ C:\WINDOWS\SysWOW64\libgavl-1.dll
2019-10-28 19:06 - 2012-11-27 17:48 - 000227830 _____ C:\WINDOWS\SysWOW64\libpng-3.dll
2019-10-28 19:06 - 2012-11-27 17:48 - 000223734 _____ C:\WINDOWS\SysWOW64\libpng12-0.dll
2019-10-28 19:06 - 2012-10-20 20:41 - 000326482 _____ C:\WINDOWS\SysWOW64\libtheora-0.dll
2019-10-28 19:06 - 2012-10-20 20:41 - 000274689 _____ C:\WINDOWS\SysWOW64\libtheoraenc-1.dll
2019-10-28 19:06 - 2012-10-20 20:41 - 000108867 _____ C:\WINDOWS\SysWOW64\libtheoradec-1.dll
2019-10-28 19:06 - 2012-10-20 10:33 - 001178108 _____ C:\WINDOWS\SysWOW64\libx264-116.dll
2019-10-28 19:06 - 2012-10-20 10:33 - 000176340 _____ C:\WINDOWS\SysWOW64\libopenjpeg-2.dll
2019-10-28 19:06 - 2012-10-20 10:15 - 000014999 _____ C:\WINDOWS\SysWOW64\libtiffxx-3.dll
2019-10-28 19:06 - 2012-10-20 10:14 - 000348710 _____ C:\WINDOWS\SysWOW64\libtiff-3.dll
2019-10-28 19:06 - 2012-10-20 10:06 - 000201706 _____ C:\WINDOWS\SysWOW64\libjpeg.dll
2019-10-28 19:06 - 2012-05-13 02:01 - 000101390 _____ C:\WINDOWS\SysWOW64\libz-1.dll
2019-10-28 19:06 - 2011-05-20 16:51 - 000094300 _____ (Open Source Software community LGPL) C:\WINDOWS\SysWOW64\pthreadGC2.dll
2019-10-28 19:06 - 2007-05-07 14:54 - 000076800 _____ C:\WINDOWS\SysWOW64\libgnurx-0.dll
2019-10-28 18:42 - 2012-10-21 21:57 - 000362501 _____ C:\WINDOWS\SysWOW64\libcurl-4.dll
2019-10-28 18:42 - 2012-10-20 10:24 - 000172274 _____ C:\WINDOWS\SysWOW64\libdca-0.dll
2019-10-28 18:42 - 2011-09-18 15:45 - 000086030 _____ C:\WINDOWS\SysWOW64\libbz2-2.dll
2019-10-28 18:41 - 2019-10-28 19:06 - 000000000 ____D C:\Program Files (x86)\pd
2019-10-28 18:32 - 2019-04-17 04:42 - 000069840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-11-27 15:19 - 2019-03-19 01:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-11-27 15:15 - 2017-09-22 22:20 - 000000000 ____D C:\ProgramData\NVIDIA
2019-11-27 15:07 - 2018-05-19 12:21 - 000000000 __SHD C:\Users\anibal\IntelGraphicsProfiles
2019-11-27 15:04 - 2019-03-19 01:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-11-27 15:03 - 2018-05-31 15:01 - 000000000 ____D C:\Users\anibal\AppData\Local\Hewlett-Packard
2019-11-27 15:03 - 2018-05-21 16:44 - 000000000 ____D C:\Users\anibal\AppData\Roaming\Hewlett-Packard
2019-11-27 15:03 - 2018-05-19 12:22 - 000000000 ____D C:\Users\anibal\AppData\Local\HP
2019-11-27 15:03 - 2017-05-17 05:56 - 000000000 ____D C:\Program Files (x86)\HP Inc
2019-11-27 15:03 - 2017-05-17 05:53 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2019-11-27 15:03 - 2017-05-17 05:53 - 000000000 ____D C:\Program Files (x86)\HP
2019-11-27 15:03 - 2017-05-17 05:53 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2019-11-27 15:02 - 2017-05-17 05:53 - 000000000 ____D C:\Program Files\HP
2019-11-27 14:44 - 2019-03-19 01:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-11-27 14:42 - 2018-05-19 12:33 - 000000000 ____D C:\Users\anibal\AppData\LocalLow\Mozilla
2019-11-27 14:34 - 2019-03-22 16:50 - 000000000 ____D C:\Users\anibal\AppData\Roaming\BitTorrent
2019-11-27 14:33 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-11-27 14:33 - 2019-03-19 01:50 - 000000000 ____D C:\WINDOWS\INF
2019-11-27 14:33 - 2018-05-22 19:12 - 000000000 ____D C:\Users\anibal\AppData\Local\CrashDumps
2019-11-27 14:29 - 2018-05-19 13:51 - 000000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-11-27 14:25 - 2019-03-19 01:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-11-26 14:29 - 2018-10-19 18:48 - 000014336 _____ C:\Users\anibal\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-11-26 13:16 - 2019-04-21 15:33 - 000000000 ____D C:\Users\anibal\Desktop\Talleres y actividades varias
2019-11-26 13:07 - 2018-08-17 10:32 - 000000000 ____D C:\Users\anibal\Desktop\Viejos
2019-11-26 12:17 - 2018-06-26 19:55 - 000000034 _____ C:\ProgramData\droidcam-settings
2019-11-26 12:08 - 2018-05-19 12:21 - 000000000 ____D C:\Users\anibal\AppData\Roaming\Adobe
2019-11-25 18:56 - 2019-03-19 08:48 - 000829456 _____ C:\WINDOWS\system32\perfh00A.dat
2019-11-25 18:56 - 2019-03-19 08:48 - 000175192 _____ C:\WINDOWS\system32\perfc00A.dat
2019-11-25 18:54 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-11-25 18:51 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\appcompat
2019-11-25 18:48 - 2019-05-05 19:30 - 000000368 _____ C:\WINDOWS\Tasks\HPCeeScheduleForanibal.job
2019-11-25 18:45 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2019-11-25 18:44 - 2019-03-19 01:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2019-11-25 18:44 - 2019-03-19 01:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-11-25 18:44 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\SystemResources
2019-11-25 18:44 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\system32\es-MX
2019-11-25 18:44 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-11-25 18:44 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-11-25 18:44 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-11-25 18:44 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-11-25 18:44 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\DiagTrack
2019-11-25 18:44 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-11-25 18:43 - 2019-03-19 01:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-11-25 18:04 - 2019-03-19 01:52 - 000000000 ___HD C:\Program Files\WindowsApps
2019-11-25 16:59 - 2018-05-19 12:21 - 000000000 ____D C:\Users\anibal\AppData\Local\Packages
2019-11-25 16:02 - 2018-05-19 12:26 - 000000000 ___RD C:\Users\anibal\OneDrive
2019-11-24 00:56 - 2019-10-25 16:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Purr Data
2019-11-24 00:56 - 2019-10-10 17:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Herramientas de Microsoft Office
2019-11-24 00:56 - 2019-06-21 15:30 - 000000000 ____D C:\Program Files\UNP
2019-11-24 00:56 - 2019-06-06 19:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hap DirectShow Codec (Isadora Mod)
2019-11-24 00:56 - 2019-06-06 19:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GDCL MPEG4 Filters
2019-11-24 00:56 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-11-24 00:56 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2019-11-24 00:56 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2019-11-24 00:56 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2019-11-24 00:56 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\system32\spool
2019-11-24 00:56 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-11-24 00:56 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-11-24 00:56 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-11-24 00:56 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\ServiceState
2019-11-24 00:56 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\Help
2019-11-24 00:56 - 2019-03-19 01:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-11-24 00:56 - 2019-03-19 01:49 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2019-11-24 00:56 - 2019-03-08 19:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\dBpoweramp
2019-11-24 00:56 - 2018-12-22 13:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2019-11-24 00:56 - 2018-12-15 17:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMPlayer
2019-11-24 00:56 - 2018-11-28 15:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView
2019-11-24 00:56 - 2018-11-01 18:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard 10
2019-11-24 00:56 - 2018-09-27 20:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image Writer
2019-11-24 00:56 - 2018-09-25 15:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PuTTY (64-bit)
2019-11-24 00:56 - 2018-06-18 17:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2019-11-24 00:56 - 2018-06-18 17:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression
2019-11-24 00:56 - 2018-06-07 19:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2019-11-24 00:56 - 2018-05-21 19:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2019-11-24 00:56 - 2018-05-21 18:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit
2019-11-24 00:56 - 2018-05-21 18:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-11-24 00:56 - 2018-05-19 14:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-11-24 00:56 - 2018-05-19 13:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-11-24 00:56 - 2018-05-19 13:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2019-11-24 00:56 - 2018-05-19 13:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2019-11-24 00:56 - 2018-05-19 13:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2019-11-24 00:56 - 2018-05-19 12:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2019-11-24 00:56 - 2018-05-19 12:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Dome
2019-11-24 00:56 - 2018-05-19 12:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Isadora
2019-11-24 00:56 - 2018-04-11 20:38 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2019-11-24 00:56 - 2017-09-22 22:16 - 000000000 ____D C:\Program Files\Intel
2019-11-24 00:56 - 2017-09-22 22:15 - 000000000 ____D C:\Program Files\Realtek
2019-11-24 00:56 - 2017-05-17 05:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Orbit
2019-11-24 00:56 - 2017-05-17 05:54 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2019-11-24 00:56 - 2017-03-18 18:03 - 000000000 ____D C:\WINDOWS\system32\GroupPolicy
2019-11-24 00:55 - 2019-03-19 01:52 - 000000000 __RHD C:\Users\Public\Libraries
2019-11-24 00:36 - 2018-12-22 13:53 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2019-11-24 00:36 - 2017-09-22 22:17 - 000000000 ____D C:\WINDOWS\system32\Intel
2019-11-24 00:36 - 2017-09-22 22:15 - 000000000 ____D C:\WINDOWS\system32\SRSLabs
2019-11-24 00:35 - 2019-09-23 18:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SD Association
2019-11-24 00:35 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\Resources
2019-11-24 00:35 - 2018-09-21 13:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2019-11-24 00:35 - 2018-07-19 11:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2019-11-24 00:35 - 2017-09-22 22:21 - 000000000 ____D C:\Program Files\Synaptics
2019-11-24 00:15 - 2019-03-19 08:50 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2019-11-24 00:15 - 2019-03-19 08:50 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2019-11-24 00:15 - 2019-03-19 08:48 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2019-11-24 00:15 - 2019-03-19 08:48 - 000000000 ____D C:\WINDOWS\system32\WCN
2019-11-24 00:15 - 2019-03-19 08:48 - 000000000 ____D C:\WINDOWS\system32\es
2019-11-24 00:15 - 2019-03-19 01:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2019-11-24 00:15 - 2019-03-19 01:52 - 000000000 ___SD C:\WINDOWS\system32\F12
2019-11-24 00:15 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-11-24 00:15 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2019-11-24 00:15 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2019-11-24 00:15 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\IME
2019-11-24 00:15 - 2019-03-19 01:52 - 000000000 ____D C:\Program Files\Common Files\System
2019-11-24 00:15 - 2019-03-19 01:52 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2019-11-24 00:09 - 2019-03-19 08:48 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2019-11-24 00:09 - 2019-03-19 08:48 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2019-11-24 00:09 - 2019-03-19 08:48 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2019-11-24 00:09 - 2019-03-19 08:48 - 000000000 ____D C:\WINDOWS\system32\winrm
2019-11-24 00:09 - 2019-03-19 08:48 - 000000000 ____D C:\WINDOWS\system32\slmgr
2019-11-24 00:09 - 2019-03-19 08:48 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2019-11-24 00:09 - 2019-03-19 01:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2019-11-24 00:09 - 2019-03-19 01:52 - 000000000 ___SD C:\WINDOWS\system32\dsc
2019-11-24 00:09 - 2019-03-19 01:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-11-24 00:09 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2019-11-24 00:09 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2019-11-24 00:09 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2019-11-24 00:09 - 2019-03-19 01:52 - 000000000 ____D C:\Program Files\Windows Defender
2019-11-24 00:09 - 2019-03-19 01:37 - 000000000 ____D C:\WINDOWS\servicing
2019-11-24 00:08 - 2018-06-20 01:04 - 000000000 ___RD C:\Users\anibal\3D Objects
2019-11-24 00:08 - 2017-03-18 00:53 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-11-24 00:07 - 2019-03-19 01:52 - 000000000 ____D C:\ProgramData\USOPrivate
2019-11-24 00:06 - 2019-03-19 01:52 - 000000000 ____D C:\Program Files\Windows NT
2019-11-24 00:04 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\Registration
2019-11-23 23:59 - 2019-10-06 23:56 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2019-11-23 23:59 - 2019-10-06 23:56 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2019-11-23 23:59 - 2019-10-06 23:56 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2019-11-23 23:59 - 2019-10-06 23:56 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2019-11-23 23:59 - 2019-10-06 23:56 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2019-11-23 23:59 - 2019-10-06 23:56 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2019-11-23 23:59 - 2019-10-06 23:56 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2019-11-23 23:59 - 2019-10-06 23:56 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll
2019-11-23 23:59 - 2019-10-06 23:56 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2019-11-23 23:59 - 2019-10-06 23:56 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cngkeyhelper.dll
2019-11-23 23:59 - 2019-03-19 02:00 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2019-11-23 23:59 - 2019-03-19 02:00 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2019-11-23 23:59 - 2019-03-19 02:00 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2019-11-23 23:59 - 2019-03-19 02:00 - 000009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2019-11-23 23:59 - 2019-03-19 01:58 - 000444928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2019-11-23 23:58 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2019-11-23 23:58 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\system32\MUI
2019-11-23 23:58 - 2018-06-20 00:54 - 000023124 _____ C:\WINDOWS\system32\emptyregdb.dat
2019-11-23 23:57 - 2019-03-19 08:49 - 000000000 ____D C:\WINDOWS\OCR
2019-11-23 23:57 - 2019-03-19 01:52 - 000000000 __RSD C:\WINDOWS\Media
2019-11-23 23:57 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2019-11-23 23:57 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2019-11-23 23:57 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2019-11-23 23:57 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2019-11-23 23:57 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2019-11-23 23:57 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\system32\et-EE
2019-11-23 23:56 - 2019-03-19 01:56 - 000000000 ____D C:\WINDOWS\Setup
2019-11-23 23:55 - 2018-06-12 19:39 - 000002306 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-11-23 23:55 - 2018-06-12 19:39 - 000002265 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-11-23 23:20 - 2018-06-26 19:49 - 000000000 ____D C:\Users\anibal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DroidCam
2019-11-23 23:20 - 2018-06-07 19:34 - 000000000 ____D C:\Users\anibal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2019-11-23 23:20 - 2018-05-19 14:51 - 000000000 ____D C:\Users\anibal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2019-11-23 23:20 - 2018-05-19 14:09 - 000000000 ____D C:\Users\anibal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-11-23 23:12 - 2017-09-22 22:22 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2019-11-23 23:12 - 2017-09-22 22:18 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-11-23 23:12 - 2017-09-22 22:18 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2019-11-23 23:12 - 2017-09-22 22:16 - 003785100 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2019-11-23 23:12 - 2017-09-22 22:15 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2019-11-23 23:05 - 2019-03-19 01:52 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2019-11-23 20:28 - 2017-09-22 22:22 - 000000000 ____D C:\ProgramData\Realtek
2019-11-23 20:08 - 2019-08-29 16:32 - 000000000 ____D C:\Users\anibal\Desktop\Ata
2019-11-23 19:36 - 2018-05-19 12:44 - 000000000 ____D C:\Users\anibal\AppData\Roaming\TroikaTronix
2019-11-23 19:34 - 2019-06-06 19:07 - 000000000 ____D C:\Program Files\Common Files\TroikaTronix
2019-11-22 17:42 - 2017-05-17 05:56 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-11-21 23:22 - 2018-07-19 11:05 - 000000000 ____D C:\Users\anibal\AppData\Local\ElevatedDiagnostics
2019-11-21 23:20 - 2018-06-07 19:09 - 000000000 ____D C:\Users\anibal\AppData\Roaming\vlc
2019-11-19 13:14 - 2018-05-21 08:13 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-11-19 13:14 - 2018-05-21 08:08 - 128443096 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-11-16 19:24 - 2017-05-17 05:56 - 000000000 ____D C:\Program Files (x86)\Dropbox
2019-11-11 19:25 - 2018-07-19 12:13 - 000000000 ____D C:\Users\anibal\AppData\Local\Adobe
2019-11-08 18:46 - 2018-05-19 12:35 - 000000000 ___RD C:\Users\anibal\Dropbox
2019-11-07 18:17 - 2018-06-21 19:04 - 000000000 ____D C:\Users\anibal\AppData\Local\PlaceholderTileLogoFolder
2019-11-05 18:10 - 2018-05-19 12:33 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-11-05 12:09 - 2018-05-19 12:55 - 000000000 ____D C:\Program Files (x86)\Google
2019-11-05 12:07 - 2018-05-19 12:33 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-11-03 12:18 - 2018-06-20 01:22 - 000000000 ____D C:\ProgramData\Packages
2019-10-31 21:38 - 2018-12-21 17:22 - 000000000 ____D C:\Users\anibal\AppData\Local\NVIDIA
2019-10-30 14:16 - 2017-09-22 22:19 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-10-29 20:11 - 2017-09-22 22:20 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-10-29 19:16 - 2018-05-19 12:21 - 000000000 ____D C:\Users\anibal\AppData\Local\VirtualStore
2019-10-29 18:34 - 2018-05-19 13:01 - 000000000 ____D C:\Users\anibal\AppData\Roaming\GlarySoft
2019-10-29 18:34 - 2018-05-19 13:01 - 000000000 ____D C:\Program Files (x86)\Glary Utilities 5
2019-10-29 11:16 - 2018-05-19 13:02 - 000001168 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2019-10-29 11:16 - 2018-05-19 13:02 - 000001156 _____ C:\Users\Public\Desktop\Glary Utilities 5.lnk
2019-10-28 18:40 - 2019-10-25 16:56 - 000000000 ____D C:\Program Files (x86)\Purr Data
2019-10-28 18:34 - 2018-05-19 12:23 - 000000000 ____D C:\Users\anibal\AppData\Local\NVIDIA Corporation

==================== Files in the root of some directories ========

2019-11-05 18:59 - 2019-11-20 13:03 - 000001395 _____ () C:\Users\anibal\AppData\Roaming\SAS7_000.DAT
2018-10-19 18:48 - 2019-11-26 14:29 - 000014336 _____ () C:\Users\anibal\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-12-15 18:13 - 2018-12-15 18:13 - 000000410 _____ () C:\Users\anibal\AppData\Local\oobelibMkey.log
2018-09-25 19:45 - 2018-09-25 19:45 - 000000600 _____ () C:\Users\anibal\AppData\Local\PUTTY.RND
2018-06-11 20:00 - 2018-06-12 20:19 - 000007634 _____ () C:\Users\anibal\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

JavierHF · 28 Noviembre, 2019 00:36

Bien… y ahora sigue estos pasos, MUY Importante Realiza una copia de seguridad del registro :

Para hacerlo descarga DelFix.exe(en tu escritorio).
Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).
Atención, ahora marca/selecciona únicamente la casilla Create registry backup, las demás casillas NO.
Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

Con los demás programas cerrados ve a Inicio Ejecutar y escribe Notepad.exe.

Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.

START
CREATERESTOREPOINT:
CLOSEPROCESSES:
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Shortcut: C:\Users\anibal\Desktop\pd.bat.lnk -> C:\Users\anibal\Desktop\pd-AC\pd.bat ()
Task: {0BCB1ADC-B564-4DDB-B7C1-BD44C4F073A8} - no filepath
Task: {1BCC53CF-FE23-46A5-B81C-5FCE6B3BDF23} - no filepath
Task: {303E53B0-9278-403D-94B8-33A749AFFD72} - \HP\HP CoolSense\HP CoolSense Start at Logon -> No File <==== ATTENTION
Task: {EF14870E-BD7A-492F-96DF-CEA8F8A6F804} - no filepath
CHR HKU\S-1-5-21-1649023616-1861644052-698380833-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio Esto es muy importante.

Nota Es importante que la herramienta FRST.exe(Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.

Y ahora usa el 2º MÉTODO: de esta Faq de Windows 8(aplicable a Windows 10) ¿Cómo iniciar Windows 8/8.1 en Modo Seguro?, para trabajar desde ese modo de windows.

Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).
Presionar el botón FIX y aguardar a que termine.
La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pegar el contenido de este fichero en tu próxima respuesta.

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Saludos.

anzorrilla · 28 Noviembre, 2019 02:03

Muchas gracias, todo hecho. El problema subsiste, copio el log:

Fix result of Farbar Recovery Scan Tool (x64) Version: 25-11-2019 01
Ran by anibal (27-11-2019 22:53:17) Run:1
Running from C:\Users\anibal\Desktop
Loaded Profiles: anibal (Available Profiles: anibal)
Boot Mode: Safe Mode (with Networking)
==============================================

fixlist content:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Shortcut: C:\Users\anibal\Desktop\pd.bat.lnk -> C:\Users\anibal\Desktop\pd-AC\pd.bat ()
Task: {0BCB1ADC-B564-4DDB-B7C1-BD44C4F073A8} - no filepath
Task: {1BCC53CF-FE23-46A5-B81C-5FCE6B3BDF23} - no filepath
Task: {303E53B0-9278-403D-94B8-33A749AFFD72} - \HP\HP CoolSense\HP CoolSense Start at Logon -> No File <==== ATTENTION
Task: {EF14870E-BD7A-492F-96DF-CEA8F8A6F804} - no filepath
CHR HKU\S-1-5-21-1649023616-1861644052-698380833-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Error: Restore point can only be created in normal mode.
Processes closed successfully.
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
C:\Users\anibal\Desktop\pd.bat.lnk => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0BCB1ADC-B564-4DDB-B7C1-BD44C4F073A8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0BCB1ADC-B564-4DDB-B7C1-BD44C4F073A8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1BCC53CF-FE23-46A5-B81C-5FCE6B3BDF23}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1BCC53CF-FE23-46A5-B81C-5FCE6B3BDF23}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{303E53B0-9278-403D-94B8-33A749AFFD72}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{303E53B0-9278-403D-94B8-33A749AFFD72}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HP\HP CoolSense\HP CoolSense Start at Logon" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EF14870E-BD7A-492F-96DF-CEA8F8A6F804}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EF14870E-BD7A-492F-96DF-CEA8F8A6F804}" => removed successfully
HKU\S-1-5-21-1649023616-1861644052-698380833-1001\SOFTWARE\Google\Chrome\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-1649023616-1861644052-698380833-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-1649023616-1861644052-698380833-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows

No se puede realizar ninguna operaci¢n en Ethernet 2 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci¢n en Ethernet mientras los medios
est‚n desconectados.

========= End of CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

Unable to connect to BITS - 0x8007043c

========= End of CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Reenv¡o de compartimiento se restableci¢ correctamente.
Compartimiento se restableci¢ correctamente.
Protocolo de control se restableci¢ correctamente.
Solicitud de secuencia eco se restableci¢ correctamente.
Global se restableci¢ correctamente.
Interfaz se restableci¢ correctamente.
Direcci¢n de difusi¢n por proximidad (a se restableci¢ correctamente.
Direcciones de multidifusi¢n se restableci¢ correctamente.
Direcci¢n de unidifusi¢n se restableci¢ correctamente.
Vecino se restableci¢ correctamente.
Ruta de acceso se restableci¢ correctamente.
Posible se restableci¢ correctamente.
Directiva de prefijo se restableci¢ correctamente.
Vecino de proxy se restableci¢ correctamente.
Ruta se restableci¢ correctamente.
Prefijo de sitio se restableci¢ correctamente.
Subinterfaz se restableci¢ correctamente.
Patr¢n de reactivaci¢n se restableci¢ correctamente.
Resolver vecino se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
 se restableci¢ correctamente.
Reinicie el equipo para completar esta acci¢n.


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 11034624 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 18959370 B
Java, Flash, Steam htmlcache => 1179 B
Windows/system/drivers => 781861 B
Edge => 160366 B
Chrome => 732030 B
Firefox => 276356776 B
Opera => 141468 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 16016 B
NetworkService => 20914 B
anibal => 82206043 B

RecycleBin => 4858443 B
EmptyTemp: => 377 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 22:53:59 ====

JavierHF · 28 Noviembre, 2019 16:57

Hola.

Ese software cual es…??

Ese problema NO ocurría anteriormente en ese equipo, o ese software se ha instalado recientemente en él…??

Pero… esa máquina es milimétricamente igual a esta otra.

Comparar el funcionamiento de un software en dos máquinas totalmente o posiblemente distintas a nivel hardware y/o con versiones de windows NO exactamente iguales + software preinstalado(así como antivirus) tampoco exactamente idénticos, es muy arriesgado.

También tienes instalado en este equipo “Spyboot Search & Destroy” …y/o tienes restos de “McAfee”, en el otro equipo que comparas también los tienes…??

El hardware que tiene esa maquina NO es muy antiguo(casi TRES años de fabricación) y tienes bastante RAM(12Gb) en él, el único punto débil de ese equipo, para la forma de funcionar que tienen hoy en día las versiones de windows, sería el disco mecánico que tienes.

Nos comentas.

Saludos.

anzorrilla · 28 Noviembre, 2019 18:26

Hola, gracias por tu respuesta. El problema apareció en esta máquina hace poco, cuando uso este sotfware, Isadora: https://troikatronix.com/. Es un entorno de programación visual para el procesamiento de video en tiempo real que uso en mi trabajo. Podemos ignorar lo que sucede en la otra, ya que son versiones distintas.

Estoy corriendo los mismos sistemas que había programado y antes andaban y ahora no.

Parece que hubiera un problema con el sonido, ya que cuando abro Isadora el ícono del micrófono empieza a titilar de una manera que jamás había visto.

¿Cómo puedo comprobar si el disco duro está andando bien?

Muchas gracias, saludos.

anzorrilla · 28 Noviembre, 2019 19:10

Hola Javier, hice una comprobación con WMIC y parece estar bien:

C:\Users\anibal>WMIC wmic:root\cli>diskdrive get status Status OK

wmic:root\cli>

Saludos.

JavierHF · 30 Noviembre, 2019 00:22

Hola.

Pues pasemos a verificar como tienes(en profundidad) el disco duro de tu equipo, para hacerlo sigue el 3er. MÉTODO: descrito en esta Faq de ayuda ¿Cómo usar CHKDSK para realizar una comprobación del disco?, que es válida también para un Windows 10.

Una vez terminado el proceso, que puede/debe durar bastante rato, debes poner el informe que se habrá guardado por parte de Windows y que tienes que encontrar siguiendo estos pasos ¿Cuándo y cómo usar el visor de eventos (eventvwr.msc)?

Fíjate bien en como es el informe que viene en ese tema, para que busques algo similar y NO pongas cualquier otra cosa.

Nos pones el informe y comentas como sigue el problema del equipo.

Saludos.

anzorrilla · 30 Noviembre, 2019 17:07

Hola Javier, hecho, el problema permanece. Copio el informe, saludos, AZ.

Nombre de registro:Application
Origen:        Microsoft-Windows-Wininit
Fecha:         30/11/2019 13:48:41
Id. del evento:1001
Categoría de la tarea:Ninguno
Nivel:         Información
Palabras clave:Clásico
Usuario:       No disponible
Equipo:        LAPTOP-PBMAK5KO
Descripción:


Comprobando el sistema de archivos en C:
El tipo del sistema de archivos es NTFS.
La etiqueta de volumen es Windows.

Uno de los discos necesita ser comprobado para ver coherencias.
Se puede cancelar la comprobación de disco, pero se recomienda
que continúe.
Windows comprobará ahora el disco.                                        

Etapa 1: Examen de la estructura básica del sistema de archivos...
Liberando etiquetas de instancia para el archivo 0x1f645.
  842752 registros de archivos procesados.                                                        


Comprobación de archivos completada.
  28393 registros de archivos grandes procesados.                       


  0 registros de archivos no válidos procesados.                    



Etapa 2: Examen de la vinculación de nombres de archivos...
  80852 registros de análisis procesados.                               


  1084544 entradas de índice procesadas.                                                       


Comprobación de índices completada.
  0 archivos no indizados examinados.                               


  0 archivos no indizados recuperados en objetos perdidos.                  


  80852 registros de análisis procesados.                               



Etapa 3: Examen de los descriptores de seguridad...
Liberando 4836 entradas de índice no usadas del índice $SII del archivo 0x9.
Liberando 4836 entradas de índice no usadas del índice $SDH del archivo 0x9.
Liberando 4836 descriptores de seguridad no usados.
CHKDSK está compactando la secuencia de descriptores de seguridad
Comprobación de descriptores de seguridad completada.
  120897 archivos de datos procesados.                                   


CHKDSK está comprobando el diario USN...
Se ha completado la comprobación del diario USN.

Etapa 4: Búsqueda de clústeres incorrectos en los datos del archivo de usuario...
  842736 archivos procesados.                                                               


Comprobación de datos de archivo completada.

Etapa 5: Búsqueda de clústeres incorrectos disponibles...
  47415106 clústeres disponibles procesados.                                                       


La comprobación del espacio disponible se completó.
Corrigiendo errores en el mapa de bits del volumen.

Windows ha hecho algunas correcciones en el sistema de archivos.
No se requiere ninguna otra acción.

 399889404 KB de espacio total en disco.
 208923344 KB en 631433 archivos.
    375576 KB en 120900 índices.
         0 KB en sectores defectuosos.
    930060 KB en uso por el sistema.
El archivo de registro ha ocupado      65536 kilobytes.
 189660424 KB disponibles en disco.

      4096 bytes en cada unidad de asignación.
  99972351 unidades de asignación en disco en total.
  47415106 unidades de asignación disponibles en disco.

Información interna:
00 dc 0c 00 24 55 0b 00 cb f9 14 00 00 00 00 00  ....$U..........
a1 02 00 00 33 39 01 00 00 00 00 00 00 00 00 00  ....39..........

Windows ha finalizado la comprobación del disco.
Espere mientras se reinicia el sistema.

JavierHF · 30 Noviembre, 2019 17:25

Hola.

Se hicieron algunas correcciones en tu disco duro :

Corrigiendo errores en el mapa de bits del volumen.

NO parece que TU equipo tenga problemas graves de infecciones o problemas de disco duro y además tienes la ultima version de W10 instalada e imagino que tendrás TODAS las actualizaciones al dia.

Saludos.

anzorrilla · 30 Noviembre, 2019 17:39

Muchas gracias Javier, es bueno saberlo! …voy a seguir investigando. Saludos, AZ.

JavierHF · 2 Diciembre, 2019 00:41

Una cuestión que puede haberte pasado es que el programa se hubiera actualizado, aunque sólo fuera parcialmente y/o que tu version de W10 v1909 que es la ultima se os hubiera instalado recientemente y por eso estuviera teniendo problemas o incompatibilidades con ella.

Saludos