Autoit V3 Script (Beta)

Pedro_sdk · 10 Abril, 2020 14:36

Buenas tardes, me he dado cuenta que en el administrador de tareas, en inicio aparece el programa Autoit V3 Script (Beta) y al rato desaparece, al abrir ubicación del archivo me lleva a C:\ProgramData\Intel\Wireless\5790d35

He intentado desinstalarlo, pero no aparece en ningún sitio, he seguido AutoIt v3 Script este tutorial y tampoco, tampoco se puede borrar la carpeta pues vuelve a aparecer. He visto muchos posts en este foro como este, no quería repetirlo, pero he visto este mensaje “ATENCION!!! El siguiente Script de reparación fue hecho específicamente por un miembro del staff para este usuario, si tiene un problema similar por favor abra su propio tema para recibir ayuda personalizada. Usar Scripts de otros usuarios puede causar daños graves en su equipo” y por lo tanto he decidido crear el propio post.

Disculpen la molestia y gracias de antemano.

JavierHF · 10 Abril, 2020 14:48

Buenas @Pedro_sdk y Bienvenido al nuevo Foro.!!!

Para revisar tu máquina, sigue estos pasos, en el orden indicado y leyendo todo lo explicado.

Desactiva temporalmente el Antivirus Cómo deshabilitar temporalmente su Antivirus, mientras estemos realizando TODOS los pasos.

Vamos a descargar en TU ESCRITORIO(y NO en otro lugar ) todas las herramientas que vamos a utilizar en este procedimiento (pero no las ejecutes todavía) :

CCleaner + Manual.
Malwarebytes’ Anti-Malware + Manual. revisa en detalle el manual, para que sepas usarlo y configurarlo correctamente.
AdwCleaner + Manual.
Junkware Removal Tool.
Farbar Recovery Scan Tool. seleccionando la versión adecuada para la arquitectura(32 o 64bits) de tu equipo. Como saber si Mi Windows es de 32 o 64 Bits ?.

Ejecutas las herramientas de una en una y en el orden indicado :

CCleaner.-

Instalas y Ejecutas CCleaner siguiendo los pasos indicados en el manual.
Úsalo primero en su opción de Limpiador para borrar cookies, temporales de Internet y todos los archivos que te muestre como obsoletos.
Después usa su opción de Registro para limpiar todo el registro de Windows(haciendo copia de seguridad).

Malwarebytes.-

Instalas y Ejecutas MBAM siguiendo los pasos indicados en el manual.
Realiza un Análisis Personalizado.
Seleccionando TODOS a Cuarentena para enviarlo a la cuarentena y Reinicias el sistema.
En el apartado del programa Historial de detecciones encontrarás el informe de MBAM, que debes copiar y pegar en tu próxima respuesta, para poder analizarlo.

AdwCleaner.-

Ejecuta Adwcleaner.exe.
Pulsamos en el botón Analizar ahora, y espera a que se realice el proceso, inmediatamente pulsa siempre sobre el botón Iniciar Reparación.
Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.
El log/informe lo encontramos en la pestaña “Informes”, volviendo a abrir el programa si fuese necesario, para poder copiarlo y pegarlo en tu próxima respuesta.
El informe también se puede encontrar en C:\AdwCleaner\Logs\AdwCleaner[C00].txt

Junkware Removal Tool.-

Ejecuta JRT.exe.
Y pulsar cualquier tecla para continuar, esperar pacientemente a que termine el proceso.
Si en algún momento te pide Reiniciar hazlo.
Al finalizar, un registro/informe (JRT.txt) se guardara en el escritorio y se abrirá automáticamente.
Copia y pega el contenido de JRT.txt en tu próxima respuesta.

Farbar Recovery Scan Tool.-

Ejecuta FRST.exe.
En el mensaje de la ventana del Disclaimer/Responsabilidad, pulsamos Sí/Yes
En la ventana principal pulsamos en el botón Analizar/Scan y esperamos a que concluya el proceso.
Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Poner los informes en tu próxima respuesta de :

Malwarebytes, AdwCleaner, JRT, FRST + Addition.txt, y en ese orden.

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(más de 64.000 caracteres aprox.).

Y nos cuentas como funciona tu equipo en relación al problema planteado.

Saludos Javier.

Pedro_sdk · 10 Abril, 2020 17:35

Gracias por su respuesta, paso todo lo que me indica, teniendo que cortar FRST en 2.

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 10/4/20
Hora del análisis: 16:58
Archivo de registro: b0667eaf-7b3b-11ea-a0fb-000000000000.json

-Información del software-
Versión: 4.1.0.56
Versión de los componentes: 1.0.867
Versión del paquete de actualización: 1.0.22242
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 18362.720)
CPU: x64
Sistema de archivos: NTFS
Usuario: DESKTOP-NEHGOTG\usuario

-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 539706
Amenazas detectadas: 8
Amenazas en cuarentena: 8
Tiempo transcurrido: 2 hr, 16 min, 4 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Activado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 1
Trojan.Agent.AutoIt.Generic, HKU\S-1-5-21-236468405-2727926213-210120444-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|3FBEC334, En cuarentena, 5589, 783345, 1.0.22242, , ame, 

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 2
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\5790d35\1a13f16, En cuarentena, 5589, 781623, , , , 
Trojan.Agent.AutoIt.Generic, C:\PROGRAMDATA\INTEL\WIRELESS\5790D35, En cuarentena, 5589, 781623, 1.0.22242, , ame, 

Archivo: 5
Trojan.Agent.AutoIt.Generic, C:\PROGRAMDATA\INTEL\WIRELESS\5790D35\6AB43F3.AU3, En cuarentena, 5589, 783345, , , , 
Trojan.Agent.AutoIt.Generic, C:\PROGRAMDATA\INTEL\WIRELESS\5790D35\ADDCKBH.EXE, En cuarentena, 5589, 783345, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\5790d35\1a13f16\10-04-2020.log, En cuarentena, 5589, 781623, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\5790d35\1a13f16\9008a6d, En cuarentena, 5589, 781623, , , , 
Trojan.Agent.AutoIt.Generic, C:\ProgramData\Intel\Wireless\5790d35\pe.bin, En cuarentena, 5589, 781623, , , , 

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

# -------------------------------
# Malwarebytes AdwCleaner 8.0.4.0
# -------------------------------
# Build:    04-03-2020
# Database: 2020-04-03.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    04-10-2020
# Duration: 00:00:00
# OS:       Windows 10 Pro
# Cleaned:  0
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1405 octets] - [10/04/2020 19:16:53]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Pedro_sdk · 10 Abril, 2020 17:38

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Enterprise x64 
Ran by usuario (Administrator) on 10/04/2020 at 19:18:40,59
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 2 

Successfully deleted: C:\ProgramData\productdata (Folder) 
Successfully deleted: C:\Users\usuario\AppData\Roaming\Mozilla\Firefox\Profiles\5s3i2ics.default\extensions\staged (Folder) 



Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 10/04/2020 at 19:23:05,82
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Pedro_sdk · 10 Abril, 2020 17:40

Resultado del análisis realizado por Farbar Recovery Scan Tool (FRST) (x64) Versión: 05-04-2020
Ejecutado por usuario (administrador) sobre DESKTOP-NEHGOTG (Gigabyte Technology Co., Ltd. H97M-D3H) (10-04-2020 19:24:51)
Ejecutado desde C:\Users\usuario\Desktop
Perfiles cargados: usuario (Perfiles disponibles: usuario)
Platform: Windows 10 Pro Versión 1909 18363.720 (X64) Idioma: Español (España, internacional)
Navegador predeterminado: FF
Modo de Inicio: Normal
Tutorial para Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Procesos (Lista blanca) =================

(Si una entrada es incluida en el fixlist, el proceso será cerrado. El archivo no será movido.)

(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0352369.inf_amd64_275818c45a90b362\B352355\atiesrxx.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\MSOSYNC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1910.0.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.8-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.8-0\NisSrv.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Plex, Inc. -> Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe
(Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe

==================== Registro (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, el elemento del registro será restaurado a su valor predeterminado o será eliminado. El archivo no será movido.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5314096 2020-03-06] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-236468405-2727926213-210120444-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [31736720 2020-04-01] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-236468405-2727926213-210120444-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3371296 2020-04-04] (Valve -> Valve Corporation)
HKU\S-1-5-21-236468405-2727926213-210120444-1001\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [24625656 2020-02-24] (Plex, Inc. -> Plex, Inc.)
HKU\S-1-5-21-236468405-2727926213-210120444-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3508464 2020-01-07] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-236468405-2727926213-210120444-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22245560 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-236468405-2727926213-210120444-1001\...\MountPoints2: {2c43080e-554b-11e9-a266-408d5c4a8f89} - "G:\LaunchU3.exe" -a
HKU\S-1-5-21-236468405-2727926213-210120444-1001\...\MountPoints2: {eea44c2b-7978-11ea-a2ee-408d5c4a8f89} - "V:\setup.exe" 
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3508464 2020-01-07] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-18\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [24625656 2020-02-24] (Plex, Inc. -> Plex, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.163\Installer\chrmstp.exe [2020-04-06] (Google LLC -> Google LLC)
GroupPolicy: Restricción ? <==== ATENCIÓN

==================== Tareas programadas (Lista blanca) ============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

Task: {08A417E2-7B7B-464A-875C-DA247B40741C} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158760 2020-04-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {290E5270-B8A4-453C-8B91-9596D6BB1D10} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {2B5FDA4B-CE9E-40FA-AFA3-B1DFE702BA28} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-236468405-2727926213-210120444-1001 => C:\Users\usuario\AppData\Local\MEGAsync\MEGAupdater.exe [760696 2018-01-15] (Mega Limited -> Mega Limited)
Task: {2D8D1067-CF27-402A-89EA-981621ECBEEC} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {3F395861-2131-485B-98E2-031C2B35E9C0} - System32\Tasks\AVG EUpdate Task => C:\Program Files (x86)\AVG\Setup\avgsetupx.exe [4072392 2017-11-08] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
Task: {437EC86D-FF31-49E8-BD15-E2FA7DD2D256} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18227896 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {442BF55E-525E-42F8-B018-6958275F04B0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {4B82575E-65F9-47B5-A0E4-E4E6196CFFCA} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158760 2020-04-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {5973D183-D98E-4804-BBCE-BFA2EEA9F323} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {5B0AEEF9-1F4C-4A81-B675-E16766780447} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1628160 2020-02-29] (Advanced Micro Devices, Inc.) [Archivo no firmado]
Task: {64D05D85-2278-4357-8E6A-7845B024E8F0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-11-17] (Google Inc -> Google Inc.)
Task: {68010512-BE34-4293-83DA-628D6C71C721} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24702024 2020-03-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {6D5D5875-8717-4CAA-9942-3E0142358CCE} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1692296 2020-02-27] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {73603087-11E0-4184-B9E8-6C1A76BC04EE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6147688 2020-04-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {91877006-3F88-4759-9619-B71AB536B18B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6147688 2020-04-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {94B5D1B7-668E-4F74-8C0F-82EBC9CC6E87} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-11-17] (Google Inc -> Google Inc.)
Task: {B5A58383-0FA3-45D6-B12B-A095D3BB37BE} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1628160 2020-02-29] (Advanced Micro Devices, Inc.) [Archivo no firmado]
Task: {B67E0DD9-1508-4E62-8052-05D5820FF984} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [60008 2020-02-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {B71768C7-08DA-46E6-B6CA-A39F52775079} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1642672 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {B874A748-DAE0-483C-BC6F-5AA28B3C2FDB} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {C1E00E0F-CAC0-48FB-8604-DB53458434DA} - System32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-NEHGOTG-usuario DESKTOP-NEHGOTG => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [469640 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {C62DFE01-EAA1-424B-86F7-3DB5EC5A8314} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24702024 2020-03-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {CF524DB0-EA97-49F7-BA67-1E7CD8B980AF} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [67688 2020-02-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {F520A87B-9E81-408F-8142-FC2C694E0790} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe [834856 2020-04-06] (Intel(R) Trust Services -> Intel(R) Corporation)

(Si una entrada es incluida en el fixlist, el archivo de tarea (.job) será movido. El archivo que está siendo ejecutado por la tarea no será movido.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Lista blanca) ====================

(Si un elemento es incluido en el fixlist, y éste pertenece al registro, será eliminado o restaurado a su valor predeterminado.)

Hosts: Hay más de una entrada en Hosts. Consulte la sección Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 80.58.61.250 80.58.61.254
Tcpip\..\Interfaces\{99a17ace-c823-40e7-bde1-621626865ca3}: [DhcpNameServer] 80.58.61.250 80.58.61.254

Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2020-01-11] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_191\bin\ssv.dll [2018-11-17] (Oracle America, Inc. -> Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2018-09-20] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-11-17] (Oracle America, Inc. -> Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2018-09-20] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-01-11] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll [2018-11-17] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2018-09-20] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Sin Nombre -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> Ningún archivo
BHO-x32: Sin Nombre -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> Ningún archivo
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-11-17] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2018-09-20] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2018-09-20] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2018-09-20] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} 
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-04-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-04-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-04-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-04-08] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 5s3i2ics.default
FF ProfilePath: C:\Users\usuario\AppData\Roaming\Mozilla\Firefox\Profiles\5s3i2ics.default [2020-04-10]
FF Notifications: Mozilla\Firefox\Profiles\5s3i2ics.default -> hxxps://www.maisonsdumonde.com; hxxps://juegos.loteriasyapuestas.es; hxxps://aternos.org
FF Extension: (Cisco Webex Extension) - C:\Users\usuario\AppData\Roaming\Mozilla\Firefox\Profiles\5s3i2ics.default\Extensions\[email protected] [2020-04-10]
FF Extension: (uBlock Origin) - C:\Users\usuario\AppData\Roaming\Mozilla\Firefox\Profiles\5s3i2ics.default\Extensions\[email protected] [2019-03-14]
FF Extension: (Cisco WebEx Extension) - C:\Program Files\Mozilla Firefox\distribution\extensions\[email protected] [2020-03-28]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-05-02]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-11-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-11-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-11-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-11-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-01-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @webex.com/npatgpc -> C:\Program Files (x86)\Webex\npatgpc.dll [2020-03-28] (Cisco WebEx LLC -> Cisco WebEx LLC)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2020-03-06] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-03-06] (Adobe Inc. -> Adobe Systems Inc.)

Chrome: 
=======
CHR Profile: C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default [2020-04-10]
CHR DownloadDir: D:\Download
CHR HomePage: Default -> hxxps://www.google.es/?gws_rd=ssl
CHR StartupUrls: Default -> "hxxp://www.google.es/"
CHR Extension: (Traductor de Google) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-03-22]
CHR Extension: (Presentaciones) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-11-17]
CHR Extension: (Universal Bypass) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aihomhdbhpnpmcnnbckjjcebjoikpihj [2020-04-08]
CHR Extension: (Documentos) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-11-17]
CHR Extension: (Google Drive) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-11-17]
CHR Extension: (YouTube) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-11-17]
CHR Extension: (uBlock Origin) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-02-08]
CHR Extension: (Adobe Acrobat) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-03-04]
CHR Extension: (Hojas de cálculo) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-11-17]
CHR Extension: (HTTPS Everywhere) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2020-03-17]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-12]
CHR Extension: (lichess.org) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiefmccciemniajdkgikpnocipidaaeg [2019-04-15]
CHR Extension: (Decentraleyes) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldpochfccmkkmhdbclfhpagapcfdljkj [2020-04-08]
CHR Extension: (Keepa - Amazon Price Tracker) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\neebplgakaahbhdphmkckjjcegoiijjo [2019-11-20]
CHR Extension: (Trace - Online Tracking Protection) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\njkmjblmcfiobddjgebnoeldkjcplfjb [2020-04-08]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-18]
CHR Extension: (Chrome Media Router) - C:\Users\usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-03]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Servicios (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3374160 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3103824 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\u0352369.inf_amd64_275818c45a90b362\B352355\atiesrxx.exe [522256 2020-03-02] (Advanced Micro Devices, Inc. -> AMD)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8567960 2020-03-24] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [10626328 2020-03-30] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [781440 2018-12-09] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [355872 2020-04-06] (Intel(R) pGFX -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [761088 2020-04-06] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [737552 2020-04-06] (Intel(R) Trust Services -> Intel(R) Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-04-10] (Malwarebytes Inc -> Malwarebytes)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2495792 2020-04-08] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3447608 2020-04-08] (Electronic Arts, Inc. -> Electronic Arts)
R2 PlexUpdateService; C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [2148856 2020-02-24] (Plex, Inc. -> Plex, Inc.)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [974936 2019-11-15] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [1457240 2019-11-15] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [253776 2019-10-01] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [287472 2019-12-30] (Razer USA Ltd. -> Razer Inc.)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [532864 2019-10-28] (Razer USA Ltd. -> Razer Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5929920 2020-03-01] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\NisSrv.exe [3294680 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WebexService; C:\Program Files (x86)\Webex\Webex\Applications\WebExService.exe [146168 2020-03-28] (Cisco WebEx LLC -> Cisco WebEx LLC)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MsMpEng.exe [103168 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)

Pedro_sdk · 10 Abril, 2020 17:41

===================== Controladores (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\u0352369.inf_amd64_275818c45a90b362\B352355\atikmdag.sys [65731088 2020-03-02] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\u0352369.inf_amd64_275818c45a90b362\B352355\atikmpag.sys [589840 2020-03-02] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [108152 2019-11-18] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 AX88179; C:\WINDOWS\System32\drivers\ax88179_178a.sys [74240 2019-03-19] (Microsoft Windows -> ASIX Electronics Corp.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-09-11] (Microsoft Corporation) [Archivo no firmado]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [135520 2019-07-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 ETDSMBus; C:\WINDOWS\system32\DRIVERS\ETDSMBus.sys [33424 2020-04-06] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.)
S3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-12-06] (Martin Malik - REALiX -> REALiX(tm))
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [214496 2020-04-10] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-04-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-04-10] (Malwarebytes Inc -> Malwarebytes)
S3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1160280 2020-04-06] (Realtek Semiconductor Corp. -> Realtek )
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [50240 2019-09-19] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_005c; C:\WINDOWS\System32\drivers\RzDev_005c.sys [51992 2019-10-10] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0306; C:\WINDOWS\System32\drivers\RzDev_0306.sys [51776 2019-09-19] (Razer USA Ltd. -> Razer Inc)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166752 2019-07-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45960 2020-03-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [391392 2020-03-25] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [59104 2020-03-25] (Microsoft Windows -> Microsoft Corporation)
S3 AIDA64Driver; \??\C:\Users\usuario\AppData\Local\Temp\Rar$EXa12844.14858\kerneld.x64 [X] <==== ATENCIÓN

==================== NetSvcs (Lista blanca) ===================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)


==================== Un mes (creado) ===================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-04-10 19:24 - 2020-04-10 19:25 - 000032183 _____ C:\Users\usuario\Desktop\FRST.txt
2020-04-10 19:24 - 2020-04-10 19:25 - 000000000 ____D C:\FRST
2020-04-10 19:23 - 2020-04-10 19:23 - 000000741 _____ C:\Users\usuario\Desktop\JRT.txt
2020-04-10 19:18 - 2020-04-10 19:18 - 000001595 _____ C:\Users\usuario\Desktop\AdwCleaner[C00].txt
2020-04-10 19:16 - 2020-04-10 19:16 - 000002436 _____ C:\Users\usuario\Desktop\mbam.txt
2020-04-10 19:15 - 2020-04-10 19:16 - 000000000 ____D C:\AdwCleaner
2020-04-10 16:55 - 2020-04-10 19:15 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-04-10 16:55 - 2020-04-10 16:55 - 000214496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-04-10 16:55 - 2020-04-10 16:55 - 000178014 _____ C:\Users\usuario\Desktop\cc_20200410_165459.reg
2020-04-10 16:51 - 2020-04-10 19:20 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-04-10 16:51 - 2020-04-10 16:52 - 002281472 _____ (Farbar) C:\Users\usuario\Desktop\FRST64.exe
2020-04-10 16:51 - 2020-04-10 16:51 - 001790024 _____ (Malwarebytes) C:\Users\usuario\Desktop\JRT.exe
2020-04-10 16:51 - 2020-04-10 16:51 - 000002892 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2020-04-10 16:51 - 2020-04-10 16:51 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-04-10 16:51 - 2020-04-10 16:51 - 000000863 _____ C:\ProgramData\Desktop\CCleaner.lnk
2020-04-10 16:51 - 2020-04-10 16:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-04-10 16:50 - 2020-04-10 16:51 - 000000000 ____D C:\Program Files\CCleaner
2020-04-10 16:20 - 2020-04-10 16:20 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-04-10 16:20 - 2020-04-10 16:20 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-04-10 16:20 - 2020-04-10 16:20 - 000000000 ____D C:\Users\usuario\AppData\Local\mbam
2020-04-10 16:20 - 2020-04-10 16:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2020-04-10 16:20 - 2020-04-10 16:20 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-04-10 16:19 - 2020-04-10 16:19 - 000000000 ____D C:\Program Files\Malwarebytes
2020-04-10 15:59 - 2020-04-10 16:17 - 000000351 _____ C:\DelFix.txt
2020-04-10 15:59 - 2020-04-10 15:59 - 000000000 ____D C:\WINDOWS\ERUNT
2020-04-10 15:43 - 2020-04-10 15:44 - 008196784 _____ (Malwarebytes) C:\Users\usuario\Desktop\adwcleaner_8.0.4.exe
2020-04-10 14:58 - 2020-04-10 14:58 - 000000000 ____D C:\Users\usuario\AppData\Local\mbamtray
2020-04-09 21:49 - 2020-04-10 11:40 - 000000000 ____D C:\Users\usuario\AppData\LocalLow\WebEx
2020-04-09 21:49 - 2020-04-10 11:25 - 000000000 ____D C:\Users\usuario\AppData\Local\WebEx
2020-04-09 21:47 - 2020-04-09 21:47 - 000000000 ____D C:\Users\usuario\AppData\Roaming\Webex
2020-04-09 21:47 - 2020-04-09 21:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco Webex Meetings
2020-04-09 21:47 - 2020-04-09 21:47 - 000000000 ____D C:\Program Files (x86)\Webex
2020-04-08 21:45 - 2020-04-08 21:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOOM Eternal
2020-04-08 21:23 - 2020-04-08 21:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assassin's Creed Odyssey
2020-04-08 11:13 - 2020-04-10 14:55 - 000000000 ____D C:\Users\usuario\AppData\Roaming\qBittorrent
2020-04-08 11:13 - 2020-04-08 11:13 - 000000000 ____D C:\Users\usuario\AppData\Local\qBittorrent
2020-04-08 11:13 - 2020-04-08 11:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2020-04-08 11:13 - 2020-04-08 11:13 - 000000000 ____D C:\Program Files (x86)\qBittorrent
2020-04-07 15:07 - 2020-04-08 21:46 - 000000000 ____D C:\Users\usuario\AppData\LocalLow\uTorrent
2020-04-06 22:10 - 2020-04-06 22:10 - 000000000 ____D C:\Users\usuario\AppData\LocalLow\AMD
2020-04-06 21:52 - 2020-04-06 21:52 - 000000000 ____D C:\Users\usuario\AppData\Local\NVIDIA Corporation
2020-04-06 21:49 - 2020-04-10 19:17 - 000003300 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2020-04-06 21:49 - 2020-04-06 21:50 - 000000000 ____D C:\Users\usuario\AppData\Local\AMD
2020-04-06 21:28 - 2020-04-06 21:28 - 000003194 _____ C:\WINDOWS\system32\Tasks\ModifyLinkUpdate
2020-04-06 21:28 - 2020-04-06 21:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Software
2020-04-06 21:27 - 2020-04-06 21:27 - 000003160 _____ C:\WINDOWS\system32\Tasks\StartCN
2020-04-06 21:27 - 2020-04-06 21:27 - 000003080 _____ C:\WINDOWS\system32\Tasks\StartDVR
2020-04-06 21:27 - 2020-04-06 21:27 - 000000000 ____D C:\Program Files (x86)\AMD
2020-04-06 21:27 - 2020-03-02 18:37 - 001763344 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-04-06 21:27 - 2020-03-02 18:37 - 001763344 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-04-06 21:27 - 2020-03-02 18:37 - 001357840 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-04-06 21:27 - 2020-03-02 18:37 - 001357840 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-04-06 21:27 - 2020-03-02 18:37 - 001083320 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-04-06 21:27 - 2020-03-02 18:37 - 001083320 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-04-06 21:27 - 2020-03-02 18:37 - 000942168 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-04-06 21:27 - 2020-03-02 18:37 - 000942168 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-04-06 21:27 - 2020-03-02 18:37 - 000572432 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2020-04-06 21:27 - 2020-03-02 18:37 - 000489488 _____ C:\WINDOWS\system32\GameManager64.dll
2020-04-06 21:27 - 2020-03-02 18:37 - 000483344 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2020-04-06 21:27 - 2020-03-02 18:37 - 000372240 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2020-04-06 21:27 - 2020-03-02 18:37 - 000182288 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2020-04-06 21:27 - 2020-03-02 18:37 - 000160784 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2020-04-06 21:27 - 2020-03-02 18:37 - 000151056 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2020-04-06 21:27 - 2020-03-02 18:37 - 000136208 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2020-04-06 21:27 - 2020-03-02 18:37 - 000089104 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mcl64.dll
2020-04-06 21:27 - 2020-03-02 18:37 - 000073744 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mcl32.dll
2020-04-06 21:27 - 2020-03-02 18:37 - 000045072 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2020-04-06 21:27 - 2020-03-02 18:37 - 000042000 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2020-04-06 21:27 - 2020-03-02 18:36 - 062865424 _____ C:\WINDOWS\system32\amd_comgr.dll
2020-04-06 21:27 - 2020-03-02 18:36 - 052401168 _____ C:\WINDOWS\SysWOW64\amd_comgr32.dll
2020-04-06 21:27 - 2020-03-02 18:36 - 004583440 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2020-04-06 21:27 - 2020-03-02 18:36 - 004092944 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2020-04-06 21:27 - 2020-03-02 18:36 - 001728528 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2020-04-06 21:27 - 2020-03-02 18:36 - 001241104 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2020-04-06 21:27 - 2020-03-02 18:36 - 001241104 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2020-04-06 21:27 - 2020-03-02 18:36 - 000939536 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2020-04-06 21:27 - 2020-03-02 18:36 - 000766992 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2020-04-06 21:27 - 2020-03-02 18:36 - 000758800 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2020-04-06 21:27 - 2020-03-02 18:36 - 000551952 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2020-04-06 21:27 - 2020-03-02 18:36 - 000491536 _____ C:\WINDOWS\system32\dgtrayicon.exe
2020-04-06 21:27 - 2020-03-02 18:36 - 000466960 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2020-04-06 21:27 - 2020-03-02 18:36 - 000464912 _____ C:\WINDOWS\system32\amdlogum.exe
2020-04-06 21:27 - 2020-03-02 18:36 - 000449552 _____ C:\WINDOWS\system32\atieah64.exe
2020-04-06 21:27 - 2020-03-02 18:36 - 000426512 _____ C:\WINDOWS\system32\EEURestart.exe
2020-04-06 21:27 - 2020-03-02 18:36 - 000381968 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2020-04-06 21:27 - 2020-03-02 18:36 - 000343568 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2020-04-06 21:27 - 2020-03-02 18:36 - 000342544 _____ C:\WINDOWS\system32\clinfo.exe
2020-04-06 21:27 - 2020-03-02 18:36 - 000239632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2020-04-06 21:27 - 2020-03-02 18:36 - 000206864 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2020-04-06 21:27 - 2020-03-02 18:36 - 000195656 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdihk64.dll
2020-04-06 21:27 - 2020-03-02 18:36 - 000176616 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2020-04-06 21:27 - 2020-03-02 18:36 - 000157200 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2020-04-06 21:27 - 2020-03-02 18:36 - 000155968 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2020-04-06 21:27 - 2020-03-02 18:36 - 000134160 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2020-04-06 21:27 - 2020-03-02 18:36 - 000134160 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2020-04-06 21:27 - 2020-03-02 18:36 - 000133136 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-04-06 21:27 - 2020-03-02 18:36 - 000122384 _____ C:\WINDOWS\system32\atidxx64.dll
2020-04-06 21:27 - 2020-03-02 18:36 - 000119312 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-04-06 21:27 - 2020-03-02 18:36 - 000118800 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2020-04-06 21:27 - 2020-03-02 18:36 - 000104976 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2020-04-06 21:27 - 2020-03-02 18:36 - 000103952 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2020-04-06 21:27 - 2020-03-02 18:36 - 000068624 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2020-04-06 21:27 - 2020-03-02 18:36 - 000018760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2020-04-06 21:27 - 2020-03-02 18:36 - 000018760 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2020-04-06 21:27 - 2020-03-02 18:35 - 078648848 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdhip64.dll
2020-04-06 21:27 - 2020-03-02 18:35 - 001684384 _____ (AMD) C:\WINDOWS\system32\amf-mft-mjpeg-decoder64.dll
2020-04-06 21:27 - 2020-03-02 18:35 - 001363744 _____ (AMD) C:\WINDOWS\SysWOW64\amf-mft-mjpeg-decoder32.dll
2020-04-06 21:27 - 2020-03-02 18:35 - 000544696 _____ C:\WINDOWS\system32\amdmiracast.dll
2020-04-06 21:27 - 2020-03-02 18:35 - 000482320 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2020-04-06 21:27 - 2020-03-02 18:35 - 000371728 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2020-04-06 21:27 - 2020-03-02 18:35 - 000165256 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll
2020-04-06 21:27 - 2020-03-02 18:35 - 000133312 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2020-04-06 21:27 - 2020-03-02 18:35 - 000127104 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2020-04-06 21:27 - 2020-03-02 18:35 - 000127104 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2020-04-06 21:27 - 2020-03-02 18:35 - 000118224 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2020-04-06 21:27 - 2020-03-02 18:35 - 000106208 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2020-04-06 21:27 - 2020-03-02 18:35 - 000106208 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2020-04-06 21:27 - 2020-03-02 16:52 - 003471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2020-04-06 21:27 - 2020-03-02 16:52 - 003437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2020-04-06 21:27 - 2020-03-02 16:52 - 000543136 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2020-04-06 21:27 - 2020-03-02 16:52 - 000543136 _____ C:\WINDOWS\system32\atiapfxx.blb
2020-04-06 21:27 - 2020-03-02 16:52 - 000125488 _____ C:\WINDOWS\system32\kapp_ci.sbin
2020-04-06 21:27 - 2020-03-02 16:51 - 000069770 _____ C:\WINDOWS\system32\AMDKernelEvents.man
2020-04-06 21:26 - 2020-04-10 19:17 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2020-04-06 21:26 - 2020-04-06 21:26 - 000000000 ____D C:\WINDOWS\system32\AMD
2020-04-06 21:25 - 2020-04-07 09:48 - 000000000 ____D C:\AMD
2020-04-06 21:25 - 2020-04-06 21:28 - 000000000 ____D C:\Program Files\AMD
2020-04-06 21:25 - 2020-04-06 21:25 - 000000000 ____D C:\Users\usuario\AppData\Local\RadeonInstaller
2020-04-06 21:25 - 2020-04-06 21:25 - 000000000 ____D C:\ProgramData\AMD
2020-04-06 21:25 - 2019-09-18 17:33 - 000204952 _____ C:\WINDOWS\SysWOW64\ativvsvl.dat
2020-04-06 21:25 - 2019-09-18 17:33 - 000204952 _____ C:\WINDOWS\system32\ativvsvl.dat
2020-04-06 21:25 - 2019-09-18 17:33 - 000157144 _____ C:\WINDOWS\SysWOW64\ativvsva.dat
2020-04-06 21:25 - 2019-09-18 17:33 - 000157144 _____ C:\WINDOWS\system32\ativvsva.dat
2020-04-06 21:25 - 2019-09-18 17:33 - 000154384 _____ C:\WINDOWS\system32\samu_krnl_ci.sbin
2020-04-06 21:25 - 2019-09-18 17:33 - 000138832 _____ C:\WINDOWS\system32\samu_krnl_isv_ci.sbin
2020-04-06 21:25 - 2019-09-18 17:33 - 000121168 _____ C:\WINDOWS\system32\kapp_si.sbin
2020-04-06 21:18 - 2020-04-06 21:19 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2020-04-06 20:35 - 2020-04-06 20:35 - 000003794 _____ C:\WINDOWS\system32\Tasks\Intel PTT EK Recertification
2020-04-06 20:29 - 2020-04-06 20:29 - 006627296 _____ (Intel Corporation) C:\WINDOWS\system32\igdusc64.dll
2020-04-06 20:29 - 2020-04-06 20:29 - 005083816 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll
2020-04-06 20:29 - 2020-04-06 20:29 - 001792264 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll
2020-04-06 20:29 - 2020-04-06 20:29 - 001789640 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll
2020-04-06 20:29 - 2020-04-06 20:29 - 001581960 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2020-04-06 20:29 - 2020-04-06 20:29 - 001169800 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2020-04-06 20:29 - 2020-04-06 20:29 - 000696416 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll
2020-04-06 20:29 - 2020-04-06 20:29 - 000407432 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll
2020-04-06 20:29 - 2020-04-06 20:29 - 000380808 _____ (Intel Corporation) C:\WINDOWS\system32\igfxOSP.dll
2020-04-06 20:29 - 2020-04-06 20:29 - 000309640 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll
2020-04-06 20:29 - 2020-04-06 20:29 - 000246152 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDTCM.dll
2020-04-06 20:29 - 2020-04-06 20:29 - 000231200 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll
2020-04-06 20:29 - 2020-04-06 20:29 - 000226184 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v5107.dll
2020-04-06 20:29 - 2020-04-06 20:29 - 000194760 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll
2020-04-06 20:29 - 2020-04-06 20:29 - 000173528 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2020-04-06 20:29 - 2020-04-06 20:29 - 000172504 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2020-04-06 20:29 - 2020-04-06 20:29 - 000150072 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2020-04-06 20:29 - 2020-04-06 20:29 - 000150072 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2020-04-06 20:29 - 2020-04-06 20:29 - 000102792 _____ ( ) C:\WINDOWS\system32\igfxSDKLibv2_0.dll
2020-04-06 20:29 - 2020-04-06 20:29 - 000095328 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll
2020-04-06 20:29 - 2020-04-06 20:29 - 000094600 _____ C:\WINDOWS\system32\igfxCUIServicePS.dll
2020-04-06 20:29 - 2020-04-06 20:29 - 000092040 _____ ( ) C:\WINDOWS\system32\igfxSDKLib.dll
2020-04-06 20:29 - 2020-04-06 20:29 - 000091232 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll
2020-04-06 20:29 - 2020-04-06 20:29 - 000086408 _____ ( ) C:\WINDOWS\system32\igfxDHLibv2_0.dll
2020-04-06 20:29 - 2020-04-06 20:29 - 000076168 _____ ( ) C:\WINDOWS\system32\igfxDHLib.dll
2020-04-06 20:29 - 2020-04-06 20:29 - 000045840 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll
2020-04-06 20:29 - 2020-04-06 20:29 - 000043912 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2020-04-06 20:29 - 2020-04-06 20:29 - 000020360 _____ ( ) C:\WINDOWS\system32\igfxDILibv2_0.dll
2020-04-06 20:29 - 2020-04-06 20:29 - 000020360 _____ ( ) C:\WINDOWS\system32\igfxDILib.dll
2020-04-06 20:29 - 2020-04-06 20:29 - 000018824 _____ ( ) C:\WINDOWS\system32\igfxEMLibv2_0.dll
2020-04-06 20:29 - 2020-04-06 20:29 - 000018824 _____ ( ) C:\WINDOWS\system32\igfxEMLib.dll
2020-04-06 20:29 - 2020-04-06 20:29 - 000013704 _____ ( ) C:\WINDOWS\system32\igfxLHMLibv2_0.dll
2020-04-06 20:29 - 2020-04-06 20:29 - 000013704 _____ ( ) C:\WINDOWS\system32\igfxLHMLib.dll
2020-04-06 20:28 - 2020-04-06 20:29 - 039512728 _____ (Intel Corporation) C:\WINDOWS\system32\igdumdim64.dll
2020-04-06 20:28 - 2020-04-06 20:28 - 038561968 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll
2020-04-06 20:28 - 2020-04-06 20:28 - 034518328 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd11dxva32.dll
2020-04-06 20:28 - 2020-04-06 20:28 - 033176992 _____ (Intel Corporation) C:\WINDOWS\system32\igd11dxva64.dll
2020-04-06 20:28 - 2020-04-06 20:28 - 029092744 _____ (Intel Corporation) C:\WINDOWS\system32\common_clang64.dll
2020-04-06 20:28 - 2020-04-06 20:28 - 019852680 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\common_clang32.dll
2020-04-06 20:28 - 2020-04-06 20:28 - 016301104 _____ (Intel Corporation) C:\WINDOWS\system32\igd10iumd64.dll
2020-04-06 20:28 - 2020-04-06 20:28 - 015336424 _____ (Intel Corporation) C:\WINDOWS\system32\igc64.dll
2020-04-06 20:28 - 2020-04-06 20:28 - 013358712 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igc32.dll
2020-04-06 20:28 - 2020-04-06 20:28 - 012941968 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll
2020-04-06 20:28 - 2020-04-06 20:28 - 011739528 _____ (Intel Corporation) C:\WINDOWS\system32\ig75icd64.dll
2020-04-06 20:28 - 2020-04-06 20:28 - 008725896 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig75icd32.dll
2020-04-06 20:28 - 2020-04-06 20:28 - 005674888 _____ (Intel Corporation) C:\WINDOWS\system32\igdmcl64.dll
2020-04-06 20:28 - 2020-04-06 20:28 - 005254024 _____ (Intel Corporation) C:\WINDOWS\system32\GfxResources.dll
2020-04-06 20:28 - 2020-04-06 20:28 - 004921736 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll
2020-04-06 20:28 - 2020-04-06 20:28 - 004360072 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll
2020-04-06 20:28 - 2020-04-06 20:28 - 004223248 _____ (Intel Corporation) C:\WINDOWS\system32\igd12umd64.dll
2020-04-06 20:28 - 2020-04-06 20:28 - 004195152 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd12umd32.dll
2020-04-06 20:28 - 2020-04-06 20:28 - 003963272 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmcl32.dll
2020-04-06 20:28 - 2020-04-06 20:28 - 002363744 _____ (Intel Corporation) C:\WINDOWS\system32\igdmd64.dll
2020-04-06 20:28 - 2020-04-06 20:28 - 001834032 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmd32.dll
2020-04-06 20:28 - 2020-04-06 20:28 - 001376256 _____ C:\WINDOWS\system32\iglhxa64.cpa
2020-04-06 20:28 - 2020-04-06 20:28 - 001006112 _____ C:\WINDOWS\system32\igfxSDK.exe
2020-04-06 20:28 - 2020-04-06 20:28 - 000950304 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe
2020-04-06 20:28 - 2020-04-06 20:28 - 000946720 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe
2020-04-06 20:28 - 2020-04-06 20:28 - 000830871 _____ C:\WINDOWS\system32\DisplayAudiox64.cab
2020-04-06 20:28 - 2020-04-06 20:28 - 000449056 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe
2020-04-06 20:28 - 2020-04-06 20:28 - 000431136 _____ (Intel Corporation) C:\WINDOWS\system32\IntelCpHDCPSvc.exe
2020-04-06 20:28 - 2020-04-06 20:28 - 000429960 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll
2020-04-06 20:28 - 2020-04-06 20:28 - 000384032 _____ C:\WINDOWS\system32\igfxTray.exe
2020-04-06 20:28 - 2020-04-06 20:28 - 000379784 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll
2020-04-06 20:28 - 2020-04-06 20:28 - 000378400 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2020-04-06 20:28 - 2020-04-06 20:28 - 000300984 _____ (Intel Corporation) C:\WINDOWS\system32\igd10idpp64.dll
2020-04-06 20:28 - 2020-04-06 20:28 - 000285976 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10idpp32.dll
2020-04-06 20:28 - 2020-04-06 20:28 - 000264584 _____ C:\WINDOWS\system32\igfxCPL.cpl
2020-04-06 20:28 - 2020-04-06 20:28 - 000257416 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll
2020-04-06 20:28 - 2020-04-06 20:28 - 000250400 _____ (Intel Corporation) C:\WINDOWS\system32\igfxHK.exe
2020-04-06 20:28 - 2020-04-06 20:28 - 000218656 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2020-04-06 20:28 - 2020-04-06 20:28 - 000216456 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll
2020-04-06 20:28 - 2020-04-06 20:28 - 000214560 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe
2020-04-06 20:28 - 2020-04-06 20:28 - 000214048 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe
2020-04-06 20:28 - 2020-04-06 20:28 - 000212168 _____ (Intel Corporation) C:\WINDOWS\system32\igdde64.dll
2020-04-06 20:28 - 2020-04-06 20:28 - 000184200 _____ (Intel Corporation) C:\WINDOWS\system32\igdail64.dll
2020-04-06 20:28 - 2020-04-06 20:28 - 000171632 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdde32.dll
2020-04-06 20:28 - 2020-04-06 20:28 - 000164744 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdail32.dll
2020-04-06 20:28 - 2020-04-06 20:28 - 000157728 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2020-04-06 20:28 - 2020-04-06 20:28 - 000044194 _____ C:\WINDOWS\system32\iglhxc64.vp
2020-04-06 20:28 - 2020-04-06 20:28 - 000043760 _____ C:\WINDOWS\system32\iglhxg64.vp
2020-04-06 20:28 - 2020-04-06 20:28 - 000043732 _____ C:\WINDOWS\system32\iglhxg64_dev.vp
2020-04-06 20:28 - 2020-04-06 20:28 - 000043214 _____ C:\WINDOWS\system32\iglhxc64_dev.vp
2020-04-06 20:28 - 2020-04-06 20:28 - 000043143 _____ C:\WINDOWS\system32\iglhxo64_dev.vp
2020-04-06 20:28 - 2020-04-06 20:28 - 000042513 _____ C:\WINDOWS\system32\iglhxo64.vp
2020-04-06 20:28 - 2020-04-06 20:28 - 000004858 _____ C:\WINDOWS\system32\iglhxs64.vp
2020-04-06 20:28 - 2020-04-06 20:28 - 000001125 _____ C:\WINDOWS\system32\iglhxa64.vp
2020-04-06 20:26 - 2020-04-06 20:29 - 000000000 ____D C:\WINDOWS\LastGood
2020-04-06 20:25 - 2020-04-06 20:25 - 001804776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01011.dll
2020-04-06 20:25 - 2020-04-06 20:25 - 000033424 _____ (ELAN Microelectronic Corp.) C:\WINDOWS\system32\Drivers\ETDSMBus.sys
2020-04-06 20:25 - 2020-04-06 20:25 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_ETDSMBus_01011.Wdf
2020-04-06 20:25 - 2020-04-06 20:25 - 000000000 ____D C:\Program Files\Elantech
2020-04-06 20:18 - 2020-04-06 20:18 - 000007597 _____ C:\Users\usuario\AppData\Local\Resmon.ResmonCfg
2020-04-06 17:09 - 2020-04-10 15:52 - 000000000 ____D C:\Program Files (x86)\Geeks3D
2020-03-29 13:50 - 2020-03-29 13:50 - 000000000 ____D C:\WINDOWS\Panther
2020-03-27 14:09 - 2020-03-27 14:09 - 000010021 _____ C:\Users\usuario\Desktop\1stsessionIan.odt
2020-03-26 14:34 - 2020-03-26 14:34 - 000132226 _____ C:\Users\usuario\Desktop\present continous IAN.pdf
2020-03-25 14:06 - 2020-03-25 14:06 - 000152580 _____ C:\Users\usuario\Desktop\PRESENT SIMPLE IAN.pdf
2020-03-22 22:29 - 2020-03-24 22:29 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2020-03-16 17:05 - 2020-03-16 17:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server
2020-03-16 17:05 - 2020-03-16 17:05 - 000000000 ____D C:\Program Files (x86)\Plex
2020-03-15 15:24 - 2020-03-15 15:25 - 000000000 ____D C:\Users\usuario\AppData\Roaming\DarkSoulsIII
2020-03-15 15:24 - 2020-03-15 15:24 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2020-03-15 15:18 - 2020-03-15 15:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dark Souls III
2020-03-13 20:43 - 2020-03-13 20:43 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-03-13 20:43 - 2020-03-13 20:43 - 009930552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-03-13 20:43 - 2020-03-13 20:43 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-03-13 20:43 - 2020-03-13 20:43 - 006520776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-03-13 20:43 - 2020-03-13 20:43 - 004563416 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-03-13 20:43 - 2020-03-13 20:43 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-03-13 20:43 - 2020-03-13 20:43 - 001398584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-03-13 20:43 - 2020-03-13 20:43 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-03-13 20:43 - 2020-03-13 20:43 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2020-03-13 20:43 - 2020-03-13 20:43 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-03-13 20:43 - 2020-03-13 20:43 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-03-11 19:27 - 2020-03-11 19:27 - 022635008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 019850240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 019812352 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 018027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 011607552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 009711616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 007755776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 006084344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 005911040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 004855808 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 004580352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 003819520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 003799552 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 003728896 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-03-11 19:27 - 2020-03-11 19:27 - 003488768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 002956688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-03-11 19:27 - 2020-03-11 19:27 - 002768440 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 002698040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-03-11 19:27 - 2020-03-11 19:27 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 002494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 002224952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 002180408 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 002087376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 002072664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 002031104 _____ C:\WINDOWS\system32\rdpnano.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 001999952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 001867816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 001835128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 001770552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 001665416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 001657120 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 001647072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 001555904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 001490640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 001484600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 001480192 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-03-11 19:27 - 2020-03-11 19:27 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 001417976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 001413632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 001284096 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 001282944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 001214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 001153024 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 001108040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 001097728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 001088000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 001083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000908504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000883712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000877232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowsperformancerecordercontrol.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000757632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000739328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscsvc.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000734720 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetup.exe
2020-03-11 19:27 - 2020-03-11 19:27 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000680184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-03-11 19:27 - 2020-03-11 19:27 - 000669496 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000668296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000636848 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxs.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-03-11 19:27 - 2020-03-11 19:27 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2020-03-11 19:27 - 2020-03-11 19:27 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000551824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxs.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-03-11 19:27 - 2020-03-11 19:27 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000510768 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2020-03-11 19:27 - 2020-03-11 19:27 - 000459688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-03-11 19:27 - 2020-03-11 19:27 - 000455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-03-11 19:27 - 2020-03-11 19:27 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-03-11 19:27 - 2020-03-11 19:27 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacEncoder.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000248064 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacEncoder.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000221200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-03-11 19:27 - 2020-03-11 19:27 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-03-11 19:27 - 2020-03-11 19:27 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiswan.sys
2020-03-11 19:27 - 2020-03-11 19:27 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-03-11 19:27 - 2020-03-11 19:27 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000165504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-03-11 19:27 - 2020-03-11 19:27 - 000146712 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceMetadataRetrievalClient.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000130112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000120560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2020-03-11 19:27 - 2020-03-11 19:27 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2020-03-11 19:27 - 2020-03-11 19:27 - 000089568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe
2020-03-11 19:27 - 2020-03-11 19:27 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstUI.exe
2020-03-11 19:27 - 2020-03-11 19:27 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000042296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2020-03-11 19:27 - 2020-03-11 19:27 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2020-03-11 19:27 - 2020-03-11 19:27 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxstrace.exe
2020-03-11 19:27 - 2020-03-11 19:27 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnpcont.exe
2020-03-11 19:27 - 2020-03-11 19:27 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxstrace.exe
2020-03-11 19:27 - 2020-03-11 19:27 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000019768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2020-03-11 19:27 - 2020-03-11 19:27 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\MUILanguageCleanup.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\LangCleanupSysprepAction.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetupproxyserv.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-03-11 19:27 - 2020-03-11 19:27 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-03-11 19:26 - 2020-03-11 19:27 - 007905784 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-03-11 19:26 - 2020-03-11 19:26 - 003977216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2020-03-11 19:26 - 2020-03-11 19:26 - 003708928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-03-11 19:26 - 2020-03-11 19:26 - 003587896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-03-11 19:26 - 2020-03-11 19:26 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-03-11 19:26 - 2020-03-11 19:26 - 002870272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-03-11 19:26 - 2020-03-11 19:26 - 002715648 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-03-11 19:26 - 2020-03-11 19:26 - 002289152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-03-11 19:26 - 2020-03-11 19:26 - 001764336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2020-03-11 19:26 - 2020-03-11 19:26 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-03-11 19:26 - 2020-03-11 19:26 - 001581056 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2020-03-11 19:26 - 2020-03-11 19:26 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-03-11 19:26 - 2020-03-11 19:26 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-03-11 19:26 - 2020-03-11 19:26 - 000851968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-03-11 19:26 - 2020-03-11 19:26 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-03-11 19:26 - 2020-03-11 19:26 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-03-11 19:26 - 2020-03-11 19:26 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-03-11 19:26 - 2020-03-11 19:26 - 000379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-03-11 19:26 - 2020-03-11 19:26 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-03-11 19:26 - 2020-03-11 19:26 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2020-03-11 19:26 - 2020-03-11 19:26 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-03-11 19:26 - 2020-03-11 19:26 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-03-11 19:26 - 2020-03-11 19:26 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-03-11 19:26 - 2020-03-11 19:26 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll
2020-03-11 19:26 - 2020-03-11 19:26 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-03-11 19:26 - 2020-03-11 19:26 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-03-11 19:26 - 2020-03-11 19:26 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-03-11 19:26 - 2020-03-11 19:26 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-03-11 19:26 - 2020-03-11 19:26 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-03-11 19:26 - 2020-03-11 19:26 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-03-11 19:26 - 2020-03-11 19:26 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2020-03-11 19:26 - 2020-03-11 19:26 - 000131896 _____ (Microsoft Corporation) C:\WINDOWS\system32\DTUHandler.exe
2020-03-11 19:26 - 2020-03-11 19:26 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-03-11 19:26 - 2020-03-11 19:26 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-03-11 19:26 - 2020-03-11 19:26 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-03-11 19:26 - 2020-03-11 19:26 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-03-11 19:26 - 2020-03-11 19:26 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-03-11 19:26 - 2020-03-11 19:26 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-03-11 19:26 - 2020-03-11 19:26 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-03-11 19:26 - 2020-03-11 19:26 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-03-11 19:26 - 2020-03-11 19:26 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-03-11 19:26 - 2020-03-11 19:26 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-03-11 19:26 - 2020-03-11 19:26 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-03-11 19:23 - 2020-02-11 06:48 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-03-11 19:23 - 2020-02-11 06:37 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe

==================== Un mes (modificado) ==================

(Si una entrada es incluida en el fixlist, el archivo/carpeta será eliminado/a.)

2020-04-10 19:23 - 2019-06-16 09:18 - 001773366 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-04-10 19:23 - 2019-03-19 13:59 - 000788560 _____ C:\WINDOWS\system32\perfh00A.dat
2020-04-10 19:23 - 2019-03-19 13:59 - 000155850 _____ C:\WINDOWS\system32\perfc00A.dat
2020-04-10 19:23 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2020-04-10 19:17 - 2019-06-16 09:08 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-04-10 19:17 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-04-10 19:17 - 2019-03-19 06:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-04-10 19:17 - 2018-11-17 10:41 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2020-04-10 19:17 - 2018-11-17 10:41 - 000000000 __SHD C:\Users\usuario\IntelGraphicsProfiles
2020-04-10 19:15 - 2019-06-16 09:02 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-04-10 17:30 - 2018-11-23 21:33 - 000000000 ____D C:\Users\usuario\AppData\Roaming\vlc
2020-04-10 16:54 - 2018-12-07 15:35 - 000000000 ____D C:\Program Files (x86)\Steam
2020-04-10 16:20 - 2019-03-19 06:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-04-10 16:12 - 2018-12-05 23:36 - 000000000 ____D C:\Users\usuario\AppData\Roaming\uTorrent
2020-04-10 16:12 - 2018-11-23 15:53 - 000000000 ____D C:\Users\usuario\AppData\Local\CrashDumps
2020-04-10 15:45 - 2018-12-06 15:08 - 000000000 ____D C:\Users\usuario\AppData\Roaming\IObit
2020-04-10 15:31 - 2019-07-15 14:16 - 000000000 ____D C:\WINDOWS\KMSAutoS
2020-04-10 14:57 - 2018-11-17 10:46 - 000000000 ____D C:\Users\usuario\AppData\LocalLow\Mozilla
2020-04-10 14:55 - 2018-11-23 21:47 - 000000000 ____D C:\Users\usuario\AppData\Roaming\discord
2020-04-10 14:50 - 2018-11-23 21:50 - 000000000 ____D C:\Users\usuario\AppData\Local\Ubisoft Game Launcher
2020-04-10 13:45 - 2019-04-06 17:28 - 000000000 ____D C:\Users\usuario\AppData\Roaming\.minecraft
2020-04-10 11:56 - 2018-11-17 10:34 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-04-10 11:56 - 2018-11-17 10:34 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-04-10 11:09 - 2019-02-10 11:17 - 000000000 ____D C:\Program Files (x86)\Origin
2020-04-10 11:03 - 2019-06-16 09:08 - 000005324 _____ C:\WINDOWS\system32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-NEHGOTG-usuario DESKTOP-NEHGOTG
2020-04-10 11:03 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-04-10 10:57 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-04-10 10:53 - 2019-12-14 15:13 - 000000000 ____D C:\Users\usuario\AppData\Local\Plex Media Server
2020-04-09 15:37 - 2018-11-17 11:28 - 000000000 ____D C:\Users\usuario\AppData\Local\D3DSCache
2020-04-09 12:55 - 2018-12-02 12:58 - 000000000 ____D C:\Users\usuario\AppData\Local\Spotify
2020-04-09 12:49 - 2018-12-02 12:58 - 000000000 ____D C:\Users\usuario\AppData\Roaming\Spotify
2020-04-08 21:10 - 2018-12-07 15:41 - 000000000 ____D C:\Users\usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2020-04-08 21:03 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-04-08 21:03 - 2018-11-17 10:25 - 000000000 ____D C:\Program Files\Microsoft Office
2020-04-07 15:07 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-04-07 09:39 - 2018-11-17 10:22 - 000000000 ____D C:\Users\usuario\AppData\Local\Packages
2020-04-06 22:29 - 2018-11-17 10:35 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-04-06 21:50 - 2020-02-16 14:47 - 000000000 ____D C:\Users\usuario\AppData\Local\cache
2020-04-06 21:27 - 2018-11-17 16:42 - 000000000 ____D C:\ProgramData\Package Cache
2020-04-06 20:29 - 2018-12-06 15:12 - 001160280 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2020-04-06 20:29 - 2018-11-17 10:41 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2020-04-06 20:29 - 2018-11-17 10:41 - 000000000 ____D C:\Program Files\Intel
2020-04-06 20:29 - 2016-11-02 00:05 - 007981528 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
2020-04-06 20:29 - 2016-11-02 00:05 - 002132872 _____ (Intel Corporation) C:\WINDOWS\system32\igfxLHM.dll
2020-04-06 20:29 - 2016-11-02 00:05 - 000746376 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDH.dll
2020-04-06 20:29 - 2016-11-02 00:05 - 000389512 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDI.dll
2020-04-06 20:28 - 2016-11-02 00:05 - 000355872 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCUIService.exe
2020-04-06 20:28 - 2016-11-02 00:05 - 000336416 _____ (Intel Corporation) C:\WINDOWS\system32\igfxEM.exe
2020-04-06 20:26 - 2019-12-11 21:54 - 000000000 ____D C:\ProgramData\Intel
2020-04-06 20:26 - 2019-07-19 12:37 - 000456952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp140.dll
2020-04-06 20:26 - 2019-07-19 12:37 - 000102664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vcruntime140.dll
2020-04-06 20:26 - 2018-12-06 15:09 - 000223832 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\TeeDriverW8x64.sys
2020-04-06 20:26 - 2018-11-17 10:41 - 000000000 ____D C:\Program Files (x86)\Intel
2020-04-06 17:09 - 2018-11-17 10:22 - 000000000 ____D C:\Users\usuario\AppData\Local\VirtualStore
2020-04-05 13:45 - 2019-12-31 17:43 - 000000000 ____D C:\Program Files (x86)\Razer
2020-04-02 10:20 - 2019-01-22 14:02 - 000744808 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-03-29 22:30 - 2019-06-16 08:49 - 000000000 ____D C:\Users\usuario
2020-03-25 17:03 - 2018-11-17 10:16 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-03-24 22:29 - 2019-12-31 17:47 - 000000000 ____D C:\temp
2020-03-24 22:29 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\Help
2020-03-24 21:20 - 2018-11-27 10:33 - 000000431 _____ C:\WINDOWS\BRWMARK.INI
2020-03-24 14:04 - 2019-10-04 11:50 - 000003518 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2020-03-22 15:35 - 2019-06-16 09:08 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-236468405-2727926213-210120444-1001
2020-03-22 15:35 - 2019-06-16 08:49 - 000002403 _____ C:\Users\usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-03-22 15:35 - 2018-11-17 10:24 - 000000000 ___RD C:\Users\usuario\OneDrive
2020-03-21 12:22 - 2019-06-16 09:08 - 000003622 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-03-21 12:22 - 2019-06-16 09:08 - 000003498 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-03-18 13:21 - 2019-06-16 09:08 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-03-18 13:21 - 2018-11-17 10:41 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-03-17 15:15 - 2019-01-02 15:58 - 000002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2020-03-17 15:15 - 2019-01-02 15:58 - 000002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2020-03-13 23:45 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-03-13 23:45 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-03-13 20:44 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-03-13 17:29 - 2019-04-12 21:30 - 000000000 ____D C:\Users\usuario\AppData\Local\BitTorrentHelper
2020-03-12 13:59 - 2019-06-16 09:02 - 000462280 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-03-12 13:59 - 2018-11-17 10:22 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-03-12 13:59 - 2018-11-17 10:22 - 000000000 ___RD C:\Users\usuario\3D Objects
2020-03-11 23:01 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-03-11 23:01 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-03-11 23:01 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-03-11 23:01 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2020-03-11 23:01 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-03-11 23:01 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\servicing
2020-03-11 19:29 - 2018-11-17 10:49 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-03-11 19:28 - 2018-11-17 10:49 - 121542864 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Archivos en la raíz de algunos directorios ========

2020-01-25 15:34 - 2020-01-25 15:34 - 026729513 _____ (                                                            ) C:\Users\usuario\AppData\Roaming\InlogBrowser_setup.exe
2019-01-02 15:58 - 2019-01-02 15:58 - 000000410 _____ () C:\Users\usuario\AppData\Local\oobelibMkey.log
2020-04-06 20:18 - 2020-04-06 20:18 - 000007597 _____ () C:\Users\usuario\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(No existe una corrección automática para los archivos que no pasan la verificación.)

==================== Final de FRST.txt ========================

Pedro_sdk · 10 Abril, 2020 17:42

Resultados del Análisis Adicional de Farbar Recovery Scan Tool (x64) Versión: 05-04-2020
Ejecutado por usuario (10-04-2020 19:25:46)
Ejecutado desde C:\Users\usuario\Desktop
Windows 10 Pro Versión 1909 18363.720 (X64) (2019-06-16 07:08:47)
Modo de Inicio: Normal
==========================================================


==================== Cuentas: =============================

Administrador (S-1-5-21-236468405-2727926213-210120444-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-236468405-2727926213-210120444-503 - Limited - Disabled)
Invitado (S-1-5-21-236468405-2727926213-210120444-501 - Limited - Disabled)
usuario (S-1-5-21-236468405-2727926213-210120444-1001 - Administrator - Enabled) => C:\Users\usuario
WDAGUtilityAccount (S-1-5-21-236468405-2727926213-210120444-504 - Limited - Disabled)

==================== Centro de Seguridad ========================

(Si una entrada es incluida en el fixlist, será eliminada.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Cortafuegos (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Programas instalados ======================

(Solo los programas de adware con indicador "Oculto", pueden ser añadidos al fixlist para hacerlos visibles. Los programas adware deben ser desinstalados manualmente.)

µTorrent (HKU\S-1-5-21-236468405-2727926213-210120444-1001\...\uTorrent) (Version: 3.5.5.45628 - BitTorrent Inc.)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 20.2.2 - Advanced Micro Devices, Inc.)
Asistente para actualización a Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22807 - Microsoft Corporation)
Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version:  - Ubisoft)
Assassin's Creed Odyssey (HKLM-x32\...\{B7EC622B-1979-450E-8281-C5648506DB83}_is1) (Version:  - Ubisoft)
Assassin's Creed Unity (HKLM-x32\...\Uplay Install 720) (Version:  - Ubisoft)
AVG (HKLM\...\{E61E6143-4937-43FC-8C12-06B8A987484D}) (Version: 1.211.3 - AVG Technologies) Hidden
Branding64 (HKLM\...\{856DA29A-EA4A-468B-BBC2-B5F60DD75BFE}) (Version: 1.00.0002 - Advanced Micro Devices, Inc.) Hidden
calibre 64bit (HKLM\...\{2E30EF94-3222-47C1-BFEA-112D0FCF2D07}) (Version: 4.10.1 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.65 - Piriform)
Cisco Webex Meetings (HKLM-x32\...\{0384BC6E-D3AF-40C4-9AA4-9846AC8BE091}) (Version: 40.2.12.18 - Cisco Webex LLC)
Dark Souls III Deluxe Edition MULTi12 - ElAmigos versión 1.15 reg. 1.35 (HKLM-x32\...\{C21D00A3-8A5B-489A-801C-DB8388811C16}_is1) (Version: 1.15 reg. 1.35 - FromSoftware)
Discord (HKU\S-1-5-21-236468405-2727926213-210120444-1001\...\Discord) (Version: 0.0.306 - Discord Inc.)
DOOM Eternal (HKLM-x32\...\DOOM Eternal_is1) (Version:  - )
Eines de correcció del Microsoft Office 2013: català (HKLM\...\{90150000-001F-0403-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
eMule (HKLM-x32\...\eMule) (Version:  - )
Epic Games Launcher (HKLM-x32\...\{9B504F12-DA3B-4CEC-A6FD-B07D6C1FEA26}) (Version: 1.1.167.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Ferramentas de verificación de Microsoft Office 2013 - Galego (HKLM\...\{90150000-001F-0456-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
FMW 1 (HKLM\...\{36133E9F-B129-4206-9FB4-13F707787542}) (Version: 1.226.3 - AVG Technologies) Hidden
Google Chrome (HKLM\...\{6B4AAD8F-8925-3AAA-A393-53D28FD8A90B}) (Version: 80.0.3987.163 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.5107 - Intel Corporation)
Java 8 Update 191 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
Java 8 Update 191 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft Office Profesional Plus 2019 - es-es (HKLM\...\ProPlus2019Retail - es-es) (Version: 16.0.12624.20382 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-236468405-2727926213-210120444-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0010 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{E154B2C8-2F3E-4763-B3D5-E7D34AE39C6B}) (Version: 1.0.0.0 - Mojang)
Mozilla Firefox 75.0 (x64 es-ES) (HKLM\...\Mozilla Firefox 75.0 (x64 es-ES)) (Version: 75.0 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12624.20320 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12624.20320 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0C0A-1000-0000000FF1CE}) (Version: 16.0.12624.20320 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.67.39484 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Plex Media Server (HKLM-x32\...\{23062b36-eec3-43c5-9437-987990d2b300}) (Version: 1.18.7.2457 - Plex, Inc.)
Plex Media Server (HKLM-x32\...\{7E47A632-E6DD-4853-87F6-F878B731EF9E}) (Version: 1.18.2457 - Plex, Inc.) Hidden
qBittorrent 4.2.3 (HKLM-x32\...\qBittorrent) (Version: 4.2.3 - The qBittorrent project)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.5.0116.010714 - Razer Inc.)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM\...\{90150000-001F-0416-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Revo Uninstaller Pro 3.1.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.8 - VS Revo Group, Ltd.)
R-Link 2 Toolbox (HKU\S-1-5-21-236468405-2727926213-210120444-1001\...\{R-Link 2 Toolbox}}_is1) (Version: 1.7.3 - Renault)
Sekiro Shadows Die Twice (HKLM-x32\...\Sekiro Shadows Die Twice_is1) (Version:  - )
Spotify (HKU\S-1-5-21-236468405-2727926213-210120444-1001\...\Spotify) (Version: 1.1.30.658.gf13cde74 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stopping Plex (HKLM-x32\...\{0FBDB583-4DF5-416A-B787-BD273CA52776}) (Version: 1.18.2457 - Plex, Inc.) Hidden
Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version:  - Ubisoft Montreal)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 73.2 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)

Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-03] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-03] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.95.602.0_x64__mcm4njqhnhss8 [2019-10-26] (Netflix, Inc.)

==================== Personalizado CLSID (Lista blanca): ==============

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\usuario\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [Archivo no firmado]
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\usuario\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [Archivo no firmado]
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\usuario\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [Archivo no firmado]
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Ningún archivo
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\usuario\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [Archivo no firmado]
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\usuario\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [Archivo no firmado]
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\usuario\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [Archivo no firmado]
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> Ningún archivo
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2019-12-03] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> Ningún archivo
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Ningún archivo
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\usuario\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [Archivo no firmado]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\usuario\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [Archivo no firmado]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-04-10] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\usuario\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [Archivo no firmado]
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> Ningún archivo
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> Ningún archivo
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\usuario\AppData\Local\MEGAsync\ShellExtX64.dll [2017-10-18] () [Archivo no firmado]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2020-02-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Ningún archivo
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2020-04-06] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2019-12-03] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Ningún archivo
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-04-10] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2016-12-15] (VS Revo Group -> VS Revo Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Lista blanca) ====================

==================== Accesos directos & WMI ========================

==================== Módulos cargados (Lista blanca) =============

2017-10-18 23:51 - 2017-10-18 23:51 - 000598528 _____ () [Archivo no firmado] C:\Users\usuario\AppData\Local\MEGAsync\ShellExtX64.dll
2019-11-21 12:38 - 2020-03-16 15:05 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Archivo no firmado] C:\Program Files (x86)\Origin\LIBEAY32.dll
2019-02-10 11:17 - 2020-03-16 15:06 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Archivo no firmado] C:\Program Files (x86)\Origin\ssleay32.dll
2019-11-21 12:38 - 2020-03-03 16:35 - 001611264 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2020-04-10 11:09 - 2020-03-03 16:35 - 005487104 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files (x86)\Origin\Qt5Core.dll
2020-04-10 11:09 - 2020-03-03 16:35 - 005841920 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files (x86)\Origin\Qt5Gui.dll
2020-04-10 11:09 - 2020-03-03 16:35 - 001179136 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files (x86)\Origin\Qt5Network.dll
2020-04-10 11:09 - 2020-03-03 16:35 - 000146432 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2020-04-10 11:09 - 2020-03-03 16:35 - 005089792 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2020-04-10 11:09 - 2020-03-03 16:35 - 000184832 _____ (The Qt Company Ltd) [Archivo no firmado] C:\Program Files (x86)\Origin\Qt5Xml.dll

==================== Alternate Data Streams (Lista blanca) ========

(Si una entrada es incluida en el fixlist, solamente los ADS serán eliminados.)

AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [480]

==================== Modo Seguro (Lista blanca) ==================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El "AlternateShell" será restaurado.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Asociación (Lista blanca) =================

==================== Internet Explorer sitios de confianza/restringidos ==========

==================== Hosts contenido: =========================

(Si es necesario, la directiva Hosts: puede ser incluida en el fixlist para restablecer Hosts.)

2018-04-12 01:38 - 2019-01-02 15:54 - 000001094 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 na1r.services.adobe.com 
127.0.0.1 hlrcv.stage.adobe.com 
127.0.0.1 lmlicenses.wip4.adobe.com 
127.0.0.1 lm.licenses.adobe.com 
127.0.0.1 activate.adobe.com 
127.0.0.1 practivate.adobe.com 
127.0.0.1 genuine.adobe.com 
127.0.0.1 prod.adobegenuine.com 

==================== Otras Áreas ===========================

(Actualmente no existe una corrección automática para esta sección.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> c:\program files (x86)\razer\chromabroadcast\bin;c:\program files\razer\chromabroadcast\bin;c:\program files (x86)\common files\oracle\java\javapath;c:\windows\system32;c:\windows;c:\windows\system32\wbem;c:\windows\system32\windowspowershell\v1.0\;c:\windows\system32\openssh\;c:\program files\nvidia corporation\nvidia nvdlisr;c:\windows\system32;c:\windows;c:\windows\system32\wbem;c:\windows\system32\windowspowershell\v1.0\;c:\windows\system32\openssh\;c:\windows\system32\config\systemprofile\appdata\local\microsoft\windowsapps;c:\program files\calibre2\
HKU\S-1-5-21-236468405-2727926213-210120444-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg
DNS Servers: El medio no está conectado a internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Firewall de Windows está habilitado.

==================== MSCONFIG/TASK MANAGER elementos deshabilitados ==

(Si una entrada es incluida en el fixlist, será eliminada.)

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "AvgUi"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKU\S-1-5-21-236468405-2727926213-210120444-1001\...\StartupApproved\Run: => "appOnt"
HKU\S-1-5-21-236468405-2727926213-210120444-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-236468405-2727926213-210120444-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-236468405-2727926213-210120444-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-236468405-2727926213-210120444-1001\...\StartupApproved\Run: => "Plex Media Server"
HKU\S-1-5-21-236468405-2727926213-210120444-1001\...\StartupApproved\Run: => "Synapse3"
HKU\S-1-5-21-236468405-2727926213-210120444-1001\...\StartupApproved\Run: => "3fbec334"

==================== Reglas de firewall (Lista blanca) ================

(Si una entrada es incluida en el fixlist, será eliminada del registro. El archivo no se moverá a menos que sea añadido al listado por separado.)

FirewallRules: [{22ED8779-2BEC-4AB1-B779-F99DCFA53264}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{24D1A705-0745-4D32-BB1A-50D84A9EA809}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{C8B18BAE-C2BE-407C-AA75-83AFAA0CB8C6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F1A48423-C8E4-4268-83DB-CB62B94F6F07}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{7901F5F0-DEB0-4839-B82A-E60FF6C18FA4}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C696AB40-036F-48D4-9661-58F0E768742F}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D7721B61-55F3-4335-A02E-9E95C6651851}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6954D74D-2EF7-4670-B3B4-031706DA38CE}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2AD68758-4393-4C78-BFB2-2ADDF03FCF95}] => (Allow) D:\Games\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{8FD7E2FD-DFE4-4F05-BECE-074B446DAF08}] => (Allow) D:\Games\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{6B6E2F37-ADC5-4E80-87B6-22B6D3560B16}] => (Allow) D:\Games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{F64EE910-CB7D-426C-835F-21D1E982E10B}] => (Allow) D:\Games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{6F21236B-1DE2-4D90-A649-4C75B184F323}] => (Allow) C:\Users\usuario\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{1B24B212-8A5E-4F92-BD53-CEF3E578254D}] => (Allow) C:\Users\usuario\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{987993C8-E8F2-4648-B56F-C604D882052E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{C44FEE38-4A50-4744-B9F5-007DF541431F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{01CE22BE-9CEE-4F1D-A4DA-07F880CF5396}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{D1588E1F-F941-49CC-9BC8-E02F0918809B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{9840D0CF-CBBF-44F7-B15D-914FBCADDF09}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, LLC) [Archivo no firmado]
FirewallRules: [{8B545884-BC46-4A38-8B8F-9A48622D6127}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, LLC) [Archivo no firmado]
FirewallRules: [{B651EAA4-9A42-495E-B65D-0BE688163351}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, LLC) [Archivo no firmado]
FirewallRules: [{C138911C-0BD8-4C79-B5A6-308A9A0FC94E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, LLC) [Archivo no firmado]
FirewallRules: [TCP Query User{053DE3B7-C778-4AB4-9291-8765A0BECB5D}C:\users\usuario\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\usuario\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{3E7FC0D9-92E1-42BA-B506-245E928C777E}C:\users\usuario\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\usuario\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{683D2717-0201-4DD6-9BDA-F6345FEEF1EB}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [UDP Query User{A9F7BFDC-A180-48F3-8ABD-4F72C9D17A91}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [{A7EC326B-EAA6-4586-8CC2-D5C040632FF6}] => (Allow) C:\Program Files (x86)\eMule\emule.exe (hxxp://www.emule-project.net) [Archivo no firmado]
FirewallRules: [{4A2FF11E-7683-4C5B-9D06-C0F6EE0E096A}] => (Allow) C:\Program Files (x86)\eMule\emule.exe (hxxp://www.emule-project.net) [Archivo no firmado]
FirewallRules: [{6035E231-5B30-44F4-B039-65E0DE25C024}] => (Allow) C:\Program Files (x86)\eMule\emule.exe (hxxp://www.emule-project.net) [Archivo no firmado]
FirewallRules: [{FF3D1582-51E8-4564-BB1D-5B765818329D}] => (Allow) C:\Program Files (x86)\eMule\emule.exe (hxxp://www.emule-project.net) [Archivo no firmado]
FirewallRules: [TCP Query User{D7D6F226-7B3D-4353-9260-6EE12C8F5541}C:\users\usuario\appdata\roaming\.minecraft\labymod\spotify\spotifyapi.exe] => (Allow) C:\users\usuario\appdata\roaming\.minecraft\labymod\spotify\spotifyapi.exe (LabyMedia GmbH) [Archivo no firmado]
FirewallRules: [UDP Query User{01297B52-9CCA-4D3F-A249-8936C2D62538}C:\users\usuario\appdata\roaming\.minecraft\labymod\spotify\spotifyapi.exe] => (Allow) C:\users\usuario\appdata\roaming\.minecraft\labymod\spotify\spotifyapi.exe (LabyMedia GmbH) [Archivo no firmado]
FirewallRules: [{99BE3A54-97BA-419C-8A09-363678801AF1}] => (Allow) D:\Games\Assassin's Creed IV Black Flag\AC4BFSP.exe (Ubisoft Entertainment -> )
FirewallRules: [{BBD72807-DE3E-4860-B85F-1430F62E275F}] => (Allow) D:\Games\Assassin's Creed IV Black Flag\AC4BFSP.exe (Ubisoft Entertainment -> )
FirewallRules: [{A4BDFCB1-DEF5-4D4E-B0AE-74D447343858}] => (Allow) D:\Games\Assassin's Creed IV Black Flag\AC4BFMP.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{FC759002-7A52-45B9-B8C5-48838E2E55AF}] => (Allow) D:\Games\Assassin's Creed IV Black Flag\AC4BFMP.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{5A61D41D-EA9D-47B4-8386-9795D5A1A020}] => (Allow) D:\Games\Assassin's Creed Unity\ACU.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{D3A5F641-B23E-4C6F-BDBC-BF65D81A1317}] => (Allow) D:\Games\Assassin's Creed Unity\ACU.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [TCP Query User{5ADF4C1E-39D2-4BB0-8172-58AED9902604}C:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win64\rocketleague.exe] => (Block) C:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win64\rocketleague.exe (Psyonix, LLC) [Archivo no firmado]
FirewallRules: [UDP Query User{91092245-539D-4746-918C-8FE26CC8ED44}C:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win64\rocketleague.exe] => (Block) C:\program files (x86)\steam\steamapps\common\rocketleague\binaries\win64\rocketleague.exe (Psyonix, LLC) [Archivo no firmado]
FirewallRules: [TCP Query User{4F60B8BA-C8B0-4D23-859B-2602691EB180}D:\games\tom clancy's rainbow six siege\rainbowsix_vulkan.exe] => (Allow) D:\games\tom clancy's rainbow six siege\rainbowsix_vulkan.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [UDP Query User{7E9A81DE-B28A-46BB-9D83-045E9F4A92E5}D:\games\tom clancy's rainbow six siege\rainbowsix_vulkan.exe] => (Allow) D:\games\tom clancy's rainbow six siege\rainbowsix_vulkan.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{79768C4D-1C3F-4415-B12C-4DEC39B72A75}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe (Plex, Inc. -> Plex, Inc.)
FirewallRules: [{0E1F0D0A-C3A2-4DB1-838D-A11630F7B835}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe (Plex, Inc. -> Python Software Foundation)
FirewallRules: [{B5300119-98FD-4774-8B0A-4719EB4D7527}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex DLNA Server.exe (Plex, Inc. -> Plex, Inc.)
FirewallRules: [{CFC7E74E-274E-4FB7-9883-4ACD54D043AE}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe (Plex, Inc. -> )
FirewallRules: [{A5E86CE4-1B2F-41A4-BE20-0EAA686B5FE7}] => (Allow) D:\Games\WatchDogs\bin\Watch_Dogs.exe (Ubisoft Entertainment -> Ubisoft Entertainment)
FirewallRules: [{B538519E-67D2-4614-8D8A-DAFCF4142ADA}] => (Allow) D:\Games\WatchDogs\bin\Watch_Dogs.exe (Ubisoft Entertainment -> Ubisoft Entertainment)
FirewallRules: [{12D6CF14-6DDB-4B5E-8E10-C7A698FD3BDD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\RocketLeague.exe (Psyonix, Inc. -> Psyonix LLC)
FirewallRules: [{65B133CD-1415-4942-BC1D-D2F33B56A64D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\RocketLeague.exe (Psyonix, Inc. -> Psyonix LLC)
FirewallRules: [{3C4ED3D6-7A34-458D-93D5-D14519881184}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{19EE5139-44EC-48D8-8848-9505227ADE47}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe () [Archivo no firmado]
FirewallRules: [{58709ED3-0B7F-470F-BB2E-A599EAFB1A5E}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe () [Archivo no firmado]
FirewallRules: [{C55A428D-E7CD-4209-BCA8-53427F73A97B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Puntos de Restauración =========================

08-04-2020 11:09:10 Revo Uninstaller Pro's restore point - Assassin's Creed Odyssey
08-04-2020 21:10:03 Revo Uninstaller Pro's restore point - The Elder Scrolls Online
08-04-2020 21:10:53 Revo Uninstaller Pro's restore point - UltraISO Premium V9.71
09-04-2020 21:47:21 Installed Cisco Webex Meetings.
10-04-2020 15:52:06 Revo Uninstaller Pro's restore point - Geeks3D FurMark 1.21.1.0
10-04-2020 15:52:44 Revo Uninstaller Pro's restore point - WinCDEmu
10-04-2020 15:53:25 Revo Uninstaller Pro's restore point - Malwarebytes version 4.1.0.56
10-04-2020 19:18:41 JRT Pre-Junkware Removal

==================== Dispositivos defectuosos en el Administrador de dispositivos ============

Name: Realtek PCIe GbE Family Controller
Description: Realtek PCIe GbE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: rt640x64
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Errores del registro de eventos: ========================

Errores de aplicación:
==================
Error: (04/10/2020 07:24:51 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5652,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (04/10/2020 05:06:10 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5540,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (04/10/2020 04:39:39 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa ACOdyssey.exe (versión 0.0.0.0) dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible sobre el problema, comprueba el historial de problemas en el panel de control de seguridad y mantenimiento.

Id. de proceso: 2c28

Hora de Inicio: 01d60f45cc7a0d7a

Hora de finalización: 4294967295

Ruta de la aplicación: D:\Games\Assassins Creed Odyssey\ACOdyssey.exe

Id. de informe: e0da4d9b-9c8f-4760-95fa-27e416a594f1

Nombre completo del paquete con errores: 

Id. de la aplicación relativa al paquete con errores: 

Tipo de bloqueo: Top level window is idle

Error: (04/10/2020 04:07:58 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5748,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (04/10/2020 04:02:21 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6444,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) al abrir un archivo de registro C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (04/10/2020 03:54:31 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center no pudo validar al autor de la llamada con el error %1.

Error: (04/10/2020 03:52:05 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al consultar la interfaz IVssWriterCallback. HR = 0x80070005, Acceso denegado.
.
A menudo ocurre por una configuración de seguridad incorrecta en el proceso de escritura o de solicitud.


Operación:
   Recopilando datos del escritor

Contexto:
   Id. de clase del escritor: {e8132975-6f93-4464-a53e-1050253ae220}
   Nombre del escritor: System Writer
   Id. de instancia del escritor: {f2ea5dcf-9ce2-4959-bd02-94f10bf85bb2}

Error: (04/10/2020 03:47:33 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Error del Servicio de instantáneas de volumen: error inesperado al llamar a la rutina CoCreateInstance. HR = 0x8007045b, Se está cerrando el sistema.
.


Errores del sistema:
=============
Error: (04/10/2020 07:17:33 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: El servicio Malwarebytes Service no se cerró correctamente después de recibir un control de aviso de apagado.

Error: (04/10/2020 07:17:17 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-NEHGOTG)
Description: El servidor Microsoft.Windows.StartMenuExperienceHost_10.0.18362.449_neutral_neutral_cw5n1h2txyewy!App no se registró con DCOM dentro del tiempo de espera requerido.

Error: (04/10/2020 07:17:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Razer Synapse Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (04/10/2020 07:17:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Origin Web Helper Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (04/10/2020 07:17:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio Windows Presentation Foundation Font Cache 3.0.0.0 terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 0 milisegundos: Reiniciar el servicio.

Error: (04/10/2020 07:17:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Razer Central Service se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (04/10/2020 07:17:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio AMD External Events Utility se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (04/10/2020 07:17:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio Razer Chroma SDK Service se terminó de manera inesperada. Esto ha sucedido 1 veces.


Windows Defender:
===================================
Date: 2020-04-07 21:55:24.532
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/CrackSearch&threatid=2147730914&enterprise=0
Nombre: HackTool:Win32/CrackSearch
Id.: 2147730914
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_D:\Download\µTorrent\Completadas\Assassins.Creed.Odyssey-CPY\cpy-acod\Crack\dbdata.dll
Origen de detección: Equipo local
Tipo de detección: Concreto
Origen de detección: Protección en tiempo real
Usuario: DESKTOP-NEHGOTG\usuario
Nombre de proceso: C:\Windows\explorer.exe
Versión de inteligencia de seguridad: AV: 1.313.967.0, AS: 1.313.967.0, NIS: 1.313.967.0
Versión de motor: AM: 1.1.16900.4, NIS: 1.1.16900.4

Date: 2020-03-21 20:59:52.725
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
Nombre: HackTool:Win32/AutoKMS
Id.: 2147685180
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: rootcert:_648384A4DEE53D4C1C87E10D67CC99307CCC9C98
Origen de detección: Desconocido
Tipo de detección: Concreto
Origen de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: Unknown
Versión de inteligencia de seguridad: AV: 1.311.1661.0, AS: 1.311.1661.0, NIS: 1.311.1661.0
Versión de motor: AM: 1.1.16800.2, NIS: 1.1.16800.2

Date: 2020-03-15 14:10:23.449
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para más información, consulta lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Wacatac.D!ml&threatid=2147749373&enterprise=0
Nombre: Trojan:Win32/Wacatac.D!ml
Id.: 2147749373
Gravedad: Grave
Categoría: Caballo de Troya
Ruta de acceso: containerfile:_D:\Download\dark-souls-3-deluxe-_448354.iso; file:_D:\Download\dark-souls-3-deluxe-_448354.iso->dark-souls-3-deluxe-_448354.exe; webfile:_D:\Download\dark-souls-3-deluxe-_448354.iso|https://thiotribomen.gq/new/cba814081aed076abfcbb4d8d27db856UDKmqFHoa5oM9KBXTx5dwCkcCyfJQTbTtH8S6L6zAf4.18.2001.10BdGo4k/dark-souls-3-deluxe-_448354.iso|pid:14756,ProcessStart:132287512574722626
Origen de detección: Internet
Tipo de detección: FastPath
Origen de detección: Descargas y datos adjuntos
Usuario: DESKTOP-NEHGOTG\usuario
Nombre de proceso: Unknown
Versión de inteligencia de seguridad: AV: 1.311.1259.0, AS: 1.311.1259.0, NIS: 1.311.1259.0
Versión de motor: AM: 1.1.16800.2, NIS: 1.1.16800.2

Date: 2020-04-10 15:42:16.288
Description: 
Antivirus de Windows Defender detectó un error al intentar actualizar la inteligencia de seguridad.
Nueva versión de inteligencia de seguridad: 
Versión anterior de inteligencia de seguridad: 1.313.1192.0
Origen de actualización: Servidor de Microsoft Update
Tipo de inteligencia de seguridad: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\SYSTEM
Versión actual del motor: 
Versión anterior del motor: 1.1.16900.4
Código de error: 0x80240022
Descripción del error: El programa no puede buscar actualizaciones de definiciones. 

Date: 2020-04-06 21:18:26.558
Description: 
La característica Protección en tiempo real de Antivirus de Windows Defender encontró un error:
Característica: Durante el acceso
Código de error: 0x8007043c
Descripción del error: El servicio no puede iniciarse en modo a prueba de errores 
Motivo: La inteligencia de seguridad antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema.

CodeIntegrity:
===================================

Date: 2020-04-10 19:17:53.064
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume6\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements.

Date: 2020-04-10 19:15:35.678
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume6\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements.

Date: 2020-04-10 19:06:13.988
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume6\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-04-10 19:06:13.753
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume6\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-04-10 19:06:13.546
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume6\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-04-10 19:06:13.330
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume6\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-04-10 19:06:13.122
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume6\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-04-10 19:06:12.908
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume6\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Información de la memoria =========================== 

BIOS: American Megatrends Inc. F7 08/03/2015
Placa base: Gigabyte Technology Co., Ltd. H97M-D3H
Procesador: Intel(R) Core(TM) i5-4690K CPU @ 3.50GHz
Porcentaje de memoria en uso: 32%
RAM física total: 8057.06 MB
RAM física disponible: 5447.42 MB
Virtual total: 14457.06 MB
Virtual disponible: 10352.18 MB

==================== Unidades ================================

Drive c: () (Fixed) (Total:231.46 GB) (Free:38.15 GB) NTFS
Drive d: (DATOS) (Fixed) (Total:1862.89 GB) (Free:729.57 GB) NTFS
Drive f: () (RAMDisk) (Total:231.46 GB) (Free:38.09 GB) NTFS

\\?\Volume{84255dc3-aa41-480e-a9cb-34ed8c5d2596}\ (Recuperación) (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS
\\?\Volume{0df219f8-b343-4c9e-bf44-a4123c94bfa4}\ () (Fixed) (Total:0.82 GB) (Free:0.42 GB) NTFS
\\?\Volume{3788e5db-a61a-42b7-99ac-e247799d8a78}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Tabla de particiones ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 09174501)

Partition: GPT.

==========================================================
Disk: 1 (Size: 232.9 GB) (Disk ID: 016D48CF)

Partition: GPT.

==================== Final de Addition.txt =======================

JavierHF · 10 Abril, 2020 18:52

Bien… y ahora sigue estos pasos, MUY Importante Realiza una copia de seguridad del registro :

Para hacerlo descarga DelFix.exe(en tu escritorio).
Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).
Atención, ahora marca/selecciona únicamente la casilla Create registry backup, las demás casillas NO.
Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

Con los demás programas cerrados ve a Inicio Ejecutar y escribe Notepad.exe.

Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.

START
CREATERESTOREPOINT:
CLOSEPROCESSES:
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Ningún archivo
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Ningún archivo
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> Ningún archivo
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Ningún archivo
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> Ningún archivo
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Ningún archivo
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Ningún archivo
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Ningún archivo
HKLM\...\StartupApproved\Run: => "AvgUi"
HKU\S-1-5-21-236468405-2727926213-210120444-1001\...\StartupApproved\Run: => "3fbec334"
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-236468405-2727926213-210120444-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22245560 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-236468405-2727926213-210120444-1001\...\MountPoints2: {2c43080e-554b-11e9-a266-408d5c4a8f89} - "G:\LaunchU3.exe" -a
HKU\S-1-5-21-236468405-2727926213-210120444-1001\...\MountPoints2: {eea44c2b-7978-11ea-a2ee-408d5c4a8f89} - "V:\setup.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.163\Installer\chrmstp.exe [2020-04-06] (Google LLC -> Google LLC)
GroupPolicy: Restricción ? <==== ATENCIÓN
Task: {3F395861-2131-485B-98E2-031C2B35E9C0} - System32\Tasks\AVG EUpdate Task => C:\Program Files (x86)\AVG\Setup\avgsetupx.exe [4072392 2017-11-08] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
Task: {6D5D5875-8717-4CAA-9942-3E0142358CCE} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1692296 2020-02-27] (AVG Technologies USA, LLC -> AVG Technologies)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_191\bin\ssv.dll [2018-11-17] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-11-17] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll [2018-11-17] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Sin Nombre -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> Ningún archivo
BHO-x32: Sin Nombre -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> Ningún archivo
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-11-17] (Oracle America, Inc. -> Oracle Corporation)
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}
FF Plugin: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-11-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-11-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-11-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-11-17] (Oracle America, Inc. -> Oracle Corporation)
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
S3 AIDA64Driver; \??\C:\Users\usuario\AppData\Local\Temp\Rar$EXa12844.14858\kerneld.x64 [X] <==== ATENCIÓN
C:\ProgramData\Intel\Wireless
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio Esto es muy importante.

Nota Es importante que la herramienta FRST.exe(Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.

Y ahora usa el 2º MÉTODO: de esta Faq de Windows 8(aplicable a Windows 10) ¿Cómo iniciar Windows 8/8.1 en Modo Seguro?, para trabajar desde ese modo de windows.

Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).
Presionar el botón FIX/Corregir y aguardar a que termine.
La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pegar el contenido de este fichero en tu próxima respuesta.

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Saludos.

Pedro_sdk · 10 Abril, 2020 19:06

Listo, aquí dejo el fixlog. En principio esa carpeta ha desaparecido y no me ha aparecido en inicio dicho programa.

Resultados de la corrección de Farbar Recovery Scan Tool (x64) Versión: 05-04-2020
Ejecutado por usuario (10-04-2020 21:02:04) Run:1
Ejecutado desde C:\Users\usuario\Desktop
Perfiles cargados: usuario (Perfiles disponibles: usuario)
Modo de Inicio: Safe Mode (minimal)
==============================================

fixlist contenido:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Ningún archivo
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Ningún archivo
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> Ningún archivo
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Ningún archivo
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> Ningún archivo
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> Ningún archivo
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Ningún archivo
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> Ningún archivo
HKLM\...\StartupApproved\Run: => "AvgUi"
HKU\S-1-5-21-236468405-2727926213-210120444-1001\...\StartupApproved\Run: => "3fbec334"
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-236468405-2727926213-210120444-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22245560 2020-03-19] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-236468405-2727926213-210120444-1001\...\MountPoints2: {2c43080e-554b-11e9-a266-408d5c4a8f89} - "G:\LaunchU3.exe" -a
HKU\S-1-5-21-236468405-2727926213-210120444-1001\...\MountPoints2: {eea44c2b-7978-11ea-a2ee-408d5c4a8f89} - "V:\setup.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.163\Installer\chrmstp.exe [2020-04-06] (Google LLC -> Google LLC)
GroupPolicy: Restricción ? <==== ATENCIÓN
Task: {3F395861-2131-485B-98E2-031C2B35E9C0} - System32\Tasks\AVG EUpdate Task => C:\Program Files (x86)\AVG\Setup\avgsetupx.exe [4072392 2017-11-08] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
Task: {6D5D5875-8717-4CAA-9942-3E0142358CCE} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1692296 2020-02-27] (AVG Technologies USA, LLC -> AVG Technologies)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_191\bin\ssv.dll [2018-11-17] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-11-17] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll [2018-11-17] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Sin Nombre -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> Ningún archivo
BHO-x32: Sin Nombre -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> Ningún archivo
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-11-17] (Oracle America, Inc. -> Oracle Corporation)
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}
FF Plugin: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-11-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-11-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-11-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-11-17] (Oracle America, Inc. -> Oracle Corporation)
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
S3 AIDA64Driver; \??\C:\Users\usuario\AppData\Local\Temp\Rar$EXa12844.14858\kerneld.x64 [X] <==== ATENCIÓN
C:\ProgramData\Intel\Wireless
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Error: El punto de restauración solamente puede ser creado en modo normal.
Procesos cerrados correctamente.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => eliminado correctamente
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => eliminado correctamente
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => eliminado correctamente
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => eliminado correctamente
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => eliminado correctamente
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => eliminado correctamente
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => eliminado correctamente
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => eliminado correctamente
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => eliminado correctamente
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\AvgUi" => eliminado correctamente
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\AvgUi" => no encontrado
"HKU\S-1-5-21-236468405-2727926213-210120444-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\3fbec334" => eliminado correctamente
"HKU\S-1-5-21-236468405-2727926213-210120444-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\3fbec334" => no encontrado
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => eliminado correctamente
"HKU\S-1-5-21-236468405-2727926213-210120444-1001\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Smart Cleaning" => eliminado correctamente
HKU\S-1-5-21-236468405-2727926213-210120444-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2c43080e-554b-11e9-a266-408d5c4a8f89} => eliminado correctamente
HKU\S-1-5-21-236468405-2727926213-210120444-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{eea44c2b-7978-11ea-a2ee-408d5c4a8f89} => eliminado correctamente
HKLM\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96} => eliminado correctamente
C:\WINDOWS\system32\GroupPolicy\Machine => movido correctamente
C:\WINDOWS\system32\GroupPolicy\GPT.ini => movido correctamente
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{3F395861-2131-485B-98E2-031C2B35E9C0}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3F395861-2131-485B-98E2-031C2B35E9C0}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\AVG EUpdate Task => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVG EUpdate Task" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{6D5D5875-8717-4CAA-9942-3E0142358CCE}" => eliminado correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6D5D5875-8717-4CAA-9942-3E0142358CCE}" => eliminado correctamente
C:\WINDOWS\System32\Tasks\AVG\Overseer => movido correctamente
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVG\Overseer" => eliminado correctamente
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => eliminado correctamente
HKLM\Software\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => eliminado correctamente
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => eliminado correctamente
HKLM\Software\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => eliminado correctamente
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => eliminado correctamente
HKLM\Software\Wow6432Node\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => eliminado correctamente
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF} => eliminado correctamente
HKLM\Software\Wow6432Node\Classes\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF} => eliminado correctamente
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} => eliminado correctamente
HKLM\Software\Wow6432Node\Classes\CLSID\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} => eliminado correctamente
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => eliminado correctamente
HKLM\Software\Wow6432Node\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => eliminado correctamente
HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{E06E2E99-0AA1-11D4-ABA6-0060082AA75C} => eliminado correctamente
HKLM\Software\Wow6432Node\Classes\CLSID\{E06E2E99-0AA1-11D4-ABA6-0060082AA75C} => eliminado correctamente
"HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-11-17] (Oracle America, Inc." => no encontrado
C:\Program Files\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll => movido correctamente
"HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-11-17] (Oracle America, Inc." => no encontrado
C:\Program Files\Java\jre1.8.0_191\bin\plugin2\npjp2.dll => movido correctamente
"HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN" => no encontrado
C:\Program Files\VideoLAN\VLC\npvlc.dll => movido correctamente
"HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN" => no encontrado
"C:\Program Files\VideoLAN\VLC\npvlc.dll" => no encontrado
"HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN" => no encontrado
"C:\Program Files\VideoLAN\VLC\npvlc.dll" => no encontrado
"HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-11-17] (Oracle America, Inc." => no encontrado
C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll => movido correctamente
"HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-11-17] (Oracle America, Inc." => no encontrado
C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll => movido correctamente
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj => eliminado correctamente
HKLM\System\CurrentControlSet\Services\AIDA64Driver => eliminado correctamente
AIDA64Driver => servicio eliminado correctamente
C:\ProgramData\Intel\Wireless => movido correctamente
C:\Windows\System32\Drivers\etc\hosts => movido correctamente
Hosts restaurado correctamente.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente
"HKU\S-1-5-21-236468405-2727926213-210120444-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => eliminado correctamente
"HKU\S-1-5-21-236468405-2727926213-210120444-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => eliminado correctamente


========= Final de RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= Final de CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows


========= Final de CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

Se vaci¢ correctamente la cach‚ de resoluci¢n de DNS.

========= Final de CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

Unable to connect to BITS - 0x8007043c
El servicio no puede iniciarse en modo a prueba de errores



========= Final de CMD: =========


========= netsh advfirewall reset =========

JavierHF · 10 Abril, 2020 20:30

Perfecto @Pedro_sdk excelente, nos alegra ver que ya está el problema inicial completamente arreglado, ahora solo queda eliminar las herramientas usadas.

Para hacerlo descarga DelFix.exe en tu escritorio.

Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador -).
Marca todas las casillas, y pulsas en Run

Se abrirá el informe (DelFix.txt), puedes cerrarlo.

Para cualquier otro problema, no dudes en volver a postear., ya sabes dónde estamos.

Tema Solucionado.

Saludos, Javier.